[lxc-devel] [lxc/master] autotools: fix Makefile
brauner on Github
lxc-bot at linuxcontainers.org
Thu Jul 23 08:34:48 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 364 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200723/c78bac61/attachment.bin>
-------------- next part --------------
From 49b21cd7d99e5f22a3e09e78b92b13f2df2d5aed Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:50:20 +0200
Subject: [PATCH 1/9] syscalls: add fsopen()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index f74d29a726..85d2668850 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index bfd0e57ab9..6786830924 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -563,4 +563,24 @@
#endif
#endif
+#ifndef __NR_fsopen
+ #if defined __alpha__
+ #define __NR_fsopen 540
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsopen 4430
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsopen 6430
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsopen 5430
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsopen (430 + 1024)
+ #else
+ #define __NR_fsopen 430
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 041daf3575..8e7937d4d4 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -161,4 +161,14 @@ static inline int open_tree_lxc(int dfd, const char *filename, unsigned int flag
extern int open_tree(int dfd, const char *filename, unsigned int flags);
#endif
+#ifndef HAVE_FSOPEN
+static inline int fsopen_lxc(const char *fs_name, unsigned int flags)
+{
+ return syscall(__NR_fsopen, fs_name, flags);
+}
+#define fsopen fsopen_lxc
+#else
+extern int fsopen(const char *fs_name, unsigned int flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From 749bc40479328b146fad2ef79cfb6cffa9701319 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:54:12 +0200
Subject: [PATCH 2/9] syscalls: add fspick()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 85d2668850..32fcdc230d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index 6786830924..cbd69803ea 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -583,4 +583,24 @@
#endif
#endif
+#ifndef __NR_fspick
+ #if defined __alpha__
+ #define __NR_fspick 543
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fspick 4433
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fspick 6433
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fspick 5433
+ #endif
+ #elif defined __ia64__
+ #define __NR_fspick (433 + 1024)
+ #else
+ #define __NR_fspick 433
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 8e7937d4d4..6d4f8f42cd 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -171,4 +171,14 @@ static inline int fsopen_lxc(const char *fs_name, unsigned int flags)
extern int fsopen(const char *fs_name, unsigned int flags);
#endif
+#ifndef HAVE_FSPICK
+static inline int fspick_lxc(int dfd, const char *path, unsigned int flags)
+{
+ return syscall(__NR_fspick, dfd, path, flags);
+}
+#define fspick fspick_lxc
+#else
+extern int fspick(int dfd, const char *path, unsigned int flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From 9edfcaa8220c1d80a91646e0286ae1aa0da7957b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 10:59:49 +0200
Subject: [PATCH 3/9] syscalls: add fsconfig()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 32fcdc230d..8178a4452e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index cbd69803ea..0cc2d67426 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -603,4 +603,24 @@
#endif
#endif
+#ifndef __NR_fsconfig
+ #if defined __alpha__
+ #define __NR_fsconfig 541
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsconfig 4431
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsconfig 6431
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsconfig 5431
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsconfig (431 + 1024)
+ #else
+ #define __NR_fsconfig 431
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index 6d4f8f42cd..aeb1db8ac9 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -181,4 +181,14 @@ static inline int fspick_lxc(int dfd, const char *path, unsigned int flags)
extern int fspick(int dfd, const char *path, unsigned int flags);
#endif
+#ifndef HAVE_FSCONFIG
+static inline int fsconfig_lxc(int fd, unsigned int cmd, const char *key, const void *value, int aux)
+{
+ return syscall(__NR_fsconfig, fd, cmd, key, value, aux);
+}
+#define fsconfig fsconfig_lxc
+#else
+extern int fsconfig(int fd, unsigned int cmd, const char *key, const void *value, int aux);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From 7f1d397bbdc8140e02fca8120fc626812e975681 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:02:33 +0200
Subject: [PATCH 4/9] syscalls: add fsmount()
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
configure.ac | 2 +-
src/lxc/syscall_numbers.h | 20 ++++++++++++++++++++
src/lxc/syscall_wrappers.h | 10 ++++++++++
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 8178a4452e..70099e3ad0 100644
--- a/configure.ac
+++ b/configure.ac
@@ -622,7 +622,7 @@ AC_CHECK_HEADER([ifaddrs.h],
AC_HEADER_MAJOR
# Check for some syscalls functions
-AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig])
+AC_CHECK_FUNCS([setns pivot_root sethostname unshare rand_r confstr faccessat gettid memfd_create move_mount open_tree execveat clone3 fsopen fspick fsconfig fsmount])
AC_CHECK_TYPES([struct clone_args], [], [], [[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.set_tid],[],[],[[#include <linux/sched.h>]])
AC_CHECK_MEMBERS([struct clone_args.cgroup],[],[],[[#include <linux/sched.h>]])
diff --git a/src/lxc/syscall_numbers.h b/src/lxc/syscall_numbers.h
index 0cc2d67426..e2e7883786 100644
--- a/src/lxc/syscall_numbers.h
+++ b/src/lxc/syscall_numbers.h
@@ -623,4 +623,24 @@
#endif
#endif
+#ifndef __NR_fsmount
+ #if defined __alpha__
+ #define __NR_fsmount 542
+ #elif defined _MIPS_SIM
+ #if _MIPS_SIM == _MIPS_SIM_ABI32 /* o32 */
+ #define __NR_fsmount 4432
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_NABI32 /* n32 */
+ #define __NR_fsmount 6432
+ #endif
+ #if _MIPS_SIM == _MIPS_SIM_ABI64 /* n64 */
+ #define __NR_fsmount 5432
+ #endif
+ #elif defined __ia64__
+ #define __NR_fsmount (432 + 1024)
+ #else
+ #define __NR_fsmount 432
+ #endif
+#endif
+
#endif /* __LXC_SYSCALL_NUMBERS_H */
diff --git a/src/lxc/syscall_wrappers.h b/src/lxc/syscall_wrappers.h
index aeb1db8ac9..220ef65fde 100644
--- a/src/lxc/syscall_wrappers.h
+++ b/src/lxc/syscall_wrappers.h
@@ -191,4 +191,14 @@ static inline int fsconfig_lxc(int fd, unsigned int cmd, const char *key, const
extern int fsconfig(int fd, unsigned int cmd, const char *key, const void *value, int aux);
#endif
+#ifndef HAVE_FSMOUNT
+static inline int fsmount_lxc(int fs_fd, unsigned int flags, unsigned int attr_flags)
+{
+ return syscall(__NR_fsmount, fs_fd, flags, attr_flags);
+}
+#define fsmount fsmount_lxc
+#else
+extern int fsmount(int fs_fd, unsigned int flags, unsigned int attr_flags);
+#endif
+
#endif /* __LXC_SYSCALL_WRAPPER_H */
From 7f88a1a2f6151a70cd5e2142b4456e88c0efb196 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:32:28 +0200
Subject: [PATCH 5/9] mount_utils: add mount utils
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 2 +
src/lxc/conf.c | 1 +
src/lxc/macro.h | 14 ----
src/lxc/mount_utils.c | 110 ++++++++++++++++++++++++++++++
src/lxc/mount_utils.h | 151 ++++++++++++++++++++++++++++++++++++++++++
5 files changed, 264 insertions(+), 14 deletions(-)
create mode 100644 src/lxc/mount_utils.c
create mode 100644 src/lxc/mount_utils.h
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index d217821362..442112353c 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -26,6 +26,7 @@ noinst_HEADERS = api_extensions.h \
macro.h \
memory_utils.h \
monitor.h \
+ mount_utils.h \
namespace.h \
process_utils.h \
rexec.h \
@@ -125,6 +126,7 @@ liblxc_la_SOURCES = af_unix.c af_unix.h \
macro.h \
memory_utils.h \
mainloop.c mainloop.h \
+ mount_utils.c mount_utils.h \
namespace.c namespace.h \
network.c network.h \
nl.c nl.h \
diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 7ea13e4504..9410cac920 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -48,6 +48,7 @@
#include "lxcseccomp.h"
#include "macro.h"
#include "memory_utils.h"
+#include "mount_utils.h"
#include "namespace.h"
#include "network.h"
#include "parse.h"
diff --git a/src/lxc/macro.h b/src/lxc/macro.h
index 2ae1a7bb32..5155f7b162 100644
--- a/src/lxc/macro.h
+++ b/src/lxc/macro.h
@@ -57,20 +57,6 @@
#define CAP_SETGID 6
#endif
-/* move_mount */
-#ifndef MOVE_MOUNT_F_EMPTY_PATH
-#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
-#endif
-
-/* open_tree */
-#ifndef OPEN_TREE_CLONE
-#define OPEN_TREE_CLONE 1 /* Clone the target tree and attach the clone */
-#endif
-
-#ifndef OPEN_TREE_CLOEXEC
-#define OPEN_TREE_CLOEXEC O_CLOEXEC /* Close the file on execve() */
-#endif
-
/* prctl */
#ifndef PR_CAPBSET_READ
#define PR_CAPBSET_READ 23
diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
new file mode 100644
index 0000000000..f8e0f6e006
--- /dev/null
+++ b/src/lxc/mount_utils.c
@@ -0,0 +1,110 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE 1
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "macro.h"
+#include "memory_utils.h"
+#include "mount_utils.h"
+#include "syscall_numbers.h"
+#include "syscall_wrappers.h"
+
+int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags)
+{
+ unsigned int flags = 0;
+
+ if (old_flags & MS_RDONLY) {
+ flags |= MOUNT_ATTR_RDONLY;
+ old_flags &= ~MS_RDONLY;
+ }
+
+ if (old_flags & MS_NOSUID) {
+ flags |= MOUNT_ATTR_NOSUID;
+ old_flags &= ~MS_NOSUID;
+ }
+
+ if (old_flags & MS_NODEV) {
+ flags |= MOUNT_ATTR_NODEV;
+ old_flags &= ~MS_NODEV;
+ }
+
+ if (old_flags & MS_NOEXEC) {
+ flags |= MOUNT_ATTR_NOEXEC;
+ old_flags &= ~MS_NOEXEC;
+ }
+
+ if (old_flags & MS_RELATIME) {
+ flags |= MOUNT_ATTR_RELATIME;
+ old_flags &= ~MS_RELATIME;
+ }
+
+ if (old_flags & MS_NOATIME) {
+ flags |= MOUNT_ATTR_NOATIME;
+ old_flags &= ~MS_NOATIME;
+ }
+
+ if (old_flags & MS_STRICTATIME) {
+ flags |= MOUNT_ATTR_STRICTATIME;
+ old_flags &= ~MS_STRICTATIME;
+ }
+
+ if (old_flags & MS_NODIRATIME) {
+ flags |= MOUNT_ATTR_NODIRATIME;
+ old_flags &= ~MS_NODIRATIME;
+ }
+
+ *new_flags |= flags;
+ return old_flags;
+}
+
+int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags)
+{
+ unsigned int flags = 0;
+
+ if (new_flags & MOUNT_ATTR_RDONLY) {
+ flags |= MS_RDONLY;
+ new_flags &= ~MOUNT_ATTR_RDONLY;
+ }
+
+ if (new_flags & MOUNT_ATTR_NOSUID) {
+ flags |= MS_NOSUID;
+ new_flags &= ~MOUNT_ATTR_NOSUID;
+ }
+
+ if (new_flags & MS_NODEV) {
+ flags |= MOUNT_ATTR_NODEV;
+ new_flags &= ~MS_NODEV;
+ }
+
+ if (new_flags & MOUNT_ATTR_NOEXEC) {
+ flags |= MS_NOEXEC;
+ new_flags &= ~MOUNT_ATTR_NOEXEC;
+ }
+
+ if (new_flags & MS_RELATIME) {
+ flags |= MS_RELATIME;
+ new_flags &= ~MOUNT_ATTR_RELATIME;
+ }
+
+ if (new_flags & MS_NOATIME) {
+ flags |= MS_NOATIME;
+ new_flags &= ~MOUNT_ATTR_NOATIME;
+ }
+
+ if (new_flags & MS_STRICTATIME) {
+ flags |= MS_STRICTATIME;
+ new_flags &= ~MOUNT_ATTR_STRICTATIME;
+ }
+
+ if (new_flags & MS_NODIRATIME) {
+ flags |= MS_NODIRATIME;
+ new_flags &= ~MOUNT_ATTR_NODIRATIME;
+ }
+
+ *old_flags |= flags;
+ return new_flags;
+}
diff --git a/src/lxc/mount_utils.h b/src/lxc/mount_utils.h
new file mode 100644
index 0000000000..19d7b95cce
--- /dev/null
+++ b/src/lxc/mount_utils.h
@@ -0,0 +1,151 @@
+/* SPDX-License-Identifier: LGPL-2.1+ */
+
+#ifndef __LXC_MOUNT_UTILS_H
+#define __LXC_MOUNT_UTILS_H
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/mount.h>
+
+#include "compiler.h"
+
+/* open_tree() flags */
+#ifndef OPEN_TREE_CLONE
+#define OPEN_TREE_CLONE 1
+#endif
+
+#ifndef OPEN_TREE_CLOEXEC
+#define OPEN_TREE_CLOEXEC O_CLOEXEC
+#endif
+
+/* move_mount() flags */
+#ifndef MOVE_MOUNT_F_SYMLINKS
+#define MOVE_MOUNT_F_SYMLINKS 0x00000001 /* Follow symlinks on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_AUTOMOUNTS
+#define MOVE_MOUNT_F_AUTOMOUNTS 0x00000002 /* Follow automounts on from path */
+#endif
+
+#ifndef MOVE_MOUNT_F_EMPTY_PATH
+#define MOVE_MOUNT_F_EMPTY_PATH 0x00000004 /* Empty from path permitted */
+#endif
+
+#ifndef MOVE_MOUNT_T_SYMLINKS
+#define MOVE_MOUNT_T_SYMLINKS 0x00000010 /* Follow symlinks on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_AUTOMOUNTS
+#define MOVE_MOUNT_T_AUTOMOUNTS 0x00000020 /* Follow automounts on to path */
+#endif
+
+#ifndef MOVE_MOUNT_T_EMPTY_PATH
+#define MOVE_MOUNT_T_EMPTY_PATH 0x00000040 /* Empty to path permitted */
+#endif
+
+#ifndef MOVE_MOUNT__MASK
+#define MOVE_MOUNT__MASK 0x00000077
+#endif
+
+/* fsopen() flags */
+#ifndef FSOPEN_CLOEXEC
+#define FSOPEN_CLOEXEC 0x00000001
+#endif
+
+/* fspick() flags */
+#ifndef FSPICK_CLOEXEC
+#define FSPICK_CLOEXEC 0x00000001
+#endif
+
+#ifndef FSPICK_SYMLINK_NOFOLLOW
+#define FSPICK_SYMLINK_NOFOLLOW 0x00000002
+#endif
+
+#ifndef FSPICK_NO_AUTOMOUNT
+#define FSPICK_NO_AUTOMOUNT 0x00000004
+#endif
+
+#ifndef FSPICK_EMPTY_PATH
+#define FSPICK_EMPTY_PATH 0x00000008
+#endif
+
+/* fsconfig() commands */
+#ifndef FSCONFIG_SET_FLAG
+#define FSCONFIG_SET_FLAG 0 /* Set parameter, supplying no value */
+#endif
+
+#ifndef FSCONFIG_SET_STRING
+#define FSCONFIG_SET_STRING 1 /* Set parameter, supplying a string value */
+#endif
+
+#ifndef FSCONFIG_SET_BINARY
+#define FSCONFIG_SET_BINARY 2 /* Set parameter, supplying a binary blob value */
+#endif
+
+#ifndef FSCONFIG_SET_PATH
+#define FSCONFIG_SET_PATH 3 /* Set parameter, supplying an object by path */
+#endif
+
+#ifndef FSCONFIG_SET_PATH_EMPTY
+#define FSCONFIG_SET_PATH_EMPTY 4 /* Set parameter, supplying an object by (empty) path */
+#endif
+
+#ifndef FSCONFIG_SET_FD
+#define FSCONFIG_SET_FD 5 /* Set parameter, supplying an object by fd */
+#endif
+
+#ifndef FSCONFIG_CMD_CREATE
+#define FSCONFIG_CMD_CREATE 6 /* Invoke superblock creation */
+#endif
+
+#ifndef FSCONFIG_CMD_RECONFIGURE
+#define FSCONFIG_CMD_RECONFIGURE 7 /* Invoke superblock reconfiguration */
+#endif
+
+/* fsmount() flags */
+#ifndef FSMOUNT_CLOEXEC
+#define FSMOUNT_CLOEXEC 0x00000001
+#endif
+
+/* mount attributes */
+#ifndef MOUNT_ATTR_RDONLY
+#define MOUNT_ATTR_RDONLY 0x00000001 /* Mount read-only */
+#endif
+
+#ifndef MOUNT_ATTR_NOSUID
+#define MOUNT_ATTR_NOSUID 0x00000002 /* Ignore suid and sgid bits */
+#endif
+
+#ifndef MOUNT_ATTR_NODEV
+#define MOUNT_ATTR_NODEV 0x00000004 /* Disallow access to device special files */
+#endif
+
+#ifndef MOUNT_ATTR_NOEXEC
+#define MOUNT_ATTR_NOEXEC 0x00000008 /* Disallow program execution */
+#endif
+
+#ifndef MOUNT_ATTR__ATIME
+#define MOUNT_ATTR__ATIME 0x00000070 /* Setting on how atime should be updated */
+#endif
+
+#ifndef MOUNT_ATTR_RELATIME
+#define MOUNT_ATTR_RELATIME 0x00000000 /* - Update atime relative to mtime/ctime. */
+#endif
+
+#ifndef MOUNT_ATTR_NOATIME
+#define MOUNT_ATTR_NOATIME 0x00000010 /* - Do not update access times. */
+#endif
+
+#ifndef MOUNT_ATTR_STRICTATIME
+#define MOUNT_ATTR_STRICTATIME 0x00000020 /* - Always perform atime updates */
+#endif
+
+#ifndef MOUNT_ATTR_NODIRATIME
+#define MOUNT_ATTR_NODIRATIME 0x00000080 /* Do not update directory access times */
+#endif
+
+__hidden extern int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags);
+
+__hidden extern int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags);
+
+#endif /* __LXC_MOUNT_UTILS_H */
From 14df702190f8bb7693c65a36392e09a1dd66e96b Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:45:15 +0200
Subject: [PATCH 6/9] mount_utils: add mount_filesystem() helper
that translates between the two mount apis.
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/mount_utils.c | 30 ++++++++++++++++++++++++++++++
src/lxc/mount_utils.h | 2 ++
2 files changed, 32 insertions(+)
diff --git a/src/lxc/mount_utils.c b/src/lxc/mount_utils.c
index f8e0f6e006..f07cddd8a0 100644
--- a/src/lxc/mount_utils.c
+++ b/src/lxc/mount_utils.c
@@ -3,16 +3,22 @@
#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
+#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "log.h"
#include "macro.h"
#include "memory_utils.h"
#include "mount_utils.h"
#include "syscall_numbers.h"
#include "syscall_wrappers.h"
+lxc_log_define(mount_utils, lxc);
+
int mnt_attributes_new(unsigned int old_flags, unsigned int *new_flags)
{
unsigned int flags = 0;
@@ -108,3 +114,27 @@ int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags)
*old_flags |= flags;
return new_flags;
}
+
+int mount_filesystem(const char *fs_name, const char *path, unsigned int attr_flags)
+{
+ __do_close int fsfd = -EBADF;
+ unsigned int old_flags = 0;
+
+ fsfd = fsopen(fs_name, FSOPEN_CLOEXEC);
+ if (fsfd >= 0) {
+ __do_close int mfd = -EBADF;
+
+ if (fsconfig(fsfd, FSCONFIG_CMD_CREATE, NULL, NULL, 0))
+ return -1;
+
+ mfd = fsmount(fsfd, FSMOUNT_CLOEXEC, attr_flags);
+ if (mfd < 0)
+ return -1;
+
+ return move_mount(mfd, "", AT_FDCWD, path, MOVE_MOUNT_F_EMPTY_PATH);
+ }
+
+ TRACE("Falling back to old mount api");
+ mnt_attributes_old(attr_flags, &old_flags);
+ return mount("none", path, fs_name, old_flags, NULL);
+}
diff --git a/src/lxc/mount_utils.h b/src/lxc/mount_utils.h
index 19d7b95cce..bdcf8a3907 100644
--- a/src/lxc/mount_utils.h
+++ b/src/lxc/mount_utils.h
@@ -148,4 +148,6 @@ __hidden extern int mnt_attributes_new(unsigned int old_flags, unsigned int *new
__hidden extern int mnt_attributes_old(unsigned int new_flags, unsigned int *old_flags);
+__hidden extern int mount_filesystem(const char *fs_name, const char *path, unsigned int attr_flags);
+
#endif /* __LXC_MOUNT_UTILS_H */
From 657256e0b86b63e1f14f1ae10356e329d749b25f Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 11:47:21 +0200
Subject: [PATCH 7/9] attach: use new mount api
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/attach.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lxc/attach.c b/src/lxc/attach.c
index 5443fee5f7..ad25aada9e 100644
--- a/src/lxc/attach.c
+++ b/src/lxc/attach.c
@@ -39,6 +39,7 @@
#include "macro.h"
#include "mainloop.h"
#include "memory_utils.h"
+#include "mount_utils.h"
#include "namespace.h"
#include "process_utils.h"
#include "syscall_wrappers.h"
@@ -202,7 +203,7 @@ int lxc_attach_remount_sys_proc(void)
if (ret < 0)
return log_error_errno(-1, errno, "Failed to unmount /proc");
- ret = mount("none", "/proc", "proc", 0, NULL);
+ ret = mount_filesystem("proc", "/proc", 0);
if (ret < 0)
return log_error_errno(-1, errno, "Failed to remount /proc");
@@ -215,7 +216,7 @@ int lxc_attach_remount_sys_proc(void)
return log_error_errno(-1, errno, "Failed to unmount /sys");
/* Remount it. */
- if (ret == 0 && mount("none", "/sys", "sysfs", 0, NULL))
+ if (ret == 0 && mount_filesystem("sysfs", "/sys", 0))
return log_error_errno(-1, errno, "Failed to remount /sys");
return 0;
From 18780b9068e05c29629e1c346e906ca9e54c2331 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Wed, 22 Jul 2020 12:04:52 +0200
Subject: [PATCH 8/9] log: don't break logging by hiding symbols
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/log.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/lxc/log.h b/src/lxc/log.h
index 0ddcfa20a5..0361db40fa 100644
--- a/src/lxc/log.h
+++ b/src/lxc/log.h
@@ -85,7 +85,7 @@ struct lxc_log_category {
};
#ifndef NO_LXC_CONF
-__hidden extern int lxc_log_use_global_fd;
+extern int lxc_log_use_global_fd;
#endif
/*
@@ -278,8 +278,8 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
* Helper macro to define and use static categories.
*/
#define lxc_log_category_define(name, parent) \
- __hidden extern struct lxc_log_category lxc_log_category_##parent; \
- __hidden struct lxc_log_category lxc_log_category_##name = { \
+ extern struct lxc_log_category lxc_log_category_##parent; \
+ struct lxc_log_category lxc_log_category_##name = { \
#name, \
LXC_LOG_LEVEL_NOTSET, \
NULL, \
@@ -561,7 +561,7 @@ __lxc_unused static inline void LXC_##LEVEL(struct lxc_log_locinfo* locinfo, \
__internal_ret__; \
})
-__hidden extern int lxc_log_fd;
+extern int lxc_log_fd;
__hidden extern int lxc_log_syslog(int facility);
__hidden extern void lxc_log_syslog_enable(void);
From 7a7286393a37c4e698e7ae9281da482049c10f08 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner at ubuntu.com>
Date: Thu, 23 Jul 2020 10:33:33 +0200
Subject: [PATCH 9/9] Makefile: fix Makefile
Signed-off-by: Christian Brauner <christian.brauner at ubuntu.com>
---
src/lxc/Makefile.am | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
diff --git a/src/lxc/Makefile.am b/src/lxc/Makefile.am
index 442112353c..baa624ac98 100644
--- a/src/lxc/Makefile.am
+++ b/src/lxc/Makefile.am
@@ -1440,22 +1440,16 @@ endif
if ENABLE_COMMANDS
# Binaries shipping with liblxc
init_lxc_SOURCES = cmd/lxc_init.c \
+ af_unix.c af_unix.h \
caps.c caps.h \
- compiler.h \
error.c error.h \
file_utils.c file_utils.h \
initutils.c initutils.h \
log.c log.h \
+ macro.h \
memory_utils.h \
- parse.c parse.h \
- process_utils.c process_utils.h \
- ringbuf.c ringbuf.h \
- string_utils.c string_utils.h \
- syscall_numbers.h
-if ENABLE_SECCOMP
-init_lxc_SOURCES += seccomp.c lxcseccomp.h
-endif
-
+ namespace.c namespace.h \
+ string_utils.c string_utils.h
init_lxc_LDFLAGS = -pthread
lxc_monitord_SOURCES = cmd/lxc_monitord.c \
More information about the lxc-devel
mailing list