"Fossies" - the Fresh Open Source Software Archive

Member "lxc-4.0.10/src/lxc/start.h" (16 Jul 2021, 5533 Bytes) of package /linux/misc/lxc-4.0.10.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "start.h" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 4.0.9_vs_4.0.10.

    1 /* SPDX-License-Identifier: LGPL-2.1+ */
    2 
    3 #ifndef __LXC_START_H
    4 #define __LXC_START_H
    5 
    6 #include <linux/sched.h>
    7 #include <sched.h>
    8 #include <signal.h>
    9 #include <stdbool.h>
   10 #include <sys/param.h>
   11 #include <sys/socket.h>
   12 #include <sys/un.h>
   13 
   14 #include "compiler.h"
   15 #include "conf.h"
   16 #include "macro.h"
   17 #include "namespace.h"
   18 #include "state.h"
   19 
   20 struct lxc_handler {
   21     /* Record the clone for namespaces flags that the container requested.
   22      *
   23      * @ns_clone_flags
   24      * - All clone flags that were requested.
   25      *
   26      * @ns_on_clone_flags
   27      * - The clone flags for namespaces to actually use when calling
   28      *   lxc_clone(): After the container has started ns_on_clone_flags will
   29      *   list the clone flags that were unshare()ed rather then clone()ed
   30      *   because of ordering requirements (e.g. e.g. CLONE_NEWNET and
   31      *   CLONE_NEWUSER) or implementation details.
   32      *
   33      * @ns_unshare_flags
   34      * - Flags for namespaces that were unshared, not cloned.
   35      *
   36      * @clone_flags
   37      * - ns_on_clone flags | other flags used to create container.
   38      */
   39     struct /* lxc_ns */ {
   40         unsigned int ns_clone_flags;
   41         unsigned int ns_on_clone_flags;
   42         unsigned int ns_unshare_flags;
   43         __aligned_u64 clone_flags;
   44     };
   45 
   46     /* Signal file descriptor. */
   47     int sigfd;
   48 
   49     /* List of file descriptors referring to the namespaces of the
   50      * container. Note that these are not necessarily identical to
   51      * the "clone_flags" handler field in case namespace inheritance is
   52      * requested.
   53      */
   54     int nsfd[LXC_NS_MAX];
   55 
   56     /* Abstract unix domain SOCK_DGRAM socketpair to pass arbitrary data
   57      * between child and parent.
   58      */
   59     int data_sock[2];
   60 
   61     /* The socketpair() fds used to wait on successful daemonized startup. */
   62     int state_socket_pair[2];
   63 
   64     /* Socketpair to synchronize processes during container creation. */
   65     int sync_sock[2];
   66 
   67     /* Pointer to the name of the container. Do not free! */
   68     const char *name;
   69 
   70     /* Pointer to the path the container. Do not free! */
   71     const char *lxcpath;
   72 
   73     /* Whether the container's startup process euid is 0. */
   74     bool am_root;
   75 
   76     /* Indicates whether should we close std{in,out,err} on start. */
   77     bool daemonize;
   78 
   79     /* The child's pid. */
   80     pid_t pid;
   81 
   82     /* The child's pidfd. */
   83     int pidfd;
   84 
   85     /* The grandfather's pid when double-forking. */
   86     pid_t transient_pid;
   87 
   88     /* The monitor's pid. */
   89     pid_t monitor_pid;
   90 
   91     int monitor_status_fd;
   92 
   93     /* Whether the child has already exited. */
   94     bool init_died;
   95 
   96     /* The signal mask prior to setting up the signal file descriptor. */
   97     sigset_t oldmask;
   98 
   99     /* The container's in-memory configuration. */
  100     struct lxc_conf *conf;
  101 
  102     /* A set of operations to be performed at various stages of the
  103      * container's life.
  104      */
  105     struct lxc_operations *ops;
  106 
  107     /* This holds the cgroup information. Note that the data here is
  108      * specific to the cgroup driver used.
  109      */
  110     void *cgroup_data;
  111 
  112     /* Data to be passed to handler ops. */
  113     void *data;
  114 
  115     /* Current state of the container. */
  116     lxc_state_t state;
  117 
  118     /* The exit status of the container; not defined unless ->init_died ==
  119      * true.
  120      */
  121     int exit_status;
  122 
  123     struct cgroup_ops *cgroup_ops;
  124 
  125     /* Internal fds that always need to stay open. */
  126     int keep_fds[3];
  127 
  128     /* Static memory, don't free. */
  129     struct lsm_ops *lsm_ops;
  130 
  131     /* The namespace idx is guaranteed to match the stashed namespace path. */
  132     char nsfd_paths[LXC_NS_MAX + 1][LXC_EXPOSE_NAMESPACE_LEN];
  133     /* The namesace idx is _not_ guaranteed to match the stashed namespace path. */
  134     lxc_namespace_t hook_argc;
  135     char *hook_argv[LXC_NS_MAX + 1];
  136 };
  137 
  138 struct execute_args {
  139     char *const *argv;
  140     int quiet;
  141 };
  142 
  143 struct lxc_operations {
  144     int (*start)(struct lxc_handler *, void *);
  145     int (*post_start)(struct lxc_handler *, void *);
  146 };
  147 
  148 __hidden extern int lxc_poll(const char *name, struct lxc_handler *handler);
  149 __hidden extern int lxc_set_state(const char *name, struct lxc_handler *handler, lxc_state_t state);
  150 __hidden extern int lxc_serve_state_clients(const char *name, struct lxc_handler *handler,
  151                         lxc_state_t state);
  152 __hidden extern void lxc_abort(struct lxc_handler *handler);
  153 __hidden extern struct lxc_handler *lxc_init_handler(struct lxc_handler *old, const char *name,
  154                              struct lxc_conf *conf, const char *lxcpath,
  155                              bool daemonize);
  156 __hidden extern void lxc_put_handler(struct lxc_handler *handler);
  157 __hidden extern int lxc_init(const char *name, struct lxc_handler *handler);
  158 __hidden extern void lxc_end(struct lxc_handler *handler);
  159 
  160 /* lxc_check_inherited: Check for any open file descriptors and close them if
  161  *                      requested.
  162  * @param[in] conf          The container's configuration.
  163  * @param[in] closeall      Whether we should close all open file descriptors.
  164  * @param[in] fds_to_ignore Array of file descriptors to ignore.
  165  * @param[in] len_fds       Length of fds_to_ignore array.
  166  */
  167 __hidden extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall, int *fds_to_ignore,
  168                     size_t len_fds);
  169 static inline int inherit_fds(struct lxc_handler *handler, bool closeall)
  170 {
  171     return lxc_check_inherited(handler->conf, closeall, handler->keep_fds,
  172                    ARRAY_SIZE(handler->keep_fds));
  173 }
  174 
  175 __hidden extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *, const char *,
  176                 bool, int *);
  177 
  178 __hidden extern int resolve_clone_flags(struct lxc_handler *handler);
  179 __hidden extern void lxc_expose_namespace_environment(const struct lxc_handler *handler);
  180 
  181 static inline bool container_uses_namespace(const struct lxc_handler *handler,
  182                         unsigned int ns_flag)
  183 {
  184     return (handler->ns_clone_flags & ns_flag);
  185 }
  186 
  187 #endif