]> git.proxmox.com Git - mirror_lxc.git/blame - src/lxc/macro.h
projects / mirror_lxc.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
lxccontainer: properly cleanup on mount injection failure
[mirror_lxc.git] / src / lxc / macro.h
CommitLineData
279c45ee
CB		 1/* liblxcapi
2 *
3 * Copyright © 2018 Christian Brauner <christian.brauner@ubuntu.com>.
4 * Copyright © 2018 Canonical Ltd.
5 *
3877934c
CB		 6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10
11 * This library is distributed in the hope that it will be useful,
279c45ee 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
3877934c
CB		 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this library; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
279c45ee
CB		 19 */
20
21#ifndef __LXC_MACRO_H
22#define __LXC_MACRO_H
23
85de58d6 24#include <asm/types.h>
b3509169 25#include <limits.h>
85de58d6
CB		 26#include <linux/if_link.h>
27#include <linux/loop.h>
28#include <linux/netlink.h>
29#include <linux/rtnetlink.h>
938980ba 30#include <linux/types.h>
245532a2 31#include <stdint.h>
2259663c 32#include <string.h>
85de58d6
CB		 33#include <sys/mount.h>
34#include <sys/socket.h>
b1234129 35#include <sys/un.h>
2955a58a 36#include <unistd.h>
85de58d6 37
b3509169
CB		 38#ifndef PATH_MAX
39#define PATH_MAX 4096
40#endif
41
279c45ee
CB		 42/* Define __S_ISTYPE if missing from the C library. */
43#ifndef __S_ISTYPE
44#define __S_ISTYPE(mode, mask) (((mode)&S_IFMT) == (mask))
45#endif
46
ba2b6354
CB		 47/* capabilities */
48#ifndef CAP_SYS_ADMIN
49#define CAP_SYS_ADMIN 21
50#endif
51
279c45ee
CB		 52#ifndef CAP_SETFCAP
53#define CAP_SETFCAP 31
54#endif
55
56#ifndef CAP_MAC_OVERRIDE
57#define CAP_MAC_OVERRIDE 32
58#endif
59
60#ifndef CAP_MAC_ADMIN
61#define CAP_MAC_ADMIN 33
62#endif
279c45ee 63
279c45ee
CB		 64#ifndef CAP_SETUID
65#define CAP_SETUID 7
66#endif
67
68#ifndef CAP_SETGID
69#define CAP_SETGID 6
70#endif
71
ba2b6354 72/* prctl */
1f207a5c
CB		 73#ifndef PR_CAPBSET_READ
74#define PR_CAPBSET_READ 23
75#endif
76
ba2b6354 77#ifndef PR_CAPBSET_DROP
604ca1c0
CB		 78#define PR_CAPBSET_DROP 24
79#endif
80
1f207a5c
CB		 81/* Control the ambient capability set */
82#ifndef PR_CAP_AMBIENT
83#define PR_CAP_AMBIENT 47
84#endif
85
86#ifndef PR_CAP_AMBIENT_IS_SET
87#define PR_CAP_AMBIENT_IS_SET 1
88#endif
89
90#ifndef PR_CAP_AMBIENT_RAISE
91#define PR_CAP_AMBIENT_RAISE 2
92#endif
93
94#ifndef PR_CAP_AMBIENT_LOWER
95#define PR_CAP_AMBIENT_LOWER 3
96#endif
97
98#ifndef PR_CAP_AMBIENT_CLEAR_ALL
99#define PR_CAP_AMBIENT_CLEAR_ALL 4
100#endif
101
ba2b6354 102#ifndef PR_SET_NO_NEW_PRIVS
604ca1c0
CB		 103#define PR_SET_NO_NEW_PRIVS 38
104#endif
105
ba2b6354 106#ifndef PR_GET_NO_NEW_PRIVS
604ca1c0
CB		 107#define PR_GET_NO_NEW_PRIVS 39
108#endif
109
ba2b6354 110/* filesystem magic values */
279c45ee
CB		 111#ifndef CGROUP_SUPER_MAGIC
112#define CGROUP_SUPER_MAGIC 0x27e0eb
113#endif
114
115#ifndef CGROUP2_SUPER_MAGIC
116#define CGROUP2_SUPER_MAGIC 0x63677270
117#endif
118
f26dc127
CB		 119#ifndef NSFS_MAGIC
120#define NSFS_MAGIC 0x6e736673
121#endif
122
ba2b6354 123/* current overlayfs */
37ef15bb
CB		 124#ifndef OVERLAY_SUPER_MAGIC
125#define OVERLAY_SUPER_MAGIC 0x794c7630
126#endif
127
ba2b6354
CB		 128/* legacy overlayfs */
129#ifndef OVERLAYFS_SUPER_MAGIC
130#define OVERLAYFS_SUPER_MAGIC 0x794c764f
131#endif
132
f246d9b8
CB		 133/* Calculate the number of chars needed to represent a given integer as a C
134 * string. Include room for '-' to indicate negative numbers and the \0 byte.
135 * This is based on systemd.
136 */
137#define INTTYPE_TO_STRLEN(type) \
138 (2 + (sizeof(type) <= 1 \
139 ? 3 \
140 : sizeof(type) <= 2 \
141 ? 5 \
142 : sizeof(type) <= 4 \
143 ? 10 \
144 : sizeof(type) <= 8 \
145 ? 20 \
146 : sizeof(int[-2 * (sizeof(type) > 8)])))
147
279c45ee 148/* Useful macros */
279c45ee
CB		 149#define LXC_LINELEN 4096
150#define LXC_IDMAPLEN 4096
151#define LXC_MAX_BUFFER 4096
b280bc38 152#define LXC_NAMESPACE_NAME_MAX 256
0c5ea884 153
279c45ee
CB		 154/* /proc/ = 6
155 * +
0c5ea884 156 * <pid-as-str> = INTTYPE_TO_STRLEN(pid_t)
279c45ee
CB		 157 * +
158 * /fd/ = 4
159 * +
0c5ea884 160 * <fd-as-str> = INTTYPE_TO_STRLEN(int)
279c45ee
CB		 161 * +
162 * \0 = 1
163 */
0c9b1f82
CB		 164#define LXC_PROC_PID_FD_LEN \
165 (6 + INTTYPE_TO_STRLEN(pid_t) + 4 + INTTYPE_TO_STRLEN(int) + 1)
166
167/* /proc/ = 6
168 * +
169 * <pid-as-str> = INTTYPE_TO_STRLEN(pid_t)
170 * +
171 * /status = 7
172 * +
173 * \0 = 1
174 */
175#define LXC_PROC_STATUS_LEN (6 + INTTYPE_TO_STRLEN(pid_t) + 7 + 1)
176
177/* /proc/ = 6
178 * +
179 * <pid-as-str> = INTTYPE_TO_STRLEN(pid_t)
180 * +
181 * /attr/ = 6
182 * +
183 * /current = 8
184 * +
185 * \0 = 1
186 */
187#define LXC_LSMATTRLEN (6 + INTTYPE_TO_STRLEN(pid_t) + 6 + 8 + 1)
0c5ea884 188
3c736187 189#define LXC_CMD_DATA_MAX (PATH_MAX * 2)
279c45ee
CB		 190
191/* loop devices */
192#ifndef LO_FLAGS_AUTOCLEAR
193#define LO_FLAGS_AUTOCLEAR 4
194#endif
195
196#ifndef LOOP_CTL_GET_FREE
197#define LOOP_CTL_GET_FREE 0x4C82
198#endif
199
200/* memfd_create() */
201#ifndef MFD_CLOEXEC
202#define MFD_CLOEXEC 0x0001U
203#endif
204
205#ifndef MFD_ALLOW_SEALING
206#define MFD_ALLOW_SEALING 0x0002U
207#endif
208
209/**
210 * BUILD_BUG_ON - break compile if a condition is true.
211 * @condition: the condition which the compiler should know is false.
212 *
213 * If you have some code which relies on certain constants being equal, or
214 * other compile-time-evaluated condition, you should use BUILD_BUG_ON to
215 * detect if someone changes it.
216 *
217 * The implementation uses gcc's reluctance to create a negative array, but
218 * gcc (as of 4.4) only emits that error for obvious cases (eg. not arguments
219 * to inline functions). So as a fallback we use the optimizer; if it can't
220 * prove the condition is false, it will cause a link error on the undefined
221 * "__build_bug_on_failed". This error message can be harder to track down
222 * though, hence the two different methods.
223 */
224#ifndef __OPTIMIZE__
ba2b6354 225#define BUILD_BUG_ON(condition) ((void)sizeof(char[1 - 2 * !!(condition)]))
279c45ee
CB		 226#else
227extern int __build_bug_on_failed;
ba2b6354
CB		 228#define BUILD_BUG_ON(condition) \
229 do { \
230 ((void)sizeof(char[1 - 2 * !!(condition)])); \
231 if (condition) \
232 __build_bug_on_failed = 1; \
233 } while (0)
279c45ee
CB		 234#endif
235
236#define lxc_iterate_parts(__iterator, __splitme, __separators) \
237 for (char *__p = NULL, *__it = strtok_r(__splitme, __separators, &__p); \
238 (__iterator = __it); \
239 __iterator = __it = strtok_r(NULL, __separators, &__p))
240
b81689a1
CB		 241#define prctl_arg(x) ((unsigned long)x)
242
4fb34c04 243/* networking */
c8ca5a43
CB		 244#ifndef NETLINK_GET_STRICT_CHK
245#define NETLINK_GET_STRICT_CHK 12
8df6fa99
CB		 246#endif
247
d38f5b17
CB		 248#ifndef SOL_NETLINK
249#define SOL_NETLINK 270
250#endif
251
4fb34c04
CB		 252#ifndef IFLA_LINKMODE
253#define IFLA_LINKMODE 17
254#endif
255
256#ifndef IFLA_LINKINFO
257#define IFLA_LINKINFO 18
258#endif
259
260#ifndef IFLA_NET_NS_PID
261#define IFLA_NET_NS_PID 19
262#endif
263
0037ab49
TP		 264#ifndef IFLA_NET_NS_FD
265#define IFLA_NET_NS_FD 28
266#endif
267
4fb34c04
CB		 268#ifndef IFLA_INFO_KIND
269#define IFLA_INFO_KIND 1
270#endif
271
272#ifndef IFLA_VLAN_ID
273#define IFLA_VLAN_ID 1
274#endif
275
276#ifndef IFLA_INFO_DATA
277#define IFLA_INFO_DATA 2
278#endif
279
280#ifndef VETH_INFO_PEER
281#define VETH_INFO_PEER 1
282#endif
283
284#ifndef IFLA_MACVLAN_MODE
285#define IFLA_MACVLAN_MODE 1
286#endif
287
c9f52382 288#ifndef IFLA_IPVLAN_MODE
289#define IFLA_IPVLAN_MODE 1
290#endif
291
292#ifndef IFLA_IPVLAN_ISOLATION
293#define IFLA_IPVLAN_ISOLATION 2
294#endif
295
4fb34c04
CB		 296#ifndef IFLA_NEW_NETNSID
297#define IFLA_NEW_NETNSID 45
298#endif
299
cc6119a0
CB		 300#ifdef IFLA_IF_NETNSID
301#ifndef IFLA_TARGET_NETNSID
302#define IFLA_TARGET_NETNSID = IFLA_IF_NETNSID
303#endif
304#else
4fb34c04 305#define IFLA_IF_NETNSID 46
cc6119a0
CB		 306#define IFLA_TARGET_NETNSID 46
307#endif
308
309#ifndef IFA_TARGET_NETNSID
310#define IFA_TARGET_NETNSID 10
4fb34c04
CB		 311#endif
312
da5efb6f
CB		 313#ifndef IFLA_STATS
314#define IFLA_STATS 7
315#endif
316
317#ifndef IFLA_STATS64
318#define IFLA_STATS64 23
319#endif
cc6119a0 320
873c6e87
CB		 321#ifndef RTM_NEWNSID
322#define RTM_NEWNSID 88
323#endif
324
938980ba
CB		 325#ifndef RTM_GETNSID
326#define RTM_GETNSID 90
327#endif
328
4e3ed0d1
CB		 329#ifndef NLMSG_ERROR
330#define NLMSG_ERROR 0x2
331#endif
332
7b15813c
CB		 333#ifndef MACVLAN_MODE_PRIVATE
334#define MACVLAN_MODE_PRIVATE 1
335#endif
336
337#ifndef MACVLAN_MODE_VEPA
338#define MACVLAN_MODE_VEPA 2
339#endif
340
341#ifndef MACVLAN_MODE_BRIDGE
342#define MACVLAN_MODE_BRIDGE 4
343#endif
344
345#ifndef MACVLAN_MODE_PASSTHRU
346#define MACVLAN_MODE_PASSTHRU 8
347#endif
348
c9f52382 349#ifndef IPVLAN_MODE_L2
350#define IPVLAN_MODE_L2 0
351#endif
352
353#ifndef IPVLAN_MODE_L3
354#define IPVLAN_MODE_L3 1
355#endif
356
357#ifndef IPVLAN_MODE_L3S
358#define IPVLAN_MODE_L3S 2
359#endif
360
361#ifndef IPVLAN_ISOLATION_BRIDGE
362#define IPVLAN_ISOLATION_BRIDGE 0
363#endif
364
365#ifndef IPVLAN_ISOLATION_PRIVATE
366#define IPVLAN_ISOLATION_PRIVATE 1
367#endif
368
369#ifndef IPVLAN_ISOLATION_VEPA
370#define IPVLAN_ISOLATION_VEPA 2
371#endif
372
cc6119a0
CB		 373/* Attributes of RTM_NEWNSID/RTM_GETNSID messages */
374enum {
375 __LXC_NETNSA_NONE,
376#define __LXC_NETNSA_NSID_NOT_ASSIGNED -1
377 __LXC_NETNSA_NSID,
378 __LXC_NETNSA_PID,
379 __LXC_NETNSA_FD,
380 __LXC_NETNSA_MAX,
381};
382
b1234129
CB		 383/* Length of abstract unix domain socket socket address. */
384#define LXC_AUDS_ADDR_LEN sizeof(((struct sockaddr_un *)0)->sun_path)
385
c881c810 386/* mount */
6e5655e0
CB		 387#ifndef MS_PRIVATE
388#define MS_PRIVATE (1<<18)
c881c810
CB		 389#endif
390
391#ifndef MS_SLAVE
392#define MS_SLAVE (1 << 19)
393#endif
394
6e5655e0
CB		 395#ifndef MS_LAZYTIME
396#define MS_LAZYTIME (1<<25)
397#endif
398
399#ifndef MS_REC
400#define MS_REC 16384
401#endif
402
37ef15bb
CB		 403/* open */
404#ifndef O_PATH
405#define O_PATH 010000000
406#endif
407
408#ifndef O_NOFOLLOW
409#define O_NOFOLLOW 00400000
410#endif
411
604ca1c0
CB		 412/* sockets */
413#ifndef SOCK_CLOEXEC
414#define SOCK_CLOEXEC 02000000
415#endif
416
245532a2
CB		 417/* pointer conversion macros */
418#define PTR_TO_INT(p) ((int)((intptr_t)(p)))
419#define INT_TO_PTR(u) ((void *)((intptr_t)(u)))
420
9234406b
CB		 421#define PTR_TO_INTMAX(p) ((intmax_t)((intptr_t)(p)))
422#define INTMAX_TO_PTR(u) ((void *)((intptr_t)(u)))
423
b962868f
CB		 424#define LXC_INVALID_UID ((uid_t)-1)
425#define LXC_INVALID_GID ((gid_t)-1)
426
36dee4a2
CB		 427#define STRLITERALLEN(x) (sizeof(""x"") - 1)
428#define STRARRAYLEN(x) (sizeof(x) - 1)
429
7c4d9466
CB		 430/* Maximum number of bytes sendfile() is able to send in one go. */
431#define LXC_SENDFILE_MAX 0x7ffff000
432
e4edf5d7
CB		 433#define move_ptr(ptr) \
434 ({ \
435 typeof(ptr) __internal_ptr__ = (ptr); \
436 (ptr) = NULL; \
437 __internal_ptr__; \
c74da4ab
CB		 438 })
439
240fecd0
CB		 440#define move_fd(fd) \
441 ({ \
442 int __internal_fd__ = (fd); \
443 (fd) = -EBADF; \
444 __internal_fd__; \
4101805b
CB		 445 })
446
cdb2a47f
CB		 447#define minus_one_set_errno(__errno__) \
448 ({ \
449 errno = __errno__; \
450 -1; \
451 })
452
279c45ee 453#endif /* __LXC_MACRO_H */
LXC mirror