]>
Commit | Line | Data |
---|---|---|
cc73685d | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
0b843d35 | 2 | |
d38dd64a CB |
3 | #ifndef _GNU_SOURCE |
4 | #define _GNU_SOURCE 1 | |
5 | #endif | |
6 | #include <arpa/inet.h> | |
f9373e40 | 7 | #include <ctype.h> |
0b843d35 | 8 | #include <stdio.h> |
ce2f5ae8 | 9 | #include <stdlib.h> |
0b843d35 CB |
10 | #include <string.h> |
11 | ||
663e9916 | 12 | #include "conf.h" |
d38dd64a | 13 | #include "config.h" |
ce2f5ae8 CB |
14 | #include "confile.h" |
15 | #include "confile_utils.h" | |
16 | #include "error.h" | |
ce2f5ae8 | 17 | #include "list.h" |
fd47e5f1 | 18 | #include "lxc.h" |
28d9e29e CB |
19 | #include "log.h" |
20 | #include "lxccontainer.h" | |
7b15813c | 21 | #include "macro.h" |
a4809e4e | 22 | #include "memory_utils.h" |
811ef482 | 23 | #include "network.h" |
f9373e40 | 24 | #include "parse.h" |
0b843d35 CB |
25 | #include "utils.h" |
26 | ||
18cd4b54 DJ |
27 | #ifndef HAVE_STRLCPY |
28 | #include "include/strlcpy.h" | |
29 | #endif | |
30 | ||
ac2cecc4 | 31 | lxc_log_define(confile_utils, lxc); |
ce2f5ae8 | 32 | |
0b843d35 CB |
33 | int parse_idmaps(const char *idmap, char *type, unsigned long *nsid, |
34 | unsigned long *hostid, unsigned long *range) | |
35 | { | |
a4809e4e | 36 | __do_free char *dup = NULL; |
0b843d35 CB |
37 | int ret = -1; |
38 | unsigned long tmp_hostid, tmp_nsid, tmp_range; | |
39 | char tmp_type; | |
40 | char *window, *slide; | |
0b843d35 CB |
41 | |
42 | /* Duplicate string. */ | |
43 | dup = strdup(idmap); | |
44 | if (!dup) | |
a4809e4e | 45 | return ret_errno(ENOMEM); |
0b843d35 CB |
46 | |
47 | /* A prototypical idmap entry would be: "u 1000 1000000 65536" */ | |
48 | ||
49 | /* align */ | |
50 | slide = window = dup; | |
51 | /* skip whitespace */ | |
52 | slide += strspn(slide, " \t\r"); | |
53 | if (slide != window && *slide == '\0') | |
a4809e4e | 54 | return ret_errno(EINVAL); |
0b843d35 CB |
55 | |
56 | /* Validate type. */ | |
a4809e4e CB |
57 | if (*slide != 'u' && *slide != 'g') |
58 | return log_error_errno(-EINVAL, EINVAL, "Invalid id mapping type: %c", *slide); | |
a8b1ac78 | 59 | |
0b843d35 CB |
60 | /* Assign type. */ |
61 | tmp_type = *slide; | |
62 | ||
63 | /* move beyond type */ | |
64 | slide++; | |
65 | /* align */ | |
66 | window = slide; | |
67 | /* Validate that only whitespace follows. */ | |
68 | slide += strspn(slide, " \t\r"); | |
69 | /* There must be whitespace. */ | |
70 | if (slide == window) | |
a4809e4e | 71 | return ret_errno(EINVAL); |
0b843d35 | 72 | |
f37d1c22 | 73 | /* Mark beginning of nsid. */ |
0b843d35 CB |
74 | window = slide; |
75 | /* Validate that non-whitespace follows. */ | |
76 | slide += strcspn(slide, " \t\r"); | |
77 | /* There must be non-whitespace. */ | |
78 | if (slide == window || *slide == '\0') | |
a4809e4e | 79 | return ret_errno(EINVAL); |
f37d1c22 | 80 | /* Mark end of nsid. */ |
0b843d35 CB |
81 | *slide = '\0'; |
82 | ||
f37d1c22 | 83 | /* Parse nsid. */ |
a4809e4e CB |
84 | ret = lxc_safe_ulong(window, &tmp_nsid); |
85 | if (ret < 0) | |
86 | return log_error_errno(ret, errno, "Failed to parse nsid: %s", window); | |
0b843d35 CB |
87 | |
88 | /* Move beyond \0. */ | |
89 | slide++; | |
0b843d35 CB |
90 | /* Validate that only whitespace follows. */ |
91 | slide += strspn(slide, " \t\r"); | |
92 | /* If there was only one whitespace then we whiped it with our \0 above. | |
93 | * So only ensure that we're not at the end of the string. | |
94 | */ | |
95 | if (*slide == '\0') | |
a4809e4e | 96 | return ret_errno(EINVAL); |
0b843d35 CB |
97 | |
98 | /* Mark beginning of hostid. */ | |
99 | window = slide; | |
100 | /* Validate that non-whitespace follows. */ | |
101 | slide += strcspn(slide, " \t\r"); | |
102 | /* There must be non-whitespace. */ | |
103 | if (slide == window || *slide == '\0') | |
a4809e4e | 104 | return ret_errno(EINVAL); |
f37d1c22 | 105 | /* Mark end of nsid. */ |
0b843d35 CB |
106 | *slide = '\0'; |
107 | ||
108 | /* Parse hostid. */ | |
a4809e4e CB |
109 | ret = lxc_safe_ulong(window, &tmp_hostid); |
110 | if (ret < 0) | |
111 | return log_error_errno(ret, errno, "Failed to parse hostid: %s", window); | |
0b843d35 CB |
112 | |
113 | /* Move beyond \0. */ | |
114 | slide++; | |
0b843d35 CB |
115 | /* Validate that only whitespace follows. */ |
116 | slide += strspn(slide, " \t\r"); | |
117 | /* If there was only one whitespace then we whiped it with our \0 above. | |
118 | * So only ensure that we're not at the end of the string. | |
119 | */ | |
120 | if (*slide == '\0') | |
a4809e4e | 121 | return ret_errno(EINVAL); |
0b843d35 CB |
122 | |
123 | /* Mark beginning of range. */ | |
124 | window = slide; | |
125 | /* Validate that non-whitespace follows. */ | |
126 | slide += strcspn(slide, " \t\r"); | |
127 | /* There must be non-whitespace. */ | |
128 | if (slide == window) | |
a4809e4e | 129 | return ret_errno(EINVAL); |
0b843d35 CB |
130 | |
131 | /* The range is the last valid entry we expect. So make sure that there | |
f37d1c22 | 132 | * is no trailing garbage and if there is, error out. |
0b843d35 CB |
133 | */ |
134 | if (*(slide + strspn(slide, " \t\r\n")) != '\0') | |
a4809e4e | 135 | return ret_errno(EINVAL); |
29c98ddd | 136 | |
0b843d35 CB |
137 | /* Mark end of range. */ |
138 | *slide = '\0'; | |
139 | ||
140 | /* Parse range. */ | |
a4809e4e CB |
141 | ret = lxc_safe_ulong(window, &tmp_range); |
142 | if (ret < 0) | |
143 | return log_error_errno(ret, errno, "Failed to parse id mapping range: %s", window); | |
0b843d35 | 144 | |
a4809e4e CB |
145 | *type = tmp_type; |
146 | *nsid = tmp_nsid; | |
0b843d35 | 147 | *hostid = tmp_hostid; |
a4809e4e | 148 | *range = tmp_range; |
0b843d35 CB |
149 | |
150 | /* Yay, we survived. */ | |
a4809e4e | 151 | return 0; |
0b843d35 | 152 | } |
663e9916 CB |
153 | |
154 | bool lxc_config_value_empty(const char *value) | |
155 | { | |
156 | if (value && strlen(value) > 0) | |
157 | return false; | |
158 | ||
159 | return true; | |
160 | } | |
ce2f5ae8 | 161 | |
c302b476 | 162 | struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail) |
ce2f5ae8 | 163 | { |
1e323af6 CB |
164 | __do_free struct lxc_list *newlist = NULL; |
165 | __do_free struct lxc_netdev *netdev = NULL; | |
ce2f5ae8 CB |
166 | |
167 | /* network does not exist */ | |
9dffc40e | 168 | netdev = zalloc(sizeof(*netdev)); |
ce2f5ae8 | 169 | if (!netdev) |
1e323af6 | 170 | return ret_set_errno(NULL, ENOMEM); |
ce2f5ae8 CB |
171 | |
172 | memset(netdev, 0, sizeof(*netdev)); | |
173 | lxc_list_init(&netdev->ipv4); | |
174 | lxc_list_init(&netdev->ipv6); | |
175 | ||
176 | /* give network a unique index */ | |
177 | netdev->idx = idx; | |
178 | ||
179 | /* prepare new list */ | |
9dffc40e | 180 | newlist = zalloc(sizeof(*newlist)); |
1e323af6 CB |
181 | if (!newlist) |
182 | return ret_set_errno(NULL, ENOMEM); | |
ce2f5ae8 CB |
183 | |
184 | lxc_list_init(newlist); | |
185 | newlist->elem = netdev; | |
186 | ||
c302b476 CB |
187 | if (tail) |
188 | lxc_list_add_tail(networks, newlist); | |
189 | else | |
190 | lxc_list_add(networks, newlist); | |
1e323af6 | 191 | move_ptr(newlist); |
29c98ddd | 192 | |
1e323af6 | 193 | return move_ptr(netdev); |
ce2f5ae8 | 194 | } |
1ed6ba91 | 195 | |
c302b476 CB |
196 | /* Takes care of finding the correct netdev struct in the networks list or |
197 | * allocates a new one if it couldn't be found. | |
198 | */ | |
199 | struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf, | |
200 | unsigned int idx, bool allocate) | |
201 | { | |
202 | struct lxc_netdev *netdev = NULL; | |
203 | struct lxc_list *networks = &conf->network; | |
204 | struct lxc_list *insert = networks; | |
205 | ||
206 | /* lookup network */ | |
207 | if (!lxc_list_empty(networks)) { | |
208 | lxc_list_for_each(insert, networks) { | |
209 | netdev = insert->elem; | |
210 | if (netdev->idx == idx) | |
211 | return netdev; | |
212 | else if (netdev->idx > idx) | |
213 | break; | |
214 | } | |
215 | } | |
216 | ||
217 | if (!allocate) | |
2a655c0d | 218 | return ret_set_errno(NULL, EINVAL); |
c302b476 CB |
219 | |
220 | return lxc_network_add(insert, idx, true); | |
221 | } | |
222 | ||
1ed6ba91 CB |
223 | void lxc_log_configured_netdevs(const struct lxc_conf *conf) |
224 | { | |
225 | struct lxc_netdev *netdev; | |
226 | struct lxc_list *it = (struct lxc_list *)&conf->network;; | |
227 | ||
4ac35afb | 228 | if (!lxc_log_trace()) |
1ed6ba91 CB |
229 | return; |
230 | ||
231 | if (lxc_list_empty(it)) { | |
232 | TRACE("container has no networks configured"); | |
233 | return; | |
234 | } | |
235 | ||
236 | lxc_list_for_each(it, &conf->network) { | |
9b0df30f CB |
237 | struct lxc_list *cur, *next; |
238 | struct lxc_inetdev *inet4dev; | |
239 | struct lxc_inet6dev *inet6dev; | |
240 | char bufinet4[INET_ADDRSTRLEN], bufinet6[INET6_ADDRSTRLEN]; | |
241 | ||
1ed6ba91 CB |
242 | netdev = it->elem; |
243 | ||
c302b476 | 244 | TRACE("index: %zd", netdev->idx); |
7a582518 | 245 | TRACE("ifindex: %d", netdev->ifindex); |
29c98ddd | 246 | |
1ed6ba91 CB |
247 | switch (netdev->type) { |
248 | case LXC_NET_VETH: | |
249 | TRACE("type: veth"); | |
134ded24 | 250 | TRACE("veth mode: %d", netdev->priv.veth_attr.mode); |
29c98ddd | 251 | |
de4855a8 | 252 | if (netdev->priv.veth_attr.pair[0] != '\0') |
9b0df30f CB |
253 | TRACE("veth pair: %s", |
254 | netdev->priv.veth_attr.pair); | |
29c98ddd | 255 | |
8ce727fc CB |
256 | if (netdev->priv.veth_attr.veth1[0] != '\0') |
257 | TRACE("veth1 : %s", | |
258 | netdev->priv.veth_attr.veth1); | |
29c98ddd | 259 | |
d952b351 CB |
260 | if (netdev->priv.veth_attr.ifindex > 0) |
261 | TRACE("host side ifindex for veth device: %d", | |
262 | netdev->priv.veth_attr.ifindex); | |
134ded24 TP |
263 | |
264 | if (netdev->priv.veth_attr.vlan_id_set) | |
265 | TRACE("veth vlan id: %d", netdev->priv.veth_attr.vlan_id); | |
266 | ||
1f92ddc1 TP |
267 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.vlan_tagged_ids, next) { |
268 | unsigned short vlan_tagged_id = PTR_TO_USHORT(cur->elem); | |
269 | TRACE("veth vlan tagged id: %u", vlan_tagged_id); | |
270 | } | |
271 | ||
1ed6ba91 CB |
272 | break; |
273 | case LXC_NET_MACVLAN: | |
274 | TRACE("type: macvlan"); | |
29c98ddd | 275 | |
9b0df30f | 276 | if (netdev->priv.macvlan_attr.mode > 0) { |
7b15813c | 277 | char *mode; |
29c98ddd | 278 | |
7b15813c | 279 | mode = lxc_macvlan_flag_to_mode( |
9b0df30f CB |
280 | netdev->priv.macvlan_attr.mode); |
281 | TRACE("macvlan mode: %s", | |
7b15813c | 282 | mode ? mode : "(invalid mode)"); |
9b0df30f | 283 | } |
1ed6ba91 | 284 | break; |
c9f52382 | 285 | case LXC_NET_IPVLAN: |
286 | TRACE("type: ipvlan"); | |
287 | ||
288 | char *mode; | |
289 | mode = lxc_ipvlan_flag_to_mode(netdev->priv.ipvlan_attr.mode); | |
290 | TRACE("ipvlan mode: %s", mode ? mode : "(invalid mode)"); | |
291 | ||
292 | char *isolation; | |
293 | isolation = lxc_ipvlan_flag_to_isolation(netdev->priv.ipvlan_attr.isolation); | |
294 | TRACE("ipvlan isolation: %s", isolation ? isolation : "(invalid isolation)"); | |
295 | break; | |
1ed6ba91 CB |
296 | case LXC_NET_VLAN: |
297 | TRACE("type: vlan"); | |
9b0df30f | 298 | TRACE("vlan id: %d", netdev->priv.vlan_attr.vid); |
1ed6ba91 CB |
299 | break; |
300 | case LXC_NET_PHYS: | |
301 | TRACE("type: phys"); | |
29c98ddd | 302 | |
303 | if (netdev->priv.phys_attr.ifindex > 0) | |
b809f232 CB |
304 | TRACE("host side ifindex for phys device: %d", |
305 | netdev->priv.phys_attr.ifindex); | |
1ed6ba91 CB |
306 | break; |
307 | case LXC_NET_EMPTY: | |
308 | TRACE("type: empty"); | |
309 | break; | |
310 | case LXC_NET_NONE: | |
311 | TRACE("type: none"); | |
312 | break; | |
313 | default: | |
d4a7da46 | 314 | ERROR("Invalid network type %d", netdev->type); |
1ed6ba91 CB |
315 | return; |
316 | } | |
317 | ||
9b0df30f CB |
318 | if (netdev->type != LXC_NET_EMPTY) { |
319 | TRACE("flags: %s", | |
320 | netdev->flags == IFF_UP ? "up" : "none"); | |
29c98ddd | 321 | |
de4855a8 | 322 | if (netdev->link[0] != '\0') |
9b0df30f | 323 | TRACE("link: %s", netdev->link); |
29c98ddd | 324 | |
6509154d | 325 | /* l2proxy only used when link is specified */ |
326 | if (netdev->link[0] != '\0') | |
327 | TRACE("l2proxy: %s", netdev->l2proxy ? "true" : "false"); | |
328 | ||
de4855a8 | 329 | if (netdev->name[0] != '\0') |
9b0df30f | 330 | TRACE("name: %s", netdev->name); |
29c98ddd | 331 | |
9b0df30f CB |
332 | if (netdev->hwaddr) |
333 | TRACE("hwaddr: %s", netdev->hwaddr); | |
29c98ddd | 334 | |
9b0df30f CB |
335 | if (netdev->mtu) |
336 | TRACE("mtu: %s", netdev->mtu); | |
29c98ddd | 337 | |
9b0df30f CB |
338 | if (netdev->upscript) |
339 | TRACE("upscript: %s", netdev->upscript); | |
29c98ddd | 340 | |
9b0df30f CB |
341 | if (netdev->downscript) |
342 | TRACE("downscript: %s", netdev->downscript); | |
343 | ||
344 | TRACE("ipv4 gateway auto: %s", | |
345 | netdev->ipv4_gateway_auto ? "true" : "false"); | |
346 | ||
a2f9a670 | 347 | TRACE("ipv4 gateway dev: %s", |
348 | netdev->ipv4_gateway_dev ? "true" : "false"); | |
349 | ||
9b0df30f CB |
350 | if (netdev->ipv4_gateway) { |
351 | inet_ntop(AF_INET, netdev->ipv4_gateway, | |
352 | bufinet4, sizeof(bufinet4)); | |
353 | TRACE("ipv4 gateway: %s", bufinet4); | |
354 | } | |
355 | ||
356 | lxc_list_for_each_safe(cur, &netdev->ipv4, next) { | |
357 | inet4dev = cur->elem; | |
358 | inet_ntop(AF_INET, &inet4dev->addr, bufinet4, | |
359 | sizeof(bufinet4)); | |
360 | TRACE("ipv4 addr: %s", bufinet4); | |
361 | } | |
362 | ||
363 | TRACE("ipv6 gateway auto: %s", | |
364 | netdev->ipv6_gateway_auto ? "true" : "false"); | |
29c98ddd | 365 | |
a2f9a670 | 366 | TRACE("ipv6 gateway dev: %s", |
367 | netdev->ipv6_gateway_dev ? "true" : "false"); | |
368 | ||
9b0df30f CB |
369 | if (netdev->ipv6_gateway) { |
370 | inet_ntop(AF_INET6, netdev->ipv6_gateway, | |
371 | bufinet6, sizeof(bufinet6)); | |
372 | TRACE("ipv6 gateway: %s", bufinet6); | |
373 | } | |
29c98ddd | 374 | |
9b0df30f CB |
375 | lxc_list_for_each_safe(cur, &netdev->ipv6, next) { |
376 | inet6dev = cur->elem; | |
377 | inet_ntop(AF_INET6, &inet6dev->addr, bufinet6, | |
378 | sizeof(bufinet6)); | |
379 | TRACE("ipv6 addr: %s", bufinet6); | |
380 | } | |
d4a7da46 | 381 | |
382 | if (netdev->type == LXC_NET_VETH) { | |
383 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv4_routes, next) { | |
384 | inet4dev = cur->elem; | |
385 | if (!inet_ntop(AF_INET, &inet4dev->addr, bufinet4, sizeof(bufinet4))) { | |
386 | ERROR("Invalid ipv4 veth route"); | |
387 | return; | |
388 | } | |
389 | ||
390 | TRACE("ipv4 veth route: %s/%u", bufinet4, inet4dev->prefix); | |
391 | } | |
392 | ||
393 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv6_routes, next) { | |
394 | inet6dev = cur->elem; | |
395 | if (!inet_ntop(AF_INET6, &inet6dev->addr, bufinet6, sizeof(bufinet6))) { | |
396 | ERROR("Invalid ipv6 veth route"); | |
397 | return; | |
398 | } | |
399 | ||
400 | TRACE("ipv6 veth route: %s/%u", bufinet6, inet6dev->prefix); | |
401 | } | |
402 | } | |
9b0df30f | 403 | } |
1ed6ba91 CB |
404 | } |
405 | } | |
519df1c1 | 406 | |
e5d2fd7c CB |
407 | static void lxc_free_netdev(struct lxc_netdev *netdev) |
408 | { | |
409 | struct lxc_list *cur, *next; | |
410 | ||
06db6101 CB |
411 | if (!netdev) |
412 | return; | |
413 | ||
e5d2fd7c CB |
414 | free(netdev->upscript); |
415 | free(netdev->downscript); | |
416 | free(netdev->hwaddr); | |
417 | free(netdev->mtu); | |
418 | ||
419 | free(netdev->ipv4_gateway); | |
420 | lxc_list_for_each_safe(cur, &netdev->ipv4, next) { | |
421 | lxc_list_del(cur); | |
422 | free(cur->elem); | |
423 | free(cur); | |
424 | } | |
425 | ||
426 | free(netdev->ipv6_gateway); | |
427 | lxc_list_for_each_safe(cur, &netdev->ipv6, next) { | |
428 | lxc_list_del(cur); | |
429 | free(cur->elem); | |
430 | free(cur); | |
431 | } | |
432 | ||
d4a7da46 | 433 | if (netdev->type == LXC_NET_VETH) { |
434 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv4_routes, next) { | |
435 | lxc_list_del(cur); | |
436 | free(cur->elem); | |
437 | free(cur); | |
438 | } | |
439 | ||
440 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.ipv6_routes, next) { | |
441 | lxc_list_del(cur); | |
442 | free(cur->elem); | |
443 | free(cur); | |
444 | } | |
3a0049f3 TP |
445 | |
446 | lxc_list_for_each_safe(cur, &netdev->priv.veth_attr.vlan_tagged_ids, next) { | |
447 | lxc_list_del(cur); | |
448 | free(cur); | |
449 | } | |
d4a7da46 | 450 | } |
451 | ||
e5d2fd7c CB |
452 | free(netdev); |
453 | } | |
454 | ||
06db6101 CB |
455 | define_cleanup_function(struct lxc_netdev *, lxc_free_netdev); |
456 | ||
519df1c1 CB |
457 | bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx) |
458 | { | |
06db6101 | 459 | call_cleaner(lxc_free_netdev) struct lxc_netdev *netdev = NULL; |
e5d2fd7c | 460 | struct lxc_list *cur, *next; |
519df1c1 CB |
461 | |
462 | lxc_list_for_each_safe(cur, &conf->network, next) { | |
463 | netdev = cur->elem; | |
464 | if (netdev->idx != idx) | |
465 | continue; | |
466 | ||
467 | lxc_list_del(cur); | |
06db6101 | 468 | return true; |
519df1c1 CB |
469 | } |
470 | ||
06db6101 | 471 | return false; |
519df1c1 | 472 | } |
e5d2fd7c | 473 | |
c302b476 | 474 | void lxc_free_networks(struct lxc_list *networks) |
e5d2fd7c CB |
475 | { |
476 | struct lxc_list *cur, *next; | |
e5d2fd7c | 477 | |
89d66b41 CB |
478 | lxc_list_for_each_safe (cur, networks, next) { |
479 | struct lxc_netdev *netdev = cur->elem; | |
c461b9c7 CB |
480 | |
481 | lxc_list_del(cur); | |
e5d2fd7c | 482 | lxc_free_netdev(netdev); |
e5d2fd7c CB |
483 | } |
484 | ||
485 | /* prevent segfaults */ | |
c302b476 | 486 | lxc_list_init(networks); |
e5d2fd7c | 487 | } |
9b0df30f | 488 | |
3f0ed090 TP |
489 | static struct lxc_veth_mode { |
490 | char *name; | |
491 | int mode; | |
492 | } veth_mode[] = { | |
ecf953c5 CB |
493 | { "bridge", VETH_MODE_BRIDGE }, |
494 | { "router", VETH_MODE_ROUTER }, | |
3f0ed090 TP |
495 | }; |
496 | ||
497 | int lxc_veth_mode_to_flag(int *mode, const char *value) | |
498 | { | |
499 | for (size_t i = 0; i < sizeof(veth_mode) / sizeof(veth_mode[0]); i++) { | |
676cd75c | 500 | if (!strequal(veth_mode[i].name, value)) |
3f0ed090 TP |
501 | continue; |
502 | ||
503 | *mode = veth_mode[i].mode; | |
504 | return 0; | |
505 | } | |
506 | ||
9e75cf7a | 507 | return ret_errno(EINVAL); |
3f0ed090 TP |
508 | } |
509 | ||
756cadb6 CB |
510 | char *lxc_veth_flag_to_mode(int mode) |
511 | { | |
512 | for (size_t i = 0; i < sizeof(veth_mode) / sizeof(veth_mode[0]); i++) { | |
513 | if (veth_mode[i].mode != mode) | |
514 | continue; | |
515 | ||
516 | return veth_mode[i].name; | |
517 | } | |
518 | ||
97ea2c2d | 519 | return ret_set_errno(NULL, EINVAL); |
756cadb6 CB |
520 | } |
521 | ||
7b15813c | 522 | static struct lxc_macvlan_mode { |
9b0df30f CB |
523 | char *name; |
524 | int mode; | |
525 | } macvlan_mode[] = { | |
faf7e3ba CB |
526 | { "private", MACVLAN_MODE_PRIVATE }, |
527 | { "vepa", MACVLAN_MODE_VEPA }, | |
528 | { "bridge", MACVLAN_MODE_BRIDGE }, | |
529 | { "passthru", MACVLAN_MODE_PASSTHRU }, | |
9b0df30f CB |
530 | }; |
531 | ||
532 | int lxc_macvlan_mode_to_flag(int *mode, const char *value) | |
533 | { | |
fa204110 | 534 | for (size_t i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) { |
676cd75c | 535 | if (!strequal(macvlan_mode[i].name, value)) |
9b0df30f CB |
536 | continue; |
537 | ||
538 | *mode = macvlan_mode[i].mode; | |
539 | return 0; | |
540 | } | |
541 | ||
fa204110 | 542 | return ret_errno(EINVAL); |
9b0df30f CB |
543 | } |
544 | ||
545 | char *lxc_macvlan_flag_to_mode(int mode) | |
546 | { | |
65066407 | 547 | for (size_t i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) { |
b56680fd | 548 | if (macvlan_mode[i].mode != mode) |
9b0df30f CB |
549 | continue; |
550 | ||
551 | return macvlan_mode[i].name; | |
552 | } | |
553 | ||
65066407 | 554 | return ret_set_errno(NULL, EINVAL); |
9b0df30f | 555 | } |
f9373e40 | 556 | |
c9f52382 | 557 | static struct lxc_ipvlan_mode { |
558 | char *name; | |
559 | int mode; | |
560 | } ipvlan_mode[] = { | |
cdc5e017 CB |
561 | { "l3", IPVLAN_MODE_L3 }, |
562 | { "l3s", IPVLAN_MODE_L3S }, | |
563 | { "l2", IPVLAN_MODE_L2 }, | |
c9f52382 | 564 | }; |
565 | ||
566 | int lxc_ipvlan_mode_to_flag(int *mode, const char *value) | |
567 | { | |
568 | for (size_t i = 0; i < sizeof(ipvlan_mode) / sizeof(ipvlan_mode[0]); i++) { | |
676cd75c | 569 | if (!strequal(ipvlan_mode[i].name, value)) |
c9f52382 | 570 | continue; |
571 | ||
572 | *mode = ipvlan_mode[i].mode; | |
573 | return 0; | |
574 | } | |
575 | ||
345c0c49 | 576 | return ret_errno(EINVAL); |
c9f52382 | 577 | } |
578 | ||
579 | char *lxc_ipvlan_flag_to_mode(int mode) | |
580 | { | |
581 | for (size_t i = 0; i < sizeof(ipvlan_mode) / sizeof(ipvlan_mode[0]); i++) { | |
582 | if (ipvlan_mode[i].mode != mode) | |
583 | continue; | |
584 | ||
585 | return ipvlan_mode[i].name; | |
586 | } | |
587 | ||
c789d162 | 588 | return ret_set_errno(NULL, EINVAL); |
c9f52382 | 589 | } |
590 | ||
591 | static struct lxc_ipvlan_isolation { | |
592 | char *name; | |
593 | int flag; | |
594 | } ipvlan_isolation[] = { | |
11e5a00f CB |
595 | { "bridge", IPVLAN_ISOLATION_BRIDGE }, |
596 | { "private", IPVLAN_ISOLATION_PRIVATE }, | |
597 | { "vepa", IPVLAN_ISOLATION_VEPA }, | |
c9f52382 | 598 | }; |
599 | ||
600 | int lxc_ipvlan_isolation_to_flag(int *flag, const char *value) | |
601 | { | |
602 | for (size_t i = 0; i < sizeof(ipvlan_isolation) / sizeof(ipvlan_isolation[0]); i++) { | |
676cd75c | 603 | if (!strequal(ipvlan_isolation[i].name, value)) |
c9f52382 | 604 | continue; |
605 | ||
606 | *flag = ipvlan_isolation[i].flag; | |
607 | return 0; | |
608 | } | |
609 | ||
f2713131 | 610 | return ret_errno(EINVAL); |
c9f52382 | 611 | } |
612 | ||
613 | char *lxc_ipvlan_flag_to_isolation(int flag) | |
614 | { | |
615 | for (size_t i = 0; i < sizeof(ipvlan_isolation) / sizeof(ipvlan_isolation[0]); i++) { | |
616 | if (ipvlan_isolation[i].flag != flag) | |
617 | continue; | |
618 | ||
619 | return ipvlan_isolation[i].name; | |
620 | } | |
621 | ||
6998880b | 622 | return ret_set_errno(NULL, EINVAL); |
c9f52382 | 623 | } |
624 | ||
f9373e40 CB |
625 | int set_config_string_item(char **conf_item, const char *value) |
626 | { | |
627 | char *new_value; | |
628 | ||
629 | if (lxc_config_value_empty(value)) { | |
f4d287ea | 630 | free_disarm(*conf_item); |
f9373e40 CB |
631 | return 0; |
632 | } | |
633 | ||
634 | new_value = strdup(value); | |
f4d287ea CB |
635 | if (!new_value) |
636 | return log_error_errno(-ENOMEM, ENOMEM, "Failed to duplicate string \"%s\"", value); | |
f9373e40 | 637 | |
f4d287ea | 638 | free_move_ptr(*conf_item, new_value); |
f9373e40 CB |
639 | return 0; |
640 | } | |
641 | ||
642 | int set_config_string_item_max(char **conf_item, const char *value, size_t max) | |
643 | { | |
21af2fbe CB |
644 | if (strlen(value) >= max) |
645 | return log_error_errno(-ENAMETOOLONG, ENAMETOOLONG, "%s is too long (>= %lu)", value, (unsigned long)max); | |
f9373e40 CB |
646 | |
647 | return set_config_string_item(conf_item, value); | |
648 | } | |
649 | ||
650 | int set_config_path_item(char **conf_item, const char *value) | |
651 | { | |
7d714159 CB |
652 | __do_free char *normalized = NULL; |
653 | ||
654 | normalized = lxc_deslashify(value); | |
655 | if (!normalized) | |
2d7b0895 | 656 | return syserror_set(-ENOMEM, "Failed to normalize path config item"); |
7d714159 CB |
657 | |
658 | return set_config_string_item_max(conf_item, normalized, PATH_MAX); | |
f9373e40 CB |
659 | } |
660 | ||
8f818a84 MB |
661 | int set_config_bool_item(bool *conf_item, const char *value, bool empty_conf_action) |
662 | { | |
4f3de2ac | 663 | int ret; |
8f818a84 MB |
664 | unsigned int val = 0; |
665 | ||
666 | if (lxc_config_value_empty(value)) { | |
667 | *conf_item = empty_conf_action; | |
668 | return 0; | |
669 | } | |
670 | ||
4f3de2ac CB |
671 | ret = lxc_safe_uint(value, &val); |
672 | if (ret < 0) | |
673 | return ret; | |
8f818a84 MB |
674 | |
675 | switch (val) { | |
676 | case 0: | |
677 | *conf_item = false; | |
678 | return 0; | |
679 | case 1: | |
680 | *conf_item = true; | |
681 | return 0; | |
682 | } | |
683 | ||
4f3de2ac | 684 | return ret_errno(EINVAL); |
8f818a84 MB |
685 | } |
686 | ||
f9373e40 CB |
687 | int config_ip_prefix(struct in_addr *addr) |
688 | { | |
689 | if (IN_CLASSA(addr->s_addr)) | |
690 | return 32 - IN_CLASSA_NSHIFT; | |
29c98ddd | 691 | |
f9373e40 CB |
692 | if (IN_CLASSB(addr->s_addr)) |
693 | return 32 - IN_CLASSB_NSHIFT; | |
29c98ddd | 694 | |
f9373e40 CB |
695 | if (IN_CLASSC(addr->s_addr)) |
696 | return 32 - IN_CLASSC_NSHIFT; | |
697 | ||
698 | return 0; | |
699 | } | |
700 | ||
18cd4b54 | 701 | int network_ifname(char *valuep, const char *value, size_t size) |
f9373e40 | 702 | { |
18cd4b54 DJ |
703 | size_t retlen; |
704 | ||
705 | if (!valuep || !value) | |
ffb7e0f6 | 706 | return ret_errno(EINVAL); |
18cd4b54 DJ |
707 | |
708 | retlen = strlcpy(valuep, value, size); | |
29c98ddd | 709 | if (retlen >= size) |
ffb7e0f6 | 710 | ERROR("Network device name \"%s\" is too long (>= %zu)", value, size); |
de4855a8 | 711 | |
de4855a8 | 712 | return 0; |
f9373e40 CB |
713 | } |
714 | ||
3db41a6c CB |
715 | bool lxc_config_net_is_hwaddr(const char *line) |
716 | { | |
717 | unsigned index; | |
718 | char tmp[7]; | |
719 | ||
1c95f94c | 720 | if (!strnequal(line, "lxc.net", 7)) |
3db41a6c CB |
721 | return false; |
722 | ||
1c95f94c | 723 | if (strnequal(line, "lxc.net.hwaddr", 14)) |
3db41a6c CB |
724 | return true; |
725 | ||
1c95f94c | 726 | if (strnequal(line, "lxc.network.hwaddr", 18)) |
3db41a6c CB |
727 | return true; |
728 | ||
729 | if (sscanf(line, "lxc.net.%u.%6s", &index, tmp) == 2 || | |
730 | sscanf(line, "lxc.network.%u.%6s", &index, tmp) == 2) | |
1c95f94c | 731 | return strnequal(tmp, "hwaddr", 6); |
3db41a6c CB |
732 | |
733 | return false; | |
734 | } | |
735 | ||
29c98ddd | 736 | void rand_complete_hwaddr(char *hwaddr) |
f9373e40 CB |
737 | { |
738 | const char hex[] = "0123456789abcdef"; | |
739 | char *curs = hwaddr; | |
280cc35f | 740 | #ifdef HAVE_RAND_R |
f9373e40 CB |
741 | unsigned int seed; |
742 | ||
743 | seed = randseed(false); | |
280cc35f | 744 | #else |
745 | ||
746 | (void)randseed(true); | |
f9373e40 | 747 | #endif |
280cc35f | 748 | |
f9373e40 CB |
749 | while (*curs != '\0' && *curs != '\n') { |
750 | if (*curs == 'x' || *curs == 'X') { | |
751 | if (curs - hwaddr == 1) { | |
752 | /* ensure address is unicast */ | |
753 | #ifdef HAVE_RAND_R | |
754 | *curs = hex[rand_r(&seed) & 0x0E]; | |
755 | } else { | |
756 | *curs = hex[rand_r(&seed) & 0x0F]; | |
757 | #else | |
758 | *curs = hex[rand() & 0x0E]; | |
759 | } else { | |
760 | *curs = hex[rand() & 0x0F]; | |
761 | #endif | |
762 | } | |
763 | } | |
764 | curs++; | |
765 | } | |
f9373e40 CB |
766 | } |
767 | ||
f9373e40 CB |
768 | bool new_hwaddr(char *hwaddr) |
769 | { | |
770 | int ret; | |
280cc35f | 771 | #ifdef HAVE_RAND_R |
772 | unsigned int seed; | |
773 | ||
774 | seed = randseed(false); | |
775 | ||
34a51534 | 776 | ret = strnprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand_r(&seed) % 255, |
280cc35f | 777 | rand_r(&seed) % 255, rand_r(&seed) % 255); |
778 | #else | |
f9373e40 CB |
779 | |
780 | (void)randseed(true); | |
781 | ||
34a51534 | 782 | ret = strnprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255, |
f9373e40 | 783 | rand() % 255, rand() % 255); |
280cc35f | 784 | #endif |
34a51534 CB |
785 | if (ret < 0) |
786 | return log_error_errno(false, EIO, "Failed to call strnprintf()"); | |
f9373e40 CB |
787 | |
788 | return true; | |
789 | } | |
953fe44f CB |
790 | |
791 | int lxc_get_conf_str(char *retv, int inlen, const char *value) | |
792 | { | |
d3bdf12c CB |
793 | size_t value_len; |
794 | ||
953fe44f CB |
795 | if (!value) |
796 | return 0; | |
d3bdf12c CB |
797 | |
798 | value_len = strlen(value); | |
799 | if (retv && inlen >= value_len + 1) | |
800 | memcpy(retv, value, value_len + 1); | |
953fe44f | 801 | |
29c98ddd | 802 | return value_len; |
953fe44f CB |
803 | } |
804 | ||
6e54330c CB |
805 | int lxc_get_conf_bool(struct lxc_conf *c, char *retv, int inlen, bool v) |
806 | { | |
807 | int len; | |
808 | int fulllen = 0; | |
809 | ||
810 | if (!retv) | |
811 | inlen = 0; | |
812 | else | |
813 | memset(retv, 0, inlen); | |
814 | ||
815 | strprint(retv, inlen, "%d", v); | |
816 | ||
817 | return fulllen; | |
818 | } | |
819 | ||
953fe44f CB |
820 | int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v) |
821 | { | |
1396b610 DJ |
822 | int len; |
823 | int fulllen = 0; | |
824 | ||
953fe44f CB |
825 | if (!retv) |
826 | inlen = 0; | |
827 | else | |
828 | memset(retv, 0, inlen); | |
829 | ||
1396b610 DJ |
830 | strprint(retv, inlen, "%d", v); |
831 | ||
832 | return fulllen; | |
953fe44f | 833 | } |
f7662514 | 834 | |
885766f5 CB |
835 | int lxc_get_conf_size_t(struct lxc_conf *c, char *retv, int inlen, size_t v) |
836 | { | |
1396b610 DJ |
837 | int len; |
838 | int fulllen = 0; | |
839 | ||
885766f5 CB |
840 | if (!retv) |
841 | inlen = 0; | |
842 | else | |
843 | memset(retv, 0, inlen); | |
844 | ||
1396b610 DJ |
845 | strprint(retv, inlen, "%zu", v); |
846 | ||
847 | return fulllen; | |
885766f5 CB |
848 | } |
849 | ||
2ea479c9 CB |
850 | int lxc_get_conf_uint64(struct lxc_conf *c, char *retv, int inlen, uint64_t v) |
851 | { | |
1396b610 DJ |
852 | int len; |
853 | int fulllen = 0; | |
854 | ||
2ea479c9 CB |
855 | if (!retv) |
856 | inlen = 0; | |
857 | else | |
858 | memset(retv, 0, inlen); | |
859 | ||
1396b610 DJ |
860 | strprint(retv, inlen, "%"PRIu64, v); |
861 | ||
862 | return fulllen; | |
2ea479c9 CB |
863 | } |
864 | ||
28d9e29e CB |
865 | static int lxc_container_name_to_pid(const char *lxcname_or_pid, |
866 | const char *lxcpath) | |
867 | { | |
868 | int ret; | |
869 | signed long int pid; | |
870 | char *err = NULL; | |
871 | ||
872 | pid = strtol(lxcname_or_pid, &err, 10); | |
873 | if (*err != '\0' || pid < 1) { | |
fd47e5f1 | 874 | __put_lxc_container struct lxc_container *c = NULL; |
28d9e29e CB |
875 | |
876 | c = lxc_container_new(lxcname_or_pid, lxcpath); | |
fd47e5f1 CB |
877 | if (!c) |
878 | return log_error_errno(-EINVAL, EINVAL, "\"%s\" is not a valid pid nor a container name", lxcname_or_pid); | |
28d9e29e | 879 | |
fd47e5f1 CB |
880 | if (!c->may_control(c)) |
881 | return log_error_errno(-EPERM, EPERM, "Insufficient privileges to control container \"%s\"", c->name); | |
28d9e29e CB |
882 | |
883 | pid = c->init_pid(c); | |
fd47e5f1 CB |
884 | if (pid < 1) |
885 | return log_error_errno(-EINVAL, EINVAL, "Container \"%s\" is not running", c->name); | |
28d9e29e | 886 | |
28d9e29e CB |
887 | } |
888 | ||
889 | ret = kill(pid, 0); | |
fd47e5f1 CB |
890 | if (ret < 0) |
891 | return log_error_errno(-errno, errno, "Failed to send signal to pid %d", (int)pid); | |
28d9e29e CB |
892 | |
893 | return pid; | |
894 | } | |
895 | ||
39e6fd36 | 896 | int lxc_inherit_namespace(const char *nsfd_path, const char *lxcpath, |
28d9e29e CB |
897 | const char *namespace) |
898 | { | |
a011ec99 | 899 | __do_free char *dup = NULL; |
28d9e29e | 900 | int fd, pid; |
a011ec99 | 901 | char *lastslash; |
28d9e29e | 902 | |
39e6fd36 SH |
903 | if (nsfd_path[0] == '/') { |
904 | return open(nsfd_path, O_RDONLY | O_CLOEXEC); | |
905 | } | |
906 | ||
907 | lastslash = strrchr(nsfd_path, '/'); | |
28d9e29e | 908 | if (lastslash) { |
39e6fd36 | 909 | dup = strdup(nsfd_path); |
28d9e29e | 910 | if (!dup) |
a011ec99 | 911 | return ret_errno(ENOMEM); |
28d9e29e | 912 | |
39e6fd36 | 913 | dup[lastslash - nsfd_path] = '\0'; |
a011ec99 CB |
914 | lxcpath = lastslash + 1; |
915 | nsfd_path = lastslash + 1; | |
28d9e29e CB |
916 | } |
917 | ||
a011ec99 | 918 | pid = lxc_container_name_to_pid(nsfd_path, lxcpath); |
28d9e29e | 919 | if (pid < 0) |
a011ec99 | 920 | return pid; |
28d9e29e CB |
921 | |
922 | fd = lxc_preserve_ns(pid, namespace); | |
923 | if (fd < 0) | |
a011ec99 | 924 | return -errno; |
28d9e29e CB |
925 | |
926 | return fd; | |
927 | } | |
f6e32eb0 CB |
928 | |
929 | struct signame { | |
930 | int num; | |
931 | const char *name; | |
932 | }; | |
933 | ||
934 | static const struct signame signames[] = { | |
935 | { SIGHUP, "HUP" }, | |
936 | { SIGINT, "INT" }, | |
937 | { SIGQUIT, "QUIT" }, | |
938 | { SIGILL, "ILL" }, | |
939 | { SIGABRT, "ABRT" }, | |
940 | { SIGFPE, "FPE" }, | |
941 | { SIGKILL, "KILL" }, | |
942 | { SIGSEGV, "SEGV" }, | |
943 | { SIGPIPE, "PIPE" }, | |
944 | { SIGALRM, "ALRM" }, | |
945 | { SIGTERM, "TERM" }, | |
946 | { SIGUSR1, "USR1" }, | |
947 | { SIGUSR2, "USR2" }, | |
948 | { SIGCHLD, "CHLD" }, | |
949 | { SIGCONT, "CONT" }, | |
950 | { SIGSTOP, "STOP" }, | |
951 | { SIGTSTP, "TSTP" }, | |
952 | { SIGTTIN, "TTIN" }, | |
953 | { SIGTTOU, "TTOU" }, | |
954 | #ifdef SIGTRAP | |
955 | { SIGTRAP, "TRAP" }, | |
956 | #endif | |
957 | #ifdef SIGIOT | |
958 | { SIGIOT, "IOT" }, | |
959 | #endif | |
960 | #ifdef SIGEMT | |
961 | { SIGEMT, "EMT" }, | |
962 | #endif | |
963 | #ifdef SIGBUS | |
964 | { SIGBUS, "BUS" }, | |
965 | #endif | |
966 | #ifdef SIGSTKFLT | |
967 | { SIGSTKFLT, "STKFLT" }, | |
968 | #endif | |
969 | #ifdef SIGCLD | |
970 | { SIGCLD, "CLD" }, | |
971 | #endif | |
972 | #ifdef SIGURG | |
973 | { SIGURG, "URG" }, | |
974 | #endif | |
975 | #ifdef SIGXCPU | |
976 | { SIGXCPU, "XCPU" }, | |
977 | #endif | |
978 | #ifdef SIGXFSZ | |
979 | { SIGXFSZ, "XFSZ" }, | |
980 | #endif | |
981 | #ifdef SIGVTALRM | |
982 | { SIGVTALRM, "VTALRM" }, | |
983 | #endif | |
984 | #ifdef SIGPROF | |
985 | { SIGPROF, "PROF" }, | |
986 | #endif | |
987 | #ifdef SIGWINCH | |
988 | { SIGWINCH, "WINCH" }, | |
989 | #endif | |
990 | #ifdef SIGIO | |
991 | { SIGIO, "IO" }, | |
992 | #endif | |
993 | #ifdef SIGPOLL | |
994 | { SIGPOLL, "POLL" }, | |
995 | #endif | |
996 | #ifdef SIGINFO | |
997 | { SIGINFO, "INFO" }, | |
998 | #endif | |
999 | #ifdef SIGLOST | |
1000 | { SIGLOST, "LOST" }, | |
1001 | #endif | |
1002 | #ifdef SIGPWR | |
1003 | { SIGPWR, "PWR" }, | |
1004 | #endif | |
1005 | #ifdef SIGUNUSED | |
1006 | { SIGUNUSED, "UNUSED" }, | |
1007 | #endif | |
1008 | #ifdef SIGSYS | |
1009 | { SIGSYS, "SYS" }, | |
1010 | #endif | |
1011 | }; | |
1012 | ||
1013 | static int sig_num(const char *sig) | |
1014 | { | |
50692dc1 | 1015 | int ret; |
f6e32eb0 CB |
1016 | unsigned int signum; |
1017 | ||
50692dc1 CB |
1018 | ret = lxc_safe_uint(sig, &signum); |
1019 | if (ret < 0) | |
1020 | return ret; | |
f6e32eb0 CB |
1021 | |
1022 | return signum; | |
1023 | } | |
1024 | ||
1025 | static int rt_sig_num(const char *signame) | |
1026 | { | |
1027 | int rtmax = 0, sig_n = 0; | |
1028 | ||
29c98ddd | 1029 | if (strncasecmp(signame, "max-", 4) == 0) |
f6e32eb0 | 1030 | rtmax = 1; |
f6e32eb0 CB |
1031 | |
1032 | signame += 4; | |
1033 | if (!isdigit(*signame)) | |
2a169aec | 1034 | return ret_errno(EINVAL); |
f6e32eb0 CB |
1035 | |
1036 | sig_n = sig_num(signame); | |
1037 | sig_n = rtmax ? SIGRTMAX - sig_n : SIGRTMIN + sig_n; | |
1038 | if (sig_n > SIGRTMAX || sig_n < SIGRTMIN) | |
2a169aec | 1039 | return ret_errno(EINVAL); |
f6e32eb0 CB |
1040 | |
1041 | return sig_n; | |
1042 | } | |
1043 | ||
1044 | int sig_parse(const char *signame) | |
1045 | { | |
1046 | size_t n; | |
1047 | ||
1048 | if (isdigit(*signame)) { | |
1049 | return sig_num(signame); | |
1050 | } else if (strncasecmp(signame, "sig", 3) == 0) { | |
1051 | signame += 3; | |
1052 | if (strncasecmp(signame, "rt", 2) == 0) | |
1053 | return rt_sig_num(signame + 2); | |
29c98ddd | 1054 | |
1055 | for (n = 0; n < sizeof(signames) / sizeof((signames)[0]); n++) | |
f6e32eb0 CB |
1056 | if (strcasecmp(signames[n].name, signame) == 0) |
1057 | return signames[n].num; | |
f6e32eb0 CB |
1058 | } |
1059 | ||
546d016e | 1060 | return ret_errno(EINVAL); |
f6e32eb0 | 1061 | } |