[lxc-devel] [lxd/master] tree-wide: rework cgo compilations
brauner on Github
lxc-bot at linuxcontainers.org
Mon Oct 21 19:06:42 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20191021/94071b43/attachment.bin>
-------------- next part --------------
From 467aaabe064ec22ba971ed70cc1f3bb898a7d69b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 21 Oct 2019 18:35:19 +0200
Subject: [PATCH 1/4] tree-wide: handle _GNU_SOURCE ifdefs correctly
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd-p2c/setns.go | 4 +++-
lxd/main_checkfeature.go | 4 +++-
lxd/main_forkdns.go | 4 +++-
lxd/main_forkfile.go | 4 +++-
lxd/main_forkmount.go | 4 +++-
lxd/main_forknet.go | 4 +++-
lxd/main_forkproxy.go | 4 +++-
lxd/main_forkuevent.go | 5 +++--
lxd/main_nsexec.go | 7 +++++--
lxd/storage/storage_cgo.go | 4 +++-
lxd/ucred/ucred_gccgo.go | 4 +++-
shared/idmap/shift_linux.go | 4 +++-
shared/util_linux_cgo.go | 2 ++
13 files changed, 40 insertions(+), 14 deletions(-)
diff --git a/lxd-p2c/setns.go b/lxd-p2c/setns.go
index 7d82162574..8d24b1a85f 100644
--- a/lxd-p2c/setns.go
+++ b/lxd-p2c/setns.go
@@ -1,7 +1,9 @@
package main
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <sched.h>
#include <stdio.h>
diff --git a/lxd/main_checkfeature.go b/lxd/main_checkfeature.go
index 65797c9477..f797290b93 100644
--- a/lxd/main_checkfeature.go
+++ b/lxd/main_checkfeature.go
@@ -7,7 +7,9 @@ import (
/*
#cgo CFLAGS: -std=gnu11 -Wvla -I ./include -I ../shared/netutils
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <fcntl.h>
#include <linux/kcmp.h>
diff --git a/lxd/main_forkdns.go b/lxd/main_forkdns.go
index 7a6833a174..6ab83c4ea4 100644
--- a/lxd/main_forkdns.go
+++ b/lxd/main_forkdns.go
@@ -21,7 +21,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <fcntl.h>
#include <stdbool.h>
diff --git a/lxd/main_forkfile.go b/lxd/main_forkfile.go
index e9f74e1bbf..16dfd0f2c9 100644
--- a/lxd/main_forkfile.go
+++ b/lxd/main_forkfile.go
@@ -7,7 +7,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
diff --git a/lxd/main_forkmount.go b/lxd/main_forkmount.go
index c861a725ca..813183b4f4 100644
--- a/lxd/main_forkmount.go
+++ b/lxd/main_forkmount.go
@@ -7,7 +7,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
diff --git a/lxd/main_forknet.go b/lxd/main_forknet.go
index 26fc37dbdf..903ca3c6fd 100644
--- a/lxd/main_forknet.go
+++ b/lxd/main_forknet.go
@@ -10,7 +10,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <stdbool.h>
#include <stdio.h>
diff --git a/lxd/main_forkproxy.go b/lxd/main_forkproxy.go
index 1801182d73..43454174d7 100644
--- a/lxd/main_forkproxy.go
+++ b/lxd/main_forkproxy.go
@@ -21,7 +21,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <fcntl.h>
#include <stdbool.h>
diff --git a/lxd/main_forkuevent.go b/lxd/main_forkuevent.go
index 1926ba9e3a..94087deb9d 100644
--- a/lxd/main_forkuevent.go
+++ b/lxd/main_forkuevent.go
@@ -5,8 +5,9 @@ import (
)
/*
-
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <asm/types.h>
#include <errno.h>
#include <fcntl.h>
diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go
index 21e25d7cf3..9bcc05b8e1 100644
--- a/lxd/main_nsexec.go
+++ b/lxd/main_nsexec.go
@@ -1,4 +1,6 @@
/**
+#cgo CFLAGS: -std=gnu11 -Wvla -fvisibility=hidden
+
* This file is a bit funny. The goal here is to use setns() to manipulate
* files inside the container, so we don't have to reason about the paths to
* make sure they don't escape (we can simply rely on the kernel for
@@ -19,7 +21,9 @@
package main
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <errno.h>
#include <fcntl.h>
#include <grp.h>
@@ -300,5 +304,4 @@ __attribute__((constructor)) void init(void) {
checkfeature();
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
diff --git a/lxd/storage/storage_cgo.go b/lxd/storage/storage_cgo.go
index 437e67ef1b..9973224f1a 100644
--- a/lxd/storage/storage_cgo.go
+++ b/lxd/storage/storage_cgo.go
@@ -4,7 +4,9 @@
package storage
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#define _FILE_OFFSET_BITS 64
#include <dirent.h>
#include <errno.h>
diff --git a/lxd/ucred/ucred_gccgo.go b/lxd/ucred/ucred_gccgo.go
index 15a58532c0..44b22dddac 100644
--- a/lxd/ucred/ucred_gccgo.go
+++ b/lxd/ucred/ucred_gccgo.go
@@ -8,7 +8,9 @@ import (
)
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <sys/socket.h>
#include <sys/types.h>
#include <errno.h>
diff --git a/shared/idmap/shift_linux.go b/shared/idmap/shift_linux.go
index 06c6aa5066..0c4de8cceb 100644
--- a/shared/idmap/shift_linux.go
+++ b/shared/idmap/shift_linux.go
@@ -17,7 +17,9 @@ import (
// #cgo LDFLAGS: -lacl
/*
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <byteswap.h>
#include <errno.h>
#include <fcntl.h>
diff --git a/shared/util_linux_cgo.go b/shared/util_linux_cgo.go
index 36e11163c7..41663374c7 100644
--- a/shared/util_linux_cgo.go
+++ b/shared/util_linux_cgo.go
@@ -19,7 +19,9 @@ import (
// #cgo LDFLAGS: -lutil -lpthread
/*
+#ifndef _GNU_SOURCE
#define _GNU_SOURCE
+#endif
#include <errno.h>
#include <fcntl.h>
#include <grp.h>
From 5f3d01d5bb970aa9182d0b0e5dd466a190f3e62f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 21 Oct 2019 19:43:35 +0200
Subject: [PATCH 2/4] Revert "unixfd: hide symbols"
This reverts commit 4f0f0e968e3456c21637107a8f571e70cca7aa3b.
This will be replaced with a more generic hammer.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd/include/compiler.h | 4 ----
shared/netutils/netns_getifaddrs.c | 4 +---
shared/netutils/network.c | 4 +---
shared/netutils/unixfd.h | 21 ++++++++-------------
4 files changed, 10 insertions(+), 23 deletions(-)
diff --git a/lxd/include/compiler.h b/lxd/include/compiler.h
index 3ed8222caf..fc507ac791 100644
--- a/lxd/include/compiler.h
+++ b/lxd/include/compiler.h
@@ -57,10 +57,6 @@
# define __hot __attribute__((hot))
#endif
-#ifndef __hidden
-# define __hidden __attribute__((visibility("hidden")))
-#endif
-
#define __cgfsng_ops
#endif /* __LXC_COMPILER_H */
diff --git a/shared/netutils/netns_getifaddrs.c b/shared/netutils/netns_getifaddrs.c
index 8db051a4d3..7487b13621 100644
--- a/shared/netutils/netns_getifaddrs.c
+++ b/shared/netutils/netns_getifaddrs.c
@@ -1,8 +1,6 @@
// +build none
-#ifndef _GNU_SOURCE
-#define _GNU_SOURCE 1
-#endif
+#define _GNU_SOURCE
#include <arpa/inet.h>
#include <errno.h>
#include <linux/if.h>
diff --git a/shared/netutils/network.c b/shared/netutils/network.c
index ea2d789473..882a1972c4 100644
--- a/shared/netutils/network.c
+++ b/shared/netutils/network.c
@@ -1,8 +1,6 @@
// +build none
-#ifndef _GNU_SOURCE
-#define _GNU_SOURCE 1
-#endif
+#define _GNU_SOURCE
#include <arpa/inet.h>
#include <errno.h>
#include <linux/if.h>
diff --git a/shared/netutils/unixfd.h b/shared/netutils/unixfd.h
index 64234869bb..5aa3fc9a53 100644
--- a/shared/netutils/unixfd.h
+++ b/shared/netutils/unixfd.h
@@ -1,25 +1,20 @@
// +build linux
// +build cgo
-
+//
#ifndef LXD_UNIXFD_H
#define LXD_UNIXFD_H
#include <sys/socket.h>
#include <sys/types.h>
-#include "../../lxd/include/compiler.h"
-
-__hidden extern int lxc_abstract_unix_send_fds(int fd, int *sendfds,
- int num_sendfds, void *data,
- size_t size);
+extern int lxc_abstract_unix_send_fds(int fd, int *sendfds, int num_sendfds,
+ void *data, size_t size);
-__hidden extern ssize_t lxc_abstract_unix_recv_fds_iov(int fd, int *recvfds,
- int num_recvfds,
- struct iovec *iov,
- size_t iovlen);
+extern ssize_t lxc_abstract_unix_recv_fds_iov(int fd, int *recvfds,
+ int num_recvfds,
+ struct iovec *iov, size_t iovlen);
-__hidden extern ssize_t lxc_abstract_unix_recv_fds(int fd, int *recvfds,
- int num_recvfds, void *data,
- size_t size);
+extern ssize_t lxc_abstract_unix_recv_fds(int fd, int *recvfds, int num_recvfds,
+ void *data, size_t size);
#endif // LXD_UNIXFD_H
From 14ea4c1cbd06edb32f554c06e59f2bf751cfc712 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 21 Oct 2019 20:58:55 +0200
Subject: [PATCH 3/4] Makefile: add "nocache" target
Allow to easily force a rebuild of all packages for LXD from scratch.
This is e.g. useful when the go compiler does not pickup a change in
e.g. a cgo header file.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
Makefile | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 9aa11a6b00..73aea95f56 100644
--- a/Makefile
+++ b/Makefile
@@ -16,7 +16,7 @@ ifeq ($(TAG_SQLITE3),)
endif
go get -t -v -d ./...
- CC=$(CC) go install -v -tags "$(TAG_SQLITE3)" $(DEBUG) ./...
+ CC=$(CC) go install -a -x -v -tags "$(TAG_SQLITE3)" $(DEBUG) ./...
@echo "LXD built successfully"
.PHONY: client
@@ -126,6 +126,17 @@ endif
CC=$(CC) go install -v -tags "$(TAG_SQLITE3) logdebug" $(DEBUG) ./...
@echo "LXD built successfully"
+.PHONY: nocache
+nocache:
+ifeq ($(TAG_SQLITE3),)
+ @echo "Missing custom libsqlite3, run \"make deps\" to setup."
+ exit 1
+endif
+
+ go get -t -v -d ./...
+ CC=$(CC) go install -a -v -tags "$(TAG_SQLITE3)" $(DEBUG) ./...
+ @echo "LXD built successfully"
+
.PHONY: check
check: default
go get -v -x github.com/rogpeppe/godeps
From 4ad0ba4bfb331c8c62b1c6446257a9ef91517d2b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Mon, 21 Oct 2019 21:00:18 +0200
Subject: [PATCH 4/4] tree-wide: rework cgo compilation
_Sigh_!
cgo compilation is a mess. So here are some changes to make things
better:
- all CFLAGS, LDFLAGS etc. are _per package_
This was something I didn't quite realize before. Each package needs
to set CFLAGS and LDFLAGS if it wants them. They are not taken over
for the whole source repository.
- only set CFLAGS, LDFLAGS one per package
We used to set CFLAGS, LDFLAGS _per source file_ which is pointless
since the go compiler will just append them. So we'd end up with
"-Wvla -Wvla -Wvla [...]" for as how many times as the number of
CFLAGS instructions we set in each file.
- force all symbols to be hidden by default for _each package_
We were running into issues were the linker got confused because of
symbol overloading/clashing when e.g. linking against go-lxc.
- fix _GNU_SOURCE definition one and for all
Properly ifndef these suckers tree-wide.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
lxd-p2c/setns.go | 2 +-
lxd/main_checkfeature.go | 10 ++++------
lxd/main_forkdns.go | 1 -
lxd/main_forkfile.go | 1 -
lxd/main_forkmount.go | 3 ---
lxd/main_forknet.go | 1 -
lxd/main_forkproxy.go | 1 -
lxd/main_forksyscall.go | 2 --
lxd/main_forkuevent.go | 1 -
lxd/main_nsexec.go | 5 +++--
lxd/seccomp/seccomp.go | 5 ++---
lxd/storage/quota/projectquota.go | 1 +
lxd/storage/storage_cgo.go | 18 +++++++++---------
lxd/ucred/ucred_gccgo.go | 2 +-
shared/idmap/shift_linux.go | 3 +--
shared/netutils/netns_getifaddrs.c | 4 +++-
shared/netutils/network.c | 4 +++-
shared/netutils/network_linux.go | 3 +--
shared/termios/termios_unix.go | 2 +-
shared/util_linux_cgo.go | 6 +++---
20 files changed, 33 insertions(+), 42 deletions(-)
diff --git a/lxd-p2c/setns.go b/lxd-p2c/setns.go
index 8d24b1a85f..e9bf87b8b1 100644
--- a/lxd-p2c/setns.go
+++ b/lxd-p2c/setns.go
@@ -32,5 +32,5 @@ __attribute__((constructor)) void init(void) {
// We're done, jump back to Go
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
diff --git a/lxd/main_checkfeature.go b/lxd/main_checkfeature.go
index f797290b93..c9118f082a 100644
--- a/lxd/main_checkfeature.go
+++ b/lxd/main_checkfeature.go
@@ -5,8 +5,6 @@ import (
)
/*
-#cgo CFLAGS: -std=gnu11 -Wvla -I ./include -I ../shared/netutils
-
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
@@ -30,10 +28,10 @@ import (
#include <linux/audit.h>
#include <sys/ptrace.h>
-#include "netns_getifaddrs.c"
-#include "compiler.h"
-#include "lxd_seccomp.h"
-#include "memory_utils.h"
+#include "../shared/netutils/netns_getifaddrs.c"
+#include "include/compiler.h"
+#include "include/lxd_seccomp.h"
+#include "include/memory_utils.h"
bool netnsid_aware = false;
bool uevent_aware = false;
diff --git a/lxd/main_forkdns.go b/lxd/main_forkdns.go
index 6ab83c4ea4..d49fa42321 100644
--- a/lxd/main_forkdns.go
+++ b/lxd/main_forkdns.go
@@ -127,7 +127,6 @@ void forkdns()
strerror(errno));
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
type cmdForkDNS struct {
diff --git a/lxd/main_forkfile.go b/lxd/main_forkfile.go
index 16dfd0f2c9..14ff6d1a44 100644
--- a/lxd/main_forkfile.go
+++ b/lxd/main_forkfile.go
@@ -441,7 +441,6 @@ void forkfile() {
}
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
type cmdForkfile struct {
diff --git a/lxd/main_forkmount.go b/lxd/main_forkmount.go
index 813183b4f4..e81bc3ffc3 100644
--- a/lxd/main_forkmount.go
+++ b/lxd/main_forkmount.go
@@ -366,9 +366,6 @@ void forkmount() {
}
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
-// #cgo LDFLAGS: -llxc
-// #cgo pkg-config: lxc
import "C"
type cmdForkmount struct {
diff --git a/lxd/main_forknet.go b/lxd/main_forknet.go
index 903ca3c6fd..5cbaded534 100644
--- a/lxd/main_forknet.go
+++ b/lxd/main_forknet.go
@@ -77,7 +77,6 @@ void forknet() {
forkdonetdetach(cur);
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
import "github.com/lxc/lxd/shared"
diff --git a/lxd/main_forkproxy.go b/lxd/main_forkproxy.go
index 43454174d7..03454dabc0 100644
--- a/lxd/main_forkproxy.go
+++ b/lxd/main_forkproxy.go
@@ -298,7 +298,6 @@ void forkproxy()
}
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
const forkproxyUDSSockFDNum int = C.FORKPROXY_UDS_SOCK_FD_NUM
diff --git a/lxd/main_forksyscall.go b/lxd/main_forksyscall.go
index 188b0e2c3e..53f7edd4f3 100644
--- a/lxd/main_forksyscall.go
+++ b/lxd/main_forksyscall.go
@@ -341,8 +341,6 @@ void forksyscall()
_exit(EXIT_SUCCESS);
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
-// #cgo LDFLAGS: -lcap
import "C"
type cmdForksyscall struct {
diff --git a/lxd/main_forkuevent.go b/lxd/main_forkuevent.go
index 94087deb9d..ac29e997f7 100644
--- a/lxd/main_forkuevent.go
+++ b/lxd/main_forkuevent.go
@@ -200,7 +200,6 @@ void forkuevent() {
}
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
import "C"
type cmdForkuevent struct {
diff --git a/lxd/main_nsexec.go b/lxd/main_nsexec.go
index 9bcc05b8e1..be8eb8a73b 100644
--- a/lxd/main_nsexec.go
+++ b/lxd/main_nsexec.go
@@ -1,6 +1,4 @@
/**
-#cgo CFLAGS: -std=gnu11 -Wvla -fvisibility=hidden
-
* This file is a bit funny. The goal here is to use setns() to manipulate
* files inside the container, so we don't have to reason about the paths to
* make sure they don't escape (we can simply rely on the kernel for
@@ -304,4 +302,7 @@ __attribute__((constructor)) void init(void) {
checkfeature();
}
*/
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
+// #cgo pkg-config: lxc
+// #cgo pkg-config: libcap
import "C"
diff --git a/lxd/seccomp/seccomp.go b/lxd/seccomp/seccomp.go
index 1610276161..bfbbc80cc0 100644
--- a/lxd/seccomp/seccomp.go
+++ b/lxd/seccomp/seccomp.go
@@ -32,8 +32,6 @@ import (
)
/*
-#cgo CFLAGS: -std=gnu11 -Wvla -I ../include
-
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
@@ -55,7 +53,7 @@ import (
#include <sys/types.h>
#include <unistd.h>
-#include "lxd_seccomp.h"
+#include "../include/lxd_seccomp.h"
struct seccomp_notif_sizes expected_sizes;
@@ -246,6 +244,7 @@ static void prepare_seccomp_iovec(struct iovec *iov,
iov[3].iov_len = SECCOMP_COOKIE_SIZE;
}
*/
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
const lxdSeccompNotifyMknod = C.LXD_SECCOMP_NOTIFY_MKNOD
diff --git a/lxd/storage/quota/projectquota.go b/lxd/storage/quota/projectquota.go
index f96032009d..dc69cbc1f6 100644
--- a/lxd/storage/quota/projectquota.go
+++ b/lxd/storage/quota/projectquota.go
@@ -152,6 +152,7 @@ int32_t quota_get_path(char *path) {
}
*/
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
var errNoDevice = fmt.Errorf("Couldn't find backing device for mountpoint")
diff --git a/lxd/storage/storage_cgo.go b/lxd/storage/storage_cgo.go
index 9973224f1a..048e63bb88 100644
--- a/lxd/storage/storage_cgo.go
+++ b/lxd/storage/storage_cgo.go
@@ -3,6 +3,14 @@
package storage
+import (
+ "fmt"
+ "os"
+ "unsafe"
+
+ "github.com/pkg/errors"
+)
+
/*
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
@@ -243,17 +251,9 @@ int unset_autoclear_loop_device(int fd_loop)
return ioctl(fd_loop, LOOP_SET_STATUS64, &lo64);
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
-import (
- "fmt"
- "os"
- "unsafe"
-
- "github.com/pkg/errors"
-)
-
// LoFlagsAutoclear determines whether the loop device will autodestruct on last
// close.
const LoFlagsAutoclear int = C.LO_FLAGS_AUTOCLEAR
diff --git a/lxd/ucred/ucred_gccgo.go b/lxd/ucred/ucred_gccgo.go
index 44b22dddac..80edb89bf7 100644
--- a/lxd/ucred/ucred_gccgo.go
+++ b/lxd/ucred/ucred_gccgo.go
@@ -35,7 +35,7 @@ void getucred(int sock, uint *uid, uint *gid, int *pid)
return;
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
// GetUCred returns the file descriptor's ucreds.
diff --git a/shared/idmap/shift_linux.go b/shared/idmap/shift_linux.go
index 0c4de8cceb..3f7b23c9bd 100644
--- a/shared/idmap/shift_linux.go
+++ b/shared/idmap/shift_linux.go
@@ -151,8 +151,7 @@ int shiftowner(char *basepath, char *path, int uid, int gid)
return 0;
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
-// #cgo LDFLAGS: -lcap
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
// ShiftOwner updates uid and gid for a file when entering/exiting a namespace
diff --git a/shared/netutils/netns_getifaddrs.c b/shared/netutils/netns_getifaddrs.c
index 7487b13621..8db051a4d3 100644
--- a/shared/netutils/netns_getifaddrs.c
+++ b/shared/netutils/netns_getifaddrs.c
@@ -1,6 +1,8 @@
// +build none
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <arpa/inet.h>
#include <errno.h>
#include <linux/if.h>
diff --git a/shared/netutils/network.c b/shared/netutils/network.c
index 882a1972c4..ea2d789473 100644
--- a/shared/netutils/network.c
+++ b/shared/netutils/network.c
@@ -1,6 +1,8 @@
// +build none
-#define _GNU_SOURCE
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
#include <arpa/inet.h>
#include <errno.h>
#include <linux/if.h>
diff --git a/shared/netutils/network_linux.go b/shared/netutils/network_linux.go
index 6f633ee0a8..6d354acd5a 100644
--- a/shared/netutils/network_linux.go
+++ b/shared/netutils/network_linux.go
@@ -19,11 +19,10 @@ import (
)
/*
-#cgo CFLAGS: -std=gnu11 -Wvla
-
#include "unixfd.h"
#include "netns_getifaddrs.c"
*/
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
func NetnsGetifaddrs(initPID int32) (map[string]api.InstanceStateNetwork, error) {
diff --git a/shared/termios/termios_unix.go b/shared/termios/termios_unix.go
index a7f94a6c0b..95c9246584 100644
--- a/shared/termios/termios_unix.go
+++ b/shared/termios/termios_unix.go
@@ -11,7 +11,7 @@ import (
)
// #include <termios.h>
-// #cgo CFLAGS: -std=gnu11 -Wvla
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
import "C"
// State contains the state of a terminal.
diff --git a/shared/util_linux_cgo.go b/shared/util_linux_cgo.go
index 41663374c7..39e0dc3c91 100644
--- a/shared/util_linux_cgo.go
+++ b/shared/util_linux_cgo.go
@@ -17,10 +17,9 @@ import (
"github.com/lxc/lxd/shared/logger"
)
-// #cgo LDFLAGS: -lutil -lpthread
/*
#ifndef _GNU_SOURCE
-#define _GNU_SOURCE
+#define _GNU_SOURCE 1
#endif
#include <errno.h>
#include <fcntl.h>
@@ -138,7 +137,8 @@ again:
return ret;
}
*/
-// #cgo CFLAGS: -std=gnu11 -Wvla
+// #cgo CFLAGS: -std=gnu11 -Wvla -Werror -fvisibility=hidden
+// #cgo LDFLAGS: -lutil -lpthread
import "C"
const ABSTRACT_UNIX_SOCK_LEN int = C.ABSTRACT_UNIX_SOCK_LEN
More information about the lxc-devel
mailing list