From 4eb6383318a8e3beb1c632553a77b4f86e78dd20 Mon Sep 17 00:00:00 2001 From: LiFeng Date: Mon, 3 Jun 2019 05:14:46 -0400 Subject: [PATCH 101/138] lxc: fix code error Signed-off-by: LiFeng --- src/lxc/af_unix.c | 28 +- src/lxc/cgroups/cgfsng.c | 263 ++++++------ src/lxc/conf.c | 575 ++++++++++++++------------ src/lxc/conf.h | 28 +- src/lxc/confile.c | 897 ++++++++++++++++++++-------------------- src/lxc/confile_utils.c | 42 +- src/lxc/json/logger_json_file.c | 422 +++++++++---------- src/lxc/json/read-file.c | 139 +++---- src/lxc/log.c | 48 +-- src/lxc/lxccontainer.c | 239 ++++++----- src/lxc/mainloop.c | 8 +- src/lxc/path.c | 584 +++++++++++++++----------- src/lxc/path.h | 18 +- src/lxc/start.c | 194 ++++----- src/lxc/storage/block.c | 3 +- src/lxc/terminal.c | 129 +++--- src/lxc/utils.c | 159 ++++--- src/lxc/utils.h | 11 +- 18 files changed, 2019 insertions(+), 1768 deletions(-) diff --git a/src/lxc/af_unix.c b/src/lxc/af_unix.c index 24500a8..4c45946 100644 --- a/src/lxc/af_unix.c +++ b/src/lxc/af_unix.c @@ -47,7 +47,7 @@ lxc_log_define(af_unix, lxc); static ssize_t lxc_abstract_unix_set_sockaddr(struct sockaddr_un *addr, - const char *path) + const char *path) { size_t len; @@ -96,7 +96,7 @@ int lxc_abstract_unix_open(const char *path, int type, int flags) } ret = bind(fd, (struct sockaddr *)&addr, - offsetof(struct sockaddr_un, sun_path) + len + 1); + offsetof(struct sockaddr_un, sun_path) + len + 1); if (ret < 0) { int saved_errno = errno; close(fd); @@ -141,7 +141,7 @@ int lxc_abstract_unix_connect(const char *path) } ret = connect(fd, (struct sockaddr *)&addr, - offsetof(struct sockaddr_un, sun_path) + len + 1); + offsetof(struct sockaddr_un, sun_path) + len + 1); if (ret < 0) { int saved_errno = errno; close(fd); @@ -153,7 +153,7 @@ int lxc_abstract_unix_connect(const char *path) } int lxc_abstract_unix_send_fds(int fd, int *sendfds, int num_sendfds, - void *data, size_t size) + void *data, size_t size) { int ret; struct msghdr msg; @@ -196,14 +196,14 @@ int lxc_abstract_unix_send_fds(int fd, int *sendfds, int num_sendfds, /* isulad: add wait timeout Microseconds*/ int lxc_abstract_unix_recv_fds_timeout(int fd, int *recvfds, int num_recvfds, - void *data, size_t size, unsigned int timeout) + void *data, size_t size, unsigned int timeout) { int ret; struct msghdr msg; struct iovec iov; struct cmsghdr *cmsg = NULL; char buf[1] = {0}; - char *cmsgbuf; + char *cmsgbuf = NULL; size_t cmsgbufsize = CMSG_SPACE(num_recvfds * sizeof(int)); struct timeval out; @@ -229,10 +229,10 @@ int lxc_abstract_unix_recv_fds_timeout(int fd, int *recvfds, int num_recvfds, out.tv_sec = timeout / 1000000; out.tv_usec = timeout % 1000000; ret = setsockopt(fd, SOL_SOCKET, SO_RCVTIMEO, - (const void *)&out, sizeof(out)); + (const void *)&out, sizeof(out)); if (ret < 0) { ERROR("Failed to set %u timeout on containter " - "state socket", timeout); + "state socket", timeout); goto out; } } @@ -245,7 +245,7 @@ int lxc_abstract_unix_recv_fds_timeout(int fd, int *recvfds, int num_recvfds, memset(recvfds, -1, num_recvfds * sizeof(int)); if (cmsg && cmsg->cmsg_len == CMSG_LEN(num_recvfds * sizeof(int)) && - cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) + cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) memcpy(recvfds, CMSG_DATA(cmsg), num_recvfds * sizeof(int)); out: @@ -254,7 +254,7 @@ out: } int lxc_abstract_unix_recv_fds(int fd, int *recvfds, int num_recvfds, - void *data, size_t size) + void *data, size_t size) { return lxc_abstract_unix_recv_fds_timeout(fd, recvfds, num_recvfds, data, size, 0); } @@ -265,7 +265,7 @@ int lxc_abstract_unix_send_credential(int fd, void *data, size_t size) struct iovec iov; struct cmsghdr *cmsg; struct ucred cred = { - .pid = lxc_raw_getpid(), .uid = getuid(), .gid = getgid(), + .pid = lxc_raw_getpid(), .uid = getuid(), .gid = getgid(), }; char cmsgbuf[CMSG_SPACE(sizeof(cred))] = {0}; char buf[1] = {0}; @@ -317,11 +317,11 @@ int lxc_abstract_unix_rcv_credential(int fd, void *data, size_t size) cmsg = CMSG_FIRSTHDR(&msg); if (cmsg && cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)) && - cmsg->cmsg_level == SOL_SOCKET && - cmsg->cmsg_type == SCM_CREDENTIALS) { + cmsg->cmsg_level == SOL_SOCKET && + cmsg->cmsg_type == SCM_CREDENTIALS) { memcpy(&cred, CMSG_DATA(cmsg), sizeof(cred)); if (cred.uid && - (cred.uid != getuid() || cred.gid != getgid())) { + (cred.uid != getuid() || cred.gid != getgid())) { INFO("Message denied for '%d/%d'", cred.uid, cred.gid); errno = EACCES; return -1; diff --git a/src/lxc/cgroups/cgfsng.c b/src/lxc/cgroups/cgfsng.c index eee7ed6..67c7a0e 100644 --- a/src/lxc/cgroups/cgfsng.c +++ b/src/lxc/cgroups/cgfsng.c @@ -149,7 +149,7 @@ static char *cg_legacy_must_prefix_named(char *entry) * The last entry will always be NULL. */ static void must_append_controller(char **klist, char **nlist, char ***clist, - char *entry) + char *entry) { int newentry; char *copy; @@ -190,7 +190,7 @@ struct hierarchy *get_hierarchy(struct cgroup_ops *ops, const char *controller) if (!controller) { /* This is the empty unified hierarchy. */ if (ops->hierarchies[i]->controllers && - !ops->hierarchies[i]->controllers[0]) + !ops->hierarchies[i]->controllers[0]) return ops->hierarchies[i]; continue; @@ -591,7 +591,7 @@ static bool cg_legacy_handle_cpuset_hierarchy(struct hierarchy *h, char *cgname) } clonechildrenpath = - must_make_path(cgpath, "cgroup.clone_children", NULL); + must_make_path(cgpath, "cgroup.clone_children", NULL); /* unified hierarchy doesn't have clone_children */ if (!file_exists(clonechildrenpath)) { free(clonechildrenpath); @@ -722,7 +722,7 @@ static bool all_controllers_found(struct cgroup_ops *ops) * be /sys/fs/cgroup/controller-list */ static char **cg_hybrid_get_controllers(char **klist, char **nlist, char *line, - int type) + int type) { /* The fourth field is /sys/fs/cgroup/comma-delimited-controller-list * for legacy hierarchies. @@ -809,7 +809,7 @@ static char **cg_unified_get_controllers(const char *file) } static struct hierarchy *add_hierarchy(struct hierarchy ***h, char **clist, char *mountpoint, - char *container_base_path, int type) + char *container_base_path, int type) { struct hierarchy *new; int newentry; @@ -903,7 +903,7 @@ static bool controller_in_clist(char *cgline, char *c) * @controller. */ static char *cg_hybrid_get_current_cgroup(char *basecginfo, char *controller, - int type) + int type) { char *p = basecginfo; @@ -1023,7 +1023,7 @@ static void lxc_cgfsng_print_hierarchies(struct cgroup_ops *ops) } static void lxc_cgfsng_print_basecg_debuginfo(char *basecginfo, char **klist, - char **nlist) + char **nlist) { int k; char **it; @@ -1039,7 +1039,7 @@ static void lxc_cgfsng_print_basecg_debuginfo(char *basecginfo, char **klist, } static int cgroup_rmdir(struct hierarchy **hierarchies, - const char *container_cgroup) + const char *container_cgroup) { int i; @@ -1085,14 +1085,14 @@ static int cgroup_rmdir_wrapper(void *data) ret = setresgid(nsgid, nsgid, nsgid); if (ret < 0) { SYSERROR("Failed to setresgid(%d, %d, %d)", (int)nsgid, - (int)nsgid, (int)nsgid); + (int)nsgid, (int)nsgid); return -1; } ret = setresuid(nsuid, nsuid, nsuid); if (ret < 0) { SYSERROR("Failed to setresuid(%d, %d, %d)", (int)nsuid, - (int)nsuid, (int)nsuid); + (int)nsuid, (int)nsuid); return -1; } @@ -1107,7 +1107,7 @@ static int cgroup_rmdir_wrapper(void *data) /* isulad: fix return bool instead of void*/ __cgfsng_ops static bool cgfsng_payload_destroy(struct cgroup_ops *ops, - struct lxc_handler *handler) + struct lxc_handler *handler) { int ret; struct generic_userns_exec_data wrap; @@ -1121,7 +1121,7 @@ __cgfsng_ops static bool cgfsng_payload_destroy(struct cgroup_ops *ops, if (handler->conf && !lxc_list_empty(&handler->conf->id_map)) ret = userns_exec_1(handler->conf, cgroup_rmdir_wrapper, &wrap, - "cgroup_rmdir_wrapper"); + "cgroup_rmdir_wrapper"); else ret = cgroup_rmdir(ops->hierarchies, ops->container_cgroup); if (ret < 0) { @@ -1186,10 +1186,10 @@ static bool cg_unified_create_cgroup(struct hierarchy *h, char *cgname, int errf free(target); if (ret < 0) { SYSERROR("Could not enable \"%s\" controllers in the " - "unified cgroup \"%s\"", add_controllers, cgroup); + "unified cgroup \"%s\"", add_controllers, cgroup); lxc_write_error_message(errfd, "%s:%d: Could not enable \"%s\" controllers in the " - "unified cgroup: \"%s\"", - __FILE__, __LINE__, add_controllers, strerror(errno)); + "unified cgroup: \"%s\"", + __FILE__, __LINE__, add_controllers, strerror(errno)); goto on_error; } } @@ -1248,7 +1248,7 @@ static bool create_path_for_hierarchy(struct hierarchy *h, char *cgname, int err if (file_exists(h->container_full_path)) { // it must not already exist ERROR("Cgroup path \"%s\" already exist.", h->container_full_path); lxc_write_error_message(errfd, "%s:%d: Cgroup path \"%s\" already exist.", - __FILE__, __LINE__, h->container_full_path); + __FILE__, __LINE__, h->container_full_path); return false; } @@ -1268,7 +1268,7 @@ static bool create_path_for_hierarchy(struct hierarchy *h, char *cgname, int err /* isulad: create hierarchies path, if fail, return the error */ __cgfsng_ops static bool cgfsng_payload_create(struct cgroup_ops *ops, - struct lxc_handler *handler) + struct lxc_handler *handler) { int i; char *container_cgroup = ops->container_cgroup; @@ -1302,7 +1302,7 @@ __cgfsng_ops static bool cgfsng_payload_enter(struct cgroup_ops *ops, pid_t pid) char *fullpath; fullpath = must_make_path(ops->hierarchies[i]->container_full_path, - "cgroup.procs", NULL); + "cgroup.procs", NULL); ret = lxc_write_to_file(fullpath, pidstr, len, false, 0666); if (ret != 0) { SYSERROR("Failed to enter cgroup \"%s\"", fullpath); @@ -1316,7 +1316,7 @@ __cgfsng_ops static bool cgfsng_payload_enter(struct cgroup_ops *ops, pid_t pid) } static int chowmod(char *path, uid_t chown_uid, gid_t chown_gid, - mode_t chmod_mode) + mode_t chmod_mode) { int ret; @@ -1353,14 +1353,14 @@ static int chown_cgroup_wrapper(void *data) ret = setresgid(nsgid, nsgid, nsgid); if (ret < 0) { SYSERROR("Failed to setresgid(%d, %d, %d)", - (int)nsgid, (int)nsgid, (int)nsgid); + (int)nsgid, (int)nsgid, (int)nsgid); return -1; } ret = setresuid(nsuid, nsuid, nsuid); if (ret < 0) { SYSERROR("Failed to setresuid(%d, %d, %d)", - (int)nsuid, (int)nsuid, (int)nsuid); + (int)nsuid, (int)nsuid, (int)nsuid); return -1; } @@ -1415,7 +1415,7 @@ static int chown_cgroup_wrapper(void *data) } __cgfsng_ops static bool cgfsng_chown(struct cgroup_ops *ops, - struct lxc_conf *conf) + struct lxc_conf *conf) { struct generic_userns_exec_data wrap; @@ -1428,7 +1428,7 @@ __cgfsng_ops static bool cgfsng_chown(struct cgroup_ops *ops, wrap.conf = conf; if (userns_exec_1(conf, chown_cgroup_wrapper, &wrap, - "chown_cgroup_wrapper") < 0) { + "chown_cgroup_wrapper") < 0) { ERROR("Error requesting cgroup chown in new user namespace"); return false; } @@ -1450,8 +1450,8 @@ static bool cg_mount_needs_subdirs(int type) * control/the/cg/path. */ static int cg_legacy_mount_controllers(int type, struct hierarchy *h, - char *controllerpath, char *cgpath, - const char *container_cgroup) + char *controllerpath, char *cgpath, + const char *container_cgroup) { int ret, remount_flags; char *sourcepath; @@ -1461,16 +1461,16 @@ static int cg_legacy_mount_controllers(int type, struct hierarchy *h, ret = mount(controllerpath, controllerpath, "cgroup", MS_BIND, NULL); if (ret < 0) { SYSERROR("Failed to bind mount \"%s\" onto \"%s\"", - controllerpath, controllerpath); + controllerpath, controllerpath); return -1; } remount_flags = add_required_remount_flags(controllerpath, - controllerpath, - flags | MS_REMOUNT); + controllerpath, + flags | MS_REMOUNT); ret = mount(controllerpath, controllerpath, "cgroup", - remount_flags | MS_REMOUNT | MS_BIND | MS_RDONLY, - NULL); + remount_flags | MS_REMOUNT | MS_BIND | MS_RDONLY, + NULL); if (ret < 0) { SYSERROR("Failed to remount \"%s\" ro", controllerpath); return -1; @@ -1480,7 +1480,7 @@ static int cg_legacy_mount_controllers(int type, struct hierarchy *h, } sourcepath = must_make_path(h->mountpoint, h->container_base_path, - container_cgroup, NULL); + container_cgroup, NULL); if (type == LXC_AUTO_CGROUP_RO) flags |= MS_RDONLY; @@ -1494,7 +1494,7 @@ static int cg_legacy_mount_controllers(int type, struct hierarchy *h, if (flags & MS_RDONLY) { remount_flags = add_required_remount_flags(sourcepath, cgpath, - flags | MS_REMOUNT); + flags | MS_REMOUNT); ret = mount(sourcepath, cgpath, "cgroup", remount_flags, NULL); if (ret < 0) { SYSERROR("Failed to remount \"%s\" ro", cgpath); @@ -1516,26 +1516,26 @@ static int cg_legacy_mount_controllers(int type, struct hierarchy *h, * cgroups for the LXC_AUTO_CGROUP_FULL option. */ static int __cg_mount_direct(int type, struct hierarchy *h, - const char *controllerpath) + const char *controllerpath) { - int ret; - char *controllers = NULL; - char *fstype = "cgroup2"; - unsigned long flags = 0; + int ret; + char *controllers = NULL; + char *fstype = "cgroup2"; + unsigned long flags = 0; - flags |= MS_NOSUID; - flags |= MS_NOEXEC; - flags |= MS_NODEV; - flags |= MS_RELATIME; + flags |= MS_NOSUID; + flags |= MS_NOEXEC; + flags |= MS_NODEV; + flags |= MS_RELATIME; - if (type == LXC_AUTO_CGROUP_RO || type == LXC_AUTO_CGROUP_FULL_RO) - flags |= MS_RDONLY; + if (type == LXC_AUTO_CGROUP_RO || type == LXC_AUTO_CGROUP_FULL_RO) + flags |= MS_RDONLY; - if (h->version != CGROUP2_SUPER_MAGIC) { - controllers = lxc_string_join(",", (const char **)h->controllers, false); - if (!controllers) - return -ENOMEM; - fstype = "cgroup"; + if (h->version != CGROUP2_SUPER_MAGIC) { + controllers = lxc_string_join(",", (const char **)h->controllers, false); + if (!controllers) + return -ENOMEM; + fstype = "cgroup"; } ret = mount("cgroup", controllerpath, fstype, flags, controllers); @@ -1550,13 +1550,13 @@ static int __cg_mount_direct(int type, struct hierarchy *h, } static inline int cg_mount_in_cgroup_namespace(int type, struct hierarchy *h, - const char *controllerpath) + const char *controllerpath) { return __cg_mount_direct(type, h, controllerpath); } static inline int cg_mount_cgroup_full(int type, struct hierarchy *h, - const char *controllerpath) + const char *controllerpath) { if (type < LXC_AUTO_CGROUP_FULL_RO || type > LXC_AUTO_CGROUP_FULL_MIXED) return 0; @@ -1565,8 +1565,8 @@ static inline int cg_mount_cgroup_full(int type, struct hierarchy *h, } __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, - struct lxc_handler *handler, - const char *root, int type) + struct lxc_handler *handler, + const char *root, int type) { int i, ret; char *tmpfspath = NULL; @@ -1583,7 +1583,7 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, wants_force_mount = true; } - if (!wants_force_mount){ + if (!wants_force_mount) { if (!lxc_list_empty(&handler->conf->keepcaps)) wants_force_mount = !in_caplist(CAP_SYS_ADMIN, &handler->conf->keepcaps); else @@ -1606,13 +1606,14 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, goto on_error; } ret = safe_mount(NULL, tmpfspath, "tmpfs", - MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME, - "size=10240k,mode=755", root); + MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_RELATIME, + "size=10240k,mode=755", root); if (ret < 0) goto on_error; for (i = 0; ops->hierarchies[i]; i++) { - char *controllerpath, *path2; + char *controllerpath = NULL; + char *path2 = NULL; struct hierarchy *h = ops->hierarchies[i]; char *controller = strrchr(h->mountpoint, '/'); @@ -1676,7 +1677,7 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, } ret = cg_legacy_mount_controllers(type, h, controllerpath, - path2, ops->container_cgroup); + path2, ops->container_cgroup); free(controllerpath); free(path2); if (ret < 0) @@ -1685,7 +1686,7 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, // isulad: symlink subcgroup if (merged) { - char **mc; + char **mc = NULL; for (mc = merged; *mc; mc++) { char *token; char *copy = must_copy_string(*mc); @@ -1710,44 +1711,44 @@ __cgfsng_ops static bool cgfsng_mount(struct cgroup_ops *ops, // isulad: remount /sys/fs/cgroup to readonly if (type == LXC_AUTO_CGROUP_FULL_RO || type == LXC_AUTO_CGROUP_RO) { ret = mount(tmpfspath, tmpfspath, "bind", - MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME|MS_RDONLY|MS_BIND|MS_REMOUNT, NULL); + MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME|MS_RDONLY|MS_BIND|MS_REMOUNT, NULL); if (ret < 0) { SYSERROR("Failed to remount /sys/fs/cgroup."); goto on_error; } } - // isulad: remount /sys/fs/cgroup/systemd to readwrite for system container - if (handler->conf->systemd != NULL && strcmp(handler->conf->systemd, "true") == 0) { - // isulad: don't use the unified hierarchy for the systemd cgroup - unifiedpath = must_make_path(root, "/sys/fs/cgroup/unified", NULL); - if (dir_exists(unifiedpath)) { - ret = umount2(unifiedpath, MNT_DETACH); - if (ret < 0) { - SYSERROR("Failed to umount /sys/fs/cgroup/unified."); - goto on_error; - } - } - - systemdpath = must_make_path(root, "/sys/fs/cgroup/systemd", NULL); - ret = mount(systemdpath, systemdpath, "bind", - MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME|MS_BIND|MS_REMOUNT, NULL); - if (ret < 0) { - SYSERROR("Failed to remount /sys/fs/cgroup/systemd."); - goto on_error; - } - } + // isulad: remount /sys/fs/cgroup/systemd to readwrite for system container + if (handler->conf->systemd != NULL && strcmp(handler->conf->systemd, "true") == 0) { + // isulad: don't use the unified hierarchy for the systemd cgroup + unifiedpath = must_make_path(root, "/sys/fs/cgroup/unified", NULL); + if (dir_exists(unifiedpath)) { + ret = umount2(unifiedpath, MNT_DETACH); + if (ret < 0) { + SYSERROR("Failed to umount /sys/fs/cgroup/unified."); + goto on_error; + } + } + + systemdpath = must_make_path(root, "/sys/fs/cgroup/systemd", NULL); + ret = mount(systemdpath, systemdpath, "bind", + MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME|MS_BIND|MS_REMOUNT, NULL); + if (ret < 0) { + SYSERROR("Failed to remount /sys/fs/cgroup/systemd."); + goto on_error; + } + } retval = true; on_error: free(tmpfspath); - if (systemdpath != NULL) { - free(systemdpath); - } - if (unifiedpath != NULL) { - free(unifiedpath); - } + if (systemdpath != NULL) { + free(systemdpath); + } + if (unifiedpath != NULL) { + free(unifiedpath); + } lxc_free_array((void **)merged, free); return retval; } @@ -1767,7 +1768,7 @@ static int recursive_count_nrtasks(char *dirname) struct stat mystat; if (!strcmp(direntp->d_name, ".") || - !strcmp(direntp->d_name, "..")) + !strcmp(direntp->d_name, "..")) continue; path = must_make_path(dirname, direntp->d_name, NULL); @@ -1779,7 +1780,7 @@ static int recursive_count_nrtasks(char *dirname) goto next; count += recursive_count_nrtasks(path); - next: +next: free(path); } @@ -1821,8 +1822,8 @@ __cgfsng_ops static bool cgfsng_escape(const struct cgroup_ops *ops) char *fullpath; fullpath = must_make_path(ops->hierarchies[i]->mountpoint, - ops->hierarchies[i]->container_base_path, - "cgroup.procs", NULL); + ops->hierarchies[i]->container_base_path, + "cgroup.procs", NULL); ret = lxc_write_to_file(fullpath, "0", 2, false, 0666); if (ret != 0) { SYSERROR("Failed to escape to cgroup \"%s\"", fullpath); @@ -1885,7 +1886,7 @@ __cgfsng_ops static bool cgfsng_unfreeze(struct cgroup_ops *ops) } __cgfsng_ops static const char *cgfsng_get_cgroup(struct cgroup_ops *ops, - const char *controller, bool skip_mount) + const char *controller, bool skip_mount) { struct hierarchy *h; @@ -1905,8 +1906,8 @@ __cgfsng_ops static const char *cgfsng_get_cgroup(struct cgroup_ops *ops, * which must be freed by the caller. */ static inline char *build_full_cgpath_from_monitorpath(struct hierarchy *h, - const char *inpath, - const char *filename) + const char *inpath, + const char *filename) { return must_make_path(h->mountpoint, inpath, filename, NULL); } @@ -1921,8 +1922,8 @@ static inline char *build_full_cgpath_from_monitorpath(struct hierarchy *h, * cgroup for the attaching process. */ static int __cg_unified_attach(const struct hierarchy *h, const char *name, - const char *lxcpath, const char *pidstr, - size_t pidstr_len, const char *controller) + const char *lxcpath, const char *pidstr, + size_t pidstr_len, const char *controller) { int ret; size_t len; @@ -1952,7 +1953,7 @@ static int __cg_unified_attach(const struct hierarchy *h, const char *name, do { if (idx) ret = snprintf(full_path, len + 1, "%s/lxc-%d", - base_path, idx); + base_path, idx); else ret = snprintf(full_path, len + 1, "%s/lxc", base_path); if (ret < 0 || (size_t)ret >= len + 1) @@ -1987,7 +1988,7 @@ on_error: } __cgfsng_ops static bool cgfsng_attach(struct cgroup_ops *ops, const char *name, - const char *lxcpath, pid_t pid) + const char *lxcpath, pid_t pid) { int i, len, ret; char pidstr[INTTYPE_TO_STRLEN(pid_t)]; @@ -2003,7 +2004,7 @@ __cgfsng_ops static bool cgfsng_attach(struct cgroup_ops *ops, const char *name, if (h->version == CGROUP2_SUPER_MAGIC) { ret = __cg_unified_attach(h, name, lxcpath, pidstr, len, - h->controllers[0]); + h->controllers[0]); if (ret < 0) return false; @@ -2034,8 +2035,8 @@ __cgfsng_ops static bool cgfsng_attach(struct cgroup_ops *ops, const char *name, * commands API for the cgroup path. */ __cgfsng_ops static int cgfsng_get(struct cgroup_ops *ops, const char *filename, - char *value, size_t len, const char *name, - const char *lxcpath) + char *value, size_t len, const char *name, + const char *lxcpath) { int ret = -1; size_t controller_len; @@ -2073,8 +2074,8 @@ __cgfsng_ops static int cgfsng_get(struct cgroup_ops *ops, const char *filename, * commands API for the cgroup path. */ __cgfsng_ops static int cgfsng_set(struct cgroup_ops *ops, - const char *filename, const char *value, - const char *name, const char *lxcpath) + const char *filename, const char *value, + const char *name, const char *lxcpath) { int ret = -1; size_t controller_len; @@ -2189,7 +2190,7 @@ out: * we created the cgroups. */ static int cg_legacy_set_data(struct cgroup_ops *ops, const char *filename, - const char *value) + const char *value) { size_t len; char *fullpath, *p; @@ -2228,8 +2229,8 @@ static int cg_legacy_set_data(struct cgroup_ops *ops, const char *filename, ret = lxc_write_to_file(fullpath, value, strlen(value), false, 0666); if (ret) { lxc_write_error_message(ops->errfd, - "%s:%d: setting cgroup config for ready process caused \"failed to write %s to %s: %s\".", - __FILE__, __LINE__, value, fullpath, strerror(errno)); + "%s:%d: setting cgroup config for ready process caused \"failed to write %s to %s: %s\".", + __FILE__, __LINE__, value, fullpath, strerror(errno)); } free(fullpath); return ret; @@ -2239,15 +2240,16 @@ static int cg_legacy_set_data(struct cgroup_ops *ops, const char *filename, * we created the cgroups. */ static int cg_legacy_get_data(struct cgroup_ops *ops, const char *filename, - char *value, size_t len) + char *value, size_t len) { - char *fullpath, *p; - struct hierarchy *h; + char *fullpath = NULL; + char *p = NULL; + struct hierarchy *h = NULL; int ret = 0; char *controller = NULL; len = strlen(filename); - controller = alloca(len + 1); + controller = calloc(1, len + 1); (void)strlcpy(controller, filename, len + 1); p = strchr(controller, '.'); @@ -2262,23 +2264,25 @@ static int cg_legacy_get_data(struct cgroup_ops *ops, const char *filename, "driver or not enabled on the cgroup hierarchy", controller); errno = ENOENT; + free(controller); return -ENOENT; } fullpath = must_make_path(h->container_full_path, filename, NULL); ret = lxc_read_from_file(fullpath, value, len); free(fullpath); + free(controller); return ret; } static bool __cg_legacy_setup_limits(struct cgroup_ops *ops, - struct lxc_list *cgroup_settings, - bool do_devices) + struct lxc_list *cgroup_settings, + bool do_devices) { struct lxc_list *iterator, *next, *sorted_cgroup_settings; struct lxc_cgroup *cg; bool ret = false; - char value[21]; + char value[21 + 1] = { 0 }; long long int readvalue, setvalue; if (lxc_list_empty(cgroup_settings)) @@ -2318,7 +2322,7 @@ static bool __cg_legacy_setup_limits(struct cgroup_ops *ops, // isulad: check cpu shares if (strcmp(cg->subsystem, "cpu.shares") == 0) { - if (cg_legacy_get_data(ops, cg->subsystem, value, sizeof(value)) < 0) { + if (cg_legacy_get_data(ops, cg->subsystem, value, sizeof(value) - 1) < 0) { SYSERROR("Error get %s", cg->subsystem); goto out; } @@ -2334,14 +2338,14 @@ static bool __cg_legacy_setup_limits(struct cgroup_ops *ops, if (setvalue > readvalue) { ERROR("The maximum allowed cpu-shares is %s", value); lxc_write_error_message(ops->errfd, - "%s:%d: setting cgroup config for ready process caused \"The maximum allowed cpu-shares is %s\".", - __FILE__, __LINE__, value); + "%s:%d: setting cgroup config for ready process caused \"The maximum allowed cpu-shares is %s\".", + __FILE__, __LINE__, value); goto out; } else if (setvalue < readvalue) { ERROR("The minimum allowed cpu-shares is %s", value); lxc_write_error_message(ops->errfd, - "%s:%d: setting cgroup config for ready process caused \"The minimum allowed cpu-shares is %s\".", - __FILE__, __LINE__, value); + "%s:%d: setting cgroup config for ready process caused \"The minimum allowed cpu-shares is %s\".", + __FILE__, __LINE__, value); goto out; } } @@ -2359,7 +2363,7 @@ out: } static bool __cg_unified_setup_limits(struct cgroup_ops *ops, - struct lxc_list *cgroup_settings) + struct lxc_list *cgroup_settings) { struct lxc_list *iterator; struct hierarchy *h = ops->unified; @@ -2380,7 +2384,7 @@ static bool __cg_unified_setup_limits(struct cgroup_ops *ops, free(fullpath); if (ret < 0) { SYSERROR("Failed to set \"%s\" to \"%s\"", - cg->subsystem, cg->value); + cg->subsystem, cg->value); return false; } TRACE("Set \"%s\" to \"%s\"", cg->subsystem, cg->value); @@ -2391,8 +2395,8 @@ static bool __cg_unified_setup_limits(struct cgroup_ops *ops, } __cgfsng_ops static bool cgfsng_setup_limits(struct cgroup_ops *ops, - struct lxc_conf *conf, - bool do_devices) + struct lxc_conf *conf, + bool do_devices) { bool bret; @@ -2404,7 +2408,7 @@ __cgfsng_ops static bool cgfsng_setup_limits(struct cgroup_ops *ops, } static bool cgroup_use_wants_controllers(const struct cgroup_ops *ops, - char **controllers) + char **controllers) { char **cur_ctrl, **cur_use; @@ -2537,8 +2541,8 @@ static bool cg_hybrid_init(struct cgroup_ops *ops) char *cgv2_ctrl_path; cgv2_ctrl_path = must_make_path(mountpoint, base_cgroup, - "cgroup.controllers", - NULL); + "cgroup.controllers", + NULL); controller_list = cg_unified_get_controllers(cgv2_ctrl_path); free(cgv2_ctrl_path); @@ -2559,7 +2563,7 @@ static bool cg_hybrid_init(struct cgroup_ops *ops) continue; - next: +next: free_string_list(controller_list); free(mountpoint); free(base_cgroup); @@ -2658,7 +2662,7 @@ static int cg_unified_init(struct cgroup_ops *ops) */ mountpoint = must_copy_string("/sys/fs/cgroup"); subtree_path = must_make_path(mountpoint, base_cgroup, - "cgroup.subtree_control", NULL); + "cgroup.subtree_control", NULL); delegatable = cg_unified_get_controllers(subtree_path); free(subtree_path); if (!delegatable) @@ -2710,8 +2714,9 @@ static bool cg_init(struct cgroup_ops *ops) __cgfsng_ops static bool cgfsng_data_init(struct cgroup_ops *ops, struct lxc_handler *handler) { - const char *cgroup_pattern; - char *container_cgroup, *tmp; + const char *cgroup_pattern = NULL; + char *container_cgroup = NULL; + char *tmp = NULL; struct lxc_conf *conf = NULL; size_t len; @@ -2730,7 +2735,9 @@ __cgfsng_ops static bool cgfsng_data_init(struct cgroup_ops *ops, struct lxc_han /* isulad: init ops->container_cgroup here instead of in cgfsng_payload_create*/ if (conf) { if (conf->cgroup_meta.dir) - tmp = lxc_string_join("/", (const char *[]){conf->cgroup_meta.dir, handler->name, NULL}, false); + tmp = lxc_string_join("/", (const char *[]) { + conf->cgroup_meta.dir, handler->name, NULL + }, false); else tmp = lxc_string_replace("%n", handler->name, ops->cgroup_pattern); if (!tmp) { diff --git a/src/lxc/conf.c b/src/lxc/conf.c index 3780966..ec1667d 100644 --- a/src/lxc/conf.c +++ b/src/lxc/conf.c @@ -351,8 +351,8 @@ static int run_buffer(char *buffer) } int run_script_argv(const char *name, unsigned int hook_version, - const char *section, const char *script, - const char *hookname, char **argv) + const char *section, const char *script, + const char *hookname, char **argv) { int buf_pos, i, ret; char *buffer; @@ -407,7 +407,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_HOOK_TYPE", hookname, 1); if (ret < 0) { SYSERROR("Failed to set environment variable: " - "LXC_HOOK_TYPE=%s", hookname); + "LXC_HOOK_TYPE=%s", hookname); goto on_error; } TRACE("Set environment variable: LXC_HOOK_TYPE=%s", hookname); @@ -415,7 +415,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_HOOK_SECTION", section, 1); if (ret < 0) { SYSERROR("Failed to set environment variable: " - "LXC_HOOK_SECTION=%s", section); + "LXC_HOOK_SECTION=%s", section); goto on_error; } TRACE("Set environment variable: LXC_HOOK_SECTION=%s", section); @@ -429,7 +429,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_NET_TYPE", argv[0], 1); if (ret < 0) { SYSERROR("Failed to set environment variable: " - "LXC_NET_TYPE=%s", argv[0]); + "LXC_NET_TYPE=%s", argv[0]); goto on_error; } TRACE("Set environment variable: LXC_NET_TYPE=%s", argv[0]); @@ -440,7 +440,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_NET_PARENT", parent, 1); if (ret < 0) { SYSERROR("Failed to set environment " - "variable: LXC_NET_PARENT=%s", parent); + "variable: LXC_NET_PARENT=%s", parent); goto on_error; } TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); @@ -448,7 +448,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_NET_PARENT", parent, 1); if (ret < 0) { SYSERROR("Failed to set environment " - "variable: LXC_NET_PARENT=%s", parent); + "variable: LXC_NET_PARENT=%s", parent); goto on_error; } TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); @@ -458,7 +458,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_NET_PEER", peer, 1); if (ret < 0) { SYSERROR("Failed to set environment " - "variable: LXC_NET_PEER=%s", peer); + "variable: LXC_NET_PEER=%s", peer); goto on_error; } TRACE("Set environment variable: LXC_NET_PEER=%s", peer); @@ -466,7 +466,7 @@ int run_script_argv(const char *name, unsigned int hook_version, ret = setenv("LXC_NET_PARENT", parent, 1); if (ret < 0) { SYSERROR("Failed to set environment " - "variable: LXC_NET_PARENT=%s", parent); + "variable: LXC_NET_PARENT=%s", parent); goto on_error; } TRACE("Set environment variable: LXC_NET_PARENT=%s", parent); @@ -600,7 +600,7 @@ int pin_rootfs(const char *rootfs) * honored. */ unsigned long add_required_remount_flags(const char *s, const char *d, - unsigned long flags) + unsigned long flags) { #ifdef HAVE_STATVFS int ret; @@ -728,10 +728,10 @@ static int lxc_mount_auto_mounts(struct lxc_conf *conf, int flags, struct lxc_ha } mflags = add_required_remount_flags(source, destination, - default_mounts[i].flags); + default_mounts[i].flags); r = safe_mount(source, destination, default_mounts[i].fstype, - mflags, default_mounts[i].options, - conf->rootfs.path ? conf->rootfs.mount : NULL); + mflags, default_mounts[i].options, + conf->rootfs.path ? conf->rootfs.mount : NULL); saved_errno = errno; if (r < 0 && errno == ENOENT) { INFO("Mount source for \"%s\" on \"%s\" does " @@ -781,9 +781,9 @@ static int lxc_mount_auto_mounts(struct lxc_conf *conf, int flags, struct lxc_ha cg_flags |= LXC_AUTO_CGROUP_FORCE; if (!handler->cgroup_ops->mount(handler->cgroup_ops, - handler, - conf->rootfs.path ? conf->rootfs.mount : "", - cg_flags)) { + handler, + conf->rootfs.path ? conf->rootfs.mount : "", + cg_flags)) { SYSERROR("Failed to mount \"/sys/fs/cgroup\""); return -1; } @@ -832,7 +832,7 @@ static int lxc_setup_dev_symlinks(const struct lxc_rootfs *rootfs) const struct dev_symlinks *d = &dev_symlinks[i]; ret = snprintf(path, sizeof(path), "%s/dev/%s", - rootfs->path ? rootfs->mount : "", d->name); + rootfs->path ? rootfs->mount : "", d->name); if (ret < 0 || ret >= PATH_MAX) return -1; @@ -901,7 +901,7 @@ static int lxc_setup_ttys(struct lxc_conf *conf) if (ttydir) { /* create dev/lxc/tty%d" */ ret = snprintf(lxcpath, sizeof(lxcpath), - "/dev/%s/tty%d", ttydir, i + 1); + "/dev/%s/tty%d", ttydir, i + 1); if (ret < 0 || (size_t)ret >= sizeof(lxcpath)) return -1; @@ -920,14 +920,14 @@ static int lxc_setup_ttys(struct lxc_conf *conf) ret = mount(tty->name, lxcpath, "none", MS_BIND, 0); if (ret < 0) { SYSWARN("Failed to bind mount \"%s\" onto \"%s\"", - tty->name, lxcpath); + tty->name, lxcpath); continue; } DEBUG("Bind mounted \"%s\" onto \"%s\"", tty->name, lxcpath); ret = snprintf(lxcpath, sizeof(lxcpath), "%s/tty%d", - ttydir, i + 1); + ttydir, i + 1); if (ret < 0 || (size_t)ret >= sizeof(lxcpath)) return -1; @@ -1122,7 +1122,7 @@ on_error: * error, log it but don't fail yet. */ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs, - const char *lxcpath, char *systemd) + const char *lxcpath, const char *systemd) { int ret; size_t clen; @@ -1147,21 +1147,21 @@ static int mount_autodev(const char *name, const struct lxc_rootfs *rootfs, goto reset_umask; } - if (systemd != NULL && !strcmp(systemd, "true")) { - ret = mount(path, path, "", MS_BIND, NULL); - if (ret < 0) { - SYSERROR("Failed to bind mount path \"%s\"", path); - goto reset_umask; - } - } else { - ret = safe_mount("none", path, "tmpfs", 0, "size=500000,mode=755", - rootfs->path ? rootfs->mount : NULL); - if (ret < 0) { - SYSERROR("Failed to mount tmpfs on \"%s\"", path); - goto reset_umask; - } - TRACE("Mounted tmpfs on \"%s\"", path); - } + if (systemd != NULL && !strcmp(systemd, "true")) { + ret = mount(path, path, "", MS_BIND, NULL); + if (ret < 0) { + SYSERROR("Failed to bind mount path \"%s\"", path); + goto reset_umask; + } + } else { + ret = safe_mount("none", path, "tmpfs", 0, "size=500000,mode=755", + rootfs->path ? rootfs->mount : NULL); + if (ret < 0) { + SYSERROR("Failed to mount tmpfs on \"%s\"", path); + goto reset_umask; + } + TRACE("Mounted tmpfs on \"%s\"", path); + } ret = snprintf(path, clen, "%s/dev/pts", rootfs->path ? rootfs->mount : ""); if (ret < 0 || (size_t)ret >= clen) { @@ -1220,7 +1220,7 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs) int use_mknod = LXC_DEVNODE_MKNOD; ret = snprintf(path, PATH_MAX, "%s/dev", - rootfs->path ? rootfs->mount : ""); + rootfs->path ? rootfs->mount : ""); if (ret < 0 || ret >= PATH_MAX) return -1; @@ -1236,7 +1236,7 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs) const struct lxc_device_node *device = &lxc_devices[i]; ret = snprintf(path, PATH_MAX, "%s/dev/%s", - rootfs->path ? rootfs->mount : "", device->name); + rootfs->path ? rootfs->mount : "", device->name); if (ret < 0 || ret >= PATH_MAX) return -1; @@ -1294,10 +1294,10 @@ static int lxc_fill_autodev(const struct lxc_rootfs *rootfs) return -1; ret = safe_mount(hostpath, path, 0, MS_BIND, NULL, - rootfs->path ? rootfs->mount : NULL); + rootfs->path ? rootfs->mount : NULL); if (ret < 0) { SYSERROR("Failed to bind mount host device node \"%s\" " - "onto \"%s\"", hostpath, path); + "onto \"%s\"", hostpath, path); return -1; } DEBUG("Bind mounted host device node \"%s\" onto \"%s\"", @@ -1350,7 +1350,9 @@ static int rootfs_parent_mount_private(char *rootfs) } while (getline(&line, &len, f) != -1) { - char *target, *opts, *tmptarget; + char *target = NULL; + char *opts = NULL; + char *tmptarget = NULL; target = get_field(line, 4); if (!target) continue; @@ -1401,10 +1403,10 @@ static int rootfs_parent_mount_private(char *rootfs) static int lxc_mount_rootfs(struct lxc_conf *conf) { int ret; - struct lxc_storage *bdev; + struct lxc_storage *bdev = NULL; struct lxc_rootfs *rootfs = &conf->rootfs; unsigned long flags, mntflags, pflags; - char *mntdata; + char *mntdata = NULL; if (!rootfs->path) { ret = mount("", "/", NULL, MS_SLAVE | MS_REC, 0); @@ -1430,7 +1432,7 @@ static int lxc_mount_rootfs(struct lxc_conf *conf) ret = access(rootfs->mount, F_OK); if (ret != 0) { SYSERROR("Failed to access to \"%s\". Check it is present", - rootfs->mount); + rootfs->mount); return -1; } @@ -1540,7 +1542,7 @@ static bool remount_readwrite(const char *path) if (ret < 0) goto on_error; ret = mount(path, path, "", MS_BIND | MS_REMOUNT | MS_REC | \ - MS_NOEXEC | MS_NOSUID | MS_NODEV, ""); + MS_NOEXEC | MS_NOSUID | MS_NODEV, ""); if (ret < 0) goto on_error; } else if (errno == EBUSY) { @@ -1601,7 +1603,7 @@ static bool remount_readonly(const char *path) if (ret < 0) goto on_error; ret = mount(path, path, "", MS_BIND | MS_REMOUNT | MS_RDONLY | MS_REC | \ - MS_NOEXEC | MS_NOSUID | MS_NODEV, ""); + MS_NOEXEC | MS_NOSUID | MS_NODEV, ""); if (ret < 0) goto on_error; } else if (errno == EBUSY) { @@ -1626,8 +1628,8 @@ static int setup_rootfs_maskedpaths(struct lxc_list *maskedpaths) struct lxc_list *it; lxc_list_for_each(it, maskedpaths) { - if (!mask_path((char *)it->elem)) - return -1; + if (!mask_path((char *)it->elem)) + return -1; } return 0; @@ -1638,8 +1640,8 @@ static int setup_rootfs_ropaths(struct lxc_list *ropaths) struct lxc_list *it; lxc_list_for_each(it, ropaths) { - if (!remount_readonly((char *)it->elem)) - return -1; + if (!remount_readonly((char *)it->elem)) + return -1; } return 0; @@ -1873,8 +1875,8 @@ static int lxc_setup_rootfs_switch_root(const struct lxc_rootfs *rootfs) } static const struct id_map *find_mapped_nsid_entry(struct lxc_conf *conf, - unsigned id, - enum idtype idtype) + unsigned id, + enum idtype idtype) { struct lxc_list *it; struct id_map *map; @@ -1918,7 +1920,7 @@ static int lxc_setup_devpts(struct lxc_conf *conf) } ret = snprintf(devpts_mntopts, sizeof(devpts_mntopts), "%s,max=%zu", - default_devpts_mntopts, conf->pty_max); + default_devpts_mntopts, conf->pty_max); if (ret < 0 || (size_t)ret >= sizeof(devpts_mntopts)) return -1; @@ -2031,7 +2033,7 @@ static int setup_personality(int persona) } static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs, - const struct lxc_terminal *console) + const struct lxc_terminal *console) { int ret; char path[PATH_MAX]; @@ -2069,7 +2071,7 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs, ret = fchmod(console->slave, S_IXUSR | S_IXGRP); if (ret < 0) { SYSERROR("Failed to set mode \"0%o\" to \"%s\"", - S_IXUSR | S_IXGRP, console->name); + S_IXUSR | S_IXGRP, console->name); return -errno; } @@ -2084,8 +2086,8 @@ static int lxc_setup_dev_console(const struct lxc_rootfs *rootfs, } static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs, - const struct lxc_terminal *console, - char *ttydir) + const struct lxc_terminal *console, + char *ttydir) { int ret; char path[PATH_MAX], lxcpath[PATH_MAX]; @@ -2104,7 +2106,7 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs, SYSERROR("Failed to create \"%s\"", path); return -errno; } - DEBUG("Created directory for console and tty devices at \"%s\"", path); + DEBUG("Created directory for console and tty devices at \"%s\"", path); ret = snprintf(lxcpath, sizeof(lxcpath), "%s/dev/%s/console", rootfs_path, ttydir); if (ret < 0 || (size_t)ret >= sizeof(lxcpath)) @@ -2140,7 +2142,7 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs, ret = fchmod(console->slave, S_IXUSR | S_IXGRP); if (ret < 0) { SYSERROR("Failed to set mode \"0%o\" to \"%s\"", - S_IXUSR | S_IXGRP, console->name); + S_IXUSR | S_IXGRP, console->name); return -errno; } @@ -2166,7 +2168,7 @@ static int lxc_setup_ttydir_console(const struct lxc_rootfs *rootfs, } static int lxc_setup_console(const struct lxc_rootfs *rootfs, - const struct lxc_terminal *console, char *ttydir) + const struct lxc_terminal *console, char *ttydir) { if (!ttydir) @@ -2236,7 +2238,7 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, unsigned long *p *data = 0; lxc_iterate_parts(p, s, ",") - parse_mntopt(p, mntflags, pflags, &data, size); + parse_mntopt(p, mntflags, pflags, &data, size); if (*data) *mntdata = data; @@ -2248,9 +2250,9 @@ int parse_mntopts(const char *mntopts, unsigned long *mntflags, unsigned long *p } static int mount_entry(const char *fsname, const char *target, - const char *fstype, unsigned long mountflags, - unsigned long pflags, const char *data, bool optional, - bool dev, bool relative, const char *rootfs) + const char *fstype, unsigned long mountflags, + unsigned long pflags, const char *data, bool optional, + bool dev, bool relative, const char *rootfs) { int ret; char srcbuf[PATH_MAX]; @@ -2269,7 +2271,7 @@ static int mount_entry(const char *fsname, const char *target, } ret = safe_mount(srcpath, target, fstype, mountflags & ~MS_REMOUNT, data, - rootfs); + rootfs); if (ret < 0) { if (optional) { SYSINFO("Failed to mount \"%s\" on \"%s\" (optional)", @@ -2278,7 +2280,7 @@ static int mount_entry(const char *fsname, const char *target, } SYSERROR("Failed to mount \"%s\" on \"%s\"", - srcpath ? srcpath : "(null)", target); + srcpath ? srcpath : "(null)", target); return -1; } @@ -2315,7 +2317,7 @@ static int mount_entry(const char *fsname, const char *target, */ if (!(mountflags & MS_REMOUNT)) { if (!(required_flags & ~mountflags) && - rqd_flags == 0) { + rqd_flags == 0) { DEBUG("Mountflags already were %lu, " "skipping remount", mountflags); goto skipremount; @@ -2335,13 +2337,13 @@ static int mount_entry(const char *fsname, const char *target, } SYSERROR("Failed to mount \"%s\" on \"%s\"", - srcpath ? srcpath : "(null)", target); + srcpath ? srcpath : "(null)", target); return -1; } } #ifdef HAVE_STATVFS - skipremount: +skipremount: #endif if (pflags) { ret = mount(NULL, target, NULL, pflags, NULL); @@ -2352,7 +2354,7 @@ static int mount_entry(const char *fsname, const char *target, return 0; } else { SYSERROR("Failed to change mount propagation " - "for \"%s\" (optional)", target); + "for \"%s\" (optional)", target); return -1; } } @@ -2416,10 +2418,12 @@ static int check_mount_destination(const char *rootfs, const char *dest) "/proc/net/dev", NULL }; - const char **valid, **invalid; + const char **valid = NULL; + const char **invalid = NULL; for(valid = valid_destinations; *valid != NULL; valid++) { - char *fullpath, *relpath; + char *fullpath = NULL; + char *relpath = NULL; const char *parts[3] = { rootfs, *valid, @@ -2469,9 +2473,9 @@ static int check_mount_destination(const char *rootfs, const char *dest) } static int mount_entry_create_dir_file(const struct mntent *mntent, - const char *path, - const struct lxc_rootfs *rootfs, - const char *lxc_name, const char *lxc_path) + const char *path, + const struct lxc_rootfs *rootfs, + const char *lxc_name, const char *lxc_path) { int ret; char *p1, *p2; @@ -2487,7 +2491,7 @@ static int mount_entry_create_dir_file(const struct mntent *mntent, if (ret < 0 && errno != EEXIST) { SYSERROR("Failed to create directory \"%s\"", path); lxc_write_error_message(rootfs->errfd, "%s:%d: mkdir %s: %s.", - __FILE__, __LINE__, path, strerror(errno)); + __FILE__, __LINE__, path, strerror(errno)); return -1; } } @@ -2510,14 +2514,14 @@ static int mount_entry_create_dir_file(const struct mntent *mntent, if (ret < 0 && errno != EEXIST) { SYSERROR("Failed to create directory \"%s\"", path); lxc_write_error_message(rootfs->errfd, "%s:%d: mkdir %s: %s.", - __FILE__, __LINE__, p2, strerror(errno)); + __FILE__, __LINE__, p2, strerror(errno)); return -1; } ret = mknod(path, S_IFREG | 0000, 0); if (ret < 0 && errno != EEXIST) { lxc_write_error_message(rootfs->errfd, "%s:%d: open %s: %s.", - __FILE__, __LINE__, path, strerror(errno)); + __FILE__, __LINE__, path, strerror(errno)); return -errno; } @@ -2525,7 +2529,7 @@ static int mount_entry_create_dir_file(const struct mntent *mntent, } static int mount_entry_with_loop_dev(const char *src, const char *dest, const char *fstype, - char *mnt_opts, const char *rootfs) + char *mnt_opts, const char *rootfs) { int srcfd = -1, destfd, ret, saved_errno; char srcbuf[50], destbuf[50]; // only needs enough for /proc/self/fd/ @@ -2603,10 +2607,10 @@ retry: /* rootfs, lxc_name, and lxc_path can be NULL when the container is created * without a rootfs. */ static inline int mount_entry_on_generic(struct mntent *mntent, - const char *path, - const struct lxc_rootfs *rootfs, - const char *lxc_name, - const char *lxc_path) + const char *path, + const struct lxc_rootfs *rootfs, + const char *lxc_name, + const char *lxc_path) { int ret; unsigned long mntflags, pflags; @@ -2631,7 +2635,7 @@ static inline int mount_entry_on_generic(struct mntent *mntent, if (!rpath) { ERROR("Failed to get real path of '%s' in scope '%s'.", path, rootfs_path); lxc_write_error_message(rootfs->errfd, "%s:%d: failed to get real path of '%s' in scope '%s'.", - __FILE__, __LINE__, path, rootfs_path); + __FILE__, __LINE__, path, rootfs_path); return -1; } dest = rpath; @@ -2640,7 +2644,7 @@ static inline int mount_entry_on_generic(struct mntent *mntent, if (ret) { ERROR("Mount destination is invalid: '%s'", dest); lxc_write_error_message(rootfs->errfd, "%s:%d: mount destination is invalid: '%s'.", - __FILE__, __LINE__, dest); + __FILE__, __LINE__, dest); free(rpath); return -1; } @@ -2665,14 +2669,14 @@ static inline int mount_entry_on_generic(struct mntent *mntent, // isulad: support squashfs if (strcmp(mntent->mnt_type, "squashfs") == 0) { ret = mount_entry_with_loop_dev(mntent->mnt_fsname, dest, mntent->mnt_type, - mntent->mnt_opts, rootfs_path); + mntent->mnt_opts, rootfs_path); } else { ret = mount_entry(mntent->mnt_fsname, dest, mntent->mnt_type, mntflags, - pflags, mntdata, optional, dev, relative, rootfs_path); + pflags, mntdata, optional, dev, relative, rootfs_path); } if (ret < 0) { lxc_write_error_message(rootfs->errfd, "%s:%d: failed to mount %s as type %s.", - __FILE__, __LINE__, mntent->mnt_fsname, mntent->mnt_type); + __FILE__, __LINE__, mntent->mnt_fsname, mntent->mnt_type); } free(mntdata); @@ -2699,9 +2703,9 @@ static inline int mount_entry_on_systemfs(struct mntent *mntent) } static int mount_entry_on_absolute_rootfs(struct mntent *mntent, - const struct lxc_rootfs *rootfs, - const char *lxc_name, - const char *lxc_path) + const struct lxc_rootfs *rootfs, + const char *lxc_name, + const char *lxc_path) { int offset; char *aux; @@ -2743,9 +2747,9 @@ skipabs: } static int mount_entry_on_relative_rootfs(struct mntent *mntent, - const struct lxc_rootfs *rootfs, - const char *lxc_name, - const char *lxc_path) + const struct lxc_rootfs *rootfs, + const char *lxc_name, + const char *lxc_path) { int ret; char path[PATH_MAX]; @@ -2759,8 +2763,8 @@ static int mount_entry_on_relative_rootfs(struct mntent *mntent, } static int mount_file_entries(const struct lxc_conf *conf, - const struct lxc_rootfs *rootfs, FILE *file, - const char *lxc_name, const char *lxc_path) + const struct lxc_rootfs *rootfs, FILE *file, + const char *lxc_name, const char *lxc_path) { char buf[4096]; struct mntent mntent; @@ -2790,10 +2794,10 @@ static int mount_file_entries(const struct lxc_conf *conf, ret = mount_entry_on_systemfs(&mntent); else if (mntent.mnt_dir[0] != '/') ret = mount_entry_on_relative_rootfs(&mntent, rootfs, - lxc_name, lxc_path); + lxc_name, lxc_path); else ret = mount_entry_on_absolute_rootfs(&mntent, rootfs, - lxc_name, lxc_path); + lxc_name, lxc_path); free(mntent.mnt_fsname); free(mntent.mnt_dir); if (ret < 0) @@ -2806,8 +2810,8 @@ static int mount_file_entries(const struct lxc_conf *conf, } static int setup_mount(const struct lxc_conf *conf, - const struct lxc_rootfs *rootfs, const char *fstab, - const char *lxc_name, const char *lxc_path) + const struct lxc_rootfs *rootfs, const char *fstab, + const char *lxc_name, const char *lxc_path) { FILE *f; int ret; @@ -2880,9 +2884,9 @@ on_error: } static int setup_mount_entries(const struct lxc_conf *conf, - const struct lxc_rootfs *rootfs, - struct lxc_list *mount, const char *lxc_name, - const char *lxc_path) + const struct lxc_rootfs *rootfs, + struct lxc_list *mount, const char *lxc_name, + const char *lxc_path) { int ret; FILE *f; @@ -2966,7 +2970,7 @@ static int setup_caps(struct lxc_list *caps) } ret = prctl(PR_CAPBSET_DROP, prctl_arg(capid), prctl_arg(0), - prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Failed to remove %s capability", drop_entry); return -1; @@ -3025,7 +3029,7 @@ static int dropcaps_except(struct lxc_list *caps) continue; ret = prctl(PR_CAPBSET_DROP, prctl_arg(i), prctl_arg(0), - prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Failed to remove capability %d", i); return -1; @@ -3076,8 +3080,8 @@ int setup_resource_limits(struct lxc_list *limits, pid_t pid, int errfd) if (prlimit(pid, resid, &lim->limit, NULL) != 0) { SYSERROR("Failed to set limit %s %lu %lu.", lim->resource, lim->limit.rlim_cur, lim->limit.rlim_max); lxc_write_error_message(errfd, "%s:%d: Failed to set limit %s %lu %lu: %s.", - __FILE__, __LINE__, lim->resource, - lim->limit.rlim_cur, lim->limit.rlim_max, strerror(errno)); + __FILE__, __LINE__, lim->resource, + lim->limit.rlim_cur, lim->limit.rlim_max, strerror(errno)); return -1; } @@ -3115,10 +3119,10 @@ int setup_sysctl_parameters(struct lxc_list *sysctls) } ret = lxc_write_to_file(filename, elem->value, - strlen(elem->value), false, 0666); + strlen(elem->value), false, 0666); if (ret < 0) { SYSERROR("Failed to setup sysctl parameters %s to %s", - elem->key, elem->value); + elem->key, elem->value); return -1; } } @@ -3150,7 +3154,7 @@ int setup_proc_filesystem(struct lxc_list *procs, pid_t pid) } ret = lxc_write_to_file(filename, elem->value, - strlen(elem->value), false, 0666); + strlen(elem->value), false, 0666); if (ret < 0) { ERROR("Failed to setup proc filesystem %s to %s", elem->filename, elem->value); @@ -3255,7 +3259,7 @@ struct lxc_conf *lxc_conf_init(void) } int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, - size_t buf_size) + size_t buf_size) { int fd, ret; char path[PATH_MAX]; @@ -3280,7 +3284,7 @@ int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, close(fd); if (ret != buflen) { SYSERROR("Failed to write \"deny\" to " - "\"/proc/%d/setgroups\"", pid); + "\"/proc/%d/setgroups\"", pid); return -1; } TRACE("Wrote \"deny\" to \"/proc/%d/setgroups\"", pid); @@ -3288,7 +3292,7 @@ int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, } ret = snprintf(path, PATH_MAX, "/proc/%d/%cid_map", pid, - idtype == ID_TYPE_UID ? 'u' : 'g'); + idtype == ID_TYPE_UID ? 'u' : 'g'); if (ret < 0 || ret >= PATH_MAX) return -E2BIG; @@ -3303,7 +3307,7 @@ int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, close(fd); if (ret != buf_size) { SYSERROR("Failed to write %cid mapping to \"%s\"", - idtype == ID_TYPE_UID ? 'u' : 'g', path); + idtype == ID_TYPE_UID ? 'u' : 'g', path); return -1; } @@ -3347,8 +3351,8 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap) #if HAVE_LIBCAP && LIBCAP_SUPPORTS_FILE_CAPABILITIES /* Check if it has the CAP_SETUID capability. */ if ((cap & CAP_SETUID) && - lxc_file_cap_is_set(path, CAP_SETUID, CAP_EFFECTIVE) && - lxc_file_cap_is_set(path, CAP_SETUID, CAP_PERMITTED)) { + lxc_file_cap_is_set(path, CAP_SETUID, CAP_EFFECTIVE) && + lxc_file_cap_is_set(path, CAP_SETUID, CAP_PERMITTED)) { DEBUG("The binary \"%s\" has CAP_SETUID in its CAP_EFFECTIVE " "and CAP_PERMITTED sets", path); fret = 1; @@ -3357,8 +3361,8 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap) /* Check if it has the CAP_SETGID capability. */ if ((cap & CAP_SETGID) && - lxc_file_cap_is_set(path, CAP_SETGID, CAP_EFFECTIVE) && - lxc_file_cap_is_set(path, CAP_SETGID, CAP_PERMITTED)) { + lxc_file_cap_is_set(path, CAP_SETGID, CAP_EFFECTIVE) && + lxc_file_cap_is_set(path, CAP_SETGID, CAP_PERMITTED)) { DEBUG("The binary \"%s\" has CAP_SETGID in its CAP_EFFECTIVE " "and CAP_PERMITTED sets", path); fret = 1; @@ -3451,10 +3455,10 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) lxc_list_for_each(iterator, idmap) { map = iterator->elem; if (map->idtype == ID_TYPE_UID && map->range == 1 && - map->nsid == hostuid && map->hostid == hostuid) + map->nsid == hostuid && map->hostid == hostuid) continue; if (map->idtype == ID_TYPE_GID && map->range == 1 && - map->nsid == hostgid && map->hostid == hostgid) + map->nsid == hostgid && map->hostid == hostgid) continue; use_shadow = true; break; @@ -3462,7 +3466,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) } for (type = ID_TYPE_UID, u_or_g = 'u'; type <= ID_TYPE_GID; - type++, u_or_g = 'g') { + type++, u_or_g = 'g') { pos = mapbuf; if (use_shadow) @@ -3477,9 +3481,9 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) left = LXC_IDMAPLEN - (pos - mapbuf); fill = snprintf(pos, left, "%s%lu %lu %lu%s", - use_shadow ? " " : "", map->nsid, - map->hostid, map->range, - use_shadow ? "" : "\n"); + use_shadow ? " " : "", map->nsid, + map->hostid, map->range, + use_shadow ? "" : "\n"); if (fill <= 0 || fill >= left) { /* The kernel only takes <= 4k for writes to * /proc//{g,u}id_map @@ -3498,8 +3502,8 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) */ if (use_shadow) { ret = run_command(cmd_output, sizeof(cmd_output), - lxc_map_ids_exec_wrapper, - (void *)mapbuf); + lxc_map_ids_exec_wrapper, + (void *)mapbuf); if (ret < 0) { ERROR("new%cidmap failed to write mapping \"%s\": %s", u_or_g, cmd_output, mapbuf); @@ -3525,7 +3529,7 @@ int lxc_map_ids(struct lxc_list *idmap, pid_t pid) * Return true if id was found, false otherwise. */ bool get_mapped_rootid(struct lxc_conf *conf, enum idtype idtype, - unsigned long *val) + unsigned long *val) { unsigned nsid; struct id_map *map; @@ -3609,20 +3613,22 @@ int chown_mapped_root(const char *path, struct lxc_conf *conf) char map1[100], map2[100], map3[100], map4[100], map5[100]; char ugid[100]; const char *args1[] = {"lxc-usernsexec", - "-m", map1, - "-m", map2, - "-m", map3, - "-m", map5, - "--", "chown", ugid, path, - NULL}; + "-m", map1, + "-m", map2, + "-m", map3, + "-m", map5, + "--", "chown", ugid, path, + NULL + }; const char *args2[] = {"lxc-usernsexec", - "-m", map1, - "-m", map2, - "-m", map3, - "-m", map4, - "-m", map5, - "--", "chown", ugid, path, - NULL}; + "-m", map1, + "-m", map2, + "-m", map3, + "-m", map4, + "-m", map5, + "--", "chown", ugid, path, + NULL + }; char cmd_output[PATH_MAX]; hostuid = geteuid(); @@ -3671,8 +3677,8 @@ int chown_mapped_root(const char *path, struct lxc_conf *conf) */ DEBUG("trying to chown \"%s\" to %d", path, hostgid); if (sb.st_uid == hostuid && - mapped_hostid(sb.st_gid, conf, ID_TYPE_GID) < 0 && - chown(path, -1, hostgid) < 0) { + mapped_hostid(sb.st_gid, conf, ID_TYPE_GID) < 0 && + chown(path, -1, hostgid) < 0) { ERROR("Failed chgrping %s", path); return -1; } @@ -3700,7 +3706,7 @@ int chown_mapped_root(const char *path, struct lxc_conf *conf) /* "g:pathgid:rootgid+pathgid:1" */ ret = snprintf(map4, 100, "g:%d:%d:1", (gid_t)sb.st_gid, - rootgid + (gid_t)sb.st_gid); + rootgid + (gid_t)sb.st_gid); if (ret < 0 || ret >= 100) { ERROR("Error gid printing map string"); return -1; @@ -3722,12 +3728,12 @@ int chown_mapped_root(const char *path, struct lxc_conf *conf) if (hostgid == sb.st_gid) ret = run_command(cmd_output, sizeof(cmd_output), - chown_mapped_root_exec_wrapper, - (void *)args1); + chown_mapped_root_exec_wrapper, + (void *)args1); else ret = run_command(cmd_output, sizeof(cmd_output), - chown_mapped_root_exec_wrapper, - (void *)args2); + chown_mapped_root_exec_wrapper, + (void *)args2); if (ret < 0) ERROR("lxc-usernsexec failed: %s", cmd_output); @@ -3820,7 +3826,7 @@ again: f = fdopen(memfd, "r"); if (!f) { SYSERROR("Failed to open copy of \"/proc/self/mountinfo\" to mark " - "all shared. Continuing"); + "all shared. Continuing"); close(memfd); return; } @@ -3918,7 +3924,7 @@ out: * pre-mount hooks, and mounting the rootfs. */ int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf, const char *name, - const char *lxcpath) + const char *lxcpath) { int ret; @@ -3967,15 +3973,15 @@ static bool verify_start_hooks(struct lxc_conf *conf) char *hookname = it->elem; ret = snprintf(path, PATH_MAX, "%s%s", - conf->rootfs.path ? conf->rootfs.mount : "", - hookname); + conf->rootfs.path ? conf->rootfs.mount : "", + hookname); if (ret < 0 || ret >= PATH_MAX) return false; ret = access(path, X_OK); if (ret < 0) { SYSERROR("Start hook \"%s\" not found in container", - hookname); + hookname); return false; } @@ -3997,13 +4003,13 @@ static bool execveat_supported(void) /* isulad: setup devices which will be populated in the container.*/ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list *devs) { - int ret; - char *pathdirname; + int ret = 0; + char *pathdirname = NULL; char path[MAXPATHLEN]; mode_t cmask; mode_t file_mode = 0; - struct lxc_populate_devs *dev_elem; - struct lxc_list *it; + struct lxc_populate_devs *dev_elem = NULL; + struct lxc_list *it = NULL; INFO("Populating devices into container"); cmask = umask(S_IXUSR | S_IXGRP | S_IXOTH); @@ -4034,12 +4040,12 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list } DEBUG("Try to mknod '%s':'%d':'%d':'%d'\n", path, - file_mode, dev_elem->maj, dev_elem->min); + file_mode, dev_elem->maj, dev_elem->min); ret = mknod(path, file_mode, makedev(dev_elem->maj, dev_elem->min)); if (ret && errno != EEXIST) { SYSERROR("Failed to mknod '%s':'%d':'%d':'%d'", dev_elem->name, - file_mode, dev_elem->maj, dev_elem->min); + file_mode, dev_elem->maj, dev_elem->min); char hostpath[MAXPATHLEN]; FILE *pathfile; @@ -4049,16 +4055,16 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list ret = snprintf(hostpath, MAXPATHLEN, "/dev/%s", dev_elem->name); if (ret < 0 || ret >= MAXPATHLEN) return -1; - pathfile = fopen(path, "wb"); + pathfile = lxc_fopen(path, "wb"); if (!pathfile) { SYSERROR("Failed to create device mount target '%s'", path); return -1; } fclose(pathfile); if (safe_mount(hostpath, path, 0, MS_BIND, NULL, - rootfs->path ? rootfs->mount : NULL) != 0) { + rootfs->path ? rootfs->mount : NULL) != 0) { SYSERROR("Failed bind mounting device %s from host into container", - dev_elem->name); + dev_elem->name); return -1; } } @@ -4077,7 +4083,7 @@ static int setup_populate_devs(const struct lxc_rootfs *rootfs, struct lxc_list static int setup_rootfs_mountopts(const struct lxc_rootfs *rootfs) { unsigned long mflags, mntflags, pflags; - char *mntdata; + char *mntdata = NULL; if(!rootfs || !rootfs->options) return 0; @@ -4109,7 +4115,7 @@ int lxc_setup(struct lxc_handler *handler) if (ret < 0) { ERROR("Failed to setup rootfs"); lxc_write_error_message(lxc_conf->errpipe[1], "%s:%d: failed to setup rootfs %s.", - __FILE__, __LINE__, lxc_conf->rootfs.path); + __FILE__, __LINE__, lxc_conf->rootfs.path); return -1; } @@ -4202,7 +4208,7 @@ int lxc_setup(struct lxc_handler *handler) /*isulad: move mount entries here, before we do lxc_fill_autodev and populate devices */ if (!lxc_list_empty(&lxc_conf->mount_list)) { ret = setup_mount_entries(lxc_conf, &lxc_conf->rootfs, - &lxc_conf->mount_list, name, lxcpath); + &lxc_conf->mount_list, name, lxcpath); if (ret < 0) { ERROR("Failed to setup mount entries"); goto on_error; @@ -4244,7 +4250,7 @@ int lxc_setup(struct lxc_handler *handler) } ret = lxc_setup_console(&lxc_conf->rootfs, &lxc_conf->console, - lxc_conf->ttys.dir); + lxc_conf->ttys.dir); if (ret < 0) { ERROR("Failed to setup console"); goto on_error; @@ -4369,11 +4375,13 @@ int lxc_drop_caps(struct lxc_conf *conf) { #define __DEF_CAP_TO_MASK(x) (1U << ((x) & 31)) #if HAVE_LIBCAP - struct lxc_list *iterator; - char *keep_entry; + int ret = 0; + struct lxc_list *iterator = NULL; + char *keep_entry = NULL; int i, capid; int numcaps = lxc_caps_last_cap() + 1; struct lxc_list *caps = NULL; + int *caplist = NULL; if (lxc_list_empty(&conf->keepcaps)) return 0; @@ -4384,7 +4392,7 @@ int lxc_drop_caps(struct lxc_conf *conf) return -1; // caplist[i] is 1 if we keep capability i - int *caplist = alloca(numcaps * sizeof(int)); + caplist = malloc(numcaps * sizeof(int)); memset(caplist, 0, numcaps * sizeof(int)); lxc_list_for_each(iterator, caps) { @@ -4404,9 +4412,10 @@ int lxc_drop_caps(struct lxc_conf *conf) if (capid == -2) continue; - if (capid < 0) { + if (capid < 0) { ERROR("unknown capability %s", keep_entry); - return -1; + ret = -1; + goto out; } DEBUG("keep capability '%s' (%d)", keep_entry, capid); @@ -4420,7 +4429,7 @@ int lxc_drop_caps(struct lxc_conf *conf) cap_user_header_t cap_header = &cap_header_data; cap_user_data_t cap_data = &cap_data_data[0]; - memset(cap_header, 0 ,sizeof(struct __user_cap_header_struct)); + memset(cap_header, 0,sizeof(struct __user_cap_header_struct)); memset(cap_data, 0, sizeof(struct __user_cap_data_struct) * 2); cap_header->pid = 0; @@ -4435,12 +4444,16 @@ int lxc_drop_caps(struct lxc_conf *conf) } if (capset(cap_header, cap_data)) { - SYSERROR("Failed to set capabilitys"); - return -1; + SYSERROR("Failed to set capabilitys"); + ret = -1; + goto out; } #endif - return 0; + +out: + free(caplist); + return ret; } struct oci_hook_conf { @@ -4474,9 +4487,17 @@ static char* generate_json_str(const char *name, const char *lxcpath, const char ERROR("Get container %s pid failed: %s", name, strerror(errno)); cpid = "-1"; } + + if ((SIZE_MAX - strlen(name) - strlen(cpid) - strlen(rootfs) - strlen(lxcpath) - strlen(name)) < + (strlen("{\"ociVersion\":\"\",\"id\":\"\",\"pid\":,\"root\":\"\",\"bundle\":\"\"}") + 1 + 1)) { + ERROR("Out of memory"); + ret = -1; + goto out_free; + } + // {"ociVersion":"","id":"xxx","pid":777,"root":"xxx","bundle":"xxx"} size = strlen("{\"ociVersion\":\"\",\"id\":\"\",\"pid\":,\"root\":\"\",\"bundle\":\"\"}") + - strlen(name) + strlen(cpid) + strlen(rootfs) + strlen(lxcpath) + 1 + strlen(name) + 1; + strlen(name) + strlen(cpid) + strlen(rootfs) + strlen(lxcpath) + 1 + strlen(name) + 1; inmsg = malloc(size); if (!inmsg) { ERROR("Out of memory"); @@ -4484,8 +4505,8 @@ static char* generate_json_str(const char *name, const char *lxcpath, const char goto out_free; } rc = snprintf(inmsg, size, - "{\"ociVersion\":\"\",\"id\":\"%s\",\"pid\":%s,\"root\":\"%s\",\"bundle\":\"%s/%s\"}", - name, cpid, rootfs, lxcpath, name); + "{\"ociVersion\":\"\",\"id\":\"%s\",\"pid\":%s,\"root\":\"%s\",\"bundle\":\"%s/%s\"}", + name, cpid, rootfs, lxcpath, name); if (rc < 0 || rc >= size) { ERROR("Create json string failed"); ret = -1; @@ -4501,13 +4522,14 @@ out_free: static char **merge_ocihook_env(char **oldenvs, size_t env_len, size_t *merge_env_len) { - char **result; + char **result = NULL; size_t result_len = env_len; size_t i, j; - char *tmpenv; + char *tmpenv = NULL; char *lxc_envs[] = {"LD_LIBRARY_PATH", "PATH", "LXC_CGNS_AWARE", "LXC_PID", "LXC_ROOTFS_MOUNT", - "LXC_CONFIG_FILE", "LXC_CGROUP_PATH", "LXC_ROOTFS_PATH", "LXC_NAME"}; - char *lxcenv_buf; + "LXC_CONFIG_FILE", "LXC_CGROUP_PATH", "LXC_ROOTFS_PATH", "LXC_NAME" + }; + char *lxcenv_buf = NULL; result_len += (sizeof(lxc_envs) / sizeof(char *)) + 1; result = malloc(sizeof(char *) * result_len); @@ -4541,8 +4563,8 @@ static char **merge_ocihook_env(char **oldenvs, size_t env_len, size_t *merge_en return result; } -static struct lxc_popen_FILE *lxc_popen_ocihook(char *commandpath, char **args, int args_len, - char **envs, int env_len, const char *instr) +static struct lxc_popen_FILE *lxc_popen_ocihook(const char *commandpath, char **args, int args_len, + char **envs, int env_len, const char *instr) { int ret; struct lxc_popen_FILE *fp = NULL; @@ -4684,12 +4706,12 @@ void* wait_ocihook_timeout(void *arg) if (alive) { ERROR("%s:%d: running %s hook caused \"hook ran past specified timeout of %.1fs\"", - __FILE__, __LINE__, lxchook_names[conf->which], - (double)conf->timeout); + __FILE__, __LINE__, lxchook_names[conf->which], + (double)conf->timeout); lxc_write_error_message(conf->errfd, "%s:%d: running %s hook caused \"hook ran past specified timeout of %.1fs\".", - __FILE__, __LINE__, lxchook_names[conf->which], - (double)conf->timeout); + __FILE__, __LINE__, lxchook_names[conf->which], + (double)conf->timeout); if (kill(conf->pid, SIGKILL) && errno != ESRCH) { ERROR("Send kill signal failed"); @@ -4702,7 +4724,7 @@ out: return ((void *)0); } -static int run_ocihook_buffer(struct oci_hook_conf *oconf, char *inmsg) +static int run_ocihook_buffer(struct oci_hook_conf *oconf, const char *inmsg) { struct lxc_popen_FILE *f; char output[LXC_LOG_BUFFER_SIZE] = {0}; @@ -4771,17 +4793,17 @@ static int run_ocihook_buffer(struct oci_hook_conf *oconf, char *inmsg) } else if (WIFEXITED(ret) && WEXITSTATUS(ret) != 0) { ERROR("Script exited with status %d. output: %s", WEXITSTATUS(ret), output); lxc_write_error_message(conf->errfd, "%s:%d: running %s hook caused \"error running hook: exit status %d, output: %s\".", - __FILE__, __LINE__, - (conf->which >= NUM_LXC_HOOKS) ? "invalid type" : lxchook_names[conf->which], - WEXITSTATUS(ret), output); + __FILE__, __LINE__, + (conf->which >= NUM_LXC_HOOKS) ? "invalid type" : lxchook_names[conf->which], + WEXITSTATUS(ret), output); goto print_hook; } else if (WIFSIGNALED(ret)) { ERROR("Script terminated by signal %d.", WTERMSIG(ret)); lxc_write_error_message(conf->errfd, "%s:%d: running %s hook caused \"error running hook: Script terminated by signal %d\".", - __FILE__, __LINE__, - (conf->which >= NUM_LXC_HOOKS) ? "invalid type" : lxchook_names[conf->which], - WTERMSIG(ret)); + __FILE__, __LINE__, + (conf->which >= NUM_LXC_HOOKS) ? "invalid type" : lxchook_names[conf->which], + WTERMSIG(ret)); goto print_hook; } @@ -4801,8 +4823,8 @@ print_hook: if (oconf->ocihook->env) err_envs_msg = lxc_string_join(" ", (const char **)oconf->ocihook->env, false); ERROR("Hook script command: \"%s\", args: \"%s\", envs: \"%s\", timeout: %d.", - buffer, err_args_msg ? err_args_msg : "", - err_envs_msg ? err_envs_msg : "", conf->timeout); + buffer, err_args_msg ? err_args_msg : "", + err_envs_msg ? err_envs_msg : "", conf->timeout); free(err_args_msg); free(err_envs_msg); @@ -4810,8 +4832,8 @@ print_hook: } static int run_ocihook_script_argv(const char *name, const char *section, - struct oci_hook_conf *oconf, - const char *lxcpath, const char *rootfs) + struct oci_hook_conf *oconf, + const char *lxcpath, const char *rootfs) { int ret; const char *script = oconf->ocihook->path; @@ -4845,9 +4867,13 @@ static char *get_root_path(const char *path, const char *backend) } if (strcmp(backend, "aufs") == 0 || - strcmp(backend, "overlayfs") == 0 || - strcmp(backend, "loop") == 0) { + strcmp(backend, "overlayfs") == 0 || + strcmp(backend, "loop") == 0) { tmp = strrchr(path, ':'); + if (tmp == NULL) { + ERROR("Out of memory"); + return NULL; + } tmp++; ret = strdup(tmp); if (!ret) { @@ -4866,13 +4892,13 @@ default_out: return ret; } -static int run_oci_hooks(const char *name, const char *lxcpath, struct lxc_conf *lc, int which, int errfd) +static int do_run_oci_hooks(const char *name, const char *lxcpath, struct lxc_conf *lc, int which, int errfd) { struct oci_hook_conf work_conf = {0}; size_t i; int ret = 0; int nret = 0; - char *rootpath; + char *rootpath = NULL; if (!lc) { return -1; @@ -4890,32 +4916,32 @@ static int run_oci_hooks(const char *name, const char *lxcpath, struct lxc_conf work_conf.errfd = errfd; work_conf.which = which; switch (which) { - case OCI_HOOK_PRESTART: - for (i = 0; i < lc->ocihooks->prestart_len; i++) { - work_conf.ocihook = lc->ocihooks->prestart[i]; - ret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); - if (ret != 0) - break; - } - break; - case OCI_HOOK_POSTSTART: - for (i = 0; i < lc->ocihooks->poststart_len; i++) { - work_conf.ocihook = lc->ocihooks->poststart[i]; - nret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); - if (nret != 0) - WARN("running poststart hook %ld failed, ContainerId: %s", i, name); - } - break; - case OCI_HOOK_POSTSTOP: - for (i = 0; i < lc->ocihooks->poststop_len; i++) { - work_conf.ocihook = lc->ocihooks->poststop[i]; - ret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); - if (ret != 0) - break; - } - break; - default: - ret = -1; + case OCI_HOOK_PRESTART: + for (i = 0; i < lc->ocihooks->prestart_len; i++) { + work_conf.ocihook = lc->ocihooks->prestart[i]; + ret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); + if (ret != 0) + break; + } + break; + case OCI_HOOK_POSTSTART: + for (i = 0; i < lc->ocihooks->poststart_len; i++) { + work_conf.ocihook = lc->ocihooks->poststart[i]; + nret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); + if (nret != 0) + WARN("running poststart hook %ld failed, ContainerId: %s", i, name); + } + break; + case OCI_HOOK_POSTSTOP: + for (i = 0; i < lc->ocihooks->poststop_len; i++) { + work_conf.ocihook = lc->ocihooks->poststop[i]; + ret = run_ocihook_script_argv(name, "lxc", &work_conf, lxcpath, rootpath); + if (ret != 0) + break; + } + break; + default: + ret = -1; } if (rootpath) free(rootpath); @@ -4923,33 +4949,12 @@ static int run_oci_hooks(const char *name, const char *lxcpath, struct lxc_conf } int run_lxc_hooks(const char *name, char *hookname, struct lxc_conf *conf, - char *argv[]) + char *argv[]) { struct lxc_list *it; int which = -1; - if (strcmp(hookname, "oci-prestart") == 0) { - which = OCI_HOOK_PRESTART; - if (!argv || !argv[0]) { - ERROR("oci hook require lxcpath"); - return -1; - } - return run_oci_hooks(name, argv[0], conf, which, conf->errpipe[1]); - } else if (strcmp(hookname, "oci-poststart") == 0) { - which = OCI_HOOK_POSTSTART; - if (!argv || !argv[0]) { - ERROR("oci hook require lxcpath"); - return -1; - } - return run_oci_hooks(name, argv[0], conf, which, conf->errpipe[1]); - } else if (strcmp(hookname, "oci-poststop") == 0) { - which = OCI_HOOK_POSTSTOP; - if (!argv || !argv[0]) { - ERROR("oci hook require lxcpath"); - return -1; - } - return run_oci_hooks(name, argv[0], conf, which, conf->errpipe[1]); - } else if (strcmp(hookname, "pre-start") == 0) + if (strcmp(hookname, "pre-start") == 0) which = LXCHOOK_PRESTART; else if (strcmp(hookname, "start-host") == 0) which = LXCHOOK_START_HOST; @@ -4977,7 +4982,7 @@ int run_lxc_hooks(const char *name, char *hookname, struct lxc_conf *conf, char *hook = it->elem; ret = run_script_argv(name, conf->hooks_version, "lxc", hook, - hookname, argv); + hookname, argv); if (ret < 0) return -1; } @@ -4985,6 +4990,39 @@ int run_lxc_hooks(const char *name, char *hookname, struct lxc_conf *conf, return 0; } +int run_oci_hooks(const char *name, char *hookname, struct lxc_conf *conf, const char *lxcpath) +{ + struct lxc_list *it; + int which = -1; + + if (strcmp(hookname, "oci-prestart") == 0) { + which = OCI_HOOK_PRESTART; + if (!lxcpath) { + ERROR("oci hook require lxcpath"); + return -1; + } + return do_run_oci_hooks(name, lxcpath, conf, which, conf->errpipe[1]); + } else if (strcmp(hookname, "oci-poststart") == 0) { + which = OCI_HOOK_POSTSTART; + if (!lxcpath) { + ERROR("oci hook require lxcpath"); + return -1; + } + return do_run_oci_hooks(name, lxcpath, conf, which, conf->errpipe[1]); + } else if (strcmp(hookname, "oci-poststop") == 0) { + which = OCI_HOOK_POSTSTOP; + if (!lxcpath) { + ERROR("oci hook require lxcpath"); + return -1; + } + return do_run_oci_hooks(name, lxcpath, conf, which, conf->errpipe[1]); + } else + return -1; + + return 0; +} + + int lxc_clear_config_caps(struct lxc_conf *c) { struct lxc_list *it, *next; @@ -5299,7 +5337,8 @@ int lxc_clear_init_groups(struct lxc_conf *lxc_conf) /*isulad: clear populate devices*/ int lxc_clear_populate_devices(struct lxc_conf *c) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; lxc_list_for_each_safe(it, &c->populate_devs, next) { struct lxc_populate_devs *dev_elem = it->elem; @@ -5315,7 +5354,8 @@ int lxc_clear_populate_devices(struct lxc_conf *c) /*isulad: clear rootfs masked paths*/ int lxc_clear_rootfs_masked_paths(struct lxc_conf *c) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; lxc_list_for_each_safe(it, &c->rootfs.maskedpaths, next) { lxc_list_del(it); @@ -5328,7 +5368,8 @@ int lxc_clear_rootfs_masked_paths(struct lxc_conf *c) /*isulad: clear rootfs ro paths*/ int lxc_clear_rootfs_ro_paths(struct lxc_conf *c) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; lxc_list_for_each_safe(it, &c->rootfs.ropaths, next) { lxc_list_del(it); @@ -5449,7 +5490,7 @@ static int run_userns_fn(void *data) } static struct id_map *mapped_nsid_add(struct lxc_conf *conf, unsigned id, - enum idtype idtype) + enum idtype idtype) { const struct id_map *map; struct id_map *retmap; @@ -5467,7 +5508,7 @@ static struct id_map *mapped_nsid_add(struct lxc_conf *conf, unsigned id, } static struct id_map *find_mapped_hostid_entry(struct lxc_conf *conf, - unsigned id, enum idtype idtype) + unsigned id, enum idtype idtype) { struct id_map *map; struct lxc_list *it; @@ -5491,7 +5532,7 @@ static struct id_map *find_mapped_hostid_entry(struct lxc_conf *conf, * existing one or establish a new one. */ static struct id_map *mapped_hostid_add(struct lxc_conf *conf, uid_t id, - enum idtype type) + enum idtype type) { int hostid_mapped; struct id_map *entry = NULL, *tmp = NULL; @@ -5528,7 +5569,7 @@ struct lxc_list *get_minimal_idmap(struct lxc_conf *conf) gid_t nsgid = (conf->root_nsgid_map != NULL) ? 0 : conf->init_gid; struct lxc_list *idmap = NULL, *tmplist = NULL; struct id_map *container_root_uid = NULL, *container_root_gid = NULL, - *host_uid_map = NULL, *host_gid_map = NULL; + *host_uid_map = NULL, *host_gid_map = NULL; /* Find container root mappings. */ container_root_uid = mapped_nsid_add(conf, nsuid, ID_TYPE_UID); @@ -5538,7 +5579,7 @@ struct lxc_list *get_minimal_idmap(struct lxc_conf *conf) } euid = geteuid(); if (euid >= container_root_uid->hostid && - euid < (container_root_uid->hostid + container_root_uid->range)) + euid < (container_root_uid->hostid + container_root_uid->range)) host_uid_map = container_root_uid; container_root_gid = mapped_nsid_add(conf, nsgid, ID_TYPE_GID); @@ -5548,7 +5589,7 @@ struct lxc_list *get_minimal_idmap(struct lxc_conf *conf) } egid = getegid(); if (egid >= container_root_gid->hostid && - egid < (container_root_gid->hostid + container_root_gid->range)) + egid < (container_root_gid->hostid + container_root_gid->range)) host_gid_map = container_root_gid; /* Check whether the {g,u}id of the user has a mapping. */ @@ -5648,7 +5689,7 @@ on_error: * there to start the container in the first place. */ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data, - const char *fn_name) + const char *fn_name) { pid_t pid; int p[2]; @@ -5686,7 +5727,7 @@ int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data, p[0] = -1; if (lxc_log_get_level() == LXC_LOG_LEVEL_TRACE || - conf->loglevel == LXC_LOG_LEVEL_TRACE) { + conf->loglevel == LXC_LOG_LEVEL_TRACE) { struct id_map *map; struct lxc_list *it; @@ -5729,7 +5770,7 @@ on_error: } int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data, - const char *fn_name) + const char *fn_name) { pid_t pid; uid_t euid, egid; @@ -5741,7 +5782,7 @@ int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data, char c = '1'; struct lxc_list *idmap = NULL, *tmplist = NULL; struct id_map *container_root_uid = NULL, *container_root_gid = NULL, - *host_uid_map = NULL, *host_gid_map = NULL; + *host_uid_map = NULL, *host_gid_map = NULL; if (!conf) return -EINVAL; @@ -5866,7 +5907,7 @@ int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), void *data, host_gid_map = NULL; if (lxc_log_get_level() == LXC_LOG_LEVEL_TRACE || - conf->loglevel == LXC_LOG_LEVEL_TRACE) { + conf->loglevel == LXC_LOG_LEVEL_TRACE) { lxc_list_for_each (cur, idmap) { map = cur->elem; TRACE("establishing %cid mapping for \"%d\" in new " @@ -6139,7 +6180,7 @@ struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings) /* Store the memsw_limit location */ memsw_limit = item; } else if (strcmp(cg->subsystem, "memory.limit_in_bytes") == 0 && - memsw_limit != NULL) { + memsw_limit != NULL) { /* lxc.cgroup.memory.memsw.limit_in_bytes is found * before lxc.cgroup.memory.limit_in_bytes, swap these * two items */ diff --git a/src/lxc/conf.h b/src/lxc/conf.h index fb3c156..26bb70f 100644 --- a/src/lxc/conf.h +++ b/src/lxc/conf.h @@ -70,14 +70,14 @@ typedef void * scmp_filter_ctx; struct lxc_cgroup { union { /* information about a specific controller */ - struct /* controller */ { + struct { /* controller */ int version; char *subsystem; char *value; }; /* meta information about cgroup configuration */ - struct /* meta */ { + struct { /* meta */ char *controllers; char *dir; }; @@ -435,7 +435,7 @@ struct lxc_conf { }; extern int write_id_mapping(enum idtype idtype, pid_t pid, const char *buf, - size_t buf_size); + size_t buf_size); #ifdef HAVE_TLS extern thread_local struct lxc_conf *current_config; @@ -444,7 +444,9 @@ extern struct lxc_conf *current_config; #endif extern int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf, - char *argv[]); + char *argv[]); +extern int run_oci_hooks(const char *name, char *hookname, struct lxc_conf *conf, const char *lxcpath); + extern int detect_shared_rootfs(void); extern struct lxc_conf *lxc_conf_init(void); extern void lxc_conf_free(struct lxc_conf *conf); @@ -465,20 +467,20 @@ extern int lxc_clear_limits(struct lxc_conf *c, const char *key); extern int lxc_delete_autodev(struct lxc_handler *handler); extern void lxc_clear_includes(struct lxc_conf *conf); extern int lxc_setup_rootfs_prepare_root(struct lxc_conf *conf, - const char *name, const char *lxcpath); + const char *name, const char *lxcpath); extern int lxc_setup(struct lxc_handler *handler); extern int lxc_setup_parent(struct lxc_handler *handler); extern int setup_resource_limits(struct lxc_list *limits, pid_t pid, int errfd); extern int find_unmapped_nsid(struct lxc_conf *conf, enum idtype idtype); extern int mapped_hostid(unsigned id, struct lxc_conf *conf, - enum idtype idtype); + enum idtype idtype); extern int chown_mapped_root(const char *path, struct lxc_conf *conf); extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data, - const char *fn_name); + const char *fn_name); extern int userns_exec_full(struct lxc_conf *conf, int (*fn)(void *), - void *data, const char *fn_name); + void *data, const char *fn_name); extern int parse_mntopts(const char *mntopts, unsigned long *mntflags, - unsigned long *pflags, char **mntdata); + unsigned long *pflags, char **mntdata); extern int parse_propagationopts(const char *mntopts, unsigned long *pflags); extern void tmp_proc_unmount(struct lxc_conf *lxc_conf); extern void remount_all_slave(void); @@ -486,12 +488,12 @@ extern void suggest_default_idmap(void); extern FILE *make_anonymous_mount_file(struct lxc_list *mount); extern struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings); extern unsigned long add_required_remount_flags(const char *s, const char *d, - unsigned long flags); + unsigned long flags); extern int run_script(const char *name, const char *section, const char *script, - ...); + ...); extern int run_script_argv(const char *name, unsigned int hook_version, - const char *section, const char *script, - const char *hookname, char **argsin); + const char *section, const char *script, + const char *hookname, char **argsin); extern int in_caplist(int cap, struct lxc_list *caps); extern int setup_sysctl_parameters(struct lxc_list *sysctls); extern int lxc_clear_sysctls(struct lxc_conf *c, const char *key); diff --git a/src/lxc/confile.c b/src/lxc/confile.c index 93936cc..216a688 100644 --- a/src/lxc/confile.c +++ b/src/lxc/confile.c @@ -270,7 +270,7 @@ struct lxc_config_t *lxc_get_config(const char *key) } static int set_config_net(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (!lxc_config_value_empty(value)) { ERROR("lxc.net must not have a value"); @@ -281,7 +281,7 @@ static int set_config_net(const char *key, const char *value, } static int set_config_net_type(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -296,7 +296,7 @@ static int set_config_net_type(const char *key, const char *value, } else if (!strcmp(value, "macvlan")) { netdev->type = LXC_NET_MACVLAN; lxc_macvlan_mode_to_flag(&netdev->priv.macvlan_attr.mode, - "private"); + "private"); } else if (!strcmp(value, "vlan")) { netdev->type = LXC_NET_VLAN; } else if (!strcmp(value, "phys")) { @@ -314,7 +314,7 @@ static int set_config_net_type(const char *key, const char *value, } static int set_config_net_flags(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -330,7 +330,7 @@ static int set_config_net_flags(const char *key, const char *value, } static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf, - struct lxc_netdev *netdev) + struct lxc_netdev *netdev) { struct netns_ifaddrs *ifaddr, *ifa; int n; @@ -339,7 +339,9 @@ static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf, const char *link_key = "lxc.net.link"; const char *tmpvalue = "phys"; - if (netns_getifaddrs(&ifaddr, -1, &(bool){false}) < 0) { + if (netns_getifaddrs(&ifaddr, -1, &(bool) { + false +}) < 0) { SYSERROR("Failed to get network interfaces"); return -1; } @@ -353,10 +355,10 @@ static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf, if (!strncmp(value, ifa->ifa_name, strlen(value) - 1)) { ret = set_config_net_type(type_key, tmpvalue, lxc_conf, - netdev); + netdev); if (!ret) { ret = set_config_net_link( - link_key, ifa->ifa_name, lxc_conf, netdev); + link_key, ifa->ifa_name, lxc_conf, netdev); if (ret) { ERROR("Failed to create matched ifnames"); break; @@ -375,7 +377,7 @@ static int create_matched_ifnames(const char *value, struct lxc_conf *lxc_conf, } static int set_config_net_link(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; int ret = 0; @@ -395,7 +397,7 @@ static int set_config_net_link(const char *key, const char *value, } static int set_config_net_name(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -409,7 +411,7 @@ static int set_config_net_name(const char *key, const char *value, } static int set_config_net_veth_pair(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -423,7 +425,7 @@ static int set_config_net_veth_pair(const char *key, const char *value, } static int set_config_net_macvlan_mode(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -437,7 +439,7 @@ static int set_config_net_macvlan_mode(const char *key, const char *value, } static int set_config_net_hwaddr(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; char *new_value; @@ -466,7 +468,7 @@ static int set_config_net_hwaddr(const char *key, const char *value, } static int set_config_net_vlan_id(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; struct lxc_netdev *netdev = data; @@ -485,7 +487,7 @@ static int set_config_net_vlan_id(const char *key, const char *value, } static int set_config_net_mtu(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -499,7 +501,7 @@ static int set_config_net_mtu(const char *key, const char *value, } static int set_config_net_ipv4_address(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; struct lxc_netdev *netdev = data; @@ -596,7 +598,7 @@ static int set_config_net_ipv4_address(const char *key, const char *value, } static int set_config_net_ipv4_gateway(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -634,7 +636,7 @@ static int set_config_net_ipv4_gateway(const char *key, const char *value, } static int set_config_net_ipv6_address(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; struct lxc_netdev *netdev = data; @@ -700,7 +702,7 @@ static int set_config_net_ipv6_address(const char *key, const char *value, } static int set_config_net_ipv6_gateway(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -738,7 +740,7 @@ static int set_config_net_ipv6_gateway(const char *key, const char *value, } static int set_config_net_script_up(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -752,7 +754,7 @@ static int set_config_net_script_up(const char *key, const char *value, } static int set_config_net_script_down(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -782,31 +784,31 @@ static int add_hook(struct lxc_conf *lxc_conf, int which, char *hook) } static int set_config_seccomp_profile(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->seccomp, value); } static int set_config_execute_cmd(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->execute_cmd, value); } static int set_config_init_cmd(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->init_cmd, value); } static int set_config_init_cwd(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->init_cwd, value); } static int set_config_init_uid(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { unsigned int init_uid; @@ -824,7 +826,7 @@ static int set_config_init_uid(const char *key, const char *value, } static int set_config_init_gid(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { unsigned int init_gid; @@ -842,7 +844,7 @@ static int set_config_init_gid(const char *key, const char *value, } static int set_config_hooks(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *copy; @@ -885,7 +887,7 @@ static int set_config_hooks(const char *key, const char *value, } static int set_config_hooks_version(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; unsigned int tmp; @@ -909,7 +911,7 @@ static int set_config_hooks_version(const char *key, const char *value, } static int set_config_personality(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { signed long personality = lxc_config_parse_arch(value); @@ -922,7 +924,7 @@ static int set_config_personality(const char *key, const char *value, } static int set_config_pty_max(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; unsigned int max = 0; @@ -947,7 +949,7 @@ static int set_config_pty_max(const char *key, const char *value, * noticed when the callback was called. */ static int set_config_start(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { bool is_empty; @@ -986,7 +988,7 @@ static int set_config_start(const char *key, const char *value, } static int set_config_monitor(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { lxc_conf->monitor_unshare = 0; @@ -1000,7 +1002,7 @@ static int set_config_monitor(const char *key, const char *value, } static int set_config_group(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *groups, *token; struct lxc_list *grouplist; @@ -1039,10 +1041,10 @@ static int set_config_group(const char *key, const char *value, } static int set_config_environment(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_list *list_item = NULL; - char *replaced; + char *replaced = NULL; if (lxc_config_value_empty(value)) return lxc_clear_environment(lxc_conf); @@ -1072,7 +1074,7 @@ on_error: } static int set_config_tty_max(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; unsigned int nbtty = 0; @@ -1092,22 +1094,22 @@ static int set_config_tty_max(const char *key, const char *value, } static int set_config_tty_dir(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_string_item_max(&lxc_conf->ttys.dir, value, - NAME_MAX + 1); + NAME_MAX + 1); } static int set_config_apparmor_profile(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_string_item(&lxc_conf->lsm_aa_profile, value); } static int set_config_apparmor_allow_incomplete(const char *key, - const char *value, - struct lxc_conf *lxc_conf, - void *data) + const char *value, + struct lxc_conf *lxc_conf, + void *data) { if (lxc_config_value_empty(value)) { lxc_conf->lsm_aa_allow_incomplete = 0; @@ -1124,13 +1126,13 @@ static int set_config_apparmor_allow_incomplete(const char *key, } static int set_config_selinux_context(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_string_item(&lxc_conf->lsm_se_context, value); } static int set_config_log_file(const char *key, const char *value, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int ret; @@ -1151,7 +1153,7 @@ static int set_config_log_file(const char *key, const char *value, } static int set_config_log_level(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int newlevel; @@ -1176,7 +1178,7 @@ static int set_config_log_level(const char *key, const char *value, } static int set_config_autodev(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { lxc_conf->autodev = 0; @@ -1193,7 +1195,7 @@ static int set_config_autodev(const char *key, const char *value, } static int set_config_signal_halt(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int sig_n; @@ -1212,7 +1214,7 @@ static int set_config_signal_halt(const char *key, const char *value, } static int set_config_signal_reboot(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int sig_n; @@ -1231,7 +1233,7 @@ static int set_config_signal_reboot(const char *key, const char *value, } static int set_config_signal_stop(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int sig_n; @@ -1250,7 +1252,7 @@ static int set_config_signal_stop(const char *key, const char *value, } static int __set_config_cgroup_controller(const char *key, const char *value, - struct lxc_conf *lxc_conf, int version) + struct lxc_conf *lxc_conf, int version) { const char *subkey, *token; size_t token_len; @@ -1317,22 +1319,22 @@ out: } static int set_config_cgroup_controller(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return __set_config_cgroup_controller(key, value, lxc_conf, - CGROUP_SUPER_MAGIC); + CGROUP_SUPER_MAGIC); } static int set_config_cgroup2_controller(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return __set_config_cgroup_controller(key, value, lxc_conf, - CGROUP2_SUPER_MAGIC); + CGROUP2_SUPER_MAGIC); } static int set_config_cgroup_dir(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) return clr_config_cgroup_dir(key, lxc_conf, NULL); @@ -1341,7 +1343,7 @@ static int set_config_cgroup_dir(const char *key, const char *value, } static int set_config_prlimit(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_list *iter; struct rlimit limit; @@ -1434,7 +1436,7 @@ on_error: } static int set_config_sysctl(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_list *iter; char *replace_value = NULL; @@ -1502,7 +1504,7 @@ on_error: } static int set_config_proc(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { const char *subkey; struct lxc_list *proclist = NULL; @@ -1552,7 +1554,7 @@ on_error: } static int set_config_idmaps(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { unsigned long hostid, nsid, range; char type; @@ -1612,7 +1614,7 @@ on_error: } static int set_config_mount_fstab(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { clr_config_mount_fstab(key, lxc_conf, NULL); @@ -1623,7 +1625,7 @@ static int set_config_mount_fstab(const char *key, const char *value, } static int set_config_mount_auto(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *autos, *token; int i; @@ -1633,34 +1635,34 @@ static int set_config_mount_auto(const char *key, const char *value, int mask; int flag; } allowed_auto_mounts[] = { - { "proc", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_MIXED }, - { "proc:mixed", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_MIXED }, - { "proc:rw", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_RW }, - { "sys", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_MIXED }, - { "sys:ro", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_RO }, - { "sys:mixed", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_MIXED }, - { "sys:rw", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_RW }, - { "cgroup", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_NOSPEC }, - { "cgroup:mixed", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_MIXED }, - { "cgroup:ro", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RO }, - { "cgroup:rw", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RW }, - { "cgroup:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_NOSPEC | LXC_AUTO_CGROUP_FORCE }, - { "cgroup:mixed:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_MIXED | LXC_AUTO_CGROUP_FORCE }, - { "cgroup:ro:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RO | LXC_AUTO_CGROUP_FORCE }, - { "cgroup:rw:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RW | LXC_AUTO_CGROUP_FORCE }, - { "cgroup-full", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_NOSPEC }, - { "cgroup-full:mixed", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_MIXED }, - { "cgroup-full:ro", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RO }, - { "cgroup-full:rw", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RW }, - { "cgroup-full:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_NOSPEC | LXC_AUTO_CGROUP_FORCE }, - { "cgroup-full:mixed:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_MIXED | LXC_AUTO_CGROUP_FORCE }, - { "cgroup-full:ro:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RO | LXC_AUTO_CGROUP_FORCE }, - { "cgroup-full:rw:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RW | LXC_AUTO_CGROUP_FORCE }, - /* For adding anything that is just a single on/off, but has no - * options: keep mask and flag identical and just define the enum - * value as an unused bit so far - */ - { NULL, 0, 0 } + { "proc", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_MIXED }, + { "proc:mixed", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_MIXED }, + { "proc:rw", LXC_AUTO_PROC_MASK, LXC_AUTO_PROC_RW }, + { "sys", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_MIXED }, + { "sys:ro", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_RO }, + { "sys:mixed", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_MIXED }, + { "sys:rw", LXC_AUTO_SYS_MASK, LXC_AUTO_SYS_RW }, + { "cgroup", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_NOSPEC }, + { "cgroup:mixed", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_MIXED }, + { "cgroup:ro", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RO }, + { "cgroup:rw", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RW }, + { "cgroup:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_NOSPEC | LXC_AUTO_CGROUP_FORCE }, + { "cgroup:mixed:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_MIXED | LXC_AUTO_CGROUP_FORCE }, + { "cgroup:ro:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RO | LXC_AUTO_CGROUP_FORCE }, + { "cgroup:rw:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_RW | LXC_AUTO_CGROUP_FORCE }, + { "cgroup-full", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_NOSPEC }, + { "cgroup-full:mixed", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_MIXED }, + { "cgroup-full:ro", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RO }, + { "cgroup-full:rw", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RW }, + { "cgroup-full:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_NOSPEC | LXC_AUTO_CGROUP_FORCE }, + { "cgroup-full:mixed:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_MIXED | LXC_AUTO_CGROUP_FORCE }, + { "cgroup-full:ro:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RO | LXC_AUTO_CGROUP_FORCE }, + { "cgroup-full:rw:force", LXC_AUTO_CGROUP_MASK, LXC_AUTO_CGROUP_FULL_RW | LXC_AUTO_CGROUP_FORCE }, + /* For adding anything that is just a single on/off, but has no + * options: keep mask and flag identical and just define the enum + * value as an unused bit so far + */ + { NULL, 0, 0 } }; if (lxc_config_value_empty(value)) { @@ -1696,7 +1698,7 @@ on_error: } static int set_config_mount(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *mntelem; struct lxc_list *mntlist; @@ -1721,7 +1723,7 @@ static int set_config_mount(const char *key, const char *value, } static int set_config_cap_keep(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *keepcaps, *token; struct lxc_list *keeplist; @@ -1763,7 +1765,7 @@ on_error: } static int set_config_cap_drop(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *dropcaps, *token; struct lxc_list *droplist; @@ -1793,7 +1795,7 @@ static int set_config_cap_drop(const char *key, const char *value, lxc_list_add_tail(&lxc_conf->caps, droplist); } - ret = 0; + ret = 0; on_error: free(dropcaps); @@ -1802,13 +1804,13 @@ on_error: } static int set_config_console_path(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->console.path, value); } static int set_config_console_rotate(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { lxc_conf->console.log_rotate = 0; @@ -1831,13 +1833,13 @@ static int set_config_console_rotate(const char *key, const char *value, } static int set_config_console_logfile(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->console.log_path, value); } static int set_config_console_buffer_size(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; int64_t size; @@ -1885,7 +1887,7 @@ static int set_config_console_buffer_size(const char *key, const char *value, } static int set_config_console_size(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; int64_t size; @@ -1942,7 +1944,7 @@ int append_unexp_config_line(const char *line, struct lxc_conf *conf) linelen = strlen(line); while (conf->unexpanded_alloced <= len + linelen + 2) { char *tmp = realloc(conf->unexpanded_config, - conf->unexpanded_alloced + 1024); + conf->unexpanded_alloced + 1024); if (!tmp) return -1; @@ -2007,7 +2009,7 @@ out: } static int set_config_includefiles(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { clr_config_includefiles(key, lxc_conf, NULL); @@ -2021,7 +2023,7 @@ static int set_config_includefiles(const char *key, const char *value, } static int set_config_rootfs_path(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; char *dup, *tmp; @@ -2064,13 +2066,13 @@ static int set_config_rootfs_path(const char *key, const char *value, } static int set_config_rootfs_mount(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { return set_config_path_item(&lxc_conf->rootfs.mount, value); } static int set_config_rootfs_options(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; unsigned long mflags = 0, pflags = 0; @@ -2095,7 +2097,7 @@ static int set_config_rootfs_options(const char *key, const char *value, } static int set_config_uts_name(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct utsname *utsname; @@ -2121,7 +2123,7 @@ static int set_config_uts_name(const char *key, const char *value, } static int set_config_namespace_clone(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *ns, *token; int cloneflag = 0; @@ -2156,7 +2158,7 @@ static int set_config_namespace_clone(const char *key, const char *value, } static int set_config_namespace_keep(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { char *ns, *token; int cloneflag = 0; @@ -2191,7 +2193,7 @@ static int set_config_namespace_keep(const char *key, const char *value, } static int set_config_namespace_share(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ns_idx; const char *namespace; @@ -2209,7 +2211,7 @@ static int set_config_namespace_share(const char *key, const char *value, /* isulad: set config for init args */ static int set_config_init_args(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret = 0; char *tmp = NULL; @@ -2219,8 +2221,8 @@ static int set_config_init_args(const char *key, const char *value, if (ret || !new_value) return ret; - tmp = realloc(lxc_conf->init_argv, (lxc_conf->init_argc + 1) * sizeof(char *)); - if (!tmp) { + if (lxc_mem_realloc((void **)&tmp, (lxc_conf->init_argc + 1) * sizeof(char *), lxc_conf->init_argv, + (lxc_conf->init_argc) * sizeof(char *)) != 0) { ERROR("Out of memory"); free(new_value); return -1; @@ -2236,9 +2238,10 @@ static int set_config_init_args(const char *key, const char *value, /* isulad: set config for init groups */ static int set_config_init_groups(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { - char *groups, *token; + char *groups = NULL; + char *token = NULL; int ret = -1; if (lxc_config_value_empty(value)) @@ -2252,9 +2255,9 @@ static int set_config_init_groups(const char *key, const char *value, * split these caps in a single element for the list. */ lxc_iterate_parts(token, groups, " \t") { - gid_t *tmp; - tmp = realloc(lxc_conf->init_groups, (lxc_conf->init_groups_len + 1) * sizeof(gid_t)); - if (!tmp) { + gid_t *tmp = NULL; + if (lxc_mem_realloc((void **)&tmp, (lxc_conf->init_groups_len + 1) * sizeof(gid_t), lxc_conf->init_groups, + (lxc_conf->init_groups_len) * sizeof(gid_t)) != 0) { ERROR("Out of memory"); goto on_error; } @@ -2273,93 +2276,93 @@ on_error: /* isulad: set config for populate device */ static int set_config_populate_device(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) -{ - int ret = 0, major = 0, minor = 0; - uid_t uid = (uid_t)-1; - gid_t gid = (gid_t)-1; - char name[PATH_MAX] = {0}; - char type[3] = {0}; - char *replace_value = NULL; - mode_t filemode = 0; - struct lxc_list *iter; - struct lxc_list *dev_list = NULL; - struct lxc_populate_devs *dev_elem = NULL; - - if (lxc_config_value_empty(value)) - return lxc_clear_populate_devices(lxc_conf); - - /* lxc.populate.device = PATH_IN_CONTAINER:DEVICETYPE:MAJOR:MINOR:MODE:UID:GID - * For e.g. lxc.populate.device = /dev/sda:b:8:0:0666:0:0 - */ - ret = sscanf(value, "%[^:]:%2[^:]:%i:%i:%i:%u:%u", name, type, &major, &minor, &filemode, &uid, &gid); - if (ret != 7) - return -1; - - /* find existing list element */ - lxc_list_for_each(iter, &lxc_conf->populate_devs) { - dev_elem = iter->elem; - - if (strcmp(name, dev_elem->name) != 0) - continue; - - replace_value = strdup(type); - if (!replace_value) - return -1; - - free(dev_elem->type); - dev_elem->type = replace_value; - dev_elem->file_mode = filemode; - dev_elem->maj = major; - dev_elem->min = minor; - dev_elem->uid = (uid_t)uid; - dev_elem->gid = (gid_t)gid; - return 0; - } - - /* allocate list element */ - dev_list = malloc(sizeof(*dev_list)); - if (!dev_list) - goto on_error; - - lxc_list_init(dev_list); - - dev_elem = malloc(sizeof(*dev_elem)); - if (!dev_elem) - goto on_error; - memset(dev_elem, 0, sizeof(*dev_elem)); - - dev_elem->name = strdup(name); - if (!dev_elem->name) - goto on_error; - - dev_elem->type = strdup(type); - if (!dev_elem->type) - goto on_error; - - dev_elem->file_mode = filemode; - dev_elem->maj = major; - dev_elem->min = minor; - - lxc_list_add_elem(dev_list, dev_elem); - - lxc_list_add_tail(&lxc_conf->populate_devs, dev_list); - - return 0; + struct lxc_conf *lxc_conf, void *data) +{ + int ret = 0, major = 0, minor = 0; + uid_t uid = (uid_t)-1; + gid_t gid = (gid_t)-1; + char name[PATH_MAX] = {0}; + char type[3] = {0}; + char *replace_value = NULL; + mode_t filemode = 0; + struct lxc_list *iter = NULL; + struct lxc_list *dev_list = NULL; + struct lxc_populate_devs *dev_elem = NULL; + + if (lxc_config_value_empty(value)) + return lxc_clear_populate_devices(lxc_conf); + + /* lxc.populate.device = PATH_IN_CONTAINER:DEVICETYPE:MAJOR:MINOR:MODE:UID:GID + * For e.g. lxc.populate.device = /dev/sda:b:8:0:0666:0:0 + */ + ret = sscanf(value, "%[^:]:%2[^:]:%i:%i:%i:%u:%u", name, type, &major, &minor, &filemode, &uid, &gid); + if (ret != 7) + return -1; + + /* find existing list element */ + lxc_list_for_each(iter, &lxc_conf->populate_devs) { + dev_elem = iter->elem; + + if (strcmp(name, dev_elem->name) != 0) + continue; + + replace_value = strdup(type); + if (!replace_value) + return -1; + + free(dev_elem->type); + dev_elem->type = replace_value; + dev_elem->file_mode = filemode; + dev_elem->maj = major; + dev_elem->min = minor; + dev_elem->uid = (uid_t)uid; + dev_elem->gid = (gid_t)gid; + return 0; + } + + /* allocate list element */ + dev_list = malloc(sizeof(*dev_list)); + if (!dev_list) + goto on_error; + + lxc_list_init(dev_list); + + dev_elem = malloc(sizeof(*dev_elem)); + if (!dev_elem) + goto on_error; + memset(dev_elem, 0, sizeof(*dev_elem)); + + dev_elem->name = strdup(name); + if (!dev_elem->name) + goto on_error; + + dev_elem->type = strdup(type); + if (!dev_elem->type) + goto on_error; + + dev_elem->file_mode = filemode; + dev_elem->maj = major; + dev_elem->min = minor; + + lxc_list_add_elem(dev_list, dev_elem); + + lxc_list_add_tail(&lxc_conf->populate_devs, dev_list); + + return 0; on_error: - free(dev_list); - if (dev_elem) { - free(dev_elem->name); - free(dev_elem->type); - free(dev_elem); - } - return -1; + free(dev_list); + if (dev_elem) { + free(dev_elem->name); + free(dev_elem->type); + free(dev_elem); + } + return -1; } /* isulad: set config for rootfs masked paths */ static int set_config_rootfs_masked_paths(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_list *list_item = NULL; @@ -2387,7 +2390,7 @@ on_error: /* isulad: set config for rootfs ro paths */ static int set_config_rootfs_ro_paths(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_list *list_item = NULL; @@ -2416,7 +2419,7 @@ on_error: /* isulad: set config for umask */ static int set_config_umask(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { ERROR("Empty umask"); @@ -2437,7 +2440,7 @@ static int set_config_umask(const char *key, const char *value, /* isulad: set config for systemd */ static int set_config_systemd(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { ERROR("Empty umask"); @@ -2673,32 +2676,32 @@ signed long lxc_config_parse_arch(const char *arch) char *name; unsigned long per; } pername[] = { - { "arm", PER_LINUX32 }, - { "armel", PER_LINUX32 }, - { "armhf", PER_LINUX32 }, - { "armv7l", PER_LINUX32 }, - { "athlon", PER_LINUX32 }, - { "i386", PER_LINUX32 }, - { "i486", PER_LINUX32 }, - { "i586", PER_LINUX32 }, - { "i686", PER_LINUX32 }, - { "linux32", PER_LINUX32 }, - { "mips", PER_LINUX32 }, - { "mipsel", PER_LINUX32 }, - { "ppc", PER_LINUX32 }, - { "powerpc", PER_LINUX32 }, - { "x86", PER_LINUX32 }, - { "amd64", PER_LINUX }, - { "arm64", PER_LINUX }, - { "linux64", PER_LINUX }, - { "mips64", PER_LINUX }, - { "mips64el", PER_LINUX }, - { "ppc64", PER_LINUX }, - { "ppc64el", PER_LINUX }, - { "ppc64le", PER_LINUX }, - { "powerpc64", PER_LINUX }, - { "s390x", PER_LINUX }, - { "x86_64", PER_LINUX }, + { "arm", PER_LINUX32 }, + { "armel", PER_LINUX32 }, + { "armhf", PER_LINUX32 }, + { "armv7l", PER_LINUX32 }, + { "athlon", PER_LINUX32 }, + { "i386", PER_LINUX32 }, + { "i486", PER_LINUX32 }, + { "i586", PER_LINUX32 }, + { "i686", PER_LINUX32 }, + { "linux32", PER_LINUX32 }, + { "mips", PER_LINUX32 }, + { "mipsel", PER_LINUX32 }, + { "ppc", PER_LINUX32 }, + { "powerpc", PER_LINUX32 }, + { "x86", PER_LINUX32 }, + { "amd64", PER_LINUX }, + { "arm64", PER_LINUX }, + { "linux64", PER_LINUX }, + { "mips64", PER_LINUX }, + { "mips64el", PER_LINUX }, + { "ppc64", PER_LINUX }, + { "ppc64el", PER_LINUX }, + { "ppc64le", PER_LINUX }, + { "powerpc64", PER_LINUX }, + { "s390x", PER_LINUX }, + { "x86_64", PER_LINUX }, }; size_t len = sizeof(pername) / sizeof(pername[0]); @@ -2769,7 +2772,7 @@ int write_config(int fd, const struct lxc_conf *conf) } bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key, - const char *v) + const char *v) { int ret; size_t len; @@ -2793,7 +2796,7 @@ bool do_append_unexp_config_line(struct lxc_conf *conf, const char *key, } void clear_unexp_config_line(struct lxc_conf *conf, const char *key, - bool rm_subkeys) + bool rm_subkeys) { char *lend; char *lstart = conf->unexpanded_config; @@ -2835,8 +2838,8 @@ void clear_unexp_config_line(struct lxc_conf *conf, const char *key, } bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath, - const char *newpath, const char *oldname, - const char *newname, const char *ovldir) + const char *newpath, const char *oldname, + const char *newname, const char *ovldir) { int ret; char *lend, *newdir, *olddir, *p, *q; @@ -2847,14 +2850,14 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath, olddirlen = strlen(ovldir) + strlen(oldpath) + strlen(oldname) + 2; olddir = alloca(olddirlen + 1); ret = snprintf(olddir, olddirlen + 1, "%s=%s/%s", ovldir, oldpath, - oldname); + oldname); if (ret < 0 || ret >= olddirlen + 1) return false; newdirlen = strlen(ovldir) + strlen(newpath) + strlen(newname) + 2; newdir = alloca(newdirlen + 1); ret = snprintf(newdir, newdirlen + 1, "%s=%s/%s", ovldir, newpath, - newname); + newname); if (ret < 0 || ret >= newdirlen + 1) return false; @@ -2935,7 +2938,7 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath, lend += diff; } - next: +next: lstart = lend; } @@ -2943,8 +2946,8 @@ bool clone_update_unexp_ovl_paths(struct lxc_conf *conf, const char *oldpath, } bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath, - const char *newpath, const char *oldname, - const char *newname) + const char *newpath, const char *oldname, + const char *newname) { int ret; char *lend, *newdir, *olddir, *p; @@ -3029,7 +3032,7 @@ bool clone_update_unexp_hooks(struct lxc_conf *conf, const char *oldpath, lend += diff; } - next: +next: lstart = lend; } @@ -3117,7 +3120,7 @@ bool network_new_hwaddrs(struct lxc_conf *conf) } static int set_config_ephemeral(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { if (lxc_config_value_empty(value)) { lxc_conf->ephemeral = 0; @@ -3134,7 +3137,7 @@ static int set_config_ephemeral(const char *key, const char *value, } static int set_config_log_syslog(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int facility; @@ -3156,7 +3159,7 @@ static int set_config_log_syslog(const char *key, const char *value, } static int set_config_no_new_privs(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { unsigned int v; @@ -3178,7 +3181,7 @@ static int set_config_no_new_privs(const char *key, const char *value, /* Callbacks to get configuration items. */ static int get_config_personality(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int fulllen = 0; @@ -3206,53 +3209,53 @@ static int get_config_personality(const char *key, char *retv, int inlen, } static int get_config_pty_max(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_size_t(c, retv, inlen, c->pty_max); } static int get_config_tty_max(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_size_t(c, retv, inlen, c->ttys.max); } /* isulad add: get umask value*/ static int get_config_umask(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_size_t(c, retv, inlen, c->umask); } /* isulad add: get systemd value*/ static int get_config_systemd(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->systemd); } static int get_config_tty_dir(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->ttys.dir); } static int get_config_apparmor_profile(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->lsm_aa_profile); } static int get_config_apparmor_allow_incomplete(const char *key, char *retv, - int inlen, struct lxc_conf *c, - void *data) + int inlen, struct lxc_conf *c, + void *data) { return lxc_get_conf_int(c, retv, inlen, - c->lsm_aa_allow_incomplete); + c->lsm_aa_allow_incomplete); } static int get_config_selinux_context(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->lsm_se_context); } @@ -3266,8 +3269,8 @@ static int get_config_selinux_context(const char *key, char *retv, int inlen, * 'lxc.cgroup.subsystem.key = value' format. */ static int __get_config_cgroup_controller(const char *key, char *retv, - int inlen, struct lxc_conf *c, - int version) + int inlen, struct lxc_conf *c, + int version) { int len; size_t namespaced_token_len; @@ -3308,7 +3311,7 @@ static int __get_config_cgroup_controller(const char *key, char *retv, continue; strprint(retv, inlen, "%s.%s = %s\n", global_token, - cg->subsystem, cg->value); + cg->subsystem, cg->value); } else if (strcmp(cg->subsystem, key) == 0) { strprint(retv, inlen, "%s\n", cg->value); } @@ -3318,21 +3321,21 @@ static int __get_config_cgroup_controller(const char *key, char *retv, } static int get_config_cgroup_controller(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return __get_config_cgroup_controller(key, retv, inlen, c, - CGROUP_SUPER_MAGIC); + CGROUP_SUPER_MAGIC); } static int get_config_cgroup2_controller(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return __get_config_cgroup_controller(key, retv, inlen, c, - CGROUP2_SUPER_MAGIC); + CGROUP2_SUPER_MAGIC); } static int get_config_cgroup_dir(const char *key, char *retv, int inlen, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int len; int fulllen = 0; @@ -3348,31 +3351,31 @@ static int get_config_cgroup_dir(const char *key, char *retv, int inlen, } static int get_config_idmaps(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { struct lxc_list *it; int len, listlen, ret; int fulllen = 0; -/* "u 1000 1000000 65536" - * - * let's render this as - * - * sizeof(char) - * + - * sizeof(" ") - * + - * sizeof(uint32_t) - * + - * sizeof(" ") - * + - * sizeof(uint32_t) - * + - * sizeof(" ") - * + - * sizeof(uint32_t) - * + - * \0 - */ + /* "u 1000 1000000 65536" + * + * let's render this as + * + * sizeof(char) + * + + * sizeof(" ") + * + + * sizeof(uint32_t) + * + + * sizeof(" ") + * + + * sizeof(uint32_t) + * + + * sizeof(" ") + * + + * sizeof(uint32_t) + * + + * \0 + */ #define __LXC_IDMAP_STR_BUF (3 * INTTYPE_TO_STRLEN(uint32_t) + 3 + 1 + 1) char buf[__LXC_IDMAP_STR_BUF]; @@ -3385,8 +3388,8 @@ static int get_config_idmaps(const char *key, char *retv, int inlen, lxc_list_for_each(it, &c->id_map) { struct id_map *map = it->elem; ret = snprintf(buf, __LXC_IDMAP_STR_BUF, "%c %lu %lu %lu", - (map->idtype == ID_TYPE_UID) ? 'u' : 'g', - map->nsid, map->hostid, map->range); + (map->idtype == ID_TYPE_UID) ? 'u' : 'g', + map->nsid, map->hostid, map->range); if (ret < 0 || ret >= __LXC_IDMAP_STR_BUF) return -1; @@ -3397,7 +3400,7 @@ static int get_config_idmaps(const char *key, char *retv, int inlen, } static int get_config_log_level(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { const char *v; v = lxc_log_priority_to_string(c->loglevel); @@ -3405,19 +3408,19 @@ static int get_config_log_level(const char *key, char *retv, int inlen, } static int get_config_log_file(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->logfile); } static int get_config_mount_fstab(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->fstab); } static int get_config_mount_auto(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; const char *sep = ""; @@ -3493,7 +3496,7 @@ static int get_config_mount_auto(const char *key, char *retv, int inlen, } static int get_config_mount(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3511,33 +3514,33 @@ static int get_config_mount(const char *key, char *retv, int inlen, } static int get_config_rootfs_path(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->rootfs.path); } static int get_config_rootfs_mount(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->rootfs.mount); } static int get_config_rootfs_options(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->rootfs.options); } static int get_config_uts_name(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str( - retv, inlen, - c->utsname ? c->utsname->nodename : NULL); + retv, inlen, + c->utsname ? c->utsname->nodename : NULL); } static int get_config_hooks(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { char *subkey; int len, fulllen = 0, found = -1; @@ -3578,13 +3581,13 @@ static int get_config_hooks(const char *key, char *retv, int inlen, } static int get_config_hooks_version(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->hooks_version); } static int get_config_net(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3604,7 +3607,7 @@ static int get_config_net(const char *key, char *retv, int inlen, } static int get_config_cap_drop(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3622,7 +3625,7 @@ static int get_config_cap_drop(const char *key, char *retv, int inlen, } static int get_config_cap_keep(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3640,70 +3643,70 @@ static int get_config_cap_keep(const char *key, char *retv, int inlen, } static int get_config_console_path(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->console.path); } static int get_config_console_logfile(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->console.log_path); } static int get_config_console_rotate(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->console.log_rotate); } static int get_config_console_buffer_size(const char *key, char *retv, - int inlen, struct lxc_conf *c, - void *data) + int inlen, struct lxc_conf *c, + void *data) { return lxc_get_conf_uint64(c, retv, inlen, c->console.buffer_size); } static int get_config_console_size(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_uint64(c, retv, inlen, c->console.log_size); } static int get_config_seccomp_profile(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->seccomp); } static int get_config_autodev(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->autodev); } static int get_config_signal_halt(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->haltsignal); } static int get_config_signal_reboot(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->rebootsignal); } static int get_config_signal_stop(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->stopsignal); } static int get_config_start(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { if (strcmp(key + 10, "auto") == 0) return lxc_get_conf_int(c, retv, inlen, c->start_auto); @@ -3716,19 +3719,19 @@ static int get_config_start(const char *key, char *retv, int inlen, } static int get_config_log_syslog(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->syslog); } static int get_config_monitor(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->monitor_unshare); } static int get_config_group(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3746,7 +3749,7 @@ static int get_config_group(const char *key, char *retv, int inlen, } static int get_config_environment(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; struct lxc_list *it; @@ -3765,43 +3768,43 @@ static int get_config_environment(const char *key, char *retv, int inlen, } static int get_config_execute_cmd(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->execute_cmd); } static int get_config_init_cmd(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->init_cmd); } static int get_config_init_cwd(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_str(retv, inlen, c->init_cwd); } static int get_config_init_uid(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->init_uid); } static int get_config_init_gid(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->init_gid); } static int get_config_ephemeral(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->ephemeral); } static int get_config_no_new_privs(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_get_conf_int(c, retv, inlen, c->no_new_privs); } @@ -3811,7 +3814,7 @@ static int get_config_no_new_privs(const char *key, char *retv, int inlen, * printed, in 'lxc.prlimit.resource = value' format. */ static int get_config_prlimit(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int fulllen = 0, len; bool get_all = false; @@ -3840,7 +3843,7 @@ static int get_config_prlimit(const char *key, char *retv, int inlen, partlen = STRLITERALLEN("unlimited"); } else { partlen = sprintf(buf, "%" PRIu64, - (uint64_t)lim->limit.rlim_cur); + (uint64_t)lim->limit.rlim_cur); } if (lim->limit.rlim_cur != lim->limit.rlim_max) { @@ -3849,12 +3852,12 @@ static int get_config_prlimit(const char *key, char *retv, int inlen, STRLITERALLEN(":unlimited") + 1); else sprintf(buf + partlen, ":%" PRIu64, - (uint64_t)lim->limit.rlim_max); + (uint64_t)lim->limit.rlim_max); } if (get_all) { strprint(retv, inlen, "lxc.prlimit.%s = %s\n", - lim->resource, buf); + lim->resource, buf); } else if (strcmp(lim->resource, key) == 0) { strprint(retv, inlen, "%s", buf); } @@ -3868,7 +3871,7 @@ static int get_config_prlimit(const char *key, char *retv, int inlen, * entries will be printed, in 'lxc.sysctl.key = value' format. */ static int get_config_sysctl(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; struct lxc_list *it; @@ -3891,7 +3894,7 @@ static int get_config_sysctl(const char *key, char *retv, int inlen, struct lxc_sysctl *elem = it->elem; if (get_all) { strprint(retv, inlen, "lxc.sysctl.%s = %s\n", elem->key, - elem->value); + elem->value); } else if (strcmp(elem->key, key) == 0) { strprint(retv, inlen, "%s", elem->value); } @@ -3901,7 +3904,7 @@ static int get_config_sysctl(const char *key, char *retv, int inlen, } static int get_config_proc(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { struct lxc_list *it; int len; @@ -3935,7 +3938,7 @@ static int get_config_proc(const char *key, char *retv, int inlen, } static int get_config_namespace_clone(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int i, len; int fulllen = 0; @@ -3954,7 +3957,7 @@ static int get_config_namespace_clone(const char *key, char *retv, int inlen, } static int get_config_namespace_keep(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int i, len; int fulllen = 0; @@ -3973,7 +3976,7 @@ static int get_config_namespace_keep(const char *key, char *retv, int inlen, } static int get_config_namespace_share(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, ns_idx; const char *namespace; @@ -3996,7 +3999,7 @@ static int get_config_namespace_share(const char *key, char *retv, int inlen, /* isulad: get config init args */ static int get_config_init_args(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int i, len, fulllen = 0; @@ -4006,7 +4009,7 @@ static int get_config_init_args(const char *key, char *retv, int inlen, memset(retv, 0, inlen); for (i = 0; i < c->init_argc; i++) { - strprint(retv, inlen, "%s", c->init_argv[i]); + strprint(retv, inlen, "%s", c->init_argv[i]); } return fulllen; @@ -4014,7 +4017,7 @@ static int get_config_init_args(const char *key, char *retv, int inlen, /* isulad: get config init groups */ static int get_config_init_groups(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int i, len, fulllen = 0; @@ -4024,7 +4027,7 @@ static int get_config_init_groups(const char *key, char *retv, int inlen, memset(retv, 0, inlen); for (i = 0; i < c->init_groups_len; i++) { - strprint(retv, inlen, "%u\n", c->init_groups[i]); + strprint(retv, inlen, "%u\n", c->init_groups[i]); } return fulllen; @@ -4036,10 +4039,10 @@ static int get_config_init_groups(const char *key, char *retv, int inlen, * For e.g. lxc.populate.device = /dev/sda:b:8:0:0666:0:0 */ static int get_config_populate_device(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; - struct lxc_list *it; + struct lxc_list *it = NULL; int fulllen = 0; if (!retv) @@ -4050,8 +4053,8 @@ static int get_config_populate_device(const char *key, char *retv, int inlen, lxc_list_for_each(it, &c->populate_devs) { struct lxc_populate_devs *elem = it->elem; strprint(retv, inlen, "lxc.populate.device = %s:%s:%d:%d:%o:%u:%u\n", - elem->name, elem->type, elem->maj, - elem->min, elem->file_mode, elem->uid, elem->gid); + elem->name, elem->type, elem->maj, + elem->min, elem->file_mode, elem->uid, elem->gid); } return fulllen; @@ -4059,10 +4062,10 @@ static int get_config_populate_device(const char *key, char *retv, int inlen, // isulad: get config rootfs masked paths static int get_config_rootfs_masked_paths(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; - struct lxc_list *it; + struct lxc_list *it = NULL; if (!retv) inlen = 0; @@ -4078,10 +4081,10 @@ static int get_config_rootfs_masked_paths(const char *key, char *retv, int inlen // isulad: get config rootfs ro paths static int get_config_rootfs_ro_paths(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len, fulllen = 0; - struct lxc_list *it; + struct lxc_list *it = NULL; if (!retv) inlen = 0; @@ -4097,28 +4100,28 @@ static int get_config_rootfs_ro_paths(const char *key, char *retv, int inlen, /* Callbacks to clear config items. */ static inline int clr_config_personality(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->personality = -1; return 0; } static inline int clr_config_pty_max(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->pty_max = 0; return 0; } static inline int clr_config_tty_max(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->ttys.tty = 0; return 0; } static inline int clr_config_tty_dir(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->ttys.dir); c->ttys.dir = NULL; @@ -4126,7 +4129,7 @@ static inline int clr_config_tty_dir(const char *key, struct lxc_conf *c, } static inline int clr_config_apparmor_profile(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { free(c->lsm_aa_profile); c->lsm_aa_profile = NULL; @@ -4134,15 +4137,15 @@ static inline int clr_config_apparmor_profile(const char *key, } static inline int clr_config_apparmor_allow_incomplete(const char *key, - struct lxc_conf *c, - void *data) + struct lxc_conf *c, + void *data) { c->lsm_aa_allow_incomplete = 0; return 0; } static inline int clr_config_selinux_context(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { free(c->lsm_se_context); c->lsm_se_context = NULL; @@ -4150,19 +4153,19 @@ static inline int clr_config_selinux_context(const char *key, } static inline int clr_config_cgroup_controller(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_clear_cgroups(c, key, CGROUP_SUPER_MAGIC); } static inline int clr_config_cgroup2_controller(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return lxc_clear_cgroups(c, key, CGROUP2_SUPER_MAGIC); } static int clr_config_cgroup_dir(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { if (lxc_conf->cgroup_meta.dir) { free(lxc_conf->cgroup_meta.dir); @@ -4173,20 +4176,20 @@ static int clr_config_cgroup_dir(const char *key, struct lxc_conf *lxc_conf, } static inline int clr_config_idmaps(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_idmaps(c); } static inline int clr_config_log_level(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->loglevel = LXC_LOG_LEVEL_NOTSET; return 0; } static inline int clr_config_log_file(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->logfile); c->logfile = NULL; @@ -4194,19 +4197,19 @@ static inline int clr_config_log_file(const char *key, struct lxc_conf *c, } static inline int clr_config_mount(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_mount_entries(c); } static inline int clr_config_mount_auto(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_automounts(c); } static inline int clr_config_mount_fstab(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->fstab); c->fstab = NULL; @@ -4214,7 +4217,7 @@ static inline int clr_config_mount_fstab(const char *key, struct lxc_conf *c, } static inline int clr_config_rootfs_path(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->rootfs.path); c->rootfs.path = NULL; @@ -4222,7 +4225,7 @@ static inline int clr_config_rootfs_path(const char *key, struct lxc_conf *c, } static inline int clr_config_rootfs_mount(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->rootfs.mount); c->rootfs.mount = NULL; @@ -4230,7 +4233,7 @@ static inline int clr_config_rootfs_mount(const char *key, struct lxc_conf *c, } static inline int clr_config_rootfs_options(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->rootfs.options); c->rootfs.options = NULL; @@ -4242,7 +4245,7 @@ static inline int clr_config_rootfs_options(const char *key, struct lxc_conf *c, } static inline int clr_config_uts_name(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->utsname); c->utsname = NULL; @@ -4250,13 +4253,13 @@ static inline int clr_config_uts_name(const char *key, struct lxc_conf *c, } static inline int clr_config_hooks(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_hooks(c, key); } static inline int clr_config_hooks_version(const char *key, struct lxc_conf *c, - void *data) + void *data) { /* default to legacy hooks version */ c->hooks_version = 0; @@ -4264,7 +4267,7 @@ static inline int clr_config_hooks_version(const char *key, struct lxc_conf *c, } static inline int clr_config_net(const char *key, struct lxc_conf *c, - void *data) + void *data) { lxc_free_networks(&c->network); @@ -4272,19 +4275,19 @@ static inline int clr_config_net(const char *key, struct lxc_conf *c, } static inline int clr_config_cap_drop(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_config_caps(c); } static inline int clr_config_cap_keep(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_config_keepcaps(c); } static inline int clr_config_console_path(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->console.path); c->console.path = NULL; @@ -4292,7 +4295,7 @@ static inline int clr_config_console_path(const char *key, struct lxc_conf *c, } static inline int clr_config_console_logfile(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { free(c->console.log_path); c->console.log_path = NULL; @@ -4300,28 +4303,28 @@ static inline int clr_config_console_logfile(const char *key, } static inline int clr_config_console_rotate(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->console.log_rotate = 0; return 0; } static inline int clr_config_console_buffer_size(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { c->console.buffer_size = 0; return 0; } static inline int clr_config_console_size(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->console.log_size = 0; return 0; } static inline int clr_config_seccomp_profile(const char *key, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { free(c->seccomp); c->seccomp = NULL; @@ -4329,35 +4332,35 @@ static inline int clr_config_seccomp_profile(const char *key, } static inline int clr_config_autodev(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->autodev = 1; return 0; } static inline int clr_config_signal_halt(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->haltsignal = 0; return 0; } static inline int clr_config_signal_reboot(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->rebootsignal = 0; return 0; } static inline int clr_config_signal_stop(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->stopsignal = 0; return 0; } static inline int clr_config_start(const char *key, struct lxc_conf *c, - void *data) + void *data) { if (strcmp(key + 10, "auto") == 0) c->start_auto = 0; @@ -4370,7 +4373,7 @@ static inline int clr_config_start(const char *key, struct lxc_conf *c, } static inline int clr_config_log_syslog(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->syslog); c->syslog = NULL; @@ -4378,26 +4381,26 @@ static inline int clr_config_log_syslog(const char *key, struct lxc_conf *c, } static inline int clr_config_monitor(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->monitor_unshare = 0; return 0; } static inline int clr_config_group(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_groups(c); } static inline int clr_config_environment(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_environment(c); } static inline int clr_config_execute_cmd(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->execute_cmd); c->execute_cmd = NULL; @@ -4405,7 +4408,7 @@ static inline int clr_config_execute_cmd(const char *key, struct lxc_conf *c, } static inline int clr_config_init_cmd(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->init_cmd); c->init_cmd = NULL; @@ -4413,7 +4416,7 @@ static inline int clr_config_init_cmd(const char *key, struct lxc_conf *c, } static inline int clr_config_init_cwd(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->init_cwd); c->init_cwd = NULL; @@ -4421,74 +4424,74 @@ static inline int clr_config_init_cwd(const char *key, struct lxc_conf *c, } static inline int clr_config_init_uid(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->init_uid = 0; return 0; } static inline int clr_config_init_gid(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->init_gid = 0; return 0; } static inline int clr_config_ephemeral(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->ephemeral = 0; return 0; } static inline int clr_config_no_new_privs(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->no_new_privs = false; return 0; } static inline int clr_config_prlimit(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_limits(c, key); } static inline int clr_config_sysctl(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_sysctls(c, key); } static inline int clr_config_proc(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_procs(c, key); } static inline int clr_config_includefiles(const char *key, struct lxc_conf *c, - void *data) + void *data) { lxc_clear_includes(c); return 0; } static int clr_config_namespace_clone(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { lxc_conf->ns_clone = 0; return 0; } static int clr_config_namespace_keep(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { lxc_conf->ns_keep = 0; return 0; } static int clr_config_namespace_share(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ns_idx; const char *namespace; @@ -4506,7 +4509,7 @@ static int clr_config_namespace_share(const char *key, /* isulad add: clear umask value */ static inline int clr_config_umask(const char *key, struct lxc_conf *c, - void *data) + void *data) { c->umask = 0027; return 0; @@ -4514,7 +4517,7 @@ static inline int clr_config_umask(const char *key, struct lxc_conf *c, /* isulad add: clear systemd value */ static inline int clr_config_systemd(const char *key, struct lxc_conf *c, - void *data) + void *data) { free(c->systemd); c->systemd = NULL; @@ -4522,15 +4525,15 @@ static inline int clr_config_systemd(const char *key, struct lxc_conf *c, } static int get_config_includefiles(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { return -ENOSYS; } static struct lxc_config_t *get_network_config_ops(const char *key, - struct lxc_conf *lxc_conf, - ssize_t *idx, - char **deindexed_key) + struct lxc_conf *lxc_conf, + ssize_t *idx, + char **deindexed_key) { int ret; unsigned int tmpidx; @@ -4624,7 +4627,7 @@ on_error: * rewriting the key), and call it. */ static int set_config_net_nic(const char *key, const char *value, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { int ret; const char *idxstring; @@ -4657,7 +4660,7 @@ static int set_config_net_nic(const char *key, const char *value, } static int clr_config_net_nic(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { int ret; const char *idxstring; @@ -4703,7 +4706,7 @@ static int clr_config_net_nic(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_type(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4716,7 +4719,7 @@ static int clr_config_net_type(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_name(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4729,7 +4732,7 @@ static int clr_config_net_name(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_flags(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4742,7 +4745,7 @@ static int clr_config_net_flags(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_link(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4755,7 +4758,7 @@ static int clr_config_net_link(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_macvlan_mode(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -4771,7 +4774,7 @@ static int clr_config_net_macvlan_mode(const char *key, } static int clr_config_net_veth_pair(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4784,7 +4787,7 @@ static int clr_config_net_veth_pair(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_script_up(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4798,7 +4801,7 @@ static int clr_config_net_script_up(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_script_down(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -4812,7 +4815,7 @@ static int clr_config_net_script_down(const char *key, } static int clr_config_net_hwaddr(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4826,7 +4829,7 @@ static int clr_config_net_hwaddr(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_mtu(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4840,7 +4843,7 @@ static int clr_config_net_mtu(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_vlan_id(const char *key, struct lxc_conf *lxc_conf, - void *data) + void *data) { struct lxc_netdev *netdev = data; @@ -4853,7 +4856,7 @@ static int clr_config_net_vlan_id(const char *key, struct lxc_conf *lxc_conf, } static int clr_config_net_ipv4_gateway(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -4867,7 +4870,7 @@ static int clr_config_net_ipv4_gateway(const char *key, } static int clr_config_net_ipv4_address(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; struct lxc_list *cur, *next; @@ -4885,7 +4888,7 @@ static int clr_config_net_ipv4_address(const char *key, } static int clr_config_net_ipv6_gateway(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; @@ -4899,7 +4902,7 @@ static int clr_config_net_ipv6_gateway(const char *key, } static int clr_config_net_ipv6_address(const char *key, - struct lxc_conf *lxc_conf, void *data) + struct lxc_conf *lxc_conf, void *data) { struct lxc_netdev *netdev = data; struct lxc_list *cur, *next; @@ -4918,41 +4921,41 @@ static int clr_config_net_ipv6_address(const char *key, /* isulad: clr config init args*/ static inline int clr_config_init_args(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_init_args(c); } /* isulad: clr config init args*/ static inline int clr_config_init_groups(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_init_groups(c); } /* isulad: clr config populate devices*/ static inline int clr_config_populate_device(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_populate_devices(c); } /* isulad: clr config rootfs masked paths */ static inline int clr_config_rootfs_masked_paths(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_rootfs_masked_paths(c); } /* isulad: clr config rootfs ro paths */ static inline int clr_config_rootfs_ro_paths(const char *key, struct lxc_conf *c, - void *data) + void *data) { return lxc_clear_rootfs_ro_paths(c); } static int get_config_net_nic(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int ret; const char *idxstring; @@ -4982,7 +4985,7 @@ static int get_config_net_nic(const char *key, char *retv, int inlen, } static int get_config_net_type(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5002,7 +5005,7 @@ static int get_config_net_type(const char *key, char *retv, int inlen, } static int get_config_net_flags(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5023,7 +5026,7 @@ static int get_config_net_flags(const char *key, char *retv, int inlen, } static int get_config_net_link(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5044,7 +5047,7 @@ static int get_config_net_link(const char *key, char *retv, int inlen, } static int get_config_net_name(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5065,7 +5068,7 @@ static int get_config_net_name(const char *key, char *retv, int inlen, } static int get_config_net_macvlan_mode(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5107,7 +5110,7 @@ static int get_config_net_macvlan_mode(const char *key, char *retv, int inlen, } static int get_config_net_veth_pair(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5125,15 +5128,15 @@ static int get_config_net_veth_pair(const char *key, char *retv, int inlen, return 0; strprint(retv, inlen, "%s", - netdev->priv.veth_attr.pair[0] != '\0' - ? netdev->priv.veth_attr.pair - : netdev->priv.veth_attr.veth1); + netdev->priv.veth_attr.pair[0] != '\0' + ? netdev->priv.veth_attr.pair + : netdev->priv.veth_attr.veth1); return fulllen; } static int get_config_net_script_up(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5154,7 +5157,7 @@ static int get_config_net_script_up(const char *key, char *retv, int inlen, } static int get_config_net_script_down(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5175,7 +5178,7 @@ static int get_config_net_script_down(const char *key, char *retv, int inlen, } static int get_config_net_hwaddr(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5196,7 +5199,7 @@ static int get_config_net_hwaddr(const char *key, char *retv, int inlen, } static int get_config_net_mtu(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5217,7 +5220,7 @@ static int get_config_net_mtu(const char *key, char *retv, int inlen, } static int get_config_net_vlan_id(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; int fulllen = 0; @@ -5240,7 +5243,7 @@ static int get_config_net_vlan_id(const char *key, char *retv, int inlen, } static int get_config_net_ipv4_gateway(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; char buf[INET_ADDRSTRLEN]; @@ -5266,7 +5269,7 @@ static int get_config_net_ipv4_gateway(const char *key, char *retv, int inlen, } static int get_config_net_ipv4_address(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; size_t listlen; @@ -5289,14 +5292,14 @@ static int get_config_net_ipv4_address(const char *key, char *retv, int inlen, struct lxc_inetdev *i = it->elem; inet_ntop(AF_INET, &i->addr, buf, sizeof(buf)); strprint(retv, inlen, "%s/%u%s", buf, i->prefix, - (listlen-- > 1) ? "\n" : ""); + (listlen-- > 1) ? "\n" : ""); } return fulllen; } static int get_config_net_ipv6_gateway(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; char buf[INET6_ADDRSTRLEN]; @@ -5322,7 +5325,7 @@ static int get_config_net_ipv6_gateway(const char *key, char *retv, int inlen, } static int get_config_net_ipv6_address(const char *key, char *retv, int inlen, - struct lxc_conf *c, void *data) + struct lxc_conf *c, void *data) { int len; size_t listlen; @@ -5345,7 +5348,7 @@ static int get_config_net_ipv6_address(const char *key, char *retv, int inlen, struct lxc_inet6dev *i = it->elem; inet_ntop(AF_INET6, &i->addr, buf, sizeof(buf)); strprint(retv, inlen, "%s/%u%s", buf, i->prefix, - (listlen-- > 1) ? "\n" : ""); + (listlen-- > 1) ? "\n" : ""); } return fulllen; @@ -5375,7 +5378,7 @@ int lxc_list_config_items(char *retv, int inlen) } int lxc_list_subkeys(struct lxc_conf *conf, const char *key, char *retv, - int inlen) + int inlen) { int len; int fulllen = 0; diff --git a/src/lxc/confile_utils.c b/src/lxc/confile_utils.c index 9049ce8..8c5208f 100644 --- a/src/lxc/confile_utils.c +++ b/src/lxc/confile_utils.c @@ -46,7 +46,7 @@ lxc_log_define(confile_utils, lxc); int parse_idmaps(const char *idmap, char *type, unsigned long *nsid, - unsigned long *hostid, unsigned long *range) + unsigned long *hostid, unsigned long *range) { int ret = -1; unsigned long tmp_hostid, tmp_nsid, tmp_range; @@ -223,7 +223,7 @@ struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail * allocates a new one if it couldn't be found. */ struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf, - unsigned int idx, bool allocate) + unsigned int idx, bool allocate) { struct lxc_netdev *netdev = NULL; struct lxc_list *networks = &conf->network; @@ -252,7 +252,7 @@ void lxc_log_configured_netdevs(const struct lxc_conf *conf) struct lxc_list *it = (struct lxc_list *)&conf->network;; if ((conf->loglevel != LXC_LOG_LEVEL_TRACE) && - (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE)) + (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE)) return; if (lxc_list_empty(it)) { @@ -294,7 +294,7 @@ void lxc_log_configured_netdevs(const struct lxc_conf *conf) char *mode; mode = lxc_macvlan_flag_to_mode( - netdev->priv.macvlan_attr.mode); + netdev->priv.macvlan_attr.mode); TRACE("macvlan mode: %s", mode ? mode : "(invalid mode)"); } @@ -348,14 +348,14 @@ void lxc_log_configured_netdevs(const struct lxc_conf *conf) if (netdev->ipv4_gateway) { inet_ntop(AF_INET, netdev->ipv4_gateway, - bufinet4, sizeof(bufinet4)); + bufinet4, sizeof(bufinet4)); TRACE("ipv4 gateway: %s", bufinet4); } lxc_list_for_each_safe(cur, &netdev->ipv4, next) { inet4dev = cur->elem; inet_ntop(AF_INET, &inet4dev->addr, bufinet4, - sizeof(bufinet4)); + sizeof(bufinet4)); TRACE("ipv4 addr: %s", bufinet4); } @@ -364,14 +364,14 @@ void lxc_log_configured_netdevs(const struct lxc_conf *conf) if (netdev->ipv6_gateway) { inet_ntop(AF_INET6, netdev->ipv6_gateway, - bufinet6, sizeof(bufinet6)); + bufinet6, sizeof(bufinet6)); TRACE("ipv6 gateway: %s", bufinet6); } lxc_list_for_each_safe(cur, &netdev->ipv6, next) { inet6dev = cur->elem; inet_ntop(AF_INET6, &inet6dev->addr, bufinet6, - sizeof(bufinet6)); + sizeof(bufinet6)); TRACE("ipv6 addr: %s", bufinet6); } } @@ -448,10 +448,10 @@ static struct lxc_macvlan_mode { char *name; int mode; } macvlan_mode[] = { - { "private", MACVLAN_MODE_PRIVATE }, - { "vepa", MACVLAN_MODE_VEPA }, - { "bridge", MACVLAN_MODE_BRIDGE }, - { "passthru", MACVLAN_MODE_PASSTHRU }, + { "private", MACVLAN_MODE_PRIVATE }, + { "vepa", MACVLAN_MODE_VEPA }, + { "bridge", MACVLAN_MODE_BRIDGE }, + { "passthru", MACVLAN_MODE_PASSTHRU }, }; int lxc_macvlan_mode_to_flag(int *mode, const char *value) @@ -595,7 +595,7 @@ bool lxc_config_net_hwaddr(const char *line) return true; if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 || - sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2) + sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2) return strncmp(tmp, "hwaddr", 6) == 0; return false; @@ -644,13 +644,13 @@ bool new_hwaddr(char *hwaddr) seed = randseed(false); ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand_r(&seed) % 255, - rand_r(&seed) % 255, rand_r(&seed) % 255); + rand_r(&seed) % 255, rand_r(&seed) % 255); #else (void)randseed(true); ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255, - rand() % 255, rand() % 255); + rand() % 255, rand() % 255); #endif if (ret < 0 || ret >= 18) { SYSERROR("Failed to call snprintf()"); @@ -740,7 +740,7 @@ bool parse_limit_value(const char **value, rlim_t *res) } static int lxc_container_name_to_pid(const char *lxcname_or_pid, - const char *lxcpath) + const char *lxcpath) { int ret; signed long int pid; @@ -784,16 +784,18 @@ static int lxc_container_name_to_pid(const char *lxcname_or_pid, } int lxc_inherit_namespace(const char *lxcname_or_pid, const char *lxcpath, - const char *namespace) + const char *namespace) { - int fd, pid; - char *dup, *lastslash; + int fd = -1; + int pid = -1; + char *dup = NULL; + char *lastslash = NULL; /* isulad: add support share namespace by path. * e.g. "lxc.namespace.share.net = /proc/PID/ns/net or /var/run/netns/net" */ if (file_exists(lxcname_or_pid) && !dir_exists(lxcname_or_pid)) { - fd = open(lxcname_or_pid, O_RDONLY | O_CLOEXEC); + fd = lxc_open(lxcname_or_pid, O_RDONLY | O_CLOEXEC, 0); if (fd < 0) return -EINVAL; diff --git a/src/lxc/json/logger_json_file.c b/src/lxc/json/logger_json_file.c index 6433b04..409ea11 100644 --- a/src/lxc/json/logger_json_file.c +++ b/src/lxc/json/logger_json_file.c @@ -8,236 +8,236 @@ #include "logger_json_file.h" logger_json_file *make_logger_json_file(yajl_val tree, struct parser_context *ctx, parser_error *err) { - logger_json_file *ret = NULL; - *err = 0; - if (tree == NULL) - return ret; - ret = safe_malloc(sizeof(*ret)); - { - yajl_val tmp = get_val(tree, "log", yajl_t_string); - if (tmp != NULL) { - char *str = YAJL_GET_STRING(tmp); - ret->log = (uint8_t *)safe_strdup(str ? str : ""); - ret->log_len = str != NULL ? strlen(str) : 0; - } - } - { - yajl_val val = get_val(tree, "stream", yajl_t_string); - if (val != NULL) { - char *str = YAJL_GET_STRING(val); - ret->stream = safe_strdup(str ? str : ""); - } - } - { - yajl_val val = get_val(tree, "time", yajl_t_string); - if (val != NULL) { - char *str = YAJL_GET_STRING(val); - ret->time = safe_strdup(str ? str : ""); - } - } - { - yajl_val tmp = get_val(tree, "attrs", yajl_t_string); - if (tmp != NULL) { - char *str = YAJL_GET_STRING(tmp); - ret->attrs = (uint8_t *)safe_strdup(str ? str : ""); - ret->attrs_len = str != NULL ? strlen(str) : 0; - } - } - - if (tree->type == yajl_t_object && (ctx->options & PARSE_OPTIONS_STRICT)) { - int i; - for (i = 0; i < tree->u.object.len; i++) - if (strcmp(tree->u.object.keys[i], "log") && - strcmp(tree->u.object.keys[i], "stream") && - strcmp(tree->u.object.keys[i], "time") && - strcmp(tree->u.object.keys[i], "attrs")) { - if (ctx->stderr > 0) - fprintf(ctx->stderr, "WARNING: unknown key found: %s\n", tree->u.object.keys[i]); - } - } - return ret; + logger_json_file *ret = NULL; + *err = 0; + if (tree == NULL) + return ret; + ret = safe_malloc(sizeof(*ret)); + { + yajl_val tmp = get_val(tree, "log", yajl_t_string); + if (tmp != NULL) { + char *str = YAJL_GET_STRING(tmp); + ret->log = (uint8_t *)safe_strdup(str ? str : ""); + ret->log_len = str != NULL ? strlen(str) : 0; + } + } + { + yajl_val val = get_val(tree, "stream", yajl_t_string); + if (val != NULL) { + char *str = YAJL_GET_STRING(val); + ret->stream = safe_strdup(str ? str : ""); + } + } + { + yajl_val val = get_val(tree, "time", yajl_t_string); + if (val != NULL) { + char *str = YAJL_GET_STRING(val); + ret->time = safe_strdup(str ? str : ""); + } + } + { + yajl_val tmp = get_val(tree, "attrs", yajl_t_string); + if (tmp != NULL) { + char *str = YAJL_GET_STRING(tmp); + ret->attrs = (uint8_t *)safe_strdup(str ? str : ""); + ret->attrs_len = str != NULL ? strlen(str) : 0; + } + } + + if (tree->type == yajl_t_object && (ctx->options & PARSE_OPTIONS_STRICT)) { + int i; + for (i = 0; i < tree->u.object.len; i++) + if (strcmp(tree->u.object.keys[i], "log") && + strcmp(tree->u.object.keys[i], "stream") && + strcmp(tree->u.object.keys[i], "time") && + strcmp(tree->u.object.keys[i], "attrs")) { + if (ctx->stderr > 0) + fprintf(ctx->stderr, "WARNING: unknown key found: %s\n", tree->u.object.keys[i]); + } + } + return ret; } void free_logger_json_file(logger_json_file *ptr) { - if (ptr == NULL) - return; - free(ptr->log); - ptr->log = NULL; - free(ptr->stream); - ptr->stream = NULL; - free(ptr->time); - ptr->time = NULL; - free(ptr->attrs); - ptr->attrs = NULL; - free(ptr); + if (ptr == NULL) + return; + free(ptr->log); + ptr->log = NULL; + free(ptr->stream); + ptr->stream = NULL; + free(ptr->time); + ptr->time = NULL; + free(ptr->attrs); + ptr->attrs = NULL; + free(ptr); } yajl_gen_status gen_logger_json_file(yajl_gen g, logger_json_file *ptr, struct parser_context *ctx, parser_error *err) { - yajl_gen_status stat = yajl_gen_status_ok; - *err = 0; - stat = reformat_start_map(g); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) || (ptr != NULL && ptr->log != NULL && ptr->log_len)) { - const char *str = ""; - size_t len = 0; - stat = reformat_map_key(g, "log", strlen("log")); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - if (ptr != NULL && ptr->log != NULL) { - str = (const char *)ptr->log; - len = ptr->log_len; - } - stat = reformat_string(g, str, len); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - } - if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) ||(ptr != NULL && ptr->stream != NULL)) { - char *str = ""; - stat = reformat_map_key(g, "stream", strlen("stream")); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - if (ptr != NULL && ptr->stream != NULL) { - str = ptr->stream; - } - stat = reformat_string(g, str, strlen(str)); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - } - if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) ||(ptr != NULL && ptr->time != NULL)) { - char *str = ""; - stat = reformat_map_key(g, "time", strlen("time")); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - if (ptr != NULL && ptr->time != NULL) { - str = ptr->time; - } - stat = reformat_string(g, str, strlen(str)); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - } - if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) || (ptr != NULL && ptr->attrs != NULL && ptr->attrs_len)) { - const char *str = ""; - size_t len = 0; - stat = reformat_map_key(g, "attrs", strlen("attrs")); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - if (ptr != NULL && ptr->attrs != NULL) { - str = (const char *)ptr->attrs; - len = ptr->attrs_len; - } - stat = reformat_string(g, str, len); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - } - stat = reformat_end_map(g); - if (yajl_gen_status_ok != stat) - GEN_SET_ERROR_AND_RETURN(stat, err); - return yajl_gen_status_ok; + yajl_gen_status stat = yajl_gen_status_ok; + *err = 0; + stat = reformat_start_map(g); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) || (ptr != NULL && ptr->log != NULL && ptr->log_len)) { + const char *str = ""; + size_t len = 0; + stat = reformat_map_key(g, "log", strlen("log")); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + if (ptr != NULL && ptr->log != NULL) { + str = (const char *)ptr->log; + len = ptr->log_len; + } + stat = reformat_string(g, str, len); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + } + if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) ||(ptr != NULL && ptr->stream != NULL)) { + char *str = ""; + stat = reformat_map_key(g, "stream", strlen("stream")); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + if (ptr != NULL && ptr->stream != NULL) { + str = ptr->stream; + } + stat = reformat_string(g, str, strlen(str)); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + } + if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) ||(ptr != NULL && ptr->time != NULL)) { + char *str = ""; + stat = reformat_map_key(g, "time", strlen("time")); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + if (ptr != NULL && ptr->time != NULL) { + str = ptr->time; + } + stat = reformat_string(g, str, strlen(str)); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + } + if ((ctx->options & GEN_OPTIONS_ALLKEYVALUE) || (ptr != NULL && ptr->attrs != NULL && ptr->attrs_len)) { + const char *str = ""; + size_t len = 0; + stat = reformat_map_key(g, "attrs", strlen("attrs")); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + if (ptr != NULL && ptr->attrs != NULL) { + str = (const char *)ptr->attrs; + len = ptr->attrs_len; + } + stat = reformat_string(g, str, len); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + } + stat = reformat_end_map(g); + if (yajl_gen_status_ok != stat) + GEN_SET_ERROR_AND_RETURN(stat, err); + return yajl_gen_status_ok; } logger_json_file *logger_json_file_parse_file(const char *filename, struct parser_context *ctx, parser_error *err) { - logger_json_file *ptr; - size_t filesize; - char *content = NULL; - - if (filename == NULL || err == NULL) - return NULL; - - *err = NULL; - content = read_file(filename, &filesize); - if (content == NULL) { - if (asprintf(err, "cannot read the file: %s", filename) < 0) - *err = safe_strdup("error allocating memory"); - return NULL; - } - ptr = logger_json_file_parse_data(content, ctx, err); - free(content); - return ptr; + logger_json_file *ptr = NULL; + size_t filesize; + char *content = NULL; + + if (filename == NULL || err == NULL) + return NULL; + + *err = NULL; + content = read_file(filename, &filesize); + if (content == NULL) { + if (asprintf(err, "cannot read the file: %s", filename) < 0) + *err = safe_strdup("error allocating memory"); + return NULL; + } + ptr = logger_json_file_parse_data(content, ctx, err); + free(content); + return ptr; } logger_json_file *logger_json_file_parse_file_stream(FILE *stream, struct parser_context *ctx, parser_error *err) { - logger_json_file *ptr; - size_t filesize; - char *content = NULL ; - - if (stream == NULL || err == NULL) - return NULL; - - *err = NULL; - content = fread_file(stream, &filesize); - if (content == NULL) { - *err = safe_strdup("cannot read the file"); - return NULL; - } - ptr = logger_json_file_parse_data(content, ctx, err); - free(content); - return ptr; + logger_json_file *ptr = NULL; + size_t filesize; + char *content = NULL ; + + if (stream == NULL || err == NULL) + return NULL; + + *err = NULL; + content = fread_file(stream, &filesize); + if (content == NULL) { + *err = safe_strdup("cannot read the file"); + return NULL; + } + ptr = logger_json_file_parse_data(content, ctx, err); + free(content); + return ptr; } logger_json_file *logger_json_file_parse_data(const char *jsondata, struct parser_context *ctx, parser_error *err) { - logger_json_file *ptr; - yajl_val tree; - char errbuf[1024]; - struct parser_context tmp_ctx; - - if (jsondata == NULL || err == NULL) - return NULL; - - *err = NULL; - if (ctx == NULL) { - ctx = &tmp_ctx; - memset(&tmp_ctx, 0, sizeof(tmp_ctx)); - } - tree = yajl_tree_parse(jsondata, errbuf, sizeof(errbuf)); - if (tree == NULL) { - if (asprintf(err, "cannot parse the data: %s", errbuf) < 0) - *err = safe_strdup("error allocating memory"); - return NULL; - } - ptr = make_logger_json_file(tree, ctx, err); - yajl_tree_free(tree); - return ptr; + logger_json_file *ptr = NULL; + yajl_val tree; + char errbuf[1024]; + struct parser_context tmp_ctx; + + if (jsondata == NULL || err == NULL) + return NULL; + + *err = NULL; + if (ctx == NULL) { + ctx = &tmp_ctx; + memset(&tmp_ctx, 0, sizeof(tmp_ctx)); + } + tree = yajl_tree_parse(jsondata, errbuf, sizeof(errbuf)); + if (tree == NULL) { + if (asprintf(err, "cannot parse the data: %s", errbuf) < 0) + *err = safe_strdup("error allocating memory"); + return NULL; + } + ptr = make_logger_json_file(tree, ctx, err); + yajl_tree_free(tree); + return ptr; } char *logger_json_file_generate_json(logger_json_file *ptr, struct parser_context *ctx, parser_error *err) { - yajl_gen g = NULL; - struct parser_context tmp_ctx; - const unsigned char *gen_buf = NULL; - char *json_buf = NULL; - size_t gen_len = 0; - - if (ptr == NULL || err == NULL) - return NULL; - - *err = NULL; - if (ctx == NULL) { - ctx = &tmp_ctx; - memset(&tmp_ctx, 0, sizeof(tmp_ctx)); - } - - if (!json_gen_init(&g, ctx)) { - *err = safe_strdup("Json_gen init failed"); - goto out; - } - if (yajl_gen_status_ok != gen_logger_json_file(g, ptr, ctx, err)) { - if (*err == NULL) - *err = safe_strdup("Failed to generate json"); - goto free_out; - } - yajl_gen_get_buf(g, &gen_buf, &gen_len); - if (gen_buf == NULL) { - *err = safe_strdup("Error to get generated json"); - goto free_out; - } - - json_buf = safe_malloc(gen_len + 1); - memcpy(json_buf, gen_buf, gen_len); - json_buf[gen_len] = '\0'; + yajl_gen g = NULL; + struct parser_context tmp_ctx; + const unsigned char *gen_buf = NULL; + char *json_buf = NULL; + size_t gen_len = 0; + + if (ptr == NULL || err == NULL) + return NULL; + + *err = NULL; + if (ctx == NULL) { + ctx = &tmp_ctx; + memset(&tmp_ctx, 0, sizeof(tmp_ctx)); + } + + if (!json_gen_init(&g, ctx)) { + *err = safe_strdup("Json_gen init failed"); + goto out; + } + if (yajl_gen_status_ok != gen_logger_json_file(g, ptr, ctx, err)) { + if (*err == NULL) + *err = safe_strdup("Failed to generate json"); + goto free_out; + } + yajl_gen_get_buf(g, &gen_buf, &gen_len); + if (gen_buf == NULL) { + *err = safe_strdup("Error to get generated json"); + goto free_out; + } + + json_buf = safe_malloc(gen_len + 1); + memcpy(json_buf, gen_buf, gen_len); + json_buf[gen_len] = '\0'; free_out: - yajl_gen_clear(g); - yajl_gen_free(g); + yajl_gen_clear(g); + yajl_gen_free(g); out: - return json_buf; + return json_buf; } diff --git a/src/lxc/json/read-file.c b/src/lxc/json/read-file.c index ad0eda1..70e73e5 100644 --- a/src/lxc/json/read-file.c +++ b/src/lxc/json/read-file.c @@ -16,79 +16,80 @@ char *fread_file(FILE *stream, size_t *length) { - char *buf = NULL, *tmpbuf = NULL; - size_t off = 0; - - while (1) { - size_t ret, newsize; - - newsize = off + BUFSIZ + 1; - tmpbuf = (char *)calloc(1, newsize); - if (tmpbuf == NULL) { - goto out; - } - - if (buf) { - memcpy(tmpbuf, buf, off); - - memset(buf, 0, off); - - free(buf); - } - - buf = tmpbuf; - ret = fread(buf + off, 1, BUFSIZ, stream); - if (!ret && ferror(stream)) { - tmpbuf = NULL; - goto out; - } - if (ret < BUFSIZ || feof(stream)) { - *length = off + ret + 1; - buf[*length - 1] = '\0'; - return buf; - } - off += BUFSIZ; - } + char *buf = NULL, *tmpbuf = NULL; + size_t off = 0; + + while (1) { + size_t ret, newsize; + + newsize = off + BUFSIZ + 1; + tmpbuf = (char *)calloc(1, newsize); + if (tmpbuf == NULL) { + goto out; + } + + if (buf) { + memcpy(tmpbuf, buf, off); + + memset(buf, 0, off); + + free(buf); + } + + buf = tmpbuf; + ret = fread(buf + off, 1, BUFSIZ, stream); + if (!ret && ferror(stream)) { + tmpbuf = NULL; + goto out; + } + if (ret < BUFSIZ || feof(stream)) { + *length = off + ret + 1; + buf[*length - 1] = '\0'; + return buf; + } + off += BUFSIZ; + } out: - if (buf) { - free(buf); - } - if (tmpbuf) { - free(tmpbuf); - } - return NULL; + if (buf) { + free(buf); + } + if (tmpbuf) { + free(tmpbuf); + } + return NULL; } char *read_file(const char *path, size_t *length) { - char *buf = NULL; - char rpath[PATH_MAX + 1] = {0}; - int fd, tmperrno; - FILE *fp; - - if (!path || !length) { - return NULL; - } - - if (strlen(path) > PATH_MAX || NULL == realpath(path, rpath)) { - return NULL; - } - - fd = open(rpath, O_RDONLY | O_CLOEXEC, 0640); - if (fd < 0) { - return NULL; - } - - fp = fdopen(fd, "r"); - tmperrno = errno; - if (!fp) { - close(fd); - errno = tmperrno; - return NULL; - } - - buf = fread_file(fp, length); - fclose(fp); - return buf; + char *buf = NULL; + char rpath[PATH_MAX + 1] = {0}; + int fd = -1; + int tmperrno; + FILE *fp = NULL; + + if (!path || !length) { + return NULL; + } + + if (strlen(path) > PATH_MAX || NULL == realpath(path, rpath)) { + return NULL; + } + + fd = open(rpath, O_RDONLY | O_CLOEXEC, 0640); + if (fd < 0) { + return NULL; + } + + fp = fdopen(fd, "r"); + tmperrno = errno; + if (!fp) { + close(fd); + errno = tmperrno; + return NULL; + } + + buf = fread_file(fp, length); + fclose(fp); + return buf; } diff --git a/src/lxc/log.c b/src/lxc/log.c index 91fb7ef..e598a5f 100644 --- a/src/lxc/log.c +++ b/src/lxc/log.c @@ -157,7 +157,7 @@ static int isulad_open_fifo(const char *file_path) #define LOG_FIFO_SIZE (1024 * 1024) int fd = -1; - fd = lxc_unpriv(open(file_path, O_RDWR | O_NONBLOCK | O_CLOEXEC, 0640)); + fd = lxc_unpriv(lxc_open(file_path, O_RDWR | O_NONBLOCK | O_CLOEXEC, 0640)); if (fd == -1) { fprintf(stderr, "Open fifo %s failed: %s\n", file_path, strerror(errno)); return -1; @@ -174,7 +174,7 @@ static int isulad_open_fifo(const char *file_path) /*---------------------------------------------------------------------------*/ static int log_append_syslog(const struct lxc_log_appender *appender, - struct lxc_log_event *event) + struct lxc_log_event *event) { char *msg; const char *log_container_name; @@ -189,7 +189,7 @@ static int log_append_syslog(const struct lxc_log_appender *appender, return 0; syslog(lxc_log_priority_to_syslog(event->priority), - "%s%s %s - %s:%s:%d - %s" , + "%s%s %s - %s:%s:%d - %s", log_container_name ? log_container_name : "", log_container_name ? ":" : "", event->category, @@ -203,7 +203,7 @@ static int log_append_syslog(const struct lxc_log_appender *appender, /*---------------------------------------------------------------------------*/ static int log_append_stderr(const struct lxc_log_appender *appender, - struct lxc_log_event *event) + struct lxc_log_event *event) { const char *log_container_name; @@ -227,7 +227,7 @@ static int log_append_stderr(const struct lxc_log_appender *appender, static int lxc_unix_epoch_to_utc(char *buf, size_t bufsize, const struct timespec *time) { int64_t epoch_to_days, z, era, doe, yoe, year, doy, mp, day, month, - d_in_s, hours, h_in_s, minutes, seconds; + d_in_s, hours, h_in_s, minutes, seconds; char nanosec[INTTYPE_TO_STRLEN(int64_t)]; int ret; @@ -313,9 +313,9 @@ static int lxc_unix_epoch_to_utc(char *buf, size_t bufsize, const struct timespe * digit precision. */ ret = snprintf(buf, bufsize, - "%" PRId64 "%02" PRId64 "%02" PRId64 "%02" PRId64 - "%02" PRId64 "%02" PRId64 ".%.3s", - year, month, day, hours, minutes, seconds, nanosec); + "%" PRId64 "%02" PRId64 "%02" PRId64 "%02" PRId64 + "%02" PRId64 "%02" PRId64 ".%.3s", + year, month, day, hours, minutes, seconds, nanosec); if (ret < 0 || (size_t)ret >= bufsize) return -1; @@ -343,15 +343,15 @@ static int lxc_unix_epoch_to_utc(char *buf, size_t bufsize, const struct timespe * to make it pretty. Pretty might cost you thread-safety. */ static int log_append_logfile(const struct lxc_log_appender *appender, - struct lxc_log_event *event) + struct lxc_log_event *event) { char buffer[LXC_LOG_BUFFER_SIZE]; char date_time[LXC_LOG_TIME_SIZE]; int n; ssize_t ret; int fd_to_use = -1; - const char *log_container_name; - const char *isulad_prefix; + const char *log_container_name = NULL; + const char *isulad_prefix = NULL; size_t isulad_len = 0; #ifndef NO_LXC_CONF @@ -377,13 +377,13 @@ static int log_append_logfile(const struct lxc_log_appender *appender, } isulad_prefix = log_container_name ? (log_container_name + isulad_len) : log_prefix; n = snprintf(buffer, sizeof(buffer), - "%15s %s %-8s %s - %s:%s:%d - ", - isulad_prefix, - date_time, - lxc_log_priority_to_string(event->priority), - event->category, - event->locinfo->file, event->locinfo->func, - event->locinfo->line); + "%15s %s %-8s %s - %s:%s:%d - ", + isulad_prefix, + date_time, + lxc_log_priority_to_string(event->priority), + event->category, + event->locinfo->file, event->locinfo->func, + event->locinfo->line); if (n < 0) return n; @@ -405,7 +405,7 @@ static int log_append_logfile(const struct lxc_log_appender *appender, #if HAVE_DLOG static int log_append_dlog(const struct lxc_log_appender *appender, - struct lxc_log_event *event) + struct lxc_log_event *event) { char *msg = lxc_log_get_va_msg(event); const char *log_container_name = lxc_log_get_container_name(); @@ -643,10 +643,10 @@ static int __lxc_log_set_file(const char *fname, int create_dirs) */ if (create_dirs) #endif - if (build_dir(fname)) { - SYSERROR("Failed to create dir for log file \"%s\"", fname); - return -1; - } + if (build_dir(fname)) { + SYSERROR("Failed to create dir for log file \"%s\"", fname); + return -1; + } if (isulad_use_log_fifo_flag) { lxc_log_fd = isulad_open_fifo(fname); @@ -685,7 +685,7 @@ int lxc_log_init(struct lxc_log *log) { int ret; int lxc_priority = LXC_LOG_LEVEL_ERROR; - const char *tmp_log_fname; + const char *tmp_log_fname = NULL; if (!log) return -1; diff --git a/src/lxc/lxccontainer.c b/src/lxc/lxccontainer.c index e0c4de3..e32f524 100644 --- a/src/lxc/lxccontainer.c +++ b/src/lxc/lxccontainer.c @@ -111,7 +111,7 @@ static const char *lxcapi_get_config_path(struct lxc_container *c); #define do_lxcapi_get_config_path(c) lxcapi_get_config_path(c) static bool do_lxcapi_set_config_item(struct lxc_container *c, const char *key, const char *v); static bool container_destroy(struct lxc_container *c, - struct lxc_storage *storage); + struct lxc_storage *storage); static bool get_snappath_dir(struct lxc_container *c, char *snappath); static bool lxcapi_snapshot_destroy_all(struct lxc_container *c); static bool do_lxcapi_save_config(struct lxc_container *c, const char *alt_file); @@ -551,7 +551,7 @@ static int do_lxcapi_console_getfd(struct lxc_container *c, int *ttynum, int *ma WRAP_API_2(int, lxcapi_console_getfd, int *, int *) static int lxcapi_console(struct lxc_container *c, int ttynum, int stdinfd, - int stdoutfd, int stderrfd, int escape) + int stdoutfd, int stderrfd, int escape) { int ret; @@ -619,7 +619,7 @@ static bool load_config_locked(struct lxc_container *c, const char *fname) static bool load_ocihooks_locked(struct lxc_container *c) { parser_error err = NULL; - oci_runtime_spec_hooks *hooks; + oci_runtime_spec_hooks *hooks = NULL; if (!c->lxc_conf) c->lxc_conf = lxc_conf_init(); @@ -755,7 +755,7 @@ static bool do_lxcapi_want_close_all_fds(struct lxc_container *c, bool state) WRAP_API_1(bool, lxcapi_want_close_all_fds, bool) static bool do_lxcapi_wait(struct lxc_container *c, const char *state, - int timeout) + int timeout) { int ret; @@ -833,7 +833,7 @@ static char **split_init_cmd(const char *incmd) argv[0] = NULL; lxc_iterate_parts(p, copy, " ") - push_arg(&argv, p, &nargs); + push_arg(&argv, p, &nargs); if (nargs == 0) { free(argv); @@ -1116,7 +1116,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a keepfds[2] = handler->state_socket_pair[1]; keepfds[4] = conf->errpipe[1]; ret = lxc_check_inherited(conf, true, keepfds, - sizeof(keepfds) / sizeof(keepfds[0])); + sizeof(keepfds) / sizeof(keepfds[0])); if (ret < 0) _exit(EXIT_FAILURE); @@ -1176,7 +1176,7 @@ static bool do_lxcapi_start(struct lxc_container *c, int useinit, char * const a /* isulad: open exit fifo */ if (c->exit_fifo) { - conf->exit_fd = open(c->exit_fifo, O_WRONLY | O_NONBLOCK | O_CLOEXEC); + conf->exit_fd = lxc_open(c->exit_fifo, O_WRONLY | O_NONBLOCK | O_CLOEXEC, 0); if (conf->exit_fd < 0) { ERROR("Failed to open exit fifo %s: %s.", c->exit_fifo, strerror(errno)); ret = 1; @@ -1226,7 +1226,7 @@ reboot: if (c->daemonize) keepfds[4] = conf->errpipe[1]; ret = lxc_check_inherited(conf, c->daemonize, keepfds, - sizeof(keepfds) / sizeof(keepfds[0])); + sizeof(keepfds) / sizeof(keepfds[0])); if (ret < 0) { lxc_free_handler(handler); ret = 1; @@ -1235,12 +1235,12 @@ reboot: if (useinit) { ret = lxc_execute(c->name, argv, 1, handler, c->config_path, - c->daemonize, &c->error_num, c->start_timeout); + c->daemonize, &c->error_num, c->start_timeout); } else { handler->disable_pty = c->disable_pty; handler->open_stdin = c->open_stdin; ret = lxc_start(c->name, argv, handler, c->config_path, - c->daemonize, &c->error_num, c->start_timeout); + c->daemonize, &c->error_num, c->start_timeout); } if (conf->reboot == REBOOT_REQ) { @@ -1269,7 +1269,7 @@ on_error: } static bool lxcapi_start(struct lxc_container *c, int useinit, - char *const argv[]) + char *const argv[]) { bool ret; @@ -1390,8 +1390,8 @@ static bool create_container_dir(struct lxc_container *c) * storage_create(), it returns a mounted bdev on success, NULL on error. */ static struct lxc_storage *do_storage_create(struct lxc_container *c, - const char *type, - struct bdev_specs *specs) + const char *type, + struct bdev_specs *specs) { int ret; size_t len; @@ -1400,7 +1400,7 @@ static struct lxc_storage *do_storage_create(struct lxc_container *c, /* rootfs.path or lxcpath/lxcname/rootfs */ if (c->lxc_conf->rootfs.path && - (access(c->lxc_conf->rootfs.path, F_OK) == 0)) { + (access(c->lxc_conf->rootfs.path, F_OK) == 0)) { const char *rpath = c->lxc_conf->rootfs.path; len = strlen(rpath) + 1; dest = alloca(len); @@ -1454,7 +1454,7 @@ static char *lxcbasename(char *path) } static bool create_run_template(struct lxc_container *c, char *tpath, - bool need_null_stdfds, char *const argv[]) + bool need_null_stdfds, char *const argv[]) { int ret; pid_t pid; @@ -1515,7 +1515,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, } if (strcmp(bdev->type, "overlay") == 0 || - strcmp(bdev->type, "overlayfs") == 0) { + strcmp(bdev->type, "overlayfs") == 0) { /* If we create an overlay container we need to * rsync the contents into * //rootfs. @@ -1535,7 +1535,9 @@ static bool create_run_template(struct lxc_container *c, char *tpath, */ char *src; - src = ovl_get_rootfs(bdev->src, &(size_t){0}); + src = ovl_get_rootfs(bdev->src, &(size_t) { + 0 + }); if (!src) { ERROR("Failed to get rootfs"); _exit(EXIT_FAILURE); @@ -1654,8 +1656,8 @@ static bool create_run_template(struct lxc_container *c, char *tpath, _exit(EXIT_FAILURE); ret = snprintf(n2[n2args - 1], 200, "%c:%lu:%lu:%lu", - map->idtype == ID_TYPE_UID ? 'u' : 'g', - map->nsid, map->hostid, map->range); + map->idtype == ID_TYPE_UID ? 'u' : 'g', + map->nsid, map->hostid, map->range); if (ret < 0 || ret >= 200) _exit(EXIT_FAILURE); } @@ -1682,7 +1684,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, } ret = snprintf(n2[n2args - 1], 200, "u:%d:%d:1", - hostuid_mapped, geteuid()); + hostuid_mapped, geteuid()); if (ret < 0 || ret >= 200) _exit(EXIT_FAILURE); } @@ -1709,7 +1711,7 @@ static bool create_run_template(struct lxc_container *c, char *tpath, } ret = snprintf(n2[n2args - 1], 200, "g:%d:%d:1", - hostgid_mapped, getegid()); + hostgid_mapped, getegid()); if (ret < 0 || ret >= 200) _exit(EXIT_FAILURE); } @@ -1915,8 +1917,8 @@ static void lxcapi_clear_config(struct lxc_container *c) * arguments, you can just pass NULL. */ static bool do_lxcapi_create(struct lxc_container *c, const char *t, - const char *bdevtype, struct bdev_specs *specs, - int flags, char *const argv[]) + const char *bdevtype, struct bdev_specs *specs, + int flags, char *const argv[]) { int partial_fd; mode_t mask; @@ -1940,7 +1942,7 @@ static bool do_lxcapi_create(struct lxc_container *c, const char *t, * existing container. Return an error, but do NOT delete the container. */ if (do_lxcapi_is_defined(c) && c->lxc_conf && c->lxc_conf->rootfs.path && - access(c->lxc_conf->rootfs.path, F_OK) == 0 && tpath) { + access(c->lxc_conf->rootfs.path, F_OK) == 0 && tpath) { ERROR("Container \"%s\" already exists in \"%s\"", c->name, c->config_path); goto free_tpath; @@ -2072,8 +2074,8 @@ free_tpath: } static bool lxcapi_create(struct lxc_container *c, const char *t, - const char *bdevtype, struct bdev_specs *specs, - int flags, char *const argv[]) + const char *bdevtype, struct bdev_specs *specs, + int flags, char *const argv[]) { bool ret; @@ -2140,7 +2142,7 @@ static bool do_lxcapi_reboot2(struct lxc_container *c, int timeout) if (timeout != 0) { states[RUNNING] = 2; ret = lxc_cmd_add_state_client(c->name, c->config_path, states, - &state_client_fd); + &state_client_fd); if (ret < 0) return false; @@ -2209,7 +2211,7 @@ static bool do_lxcapi_shutdown(struct lxc_container *c, int timeout) if (timeout != 0) { states[STOPPED] = 1; ret = lxc_cmd_add_state_client(c->name, c->config_path, states, - &state_client_fd); + &state_client_fd); if (ret < 0) return false; @@ -2252,7 +2254,7 @@ static bool do_lxcapi_shutdown(struct lxc_container *c, int timeout) WRAP_API_1(bool, lxcapi_shutdown, int) static bool lxcapi_createl(struct lxc_container *c, const char *t, - const char *bdevtype, struct bdev_specs *specs, int flags, ...) + const char *bdevtype, struct bdev_specs *specs, int flags, ...) { bool bret = false; char **args = NULL; @@ -2300,7 +2302,9 @@ static void do_clear_unexp_config_line(struct lxc_conf *conf, const char *key) const char *idx; idx = key + 8; - ret = lxc_safe_uint(idx, &(unsigned int){0}); + ret = lxc_safe_uint(idx, &(unsigned int) { + 0 + }); if (!ret) return clear_unexp_config_line(conf, key, true); } @@ -2312,7 +2316,7 @@ static void do_clear_unexp_config_line(struct lxc_conf *conf, const char *key) } static bool do_lxcapi_clear_config_item(struct lxc_container *c, - const char *key) + const char *key) { int ret = 1; struct lxc_config_t *config; @@ -2344,7 +2348,7 @@ static inline bool enter_net_ns(struct lxc_container *c) pid_t pid = do_lxcapi_init_pid(c); if ((geteuid() != 0 || (c->lxc_conf && !lxc_list_empty(&c->lxc_conf->id_map))) && - (access("/proc/self/ns/user", F_OK) == 0)) + (access("/proc/self/ns/user", F_OK) == 0)) if (!switch_to_ns(pid, "user")) return false; @@ -2359,7 +2363,7 @@ static inline int string_cmp(char **first, char **second) /* Used by qsort and bsearch functions for comparing container names. */ static inline int container_cmp(struct lxc_container **first, - struct lxc_container **second) + struct lxc_container **second) { return strcmp((*first)->name, (*second)->name); } @@ -2385,7 +2389,7 @@ static bool add_to_array(char ***names, char *cname, int pos) } static bool add_to_clist(struct lxc_container ***list, struct lxc_container *c, - int pos, bool sort) + int pos, bool sort) { struct lxc_container **newlist = realloc(*list, (pos + 1) * sizeof(struct lxc_container *)); if (!newlist) { @@ -2459,14 +2463,16 @@ static char **do_lxcapi_get_interfaces(struct lxc_container *c) } /* Grab the list of interfaces */ - if (netns_getifaddrs(&interfaceArray, -1, &(bool){false})) { + if (netns_getifaddrs(&interfaceArray, -1, &(bool) { + false + })) { SYSERROR("Failed to get interfaces list"); goto out; } /* Iterate through the interfaces */ for (tempIfAddr = interfaceArray; tempIfAddr != NULL; - tempIfAddr = tempIfAddr->ifa_next) { + tempIfAddr = tempIfAddr->ifa_next) { nbytes = lxc_write_nointr(pipefd[1], tempIfAddr->ifa_name, IFNAMSIZ); if (nbytes < 0) goto out; @@ -2476,7 +2482,7 @@ static char **do_lxcapi_get_interfaces(struct lxc_container *c) ret = 0; - out: +out: if (interfaceArray) netns_freeifaddrs(interfaceArray); @@ -2521,7 +2527,7 @@ static char **do_lxcapi_get_interfaces(struct lxc_container *c) WRAP_API(char **, lxcapi_get_interfaces) static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface, - const char *family, int scope) + const char *family, int scope) { int i, ret; pid_t pid; @@ -2561,14 +2567,16 @@ static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface, } /* Grab the list of interfaces */ - if (netns_getifaddrs(&interfaceArray, -1, &(bool){false})) { + if (netns_getifaddrs(&interfaceArray, -1, &(bool) { + false + })) { SYSERROR("Failed to get interfaces list"); goto out; } /* Iterate through the interfaces */ for (tempIfAddr = interfaceArray; tempIfAddr; - tempIfAddr = tempIfAddr->ifa_next) { + tempIfAddr = tempIfAddr->ifa_next) { if (tempIfAddr->ifa_addr == NULL) continue; @@ -2598,15 +2606,15 @@ static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface, continue; address = (char *)inet_ntop(tempIfAddr->ifa_addr->sa_family, - tempAddrPtr, addressOutputBuffer, - sizeof(addressOutputBuffer)); + tempAddrPtr, addressOutputBuffer, + sizeof(addressOutputBuffer)); if (!address) continue; nbytes = lxc_write_nointr(pipefd[1], address, INET6_ADDRSTRLEN); if (nbytes != INET6_ADDRSTRLEN) { SYSERROR("Failed to send ipv6 address \"%s\"", - address); + address); goto out; } @@ -2615,7 +2623,7 @@ static char **do_lxcapi_get_ips(struct lxc_container *c, const char *interface, ret = 0; - out: +out: if (interfaceArray) netns_freeifaddrs(interfaceArray); @@ -2766,7 +2774,7 @@ static bool do_lxcapi_save_config(struct lxc_container *c, const char *alt_file) return false; fd = open(alt_file, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC, - S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); if (fd < 0) goto on_error; @@ -2926,7 +2934,7 @@ void mod_all_rdeps(struct lxc_container *c, bool inc) int ret; ret = snprintf(path, PATH_MAX, "%s/%s/lxc_rdepends", - c->config_path, c->name); + c->config_path, c->name); if (ret < 0 || ret >= PATH_MAX) { ERROR("Path name too long"); return; @@ -2947,13 +2955,13 @@ void mod_all_rdeps(struct lxc_container *c, bool inc) if ((p = lxc_container_new(lxcname, lxcpath)) == NULL) { ERROR("Unable to find dependent container %s:%s", - lxcpath, lxcname); + lxcpath, lxcname); continue; } if (!mod_rdep(p, c, inc)) ERROR("Failed to update snapshots file for %s:%s", - lxcpath, lxcname); + lxcpath, lxcname); lxc_container_put(p); } @@ -2973,7 +2981,7 @@ static bool has_fs_snapshots(struct lxc_container *c) bool bret = false; ret = snprintf(path, PATH_MAX, "%s/%s/lxc_snapshots", c->config_path, - c->name); + c->name); if (ret < 0 || ret > PATH_MAX) goto out; @@ -3033,7 +3041,7 @@ static bool do_destroy_container(struct lxc_conf *conf) { if (am_guest_unpriv()) { ret = userns_exec_full(conf, storage_destroy_wrapper, conf, - "storage_destroy_wrapper"); + "storage_destroy_wrapper"); if (ret < 0) return false; @@ -3056,7 +3064,7 @@ static int lxc_unlink_exec_wrapper(void *data) } static bool container_destroy(struct lxc_container *c, - struct lxc_storage *storage) + struct lxc_storage *storage) { const char *p1; size_t len; @@ -3154,15 +3162,15 @@ static bool container_destroy(struct lxc_container *c, * cannot be removed when restoring from a snapshot. */ if (storage && (!strcmp(storage->type, "overlay") || - !strcmp(storage->type, "overlayfs")) && - (storage->flags & LXC_STORAGE_INTERNAL_OVERLAY_RESTORE)) { + !strcmp(storage->type, "overlayfs")) && + (storage->flags & LXC_STORAGE_INTERNAL_OVERLAY_RESTORE)) { ret = snprintf(path, len, "%s/%s/config", p1, c->name); if (ret < 0 || (size_t)ret >= len) goto out; if (am_guest_unpriv()) ret = userns_exec_1(conf, lxc_unlink_exec_wrapper, path, - "lxc_unlink_exec_wrapper"); + "lxc_unlink_exec_wrapper"); else ret = unlink(path); if (ret < 0) { @@ -3182,7 +3190,7 @@ static bool container_destroy(struct lxc_container *c, if (am_guest_unpriv()) ret = userns_exec_full(conf, lxc_rmdir_onedev_wrapper, path, - "lxc_rmdir_onedev_wrapper"); + "lxc_rmdir_onedev_wrapper"); else ret = lxc_rmdir_onedev(path, "snaps"); if (ret < 0) { @@ -3245,7 +3253,7 @@ static bool do_lxcapi_destroy_with_snapshots(struct lxc_container *c) WRAP_API(bool, lxcapi_destroy_with_snapshots) int lxc_set_config_item_locked(struct lxc_conf *conf, const char *key, - const char *v) + const char *v) { int ret; struct lxc_config_t *config; @@ -3270,7 +3278,7 @@ int lxc_set_config_item_locked(struct lxc_conf *conf, const char *key, } static bool do_set_config_item_locked(struct lxc_container *c, const char *key, - const char *v) + const char *v) { int ret; @@ -3360,7 +3368,7 @@ static bool set_config_filename(struct lxc_container *c) static bool set_oci_hook_config_filename(struct lxc_container *c) { #define OCI_HOOK_JSON_FILE_NAME "ocihooks.json" - char *newpath; + char *newpath = NULL; int len, ret; if (!c->config_path) @@ -3466,7 +3474,7 @@ static int do_lxcapi_get_cgroup_item(struct lxc_container *c, const char *subsys return -1; ret = cgroup_ops->get(cgroup_ops, subsys, retv, inlen, c->name, - c->config_path); + c->config_path); cgroup_exit(cgroup_ops); @@ -3578,7 +3586,7 @@ static int copyhooks(struct lxc_container *oldc, struct lxc_container *c) /* copy the script, and change the entry in confile */ ret = snprintf(tmppath, PATH_MAX, "%s/%s/%s", - c->config_path, c->name, fname+1); + c->config_path, c->name, fname+1); if (ret < 0 || ret >= PATH_MAX) return -1; @@ -3597,7 +3605,7 @@ static int copyhooks(struct lxc_container *oldc, struct lxc_container *c) } if (!clone_update_unexp_hooks(c->lxc_conf, oldc->config_path, - c->config_path, oldc->name, c->name)) { + c->config_path, oldc->name, c->name)) { ERROR("Error saving new hooks in clone"); return -1; } @@ -3623,7 +3631,7 @@ static int copy_fstab(struct lxc_container *oldc, struct lxc_container *c) return -1; ret = snprintf(newpath, PATH_MAX, "%s/%s%s", - c->config_path, c->name, p); + c->config_path, c->name, p); if (ret < 0 || ret >= PATH_MAX) { ERROR("error printing new path for %s", oldpath); return -1; @@ -3661,14 +3669,14 @@ static void copy_rdepends(struct lxc_container *c, struct lxc_container *c0) int ret; ret = snprintf(path0, PATH_MAX, "%s/%s/lxc_rdepends", c0->config_path, - c0->name); + c0->name); if (ret < 0 || ret >= PATH_MAX) { WARN("Error copying reverse dependencies"); return; } ret = snprintf(path1, PATH_MAX, "%s/%s/lxc_rdepends", c->config_path, - c->name); + c->name); if (ret < 0 || ret >= PATH_MAX) { WARN("Error copying reverse dependencies"); return; @@ -3688,7 +3696,7 @@ static bool add_rdepends(struct lxc_container *c, struct lxc_container *c0) bool bret; ret = snprintf(path, PATH_MAX, "%s/%s/lxc_rdepends", c->config_path, - c->name); + c->name); if (ret < 0 || ret >= PATH_MAX) return false; @@ -3714,7 +3722,7 @@ static bool add_rdepends(struct lxc_container *c, struct lxc_container *c0) * Currently we only do this for btrfs. */ bool should_default_to_snapshot(struct lxc_container *c0, - struct lxc_container *c1) + struct lxc_container *c1) { int ret; size_t l0 = strlen(c0->config_path) + strlen(c0->name) + 2; @@ -3741,8 +3749,8 @@ bool should_default_to_snapshot(struct lxc_container *c0, } static int copy_storage(struct lxc_container *c0, struct lxc_container *c, - const char *newtype, int flags, const char *bdevdata, - uint64_t newsize) + const char *newtype, int flags, const char *bdevdata, + uint64_t newsize) { struct lxc_storage *bdev; bool need_rdep; @@ -3751,7 +3759,7 @@ static int copy_storage(struct lxc_container *c0, struct lxc_container *c, flags |= LXC_CLONE_SNAPSHOT; bdev = storage_copy(c0, c->name, c->config_path, newtype, flags, - bdevdata, newsize, &need_rdep); + bdevdata, newsize, &need_rdep); if (!bdev) { ERROR("Error copying storage."); return -1; @@ -3770,7 +3778,7 @@ static int copy_storage(struct lxc_container *c0, struct lxc_container *c, /* Append a new lxc.rootfs.path entry to the unexpanded config. */ clear_unexp_config_line(c->lxc_conf, "lxc.rootfs.path", false); if (!do_append_unexp_config_line(c->lxc_conf, "lxc.rootfs.path", - c->lxc_conf->rootfs.path)) { + c->lxc_conf->rootfs.path)) { ERROR("Error saving new rootfs to cloned config."); return -1; } @@ -3940,9 +3948,9 @@ static int create_file_dirname(char *path, struct lxc_conf *conf) } static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char *newname, - const char *lxcpath, int flags, - const char *bdevtype, const char *bdevdata, uint64_t newsize, - char **hookargs) + const char *lxcpath, int flags, + const char *bdevtype, const char *bdevdata, uint64_t newsize, + char **hookargs) { char newpath[PATH_MAX]; int fd, ret; @@ -3995,7 +4003,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char } fd = open(newpath, O_WRONLY | O_CREAT | O_CLOEXEC, - S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); + S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP); if (fd < 0) { SYSERROR("Failed to open \"%s\"", newpath); goto out; @@ -4033,7 +4041,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char * snapshot. */ if (errno != ENOENT && - !(flags & LXC_STORAGE_INTERNAL_OVERLAY_RESTORE)) { + !(flags & LXC_STORAGE_INTERNAL_OVERLAY_RESTORE)) { SYSERROR("Failed to create directory \"%s\"", newpath); goto out; } @@ -4049,7 +4057,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char c2 = lxc_container_new(newname, lxcpath); if (!c2) { ERROR("clone: failed to create new container (%s %s)", newname, - lxcpath); + lxcpath); goto out; } @@ -4122,7 +4130,7 @@ static struct lxc_container *do_lxcapi_clone(struct lxc_container *c, const char if (am_guest_unpriv()) ret = userns_exec_full(c->lxc_conf, clone_update_rootfs_wrapper, - &data, "clone_update_rootfs_wrapper"); + &data, "clone_update_rootfs_wrapper"); else ret = clone_update_rootfs(&data); if (ret < 0) @@ -4145,9 +4153,9 @@ out: } static struct lxc_container *lxcapi_clone(struct lxc_container *c, const char *newname, - const char *lxcpath, int flags, - const char *bdevtype, const char *bdevdata, uint64_t newsize, - char **hookargs) + const char *lxcpath, int flags, + const char *bdevtype, const char *bdevdata, uint64_t newsize, + char **hookargs) { struct lxc_container * ret; @@ -4331,7 +4339,7 @@ static int do_lxcapi_snapshot(struct lxc_container *c, const char *commentfile) * created in the original container */ flags = LXC_CLONE_SNAPSHOT | LXC_CLONE_KEEPMACADDR | LXC_CLONE_KEEPNAME | - LXC_CLONE_KEEPBDEVTYPE | LXC_CLONE_MAYBE_SNAPSHOT; + LXC_CLONE_KEEPBDEVTYPE | LXC_CLONE_MAYBE_SNAPSHOT; if (storage_is_dir(c->lxc_conf)) { ERROR("Snapshot of directory-backed container requested"); ERROR("Making a copy-clone. If you do want snapshots, then"); @@ -4601,7 +4609,7 @@ static bool do_lxcapi_snapshot_restore(struct lxc_container *c, const char *snap flags |= LXC_STORAGE_INTERNAL_OVERLAY_RESTORE; rest = lxcapi_clone(snap, newname, c->config_path, flags, bdev->type, - NULL, 0, NULL); + NULL, 0, NULL); storage_put(bdev); if (rest && lxcapi_is_defined(rest)) b = true; @@ -4714,7 +4722,7 @@ static bool do_lxcapi_may_control(struct lxc_container *c) WRAP_API(bool, lxcapi_may_control) static bool do_add_remove_node(pid_t init_pid, const char *path, bool add, - struct stat *st) + struct stat *st) { int ret; char *tmp; @@ -4865,8 +4873,8 @@ static bool do_lxcapi_remove_device_node(struct lxc_container *c, const char *sr WRAP_API_2(bool, lxcapi_remove_device_node, const char *, const char *) static bool do_lxcapi_attach_interface(struct lxc_container *c, - const char *ifname, - const char *dst_ifname) + const char *ifname, + const char *dst_ifname) { pid_t init_pid; int ret = 0; @@ -4904,8 +4912,8 @@ err: WRAP_API_2(bool, lxcapi_attach_interface, const char *, const char *) static bool do_lxcapi_detach_interface(struct lxc_container *c, - const char *ifname, - const char *dst_ifname) + const char *ifname, + const char *dst_ifname) { int ret; pid_t pid, pid_outside; @@ -4980,7 +4988,7 @@ static bool do_lxcapi_detach_interface(struct lxc_container *c, WRAP_API_2(bool, lxcapi_detach_interface, const char *, const char *) static int do_lxcapi_migrate(struct lxc_container *c, unsigned int cmd, - struct migrate_opts *opts, unsigned int size) + struct migrate_opts *opts, unsigned int size) { int ret = -1; struct migrate_opts *valid_opts = opts; @@ -5125,7 +5133,7 @@ out: /* isulad add set console fifos*/ static bool do_lxcapi_set_terminal_default_fifos(struct lxc_container *c, const char *in, const char *out, const char *err) { - struct lxc_conf *conf; + struct lxc_conf *conf = NULL; if (!c || !c->lxc_conf) return false; @@ -5160,7 +5168,7 @@ WRAP_API_3(bool, lxcapi_set_terminal_default_fifos, const char *, const char *, /* isulad add set info file path */ static bool do_lxcapi_set_container_info_file(struct lxc_container *c, const char *info_file) { - struct lxc_conf *conf; + struct lxc_conf *conf = NULL; if (!c || !c->lxc_conf || !info_file) return false; @@ -5263,16 +5271,16 @@ static int set_start_extral_configs(struct lxc_container *c) struct lxc_conf *lconf = c->lxc_conf; size_t i = 0; - if (lconf == NULL) { - c->lxc_conf = malloc(sizeof(struct lxc_conf)); - lconf = c->lxc_conf; - if (lconf == NULL) { - fprintf(stderr, "Out of memory\n"); - return -1; - } - } + if (lconf == NULL) { + c->lxc_conf = malloc(sizeof(struct lxc_conf)); + lconf = c->lxc_conf; + if (lconf == NULL) { + fprintf(stderr, "Out of memory\n"); + return -1; + } + } if (sprintf(fpath, "%s/%s/%s", c->config_path, c->name, START_GENERATE_CONFIG) < 0) { - fprintf(stderr, "Sprintf config path failed\n"); + fprintf(stderr, "Sprintf config path failed\n"); return -1; } if (!file_exists(fpath)) { @@ -5290,9 +5298,10 @@ static int set_start_extral_configs(struct lxc_container *c) lconf->init_gid = start_conf->gid; } if (start_conf->additional_gids != NULL && start_conf->additional_gids_len > 0) { - gid_t *tmp; - tmp = realloc(lconf->init_groups, (lconf->init_groups_len + start_conf->additional_gids_len) * sizeof(gid_t)); - if (tmp == NULL) { + gid_t *tmp = NULL; + ret = lxc_mem_realloc((void **)&tmp, (lconf->init_groups_len + start_conf->additional_gids_len) * sizeof(gid_t), + lconf->init_groups, (lconf->init_groups_len) * sizeof(gid_t)); + if (ret != 0) { fprintf(stderr, "Out of memory"); goto out; } @@ -5314,8 +5323,9 @@ out: static struct lxc_container *do_lxc_container_new(const char *name, const char *configpath, bool load_config) { - struct lxc_container *c; + struct lxc_container *c = NULL; size_t len; + const char *tmp = NULL; if (!name) return NULL; @@ -5327,10 +5337,17 @@ static struct lxc_container *do_lxc_container_new(const char *name, const char * } memset(c, 0, sizeof(*c)); - if (configpath) + if (configpath) { c->config_path = strdup(configpath); - else - c->config_path = strdup(lxc_global_config_value("lxc.lxcpath")); + } + else { + tmp = lxc_global_config_value("lxc.lxcpath"); + if (tmp == NULL) { + fprintf(stderr, "Failed to get lxc path for %s\n", name); + goto err; + } + c->config_path = strdup(tmp); + } if (!c->config_path) { fprintf(stderr, "Failed to allocate memory for %s\n", name); goto err; @@ -5534,7 +5551,7 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta c = lxc_container_new(direntp->d_name, lxcpath); if (!c) { INFO("Container %s:%s has a config but could not be loaded", - lxcpath, direntp->d_name); + lxcpath, direntp->d_name); if (names) if(!remove_from_array(names, direntp->d_name, cfound--)) @@ -5545,7 +5562,7 @@ int list_defined_containers(const char *lxcpath, char ***names, struct lxc_conta if (!do_lxcapi_is_defined(c)) { INFO("Container %s:%s has a config but is not defined", - lxcpath, direntp->d_name); + lxcpath, direntp->d_name); if (names) if(!remove_from_array(names, direntp->d_name, cfound--)) @@ -5584,7 +5601,7 @@ free_bad: } int list_active_containers(const char *lxcpath, char ***nret, - struct lxc_container ***cret) + struct lxc_container ***cret) { int i, ret = -1, cret_cnt = 0, ct_name_cnt = 0; int lxcpath_len; @@ -5680,7 +5697,7 @@ int list_active_containers(const char *lxcpath, char ***nret, c = lxc_container_new(p, lxcpath); if (!c) { INFO("Container %s:%s is running but could not be loaded", - lxcpath, p); + lxcpath, p); remove_from_array(&ct_name, p, ct_name_cnt--); if (is_hashed) @@ -5741,7 +5758,7 @@ out: } int list_all_containers(const char *lxcpath, char ***nret, - struct lxc_container ***cret) + struct lxc_container ***cret) { int i, ret, active_cnt, ct_cnt, ct_list_cnt; char **active_name; diff --git a/src/lxc/mainloop.c b/src/lxc/mainloop.c index 9603d1e..a127a13 100644 --- a/src/lxc/mainloop.c +++ b/src/lxc/mainloop.c @@ -65,7 +65,7 @@ int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms) * mainloop. */ ret = handler->callback(handler->fd, events[i].events, - handler->data, descr); + handler->data, descr); if (ret == LXC_MAINLOOP_CLOSE) return 0; } @@ -79,11 +79,11 @@ int lxc_mainloop(struct lxc_epoll_descr *descr, int timeout_ms) } int lxc_mainloop_add_handler(struct lxc_epoll_descr *descr, int fd, - lxc_mainloop_callback_t callback, void *data) + lxc_mainloop_callback_t callback, void *data) { struct epoll_event ev; - struct mainloop_handler *handler; - struct lxc_list *item; + struct mainloop_handler *handler = NULL; + struct lxc_list *item = NULL; if (fd < 0) return 0; diff --git a/src/lxc/path.c b/src/lxc/path.c index e917dcb..45ab4c3 100644 --- a/src/lxc/path.c +++ b/src/lxc/path.c @@ -10,6 +10,7 @@ #include "path.h" #include "log.h" +#include "utils.h" lxc_log_define(lxc_path_ui, lxc); @@ -29,6 +30,10 @@ bool specify_current_dir(const char *path) } bname = basename(basec); + if (bname == NULL) { + ERROR("Out of memory"); + return false; + } res = !strcmp(bname, "."); free(basec); return res; @@ -45,11 +50,15 @@ bool has_traling_path_separator(const char *path) // path already ends in a `.` path segment, then another is not added. If the // clean path already ends in a path separator, then another is not added. char *preserve_trailing_dot_or_separator(const char *cleanedpath, - const char *originalpath) + const char *originalpath) { char *respath = NULL; size_t len; + if (strlen(cleanedpath) > (SIZE_MAX - 3)) { + return NULL; + } + len = strlen(cleanedpath) + 3; respath = malloc(len); if (!respath) { @@ -66,7 +75,7 @@ char *preserve_trailing_dot_or_separator(const char *cleanedpath, } if (!has_traling_path_separator(respath) && - has_traling_path_separator(originalpath)) + has_traling_path_separator(originalpath)) strcat(respath, "/"); return respath; @@ -107,160 +116,373 @@ bool filepath_split(const char *path, char **dir, char **base) return true; } -/* - * cleanpath is similar to realpath of glibc, but not expands symbolic links, - * and not check the existence of components of the path. - */ -char *cleanpath(const char *path, char *resolved) + +static bool do_clean_path_continue(const char *endpos, const char *stpos, const char *respath, char **dst) { - char *rpath, *dest; - const char *start, *end, *rpath_limit; + if (endpos - stpos == 1 && stpos[0] == '.') { + return true; + } else if (endpos - stpos == 2 && stpos[0] == '.' && stpos[1] == '.') { + char *dest = *dst; + if (dest <= respath + 1) { + return true; + } + for (--dest; dest > respath && !ISSLASH(dest[-1]); --dest) { + *dst = dest; + return true; + } + *dst = dest; + return true; + } + return false; +} - if (path == NULL || path[0] == '\0') - return NULL; +int do_clean_path(const char *respath, const char *limit_respath, + const char *stpos, char **dst) +{ + char *dest = *dst; + const char *endpos = NULL; + errno_t ret; - if (resolved == NULL) { - rpath = malloc(PATH_MAX); - if (rpath == NULL) { - ERROR("Out of memory"); - return NULL; + for (endpos = stpos; *stpos; stpos = endpos) { + while (ISSLASH(*stpos)) { + ++stpos; } - } else { - rpath = resolved; + + for (endpos = stpos; *endpos && !ISSLASH(*endpos); ++endpos) { + } + + if (endpos - stpos == 0) { + break; + } else if (do_clean_path_continue(endpos, stpos, respath, &dest)) { + continue; + } + + if (!ISSLASH(dest[-1])) { + *dest++ = '/'; + } + + if (dest + (endpos - stpos) >= limit_respath) { + ERROR("Path is too long"); + if (dest > respath + 1) { + dest--; + } + *dest = '\0'; + return -1; + } + + memcpy(dest, stpos, (size_t)(endpos - stpos)); + dest += endpos - stpos; + *dest = '\0'; } - rpath_limit = rpath + PATH_MAX; + *dst = dest; + return 0; +} + +char *cleanpath(const char *path, char *realpath, size_t realpath_len) +{ + char *respath = NULL; + char *dest = NULL; + const char *stpos = NULL; + const char *limit_respath = NULL; + errno_t ret; + + if (path == NULL || path[0] == '\0' || \ + realpath == NULL || (realpath_len < PATH_MAX)) { + return NULL; + } + + respath = realpath; + + memset(respath, 0, realpath_len); + limit_respath = respath + PATH_MAX; if (!IS_ABSOLUTE_FILE_NAME(path)) { - if (!getcwd(rpath, PATH_MAX)) { + if (!getcwd(respath, PATH_MAX)) { ERROR("Failed to getcwd"); - rpath[0] = '\0'; + respath[0] = '\0'; goto error; } - dest = strchr(rpath, '\0'); - start = path; + dest = strchr(respath, '\0'); + if (dest == NULL) { + ERROR("Failed to get the end of respath"); + goto error; + } + strcat(respath, path); + stpos = path; } else { - dest = rpath; + dest = respath; *dest++ = '/'; - start = path; + stpos = path; } - for (end = start; *start; start = end) { - /* Skip sequence of multiple path-separators. */ - while (ISSLASH(*start)) - ++start; + if (do_clean_path(respath, limit_respath, stpos, &dest)) { + goto error; + } - /* Find end of path component. */ - for (end = start; *end && !ISSLASH(*end); ++end) - /* Nothing. */; + if (dest > respath + 1 && ISSLASH(dest[-1])) { + --dest; + } + *dest = '\0'; - if (end - start == 0) { - break; - } else if (end - start == 1 && start[0] == '.') { - /* nothing */; - } else if (end - start == 2 && start[0] == '.' && start[1] == '.') { - /* Back up to previous component, ignore if at root already. */ - if (dest > rpath + 1) - for (--dest; dest > rpath && !ISSLASH(dest[-1]); --dest) - continue; - } else { - size_t new_size; - - if (!ISSLASH(dest[-1])) - *dest++ = '/'; - - if (dest + (end - start) >= rpath_limit) { - long long dest_offset = dest - rpath; - char *new_rpath; - - if (resolved) { - printf("Path is to long"); - if (dest > rpath + 1) - dest--; - *dest = '\0'; - goto error; - } - - new_size = rpath_limit - rpath; - if (end - start + 1 > PATH_MAX) - new_size += end - start + 1; - else - new_size += PATH_MAX; - new_rpath = (char *) realloc(rpath, new_size); - if (new_rpath == NULL) { - ERROR("Out of memory"); - goto error; - } - rpath = new_rpath; - rpath_limit = rpath + new_size; - - dest = rpath + dest_offset; + return respath; + +error: + return NULL; +} + +static int do_path_realloc(const char *start, const char *end, + char **rpath, char **dest, const char **rpath_limit) +{ + long long dest_offset = *dest - *rpath; + char *new_rpath = NULL; + size_t new_size; + int nret = 0; + size_t gap = 0; + + if (*dest + (end - start) < *rpath_limit) { + return 0; + } + + gap = (size_t)(end - start) + 1; + new_size = (size_t)(*rpath_limit - *rpath); + if (new_size > SIZE_MAX - gap) { + ERROR("Out of range!"); + return -1; + } + + if (gap > PATH_MAX) { + new_size += gap; + } else { + new_size += PATH_MAX; + } + nret = lxc_mem_realloc((void **)&new_rpath, new_size, *rpath, PATH_MAX); + if (nret) { + ERROR("Failed to realloc memory for files limit variables"); + return -1; + } + *rpath = new_rpath; + *rpath_limit = *rpath + new_size; + + *dest = *rpath + dest_offset; + + return 0; +} + +static int do_get_symlinks_copy_buf(const char *buf, const char *prefix, size_t prefix_len, + char **rpath, char **dest) +{ + if (IS_ABSOLUTE_FILE_NAME(buf)) { + if (prefix_len) { + memcpy(*rpath, prefix, prefix_len); + } + *dest = *rpath + prefix_len; + *(*dest)++ = '/'; + } else { + if (*dest > *rpath + prefix_len + 1) { + for (--(*dest); *dest > *rpath && !ISSLASH((*dest)[-1]); --(*dest)) { + continue; } + } + } + return 0; +} - memcpy(dest, start, end - start); - dest += end - start; - *dest = '\0'; +static int do_get_symlinks(const char **fullpath, const char *prefix, size_t prefix_len, + char **rpath, char **dest, const char **end, + int *num_links, char **extra_buf) +{ + char *buf = NULL; + size_t len; + errno_t rc = EOK; + ssize_t n; + int ret = -1; + + if (++(*num_links) > MAXSYMLINKS) { + ERROR("Too many links in '%s'", *fullpath); + goto out; + } + + buf = lxc_common_calloc_s(PATH_MAX); + if (buf == NULL) { + ERROR("Out of memory"); + goto out; + } + + n = readlink(*rpath, buf, PATH_MAX - 1); + if (n < 0) { + goto out; + } + buf[n] = '\0'; + + if (*extra_buf == NULL) { + *extra_buf = lxc_common_calloc_s(PATH_MAX); + if (*extra_buf == NULL) { + ERROR("Out of memory"); + goto out; } } - if (dest > rpath + 1 && ISSLASH(dest[-1])) - --dest; - *dest = '\0'; - return rpath; + len = strlen(*end); + if (len >= PATH_MAX - n) { + ERROR("Path is too long"); + goto out; + } -error: - if (resolved == NULL) - free(rpath); - return NULL; + memmove(&(*extra_buf)[n], *end, len + 1); + memcpy(*extra_buf, buf, (size_t)n); + + *fullpath = *end = *extra_buf; + + if (do_get_symlinks_copy_buf(buf, prefix, prefix_len, rpath, dest) != 0) { + goto out; + } + + ret = 0; +out: + free(buf); + return ret; } -// evalSymlinksInScope will evaluate symlinks in `path` within a scope `root` and return -// a result guaranteed to be contained within the scope `root`, at the time of the call. -// Symlinks in `root` are not evaluated and left as-is. -// Errors encountered while attempting to evaluate symlinks in path will be returned. -// Non-existing paths are valid and do not constitute an error. -// `path` has to contain `root` as a prefix, or else an error will be returned. -// Trying to break out from `root` does not constitute an error. -// -// Example: -// If /foo/bar -> /outside, -// FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/oustide" -char *eval_symlinks_in_scope(const char *fullpath, const char *rootpath) +static bool do_eval_symlinks_in_scope_is_symlink(const char *path) { - char resroot[PATH_MAX] = {0}, *root = NULL; - char *rpath, *dest, *prefix, *extra_buf = NULL; - const char *start, *end, *rpath_limit; + struct stat st; + + if (lstat(path, &st) < 0) { + return true; + } + + if (!S_ISLNK(st.st_mode)) { + return true; + } + return false; +} + +static void do_eval_symlinks_skip_slash(const char **start, const char **end) +{ + while (ISSLASH(**start)) { + ++(*start); + } + + for (*end = *start; **end && !ISSLASH(**end); ++(*end)) { + } +} + +static inline void skip_dest_traling_slash(char **dest, char **rpath, size_t prefix_len) +{ + if (*dest > *rpath + prefix_len + 1) { + for (--(*dest); *dest > *rpath && !ISSLASH((*dest)[-1]); --(*dest)) { + continue; + } + } +} + +static inline bool is_current_char(const char c) +{ + return c == '.'; +} + +static inline bool is_specify_current(const char *end, const char *start) +{ + return (end - start == 1) && is_current_char(start[0]); +} + +static inline bool is_specify_parent(const char *end, const char *start) +{ + return (end - start == 2) && is_current_char(start[0]) && is_current_char(start[1]); +} + +static int do_eval_symlinks_in_scope(const char *fullpath, const char *prefix, + size_t prefix_len, + char **rpath, char **dest, const char *rpath_limit) +{ + const char *start = NULL; + const char *end = NULL; + char *extra_buf = NULL; + errno_t rc = EOK; + int nret = 0; int num_links = 0; + + start = fullpath + prefix_len; + for (end = start; *start; start = end) { + do_eval_symlinks_skip_slash(&start, &end); + if (end - start == 0) { + break; + } else if (is_specify_current(end, start)) { + ; + } else if (is_specify_parent(end, start)) { + skip_dest_traling_slash(dest, rpath, prefix_len); + } else { + if (!ISSLASH((*dest)[-1])) { + *(*dest)++ = '/'; + } + + nret = do_path_realloc(start, end, rpath, dest, &rpath_limit); + if (nret != 0) { + nret = -1; + goto out; + } + + memcpy(*dest, start, (size_t)(end - start)); + *dest += end - start; + **dest = '\0'; + + if (do_eval_symlinks_in_scope_is_symlink(*rpath)) { + continue; + } + + nret = do_get_symlinks(&fullpath, prefix, prefix_len, rpath, dest, &end, &num_links, &extra_buf); + if (nret != 0) { + nret = -1; + goto out; + } + } + } +out: + free(extra_buf); + return nret; +} +static char *eval_symlinks_in_scope(const char *fullpath, const char *rootpath) +{ + char resroot[PATH_MAX] = {0}; + char *root = NULL; + char *rpath = NULL; + char *dest = NULL; + char *prefix = NULL; + const char *rpath_limit = NULL; size_t prefix_len; + errno_t rc = EOK; - if (!fullpath || !rootpath) + if (fullpath == NULL || rootpath == NULL) { return NULL; + } - root = cleanpath(rootpath, resroot); - if (!root) { + root = cleanpath(rootpath, resroot, sizeof(resroot)); + if (root == NULL) { ERROR("Failed to get cleaned path"); return NULL; } - if (!strcmp(fullpath, root)) + if (!strcmp(fullpath, root)) { return strdup(fullpath); + } - if (!strstr(fullpath, root)) { + if (strstr(fullpath, root) == NULL) { ERROR("Path '%s' is not in '%s'", fullpath, root); return NULL; } - rpath = malloc(PATH_MAX); + rpath = lxc_common_calloc_s(PATH_MAX); if (rpath == NULL) { ERROR("Out of memory"); - goto error; - return NULL; + goto out; } rpath_limit = rpath + PATH_MAX; prefix = root; - prefix_len = strlen(prefix); - if (!strcmp(prefix, "/")) + prefix_len = (size_t)strlen(prefix); + if (!strcmp(prefix, "/")) { prefix_len = 0; + } dest = rpath; if (prefix_len) { @@ -268,133 +490,19 @@ char *eval_symlinks_in_scope(const char *fullpath, const char *rootpath) dest += prefix_len; } *dest++ = '/'; - start = fullpath + prefix_len; - for (end = start; *start; start = end) { - struct stat st; - int n; - - /* Skip sequence of multiple path-separators. */ - while (ISSLASH(*start)) - ++start; - - /* Find end of path component. */ - for (end = start; *end && !ISSLASH(*end); ++end) - /* Nothing. */; - - if (end - start == 0) { - break; - } else if (end - start == 1 && start[0] == '.') { - /* nothing */; - } else if (end - start == 2 && start[0] == '.' && start[1] == '.') { - /* Back up to previous component, ignore if at root already. */ - if (dest > rpath + prefix_len + 1) - for (--dest; dest > rpath && !ISSLASH(dest[-1]); --dest) - continue; - } else { - size_t new_size; - - if (!ISSLASH(dest[-1])) - *dest++ = '/'; - - if (dest + (end - start) >= rpath_limit) { - long long dest_offset = dest - rpath; - char *new_rpath; - - new_size = rpath_limit - rpath; - if (end - start + 1 > PATH_MAX) - new_size += end - start + 1; - else - new_size += PATH_MAX; - new_rpath = (char *) realloc(rpath, new_size); - if (new_rpath == NULL) { - ERROR("Out of memory"); - goto error; - } - rpath = new_rpath; - rpath_limit = rpath + new_size; - - dest = rpath + dest_offset; - } - - memcpy(dest, start, end - start); - dest += end - start; - *dest = '\0'; - - if (lstat(rpath, &st) < 0) { - // if rpath does not exist, accept it - continue; - } - - if (S_ISLNK(st.st_mode)) { - char *buf; - size_t len; - - if (++num_links > MAXSYMLINKS) { - ERROR("Too many links in '%s'", fullpath); - goto error; - } - - buf = malloc(PATH_MAX); - if (!buf) { - ERROR("Out of memory"); - goto error; - } - - n = readlink(rpath, buf, PATH_MAX - 1); - if (n < 0) { - free(buf); - goto error; - } - buf[n] = '\0'; - - if (!extra_buf) { - extra_buf = malloc(PATH_MAX); - if (!extra_buf) { - ERROR("Out of memory"); - free(buf); - goto error; - } - } - - len = strlen(end); - if ((long int)(n + len) >= PATH_MAX) { - free(buf); - ERROR("Path is too long"); - goto error; - } - - /* Careful here, end may be a pointer into extra_buf... */ - memmove(&extra_buf[n], end, len + 1); - fullpath = end = memcpy(extra_buf, buf, n); - - if (IS_ABSOLUTE_FILE_NAME(buf)) { - if (prefix_len) - memcpy(rpath, prefix, prefix_len); - dest = rpath + prefix_len; - *dest++ = '/'; /* It's an absolute symlink */ - } else { - /* Back up to previous component, ignore if at root - already: */ - if (dest > rpath + prefix_len + 1) - for (--dest; dest > rpath && !ISSLASH(dest[-1]); --dest) - continue; - } - } - } + if (do_eval_symlinks_in_scope(fullpath, prefix, prefix_len, &rpath, &dest, + rpath_limit)) { + goto out; } - if (dest > rpath + prefix_len + 1 && ISSLASH(dest[-1])) + + if (dest > rpath + prefix_len + 1 && ISSLASH(dest[-1])) { --dest; + } *dest = '\0'; - - if (extra_buf) - free(extra_buf); - return rpath; -error: - if (extra_buf) - free(extra_buf); +out: free(rpath); return NULL; } @@ -406,13 +514,13 @@ char *follow_symlink_in_scope(const char *fullpath, const char *rootpath) char resfull[PATH_MAX] = {0}, *full = NULL; char resroot[PATH_MAX] = {0}, *root = NULL; - full = cleanpath(fullpath, resfull); + full = cleanpath(fullpath, resfull, PATH_MAX); if (!full) { ERROR("Failed to get cleaned path"); return NULL; } - root = cleanpath(rootpath, resroot); + root = cleanpath(rootpath, resroot, PATH_MAX); if (!root) { ERROR("Failed to get cleaned path"); return NULL; @@ -430,7 +538,7 @@ char *follow_symlink_in_scope(const char *fullpath, const char *rootpath) // particular path inside the container as though you were a process in that // container. int get_resource_path(const char *rootpath, const char *path, - char **scopepath) + char **scopepath) { char resolved[PATH_MAX] = {0}, *cleanedpath = NULL; char *fullpath = NULL; @@ -441,7 +549,7 @@ int get_resource_path(const char *rootpath, const char *path, *scopepath = NULL; - cleanedpath = cleanpath(path, resolved); + cleanedpath = cleanpath(path, resolved, PATH_MAX); if (!cleanedpath) { ERROR("Failed to get cleaned path"); return -1; @@ -475,13 +583,13 @@ char *path_relative(const char *basepath, const char *targpath) char restarg[PATH_MAX] = {0}, *targ = NULL; size_t bl = 0, tl = 0, b0 = 0, bi = 0, t0 = 0, ti = 0; - base = cleanpath(basepath, resbase); + base = cleanpath(basepath, resbase, PATH_MAX); if (!base) { ERROR("Failed to get cleaned path"); return NULL; } - targ = cleanpath(targpath, restarg); + targ = cleanpath(targpath, restarg, PATH_MAX); if (!targ) { ERROR("Failed to get cleaned path"); return NULL; @@ -512,7 +620,7 @@ char *path_relative(const char *basepath, const char *targpath) // Base elements left. Must go up before going down. int seps = 0, i; size_t ncopyed = 0, seps_size; - char *buf; + char *buf = NULL; for (bi = b0; bi < bl; bi++) { if (ISSLASH(base[bi])) @@ -543,4 +651,4 @@ char *path_relative(const char *basepath, const char *targpath) } return strdup(targ + t0); -} \ No newline at end of file +} diff --git a/src/lxc/path.h b/src/lxc/path.h index e3a04cc..5100941 100644 --- a/src/lxc/path.h +++ b/src/lxc/path.h @@ -13,7 +13,7 @@ bool has_traling_path_separator(const char *path); // path already ends in a `.` path segment, then another is not added. If the // clean path already ends in a path separator, then another is not added. char *preserve_trailing_dot_or_separator(const char *cleanedpath, - const char *originalpath); + const char *originalpath); // Split splits path immediately following the final Separator, @@ -27,20 +27,8 @@ bool filepath_split(const char *path, char **dir, char **base); * cleanpath is similar to realpath of glibc, but not expands symbolic links, * and not check the existence of components of the path. */ -char *cleanpath(const char *path, char *resolved); +char *cleanpath(const char *path, char *realpath, size_t realpath_len); -// evalSymlinksInScope will evaluate symlinks in `path` within a scope `root` and return -// a result guaranteed to be contained within the scope `root`, at the time of the call. -// Symlinks in `root` are not evaluated and left as-is. -// Errors encountered while attempting to evaluate symlinks in path will be returned. -// Non-existing paths are valid and do not constitute an error. -// `path` has to contain `root` as a prefix, or else an error will be returned. -// Trying to break out from `root` does not constitute an error. -// -// Example: -// If /foo/bar -> /outside, -// FollowSymlinkInScope("/foo/bar", "/foo") == "/foo/outside" instead of "/oustide" -char *eval_symlinks_in_scope(const char *fullpath, const char *rootpath); // FollowSymlinkInScope is a wrapper around evalSymlinksInScope that returns an // absolute path. This function handles paths in a platform-agnostic manner. @@ -55,7 +43,7 @@ char *follow_symlink_in_scope(const char *fullpath, const char *rootpath); // particular path inside the container as though you were a process in that // container. int get_resource_path(const char *rootpath, const char *path, - char **scopepath); + char **scopepath); // Rel returns a relative path that is lexically equivalent to targpath when // joined to basepath with an intervening separator. That is, diff --git a/src/lxc/start.c b/src/lxc/start.c index 4541793..ccdd844 100644 --- a/src/lxc/start.c +++ b/src/lxc/start.c @@ -93,7 +93,7 @@ extern void mod_all_rdeps(struct lxc_container *c, bool inc); static bool do_destroy_container(struct lxc_handler *handler); static int lxc_rmdir_onedev_wrapper(void *data); static void lxc_destroy_container_on_signal(struct lxc_handler *handler, - const char *name); + const char *name); /* isulad: start timeout thread */ typedef enum { @@ -136,8 +136,8 @@ static void print_top_failing_dir(const char *path) ret = access(copy, X_OK); if (ret != 0) { SYSERROR("Could not access %s. Please grant it x " - "access, or add an ACL for the container " - "root", copy); + "access, or add an ACL for the container " + "root", copy); return; } *p = saved; @@ -180,7 +180,7 @@ static int lxc_try_preserve_ns(const int pid, const char *ns) * Return true on success, false on failure. */ static bool lxc_try_preserve_namespaces(struct lxc_handler *handler, - int ns_clone_flags, pid_t pid) + int ns_clone_flags, pid_t pid) { int i; @@ -243,8 +243,8 @@ static bool match_dlog_fds(struct dirent *direntp) } if (strcmp(link, "/dev/log_main") == 0 || - strcmp(link, "/dev/log_system") == 0 || - strcmp(link, "/dev/log_radio") == 0) + strcmp(link, "/dev/log_system") == 0 || + strcmp(link, "/dev/log_radio") == 0) return true; return false; @@ -252,7 +252,7 @@ static bool match_dlog_fds(struct dirent *direntp) #endif int lxc_check_inherited(struct lxc_conf *conf, bool closeall, - int *fds_to_ignore, size_t len_fds) + int *fds_to_ignore, size_t len_fds) { int fd, fddir; size_t i; @@ -293,7 +293,7 @@ restart: break; if (fd == fddir || fd == lxc_log_fd || - (i < len_fds && fd == fds_to_ignore[i])) + (i < len_fds && fd == fds_to_ignore[i])) continue; /* Keep state clients that wait on reboots. */ @@ -377,7 +377,7 @@ static int setup_signal_fd(sigset_t *oldmask) } static int signal_handler(int fd, uint32_t events, void *data, - struct lxc_epoll_descr *descr) + struct lxc_epoll_descr *descr) { int ret; siginfo_t info; @@ -427,14 +427,14 @@ static int signal_handler(int fd, uint32_t events, void *data, kill(hdlr->pid, SIGTERM); INFO("Killing %d since terminal hung up", hdlr->pid); return hdlr->init_died ? LXC_MAINLOOP_CLOSE - : LXC_MAINLOOP_CONTINUE; + : LXC_MAINLOOP_CONTINUE; } if (siginfo.ssi_signo != SIGCHLD) { kill(hdlr->pid, siginfo.ssi_signo); INFO("Forwarded signal %d to pid %d", siginfo.ssi_signo, hdlr->pid); return hdlr->init_died ? LXC_MAINLOOP_CLOSE - : LXC_MAINLOOP_CONTINUE; + : LXC_MAINLOOP_CONTINUE; } /* More robustness, protect ourself from a SIGCHLD sent @@ -444,19 +444,19 @@ static int signal_handler(int fd, uint32_t events, void *data, NOTICE("Received %d from pid %d instead of container init %d", siginfo.ssi_signo, siginfo.ssi_pid, hdlr->pid); return hdlr->init_died ? LXC_MAINLOOP_CLOSE - : LXC_MAINLOOP_CONTINUE; + : LXC_MAINLOOP_CONTINUE; } if (siginfo.ssi_code == CLD_STOPPED) { INFO("Container init process was stopped"); return hdlr->init_died ? LXC_MAINLOOP_CLOSE - : LXC_MAINLOOP_CONTINUE; + : LXC_MAINLOOP_CONTINUE; } if (siginfo.ssi_code == CLD_CONTINUED) { INFO("Container init process was continued"); return hdlr->init_died ? LXC_MAINLOOP_CLOSE - : LXC_MAINLOOP_CONTINUE; + : LXC_MAINLOOP_CONTINUE; } DEBUG("Container init process %d exited", hdlr->pid); @@ -465,7 +465,7 @@ static int signal_handler(int fd, uint32_t events, void *data, } int lxc_serve_state_clients(const char *name, struct lxc_handler *handler, - lxc_state_t state) + lxc_state_t state) { size_t retlen; ssize_t ret; @@ -516,14 +516,14 @@ int lxc_serve_state_clients(const char *name, struct lxc_handler *handler, } static int lxc_serve_state_socket_pair(const char *name, - struct lxc_handler *handler, - lxc_state_t state) + struct lxc_handler *handler, + lxc_state_t state) { ssize_t ret; if (!handler->daemonize || - handler->state_socket_pair[1] < 0 || - state == STARTING) + handler->state_socket_pair[1] < 0 || + state == STARTING) return 0; /* Close read end of the socket pair. */ @@ -532,7 +532,9 @@ static int lxc_serve_state_socket_pair(const char *name, again: ret = lxc_abstract_unix_send_credential(handler->state_socket_pair[1], - &(int){state}, sizeof(int)); + &(int) { + state + }, sizeof(int)); if (ret < 0) { SYSERROR("Failed to send state to %d", handler->state_socket_pair[1]); @@ -558,7 +560,7 @@ again: } int lxc_set_state(const char *name, struct lxc_handler *handler, - lxc_state_t state) + lxc_state_t state) { int ret; @@ -587,7 +589,7 @@ int lxc_poll(const char *name, struct lxc_handler *handler) struct lxc_epoll_descr descr, descr_console; if (handler->conf->console.path && - strcmp(handler->conf->console.path, "none") == 0) + strcmp(handler->conf->console.path, "none") == 0) has_console = false; ret = lxc_mainloop_open(&descr); @@ -726,7 +728,7 @@ void lxc_free_handler(struct lxc_handler *handler) } struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf, - const char *lxcpath, bool daemonize) + const char *lxcpath, bool daemonize) { int i, ret; struct lxc_handler *handler; @@ -764,7 +766,7 @@ struct lxc_handler *lxc_init_handler(const char *name, struct lxc_conf *conf, * again currently so don't open another socketpair(). */ ret = socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, - handler->state_socket_pair); + handler->state_socket_pair); if (ret < 0) { ERROR("Failed to create anonymous pair of unix sockets"); goto on_error; @@ -829,49 +831,49 @@ int lxc_init(const char *name, struct lxc_handler *handler) ret = setenv("LXC_CONFIG_FILE", conf->rcfile, 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_CONFIG_FILE=%s", conf->rcfile); + "LXC_CONFIG_FILE=%s", conf->rcfile); } if (conf->rootfs.mount) { ret = setenv("LXC_ROOTFS_MOUNT", conf->rootfs.mount, 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_ROOTFS_MOUNT=%s", conf->rootfs.mount); + "LXC_ROOTFS_MOUNT=%s", conf->rootfs.mount); } if (conf->rootfs.path) { ret = setenv("LXC_ROOTFS_PATH", conf->rootfs.path, 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_ROOTFS_PATH=%s", conf->rootfs.path); + "LXC_ROOTFS_PATH=%s", conf->rootfs.path); } if (conf->console.path) { ret = setenv("LXC_CONSOLE", conf->console.path, 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_CONSOLE=%s", conf->console.path); + "LXC_CONSOLE=%s", conf->console.path); } if (conf->console.log_path) { ret = setenv("LXC_CONSOLE_LOGPATH", conf->console.log_path, 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_CONSOLE_LOGPATH=%s", conf->console.log_path); + "LXC_CONSOLE_LOGPATH=%s", conf->console.log_path); } if (cgns_supported()) { ret = setenv("LXC_CGNS_AWARE", "1", 1); if (ret < 0) SYSERROR("Failed to set environment variable " - "LXC_CGNS_AWARE=1"); + "LXC_CGNS_AWARE=1"); } loglevel = lxc_log_priority_to_string(lxc_log_get_level()); ret = setenv("LXC_LOG_LEVEL", loglevel, 1); if (ret < 0) SYSERROR("Set environment variable LXC_LOG_LEVEL=%s", - loglevel); + loglevel); if (conf->hooks_version == 0) ret = setenv("LXC_HOOK_VERSION", "0", 1); @@ -959,6 +961,7 @@ static int _read_procs_file(const char *path, pid_t **pids, size_t *len) FILE *f; char *line = NULL; size_t sz = 0; + pid_t *tmp_pids = NULL; f = fopen_cloexec(path, "r"); if (!f) @@ -968,7 +971,16 @@ static int _read_procs_file(const char *path, pid_t **pids, size_t *len) pid_t pid; trim_line(line); pid = (pid_t)atoll(line); - *pids = realloc(*pids, sizeof(pid_t) * (*len + 1)); + if (lxc_mem_realloc((void **)&tmp_pids, sizeof(pid_t) * (*len + 1), *pids, sizeof(pid_t) * (*len)) != 0) { + free(*pids); + *pids = NULL; + ERROR("out of memory"); + free(line); + fclose(f); + return -1; + } + *pids = tmp_pids; + (*pids)[*len] = pid; (*len)++; } @@ -980,8 +992,8 @@ static int _read_procs_file(const char *path, pid_t **pids, size_t *len) static int _recursive_read_cgroup_procs(const char *dirpath, pid_t **pids, size_t *len) { - struct dirent *direntp; - DIR *dir; + struct dirent *direntp = NULL; + DIR *dir = NULL; int ret, failed = 0; char pathname[PATH_MAX]; @@ -996,7 +1008,7 @@ static int _recursive_read_cgroup_procs(const char *dirpath, pid_t **pids, size_ int rc; if (!strcmp(direntp->d_name, ".") || - !strcmp(direntp->d_name, "..")) + !strcmp(direntp->d_name, "..")) continue; rc = snprintf(pathname, PATH_MAX, "%s/%s", dirpath, direntp->d_name); @@ -1122,11 +1134,11 @@ void lxc_fini(const char *name, struct lxc_handler *handler) if (handler->conf->hooks_version == 0) ret = asprintf(&namespaces[namespace_count], - "%s:/proc/%d/fd/%d", ns_info[i].proc_name, - self, handler->nsfd[i]); + "%s:/proc/%d/fd/%d", ns_info[i].proc_name, + self, handler->nsfd[i]); else ret = asprintf(&namespaces[namespace_count], - "/proc/%d/fd/%d", self, handler->nsfd[i]); + "/proc/%d/fd/%d", self, handler->nsfd[i]); if (ret == -1) { SYSERROR("Failed to allocate memory"); break; @@ -1140,7 +1152,7 @@ void lxc_fini(const char *name, struct lxc_handler *handler) ret = setenv(ns_info[i].env_name, namespaces[namespace_count], 1); if (ret < 0) SYSERROR("Failed to set environment variable %s=%s", - ns_info[i].env_name, namespaces[namespace_count]); + ns_info[i].env_name, namespaces[namespace_count]); else TRACE("Set environment variable %s=%s", ns_info[i].env_name, namespaces[namespace_count]); @@ -1153,14 +1165,14 @@ void lxc_fini(const char *name, struct lxc_handler *handler) ret = setenv("LXC_TARGET", "reboot", 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_TARGET=reboot"); + "LXC_TARGET=reboot"); } if (handler->conf->reboot == REBOOT_NONE) { ret = setenv("LXC_TARGET", "stop", 1); if (ret < 0) SYSERROR("Failed to set environment variable: " - "LXC_TARGET=stop"); + "LXC_TARGET=stop"); } if (handler->conf->hooks_version == 0) @@ -1252,7 +1264,7 @@ retry: /* Keep state clients that want to be notified about reboots. */ if ((handler->conf->reboot > REBOOT_NONE) && - (client->states[RUNNING] == 2)) + (client->states[RUNNING] == 2)) continue; /* close state client socket */ @@ -1287,7 +1299,8 @@ void lxc_abort(const char *name, struct lxc_handler *handler) static int do_start(void *data) { - int ret, i; + int ret = 0; + int i; char path[PATH_MAX]; uid_t new_uid; gid_t new_gid; @@ -1351,7 +1364,7 @@ static int do_start(void *data) * https://github.com/lxc/lxd/issues/1978. */ if ((handler->ns_clone_flags & (CLONE_NEWNET | CLONE_NEWUSER)) == - (CLONE_NEWNET | CLONE_NEWUSER)) { + (CLONE_NEWNET | CLONE_NEWUSER)) { ret = unshare(CLONE_NEWNET); if (ret < 0) { SYSERROR("Failed to unshare CLONE_NEWNET"); @@ -1390,11 +1403,11 @@ static int do_start(void *data) * user namespace. */ if (!lxc_setgroups(0, NULL) && - (handler->am_root || errno != EPERM)) + (handler->am_root || errno != EPERM)) goto out_warn_father; ret = prctl(PR_SET_DUMPABLE, prctl_arg(1), prctl_arg(0), - prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0)); if (ret < 0) goto out_warn_father; @@ -1413,7 +1426,7 @@ static int do_start(void *data) } ret = snprintf(path, sizeof(path), "%s/dev/null", - handler->conf->rootfs.mount); + handler->conf->rootfs.mount); if (ret < 0 || ret >= sizeof(path)) goto out_warn_father; @@ -1474,7 +1487,7 @@ static int do_start(void *data) ret = putenv((char *)iterator->elem); if (ret < 0) { SYSERROR("Failed to set environment variable: %s", - (char *)iterator->elem); + (char *)iterator->elem); goto out_warn_father; } } @@ -1498,10 +1511,10 @@ static int do_start(void *data) */ if (handler->conf->no_new_privs) { ret = prctl(PR_SET_NO_NEW_PRIVS, prctl_arg(1), prctl_arg(0), - prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0)); if (ret < 0) { SYSERROR("Could not set PR_SET_NO_NEW_PRIVS to block " - "execve() gainable privileges"); + "execve() gainable privileges"); goto out_warn_father; } DEBUG("Set PR_SET_NO_NEW_PRIVS to block execve() gainable " @@ -1550,25 +1563,25 @@ static int do_start(void *data) * setup on its console ie. the pty allocated in lxc_terminal_setup() so * make sure that that pty is stdin,stdout,stderr. */ - setsid(); - if (!handler->disable_pty && handler->conf->console.slave >= 0) { + setsid(); + if (!handler->disable_pty && handler->conf->console.slave >= 0) { /* isulad:make the given terminal as controlling terminal to avoid warning * sh: cannot set terminal process group (-1): Inappropriate ioctl for device * sh: no job control in this shell */ - if (ioctl(handler->conf->console.slave, TIOCSCTTY, NULL) < 0) { - ERROR("Faild to make the given terminal the controlling terminal of the calling process"); - goto out_warn_father; - } - if (handler->daemonize || !handler->conf->is_execute) - ret = set_stdfds(handler->conf->console.slave); - else - ret = lxc_terminal_set_stdfds(handler->conf->console.slave); - if (ret < 0) { + if (ioctl(handler->conf->console.slave, TIOCSCTTY, NULL) < 0) { + ERROR("Faild to make the given terminal the controlling terminal of the calling process"); + goto out_warn_father; + } + if (handler->daemonize || !handler->conf->is_execute) + ret = set_stdfds(handler->conf->console.slave); + else + ret = lxc_terminal_set_stdfds(handler->conf->console.slave); + if (ret < 0) { ERROR("Failed to redirect std{in,out,err} to pty file " "descriptor %d", handler->conf->console.slave); goto out_warn_father; - } - } + } + } /* If we mounted a temporary proc, then unmount it now. */ tmp_proc_unmount(handler->conf); @@ -1611,7 +1624,7 @@ static int do_start(void *data) if (stat(handler->conf->init_cwd, &st) < 0 && mkdir_p(handler->conf->init_cwd, 0755) < 0) { SYSERROR("Try to create directory \"%s\" as workdir failed", handler->conf->init_cwd); lxc_write_error_message(handler->conf->errpipe[1], "%s:%d: Failed to create workdir: %s.", - __FILE__, __LINE__, strerror(errno)); + __FILE__, __LINE__, strerror(errno)); goto out_warn_father; } if (chdir(handler->conf->init_cwd)) { @@ -1636,7 +1649,7 @@ static int do_start(void *data) ret = putenv((char *)iterator->elem); if (ret < 0) { SYSERROR("Failed to set environment variable: %s", - (char *)iterator->elem); + (char *)iterator->elem); goto out_warn_father; } } @@ -1675,9 +1688,9 @@ static int do_start(void *data) * drop groups if we can, so ensure that we have necessary privilege. */ if (lxc_list_empty(&handler->conf->id_map)) - #if HAVE_LIBCAP +#if HAVE_LIBCAP if (lxc_proc_cap_is_set(CAP_SETGID, CAP_EFFECTIVE)) - #endif +#endif /* isulad: set groups for init process, and before we set uid and gid */ if (!lxc_setgroups(handler->conf->init_groups_len, handler->conf->init_groups)) { ERROR("Can not set groups"); @@ -1834,7 +1847,7 @@ static inline int do_share_ns(void *arg) * setns() will fail here. */ SYSERROR("Failed to inherit %s namespace", - ns_info[i].proc_name); + ns_info[i].proc_name); return -1; } @@ -1855,7 +1868,7 @@ static int lxc_write_container_info(char *filename, pid_t pid, pid_t p_pid, unsi FILE *pid_fp = NULL; int ret = 0; - pid_fp = fopen(filename, "w"); + pid_fp = lxc_fopen(filename, "w"); if (pid_fp == NULL) { SYSERROR("Failed to create pidfile '%s'",filename); ret = -1; @@ -1898,7 +1911,7 @@ static int lxc_check_container_info(char *filename, pid_t pid, pid_t p_pid, unsi } if (pid != saved_pid || p_pid != saved_ppid - || start_at != saved_start_time || p_start_at != saved_pstart_time) { + || start_at != saved_start_time || p_start_at != saved_pstart_time) { ERROR("Check container info failed"); ret = -1; goto out; @@ -1973,7 +1986,7 @@ static int lxc_spawn(struct lxc_handler *handler) return -1; ret = socketpair(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0, - handler->data_sock); + handler->data_sock); if (ret < 0) { lxc_sync_fini(handler); return -1; @@ -2044,7 +2057,7 @@ static int lxc_spawn(struct lxc_handler *handler) pid_t attacher_pid; attacher_pid = lxc_clone(do_share_ns, handler, - CLONE_VFORK | CLONE_VM | CLONE_FILES); + CLONE_VFORK | CLONE_VM | CLONE_FILES); if (attacher_pid < 0) { SYSERROR(LXC_CLONE_ERROR); goto out_delete_net; @@ -2057,7 +2070,7 @@ static int lxc_spawn(struct lxc_handler *handler) } } else { handler->pid = lxc_raw_clone_cb(do_start, handler, - handler->ns_on_clone_flags); + handler->ns_on_clone_flags); } if (handler->pid < 0) { SYSERROR(LXC_CLONE_ERROR); @@ -2108,7 +2121,7 @@ static int lxc_spawn(struct lxc_handler *handler) */ if (wants_to_map_ids) { if (!handler->conf->ns_share[LXC_NS_USER] && - (handler->conf->ns_keep & CLONE_NEWUSER) == 0) { + (handler->conf->ns_keep & CLONE_NEWUSER) == 0) { ret = lxc_map_ids(id_map, handler->pid); if (ret < 0) { ERROR("Failed to set up id mapping."); @@ -2157,16 +2170,16 @@ static int lxc_spawn(struct lxc_handler *handler) /* Create the network configuration. */ if (handler->ns_clone_flags & CLONE_NEWNET) { ret = lxc_network_move_created_netdev_priv(handler->lxcpath, - handler->name, - &conf->network, - handler->pid); + handler->name, + &conf->network, + handler->pid); if (ret < 0) { ERROR("Failed to create the configured network"); goto out_delete_net; } ret = lxc_create_network_unpriv(handler->lxcpath, handler->name, - &conf->network, handler->pid, conf->hooks_version); + &conf->network, handler->pid, conf->hooks_version); if (ret < 0) { ERROR("Failed to create the configured network"); goto out_delete_net; @@ -2245,10 +2258,7 @@ static int lxc_spawn(struct lxc_handler *handler) } /* isulad: Run oci prestart hook at here */ - char* oci_hook_args[1]; - oci_hook_args[0] = alloca(strlen(lxcpath) + 1); - (void)strlcpy(oci_hook_args[0], lxcpath, strlen(lxcpath) + 1); - ret = run_lxc_hooks(name, "oci-prestart", conf, oci_hook_args); + ret = run_oci_hooks(name, "oci-prestart", conf, lxcpath); if (ret < 0) { ERROR("Failed to run oci prestart hooks"); goto out_delete_net; @@ -2302,7 +2312,7 @@ static int lxc_spawn(struct lxc_handler *handler) goto out_abort; /* isulad: Run oci prestart hook at here */ - ret = run_lxc_hooks(name, "oci-poststart", conf, oci_hook_args); + ret = run_oci_hooks(name, "oci-poststart", conf, lxcpath); if (ret < 0) { ERROR("Failed to run oci poststart hooks"); goto out_abort; @@ -2402,8 +2412,8 @@ out: #define ExitSignalOffset 128 int __lxc_start(const char *name, struct lxc_handler *handler, - struct lxc_operations* ops, void *data, const char *lxcpath, - bool daemonize, int *error_num, unsigned int start_timeout) + struct lxc_operations* ops, void *data, const char *lxcpath, + bool daemonize, int *error_num, unsigned int start_timeout) { int ret, status, exit_code; struct lxc_conf *conf = handler->conf; @@ -2560,7 +2570,7 @@ static struct lxc_operations start_ops = { }; int lxc_start(const char *name, char *const argv[], struct lxc_handler *handler, - const char *lxcpath, bool daemonize, int *error_num, unsigned int start_timeout) + const char *lxcpath, bool daemonize, int *error_num, unsigned int start_timeout) { struct start_args start_arg = { .argv = argv, @@ -2571,7 +2581,7 @@ int lxc_start(const char *name, char *const argv[], struct lxc_handler *handler, } static void lxc_destroy_container_on_signal(struct lxc_handler *handler, - const char *name) + const char *name) { char destroy[PATH_MAX]; struct lxc_container *c; @@ -2607,7 +2617,7 @@ static void lxc_destroy_container_on_signal(struct lxc_handler *handler, if (!handler->am_root) ret = userns_exec_full(handler->conf, lxc_rmdir_onedev_wrapper, - destroy, "lxc_rmdir_onedev_wrapper"); + destroy, "lxc_rmdir_onedev_wrapper"); else ret = lxc_rmdir_onedev(destroy, NULL); @@ -2630,7 +2640,7 @@ static bool do_destroy_container(struct lxc_handler *handler) if (!handler->am_root) { ret = userns_exec_full(handler->conf, storage_destroy_wrapper, - handler->conf, "storage_destroy_wrapper"); + handler->conf, "storage_destroy_wrapper"); if (ret < 0) return false; @@ -2846,11 +2856,7 @@ int do_lxcapi_clean_resource(char *name, char *lxcpath, struct lxc_conf *conf, p signal_all_processes(handler); } - char* oci_hook_args[1]; - oci_hook_args[0] = alloca(strlen(handler->lxcpath) + 1); - (void)strlcpy(oci_hook_args[0], handler->lxcpath, strlen(handler->lxcpath) + 1); - - if (run_lxc_hooks(handler->name, "oci-poststop", handler->conf, oci_hook_args)) { + if (run_oci_hooks(handler->name, "oci-poststop", handler->conf, handler->lxcpath)) { ERROR("Failed to run lxc.hook.post-stop for container \"%s\".", handler->name); ret = -1; } diff --git a/src/lxc/storage/block.c b/src/lxc/storage/block.c index eb75e70..8998923 100644 --- a/src/lxc/storage/block.c +++ b/src/lxc/storage/block.c @@ -62,7 +62,8 @@ bool blk_detect(const char *path) int blk_mount(struct lxc_storage *bdev) { - const char *src; + const char *src = NULL; + if (strcmp(bdev->type, "blk")) return -22; diff --git a/src/lxc/terminal.c b/src/lxc/terminal.c index 88653b4..802bf39 100644 --- a/src/lxc/terminal.c +++ b/src/lxc/terminal.c @@ -113,7 +113,7 @@ void lxc_terminal_sigwinch(int sig) } int lxc_terminal_signalfd_cb(int fd, uint32_t events, void *cbdata, - struct lxc_epoll_descr *descr) + struct lxc_epoll_descr *descr) { ssize_t ret; struct signalfd_siginfo siginfo; @@ -300,7 +300,7 @@ static int lxc_terminal_rotate_log_file(struct lxc_terminal *terminal) } static int lxc_terminal_rotate_write_data(struct lxc_terminal *terminal, const char *buf, - int bytes_read) + int bytes_read) { int ret; struct stat st; @@ -310,7 +310,7 @@ static int lxc_terminal_rotate_write_data(struct lxc_terminal *terminal, const c return 0; /* A log size <= 0 means that there's no limit on the size of the log - * file at which point we simply ignore whether the log is supposed to + * file at which point we simply ignore whether the log is supposed to * be rotated or not. */ if (terminal->log_size <= 0) @@ -397,48 +397,49 @@ static int lxc_terminal_rotate_write_data(struct lxc_terminal *terminal, const c /* get time buffer */ static bool get_time_buffer(struct timespec *timestamp, char *timebuffer, - size_t maxsize) + size_t maxsize) { - struct tm tm_utc = { 0 }; - int32_t nanos = 0; - time_t seconds; + struct tm tm_utc = { 0 }; + int32_t nanos = 0; + time_t seconds; - if (!timebuffer || !maxsize) { - return false; - } + if (!timebuffer || !maxsize) { + return false; + } - seconds = (time_t)timestamp->tv_sec; - gmtime_r(&seconds, &tm_utc); - strftime(timebuffer, maxsize, "%Y-%m-%dT%H:%M:%S", &tm_utc); + seconds = (time_t)timestamp->tv_sec; + gmtime_r(&seconds, &tm_utc); + strftime(timebuffer, maxsize, "%Y-%m-%dT%H:%M:%S", &tm_utc); - nanos = (int32_t)timestamp->tv_nsec; - sprintf(timebuffer + strlen(timebuffer), ".%09dZ", nanos); + nanos = (int32_t)timestamp->tv_nsec; + sprintf(timebuffer + strlen(timebuffer), ".%09dZ", nanos); - return true; + return true; } /* get now time buffer */ static bool get_now_time_buffer(char *timebuffer, size_t maxsize) { - int err = 0; - struct timespec ts; + int err = 0; + struct timespec ts; - err = clock_gettime(CLOCK_REALTIME, &ts); - if (err != 0) { - ERROR("failed to get time"); - return false; - } + err = clock_gettime(CLOCK_REALTIME, &ts); + if (err != 0) { + ERROR("failed to get time"); + return false; + } - return get_time_buffer(&ts, timebuffer, maxsize); + return get_time_buffer(&ts, timebuffer, maxsize); } static ssize_t lxc_logger_write(struct lxc_terminal *terminal, const char *type, const char *buf, - int bytes_read) + int bytes_read) { logger_json_file *msg = NULL; ssize_t ret = -1; size_t len; - char *json = NULL, timebuffer[64]; + char *json = NULL; + char timebuffer[64] = { 0 }; parser_error err = NULL; struct parser_context ctx = { GEN_OPTIONS_SIMPLIFY | GEN_OPTIONS_NOT_VALIDATE_UTF8, stderr }; @@ -473,7 +474,7 @@ cleanup: } static int lxc_terminal_write_log_file(struct lxc_terminal *terminal, const char *type, char *buf, - int bytes_read) + int bytes_read) { #define __BUF_CACHE_SIZE (16 * LXC_TERMINAL_BUFFER_SIZE) static char cache[__BUF_CACHE_SIZE]; @@ -541,9 +542,10 @@ static int lxc_terminal_write_log_file(struct lxc_terminal *terminal, const char } /* isulad: forward data to all fifos */ -static void lxc_forward_data_to_fifo(struct lxc_list *list, bool is_err, char *buf, int r) +static void lxc_forward_data_to_fifo(struct lxc_list *list, bool is_err, const char *buf, int r) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; struct lxc_fifos_fd *elem = NULL; lxc_list_for_each_safe(it, list, next) { @@ -563,7 +565,8 @@ static void lxc_forward_data_to_fifo(struct lxc_list *list, bool is_err, char *b /* isulad: judge the fd whether is fifo */ static bool lxc_terminal_is_fifo(int fd, struct lxc_list *list) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; struct lxc_fifos_fd *elem = NULL; lxc_list_for_each_safe(it, list, next) { @@ -576,7 +579,7 @@ static bool lxc_terminal_is_fifo(int fd, struct lxc_list *list) } int lxc_terminal_io_cb(int fd, uint32_t events, void *data, - struct lxc_epoll_descr *descr) + struct lxc_epoll_descr *descr) { struct lxc_terminal *terminal = data; char buf[2 * LXC_TERMINAL_BUFFER_SIZE]; @@ -684,7 +687,7 @@ static int lxc_terminal_mainloop_add_peer(struct lxc_terminal *terminal) if (terminal->peer >= 0) { ret = lxc_mainloop_add_handler(terminal->descr, terminal->peer, - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret < 0) { WARN("Failed to add terminal peer handler to mainloop"); return -1; @@ -695,7 +698,7 @@ static int lxc_terminal_mainloop_add_peer(struct lxc_terminal *terminal) return 0; ret = lxc_mainloop_add_handler(terminal->descr, terminal->tty_state->sigfd, - lxc_terminal_signalfd_cb, terminal->tty_state); + lxc_terminal_signalfd_cb, terminal->tty_state); if (ret < 0) { WARN("Failed to add signal handler to mainloop"); return -1; @@ -712,7 +715,7 @@ static int lxc_terminal_mainloop_add_pipes(struct lxc_terminal *terminal) // parent read data from fifo, and send to stdin of container if (terminal->pipes[0][1] > 0) { ret = lxc_mainloop_add_handler(terminal->descr, terminal->pipes[0][1], - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret) { ERROR("pipe fd %d not added to mainloop", terminal->pipes[0][1]); return -1; @@ -721,7 +724,7 @@ static int lxc_terminal_mainloop_add_pipes(struct lxc_terminal *terminal) // parent read data from stdout of container, and send to fifo if (terminal->pipes[1][0] > 0) { ret = lxc_mainloop_add_handler(terminal->descr, terminal->pipes[1][0], - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret) { ERROR("pipe fd %d not added to mainloop", terminal->pipes[1][0]); return -1; @@ -730,7 +733,7 @@ static int lxc_terminal_mainloop_add_pipes(struct lxc_terminal *terminal) // parent read data from stderr of container, and send to fifo if (terminal->pipes[2][0] > 0) { ret = lxc_mainloop_add_handler(terminal->descr, terminal->pipes[2][0], - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret) { ERROR("pipe fd %d not added to mainloop", terminal->pipes[2][0]); return -1; @@ -743,14 +746,15 @@ static int lxc_terminal_mainloop_add_pipes(struct lxc_terminal *terminal) static int lxc_terminal_mainloop_add_fifo(struct lxc_terminal *terminal) { int ret = 0; - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; struct lxc_fifos_fd *elem = NULL; lxc_list_for_each_safe(it, &terminal->fifos, next) { elem = it->elem; if (elem->in_fd >= 0) { ret = lxc_mainloop_add_handler(terminal->descr, elem->in_fd, - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret) { ERROR("console fifo %s not added to mainloop", elem->in_fifo); return -1; @@ -761,7 +765,7 @@ static int lxc_terminal_mainloop_add_fifo(struct lxc_terminal *terminal) } int lxc_terminal_mainloop_add(struct lxc_epoll_descr *descr, - struct lxc_terminal *terminal) + struct lxc_terminal *terminal) { int ret; @@ -796,7 +800,7 @@ int lxc_terminal_mainloop_add(struct lxc_epoll_descr *descr, } ret = lxc_mainloop_add_handler(descr, terminal->master, - lxc_terminal_io_cb, terminal); + lxc_terminal_io_cb, terminal); if (ret < 0) { ERROR("Failed to add handler for terminal master fd %d to " "mainloop", terminal->master); @@ -879,7 +883,7 @@ static void lxc_terminal_peer_proxy_free(struct lxc_terminal *terminal) } static int lxc_terminal_peer_proxy_alloc(struct lxc_terminal *terminal, - int sockfd) + int sockfd) { int ret; struct termios oldtermio; @@ -904,14 +908,14 @@ static int lxc_terminal_peer_proxy_alloc(struct lxc_terminal *terminal, * that the real terminal master will send to / recv from. */ ret = openpty(&terminal->proxy.master, &terminal->proxy.slave, NULL, - NULL, NULL); + NULL, NULL); if (ret < 0) { SYSERROR("Failed to open proxy terminal"); return -1; } ret = ttyname_r(terminal->proxy.slave, terminal->proxy.name, - sizeof(terminal->proxy.name)); + sizeof(terminal->proxy.name)); if (ret < 0) { SYSERROR("Failed to retrieve name of proxy terminal slave"); goto on_error; @@ -1253,7 +1257,7 @@ static int terminal_fifo_open(const char *fifo_path, int flags) { int fd = -1; - fd = open(fifo_path, flags); + fd = lxc_open(fifo_path, flags, 0); if (fd < 0) { WARN("Failed to open fifo %s to send message: %s.", fifo_path, strerror(errno)); @@ -1491,15 +1495,17 @@ int lxc_terminal_set_stdfds(int fd) return 0; for (i = 0; i < 3; i++) - if (!__terminal_dup2(fd, (int[]){STDIN_FILENO, STDOUT_FILENO, - STDERR_FILENO}[i])) - return -1; + if (!__terminal_dup2(fd, (int[]) { + STDIN_FILENO, STDOUT_FILENO, + STDERR_FILENO + }[i])) + return -1; return 0; } int lxc_terminal_stdin_cb(int fd, uint32_t events, void *cbdata, - struct lxc_epoll_descr *descr) + struct lxc_epoll_descr *descr) { int ret; char c; @@ -1533,7 +1539,7 @@ int lxc_terminal_stdin_cb(int fd, uint32_t events, void *cbdata, } int lxc_terminal_master_cb(int fd, uint32_t events, void *cbdata, - struct lxc_epoll_descr *descr) + struct lxc_epoll_descr *descr) { int r, w; char buf[LXC_TERMINAL_BUFFER_SIZE]; @@ -1559,8 +1565,8 @@ int lxc_terminal_getfd(struct lxc_container *c, int *ttynum, int *masterfd) } int lxc_console(struct lxc_container *c, int ttynum, - int stdinfd, int stdoutfd, int stderrfd, - int escape) + int stdinfd, int stdoutfd, int stderrfd, + int escape) { int masterfd, ret, ttyfd; struct lxc_epoll_descr descr; @@ -1602,7 +1608,7 @@ int lxc_console(struct lxc_container *c, int ttynum, if (ts->sigfd != -1) { ret = lxc_mainloop_add_handler(&descr, ts->sigfd, - lxc_terminal_signalfd_cb, ts); + lxc_terminal_signalfd_cb, ts); if (ret < 0) { ERROR("Failed to add signal handler to mainloop"); goto close_mainloop; @@ -1610,14 +1616,14 @@ int lxc_console(struct lxc_container *c, int ttynum, } ret = lxc_mainloop_add_handler(&descr, ts->stdinfd, - lxc_terminal_stdin_cb, ts); + lxc_terminal_stdin_cb, ts); if (ret < 0) { ERROR("Failed to add stdin handler"); goto close_mainloop; } ret = lxc_mainloop_add_handler(&descr, ts->masterfd, - lxc_terminal_master_cb, ts); + lxc_terminal_master_cb, ts); if (ret < 0) { ERROR("Failed to add master handler"); goto close_mainloop; @@ -1625,11 +1631,11 @@ int lxc_console(struct lxc_container *c, int ttynum, if (ts->escape >= 1) { fprintf(stderr, - "\n" - "Connected to tty %1$d\n" - "Type to exit the console, " - " to enter Ctrl+%2$c itself\n", - ttynum, 'a' + escape - 1); + "\n" + "Connected to tty %1$d\n" + "Type to exit the console, " + " to enter Ctrl+%2$c itself\n", + ttynum, 'a' + escape - 1); } if (istty) { @@ -1729,7 +1735,8 @@ void lxc_terminal_init(struct lxc_terminal *terminal) /* isulad: if fd == -1, means delete all the fifos*/ int lxc_terminal_delete_fifo(int fd, struct lxc_list *list) { - struct lxc_list *it,*next; + struct lxc_list *it = NULL; + struct lxc_list *next = NULL; struct lxc_fifos_fd *elem = NULL; lxc_list_for_each_safe(it, list, next) { @@ -1837,7 +1844,7 @@ int lxc_terminal_add_fifos(struct lxc_conf *conf, const char *fifonames) } if (lxc_mainloop_add_handler(terminal->descr, fifofd_in, - lxc_terminal_io_cb, terminal)) { + lxc_terminal_io_cb, terminal)) { ERROR("console fifo not added to mainloop"); lxc_terminal_delete_fifo(fifofd_in, &terminal->fifos); ret = -1; diff --git a/src/lxc/utils.c b/src/lxc/utils.c index dc0e6c5..9ce2473 100644 --- a/src/lxc/utils.c +++ b/src/lxc/utils.c @@ -56,6 +56,7 @@ #include "raw_syscalls.h" #include "syscall_wrappers.h" #include "utils.h" +#include "path.h" #ifndef HAVE_STRLCPY #include "include/strlcpy.h" @@ -81,7 +82,7 @@ lxc_log_define(utils, lxc); extern bool btrfs_try_remove_subvol(const char *path); static int _recursive_rmdir(const char *dirname, dev_t pdev, - const char *exclude, int level, bool onedev) + const char *exclude, int level, bool onedev) { struct dirent *direntp; DIR *dir; @@ -101,7 +102,7 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev, int rc; if (!strcmp(direntp->d_name, ".") || - !strcmp(direntp->d_name, "..")) + !strcmp(direntp->d_name, "..")) continue; rc = snprintf(pathname, PATH_MAX, "%s/%s", dirname, direntp->d_name); @@ -155,8 +156,8 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev, } else { if (unlink(pathname) < 0) { if (saved_errno == 0) { - saved_errno = errno; - } + saved_errno = errno; + } SYSERROR("Failed to delete \"%s\"", pathname); failed=1; } @@ -186,7 +187,7 @@ static int _recursive_rmdir(const char *dirname, dev_t pdev, static bool is_native_overlayfs(const char *path) { if (has_fs_type(path, OVERLAY_SUPER_MAGIC) || - has_fs_type(path, OVERLAYFS_SUPER_MAGIC)) + has_fs_type(path, OVERLAYFS_SUPER_MAGIC)) return true; return false; @@ -650,7 +651,7 @@ uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval) * multiply by the 64 bit FNV magic prime mod 2^64 */ hval += (hval << 1) + (hval << 4) + (hval << 5) + - (hval << 7) + (hval << 8) + (hval << 40); + (hval << 7) + (hval << 8) + (hval << 40); } return hval; @@ -792,7 +793,7 @@ char *on_path(const char *cmd, const char *rootfs) lxc_iterate_parts (entry, path, ":") { if (rootfs) ret = snprintf(cmdpath, PATH_MAX, "%s/%s/%s", rootfs, - entry, cmd); + entry, cmd); else ret = snprintf(cmdpath, PATH_MAX, "%s/%s", entry, cmd); if (ret < 0 || ret >= PATH_MAX) @@ -820,7 +821,7 @@ char *choose_init(const char *rootfs) { char *retv = NULL; const char *empty = "", - *tmp; + *tmp; int ret, env_set = 0; if (!getenv("PATH")) { @@ -1141,7 +1142,7 @@ out: * setup before executing the container's init */ int safe_mount(const char *src, const char *dest, const char *fstype, - unsigned long flags, const void *data, const char *rootfs) + unsigned long flags, const void *data, const char *rootfs) { int destfd, ret, saved_errno; /* Only needs enough for /proc/self/fd/. */ @@ -1368,7 +1369,7 @@ out: int lxc_preserve_ns(const int pid, const char *ns) { int ret; -/* 5 /proc + 21 /int_as_str + 3 /ns + 20 /NS_NAME + 1 \0 */ + /* 5 /proc + 21 /int_as_str + 3 /ns + 20 /NS_NAME + 1 \0 */ #define __NS_PATH_LEN 50 char path[__NS_PATH_LEN]; @@ -1377,8 +1378,8 @@ int lxc_preserve_ns(const int pid, const char *ns) * string. */ ret = snprintf(path, __NS_PATH_LEN, "/proc/%d/ns%s%s", pid, - !ns || strcmp(ns, "") == 0 ? "" : "/", - !ns || strcmp(ns, "") == 0 ? "" : ns); + !ns || strcmp(ns, "") == 0 ? "" : "/", + !ns || strcmp(ns, "") == 0 ? "" : ns); if (ret < 0 || (size_t)ret >= __NS_PATH_LEN) { errno = EFBIG; return -1; @@ -1452,7 +1453,7 @@ static int lxc_get_unused_loop_dev_legacy(char *loop_name) ret = ioctl(fd, LOOP_GET_STATUS64, &lo64); if (ret < 0) { if (ioctl(fd, LOOP_GET_STATUS64, &lo64) == 0 || - errno != ENXIO) { + errno != ENXIO) { close(fd); fd = -1; continue; @@ -1726,7 +1727,7 @@ int lxc_set_death_signal(int signal, pid_t parent) //pid_t ppid; ret = prctl(PR_SET_PDEATHSIG, prctl_arg(signal), prctl_arg(0), - prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0)); /* Check whether we have been orphaned. */ /* isulad: delete this check, ppid will not be 0 if we shared host pid */ @@ -1770,7 +1771,7 @@ int fd_nonblock(int fd) { long flags; - flags = fcntl(fd, F_GETFL); + flags = fcntl(fd, F_GETFL); return fcntl(fd, F_SETFL, flags | O_NONBLOCK); } @@ -1797,7 +1798,7 @@ int recursive_destroy(char *dirname) struct stat mystat; if (!strcmp(direntp->d_name, ".") || - !strcmp(direntp->d_name, "..")) + !strcmp(direntp->d_name, "..")) continue; pathname = must_make_path(dirname, direntp->d_name, NULL); @@ -1818,7 +1819,7 @@ int recursive_destroy(char *dirname) if (ret < 0) r = -1; - next: +next: free(pathname); } @@ -1850,7 +1851,7 @@ int lxc_setup_keyring(void) * information leaks. */ keyring = keyctl(KEYCTL_JOIN_SESSION_KEYRING, prctl_arg(0), - prctl_arg(0), prctl_arg(0), prctl_arg(0)); + prctl_arg(0), prctl_arg(0), prctl_arg(0)); if (keyring < 0) { switch (errno) { case ENOSYS: @@ -1913,7 +1914,7 @@ int lxc_file2str(const char *filename, char ret[], int cap) { int fd, num_read; - if ((fd = open(filename, O_RDONLY | O_CLOEXEC)) == -1) + if ((fd = lxc_open(filename, O_RDONLY | O_CLOEXEC, 0)) == -1) return -1; if ((num_read = read(fd, ret, cap - 1)) <= 0) num_read = -1; @@ -1929,7 +1930,7 @@ int lxc_file2str(const char *filename, char ret[], int cap) * Such names confuse %s (see scanf(3)), so the string is split and %39c * is used instead. (except for embedded ')' "(%[^)]c)" would work. */ -static proc_t *lxc_stat2proc(char *S) +static proc_t *lxc_stat2proc(const char *S) { int num; proc_t *P = NULL; @@ -1956,33 +1957,33 @@ static proc_t *lxc_stat2proc(char *S) return NULL; } num = sscanf(tmp + 2, /* skip space after ')' too */ - "%c " - "%d %d %d %d %d " - "%lu %lu %lu %lu %lu " - "%Lu %Lu %Lu %Lu " /* utime stime cutime cstime */ - "%ld %ld %ld %ld " - "%Lu " /* start_time */ - "%lu " - "%ld " - "%lu %lu %lu %lu %lu %lu " - "%*s %*s %*s %*s " /* discard, no RT signals & Linux 2.1 used hex */ - "%lu %lu %lu " - "%d %d " - "%lu %lu", - &P->state, - &P->ppid, &P->pgrp, &P->session, &P->tty, &P->tpgid, - &P->flags, &P->min_flt, &P->cmin_flt, &P->maj_flt, &P->cmaj_flt, - &P->utime, &P->stime, &P->cutime, &P->cstime, - &P->priority, &P->nice, &P->timeout, &P->it_real_value, - &P->start_time, - &P->vsize, - &P->rss, - &P->rss_rlim, &P->start_code, &P->end_code, &P->start_stack, &P->kstk_esp, - &P->kstk_eip, - &P->wchan, &P->nswap, &P->cnswap, - &P->exit_signal, &P->processor, /* 2.2.1 ends with "exit_signal" */ - &P->rtprio, &P->sched /* both added to 2.5.18 */ - ); + "%c " + "%d %d %d %d %d " + "%lu %lu %lu %lu %lu " + "%Lu %Lu %Lu %Lu " /* utime stime cutime cstime */ + "%ld %ld %ld %ld " + "%Lu " /* start_time */ + "%lu " + "%ld " + "%lu %lu %lu %lu %lu %lu " + "%*s %*s %*s %*s " /* discard, no RT signals & Linux 2.1 used hex */ + "%lu %lu %lu " + "%d %d " + "%lu %lu", + &P->state, + &P->ppid, &P->pgrp, &P->session, &P->tty, &P->tpgid, + &P->flags, &P->min_flt, &P->cmin_flt, &P->maj_flt, &P->cmaj_flt, + &P->utime, &P->stime, &P->cutime, &P->cstime, + &P->priority, &P->nice, &P->timeout, &P->it_real_value, + &P->start_time, + &P->vsize, + &P->rss, + &P->rss_rlim, &P->start_code, &P->end_code, &P->start_stack, &P->kstk_esp, + &P->kstk_eip, + &P->wchan, &P->nswap, &P->cnswap, + &P->exit_signal, &P->processor, /* 2.2.1 ends with "exit_signal" */ + &P->rtprio, &P->sched /* both added to 2.5.18 */ + ); if (P->tty == 0) P->tty = -1; /* the old notty val, update elsewhere bef. moving to 0 */ @@ -2092,3 +2093,67 @@ bool is_non_negative_num(const char *s) return true; } +void *lxc_common_calloc_s(size_t size) +{ + if (size == 0 || size > SIZE_MAX) { + return NULL; + } + + return calloc((size_t)1, size); +} + + +int lxc_mem_realloc(void **newptr, size_t newsize, void *oldptr, size_t oldsize) +{ + void *tmp = NULL; + int nret = 0; + if (newsize == 0) { + goto err_out; + } + + tmp = lxc_common_calloc_s(newsize); + if (tmp == NULL) { + ERROR("Failed to malloc memory"); + goto err_out; + } + + if (oldptr != NULL) { + memcpy(tmp, oldptr, (newsize < oldsize) ? newsize : oldsize); + + memset(oldptr, 0, oldsize); + + free(oldptr); + } + + *newptr = tmp; + return 0; + +err_out: + return -1; +} + +int lxc_open(const char *filename, int flags, mode_t mode) +{ + char rpath[PATH_MAX] = {0x00}; + + if (cleanpath(filename, rpath, sizeof(rpath)) == NULL) { + return -1; + } + if (mode) { + return open(rpath, flags | O_CLOEXEC, mode); + } else { + return open(rpath, flags | O_CLOEXEC); + } +} + +FILE *lxc_fopen(const char *filename, const char *mode) +{ + char rpath[PATH_MAX] = {0x00}; + + if (cleanpath(filename, rpath, sizeof(rpath)) == NULL) { + return NULL; + } + + return fopen_cloexec(rpath, mode); +} + diff --git a/src/lxc/utils.h b/src/lxc/utils.h index 4410ff2..2406ee1 100644 --- a/src/lxc/utils.h +++ b/src/lxc/utils.h @@ -229,8 +229,8 @@ extern bool switch_to_ns(pid_t pid, const char *ns); extern char *get_template_path(const char *t); extern int open_without_symlink(const char *target, const char *prefix_skip); extern int safe_mount(const char *src, const char *dest, const char *fstype, - unsigned long flags, const void *data, - const char *rootfs); + unsigned long flags, const void *data, + const char *rootfs); extern int lxc_mount_proc_if_needed(const char *rootfs); extern int open_devnull(void); extern int set_stdfds(int fd); @@ -269,7 +269,7 @@ extern int lxc_unstack_mountpoint(const char *path, bool lazy); * @param[in] args Arguments to be passed to child_fn. */ extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *), - void *args); + void *args); /* Concatenate all passed-in strings into one path. Do not fail. If any piece * is not prefixed with '/', add a '/'. @@ -324,5 +324,8 @@ extern bool lxc_process_alive(pid_t pid, unsigned long long start_time); extern bool is_non_negative_num(const char *s); extern int lxc_file2str(const char *filename, char ret[], int cap); - +extern int lxc_mem_realloc(void **newptr, size_t newsize, void *oldptr, size_t oldsize); +extern void *lxc_common_calloc_s(size_t size); +extern int lxc_open(const char *filename, int flags, mode_t mode); +extern FILE *lxc_fopen(const char *filename, const char *mode); #endif /* __LXC_UTILS_H */ -- 1.8.3.1