]>
Commit | Line | Data |
---|---|---|
0b843d35 CB |
1 | /* liblxcapi |
2 | * | |
3 | * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>. | |
4 | * Copyright © 2017 Canonical Ltd. | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License version 2, as | |
8 | * published by the Free Software Foundation. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU General Public License along | |
16 | * with this program; if not, write to the Free Software Foundation, Inc., | |
17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
18 | */ | |
19 | ||
d38dd64a CB |
20 | #ifndef _GNU_SOURCE |
21 | #define _GNU_SOURCE 1 | |
22 | #endif | |
23 | #include <arpa/inet.h> | |
f9373e40 | 24 | #include <ctype.h> |
0b843d35 | 25 | #include <stdio.h> |
ce2f5ae8 | 26 | #include <stdlib.h> |
0b843d35 CB |
27 | #include <string.h> |
28 | ||
663e9916 | 29 | #include "conf.h" |
d38dd64a | 30 | #include "config.h" |
ce2f5ae8 CB |
31 | #include "confile.h" |
32 | #include "confile_utils.h" | |
33 | #include "error.h" | |
ce2f5ae8 | 34 | #include "list.h" |
28d9e29e CB |
35 | #include "log.h" |
36 | #include "lxccontainer.h" | |
7b15813c | 37 | #include "macro.h" |
811ef482 | 38 | #include "network.h" |
f9373e40 | 39 | #include "parse.h" |
0b843d35 CB |
40 | #include "utils.h" |
41 | ||
18cd4b54 DJ |
42 | #ifndef HAVE_STRLCPY |
43 | #include "include/strlcpy.h" | |
44 | #endif | |
45 | ||
ac2cecc4 | 46 | lxc_log_define(confile_utils, lxc); |
ce2f5ae8 | 47 | |
0b843d35 CB |
48 | int parse_idmaps(const char *idmap, char *type, unsigned long *nsid, |
49 | unsigned long *hostid, unsigned long *range) | |
50 | { | |
51 | int ret = -1; | |
52 | unsigned long tmp_hostid, tmp_nsid, tmp_range; | |
53 | char tmp_type; | |
54 | char *window, *slide; | |
55 | char *dup = NULL; | |
56 | ||
57 | /* Duplicate string. */ | |
58 | dup = strdup(idmap); | |
59 | if (!dup) | |
60 | goto on_error; | |
61 | ||
62 | /* A prototypical idmap entry would be: "u 1000 1000000 65536" */ | |
63 | ||
64 | /* align */ | |
65 | slide = window = dup; | |
66 | /* skip whitespace */ | |
67 | slide += strspn(slide, " \t\r"); | |
68 | if (slide != window && *slide == '\0') | |
69 | goto on_error; | |
70 | ||
71 | /* Validate type. */ | |
a8b1ac78 | 72 | if (*slide != 'u' && *slide != 'g') { |
f37d1c22 | 73 | ERROR("Invalid id mapping type: %c", *slide); |
0b843d35 | 74 | goto on_error; |
a8b1ac78 TA |
75 | } |
76 | ||
0b843d35 CB |
77 | /* Assign type. */ |
78 | tmp_type = *slide; | |
79 | ||
80 | /* move beyond type */ | |
81 | slide++; | |
82 | /* align */ | |
83 | window = slide; | |
84 | /* Validate that only whitespace follows. */ | |
85 | slide += strspn(slide, " \t\r"); | |
86 | /* There must be whitespace. */ | |
87 | if (slide == window) | |
88 | goto on_error; | |
89 | ||
f37d1c22 | 90 | /* Mark beginning of nsid. */ |
0b843d35 CB |
91 | window = slide; |
92 | /* Validate that non-whitespace follows. */ | |
93 | slide += strcspn(slide, " \t\r"); | |
94 | /* There must be non-whitespace. */ | |
95 | if (slide == window || *slide == '\0') | |
96 | goto on_error; | |
f37d1c22 | 97 | /* Mark end of nsid. */ |
0b843d35 CB |
98 | *slide = '\0'; |
99 | ||
f37d1c22 | 100 | /* Parse nsid. */ |
a8b1ac78 | 101 | if (lxc_safe_ulong(window, &tmp_nsid) < 0) { |
f37d1c22 | 102 | ERROR("Failed to parse nsid: %s", window); |
0b843d35 | 103 | goto on_error; |
a8b1ac78 | 104 | } |
0b843d35 CB |
105 | |
106 | /* Move beyond \0. */ | |
107 | slide++; | |
0b843d35 CB |
108 | /* Validate that only whitespace follows. */ |
109 | slide += strspn(slide, " \t\r"); | |
110 | /* If there was only one whitespace then we whiped it with our \0 above. | |
111 | * So only ensure that we're not at the end of the string. | |
112 | */ | |
113 | if (*slide == '\0') | |
114 | goto on_error; | |
115 | ||
116 | /* Mark beginning of hostid. */ | |
117 | window = slide; | |
118 | /* Validate that non-whitespace follows. */ | |
119 | slide += strcspn(slide, " \t\r"); | |
120 | /* There must be non-whitespace. */ | |
121 | if (slide == window || *slide == '\0') | |
122 | goto on_error; | |
f37d1c22 | 123 | /* Mark end of nsid. */ |
0b843d35 CB |
124 | *slide = '\0'; |
125 | ||
126 | /* Parse hostid. */ | |
a8b1ac78 | 127 | if (lxc_safe_ulong(window, &tmp_hostid) < 0) { |
f37d1c22 | 128 | ERROR("Failed to parse hostid: %s", window); |
0b843d35 | 129 | goto on_error; |
a8b1ac78 | 130 | } |
0b843d35 CB |
131 | |
132 | /* Move beyond \0. */ | |
133 | slide++; | |
0b843d35 CB |
134 | /* Validate that only whitespace follows. */ |
135 | slide += strspn(slide, " \t\r"); | |
136 | /* If there was only one whitespace then we whiped it with our \0 above. | |
137 | * So only ensure that we're not at the end of the string. | |
138 | */ | |
139 | if (*slide == '\0') | |
140 | goto on_error; | |
141 | ||
142 | /* Mark beginning of range. */ | |
143 | window = slide; | |
144 | /* Validate that non-whitespace follows. */ | |
145 | slide += strcspn(slide, " \t\r"); | |
146 | /* There must be non-whitespace. */ | |
147 | if (slide == window) | |
148 | goto on_error; | |
149 | ||
150 | /* The range is the last valid entry we expect. So make sure that there | |
f37d1c22 | 151 | * is no trailing garbage and if there is, error out. |
0b843d35 CB |
152 | */ |
153 | if (*(slide + strspn(slide, " \t\r\n")) != '\0') | |
154 | goto on_error; | |
29c98ddd | 155 | |
0b843d35 CB |
156 | /* Mark end of range. */ |
157 | *slide = '\0'; | |
158 | ||
159 | /* Parse range. */ | |
a8b1ac78 | 160 | if (lxc_safe_ulong(window, &tmp_range) < 0) { |
f37d1c22 | 161 | ERROR("Failed to parse id mapping range: %s", window); |
0b843d35 | 162 | goto on_error; |
a8b1ac78 | 163 | } |
0b843d35 CB |
164 | |
165 | *type = tmp_type; | |
166 | *nsid = tmp_nsid; | |
167 | *hostid = tmp_hostid; | |
168 | *range = tmp_range; | |
169 | ||
170 | /* Yay, we survived. */ | |
171 | ret = 0; | |
172 | ||
173 | on_error: | |
174 | free(dup); | |
175 | ||
176 | return ret; | |
177 | } | |
663e9916 CB |
178 | |
179 | bool lxc_config_value_empty(const char *value) | |
180 | { | |
181 | if (value && strlen(value) > 0) | |
182 | return false; | |
183 | ||
184 | return true; | |
185 | } | |
ce2f5ae8 | 186 | |
c302b476 | 187 | struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail) |
ce2f5ae8 CB |
188 | { |
189 | struct lxc_list *newlist; | |
190 | struct lxc_netdev *netdev = NULL; | |
ce2f5ae8 CB |
191 | |
192 | /* network does not exist */ | |
193 | netdev = malloc(sizeof(*netdev)); | |
194 | if (!netdev) | |
195 | return NULL; | |
196 | ||
197 | memset(netdev, 0, sizeof(*netdev)); | |
198 | lxc_list_init(&netdev->ipv4); | |
199 | lxc_list_init(&netdev->ipv6); | |
200 | ||
201 | /* give network a unique index */ | |
202 | netdev->idx = idx; | |
203 | ||
204 | /* prepare new list */ | |
205 | newlist = malloc(sizeof(*newlist)); | |
206 | if (!newlist) { | |
207 | free(netdev); | |
208 | return NULL; | |
209 | } | |
210 | ||
211 | lxc_list_init(newlist); | |
212 | newlist->elem = netdev; | |
213 | ||
c302b476 CB |
214 | if (tail) |
215 | lxc_list_add_tail(networks, newlist); | |
216 | else | |
217 | lxc_list_add(networks, newlist); | |
29c98ddd | 218 | |
ce2f5ae8 CB |
219 | return netdev; |
220 | } | |
1ed6ba91 | 221 | |
c302b476 CB |
222 | /* Takes care of finding the correct netdev struct in the networks list or |
223 | * allocates a new one if it couldn't be found. | |
224 | */ | |
225 | struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf, | |
226 | unsigned int idx, bool allocate) | |
227 | { | |
228 | struct lxc_netdev *netdev = NULL; | |
229 | struct lxc_list *networks = &conf->network; | |
230 | struct lxc_list *insert = networks; | |
231 | ||
232 | /* lookup network */ | |
233 | if (!lxc_list_empty(networks)) { | |
234 | lxc_list_for_each(insert, networks) { | |
235 | netdev = insert->elem; | |
236 | if (netdev->idx == idx) | |
237 | return netdev; | |
238 | else if (netdev->idx > idx) | |
239 | break; | |
240 | } | |
241 | } | |
242 | ||
243 | if (!allocate) | |
244 | return NULL; | |
245 | ||
246 | return lxc_network_add(insert, idx, true); | |
247 | } | |
248 | ||
1ed6ba91 CB |
249 | void lxc_log_configured_netdevs(const struct lxc_conf *conf) |
250 | { | |
251 | struct lxc_netdev *netdev; | |
252 | struct lxc_list *it = (struct lxc_list *)&conf->network;; | |
253 | ||
254 | if ((conf->loglevel != LXC_LOG_LEVEL_TRACE) && | |
255 | (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE)) | |
256 | return; | |
257 | ||
258 | if (lxc_list_empty(it)) { | |
259 | TRACE("container has no networks configured"); | |
260 | return; | |
261 | } | |
262 | ||
263 | lxc_list_for_each(it, &conf->network) { | |
9b0df30f CB |
264 | struct lxc_list *cur, *next; |
265 | struct lxc_inetdev *inet4dev; | |
266 | struct lxc_inet6dev *inet6dev; | |
267 | char bufinet4[INET_ADDRSTRLEN], bufinet6[INET6_ADDRSTRLEN]; | |
268 | ||
1ed6ba91 CB |
269 | netdev = it->elem; |
270 | ||
c302b476 | 271 | TRACE("index: %zd", netdev->idx); |
7a582518 | 272 | TRACE("ifindex: %d", netdev->ifindex); |
29c98ddd | 273 | |
1ed6ba91 CB |
274 | switch (netdev->type) { |
275 | case LXC_NET_VETH: | |
276 | TRACE("type: veth"); | |
29c98ddd | 277 | |
de4855a8 | 278 | if (netdev->priv.veth_attr.pair[0] != '\0') |
9b0df30f CB |
279 | TRACE("veth pair: %s", |
280 | netdev->priv.veth_attr.pair); | |
29c98ddd | 281 | |
8ce727fc CB |
282 | if (netdev->priv.veth_attr.veth1[0] != '\0') |
283 | TRACE("veth1 : %s", | |
284 | netdev->priv.veth_attr.veth1); | |
29c98ddd | 285 | |
d952b351 CB |
286 | if (netdev->priv.veth_attr.ifindex > 0) |
287 | TRACE("host side ifindex for veth device: %d", | |
288 | netdev->priv.veth_attr.ifindex); | |
1ed6ba91 CB |
289 | break; |
290 | case LXC_NET_MACVLAN: | |
291 | TRACE("type: macvlan"); | |
29c98ddd | 292 | |
9b0df30f | 293 | if (netdev->priv.macvlan_attr.mode > 0) { |
7b15813c | 294 | char *mode; |
29c98ddd | 295 | |
7b15813c | 296 | mode = lxc_macvlan_flag_to_mode( |
9b0df30f CB |
297 | netdev->priv.macvlan_attr.mode); |
298 | TRACE("macvlan mode: %s", | |
7b15813c | 299 | mode ? mode : "(invalid mode)"); |
9b0df30f | 300 | } |
1ed6ba91 | 301 | break; |
c9f52382 | 302 | case LXC_NET_IPVLAN: |
303 | TRACE("type: ipvlan"); | |
304 | ||
305 | char *mode; | |
306 | mode = lxc_ipvlan_flag_to_mode(netdev->priv.ipvlan_attr.mode); | |
307 | TRACE("ipvlan mode: %s", mode ? mode : "(invalid mode)"); | |
308 | ||
309 | char *isolation; | |
310 | isolation = lxc_ipvlan_flag_to_isolation(netdev->priv.ipvlan_attr.isolation); | |
311 | TRACE("ipvlan isolation: %s", isolation ? isolation : "(invalid isolation)"); | |
312 | break; | |
1ed6ba91 CB |
313 | case LXC_NET_VLAN: |
314 | TRACE("type: vlan"); | |
9b0df30f | 315 | TRACE("vlan id: %d", netdev->priv.vlan_attr.vid); |
1ed6ba91 CB |
316 | break; |
317 | case LXC_NET_PHYS: | |
318 | TRACE("type: phys"); | |
29c98ddd | 319 | |
320 | if (netdev->priv.phys_attr.ifindex > 0) | |
b809f232 CB |
321 | TRACE("host side ifindex for phys device: %d", |
322 | netdev->priv.phys_attr.ifindex); | |
1ed6ba91 CB |
323 | break; |
324 | case LXC_NET_EMPTY: | |
325 | TRACE("type: empty"); | |
326 | break; | |
327 | case LXC_NET_NONE: | |
328 | TRACE("type: none"); | |
329 | break; | |
330 | default: | |
d4a7da46 | 331 | ERROR("Invalid network type %d", netdev->type); |
1ed6ba91 CB |
332 | return; |
333 | } | |
334 | ||
9b0df30f CB |
335 | if (netdev->type != LXC_NET_EMPTY) { |
336 | TRACE("flags: %s", | |
337 | netdev->flags == IFF_UP ? "up" : "none"); | |
29c98ddd | 338 | |
de4855a8 | 339 | if (netdev->link[0] != '\0') |
9b0df30f | 340 | TRACE("link: %s", netdev->link); |
29c98ddd | 341 | |
6509154d | 342 | /* l2proxy only used when link is specified */ |
343 | if (netdev->link[0] != '\0') | |
344 | TRACE("l2proxy: %s", netdev->l2proxy ? "true" : "false"); | |
345 | ||
de4855a8 | 346 | if (netdev->name[0] != '\0') |
9b0df30f | 347 | TRACE("name: %s", netdev->name); |
29c98ddd | 348 | |
9b0df30f CB |
349 | if (netdev->hwaddr) |
350 | TRACE("hwaddr: %s", netdev->hwaddr); | |
29c98ddd | 351 | |
9b0df30f CB |
352 | if (netdev->mtu) |
353 | TRACE("mtu: %s", netdev->mtu); | |
29c98ddd | 354 | |
9b0df30f CB |
355 | if (netdev->upscript) |
356 | TRACE("upscript: %s", netdev->upscript); | |
29c98ddd | 357 | |
9b0df30f CB |
358 | if (netdev->downscript) |
359 | TRACE("downscript: %s", netdev->downscript); | |
360 | ||
361 | TRACE("ipv4 gateway auto: %s", | |
362 | netdev->ipv4_gateway_auto ? "true" : "false"); | |
363 | ||
364 | if (netdev->ipv4_gateway) { | |
365 | inet_ntop(AF_INET, netdev->ipv4_gateway, | |
366 | bufinet4, sizeof(bufinet4)); | |
367 | TRACE("ipv4 gateway: %s", bufinet4); | |
368 | } | |
369 | ||
370 | lxc_list_for_each_safe(cur, &netdev->ipv4, next) { | |
371 | inet4dev = cur->elem; | |
372 | inet_ntop(AF_INET, &inet4dev->addr, bufinet4, | |
373 | sizeof(bufinet4)); | |
374 | TRACE("ipv4 addr: %s", bufinet4); | |
375 | } | |
376 | ||
377 | TRACE("ipv6 gateway auto: %s", | |
378 | netdev->ipv6_gateway_auto ? "true" : "false"); | |
29c98ddd | 379 | |
9b0df30f CB |
380 | if (netdev->ipv6_gateway) { |
381 | inet_ntop(AF_INET6, netdev->ipv6_gateway, | |
382 | bufinet6, sizeof(bufinet6)); | |
383 | TRACE("ipv6 gateway: %s", bufinet6); | |
384 | } | |
29c98ddd | 385 | |
9b0df30f CB |
386 | lxc_list_for_each_safe(cur, &netdev->ipv6, next) { |
387 | inet6dev = cur->elem; | |
388 | inet_ntop(AF_INET6, &inet6dev->addr, bufinet6, | |
389 | sizeof(bufinet6)); | |
390 | TRACE("ipv6 addr: %s", bufinet6); | |
391 | } | |
d4a7da46 | 392 | |
393 | if (netdev->type == LXC_NET_VETH) { | |
394 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv4_routes, next) { | |
395 | inet4dev = cur->elem; | |
396 | if (!inet_ntop(AF_INET, &inet4dev->addr, bufinet4, sizeof(bufinet4))) { | |
397 | ERROR("Invalid ipv4 veth route"); | |
398 | return; | |
399 | } | |
400 | ||
401 | TRACE("ipv4 veth route: %s/%u", bufinet4, inet4dev->prefix); | |
402 | } | |
403 | ||
404 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv6_routes, next) { | |
405 | inet6dev = cur->elem; | |
406 | if (!inet_ntop(AF_INET6, &inet6dev->addr, bufinet6, sizeof(bufinet6))) { | |
407 | ERROR("Invalid ipv6 veth route"); | |
408 | return; | |
409 | } | |
410 | ||
411 | TRACE("ipv6 veth route: %s/%u", bufinet6, inet6dev->prefix); | |
412 | } | |
413 | } | |
9b0df30f | 414 | } |
1ed6ba91 CB |
415 | } |
416 | } | |
519df1c1 | 417 | |
e5d2fd7c CB |
418 | static void lxc_free_netdev(struct lxc_netdev *netdev) |
419 | { | |
420 | struct lxc_list *cur, *next; | |
421 | ||
e5d2fd7c CB |
422 | free(netdev->upscript); |
423 | free(netdev->downscript); | |
424 | free(netdev->hwaddr); | |
425 | free(netdev->mtu); | |
426 | ||
427 | free(netdev->ipv4_gateway); | |
428 | lxc_list_for_each_safe(cur, &netdev->ipv4, next) { | |
429 | lxc_list_del(cur); | |
430 | free(cur->elem); | |
431 | free(cur); | |
432 | } | |
433 | ||
434 | free(netdev->ipv6_gateway); | |
435 | lxc_list_for_each_safe(cur, &netdev->ipv6, next) { | |
436 | lxc_list_del(cur); | |
437 | free(cur->elem); | |
438 | free(cur); | |
439 | } | |
440 | ||
d4a7da46 | 441 | if (netdev->type == LXC_NET_VETH) { |
442 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv4_routes, next) { | |
443 | lxc_list_del(cur); | |
444 | free(cur->elem); | |
445 | free(cur); | |
446 | } | |
447 | ||
448 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv6_routes, next) { | |
449 | lxc_list_del(cur); | |
450 | free(cur->elem); | |
451 | free(cur); | |
452 | } | |
453 | } | |
454 | ||
e5d2fd7c CB |
455 | free(netdev); |
456 | } | |
457 | ||
519df1c1 CB |
458 | bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx) |
459 | { | |
e5d2fd7c | 460 | struct lxc_list *cur, *next; |
519df1c1 CB |
461 | struct lxc_netdev *netdev; |
462 | bool found = false; | |
463 | ||
464 | lxc_list_for_each_safe(cur, &conf->network, next) { | |
465 | netdev = cur->elem; | |
466 | if (netdev->idx != idx) | |
467 | continue; | |
468 | ||
469 | lxc_list_del(cur); | |
470 | found = true; | |
471 | break; | |
472 | } | |
473 | ||
474 | if (!found) | |
475 | return false; | |
476 | ||
e5d2fd7c | 477 | lxc_free_netdev(netdev); |
519df1c1 CB |
478 | free(cur); |
479 | ||
480 | return true; | |
481 | } | |
e5d2fd7c | 482 | |
c302b476 | 483 | void lxc_free_networks(struct lxc_list *networks) |
e5d2fd7c CB |
484 | { |
485 | struct lxc_list *cur, *next; | |
486 | struct lxc_netdev *netdev; | |
487 | ||
c302b476 | 488 | lxc_list_for_each_safe(cur, networks, next) { |
e5d2fd7c CB |
489 | netdev = cur->elem; |
490 | lxc_free_netdev(netdev); | |
491 | free(cur); | |
492 | } | |
493 | ||
494 | /* prevent segfaults */ | |
c302b476 | 495 | lxc_list_init(networks); |
e5d2fd7c | 496 | } |
9b0df30f | 497 | |
7b15813c | 498 | static struct lxc_macvlan_mode { |
9b0df30f CB |
499 | char *name; |
500 | int mode; | |
501 | } macvlan_mode[] = { | |
502 | { "private", MACVLAN_MODE_PRIVATE }, | |
503 | { "vepa", MACVLAN_MODE_VEPA }, | |
504 | { "bridge", MACVLAN_MODE_BRIDGE }, | |
505 | { "passthru", MACVLAN_MODE_PASSTHRU }, | |
506 | }; | |
507 | ||
508 | int lxc_macvlan_mode_to_flag(int *mode, const char *value) | |
509 | { | |
510 | size_t i; | |
511 | ||
512 | for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) { | |
513 | if (strcmp(macvlan_mode[i].name, value)) | |
514 | continue; | |
515 | ||
516 | *mode = macvlan_mode[i].mode; | |
517 | return 0; | |
518 | } | |
519 | ||
520 | return -1; | |
521 | } | |
522 | ||
523 | char *lxc_macvlan_flag_to_mode(int mode) | |
524 | { | |
525 | size_t i; | |
526 | ||
527 | for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) { | |
b56680fd | 528 | if (macvlan_mode[i].mode != mode) |
9b0df30f CB |
529 | continue; |
530 | ||
531 | return macvlan_mode[i].name; | |
532 | } | |
533 | ||
534 | return NULL; | |
535 | } | |
f9373e40 | 536 | |
c9f52382 | 537 | static struct lxc_ipvlan_mode { |
538 | char *name; | |
539 | int mode; | |
540 | } ipvlan_mode[] = { | |
541 | { "l3", IPVLAN_MODE_L3 }, | |
542 | { "l3s", IPVLAN_MODE_L3S }, | |
543 | { "l2", IPVLAN_MODE_L2 }, | |
544 | }; | |
545 | ||
546 | int lxc_ipvlan_mode_to_flag(int *mode, const char *value) | |
547 | { | |
548 | for (size_t i = 0; i < sizeof(ipvlan_mode) / sizeof(ipvlan_mode[0]); i++) { | |
549 | if (strcmp(ipvlan_mode[i].name, value) != 0) | |
550 | continue; | |
551 | ||
552 | *mode = ipvlan_mode[i].mode; | |
553 | return 0; | |
554 | } | |
555 | ||
556 | return -1; | |
557 | } | |
558 | ||
559 | char *lxc_ipvlan_flag_to_mode(int mode) | |
560 | { | |
561 | for (size_t i = 0; i < sizeof(ipvlan_mode) / sizeof(ipvlan_mode[0]); i++) { | |
562 | if (ipvlan_mode[i].mode != mode) | |
563 | continue; | |
564 | ||
565 | return ipvlan_mode[i].name; | |
566 | } | |
567 | ||
568 | return NULL; | |
569 | } | |
570 | ||
571 | static struct lxc_ipvlan_isolation { | |
572 | char *name; | |
573 | int flag; | |
574 | } ipvlan_isolation[] = { | |
575 | { "bridge", IPVLAN_ISOLATION_BRIDGE }, | |
576 | { "private", IPVLAN_ISOLATION_PRIVATE }, | |
577 | { "vepa", IPVLAN_ISOLATION_VEPA }, | |
578 | }; | |
579 | ||
580 | int lxc_ipvlan_isolation_to_flag(int *flag, const char *value) | |
581 | { | |
582 | for (size_t i = 0; i < sizeof(ipvlan_isolation) / sizeof(ipvlan_isolation[0]); i++) { | |
583 | if (strcmp(ipvlan_isolation[i].name, value) != 0) | |
584 | continue; | |
585 | ||
586 | *flag = ipvlan_isolation[i].flag; | |
587 | return 0; | |
588 | } | |
589 | ||
590 | return -1; | |
591 | } | |
592 | ||
593 | char *lxc_ipvlan_flag_to_isolation(int flag) | |
594 | { | |
595 | for (size_t i = 0; i < sizeof(ipvlan_isolation) / sizeof(ipvlan_isolation[0]); i++) { | |
596 | if (ipvlan_isolation[i].flag != flag) | |
597 | continue; | |
598 | ||
599 | return ipvlan_isolation[i].name; | |
600 | } | |
601 | ||
602 | return NULL; | |
603 | } | |
604 | ||
f9373e40 CB |
605 | int set_config_string_item(char **conf_item, const char *value) |
606 | { | |
607 | char *new_value; | |
608 | ||
609 | if (lxc_config_value_empty(value)) { | |
610 | free(*conf_item); | |
611 | *conf_item = NULL; | |
612 | return 0; | |
613 | } | |
614 | ||
615 | new_value = strdup(value); | |
616 | if (!new_value) { | |
29c98ddd | 617 | SYSERROR("Failed to duplicate string \"%s\"", value); |
f9373e40 CB |
618 | return -1; |
619 | } | |
620 | ||
621 | free(*conf_item); | |
622 | *conf_item = new_value; | |
623 | return 0; | |
624 | } | |
625 | ||
626 | int set_config_string_item_max(char **conf_item, const char *value, size_t max) | |
627 | { | |
628 | if (strlen(value) >= max) { | |
629 | ERROR("%s is too long (>= %lu)", value, (unsigned long)max); | |
630 | return -1; | |
631 | } | |
632 | ||
633 | return set_config_string_item(conf_item, value); | |
634 | } | |
635 | ||
636 | int set_config_path_item(char **conf_item, const char *value) | |
637 | { | |
638 | return set_config_string_item_max(conf_item, value, PATH_MAX); | |
639 | } | |
640 | ||
641 | int config_ip_prefix(struct in_addr *addr) | |
642 | { | |
643 | if (IN_CLASSA(addr->s_addr)) | |
644 | return 32 - IN_CLASSA_NSHIFT; | |
29c98ddd | 645 | |
f9373e40 CB |
646 | if (IN_CLASSB(addr->s_addr)) |
647 | return 32 - IN_CLASSB_NSHIFT; | |
29c98ddd | 648 | |
f9373e40 CB |
649 | if (IN_CLASSC(addr->s_addr)) |
650 | return 32 - IN_CLASSC_NSHIFT; | |
651 | ||
652 | return 0; | |
653 | } | |
654 | ||
18cd4b54 | 655 | int network_ifname(char *valuep, const char *value, size_t size) |
f9373e40 | 656 | { |
18cd4b54 DJ |
657 | size_t retlen; |
658 | ||
659 | if (!valuep || !value) | |
660 | return -1; | |
661 | ||
662 | retlen = strlcpy(valuep, value, size); | |
29c98ddd | 663 | if (retlen >= size) |
9005a3ff | 664 | ERROR("Network device name \"%s\" is too long (>= %zu)", value, |
18cd4b54 | 665 | size); |
de4855a8 | 666 | |
de4855a8 | 667 | return 0; |
f9373e40 CB |
668 | } |
669 | ||
3db41a6c CB |
670 | bool lxc_config_net_is_hwaddr(const char *line) |
671 | { | |
672 | unsigned index; | |
673 | char tmp[7]; | |
674 | ||
675 | if (strncmp(line, "lxc.net", 7) != 0) | |
676 | return false; | |
677 | ||
678 | if (strncmp(line, "lxc.net.hwaddr", 14) == 0) | |
679 | return true; | |
680 | ||
681 | if (strncmp(line, "lxc.network.hwaddr", 18) == 0) | |
682 | return true; | |
683 | ||
684 | if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 || | |
685 | sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2) | |
686 | return strncmp(tmp, "hwaddr", 6) == 0; | |
687 | ||
688 | return false; | |
689 | } | |
690 | ||
29c98ddd | 691 | void rand_complete_hwaddr(char *hwaddr) |
f9373e40 CB |
692 | { |
693 | const char hex[] = "0123456789abcdef"; | |
694 | char *curs = hwaddr; | |
280cc35f | 695 | #ifdef HAVE_RAND_R |
f9373e40 CB |
696 | unsigned int seed; |
697 | ||
698 | seed = randseed(false); | |
280cc35f | 699 | #else |
700 | ||
701 | (void)randseed(true); | |
f9373e40 | 702 | #endif |
280cc35f | 703 | |
f9373e40 CB |
704 | while (*curs != '\0' && *curs != '\n') { |
705 | if (*curs == 'x' || *curs == 'X') { | |
706 | if (curs - hwaddr == 1) { | |
707 | /* ensure address is unicast */ | |
708 | #ifdef HAVE_RAND_R | |
709 | *curs = hex[rand_r(&seed) & 0x0E]; | |
710 | } else { | |
711 | *curs = hex[rand_r(&seed) & 0x0F]; | |
712 | #else | |
713 | *curs = hex[rand() & 0x0E]; | |
714 | } else { | |
715 | *curs = hex[rand() & 0x0F]; | |
716 | #endif | |
717 | } | |
718 | } | |
719 | curs++; | |
720 | } | |
f9373e40 CB |
721 | } |
722 | ||
f9373e40 CB |
723 | bool new_hwaddr(char *hwaddr) |
724 | { | |
725 | int ret; | |
280cc35f | 726 | #ifdef HAVE_RAND_R |
727 | unsigned int seed; | |
728 | ||
729 | seed = randseed(false); | |
730 | ||
731 | ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand_r(&seed) % 255, | |
732 | rand_r(&seed) % 255, rand_r(&seed) % 255); | |
733 | #else | |
f9373e40 CB |
734 | |
735 | (void)randseed(true); | |
736 | ||
737 | ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255, | |
738 | rand() % 255, rand() % 255); | |
280cc35f | 739 | #endif |
f9373e40 | 740 | if (ret < 0 || ret >= 18) { |
280cc35f | 741 | SYSERROR("Failed to call snprintf()"); |
f9373e40 CB |
742 | return false; |
743 | } | |
744 | ||
745 | return true; | |
746 | } | |
953fe44f CB |
747 | |
748 | int lxc_get_conf_str(char *retv, int inlen, const char *value) | |
749 | { | |
d3bdf12c CB |
750 | size_t value_len; |
751 | ||
953fe44f CB |
752 | if (!value) |
753 | return 0; | |
d3bdf12c CB |
754 | |
755 | value_len = strlen(value); | |
756 | if (retv && inlen >= value_len + 1) | |
757 | memcpy(retv, value, value_len + 1); | |
953fe44f | 758 | |
29c98ddd | 759 | return value_len; |
953fe44f CB |
760 | } |
761 | ||
6e54330c CB |
762 | int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v) |
763 | { | |
764 | int len; | |
765 | int fulllen = 0; | |
766 | ||
767 | if (!retv) | |
768 | inlen = 0; | |
769 | else | |
770 | memset(retv, 0, inlen); | |
771 | ||
772 | strprint(retv, inlen, "%d", v); | |
773 | ||
774 | return fulllen; | |
775 | } | |
776 | ||
953fe44f CB |
777 | int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v) |
778 | { | |
1396b610 DJ |
779 | int len; |
780 | int fulllen = 0; | |
781 | ||
953fe44f CB |
782 | if (!retv) |
783 | inlen = 0; | |
784 | else | |
785 | memset(retv, 0, inlen); | |
786 | ||
1396b610 DJ |
787 | strprint(retv, inlen, "%d", v); |
788 | ||
789 | return fulllen; | |
953fe44f | 790 | } |
f7662514 | 791 | |
885766f5 CB |
792 | int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v) |
793 | { | |
1396b610 DJ |
794 | int len; |
795 | int fulllen = 0; | |
796 | ||
885766f5 CB |
797 | if (!retv) |
798 | inlen = 0; | |
799 | else | |
800 | memset(retv, 0, inlen); | |
801 | ||
1396b610 DJ |
802 | strprint(retv, inlen, "%zu", v); |
803 | ||
804 | return fulllen; | |
885766f5 CB |
805 | } |
806 | ||
2ea479c9 CB |
807 | int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v) |
808 | { | |
1396b610 DJ |
809 | int len; |
810 | int fulllen = 0; | |
811 | ||
2ea479c9 CB |
812 | if (!retv) |
813 | inlen = 0; | |
814 | else | |
815 | memset(retv, 0, inlen); | |
816 | ||
1396b610 DJ |
817 | strprint(retv, inlen, "%"PRIu64, v); |
818 | ||
819 | return fulllen; | |
2ea479c9 CB |
820 | } |
821 | ||
28d9e29e CB |
822 | static int lxc_container_name_to_pid(const char *lxcname_or_pid, |
823 | const char *lxcpath) | |
824 | { | |
825 | int ret; | |
826 | signed long int pid; | |
827 | char *err = NULL; | |
828 | ||
829 | pid = strtol(lxcname_or_pid, &err, 10); | |
830 | if (*err != '\0' || pid < 1) { | |
831 | struct lxc_container *c; | |
832 | ||
833 | c = lxc_container_new(lxcname_or_pid, lxcpath); | |
834 | if (!c) { | |
835 | ERROR("\"%s\" is not a valid pid nor a container name", | |
836 | lxcname_or_pid); | |
837 | return -1; | |
838 | } | |
839 | ||
840 | if (!c->may_control(c)) { | |
841 | ERROR("Insufficient privileges to control container " | |
842 | "\"%s\"", c->name); | |
843 | lxc_container_put(c); | |
844 | return -1; | |
845 | } | |
846 | ||
847 | pid = c->init_pid(c); | |
848 | if (pid < 1) { | |
849 | ERROR("Container \"%s\" is not running", c->name); | |
850 | lxc_container_put(c); | |
851 | return -1; | |
852 | } | |
853 | ||
854 | lxc_container_put(c); | |
855 | } | |
856 | ||
857 | ret = kill(pid, 0); | |
858 | if (ret < 0) { | |
6d1400b5 | 859 | SYSERROR("Failed to send signal to pid %d", (int)pid); |
29c98ddd | 860 | return -1; |
28d9e29e CB |
861 | } |
862 | ||
863 | return pid; | |
864 | } | |
865 | ||
39e6fd36 | 866 | int lxc_inherit_namespace(const char *nsfd_path, const char *lxcpath, |
28d9e29e CB |
867 | const char *namespace) |
868 | { | |
869 | int fd, pid; | |
870 | char *dup, *lastslash; | |
871 | ||
39e6fd36 SH |
872 | if (nsfd_path[0] == '/') { |
873 | return open(nsfd_path, O_RDONLY | O_CLOEXEC); | |
874 | } | |
875 | ||
876 | lastslash = strrchr(nsfd_path, '/'); | |
28d9e29e | 877 | if (lastslash) { |
39e6fd36 | 878 | dup = strdup(nsfd_path); |
28d9e29e | 879 | if (!dup) |
29c98ddd | 880 | return -1; |
28d9e29e | 881 | |
39e6fd36 | 882 | dup[lastslash - nsfd_path] = '\0'; |
71649566 | 883 | pid = lxc_container_name_to_pid(lastslash + 1, dup); |
28d9e29e CB |
884 | free(dup); |
885 | } else { | |
39e6fd36 | 886 | pid = lxc_container_name_to_pid(nsfd_path, lxcpath); |
28d9e29e CB |
887 | } |
888 | ||
889 | if (pid < 0) | |
29c98ddd | 890 | return -1; |
28d9e29e CB |
891 | |
892 | fd = lxc_preserve_ns(pid, namespace); | |
893 | if (fd < 0) | |
29c98ddd | 894 | return -1; |
28d9e29e CB |
895 | |
896 | return fd; | |
897 | } | |
f6e32eb0 CB |
898 | |
899 | struct signame { | |
900 | int num; | |
901 | const char *name; | |
902 | }; | |
903 | ||
904 | static const struct signame signames[] = { | |
905 | { SIGHUP, "HUP" }, | |
906 | { SIGINT, "INT" }, | |
907 | { SIGQUIT, "QUIT" }, | |
908 | { SIGILL, "ILL" }, | |
909 | { SIGABRT, "ABRT" }, | |
910 | { SIGFPE, "FPE" }, | |
911 | { SIGKILL, "KILL" }, | |
912 | { SIGSEGV, "SEGV" }, | |
913 | { SIGPIPE, "PIPE" }, | |
914 | { SIGALRM, "ALRM" }, | |
915 | { SIGTERM, "TERM" }, | |
916 | { SIGUSR1, "USR1" }, | |
917 | { SIGUSR2, "USR2" }, | |
918 | { SIGCHLD, "CHLD" }, | |
919 | { SIGCONT, "CONT" }, | |
920 | { SIGSTOP, "STOP" }, | |
921 | { SIGTSTP, "TSTP" }, | |
922 | { SIGTTIN, "TTIN" }, | |
923 | { SIGTTOU, "TTOU" }, | |
924 | #ifdef SIGTRAP | |
925 | { SIGTRAP, "TRAP" }, | |
926 | #endif | |
927 | #ifdef SIGIOT | |
928 | { SIGIOT, "IOT" }, | |
929 | #endif | |
930 | #ifdef SIGEMT | |
931 | { SIGEMT, "EMT" }, | |
932 | #endif | |
933 | #ifdef SIGBUS | |
934 | { SIGBUS, "BUS" }, | |
935 | #endif | |
936 | #ifdef SIGSTKFLT | |
937 | { SIGSTKFLT, "STKFLT" }, | |
938 | #endif | |
939 | #ifdef SIGCLD | |
940 | { SIGCLD, "CLD" }, | |
941 | #endif | |
942 | #ifdef SIGURG | |
943 | { SIGURG, "URG" }, | |
944 | #endif | |
945 | #ifdef SIGXCPU | |
946 | { SIGXCPU, "XCPU" }, | |
947 | #endif | |
948 | #ifdef SIGXFSZ | |
949 | { SIGXFSZ, "XFSZ" }, | |
950 | #endif | |
951 | #ifdef SIGVTALRM | |
952 | { SIGVTALRM, "VTALRM" }, | |
953 | #endif | |
954 | #ifdef SIGPROF | |
955 | { SIGPROF, "PROF" }, | |
956 | #endif | |
957 | #ifdef SIGWINCH | |
958 | { SIGWINCH, "WINCH" }, | |
959 | #endif | |
960 | #ifdef SIGIO | |
961 | { SIGIO, "IO" }, | |
962 | #endif | |
963 | #ifdef SIGPOLL | |
964 | { SIGPOLL, "POLL" }, | |
965 | #endif | |
966 | #ifdef SIGINFO | |
967 | { SIGINFO, "INFO" }, | |
968 | #endif | |
969 | #ifdef SIGLOST | |
970 | { SIGLOST, "LOST" }, | |
971 | #endif | |
972 | #ifdef SIGPWR | |
973 | { SIGPWR, "PWR" }, | |
974 | #endif | |
975 | #ifdef SIGUNUSED | |
976 | { SIGUNUSED, "UNUSED" }, | |
977 | #endif | |
978 | #ifdef SIGSYS | |
979 | { SIGSYS, "SYS" }, | |
980 | #endif | |
981 | }; | |
982 | ||
983 | static int sig_num(const char *sig) | |
984 | { | |
985 | unsigned int signum; | |
986 | ||
987 | if (lxc_safe_uint(sig, &signum) < 0) | |
988 | return -1; | |
989 | ||
990 | return signum; | |
991 | } | |
992 | ||
993 | static int rt_sig_num(const char *signame) | |
994 | { | |
995 | int rtmax = 0, sig_n = 0; | |
996 | ||
29c98ddd | 997 | if (strncasecmp(signame, "max-", 4) == 0) |
f6e32eb0 | 998 | rtmax = 1; |
f6e32eb0 CB |
999 | |
1000 | signame += 4; | |
1001 | if (!isdigit(*signame)) | |
1002 | return -1; | |
1003 | ||
1004 | sig_n = sig_num(signame); | |
1005 | sig_n = rtmax ? SIGRTMAX - sig_n : SIGRTMIN + sig_n; | |
1006 | if (sig_n > SIGRTMAX || sig_n < SIGRTMIN) | |
1007 | return -1; | |
1008 | ||
1009 | return sig_n; | |
1010 | } | |
1011 | ||
1012 | int sig_parse(const char *signame) | |
1013 | { | |
1014 | size_t n; | |
1015 | ||
1016 | if (isdigit(*signame)) { | |
1017 | return sig_num(signame); | |
1018 | } else if (strncasecmp(signame, "sig", 3) == 0) { | |
1019 | signame += 3; | |
1020 | if (strncasecmp(signame, "rt", 2) == 0) | |
1021 | return rt_sig_num(signame + 2); | |
29c98ddd | 1022 | |
1023 | for (n = 0; n < sizeof(signames) / sizeof((signames)[0]); n++) | |
f6e32eb0 CB |
1024 | if (strcasecmp(signames[n].name, signame) == 0) |
1025 | return signames[n].num; | |
f6e32eb0 CB |
1026 | } |
1027 | ||
1028 | return -1; | |
1029 | } |