]>
Commit | Line | Data |
---|---|---|
724e753c MN |
1 | /* |
2 | * lxc: linux Container library | |
3 | * | |
4 | * (C) Copyright IBM Corp. 2007, 2009 | |
5 | * | |
6 | * Authors: | |
9afe19d6 | 7 | * Daniel Lezcano <daniel.lezcano at free.fr> |
724e753c MN |
8 | * |
9 | * This library is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU Lesser General Public | |
11 | * License as published by the Free Software Foundation; either | |
12 | * version 2.1 of the License, or (at your option) any later version. | |
13 | * | |
14 | * This library is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
17 | * Lesser General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU Lesser General Public | |
20 | * License along with this library; if not, write to the Free Software | |
250b1eec | 21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
724e753c MN |
22 | */ |
23 | ||
d38dd64a CB |
24 | #ifndef _GNU_SOURCE |
25 | #define _GNU_SOURCE 1 | |
26 | #endif | |
cf685555 | 27 | #include <caps.h> |
724e753c | 28 | #include <errno.h> |
91480a0f | 29 | #include <fcntl.h> |
fe84a562 | 30 | #include <malloc.h> |
37515ebd | 31 | #include <poll.h> |
fe84a562 CB |
32 | #include <signal.h> |
33 | #include <stdio.h> | |
34 | #include <stdlib.h> | |
fe84a562 | 35 | #include <sys/param.h> |
724e753c MN |
36 | #include <sys/socket.h> |
37 | #include <sys/un.h> | |
d38dd64a | 38 | #include <unistd.h> |
724e753c | 39 | |
fe84a562 | 40 | #include "af_unix.h" |
f2363e38 | 41 | #include "cgroup.h" |
724e753c | 42 | #include "commands.h" |
bbf5cf35 | 43 | #include "commands_utils.h" |
fe84a562 | 44 | #include "conf.h" |
d38dd64a | 45 | #include "config.h" |
ef6e34ee | 46 | #include "confile.h" |
fe84a562 CB |
47 | #include "log.h" |
48 | #include "lxc.h" | |
dbc9832d | 49 | #include "lxclock.h" |
724e753c | 50 | #include "mainloop.h" |
dbc9832d | 51 | #include "monitor.h" |
fe84a562 | 52 | #include "start.h" |
0ed9b1bc | 53 | #include "terminal.h" |
fe84a562 | 54 | #include "utils.h" |
724e753c | 55 | |
ded1d23f | 56 | /* |
fe84a562 CB |
57 | * This file provides the different functions for clients to query/command the |
58 | * server. The client is typically some lxc tool and the server is typically the | |
59 | * container (ie. lxc-start). | |
ded1d23f | 60 | * |
fe84a562 CB |
61 | * Each command is transactional, the clients send a request to the server and |
62 | * the server answers the request with a message giving the request's status | |
63 | * (zero or a negative errno value). Both the request and response may contain | |
64 | * additional data. | |
ded1d23f | 65 | * |
fe84a562 CB |
66 | * Each command is wrapped in a ancillary message in order to pass a credential |
67 | * making possible to the server to check if the client is allowed to ask for | |
68 | * this command or not. | |
80bcb053 | 69 | * |
fe84a562 CB |
70 | * IMPORTANTLY: Note that semantics for current commands are fixed. If you wish |
71 | * to make any changes to how, say, LXC_CMD_GET_CONFIG_ITEM works by adding | |
72 | * information to the end of cmd.data, then you must introduce a new | |
73 | * LXC_CMD_GET_CONFIG_ITEM_V2 define with a new number. You may wish to also | |
74 | * mark LXC_CMD_GET_CONFIG_ITEM deprecated in commands.h. | |
80bcb053 SH |
75 | * |
76 | * This is necessary in order to avoid having a newly compiled lxc command | |
77 | * communicating with a running (old) monitor from crashing the running | |
78 | * container. | |
ded1d23f DL |
79 | */ |
80 | ||
ac2cecc4 | 81 | lxc_log_define(commands, lxc); |
724e753c | 82 | |
ef6e34ee | 83 | static const char *lxc_cmd_str(lxc_cmd_t cmd) |
724e753c | 84 | { |
fe84a562 | 85 | static const char *const cmdname[LXC_CMD_MAX] = { |
974a8aba | 86 | [LXC_CMD_CONSOLE] = "console", |
8ccbbf94 | 87 | [LXC_CMD_TERMINAL_WINCH] = "terminal_winch", |
974a8aba CB |
88 | [LXC_CMD_STOP] = "stop", |
89 | [LXC_CMD_GET_STATE] = "get_state", | |
90 | [LXC_CMD_GET_INIT_PID] = "get_init_pid", | |
91 | [LXC_CMD_GET_CLONE_FLAGS] = "get_clone_flags", | |
92 | [LXC_CMD_GET_CGROUP] = "get_cgroup", | |
93 | [LXC_CMD_GET_CONFIG_ITEM] = "get_config_item", | |
94 | [LXC_CMD_GET_NAME] = "get_name", | |
95 | [LXC_CMD_GET_LXCPATH] = "get_lxcpath", | |
96 | [LXC_CMD_ADD_STATE_CLIENT] = "add_state_client", | |
97 | [LXC_CMD_CONSOLE_LOG] = "console_log", | |
98 | [LXC_CMD_SERVE_STATE_CLIENTS] = "serve_state_clients", | |
ef6e34ee | 99 | }; |
724e753c | 100 | |
f371aca9 | 101 | if (cmd >= LXC_CMD_MAX) |
a8007512 | 102 | return "Invalid request"; |
fe84a562 | 103 | |
ef6e34ee DE |
104 | return cmdname[cmd]; |
105 | } | |
106 | ||
107 | /* | |
108 | * lxc_cmd_rsp_recv: Receive a response to a command | |
109 | * | |
110 | * @sock : the socket connected to the container | |
111 | * @cmd : command to put response in | |
112 | * | |
113 | * Returns the size of the response message or < 0 on failure | |
114 | * | |
115 | * Note that if the command response datalen > 0, then data is | |
116 | * a malloc()ed buffer and should be free()ed by the caller. If | |
117 | * the response data is <= a void * worth of data, it will be | |
118 | * stored directly in data and datalen will be 0. | |
119 | * | |
120 | * As a special case, the response for LXC_CMD_CONSOLE is created | |
0115f8fd DE |
121 | * here as it contains an fd for the master pty passed through the |
122 | * unix socket. | |
ef6e34ee DE |
123 | */ |
124 | static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd) | |
125 | { | |
2945ea97 | 126 | int ret, rspfd; |
ef6e34ee DE |
127 | struct lxc_cmd_rsp *rsp = &cmd->rsp; |
128 | ||
ae467c54 | 129 | ret = lxc_abstract_unix_recv_fds(sock, &rspfd, 1, rsp, sizeof(*rsp)); |
ef6e34ee | 130 | if (ret < 0) { |
a24c5678 | 131 | SYSWARN("Failed to receive response for command \"%s\"", |
132 | lxc_cmd_str(cmd->req.cmd)); | |
133 | ||
6b7f85cb | 134 | if (errno == ECONNRESET) |
2a850b2c | 135 | return -1; |
6b7f85cb | 136 | |
ef6e34ee DE |
137 | return -1; |
138 | } | |
fe84a562 | 139 | TRACE("Command \"%s\" received response", lxc_cmd_str(cmd->req.cmd)); |
ef6e34ee DE |
140 | |
141 | if (cmd->req.cmd == LXC_CMD_CONSOLE) { | |
142 | struct lxc_cmd_console_rsp_data *rspdata; | |
143 | ||
0115f8fd DE |
144 | /* recv() returns 0 bytes when a tty cannot be allocated, |
145 | * rsp->ret is < 0 when the peer permission check failed | |
146 | */ | |
147 | if (ret == 0 || rsp->ret < 0) | |
148 | return 0; | |
149 | ||
ef6e34ee DE |
150 | rspdata = malloc(sizeof(*rspdata)); |
151 | if (!rspdata) { | |
2a850b2c | 152 | errno = ENOMEM; |
fe84a562 | 153 | ERROR("Failed to allocate response buffer for command \"%s\"", |
ef6e34ee | 154 | lxc_cmd_str(cmd->req.cmd)); |
2a850b2c | 155 | return -1; |
ef6e34ee | 156 | } |
2a850b2c | 157 | |
0115f8fd | 158 | rspdata->masterfd = rspfd; |
ef6e34ee DE |
159 | rspdata->ttynum = PTR_TO_INT(rsp->data); |
160 | rsp->data = rspdata; | |
161 | } | |
162 | ||
860e7c43 | 163 | if (rsp->datalen == 0) { |
fe84a562 | 164 | DEBUG("Response data length for command \"%s\" is 0", |
860e7c43 | 165 | lxc_cmd_str(cmd->req.cmd)); |
ae5c8b8e | 166 | return ret; |
860e7c43 | 167 | } |
fe84a562 | 168 | |
191d43cc CB |
169 | if ((rsp->datalen > LXC_CMD_DATA_MAX) && |
170 | (cmd->req.cmd != LXC_CMD_CONSOLE_LOG)) { | |
2a850b2c CB |
171 | ERROR("Response data for command \"%s\" is too long: %d bytes > %d", |
172 | lxc_cmd_str(cmd->req.cmd), rsp->datalen, LXC_CMD_DATA_MAX); | |
173 | return -1; | |
2ac9aafc | 174 | } |
ef6e34ee | 175 | |
191d43cc CB |
176 | if (cmd->req.cmd == LXC_CMD_CONSOLE_LOG) { |
177 | rsp->data = malloc(rsp->datalen + 1); | |
178 | ((char *)rsp->data)[rsp->datalen] = '\0'; | |
179 | } else { | |
180 | rsp->data = malloc(rsp->datalen); | |
181 | } | |
ef6e34ee | 182 | if (!rsp->data) { |
fe84a562 | 183 | errno = ENOMEM; |
2a850b2c CB |
184 | ERROR("Failed to allocate response buffer for command \"%s\"", |
185 | lxc_cmd_str(cmd->req.cmd)); | |
186 | return -1; | |
ef6e34ee | 187 | } |
fe84a562 | 188 | |
2a850b2c | 189 | ret = lxc_recv_nointr(sock, rsp->data, rsp->datalen, 0); |
ef6e34ee | 190 | if (ret != rsp->datalen) { |
6d1400b5 | 191 | SYSERROR("Failed to receive response data for command \"%s\"", |
192 | lxc_cmd_str(cmd->req.cmd)); | |
2a850b2c | 193 | return -1; |
ef6e34ee | 194 | } |
724e753c MN |
195 | |
196 | return ret; | |
197 | } | |
198 | ||
ef6e34ee DE |
199 | /* |
200 | * lxc_cmd_rsp_send: Send a command response | |
201 | * | |
202 | * @fd : file descriptor of socket to send response on | |
203 | * @rsp : response to send | |
204 | * | |
205 | * Returns 0 on success, < 0 on failure | |
206 | */ | |
207 | static int lxc_cmd_rsp_send(int fd, struct lxc_cmd_rsp *rsp) | |
208 | { | |
fe84a562 | 209 | ssize_t ret; |
ef6e34ee | 210 | |
7fbb15ec CB |
211 | errno = EMSGSIZE; |
212 | ret = lxc_send_nointr(fd, rsp, sizeof(*rsp), MSG_NOSIGNAL); | |
fe84a562 | 213 | if (ret < 0 || (size_t)ret != sizeof(*rsp)) { |
6d1400b5 | 214 | SYSERROR("Failed to send command response %zd", ret); |
ef6e34ee DE |
215 | return -1; |
216 | } | |
217 | ||
a674dfe1 | 218 | if (!rsp->data || rsp->datalen <= 0) |
fe84a562 CB |
219 | return 0; |
220 | ||
7fbb15ec CB |
221 | errno = EMSGSIZE; |
222 | ret = lxc_send_nointr(fd, rsp->data, rsp->datalen, MSG_NOSIGNAL); | |
fe84a562 | 223 | if (ret < 0 || ret != (ssize_t)rsp->datalen) { |
a24c5678 | 224 | SYSWARN("Failed to send command response data %zd", ret); |
fe84a562 | 225 | return -1; |
ef6e34ee | 226 | } |
fe84a562 | 227 | |
ef6e34ee DE |
228 | return 0; |
229 | } | |
230 | ||
c01c2be6 | 231 | static int lxc_cmd_send(const char *name, struct lxc_cmd_rr *cmd, |
fe84a562 | 232 | const char *lxcpath, const char *hashed_sock_name) |
c01c2be6 | 233 | { |
2a850b2c | 234 | int client_fd, saved_errno; |
fe84a562 | 235 | ssize_t ret = -1; |
c01c2be6 | 236 | |
9dfa4041 | 237 | client_fd = lxc_cmd_connect(name, lxcpath, hashed_sock_name, "command"); |
2a850b2c | 238 | if (client_fd < 0) |
fe84a562 | 239 | return -1; |
c01c2be6 | 240 | |
fe84a562 CB |
241 | ret = lxc_abstract_unix_send_credential(client_fd, &cmd->req, |
242 | sizeof(cmd->req)); | |
2a850b2c CB |
243 | if (ret < 0 || (size_t)ret != sizeof(cmd->req)) |
244 | goto on_error; | |
9044b79e | 245 | |
fe84a562 CB |
246 | if (cmd->req.datalen <= 0) |
247 | return client_fd; | |
c01c2be6 | 248 | |
7fbb15ec CB |
249 | errno = EMSGSIZE; |
250 | ret = lxc_send_nointr(client_fd, (void *)cmd->req.data, | |
251 | cmd->req.datalen, MSG_NOSIGNAL); | |
2a850b2c CB |
252 | if (ret < 0 || ret != (ssize_t)cmd->req.datalen) |
253 | goto on_error; | |
c01c2be6 | 254 | |
2a850b2c | 255 | return client_fd; |
c01c2be6 | 256 | |
2a850b2c CB |
257 | on_error: |
258 | saved_errno = errno; | |
259 | close(client_fd); | |
260 | errno = saved_errno; | |
c01c2be6 | 261 | |
2a850b2c | 262 | return -1; |
c01c2be6 CB |
263 | } |
264 | ||
ef6e34ee DE |
265 | /* |
266 | * lxc_cmd: Connect to the specified running container, send it a command | |
267 | * request and collect the response | |
268 | * | |
269 | * @name : name of container to connect to | |
1e8cfdf6 | 270 | * @cmd : command with initialized request to send |
ef6e34ee DE |
271 | * @stopped : output indicator if the container was not running |
272 | * @lxcpath : the lxcpath in which the container is running | |
273 | * | |
274 | * Returns the size of the response message on success, < 0 on failure | |
275 | * | |
276 | * Note that there is a special case for LXC_CMD_CONSOLE. For this command | |
277 | * the fd cannot be closed because it is used as a placeholder to indicate | |
278 | * that a particular tty slot is in use. The fd is also used as a signal to | |
279 | * the container that when the caller dies or closes the fd, the container | |
0115f8fd DE |
280 | * will notice the fd on its side of the socket in its mainloop select and |
281 | * then free the slot with lxc_cmd_fd_cleanup(). The socket fd will be | |
282 | * returned in the cmd response structure. | |
ef6e34ee DE |
283 | */ |
284 | static int lxc_cmd(const char *name, struct lxc_cmd_rr *cmd, int *stopped, | |
88556fd7 | 285 | const char *lxcpath, const char *hashed_sock_name) |
724e753c | 286 | { |
2a850b2c | 287 | int client_fd, saved_errno; |
fe84a562 | 288 | int ret = -1; |
dbc9832d CB |
289 | bool stay_connected = false; |
290 | ||
291 | if (cmd->req.cmd == LXC_CMD_CONSOLE || | |
54446942 | 292 | cmd->req.cmd == LXC_CMD_ADD_STATE_CLIENT) |
dbc9832d | 293 | stay_connected = true; |
724e753c | 294 | |
0ecf64b5 SH |
295 | *stopped = 0; |
296 | ||
c01c2be6 CB |
297 | client_fd = lxc_cmd_send(name, cmd, lxcpath, hashed_sock_name); |
298 | if (client_fd < 0) { | |
7874d81a | 299 | SYSTRACE("Command \"%s\" failed to connect command socket", |
300 | lxc_cmd_str(cmd->req.cmd)); | |
6a93ae77 | 301 | |
2a850b2c | 302 | if (errno == ECONNREFUSED) |
ef6e34ee | 303 | *stopped = 1; |
3f903c04 | 304 | |
2a850b2c | 305 | if (errno == EPIPE) { |
6a93ae77 CB |
306 | *stopped = 1; |
307 | client_fd = 0; | |
308 | } | |
724e753c | 309 | |
2a850b2c | 310 | return -1; |
724e753c MN |
311 | } |
312 | ||
c01c2be6 | 313 | ret = lxc_cmd_rsp_recv(client_fd, cmd); |
2a850b2c | 314 | if (ret < 0 && errno == ECONNRESET) |
6b7f85cb | 315 | *stopped = 1; |
6a93ae77 | 316 | |
4575a9f9 | 317 | if (!stay_connected || ret <= 0) |
2a850b2c CB |
318 | if (client_fd >= 0) { |
319 | saved_errno = errno; | |
2a7de7ea | 320 | close(client_fd); |
2a850b2c CB |
321 | errno = saved_errno; |
322 | } | |
fe84a562 | 323 | |
0115f8fd | 324 | if (stay_connected && ret > 0) |
c01c2be6 | 325 | cmd->rsp.ret = client_fd; |
43eb6f29 | 326 | |
1362f2eb | 327 | return ret; |
724e753c MN |
328 | } |
329 | ||
b494d2dd SH |
330 | int lxc_try_cmd(const char *name, const char *lxcpath) |
331 | { | |
0ecf64b5 | 332 | int stopped, ret; |
b494d2dd SH |
333 | struct lxc_cmd_rr cmd = { |
334 | .req = { .cmd = LXC_CMD_GET_INIT_PID }, | |
335 | }; | |
336 | ||
88556fd7 | 337 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
b494d2dd SH |
338 | if (stopped) |
339 | return 0; | |
340 | if (ret > 0 && cmd.rsp.ret < 0) { | |
341 | errno = cmd.rsp.ret; | |
342 | return -1; | |
343 | } | |
344 | if (ret > 0) | |
345 | return 0; | |
346 | ||
fe84a562 CB |
347 | /* At this point we weren't denied access, and the container *was* |
348 | * started. There was some inexplicable error in the protocol. I'm not | |
349 | * clear on whether we should return -1 here, but we didn't receive a | |
350 | * -EACCES, so technically it's not that we're not allowed to control | |
351 | * the container - it's just not behaving. | |
b494d2dd SH |
352 | */ |
353 | return 0; | |
354 | } | |
355 | ||
ef6e34ee DE |
356 | /* Implentations of the commands and their callbacks */ |
357 | ||
358 | /* | |
359 | * lxc_cmd_get_init_pid: Get pid of the container's init process | |
360 | * | |
361 | * @name : name of container to connect to | |
362 | * @lxcpath : the lxcpath in which the container is running | |
363 | * | |
364 | * Returns the pid on success, < 0 on failure | |
365 | */ | |
366 | pid_t lxc_cmd_get_init_pid(const char *name, const char *lxcpath) | |
43eb6f29 | 367 | { |
0ecf64b5 | 368 | int ret, stopped; |
9234406b | 369 | intmax_t pid; |
ef6e34ee | 370 | struct lxc_cmd_rr cmd = { |
e8cd1208 CB |
371 | .req = { |
372 | .cmd = LXC_CMD_GET_INIT_PID | |
373 | }, | |
374 | .rsp = { | |
9234406b | 375 | .data = INTMAX_TO_PTR((intmax_t){-1}) |
e8cd1208 | 376 | } |
ef6e34ee DE |
377 | }; |
378 | ||
88556fd7 | 379 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
ef6e34ee | 380 | if (ret < 0) |
8ed8a626 | 381 | return -1; |
ef6e34ee | 382 | |
9234406b CB |
383 | pid = PTR_TO_INTMAX(cmd.rsp.data); |
384 | if (pid < 0) | |
385 | return -1; | |
386 | ||
387 | /* We need to assume that pid_t can actually hold any pid given to us | |
388 | * by the kernel. If it can't it's a libc bug. | |
389 | */ | |
390 | return (pid_t)pid; | |
43eb6f29 DL |
391 | } |
392 | ||
ef6e34ee DE |
393 | static int lxc_cmd_get_init_pid_callback(int fd, struct lxc_cmd_req *req, |
394 | struct lxc_handler *handler) | |
43eb6f29 | 395 | { |
54dcfd81 CB |
396 | intmax_t pid = handler->pid; |
397 | ||
9234406b | 398 | struct lxc_cmd_rsp rsp = { |
54dcfd81 | 399 | .data = INTMAX_TO_PTR(pid) |
9234406b | 400 | }; |
ef6e34ee DE |
401 | |
402 | return lxc_cmd_rsp_send(fd, &rsp); | |
43eb6f29 DL |
403 | } |
404 | ||
ef6e34ee DE |
405 | /* |
406 | * lxc_cmd_get_clone_flags: Get clone flags container was spawned with | |
407 | * | |
408 | * @name : name of container to connect to | |
409 | * @lxcpath : the lxcpath in which the container is running | |
410 | * | |
411 | * Returns the clone flags on success, < 0 on failure | |
412 | */ | |
413 | int lxc_cmd_get_clone_flags(const char *name, const char *lxcpath) | |
414 | { | |
0ecf64b5 | 415 | int ret, stopped; |
ef6e34ee DE |
416 | struct lxc_cmd_rr cmd = { |
417 | .req = { .cmd = LXC_CMD_GET_CLONE_FLAGS }, | |
418 | }; | |
419 | ||
88556fd7 | 420 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
ef6e34ee DE |
421 | if (ret < 0) |
422 | return ret; | |
43eb6f29 | 423 | |
ef6e34ee DE |
424 | return PTR_TO_INT(cmd.rsp.data); |
425 | } | |
426 | ||
427 | static int lxc_cmd_get_clone_flags_callback(int fd, struct lxc_cmd_req *req, | |
428 | struct lxc_handler *handler) | |
26b2d152 | 429 | { |
becad0ec | 430 | struct lxc_cmd_rsp rsp = { .data = INT_TO_PTR(handler->ns_clone_flags) }; |
ef6e34ee DE |
431 | |
432 | return lxc_cmd_rsp_send(fd, &rsp); | |
433 | } | |
434 | ||
435 | /* | |
436 | * lxc_cmd_get_cgroup_path: Calculate a container's cgroup path for a | |
437 | * particular subsystem. This is the cgroup path relative to the root | |
438 | * of the cgroup filesystem. | |
439 | * | |
ef6e34ee DE |
440 | * @name : name of container to connect to |
441 | * @lxcpath : the lxcpath in which the container is running | |
b98f7d6e | 442 | * @subsystem : the subsystem being asked about |
ef6e34ee DE |
443 | * |
444 | * Returns the path on success, NULL on failure. The caller must free() the | |
445 | * returned path. | |
446 | */ | |
b98f7d6e | 447 | char *lxc_cmd_get_cgroup_path(const char *name, const char *lxcpath, |
fe84a562 | 448 | const char *subsystem) |
ef6e34ee | 449 | { |
0ecf64b5 | 450 | int ret, stopped; |
ef6e34ee | 451 | struct lxc_cmd_rr cmd = { |
b98f7d6e SH |
452 | .req = { |
453 | .cmd = LXC_CMD_GET_CGROUP, | |
b98f7d6e | 454 | .data = subsystem, |
c2aed66d | 455 | .datalen = 0, |
b98f7d6e | 456 | }, |
26b2d152 MN |
457 | }; |
458 | ||
c2aed66d CB |
459 | cmd.req.data = subsystem; |
460 | cmd.req.datalen = 0; | |
461 | if (subsystem) | |
462 | cmd.req.datalen = strlen(subsystem) + 1; | |
463 | ||
88556fd7 | 464 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
fe84a562 | 465 | if (ret < 0) |
ef6e34ee DE |
466 | return NULL; |
467 | ||
fe84a562 | 468 | if (ret == 0) |
ef6e34ee | 469 | return NULL; |
ef6e34ee | 470 | |
fe84a562 | 471 | if (cmd.rsp.ret < 0 || cmd.rsp.datalen < 0) |
ef6e34ee | 472 | return NULL; |
3f903c04 | 473 | |
ef6e34ee DE |
474 | return cmd.rsp.data; |
475 | } | |
476 | ||
477 | static int lxc_cmd_get_cgroup_callback(int fd, struct lxc_cmd_req *req, | |
478 | struct lxc_handler *handler) | |
479 | { | |
4fb3cba5 | 480 | const char *path; |
fe84a562 | 481 | struct lxc_cmd_rsp rsp; |
2202afc9 | 482 | struct cgroup_ops *cgroup_ops = handler->cgroup_ops; |
b98f7d6e | 483 | |
c2aed66d | 484 | if (req->datalen > 0) |
2202afc9 | 485 | path = cgroup_ops->get_cgroup(cgroup_ops, req->data); |
c2aed66d | 486 | else |
2202afc9 | 487 | path = cgroup_ops->get_cgroup(cgroup_ops, NULL); |
b98f7d6e SH |
488 | if (!path) |
489 | return -1; | |
fe84a562 | 490 | |
4f17323e | 491 | rsp.ret = 0; |
fe84a562 CB |
492 | rsp.datalen = strlen(path) + 1; |
493 | rsp.data = (char *)path; | |
ef6e34ee DE |
494 | |
495 | return lxc_cmd_rsp_send(fd, &rsp); | |
496 | } | |
497 | ||
498 | /* | |
499 | * lxc_cmd_get_config_item: Get config item the running container | |
500 | * | |
501 | * @name : name of container to connect to | |
7fa3f2e9 | 502 | * @item : the configuration item to retrieve (ex: lxc.net.0.veth.pair) |
ef6e34ee DE |
503 | * @lxcpath : the lxcpath in which the container is running |
504 | * | |
505 | * Returns the item on success, NULL on failure. The caller must free() the | |
506 | * returned item. | |
507 | */ | |
508 | char *lxc_cmd_get_config_item(const char *name, const char *item, | |
509 | const char *lxcpath) | |
510 | { | |
0ecf64b5 | 511 | int ret, stopped; |
ef6e34ee DE |
512 | struct lxc_cmd_rr cmd = { |
513 | .req = { .cmd = LXC_CMD_GET_CONFIG_ITEM, | |
514 | .data = item, | |
fe84a562 | 515 | .datalen = strlen(item) + 1, |
ef6e34ee DE |
516 | }, |
517 | }; | |
518 | ||
88556fd7 | 519 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
ef6e34ee DE |
520 | if (ret < 0) |
521 | return NULL; | |
522 | ||
523 | if (cmd.rsp.ret == 0) | |
524 | return cmd.rsp.data; | |
fe84a562 | 525 | |
ef6e34ee DE |
526 | return NULL; |
527 | } | |
528 | ||
529 | static int lxc_cmd_get_config_item_callback(int fd, struct lxc_cmd_req *req, | |
530 | struct lxc_handler *handler) | |
531 | { | |
532 | int cilen; | |
ef6e34ee | 533 | char *cidata; |
30aec088 | 534 | struct lxc_config_t *item; |
fe84a562 | 535 | struct lxc_cmd_rsp rsp; |
ef6e34ee DE |
536 | |
537 | memset(&rsp, 0, sizeof(rsp)); | |
300df83e | 538 | item = lxc_get_config(req->data); |
30aec088 CB |
539 | if (!item) |
540 | goto err1; | |
fe84a562 | 541 | |
cccd2219 | 542 | cilen = item->get(req->data, NULL, 0, handler->conf, NULL); |
ef6e34ee DE |
543 | if (cilen <= 0) |
544 | goto err1; | |
545 | ||
546 | cidata = alloca(cilen + 1); | |
cccd2219 | 547 | if (item->get(req->data, cidata, cilen + 1, handler->conf, NULL) != cilen) |
ef6e34ee | 548 | goto err1; |
fe84a562 | 549 | |
ef6e34ee DE |
550 | cidata[cilen] = '\0'; |
551 | rsp.data = cidata; | |
552 | rsp.datalen = cilen + 1; | |
553 | rsp.ret = 0; | |
554 | goto out; | |
555 | ||
556 | err1: | |
557 | rsp.ret = -1; | |
558 | out: | |
559 | return lxc_cmd_rsp_send(fd, &rsp); | |
560 | } | |
561 | ||
562 | /* | |
563 | * lxc_cmd_get_state: Get current state of the container | |
564 | * | |
565 | * @name : name of container to connect to | |
566 | * @lxcpath : the lxcpath in which the container is running | |
567 | * | |
568 | * Returns the state on success, < 0 on failure | |
569 | */ | |
dbc9832d | 570 | int lxc_cmd_get_state(const char *name, const char *lxcpath) |
ef6e34ee | 571 | { |
0ecf64b5 | 572 | int ret, stopped; |
ef6e34ee DE |
573 | struct lxc_cmd_rr cmd = { |
574 | .req = { .cmd = LXC_CMD_GET_STATE } | |
575 | }; | |
26b2d152 | 576 | |
88556fd7 | 577 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
ebdd307d | 578 | if (ret < 0 && stopped) |
ef6e34ee DE |
579 | return STOPPED; |
580 | ||
581 | if (ret < 0) | |
26b2d152 | 582 | return -1; |
26b2d152 | 583 | |
ef6e34ee | 584 | if (!ret) { |
fe84a562 | 585 | WARN("Container \"%s\" has stopped before sending its state", name); |
ef6e34ee DE |
586 | return -1; |
587 | } | |
588 | ||
fe84a562 | 589 | DEBUG("Container \"%s\" is in \"%s\" state", name, |
ef6e34ee | 590 | lxc_state2str(PTR_TO_INT(cmd.rsp.data))); |
fe84a562 | 591 | |
ef6e34ee DE |
592 | return PTR_TO_INT(cmd.rsp.data); |
593 | } | |
594 | ||
595 | static int lxc_cmd_get_state_callback(int fd, struct lxc_cmd_req *req, | |
596 | struct lxc_handler *handler) | |
597 | { | |
598 | struct lxc_cmd_rsp rsp = { .data = INT_TO_PTR(handler->state) }; | |
599 | ||
600 | return lxc_cmd_rsp_send(fd, &rsp); | |
601 | } | |
602 | ||
603 | /* | |
604 | * lxc_cmd_stop: Stop the container previously started with lxc_start. All | |
605 | * the processes running inside this container will be killed. | |
606 | * | |
607 | * @name : name of container to connect to | |
608 | * @lxcpath : the lxcpath in which the container is running | |
609 | * | |
610 | * Returns 0 on success, < 0 on failure | |
611 | */ | |
612 | int lxc_cmd_stop(const char *name, const char *lxcpath) | |
613 | { | |
0ecf64b5 | 614 | int ret, stopped; |
ef6e34ee DE |
615 | struct lxc_cmd_rr cmd = { |
616 | .req = { .cmd = LXC_CMD_STOP }, | |
617 | }; | |
618 | ||
88556fd7 | 619 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
26b2d152 | 620 | if (ret < 0) { |
ef6e34ee | 621 | if (stopped) { |
fe84a562 | 622 | INFO("Container \"%s\" is already stopped", name); |
ef6e34ee DE |
623 | return 0; |
624 | } | |
fe84a562 | 625 | |
26b2d152 MN |
626 | return -1; |
627 | } | |
628 | ||
fe84a562 CB |
629 | /* We do not expect any answer, because we wait for the connection to be |
630 | * closed. | |
95d5b147 SH |
631 | */ |
632 | if (ret > 0) { | |
6d1400b5 | 633 | errno = -cmd.rsp.ret; |
634 | SYSERROR("Failed to stop container \"%s\"", name); | |
26b2d152 MN |
635 | return -1; |
636 | } | |
637 | ||
fe84a562 | 638 | INFO("Container \"%s\" has stopped", name); |
ef6e34ee | 639 | return 0; |
26b2d152 MN |
640 | } |
641 | ||
ef6e34ee DE |
642 | static int lxc_cmd_stop_callback(int fd, struct lxc_cmd_req *req, |
643 | struct lxc_handler *handler) | |
d5088cf2 | 644 | { |
ef6e34ee | 645 | struct lxc_cmd_rsp rsp; |
ef6e34ee | 646 | int stopsignal = SIGKILL; |
2202afc9 | 647 | struct cgroup_ops *cgroup_ops = handler->cgroup_ops; |
ef6e34ee DE |
648 | |
649 | if (handler->conf->stopsignal) | |
650 | stopsignal = handler->conf->stopsignal; | |
651 | memset(&rsp, 0, sizeof(rsp)); | |
652 | rsp.ret = kill(handler->pid, stopsignal); | |
653 | if (!rsp.ret) { | |
fe84a562 | 654 | /* We can't just use lxc_unfreeze() since we are already in the |
4fb3cba5 DE |
655 | * context of handling the STOP cmd in lxc-start, and calling |
656 | * lxc_unfreeze() would do another cmd (GET_CGROUP) which would | |
fe84a562 | 657 | * deadlock us. |
4fb3cba5 | 658 | */ |
27a5132c | 659 | if (!cgroup_ops->get_cgroup(cgroup_ops, "freezer")) |
d18d43da SG |
660 | return 0; |
661 | ||
2202afc9 | 662 | if (cgroup_ops->unfreeze(cgroup_ops)) |
95d5b147 | 663 | return 0; |
fe84a562 CB |
664 | |
665 | ERROR("Failed to unfreeze container \"%s\"", handler->name); | |
ecfcb3f0 | 666 | rsp.ret = -1; |
ef6e34ee DE |
667 | } |
668 | ||
669 | return lxc_cmd_rsp_send(fd, &rsp); | |
670 | } | |
d5088cf2 | 671 | |
b5159817 | 672 | /* |
8ccbbf94 | 673 | * lxc_cmd_terminal_winch: To process as if a SIGWINCH were received |
b5159817 DE |
674 | * |
675 | * @name : name of container to connect to | |
676 | * @lxcpath : the lxcpath in which the container is running | |
677 | * | |
678 | * Returns 0 on success, < 0 on failure | |
679 | */ | |
8ccbbf94 | 680 | int lxc_cmd_terminal_winch(const char *name, const char *lxcpath) |
b5159817 | 681 | { |
0ecf64b5 | 682 | int ret, stopped; |
b5159817 | 683 | struct lxc_cmd_rr cmd = { |
8ccbbf94 | 684 | .req = { .cmd = LXC_CMD_TERMINAL_WINCH }, |
b5159817 DE |
685 | }; |
686 | ||
88556fd7 | 687 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
b5159817 DE |
688 | if (ret < 0) |
689 | return ret; | |
690 | ||
691 | return 0; | |
692 | } | |
693 | ||
8ccbbf94 CB |
694 | static int lxc_cmd_terminal_winch_callback(int fd, struct lxc_cmd_req *req, |
695 | struct lxc_handler *handler) | |
b5159817 DE |
696 | { |
697 | struct lxc_cmd_rsp rsp = { .data = 0 }; | |
698 | ||
dad4a039 | 699 | lxc_terminal_sigwinch(SIGWINCH); |
fe84a562 | 700 | |
b5159817 DE |
701 | return lxc_cmd_rsp_send(fd, &rsp); |
702 | } | |
703 | ||
ef6e34ee DE |
704 | /* |
705 | * lxc_cmd_console: Open an fd to a tty in the container | |
706 | * | |
707 | * @name : name of container to connect to | |
708 | * @ttynum : in: the tty to open or -1 for next available | |
709 | * : out: the tty allocated | |
710 | * @fd : out: file descriptor for master side of pty | |
711 | * @lxcpath : the lxcpath in which the container is running | |
712 | * | |
0115f8fd | 713 | * Returns fd holding tty allocated on success, < 0 on failure |
ef6e34ee DE |
714 | */ |
715 | int lxc_cmd_console(const char *name, int *ttynum, int *fd, const char *lxcpath) | |
716 | { | |
0ecf64b5 | 717 | int ret, stopped; |
ef6e34ee DE |
718 | struct lxc_cmd_console_rsp_data *rspdata; |
719 | struct lxc_cmd_rr cmd = { | |
720 | .req = { .cmd = LXC_CMD_CONSOLE, .data = INT_TO_PTR(*ttynum) }, | |
721 | }; | |
d5088cf2 | 722 | |
88556fd7 | 723 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
ef6e34ee DE |
724 | if (ret < 0) |
725 | return ret; | |
0115f8fd DE |
726 | |
727 | if (cmd.rsp.ret < 0) { | |
6d1400b5 | 728 | errno = -cmd.rsp.ret; |
729 | SYSERROR("Denied access to tty"); | |
ef6e34ee DE |
730 | ret = -1; |
731 | goto out; | |
732 | } | |
d5088cf2 | 733 | |
0115f8fd | 734 | if (ret == 0) { |
fe84a562 | 735 | ERROR("tty number %d invalid, busy or all ttys busy", *ttynum); |
0115f8fd | 736 | ret = -1; |
ef6e34ee DE |
737 | goto out; |
738 | } | |
ef6e34ee DE |
739 | |
740 | rspdata = cmd.rsp.data; | |
0115f8fd | 741 | if (rspdata->masterfd < 0) { |
fe84a562 | 742 | ERROR("Unable to allocate fd for tty %d", rspdata->ttynum); |
ef6e34ee DE |
743 | goto out; |
744 | } | |
745 | ||
fe84a562 | 746 | ret = cmd.rsp.ret; /* socket fd */ |
0115f8fd | 747 | *fd = rspdata->masterfd; |
ef6e34ee | 748 | *ttynum = rspdata->ttynum; |
fe84a562 CB |
749 | INFO("Alloced fd %d for tty %d via socket %d", *fd, rspdata->ttynum, ret); |
750 | ||
ef6e34ee DE |
751 | out: |
752 | free(cmd.rsp.data); | |
753 | return ret; | |
754 | } | |
755 | ||
756 | static int lxc_cmd_console_callback(int fd, struct lxc_cmd_req *req, | |
757 | struct lxc_handler *handler) | |
758 | { | |
fe84a562 | 759 | int masterfd, ret; |
ef6e34ee | 760 | struct lxc_cmd_rsp rsp; |
fe84a562 | 761 | int ttynum = PTR_TO_INT(req->data); |
ef6e34ee | 762 | |
c1ee47cd | 763 | masterfd = lxc_terminal_allocate(handler->conf, fd, &ttynum); |
b5159817 | 764 | if (masterfd < 0) |
ef6e34ee DE |
765 | goto out_close; |
766 | ||
ef6e34ee DE |
767 | memset(&rsp, 0, sizeof(rsp)); |
768 | rsp.data = INT_TO_PTR(ttynum); | |
fe84a562 CB |
769 | ret = lxc_abstract_unix_send_fds(fd, &masterfd, 1, &rsp, sizeof(rsp)); |
770 | if (ret < 0) { | |
9044b79e | 771 | SYSERROR("Failed to send tty to client"); |
3dfe6f8d | 772 | lxc_terminal_free(handler->conf, fd); |
ef6e34ee DE |
773 | goto out_close; |
774 | } | |
775 | ||
ef6e34ee DE |
776 | return 0; |
777 | ||
778 | out_close: | |
fe84a562 CB |
779 | /* Special indicator to lxc_cmd_handler() to close the fd and do |
780 | * related cleanup. | |
ef6e34ee DE |
781 | */ |
782 | return 1; | |
d5088cf2 CS |
783 | } |
784 | ||
88556fd7 ÇO |
785 | /* |
786 | * lxc_cmd_get_name: Returns the name of the container | |
787 | * | |
788 | * @hashed_sock_name: hashed socket name | |
789 | * | |
790 | * Returns the name on success, NULL on failure. | |
791 | */ | |
792 | char *lxc_cmd_get_name(const char *hashed_sock_name) | |
793 | { | |
794 | int ret, stopped; | |
795 | struct lxc_cmd_rr cmd = { | |
796 | .req = { .cmd = LXC_CMD_GET_NAME}, | |
797 | }; | |
798 | ||
799 | ret = lxc_cmd(NULL, &cmd, &stopped, NULL, hashed_sock_name); | |
fe84a562 | 800 | if (ret < 0) |
88556fd7 | 801 | return NULL; |
88556fd7 ÇO |
802 | |
803 | if (cmd.rsp.ret == 0) | |
804 | return cmd.rsp.data; | |
fe84a562 | 805 | |
88556fd7 ÇO |
806 | return NULL; |
807 | } | |
808 | ||
809 | static int lxc_cmd_get_name_callback(int fd, struct lxc_cmd_req *req, | |
fe84a562 | 810 | struct lxc_handler *handler) |
88556fd7 ÇO |
811 | { |
812 | struct lxc_cmd_rsp rsp; | |
813 | ||
814 | memset(&rsp, 0, sizeof(rsp)); | |
815 | ||
f0ecc19d | 816 | rsp.data = (char *)handler->name; |
88556fd7 ÇO |
817 | rsp.datalen = strlen(handler->name) + 1; |
818 | rsp.ret = 0; | |
819 | ||
820 | return lxc_cmd_rsp_send(fd, &rsp); | |
821 | } | |
822 | ||
823 | /* | |
824 | * lxc_cmd_get_lxcpath: Returns the lxcpath of the container | |
825 | * | |
826 | * @hashed_sock_name: hashed socket name | |
827 | * | |
828 | * Returns the lxcpath on success, NULL on failure. | |
829 | */ | |
830 | char *lxc_cmd_get_lxcpath(const char *hashed_sock_name) | |
831 | { | |
832 | int ret, stopped; | |
833 | struct lxc_cmd_rr cmd = { | |
834 | .req = { .cmd = LXC_CMD_GET_LXCPATH}, | |
835 | }; | |
724e753c | 836 | |
88556fd7 | 837 | ret = lxc_cmd(NULL, &cmd, &stopped, NULL, hashed_sock_name); |
fe84a562 | 838 | if (ret < 0) |
88556fd7 | 839 | return NULL; |
88556fd7 ÇO |
840 | |
841 | if (cmd.rsp.ret == 0) | |
842 | return cmd.rsp.data; | |
fe84a562 | 843 | |
88556fd7 ÇO |
844 | return NULL; |
845 | } | |
846 | ||
847 | static int lxc_cmd_get_lxcpath_callback(int fd, struct lxc_cmd_req *req, | |
848 | struct lxc_handler *handler) | |
849 | { | |
850 | struct lxc_cmd_rsp rsp; | |
851 | ||
852 | memset(&rsp, 0, sizeof(rsp)); | |
853 | ||
fe84a562 | 854 | rsp.ret = 0; |
88556fd7 ÇO |
855 | rsp.data = (char *)handler->lxcpath; |
856 | rsp.datalen = strlen(handler->lxcpath) + 1; | |
88556fd7 ÇO |
857 | |
858 | return lxc_cmd_rsp_send(fd, &rsp); | |
859 | } | |
ef6e34ee | 860 | |
54446942 | 861 | int lxc_cmd_add_state_client(const char *name, const char *lxcpath, |
92e35018 CB |
862 | lxc_state_t states[MAX_STATE], |
863 | int *state_client_fd) | |
dbc9832d | 864 | { |
bc631984 | 865 | int state, stopped; |
dbc9832d | 866 | ssize_t ret; |
dbc9832d CB |
867 | struct lxc_cmd_rr cmd = { |
868 | .req = { | |
54446942 | 869 | .cmd = LXC_CMD_ADD_STATE_CLIENT, |
dbc9832d CB |
870 | .data = states, |
871 | .datalen = (sizeof(lxc_state_t) * MAX_STATE) | |
872 | }, | |
873 | }; | |
874 | ||
dbc9832d | 875 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); |
bc631984 CB |
876 | if (states[STOPPED] != 0 && stopped != 0) |
877 | return STOPPED; | |
878 | ||
dbc9832d | 879 | if (ret < 0) { |
f577e061 | 880 | if (errno != ECONNREFUSED) |
6d1400b5 | 881 | SYSERROR("Failed to execute command"); |
882 | ||
dbc9832d CB |
883 | return -1; |
884 | } | |
fe84a562 | 885 | |
dbc9832d CB |
886 | /* We should now be guaranteed to get an answer from the state sending |
887 | * function. | |
888 | */ | |
dbc9832d | 889 | if (cmd.rsp.ret < 0) { |
6d1400b5 | 890 | errno = -cmd.rsp.ret; |
891 | SYSERROR("Failed to receive socket fd"); | |
dbc9832d CB |
892 | return -1; |
893 | } | |
894 | ||
bc631984 CB |
895 | state = PTR_TO_INT(cmd.rsp.data); |
896 | if (state < MAX_STATE) { | |
44552fb2 CB |
897 | TRACE("Container is already in requested state %s", lxc_state2str(state)); |
898 | close(cmd.rsp.ret); | |
bc631984 CB |
899 | return state; |
900 | } | |
901 | ||
92e35018 | 902 | *state_client_fd = cmd.rsp.ret; |
bc631984 | 903 | TRACE("Added state client %d to state client list", cmd.rsp.ret); |
92e35018 | 904 | return MAX_STATE; |
dbc9832d CB |
905 | } |
906 | ||
54446942 CB |
907 | static int lxc_cmd_add_state_client_callback(int fd, struct lxc_cmd_req *req, |
908 | struct lxc_handler *handler) | |
dbc9832d | 909 | { |
44552fb2 | 910 | int ret; |
dbc9832d | 911 | struct lxc_cmd_rsp rsp = {0}; |
dbc9832d | 912 | |
fe84a562 | 913 | if (req->datalen < 0) |
44552fb2 | 914 | goto reap_client_fd; |
dbc9832d | 915 | |
fe84a562 | 916 | if (req->datalen > (sizeof(lxc_state_t) * MAX_STATE)) |
44552fb2 | 917 | goto reap_client_fd; |
dbc9832d | 918 | |
fe84a562 | 919 | if (!req->data) |
44552fb2 | 920 | goto reap_client_fd; |
dbc9832d | 921 | |
c01c2be6 | 922 | rsp.ret = lxc_add_state_client(fd, handler, (lxc_state_t *)req->data); |
44552fb2 CB |
923 | if (rsp.ret < 0) |
924 | goto reap_client_fd; | |
925 | ||
bc631984 | 926 | rsp.data = INT_TO_PTR(rsp.ret); |
dbc9832d | 927 | |
44552fb2 CB |
928 | ret = lxc_cmd_rsp_send(fd, &rsp); |
929 | if (ret < 0) | |
930 | goto reap_client_fd; | |
931 | ||
932 | return 0; | |
933 | ||
934 | reap_client_fd: | |
935 | /* Special indicator to lxc_cmd_handler() to close the fd and do related | |
936 | * cleanup. | |
937 | */ | |
938 | return 1; | |
dbc9832d CB |
939 | } |
940 | ||
191d43cc CB |
941 | int lxc_cmd_console_log(const char *name, const char *lxcpath, |
942 | struct lxc_console_log *log) | |
943 | { | |
944 | int ret, stopped; | |
945 | struct lxc_cmd_console_log data; | |
946 | struct lxc_cmd_rr cmd; | |
947 | ||
948 | data.clear = log->clear; | |
949 | data.read = log->read; | |
950 | data.read_max = *log->read_max; | |
951 | ||
952 | cmd.req.cmd = LXC_CMD_CONSOLE_LOG; | |
953 | cmd.req.data = &data; | |
954 | cmd.req.datalen = sizeof(struct lxc_cmd_console_log); | |
955 | ||
956 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); | |
957 | if (ret < 0) | |
958 | return ret; | |
959 | ||
960 | /* There is nothing to be read from the buffer. So clear any values we | |
961 | * where passed to clearly indicate to the user that nothing went wrong. | |
962 | */ | |
63b74cda | 963 | if (cmd.rsp.ret == -ENODATA || cmd.rsp.ret == -EFAULT || cmd.rsp.ret == -ENOENT) { |
191d43cc CB |
964 | *log->read_max = 0; |
965 | log->data = NULL; | |
966 | } | |
967 | ||
968 | /* This is a proper error so don't touch any values we were passed. */ | |
969 | if (cmd.rsp.ret < 0) | |
970 | return cmd.rsp.ret; | |
971 | ||
972 | *log->read_max = cmd.rsp.datalen; | |
973 | log->data = cmd.rsp.data; | |
974 | ||
975 | return 0; | |
976 | } | |
977 | ||
978 | static int lxc_cmd_console_log_callback(int fd, struct lxc_cmd_req *req, | |
979 | struct lxc_handler *handler) | |
980 | { | |
981 | struct lxc_cmd_rsp rsp; | |
28f3b1cd | 982 | uint64_t buffer_size = handler->conf->console.buffer_size; |
191d43cc CB |
983 | const struct lxc_cmd_console_log *log = req->data; |
984 | struct lxc_ringbuf *buf = &handler->conf->console.ringbuf; | |
985 | ||
986 | rsp.ret = -EFAULT; | |
987 | rsp.datalen = 0; | |
988 | rsp.data = NULL; | |
28f3b1cd | 989 | if (buffer_size <= 0) |
191d43cc CB |
990 | goto out; |
991 | ||
5928191e CB |
992 | if (log->read || log->write_logfile) |
993 | rsp.datalen = lxc_ringbuf_used(buf); | |
994 | ||
191d43cc CB |
995 | if (log->read) |
996 | rsp.data = lxc_ringbuf_get_read_addr(buf); | |
997 | ||
998 | if (log->read_max > 0 && (log->read_max <= rsp.datalen)) | |
999 | rsp.datalen = log->read_max; | |
1000 | ||
1001 | /* there's nothing to read */ | |
63b74cda | 1002 | rsp.ret = -ENODATA; |
191d43cc | 1003 | if (log->read && (buf->r_off == buf->w_off)) |
63b74cda CB |
1004 | goto out; |
1005 | ||
63b74cda | 1006 | rsp.ret = 0; |
23e0d9af | 1007 | if (log->clear) |
43366ca2 | 1008 | lxc_ringbuf_clear(buf); /* clear the ringbuffer */ |
23e0d9af | 1009 | else if (rsp.datalen > 0) |
191d43cc CB |
1010 | lxc_ringbuf_move_read_addr(buf, rsp.datalen); |
1011 | ||
1012 | out: | |
1013 | return lxc_cmd_rsp_send(fd, &rsp); | |
1014 | } | |
1015 | ||
974a8aba CB |
1016 | int lxc_cmd_serve_state_clients(const char *name, const char *lxcpath, |
1017 | lxc_state_t state) | |
1018 | { | |
1019 | int stopped; | |
1020 | ssize_t ret; | |
1021 | struct lxc_cmd_rr cmd = { | |
1022 | .req = { | |
1023 | .cmd = LXC_CMD_SERVE_STATE_CLIENTS, | |
1024 | .data = INT_TO_PTR(state) | |
1025 | }, | |
1026 | }; | |
1027 | ||
1028 | ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL); | |
1029 | if (ret < 0) { | |
6d1400b5 | 1030 | SYSERROR("Failed to execute command"); |
974a8aba CB |
1031 | return -1; |
1032 | } | |
1033 | ||
1034 | return 0; | |
1035 | } | |
1036 | ||
1037 | static int lxc_cmd_serve_state_clients_callback(int fd, struct lxc_cmd_req *req, | |
1038 | struct lxc_handler *handler) | |
1039 | { | |
1040 | int ret; | |
1041 | lxc_state_t state = PTR_TO_INT(req->data); | |
1042 | struct lxc_cmd_rsp rsp = {0}; | |
1043 | ||
1044 | ret = lxc_serve_state_clients(handler->name, handler, state); | |
1045 | if (ret < 0) | |
1046 | goto reap_client_fd; | |
1047 | ||
1048 | ret = lxc_cmd_rsp_send(fd, &rsp); | |
1049 | if (ret < 0) | |
1050 | goto reap_client_fd; | |
1051 | ||
1052 | return 0; | |
1053 | ||
1054 | reap_client_fd: | |
1055 | /* Special indicator to lxc_cmd_handler() to close the fd and do related | |
1056 | * cleanup. | |
1057 | */ | |
1058 | return 1; | |
1059 | } | |
1060 | ||
ef6e34ee | 1061 | static int lxc_cmd_process(int fd, struct lxc_cmd_req *req, |
ded1d23f | 1062 | struct lxc_handler *handler) |
724e753c | 1063 | { |
ef6e34ee DE |
1064 | typedef int (*callback)(int, struct lxc_cmd_req *, struct lxc_handler *); |
1065 | ||
1066 | callback cb[LXC_CMD_MAX] = { | |
974a8aba | 1067 | [LXC_CMD_CONSOLE] = lxc_cmd_console_callback, |
8ccbbf94 | 1068 | [LXC_CMD_TERMINAL_WINCH] = lxc_cmd_terminal_winch_callback, |
974a8aba CB |
1069 | [LXC_CMD_STOP] = lxc_cmd_stop_callback, |
1070 | [LXC_CMD_GET_STATE] = lxc_cmd_get_state_callback, | |
1071 | [LXC_CMD_GET_INIT_PID] = lxc_cmd_get_init_pid_callback, | |
1072 | [LXC_CMD_GET_CLONE_FLAGS] = lxc_cmd_get_clone_flags_callback, | |
1073 | [LXC_CMD_GET_CGROUP] = lxc_cmd_get_cgroup_callback, | |
1074 | [LXC_CMD_GET_CONFIG_ITEM] = lxc_cmd_get_config_item_callback, | |
1075 | [LXC_CMD_GET_NAME] = lxc_cmd_get_name_callback, | |
1076 | [LXC_CMD_GET_LXCPATH] = lxc_cmd_get_lxcpath_callback, | |
1077 | [LXC_CMD_ADD_STATE_CLIENT] = lxc_cmd_add_state_client_callback, | |
1078 | [LXC_CMD_CONSOLE_LOG] = lxc_cmd_console_log_callback, | |
1079 | [LXC_CMD_SERVE_STATE_CLIENTS] = lxc_cmd_serve_state_clients_callback, | |
724e753c MN |
1080 | }; |
1081 | ||
f371aca9 | 1082 | if (req->cmd >= LXC_CMD_MAX) { |
fe84a562 | 1083 | ERROR("Undefined command id %d", req->cmd); |
724e753c | 1084 | return -1; |
ef6e34ee DE |
1085 | } |
1086 | return cb[req->cmd](fd, req, handler); | |
724e753c MN |
1087 | } |
1088 | ||
ef6e34ee | 1089 | static void lxc_cmd_fd_cleanup(int fd, struct lxc_handler *handler, |
f6fc1565 CB |
1090 | struct lxc_epoll_descr *descr, |
1091 | const lxc_cmd_t cmd) | |
724e753c | 1092 | { |
d39b10eb | 1093 | struct lxc_state_client *client; |
f6fc1565 CB |
1094 | struct lxc_list *cur, *next; |
1095 | ||
3dfe6f8d | 1096 | lxc_terminal_free(handler->conf, fd); |
724e753c | 1097 | lxc_mainloop_del_handler(descr, fd); |
f6fc1565 CB |
1098 | if (cmd != LXC_CMD_ADD_STATE_CLIENT) { |
1099 | close(fd); | |
1100 | return; | |
1101 | } | |
1102 | ||
d39b10eb | 1103 | lxc_list_for_each_safe(cur, &handler->conf->state_clients, next) { |
f6fc1565 CB |
1104 | client = cur->elem; |
1105 | if (client->clientfd != fd) | |
1106 | continue; | |
1107 | ||
1108 | /* kick client from list */ | |
f6fc1565 | 1109 | lxc_list_del(cur); |
300d1cb4 | 1110 | close(client->clientfd); |
f6fc1565 CB |
1111 | free(cur->elem); |
1112 | free(cur); | |
b1ca434a CB |
1113 | /* No need to walk the whole list. If we found the state client |
1114 | * fd there can't be a second one. | |
1115 | */ | |
1116 | break; | |
f6fc1565 | 1117 | } |
724e753c MN |
1118 | } |
1119 | ||
84c92abd DE |
1120 | static int lxc_cmd_handler(int fd, uint32_t events, void *data, |
1121 | struct lxc_epoll_descr *descr) | |
724e753c MN |
1122 | { |
1123 | int ret; | |
ef6e34ee | 1124 | struct lxc_cmd_req req; |
191d43cc | 1125 | void *reqdata = NULL; |
724e753c MN |
1126 | struct lxc_handler *handler = data; |
1127 | ||
aae93dd3 | 1128 | ret = lxc_abstract_unix_rcv_credential(fd, &req, sizeof(req)); |
ded1d23f | 1129 | if (ret < 0) { |
fe84a562 | 1130 | SYSERROR("Failed to receive data on command socket for command " |
9044b79e | 1131 | "\"%s\"", lxc_cmd_str(req.cmd)); |
1132 | ||
1133 | if (errno == EACCES) { | |
1134 | /* We don't care for the peer, just send and close. */ | |
1135 | struct lxc_cmd_rsp rsp = {.ret = ret}; | |
1136 | ||
1137 | lxc_cmd_rsp_send(fd, &rsp); | |
1138 | } | |
1139 | ||
724e753c MN |
1140 | goto out_close; |
1141 | } | |
1142 | ||
fe84a562 | 1143 | if (ret == 0) |
724e753c | 1144 | goto out_close; |
724e753c | 1145 | |
ef6e34ee | 1146 | if (ret != sizeof(req)) { |
c01c2be6 | 1147 | WARN("Failed to receive full command request. Ignoring request " |
fe84a562 | 1148 | "for \"%s\"", lxc_cmd_str(req.cmd)); |
ef6e34ee DE |
1149 | ret = -1; |
1150 | goto out_close; | |
1151 | } | |
1152 | ||
191d43cc CB |
1153 | if ((req.datalen > LXC_CMD_DATA_MAX) && |
1154 | (req.cmd != LXC_CMD_CONSOLE_LOG)) { | |
c01c2be6 | 1155 | ERROR("Received command data length %d is too large for " |
fe84a562 CB |
1156 | "command \"%s\"", req.datalen, lxc_cmd_str(req.cmd)); |
1157 | errno = EFBIG; | |
1158 | ret = -EFBIG; | |
724e753c MN |
1159 | goto out_close; |
1160 | } | |
1161 | ||
ef6e34ee | 1162 | if (req.datalen > 0) { |
191d43cc CB |
1163 | /* LXC_CMD_CONSOLE_LOG needs to be able to allocate data |
1164 | * that exceeds LXC_CMD_DATA_MAX: use malloc() for that. | |
1165 | */ | |
1166 | if (req.cmd == LXC_CMD_CONSOLE_LOG) | |
1167 | reqdata = malloc(req.datalen); | |
1168 | else | |
1169 | reqdata = alloca(req.datalen); | |
1170 | if (!reqdata) { | |
1171 | ERROR("Failed to allocate memory for \"%s\" command", | |
1172 | lxc_cmd_str(req.cmd)); | |
1173 | errno = ENOMEM; | |
1174 | ret = -ENOMEM; | |
1175 | goto out_close; | |
1176 | } | |
ef6e34ee | 1177 | |
e3233f26 | 1178 | ret = lxc_recv_nointr(fd, reqdata, req.datalen, 0); |
ef6e34ee | 1179 | if (ret != req.datalen) { |
c01c2be6 | 1180 | WARN("Failed to receive full command request. Ignoring " |
fe84a562 | 1181 | "request for \"%s\"", lxc_cmd_str(req.cmd)); |
b2a48508 | 1182 | ret = LXC_MAINLOOP_ERROR; |
ef6e34ee DE |
1183 | goto out_close; |
1184 | } | |
fe84a562 | 1185 | |
ef6e34ee DE |
1186 | req.data = reqdata; |
1187 | } | |
1188 | ||
1189 | ret = lxc_cmd_process(fd, &req, handler); | |
724e753c | 1190 | if (ret) { |
fe84a562 | 1191 | /* This is not an error, but only a request to close fd. */ |
b2a48508 | 1192 | ret = LXC_MAINLOOP_CONTINUE; |
724e753c MN |
1193 | goto out_close; |
1194 | } | |
1195 | ||
1196 | out: | |
191d43cc CB |
1197 | if (req.cmd == LXC_CMD_CONSOLE_LOG && reqdata) |
1198 | free(reqdata); | |
1199 | ||
724e753c | 1200 | return ret; |
fe84a562 | 1201 | |
724e753c | 1202 | out_close: |
f6fc1565 | 1203 | lxc_cmd_fd_cleanup(fd, handler, descr, req.cmd); |
724e753c MN |
1204 | goto out; |
1205 | } | |
1206 | ||
84c92abd DE |
1207 | static int lxc_cmd_accept(int fd, uint32_t events, void *data, |
1208 | struct lxc_epoll_descr *descr) | |
724e753c | 1209 | { |
fe84a562 CB |
1210 | int connection; |
1211 | int opt = 1, ret = -1; | |
724e753c MN |
1212 | |
1213 | connection = accept(fd, NULL, 0); | |
1214 | if (connection < 0) { | |
08aa08fe | 1215 | SYSERROR("Failed to accept connection to run command."); |
b2a48508 | 1216 | return LXC_MAINLOOP_ERROR; |
724e753c MN |
1217 | } |
1218 | ||
fe84a562 CB |
1219 | ret = fcntl(connection, F_SETFD, FD_CLOEXEC); |
1220 | if (ret < 0) { | |
1221 | SYSERROR("Failed to set close-on-exec on incoming command connection"); | |
9ccb2dbc DL |
1222 | goto out_close; |
1223 | } | |
1224 | ||
fe84a562 CB |
1225 | ret = setsockopt(connection, SOL_SOCKET, SO_PASSCRED, &opt, sizeof(opt)); |
1226 | if (ret < 0) { | |
1227 | SYSERROR("Failed to enable necessary credentials on command socket"); | |
724e753c MN |
1228 | goto out_close; |
1229 | } | |
1230 | ||
ef6e34ee | 1231 | ret = lxc_mainloop_add_handler(descr, connection, lxc_cmd_handler, data); |
724e753c | 1232 | if (ret) { |
fe84a562 | 1233 | ERROR("Failed to add command handler"); |
724e753c MN |
1234 | goto out_close; |
1235 | } | |
1236 | ||
1237 | out: | |
1238 | return ret; | |
1239 | ||
1240 | out_close: | |
1241 | close(connection); | |
1242 | goto out; | |
1243 | } | |
1244 | ||
9dfa4041 | 1245 | int lxc_cmd_init(const char *name, const char *lxcpath, const char *suffix) |
724e753c | 1246 | { |
fe84a562 | 1247 | int fd, len, ret; |
b1234129 | 1248 | char path[LXC_AUDS_ADDR_LEN] = {0}; |
46968ea3 | 1249 | char *offset = &path[1]; |
724e753c | 1250 | |
6f2944c1 TA |
1251 | /* -2 here because this is an abstract unix socket so it needs a |
1252 | * leading \0, and we null terminate, so it needs a trailing \0. | |
1253 | * Although null termination isn't required by the API, we do it anyway | |
1254 | * because we print the sockname out sometimes. | |
1255 | */ | |
860e7c43 | 1256 | len = sizeof(path) - 2; |
9dfa4041 | 1257 | ret = lxc_make_abstract_socket_name(offset, len, name, lxcpath, NULL, suffix); |
fe84a562 | 1258 | if (ret < 0) |
9ba8130c | 1259 | return -1; |
9dfa4041 | 1260 | TRACE("Creating abstract unix socket \"%s\"", offset); |
724e753c | 1261 | |
aae93dd3 | 1262 | fd = lxc_abstract_unix_open(path, SOCK_STREAM, 0); |
724e753c | 1263 | if (fd < 0) { |
6d1400b5 | 1264 | SYSERROR("Failed to create command socket %s", offset); |
08aa08fe | 1265 | if (errno == EADDRINUSE) |
fe84a562 | 1266 | ERROR("Container \"%s\" appears to be already running", name); |
6d1400b5 | 1267 | |
724e753c MN |
1268 | return -1; |
1269 | } | |
1270 | ||
fe84a562 CB |
1271 | ret = fcntl(fd, F_SETFD, FD_CLOEXEC); |
1272 | if (ret < 0) { | |
1273 | SYSERROR("Failed to set FD_CLOEXEC on command socket file descriptor"); | |
91480a0f DL |
1274 | close(fd); |
1275 | return -1; | |
1276 | } | |
1277 | ||
9dfa4041 | 1278 | return fd; |
d2e30e99 DE |
1279 | } |
1280 | ||
fe84a562 | 1281 | int lxc_cmd_mainloop_add(const char *name, struct lxc_epoll_descr *descr, |
ef6e34ee | 1282 | struct lxc_handler *handler) |
d2e30e99 | 1283 | { |
fe84a562 CB |
1284 | int ret; |
1285 | int fd = handler->conf->maincmd_fd; | |
d2e30e99 | 1286 | |
ef6e34ee | 1287 | ret = lxc_mainloop_add_handler(descr, fd, lxc_cmd_accept, handler); |
fe84a562 CB |
1288 | if (ret < 0) { |
1289 | ERROR("Failed to add handler for command socket"); | |
724e753c MN |
1290 | close(fd); |
1291 | } | |
1292 | ||
1293 | return ret; | |
1294 | } |