]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/commands.c
projects / mirror_lxc.git / blob
? search:


d8aa5dfd52d432daaedecbdbb788a3e115e376bb
[mirror_lxc.git] / src / lxc / commands.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #ifndef _GNU_SOURCE
4 #define _GNU_SOURCE 1
5 #endif
6 #include <caps.h>
7 #include <errno.h>
8 #include <fcntl.h>
9 #include <malloc.h>
10 #include <poll.h>
11 #include <signal.h>
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <sys/param.h>
15 #include <sys/socket.h>
16 #include <sys/un.h>
17 #include <unistd.h>
18
19 #include "af_unix.h"
20 #include "cgroups/cgroup.h"
21 #include "cgroups/cgroup2_devices.h"
22 #include "commands.h"
23 #include "commands_utils.h"
24 #include "conf.h"
25 #include "config.h"
26 #include "confile.h"
27 #include "log.h"
28 #include "lxc.h"
29 #include "lxclock.h"
30 #include "lxcseccomp.h"
31 #include "mainloop.h"
32 #include "memory_utils.h"
33 #include "monitor.h"
34 #include "start.h"
35 #include "terminal.h"
36 #include "utils.h"
37
38 /*
39 * This file provides the different functions for clients to query/command the
40 * server. The client is typically some lxc tool and the server is typically the
41 * container (ie. lxc-start).
42 *
43 * Each command is transactional, the clients send a request to the server and
44 * the server answers the request with a message giving the request's status
45 * (zero or a negative errno value). Both the request and response may contain
46 * additional data.
47 *
48 * Each command is wrapped in a ancillary message in order to pass a credential
49 * making possible to the server to check if the client is allowed to ask for
50 * this command or not.
51 *
52 * IMPORTANTLY: Note that semantics for current commands are fixed. If you wish
53 * to make any changes to how, say, LXC_CMD_GET_CONFIG_ITEM works by adding
54 * information to the end of cmd.data, then you must introduce a new
55 * LXC_CMD_GET_CONFIG_ITEM_V2 define with a new number. You may wish to also
56 * mark LXC_CMD_GET_CONFIG_ITEM deprecated in commands.h.
57 *
58 * This is necessary in order to avoid having a newly compiled lxc command
59 * communicating with a running (old) monitor from crashing the running
60 * container.
61 */
62
63 lxc_log_define(commands, lxc);
64
65 static const char *lxc_cmd_str(lxc_cmd_t cmd)
66 {
67 static const char *const cmdname[LXC_CMD_MAX] = {
68 [LXC_CMD_GET_TTY_FD] = "get_tty_fd",
69 [LXC_CMD_TERMINAL_WINCH] = "terminal_winch",
70 [LXC_CMD_STOP] = "stop",
71 [LXC_CMD_GET_STATE] = "get_state",
72 [LXC_CMD_GET_INIT_PID] = "get_init_pid",
73 [LXC_CMD_GET_CLONE_FLAGS] = "get_clone_flags",
74 [LXC_CMD_GET_CGROUP] = "get_cgroup",
75 [LXC_CMD_GET_CONFIG_ITEM] = "get_config_item",
76 [LXC_CMD_GET_NAME] = "get_name",
77 [LXC_CMD_GET_LXCPATH] = "get_lxcpath",
78 [LXC_CMD_ADD_STATE_CLIENT] = "add_state_client",
79 [LXC_CMD_CONSOLE_LOG] = "console_log",
80 [LXC_CMD_SERVE_STATE_CLIENTS] = "serve_state_clients",
81 [LXC_CMD_SECCOMP_NOTIFY_ADD_LISTENER] = "seccomp_notify_add_listener",
82 [LXC_CMD_ADD_BPF_DEVICE_CGROUP] = "add_bpf_device_cgroup",
83 [LXC_CMD_FREEZE] = "freeze",
84 [LXC_CMD_UNFREEZE] = "unfreeze",
85 [LXC_CMD_GET_CGROUP2_FD] = "get_cgroup2_fd",
86 [LXC_CMD_GET_INIT_PIDFD] = "get_init_pidfd",
87 [LXC_CMD_GET_LIMIT_CGROUP] = "get_limit_cgroup",
88 [LXC_CMD_GET_LIMIT_CGROUP2_FD] = "get_limit_cgroup2_fd",
89 [LXC_CMD_GET_DEVPTS_FD] = "get_devpts_fd",
90 [LXC_CMD_GET_SECCOMP_NOTIFY_FD] = "get_seccomp_notify_fd",
91 [LXC_CMD_GET_CGROUP_CTX] = "get_cgroup_ctx",
92 [LXC_CMD_GET_CGROUP_FD] = "get_cgroup_fd",
93 [LXC_CMD_GET_LIMIT_CGROUP_FD] = "get_limit_cgroup_fd",
94 };
95
96 if (cmd >= LXC_CMD_MAX)
97 return "Invalid request";
98
99 return cmdname[cmd];
100 }
101
102 static int __transfer_cgroup_ctx_fds(struct unix_fds *fds, struct cgroup_ctx *ctx)
103 {
104 /* This shouldn't be able to happen but better safe than sorry. */
105 if (ctx->fd_len != fds->fd_count_ret ||
106 fds->fd_count_ret > CGROUP_CTX_MAX_FD)
107 return syswarn_set(-EINVAL, "Unexpected number of file descriptors received %u != %u",
108 ctx->fd_len, fds->fd_count_ret);
109
110 memcpy(ctx->fd, fds->fd, ctx->fd_len * sizeof(__s32));
111 fds->fd_count_ret = 0;
112 return 0;
113 }
114
115 static int __transfer_cgroup_fd(struct unix_fds *fds, struct cgroup_fd *fd)
116 {
117 fd->fd = move_fd(fds->fd[0]);
118 return 0;
119 }
120
121 /*
122 * lxc_cmd_rsp_recv: Receive a response to a command
123 *
124 * @sock : the socket connected to the container
125 * @cmd : command to put response in
126 *
127 * Returns the size of the response message or < 0 on failure
128 *
129 * Note that if the command response datalen > 0, then data is
130 * a malloc()ed buffer and should be free()ed by the caller. If
131 * the response data is <= a void * worth of data, it will be
132 * stored directly in data and datalen will be 0.
133 *
134 * As a special case, the response for LXC_CMD_GET_TTY_FD is created here as
135 * it contains an fd for the ptx pty passed through the unix socket.
136 */
137 static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd)
138 {
139 __do_free void *__private_ptr = NULL;
140 struct lxc_cmd_tty_rsp_data *data_console = NULL;
141 call_cleaner(put_unix_fds) struct unix_fds *fds = &(struct unix_fds){};
142 struct lxc_cmd_rsp *rsp = &cmd->rsp;
143 int cur_cmd = cmd->req.cmd, fret = 0;
144 const char *cur_cmdstr;
145 int ret;
146
147 /*
148 * Determine whether this command will receive file descriptors and how
149 * many at most.
150 */
151 cur_cmdstr = lxc_cmd_str(cur_cmd);
152 switch (cur_cmd) {
153 case LXC_CMD_GET_CGROUP_FD:
154 __fallthrough;
155 case LXC_CMD_GET_LIMIT_CGROUP_FD:
156 __fallthrough;
157 case LXC_CMD_GET_CGROUP2_FD:
158 __fallthrough;
159 case LXC_CMD_GET_LIMIT_CGROUP2_FD:
160 __fallthrough;
161 case LXC_CMD_GET_INIT_PIDFD:
162 __fallthrough;
163 case LXC_CMD_GET_SECCOMP_NOTIFY_FD:
164 __fallthrough;
165 case LXC_CMD_GET_DEVPTS_FD:
166 __fallthrough;
167 case LXC_CMD_GET_TTY_FD:
168 fds->fd_count_max = 1;
169 break;
170 case LXC_CMD_GET_CGROUP_CTX:
171 fds->fd_count_max = CGROUP_CTX_MAX_FD;
172 break;
173 default:
174 fds->fd_count_max = 0;
175 break;
176 }
177
178 /* Receive the first response including file descriptors if any. */
179 ret = lxc_abstract_unix_recv_fds(sock, fds, rsp, sizeof(*rsp));
180 if (ret < 0)
181 return syserrno(ret, "Failed to receive response for command \"%s\"", cur_cmdstr);
182
183 /*
184 * Verify that we actually received any file descriptors if the command
185 * expects to do so.
186 */
187 if (fds->fd_count_max == 0) {
188 WARN("Command \"%s\" received response", cur_cmdstr);
189 } else if (fds->fd_count_ret == 0) {
190 TRACE("Command \"%s\" received response without any of the expected %u file descriptors", cur_cmdstr, fds->fd_count_max);
191 fret = -EBADF;
192 } else {
193 TRACE("Command \"%s\" received response with %u of %u expected file descriptors", cur_cmdstr, fds->fd_count_ret, fds->fd_count_max);
194 }
195
196 /*
197 * Ensure that no excessive data is sent unless someone retrieves the
198 * console ringbuffer.
199 */
200 if ((rsp->datalen > LXC_CMD_DATA_MAX) &&
201 (cur_cmd != LXC_CMD_CONSOLE_LOG))
202 return syserrno_set(fret ?: -E2BIG, "Response data for command \"%s\" is too long: %d bytes > %d",
203 cur_cmdstr, rsp->datalen, LXC_CMD_DATA_MAX);
204
205 /*
206 * Prepare buffer for any command that expects to receive additional
207 * data. Note that some don't want any additional data.
208 */
209 switch (cur_cmd) {
210 case LXC_CMD_GET_CGROUP2_FD: /* no data */
211 __fallthrough;
212 case LXC_CMD_GET_LIMIT_CGROUP2_FD: /* no data */
213 __fallthrough;
214 case LXC_CMD_GET_INIT_PIDFD: /* no data */
215 __fallthrough;
216 case LXC_CMD_GET_DEVPTS_FD: /* no data */
217 __fallthrough;
218 case LXC_CMD_GET_SECCOMP_NOTIFY_FD: /* no data */
219 if (!fret)
220 rsp->data = INT_TO_PTR(move_fd(fds->fd[0]));
221
222 /* Return for any command that doesn't expect additional data. */
223 return log_debug(fret ?: ret, "Finished processing \"%s\" with file descriptor %d", cur_cmdstr, PTR_TO_INT(rsp->data));
224 case LXC_CMD_GET_CGROUP_FD: /* data */
225 __fallthrough;
226 case LXC_CMD_GET_LIMIT_CGROUP_FD: /* data */
227 if (rsp->datalen > sizeof(struct cgroup_fd))
228 return syserrno_set(fret ?: -EINVAL, "Invalid response size from server for \"%s\"", cur_cmdstr);
229
230 /* Don't pointlessly allocate. */
231 rsp->data = (void *)cmd->req.data;
232 break;
233 case LXC_CMD_GET_CGROUP_CTX: /* data */
234 if (rsp->datalen > sizeof(struct cgroup_ctx))
235 return syserrno_set(fret ?: -EINVAL, "Invalid response size from server for \"%s\"", cur_cmdstr);
236
237 /* Don't pointlessly allocate. */
238 rsp->data = (void *)cmd->req.data;
239 break;
240 case LXC_CMD_GET_TTY_FD: /* data */
241 /*
242 * recv() returns 0 bytes when a tty cannot be allocated,
243 * rsp->ret is < 0 when the peer permission check failed
244 */
245 if (ret == 0 || rsp->ret < 0)
246 return 0;
247
248 __private_ptr = malloc(sizeof(struct lxc_cmd_tty_rsp_data));
249 if (!__private_ptr)
250 return syserrno_set(fret ?: -ENOMEM, "Failed to receive response for command \"%s\"", cur_cmdstr);
251 data_console = (struct lxc_cmd_tty_rsp_data *)__private_ptr;
252 data_console->ptxfd = move_fd(fds->fd[0]);
253 data_console->ttynum = PTR_TO_INT(rsp->data);
254
255 rsp->datalen = 0;
256 rsp->data = data_console;
257 break;
258 case LXC_CMD_CONSOLE_LOG: /* data */
259 __private_ptr = zalloc(rsp->datalen + 1);
260 rsp->data = __private_ptr;
261 break;
262 default: /* catch any additional command */
263 if (rsp->datalen > 0) {
264 __private_ptr = zalloc(rsp->datalen);
265 rsp->data = __private_ptr;
266 }
267 break;
268 }
269
270 if (rsp->datalen == 0) {
271 DEBUG("Command \"%s\" requested no additional data", cur_cmdstr);
272 /*
273 * Note that LXC_CMD_GET_TTY_FD historically allocates memory
274 * to return info to the caller. That's why we jump to no_data
275 * so we ensure that the allocated data is wiped if we return
276 * early here.
277 */
278 goto no_data;
279 }
280
281 /*
282 * All commands ending up here expect data so rsp->data must be valid.
283 * Either static or allocated memory.
284 */
285 if (!rsp->data)
286 return syserrno_set(fret ?: -ENOMEM, "Failed to prepare response buffer for command \"%s\"", cur_cmdstr);
287
288 ret = lxc_recv_nointr(sock, rsp->data, rsp->datalen, 0);
289 if (ret != rsp->datalen)
290 return syserrno(-errno, "Failed to receive response data for command \"%s\": %d != %d", cur_cmdstr, ret, rsp->datalen);
291
292 switch (cur_cmd) {
293 case LXC_CMD_GET_CGROUP_CTX:
294 if (!fret)
295 ret = __transfer_cgroup_ctx_fds(fds, rsp->data);
296 /* Make sure any received fds are wiped by us. */
297 break;
298 case LXC_CMD_GET_CGROUP_FD:
299 __fallthrough;
300 case LXC_CMD_GET_LIMIT_CGROUP_FD:
301 if (!fret)
302 ret = __transfer_cgroup_fd(fds, rsp->data);
303 /* Make sure any received fds are wiped by us. */
304 break;
305 }
306
307 no_data:
308 if (!fret && ret >= 0)
309 move_ptr(__private_ptr);
310
311 return fret ?: ret;
312 }
313
314 /*
315 * lxc_cmd_rsp_send: Send a command response
316 *
317 * @fd : file descriptor of socket to send response on
318 * @rsp : response to send
319 *
320 * Returns 0 on success, < 0 on failure
321 */
322 static int __lxc_cmd_rsp_send(int fd, struct lxc_cmd_rsp *rsp)
323 {
324 ssize_t ret;
325
326 ret = lxc_send_nointr(fd, rsp, sizeof(*rsp), MSG_NOSIGNAL);
327 if (ret < 0 || (size_t)ret != sizeof(*rsp))
328 return syserrno(-errno, "Failed to send command response %zd", ret);
329
330 if (!rsp->data || rsp->datalen <= 0)
331 return 0;
332
333 ret = lxc_send_nointr(fd, rsp->data, rsp->datalen, MSG_NOSIGNAL);
334 if (ret < 0 || ret != (ssize_t)rsp->datalen)
335 return syswarn(-errno, "Failed to send command response %zd", ret);
336
337 return 0;
338 }
339
340 static inline int lxc_cmd_rsp_send_reap(int fd, struct lxc_cmd_rsp *rsp)
341 {
342 int ret;
343
344 ret = __lxc_cmd_rsp_send(fd, rsp);
345 if (ret < 0)
346 return ret;
347
348 return LXC_CMD_REAP_CLIENT_FD;
349 }
350
351 static inline int lxc_cmd_rsp_send_keep(int fd, struct lxc_cmd_rsp *rsp)
352 {
353 int ret;
354
355 ret = __lxc_cmd_rsp_send(fd, rsp);
356 if (ret < 0)
357 return ret;
358
359 return 0;
360 }
361
362 static inline int rsp_one_fd(int fd, int fd_send, struct lxc_cmd_rsp *rsp)
363 {
364 ssize_t ret;
365
366 ret = lxc_abstract_unix_send_fds(fd, &fd_send, 1, rsp, sizeof(*rsp));
367 if (ret < 0)
368 return ret;
369
370 if (rsp->data && rsp->datalen > 0) {
371 ret = lxc_send_nointr(fd, rsp->data, rsp->datalen, MSG_NOSIGNAL);
372 if (ret < 0 || ret != (ssize_t)rsp->datalen)
373 return syswarn(-errno, "Failed to send command response %zd", ret);
374 }
375
376 return LXC_CMD_REAP_CLIENT_FD;
377 }
378
379 __access_r(3, 2) static int rsp_many_fds(int fd, __u32 fds_len,
380 const __s32 fds[static 2],
381 struct lxc_cmd_rsp *rsp)
382 {
383 ssize_t ret;
384
385 if (fds_len > KERNEL_SCM_MAX_FD) {
386 rsp->ret = -E2BIG;
387 return lxc_cmd_rsp_send_reap(fd, rsp);
388 } else if (fds_len == 0) {
389 rsp->ret = -ENOENT;
390 return lxc_cmd_rsp_send_reap(fd, rsp);
391 }
392
393 ret = lxc_abstract_unix_send_fds(fd, fds, fds_len, rsp, sizeof(*rsp));
394 if (ret < 0)
395 return ret;
396
397 if (rsp->data && rsp->datalen > 0) {
398 ret = lxc_send_nointr(fd, rsp->data, rsp->datalen, MSG_NOSIGNAL);
399 if (ret < 0 || ret != (ssize_t)rsp->datalen)
400 return syswarn(-errno, "Failed to send command response %zd", ret);
401 }
402
403 return LXC_CMD_REAP_CLIENT_FD;
404 }
405
406 static int lxc_cmd_send(const char *name, struct lxc_cmd_rr *cmd,
407 const char *lxcpath, const char *hashed_sock_name)
408 {
409 __do_close int client_fd = -EBADF;
410 ssize_t ret = -1;
411
412 client_fd = lxc_cmd_connect(name, lxcpath, hashed_sock_name, "command");
413 if (client_fd < 0)
414 return -1;
415
416 ret = lxc_abstract_unix_send_credential(client_fd, &cmd->req,
417 sizeof(cmd->req));
418 if (ret < 0 || (size_t)ret != sizeof(cmd->req))
419 return -1;
420
421 if (cmd->req.cmd == LXC_CMD_SECCOMP_NOTIFY_ADD_LISTENER) {
422 int notify_fd = PTR_TO_INT(cmd->req.data);
423 ret = lxc_abstract_unix_send_fds(client_fd, &notify_fd, 1, NULL, 0);
424 if (ret <= 0)
425 return -1;
426 } else {
427 if (cmd->req.datalen <= 0)
428 return move_fd(client_fd);
429
430 errno = EMSGSIZE;
431 ret = lxc_send_nointr(client_fd, (void *)cmd->req.data,
432 cmd->req.datalen, MSG_NOSIGNAL);
433 if (ret < 0 || ret != (ssize_t)cmd->req.datalen)
434 return -1;
435 }
436
437 return move_fd(client_fd);
438 }
439
440 /*
441 * lxc_cmd: Connect to the specified running container, send it a command
442 * request and collect the response
443 *
444 * @name : name of container to connect to
445 * @cmd : command with initialized request to send
446 * @stopped : output indicator if the container was not running
447 * @lxcpath : the lxcpath in which the container is running
448 *
449 * Returns the size of the response message on success, < 0 on failure
450 *
451 * Note that there is a special case for LXC_CMD_GET_TTY_FD. For this command
452 * the fd cannot be closed because it is used as a placeholder to indicate that
453 * a particular tty slot is in use. The fd is also used as a signal to the
454 * container that when the caller dies or closes the fd, the container will
455 * notice the fd on its side of the socket in its mainloop select and then free
456 * the slot with lxc_cmd_fd_cleanup(). The socket fd will be returned in the
457 * cmd response structure.
458 */
459 static int lxc_cmd(const char *name, struct lxc_cmd_rr *cmd, bool *stopped,
460 const char *lxcpath, const char *hashed_sock_name)
461 {
462 __do_close int client_fd = -EBADF;
463 int ret = -1;
464 bool stay_connected = false;
465
466 if (cmd->req.cmd == LXC_CMD_GET_TTY_FD ||
467 cmd->req.cmd == LXC_CMD_ADD_STATE_CLIENT)
468 stay_connected = true;
469
470 *stopped = 0;
471
472 client_fd = lxc_cmd_send(name, cmd, lxcpath, hashed_sock_name);
473 if (client_fd < 0) {
474 if (IN_SET(errno, ECONNREFUSED, EPIPE))
475 *stopped = 1;
476
477 return log_trace_errno(-1, errno, "Command \"%s\" failed to connect command socket",
478 lxc_cmd_str(cmd->req.cmd));
479 }
480
481 ret = lxc_cmd_rsp_recv(client_fd, cmd);
482 if (ret < 0 && errno == ECONNRESET)
483 *stopped = 1;
484
485 TRACE("Opened new command socket connection fd %d for command \"%s\"",
486 client_fd, lxc_cmd_str(cmd->req.cmd));
487
488 if (stay_connected && ret > 0)
489 cmd->rsp.ret = move_fd(client_fd);
490
491 return ret;
492 }
493
494 int lxc_try_cmd(const char *name, const char *lxcpath)
495 {
496 bool stopped = false;
497 int ret;
498 struct lxc_cmd_rr cmd;
499
500 lxc_cmd_init(&cmd, LXC_CMD_GET_INIT_PID);
501
502 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
503 if (stopped)
504 return 0;
505 if (ret > 0 && cmd.rsp.ret < 0) {
506 errno = cmd.rsp.ret;
507 return -1;
508 }
509 if (ret > 0)
510 return 0;
511
512 /*
513 * At this point we weren't denied access, and the container *was*
514 * started. There was some inexplicable error in the protocol. I'm not
515 * clear on whether we should return -1 here, but we didn't receive a
516 * -EACCES, so technically it's not that we're not allowed to control
517 * the container - it's just not behaving.
518 */
519 return 0;
520 }
521
522 /*
523 * Validate that the input is a proper string parameter. If not,
524 * send an EINVAL response and return -1.
525 *
526 * Precondition: there is non-zero-length data available.
527 */
528 static int validate_string_request(int fd, const struct lxc_cmd_req *req)
529 {
530 size_t maxlen = req->datalen - 1;
531 const char *data = req->data;
532
533 if (data[maxlen] == 0 && strnlen(data, maxlen) == maxlen)
534 return 0;
535
536 struct lxc_cmd_rsp rsp = {
537 .ret = -EINVAL,
538 .datalen = 0,
539 .data = NULL,
540 };
541
542 return lxc_cmd_rsp_send_reap(fd, &rsp);
543 }
544
545 /* Implementations of the commands and their callbacks */
546
547 /*
548 * lxc_cmd_get_init_pid: Get pid of the container's init process
549 *
550 * @name : name of container to connect to
551 * @lxcpath : the lxcpath in which the container is running
552 *
553 * Returns the pid on success, < 0 on failure
554 */
555 pid_t lxc_cmd_get_init_pid(const char *name, const char *lxcpath)
556 {
557 bool stopped = false;
558 int ret;
559 pid_t pid;
560 struct lxc_cmd_rr cmd;
561
562 lxc_cmd_init(&cmd, LXC_CMD_GET_INIT_PID);
563
564 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
565 if (ret < 0)
566 return -1;
567
568 pid = PTR_TO_PID(cmd.rsp.data);
569 if (pid < 0)
570 return -1;
571
572 /*
573 * We need to assume that pid_t can actually hold any pid given to us
574 * by the kernel. If it can't it's a libc bug.
575 */
576 return (pid_t)pid;
577 }
578
579 static int lxc_cmd_get_init_pid_callback(int fd, struct lxc_cmd_req *req,
580 struct lxc_handler *handler,
581 struct lxc_epoll_descr *descr)
582 {
583 struct lxc_cmd_rsp rsp = {
584 .data = PID_TO_PTR(handler->pid),
585 };
586
587 return lxc_cmd_rsp_send_reap(fd, &rsp);
588 }
589
590 int lxc_cmd_get_init_pidfd(const char *name, const char *lxcpath)
591 {
592 bool stopped = false;
593 int pidfd, ret;
594 struct lxc_cmd_rr cmd;
595
596 lxc_cmd_init(&cmd, LXC_CMD_GET_INIT_PIDFD);
597
598 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
599 if (ret < 0)
600 return log_debug_errno(-1, errno, "Failed to process init pidfd command");
601
602 if (cmd.rsp.ret < 0)
603 return syserrno_set(cmd.rsp.ret, "Failed to receive init pidfd");
604
605 pidfd = PTR_TO_INT(cmd.rsp.data);
606 if (pidfd < 0)
607 return syserrno_set(pidfd, "Failed to receive init pidfd");
608
609 return pidfd;
610 }
611
612 static int lxc_cmd_get_init_pidfd_callback(int fd, struct lxc_cmd_req *req,
613 struct lxc_handler *handler,
614 struct lxc_epoll_descr *descr)
615 {
616 struct lxc_cmd_rsp rsp = {
617 .ret = -EBADF,
618 };
619
620 if (handler->pidfd < 0)
621 return lxc_cmd_rsp_send_reap(fd, &rsp);
622
623 rsp.ret = 0;
624 return rsp_one_fd(fd, handler->pidfd, &rsp);
625 }
626
627 int lxc_cmd_get_devpts_fd(const char *name, const char *lxcpath)
628 {
629 bool stopped = false;
630 int ret;
631 struct lxc_cmd_rr cmd;
632
633 lxc_cmd_init(&cmd, LXC_CMD_GET_DEVPTS_FD);
634
635 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
636 if (ret < 0)
637 return log_debug_errno(-1, errno, "Failed to process devpts fd command");
638
639 if (cmd.rsp.ret < 0)
640 return log_debug_errno(-EBADF, errno, "Failed to receive devpts fd");
641
642 return PTR_TO_INT(cmd.rsp.data);
643 }
644
645 static int lxc_cmd_get_devpts_fd_callback(int fd, struct lxc_cmd_req *req,
646 struct lxc_handler *handler,
647 struct lxc_epoll_descr *descr)
648 {
649 struct lxc_cmd_rsp rsp = {
650 .ret = -EBADF,
651 };
652
653 if (!handler->conf || handler->conf->devpts_fd < 0)
654 return lxc_cmd_rsp_send_reap(fd, &rsp);
655
656 rsp.ret = 0;
657 return rsp_one_fd(fd, handler->conf->devpts_fd, &rsp);
658 }
659
660 int lxc_cmd_get_seccomp_notify_fd(const char *name, const char *lxcpath)
661 {
662 #ifdef HAVE_SECCOMP_NOTIFY
663 bool stopped = false;
664 int ret;
665 struct lxc_cmd_rr cmd;
666
667 lxc_cmd_init(&cmd, LXC_CMD_GET_SECCOMP_NOTIFY_FD);
668
669 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
670 if (ret < 0)
671 return log_debug_errno(-1, errno, "Failed to process seccomp notify fd command");
672
673 if (cmd.rsp.ret < 0)
674 return log_debug_errno(-EBADF, errno, "Failed to receive seccomp notify fd");
675
676 return PTR_TO_INT(cmd.rsp.data);
677 #else
678 return ret_errno(EOPNOTSUPP);
679 #endif
680 }
681
682 static int lxc_cmd_get_seccomp_notify_fd_callback(int fd, struct lxc_cmd_req *req,
683 struct lxc_handler *handler,
684 struct lxc_epoll_descr *descr)
685 {
686 #ifdef HAVE_SECCOMP_NOTIFY
687 struct lxc_cmd_rsp rsp = {
688 .ret = -EBADF,
689 };
690
691 if (!handler->conf || handler->conf->seccomp.notifier.notify_fd < 0)
692 return lxc_cmd_rsp_send_reap(fd, &rsp);
693
694 rsp.ret = 0;
695 return rsp_one_fd(fd, handler->conf->seccomp.notifier.notify_fd, &rsp);
696 #else
697 return syserrno_set(-EOPNOTSUPP, "Seccomp notifier not supported");
698 #endif
699 }
700
701 int lxc_cmd_get_cgroup_ctx(const char *name, const char *lxcpath,
702 size_t size_ret_ctx, struct cgroup_ctx *ret_ctx)
703 {
704 bool stopped = false;
705 int ret;
706 struct lxc_cmd_rr cmd;
707
708 lxc_cmd_init(&cmd, LXC_CMD_GET_CGROUP_CTX);
709 lxc_cmd_data(&cmd, size_ret_ctx, ret_ctx);
710
711 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
712 if (ret < 0)
713 return log_debug_errno(-1, errno, "Failed to process cgroup context command");
714
715 if (cmd.rsp.ret < 0)
716 return log_debug_errno(-EBADF, errno, "Failed to receive cgroup fds");
717
718 return 0;
719 }
720
721 static int lxc_cmd_get_cgroup_ctx_callback(int fd, struct lxc_cmd_req *req,
722 struct lxc_handler *handler,
723 struct lxc_epoll_descr *descr)
724 {
725 struct lxc_cmd_rsp rsp = {
726 .ret = EINVAL,
727 };
728 struct cgroup_ops *cgroup_ops = handler->cgroup_ops;
729 struct cgroup_ctx ctx_server = {};
730 int ret;
731
732 ret = copy_struct_from_client(sizeof(struct cgroup_ctx), &ctx_server,
733 req->datalen, req->data);
734 if (ret < 0)
735 return lxc_cmd_rsp_send_reap(fd, &rsp);
736
737 ret = prepare_cgroup_ctx(cgroup_ops, &ctx_server);
738 if (ret < 0) {
739 rsp.ret = ret;
740 return lxc_cmd_rsp_send_reap(fd, &rsp);
741 }
742
743 rsp.ret = 0;
744 rsp.data = &ctx_server;
745 rsp.datalen = min(sizeof(struct cgroup_ctx), (size_t)req->datalen);
746 return rsp_many_fds(fd, ctx_server.fd_len, ctx_server.fd, &rsp);
747 }
748
749 /*
750 * lxc_cmd_get_clone_flags: Get clone flags container was spawned with
751 *
752 * @name : name of container to connect to
753 * @lxcpath : the lxcpath in which the container is running
754 *
755 * Returns the clone flags on success, < 0 on failure
756 */
757 int lxc_cmd_get_clone_flags(const char *name, const char *lxcpath)
758 {
759 bool stopped = false;
760 int ret;
761 struct lxc_cmd_rr cmd;
762
763 lxc_cmd_init(&cmd, LXC_CMD_GET_CLONE_FLAGS);
764
765 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
766 if (ret < 0)
767 return ret;
768
769 return PTR_TO_INT(cmd.rsp.data);
770 }
771
772 static int lxc_cmd_get_clone_flags_callback(int fd, struct lxc_cmd_req *req,
773 struct lxc_handler *handler,
774 struct lxc_epoll_descr *descr)
775 {
776 struct lxc_cmd_rsp rsp = {
777 .data = INT_TO_PTR(handler->ns_clone_flags),
778 };
779
780 return lxc_cmd_rsp_send_reap(fd, &rsp);
781 }
782
783 static char *lxc_cmd_get_cgroup_path_do(const char *name, const char *lxcpath,
784 const char *controller,
785 lxc_cmd_t command)
786 {
787 bool stopped = false;
788 int ret;
789 struct lxc_cmd_rr cmd;
790
791 lxc_cmd_init(&cmd, command);
792 if (controller)
793 lxc_cmd_data(&cmd, strlen(controller) + 1, controller);
794
795 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
796 if (ret < 0)
797 return NULL;
798
799 if (ret == 0) {
800 if (command == LXC_CMD_GET_LIMIT_CGROUP) {
801 /*
802 * This may indicate that the container was started
803 * under an ealier version before
804 * `cgroup_advanced_isolation` as implemented, there
805 * it sees an unknown command and just closes the
806 * socket, sending us an EOF.
807 */
808 return lxc_cmd_get_cgroup_path_do(name, lxcpath,
809 controller,
810 LXC_CMD_GET_CGROUP);
811 }
812 return NULL;
813 }
814
815 if (cmd.rsp.ret < 0 || cmd.rsp.datalen < 0)
816 return NULL;
817
818 return cmd.rsp.data;
819 }
820
821 /*
822 * lxc_cmd_get_cgroup_path: Calculate a container's cgroup path for a
823 * particular controller. This is the cgroup path relative to the root
824 * of the cgroup filesystem.
825 *
826 * @name : name of container to connect to
827 * @lxcpath : the lxcpath in which the container is running
828 * @controller : the controller being asked about
829 *
830 * Returns the path on success, NULL on failure. The caller must free() the
831 * returned path.
832 */
833 char *lxc_cmd_get_cgroup_path(const char *name, const char *lxcpath,
834 const char *controller)
835 {
836 return lxc_cmd_get_cgroup_path_do(name, lxcpath, controller,
837 LXC_CMD_GET_CGROUP);
838 }
839
840 /*
841 * lxc_cmd_get_limit_cgroup_path: Calculate a container's limit cgroup
842 * path for a particular controller. This is the cgroup path relative to the
843 * root of the cgroup filesystem. This may be the same as the path returned by
844 * lxc_cmd_get_cgroup_path if the container doesn't have a limit path prefix
845 * set.
846 *
847 * @name : name of container to connect to
848 * @lxcpath : the lxcpath in which the container is running
849 * @controller : the controller being asked about
850 *
851 * Returns the path on success, NULL on failure. The caller must free() the
852 * returned path.
853 */
854 char *lxc_cmd_get_limit_cgroup_path(const char *name, const char *lxcpath,
855 const char *controller)
856 {
857 return lxc_cmd_get_cgroup_path_do(name, lxcpath, controller,
858 LXC_CMD_GET_LIMIT_CGROUP);
859 }
860
861 static int lxc_cmd_get_cgroup_callback_do(int fd, struct lxc_cmd_req *req,
862 struct lxc_handler *handler,
863 struct lxc_epoll_descr *descr,
864 bool limiting_cgroup)
865 {
866 int ret;
867 const char *path;
868 const void *reqdata;
869 struct lxc_cmd_rsp rsp;
870 struct cgroup_ops *cgroup_ops = handler->cgroup_ops;
871 const char *(*get_fn)(struct cgroup_ops *ops, const char *controller);
872
873 if (req->datalen > 0) {
874 ret = validate_string_request(fd, req);
875 if (ret != 0)
876 return ret;
877 reqdata = req->data;
878 } else {
879 reqdata = NULL;
880 }
881
882 get_fn = (limiting_cgroup ? cgroup_ops->get_limit_cgroup
883 : cgroup_ops->get_cgroup);
884
885 path = get_fn(cgroup_ops, reqdata);
886
887 if (!path)
888 return -1;
889
890 rsp.ret = 0;
891 rsp.datalen = strlen(path) + 1;
892 rsp.data = (char *)path;
893
894 return lxc_cmd_rsp_send_reap(fd, &rsp);
895 }
896
897 static int lxc_cmd_get_cgroup_callback(int fd, struct lxc_cmd_req *req,
898 struct lxc_handler *handler,
899 struct lxc_epoll_descr *descr)
900 {
901 return lxc_cmd_get_cgroup_callback_do(fd, req, handler, descr, false);
902 }
903
904 static int lxc_cmd_get_limit_cgroup_callback(int fd, struct lxc_cmd_req *req,
905 struct lxc_handler *handler,
906 struct lxc_epoll_descr *descr)
907 {
908 return lxc_cmd_get_cgroup_callback_do(fd, req, handler, descr, true);
909 }
910
911 /*
912 * lxc_cmd_get_config_item: Get config item the running container
913 *
914 * @name : name of container to connect to
915 * @item : the configuration item to retrieve (ex: lxc.net.0.veth.pair)
916 * @lxcpath : the lxcpath in which the container is running
917 *
918 * Returns the item on success, NULL on failure. The caller must free() the
919 * returned item.
920 */
921 char *lxc_cmd_get_config_item(const char *name, const char *item,
922 const char *lxcpath)
923 {
924 bool stopped = false;
925 int ret;
926 struct lxc_cmd_rr cmd;
927
928 if (is_empty_string(item))
929 return NULL;
930
931 lxc_cmd_init(&cmd, LXC_CMD_GET_CONFIG_ITEM);
932 lxc_cmd_data(&cmd, strlen(item) + 1, item);
933
934 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
935 if (ret < 0)
936 return NULL;
937
938 if (cmd.rsp.ret == 0)
939 return cmd.rsp.data;
940
941 return NULL;
942 }
943
944 static int lxc_cmd_get_config_item_callback(int fd, struct lxc_cmd_req *req,
945 struct lxc_handler *handler,
946 struct lxc_epoll_descr *descr)
947 {
948 __do_free char *cidata = NULL;
949 int cilen;
950 struct lxc_config_t *item;
951 struct lxc_cmd_rsp rsp;
952
953 memset(&rsp, 0, sizeof(rsp));
954 item = lxc_get_config(req->data);
955 if (!item)
956 goto err1;
957
958 cilen = item->get(req->data, NULL, 0, handler->conf, NULL);
959 if (cilen <= 0)
960 goto err1;
961
962 cidata = must_realloc(NULL, cilen + 1);
963 if (item->get(req->data, cidata, cilen + 1, handler->conf, NULL) != cilen)
964 goto err1;
965
966 cidata[cilen] = '\0';
967 rsp.data = cidata;
968 rsp.datalen = cilen + 1;
969 rsp.ret = 0;
970 goto out;
971
972 err1:
973 rsp.ret = -1;
974 out:
975 return lxc_cmd_rsp_send_reap(fd, &rsp);
976 }
977
978 /*
979 * lxc_cmd_get_state: Get current state of the container
980 *
981 * @name : name of container to connect to
982 * @lxcpath : the lxcpath in which the container is running
983 *
984 * Returns the state on success, < 0 on failure
985 */
986 int lxc_cmd_get_state(const char *name, const char *lxcpath)
987 {
988 bool stopped = false;
989 int ret;
990 struct lxc_cmd_rr cmd;
991
992 lxc_cmd_init(&cmd, LXC_CMD_GET_STATE);
993
994 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
995 if (ret < 0 && stopped)
996 return STOPPED;
997
998 if (ret < 0)
999 return -1;
1000
1001 if (!ret)
1002 return log_warn(-1, "Container \"%s\" has stopped before sending its state", name);
1003
1004 return log_debug(PTR_TO_INT(cmd.rsp.data),
1005 "Container \"%s\" is in \"%s\" state", name,
1006 lxc_state2str(PTR_TO_INT(cmd.rsp.data)));
1007 }
1008
1009 static int lxc_cmd_get_state_callback(int fd, struct lxc_cmd_req *req,
1010 struct lxc_handler *handler,
1011 struct lxc_epoll_descr *descr)
1012 {
1013 struct lxc_cmd_rsp rsp = {
1014 .data = INT_TO_PTR(handler->state),
1015 };
1016
1017 return lxc_cmd_rsp_send_reap(fd, &rsp);
1018 }
1019
1020 /*
1021 * lxc_cmd_stop: Stop the container previously started with lxc_start. All
1022 * the processes running inside this container will be killed.
1023 *
1024 * @name : name of container to connect to
1025 * @lxcpath : the lxcpath in which the container is running
1026 *
1027 * Returns 0 on success, < 0 on failure
1028 */
1029 int lxc_cmd_stop(const char *name, const char *lxcpath)
1030 {
1031 bool stopped = false;
1032 int ret;
1033 struct lxc_cmd_rr cmd;
1034
1035 lxc_cmd_init(&cmd, LXC_CMD_STOP);
1036
1037 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1038 if (ret < 0) {
1039 if (stopped)
1040 return log_info(0, "Container \"%s\" is already stopped", name);
1041
1042 return -1;
1043 }
1044
1045 /* We do not expect any answer, because we wait for the connection to be
1046 * closed.
1047 */
1048 if (ret > 0)
1049 return log_error_errno(-1, -cmd.rsp.ret, "Failed to stop container \"%s\"", name);
1050
1051 return log_info(0, "Container \"%s\" has stopped", name);
1052 }
1053
1054 static int lxc_cmd_stop_callback(int fd, struct lxc_cmd_req *req,
1055 struct lxc_handler *handler,
1056 struct lxc_epoll_descr *descr)
1057 {
1058 struct lxc_cmd_rsp rsp;
1059 int stopsignal = SIGKILL;
1060 struct cgroup_ops *cgroup_ops = handler->cgroup_ops;
1061 int ret;
1062
1063 if (handler->conf->stopsignal)
1064 stopsignal = handler->conf->stopsignal;
1065 memset(&rsp, 0, sizeof(rsp));
1066
1067 if (handler->pidfd >= 0)
1068 rsp.ret = lxc_raw_pidfd_send_signal(handler->pidfd, stopsignal, NULL, 0);
1069 else
1070 rsp.ret = kill(handler->pid, stopsignal);
1071 if (!rsp.ret) {
1072 if (handler->pidfd >= 0)
1073 TRACE("Sent signal %d to pidfd %d", stopsignal, handler->pidfd);
1074 else
1075 TRACE("Sent signal %d to pidfd %d", stopsignal, handler->pid);
1076
1077 if (pure_unified_layout(cgroup_ops))
1078 ret = __cgroup_unfreeze(cgroup_ops->unified->dfd_lim, -1);
1079 else
1080 ret = cgroup_ops->unfreeze(cgroup_ops, -1);
1081 if (ret)
1082 WARN("Failed to unfreeze container \"%s\"", handler->name);
1083
1084 return 0;
1085 } else {
1086 rsp.ret = -errno;
1087 }
1088
1089 return lxc_cmd_rsp_send_reap(fd, &rsp);
1090 }
1091
1092 /*
1093 * lxc_cmd_terminal_winch: noop
1094 *
1095 * @name : name of container to connect to
1096 * @lxcpath : the lxcpath in which the container is running
1097 *
1098 * Returns 0 on success, < 0 on failure
1099 */
1100 int lxc_cmd_terminal_winch(const char *name, const char *lxcpath)
1101 {
1102 return 0;
1103 }
1104
1105 static int lxc_cmd_terminal_winch_callback(int fd, struct lxc_cmd_req *req,
1106 struct lxc_handler *handler,
1107 struct lxc_epoll_descr *descr)
1108 {
1109 /* should never be called */
1110 return log_error_errno(-1, ENOSYS, "Called lxc_cmd_terminal_winch_callback()");
1111 }
1112
1113 /*
1114 * lxc_cmd_get_tty_fd: Open an fd to a tty in the container
1115 *
1116 * @name : name of container to connect to
1117 * @ttynum : in: the tty to open or -1 for next available
1118 * : out: the tty allocated
1119 * @fd : out: file descriptor for ptx side of pty
1120 * @lxcpath : the lxcpath in which the container is running
1121 *
1122 * Returns fd holding tty allocated on success, < 0 on failure
1123 */
1124 int lxc_cmd_get_tty_fd(const char *name, int *ttynum, int *fd, const char *lxcpath)
1125 {
1126 __do_free struct lxc_cmd_tty_rsp_data *rspdata = NULL;
1127 bool stopped = false;
1128 int ret;
1129 struct lxc_cmd_rr cmd;
1130
1131 lxc_cmd_init(&cmd, LXC_CMD_GET_TTY_FD);
1132 lxc_cmd_data(&cmd, ENCODE_INTO_PTR_LEN, INT_TO_PTR(*ttynum));
1133
1134 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1135 if (ret < 0)
1136 return ret;
1137
1138 rspdata = cmd.rsp.data;
1139 if (cmd.rsp.ret < 0)
1140 return log_error_errno(-1, -cmd.rsp.ret, "Denied access to tty");
1141
1142 if (ret == 0)
1143 return log_error(-1, "tty number %d invalid, busy or all ttys busy", *ttynum);
1144
1145 if (rspdata->ptxfd < 0)
1146 return log_error(-1, "Unable to allocate fd for tty %d", rspdata->ttynum);
1147
1148 ret = cmd.rsp.ret; /* socket fd */
1149 *fd = rspdata->ptxfd;
1150 *ttynum = rspdata->ttynum;
1151
1152 return log_info(ret, "Alloced fd %d for tty %d via socket %d", *fd, rspdata->ttynum, ret);
1153 }
1154
1155 static int lxc_cmd_get_tty_fd_callback(int fd, struct lxc_cmd_req *req,
1156 struct lxc_handler *handler,
1157 struct lxc_epoll_descr *descr)
1158 {
1159 int ptxfd, ret;
1160 struct lxc_cmd_rsp rsp = {
1161 .ret = -EBADF,
1162 };
1163 int ttynum = PTR_TO_INT(req->data);
1164
1165 ptxfd = lxc_terminal_allocate(handler->conf, fd, &ttynum);
1166 if (ptxfd < 0)
1167 return lxc_cmd_rsp_send_reap(fd, &rsp);
1168
1169 rsp.ret = 0;
1170 rsp.data = INT_TO_PTR(ttynum);
1171 ret = lxc_abstract_unix_send_fds(fd, &ptxfd, 1, &rsp, sizeof(rsp));
1172 if (ret < 0) {
1173 lxc_terminal_free(handler->conf, fd);
1174 return ret;
1175 }
1176
1177 return log_debug(0, "Send tty to client");
1178 }
1179
1180 /*
1181 * lxc_cmd_get_name: Returns the name of the container
1182 *
1183 * @hashed_sock_name: hashed socket name
1184 *
1185 * Returns the name on success, NULL on failure.
1186 */
1187 char *lxc_cmd_get_name(const char *hashed_sock_name)
1188 {
1189 bool stopped = false;
1190 int ret;
1191 struct lxc_cmd_rr cmd;
1192
1193 lxc_cmd_init(&cmd, LXC_CMD_GET_NAME);
1194
1195 ret = lxc_cmd(NULL, &cmd, &stopped, NULL, hashed_sock_name);
1196 if (ret < 0)
1197 return NULL;
1198
1199 if (cmd.rsp.ret == 0)
1200 return cmd.rsp.data;
1201
1202 return NULL;
1203 }
1204
1205 static int lxc_cmd_get_name_callback(int fd, struct lxc_cmd_req *req,
1206 struct lxc_handler *handler,
1207 struct lxc_epoll_descr *descr)
1208 {
1209 struct lxc_cmd_rsp rsp;
1210
1211 memset(&rsp, 0, sizeof(rsp));
1212
1213 rsp.data = (char *)handler->name;
1214 rsp.datalen = strlen(handler->name) + 1;
1215 rsp.ret = 0;
1216
1217 return lxc_cmd_rsp_send_reap(fd, &rsp);
1218 }
1219
1220 /*
1221 * lxc_cmd_get_lxcpath: Returns the lxcpath of the container
1222 *
1223 * @hashed_sock_name: hashed socket name
1224 *
1225 * Returns the lxcpath on success, NULL on failure.
1226 */
1227 char *lxc_cmd_get_lxcpath(const char *hashed_sock_name)
1228 {
1229 bool stopped = false;
1230 int ret;
1231 struct lxc_cmd_rr cmd;
1232
1233 lxc_cmd_init(&cmd, LXC_CMD_GET_LXCPATH);
1234
1235 ret = lxc_cmd(NULL, &cmd, &stopped, NULL, hashed_sock_name);
1236 if (ret < 0)
1237 return NULL;
1238
1239 if (cmd.rsp.ret == 0)
1240 return cmd.rsp.data;
1241
1242 return NULL;
1243 }
1244
1245 static int lxc_cmd_get_lxcpath_callback(int fd, struct lxc_cmd_req *req,
1246 struct lxc_handler *handler,
1247 struct lxc_epoll_descr *descr)
1248 {
1249 struct lxc_cmd_rsp rsp = {
1250 .ret = 0,
1251 .data = (char *)handler->lxcpath,
1252 .datalen = strlen(handler->lxcpath) + 1,
1253 };
1254
1255 return lxc_cmd_rsp_send_reap(fd, &rsp);
1256 }
1257
1258 int lxc_cmd_add_state_client(const char *name, const char *lxcpath,
1259 lxc_state_t states[static MAX_STATE],
1260 int *state_client_fd)
1261 {
1262 __do_close int clientfd = -EBADF;
1263 bool stopped = false;
1264 int state;
1265 ssize_t ret;
1266 struct lxc_cmd_rr cmd;
1267
1268 lxc_cmd_init(&cmd, LXC_CMD_ADD_STATE_CLIENT);
1269 lxc_cmd_data(&cmd, (sizeof(lxc_state_t) * MAX_STATE), states);
1270
1271 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1272 if (states[STOPPED] != 0 && stopped != 0)
1273 return STOPPED;
1274
1275 if (ret < 0) {
1276 if (errno != ECONNREFUSED)
1277 SYSERROR("Failed to execute command");
1278
1279 return -1;
1280 }
1281
1282 /* We should now be guaranteed to get an answer from the state sending
1283 * function.
1284 */
1285 clientfd = cmd.rsp.ret;
1286 if (clientfd < 0)
1287 return log_error_errno(-1, -clientfd, "Failed to receive socket fd");
1288
1289 state = PTR_TO_INT(cmd.rsp.data);
1290 if (state < MAX_STATE)
1291 return log_trace(state, "Container is already in requested state %s", lxc_state2str(state));
1292
1293 *state_client_fd = move_fd(clientfd);
1294 TRACE("State connection fd %d ready to listen for container state changes", *state_client_fd);
1295 return MAX_STATE;
1296 }
1297
1298 static int lxc_cmd_add_state_client_callback(__owns int fd, struct lxc_cmd_req *req,
1299 struct lxc_handler *handler,
1300 struct lxc_epoll_descr *descr)
1301 {
1302 struct lxc_cmd_rsp rsp = {
1303 .ret = -EINVAL,
1304 };
1305
1306 if (req->datalen < 0)
1307 goto reap_fd;
1308
1309 if (req->datalen != (sizeof(lxc_state_t) * MAX_STATE))
1310 goto reap_fd;
1311
1312 if (!req->data)
1313 goto reap_fd;
1314
1315 rsp.ret = lxc_add_state_client(fd, handler, (lxc_state_t *)req->data);
1316 if (rsp.ret < 0)
1317 goto reap_fd;
1318
1319 rsp.data = INT_TO_PTR(rsp.ret);
1320
1321 return lxc_cmd_rsp_send_keep(fd, &rsp);
1322
1323 reap_fd:
1324 return lxc_cmd_rsp_send_reap(fd, &rsp);
1325 }
1326
1327 int lxc_cmd_add_bpf_device_cgroup(const char *name, const char *lxcpath,
1328 struct device_item *device)
1329 {
1330 bool stopped = false;
1331 int ret;
1332 struct lxc_cmd_rr cmd;
1333
1334 if (strlen(device->access) > STRLITERALLEN("rwm"))
1335 return syserrno_set(-EINVAL, "Invalid access mode specified %s", device->access);
1336
1337 lxc_cmd_init(&cmd, LXC_CMD_ADD_BPF_DEVICE_CGROUP);
1338 lxc_cmd_data(&cmd, sizeof(struct device_item), device);
1339
1340 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1341 if (ret < 0)
1342 return syserrno_set(ret, "Failed to process new bpf device cgroup command");
1343
1344 if (cmd.rsp.ret < 0)
1345 return syserrno_set(cmd.rsp.ret, "Failed to add new bpf device cgroup rule");
1346
1347 return 0;
1348 }
1349
1350 static int lxc_cmd_add_bpf_device_cgroup_callback(int fd, struct lxc_cmd_req *req,
1351 struct lxc_handler *handler,
1352 struct lxc_epoll_descr *descr)
1353 {
1354 struct lxc_cmd_rsp rsp = {
1355 .ret = -EINVAL,
1356 };
1357 struct lxc_conf *conf;
1358
1359 if (req->datalen <= 0)
1360 goto out;
1361
1362 if (req->datalen != sizeof(struct device_item))
1363 goto out;
1364
1365 if (!req->data)
1366 goto out;
1367
1368 conf = handler->conf;
1369 if (!bpf_cgroup_devices_update(handler->cgroup_ops,
1370 &conf->bpf_devices,
1371 (struct device_item *)req->data))
1372 rsp.ret = -1;
1373 else
1374 rsp.ret = 0;
1375
1376 out:
1377 return lxc_cmd_rsp_send_reap(fd, &rsp);
1378 }
1379
1380 int lxc_cmd_console_log(const char *name, const char *lxcpath,
1381 struct lxc_console_log *log)
1382 {
1383 bool stopped = false;
1384 struct lxc_cmd_console_log data = {
1385 .clear = log->clear,
1386 .read = log->read,
1387 .read_max = *log->read_max,
1388 };
1389 int ret;
1390 struct lxc_cmd_rr cmd;
1391
1392 lxc_cmd_init(&cmd, LXC_CMD_CONSOLE_LOG);
1393 lxc_cmd_data(&cmd, sizeof(struct lxc_cmd_console_log), &data);
1394
1395 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1396 if (ret < 0)
1397 return ret;
1398
1399 /* There is nothing to be read from the buffer. So clear any values we
1400 * where passed to clearly indicate to the user that nothing went wrong.
1401 */
1402 if (cmd.rsp.ret == -ENODATA || cmd.rsp.ret == -EFAULT || cmd.rsp.ret == -ENOENT) {
1403 *log->read_max = 0;
1404 log->data = NULL;
1405 }
1406
1407 /* This is a proper error so don't touch any values we were passed. */
1408 if (cmd.rsp.ret < 0)
1409 return cmd.rsp.ret;
1410
1411 *log->read_max = cmd.rsp.datalen;
1412 log->data = cmd.rsp.data;
1413
1414 return 0;
1415 }
1416
1417 static int lxc_cmd_console_log_callback(int fd, struct lxc_cmd_req *req,
1418 struct lxc_handler *handler,
1419 struct lxc_epoll_descr *descr)
1420 {
1421 struct lxc_cmd_rsp rsp;
1422 uint64_t buffer_size = handler->conf->console.buffer_size;
1423 const struct lxc_cmd_console_log *log = req->data;
1424 struct lxc_ringbuf *buf = &handler->conf->console.ringbuf;
1425
1426 rsp.ret = -EFAULT;
1427 rsp.datalen = 0;
1428 rsp.data = NULL;
1429 if (buffer_size <= 0)
1430 goto out;
1431
1432 if (log->read || log->write_logfile)
1433 rsp.datalen = lxc_ringbuf_used(buf);
1434
1435 if (log->read)
1436 rsp.data = lxc_ringbuf_get_read_addr(buf);
1437
1438 if (log->read_max > 0 && (log->read_max <= rsp.datalen))
1439 rsp.datalen = log->read_max;
1440
1441 /* there's nothing to read */
1442 rsp.ret = -ENODATA;
1443 if (log->read && (buf->r_off == buf->w_off))
1444 goto out;
1445
1446 rsp.ret = 0;
1447 if (log->clear)
1448 lxc_ringbuf_clear(buf); /* clear the ringbuffer */
1449 else if (rsp.datalen > 0)
1450 lxc_ringbuf_move_read_addr(buf, rsp.datalen);
1451
1452 out:
1453 return lxc_cmd_rsp_send_reap(fd, &rsp);
1454 }
1455
1456 int lxc_cmd_serve_state_clients(const char *name, const char *lxcpath,
1457 lxc_state_t state)
1458 {
1459 bool stopped = false;
1460 ssize_t ret;
1461 struct lxc_cmd_rr cmd;
1462
1463 lxc_cmd_init(&cmd, LXC_CMD_SERVE_STATE_CLIENTS);
1464 lxc_cmd_data(&cmd, ENCODE_INTO_PTR_LEN, INT_TO_PTR(state));
1465
1466 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1467 if (ret < 0)
1468 return log_error_errno(-1, errno, "Failed to serve state clients");
1469
1470 return 0;
1471 }
1472
1473 static int lxc_cmd_serve_state_clients_callback(int fd, struct lxc_cmd_req *req,
1474 struct lxc_handler *handler,
1475 struct lxc_epoll_descr *descr)
1476 {
1477 int ret;
1478 lxc_state_t state = PTR_TO_INT(req->data);
1479 struct lxc_cmd_rsp rsp = {0};
1480
1481 ret = lxc_serve_state_clients(handler->name, handler, state);
1482 if (ret < 0)
1483 return ret;
1484
1485 return lxc_cmd_rsp_send_reap(fd, &rsp);
1486 }
1487
1488 int lxc_cmd_seccomp_notify_add_listener(const char *name, const char *lxcpath,
1489 int fd,
1490 /* unused */ unsigned int command,
1491 /* unused */ unsigned int flags)
1492 {
1493
1494 #ifdef HAVE_SECCOMP_NOTIFY
1495 bool stopped = false;
1496 int ret;
1497 struct lxc_cmd_rr cmd;
1498
1499 lxc_cmd_init(&cmd, LXC_CMD_SECCOMP_NOTIFY_ADD_LISTENER);
1500 lxc_cmd_data(&cmd, ENCODE_INTO_PTR_LEN, INT_TO_PTR(fd));
1501
1502 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1503 if (ret < 0)
1504 return log_error_errno(-1, errno, "Failed to add seccomp listener");
1505
1506 return cmd.rsp.ret;
1507 #else
1508 return ret_set_errno(-1, ENOSYS);
1509 #endif
1510 }
1511
1512 static int lxc_cmd_seccomp_notify_add_listener_callback(int fd,
1513 struct lxc_cmd_req *req,
1514 struct lxc_handler *handler,
1515 struct lxc_epoll_descr *descr)
1516 {
1517 struct lxc_cmd_rsp rsp = {0};
1518
1519 #ifdef HAVE_SECCOMP_NOTIFY
1520 int ret;
1521 __do_close int recv_fd = -EBADF;
1522
1523 ret = lxc_abstract_unix_recv_one_fd(fd, &recv_fd, NULL, 0);
1524 if (ret <= 0) {
1525 rsp.ret = -errno;
1526 goto out;
1527 }
1528
1529 if (!handler->conf->seccomp.notifier.wants_supervision ||
1530 handler->conf->seccomp.notifier.proxy_fd < 0) {
1531 SYSERROR("No seccomp proxy fd specified");
1532 rsp.ret = -EINVAL;
1533 goto out;
1534 }
1535
1536 ret = lxc_mainloop_add_handler(descr, recv_fd, seccomp_notify_handler,
1537 handler);
1538 if (ret < 0) {
1539 rsp.ret = -errno;
1540 goto out;
1541 }
1542 move_fd(recv_fd);
1543
1544 out:
1545 #else
1546 rsp.ret = -ENOSYS;
1547
1548 #endif
1549 return lxc_cmd_rsp_send_reap(fd, &rsp);
1550 }
1551
1552 int lxc_cmd_freeze(const char *name, const char *lxcpath, int timeout)
1553 {
1554 bool stopped = false;
1555 int ret;
1556 struct lxc_cmd_rr cmd;
1557
1558 lxc_cmd_init(&cmd, LXC_CMD_FREEZE);
1559 lxc_cmd_data(&cmd, ENCODE_INTO_PTR_LEN, INT_TO_PTR(timeout));
1560
1561 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1562 if (ret <= 0 || cmd.rsp.ret < 0)
1563 return log_error_errno(-1, errno, "Failed to freeze container");
1564
1565 return cmd.rsp.ret;
1566 }
1567
1568 static int lxc_cmd_freeze_callback(int fd, struct lxc_cmd_req *req,
1569 struct lxc_handler *handler,
1570 struct lxc_epoll_descr *descr)
1571 {
1572 int timeout = PTR_TO_INT(req->data);
1573 struct lxc_cmd_rsp rsp = {
1574 .ret = -ENOENT,
1575 };
1576 struct cgroup_ops *ops = handler->cgroup_ops;
1577
1578 if (pure_unified_layout(ops))
1579 rsp.ret = ops->freeze(ops, timeout);
1580
1581 return lxc_cmd_rsp_send_reap(fd, &rsp);
1582 }
1583
1584 int lxc_cmd_unfreeze(const char *name, const char *lxcpath, int timeout)
1585 {
1586 bool stopped = false;
1587 struct lxc_cmd_rr cmd;
1588 int ret;
1589
1590 lxc_cmd_init(&cmd, LXC_CMD_UNFREEZE);
1591 lxc_cmd_data(&cmd, ENCODE_INTO_PTR_LEN, INT_TO_PTR(timeout));
1592
1593 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1594 if (ret <= 0 || cmd.rsp.ret < 0)
1595 return log_error_errno(-1, errno, "Failed to unfreeze container");
1596
1597 return cmd.rsp.ret;
1598 }
1599
1600 static int lxc_cmd_unfreeze_callback(int fd, struct lxc_cmd_req *req,
1601 struct lxc_handler *handler,
1602 struct lxc_epoll_descr *descr)
1603 {
1604 int timeout = PTR_TO_INT(req->data);
1605 struct lxc_cmd_rsp rsp = {
1606 .ret = -ENOENT,
1607 };
1608 struct cgroup_ops *ops = handler->cgroup_ops;
1609
1610 if (pure_unified_layout(ops))
1611 rsp.ret = ops->unfreeze(ops, timeout);
1612
1613 return lxc_cmd_rsp_send_reap(fd, &rsp);
1614 }
1615
1616 int lxc_cmd_get_cgroup_fd(const char *name, const char *lxcpath,
1617 size_t size_ret_fd, struct cgroup_fd *ret_fd)
1618 {
1619 bool stopped = false;
1620 int ret;
1621 struct lxc_cmd_rr cmd;
1622
1623 lxc_cmd_init(&cmd, LXC_CMD_GET_CGROUP_FD);
1624 lxc_cmd_data(&cmd, sizeof(struct cgroup_fd), ret_fd);
1625
1626 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1627 if (ret < 0)
1628 return log_debug_errno(-1, errno, "Failed to process cgroup fd command");
1629
1630 if (cmd.rsp.ret < 0)
1631 return log_debug_errno(-EBADF, errno, "Failed to receive cgroup fd");
1632
1633 return 0;
1634 }
1635
1636 int lxc_cmd_get_limit_cgroup_fd(const char *name, const char *lxcpath,
1637 size_t size_ret_fd, struct cgroup_fd *ret_fd)
1638 {
1639 bool stopped = false;
1640 struct lxc_cmd_rr cmd = {
1641 .req = {
1642 .cmd = LXC_CMD_GET_LIMIT_CGROUP_FD,
1643 .datalen = sizeof(struct cgroup_fd),
1644 .data = ret_fd,
1645 },
1646 .rsp = {
1647 .ret = -ENOSYS,
1648 },
1649 };
1650 int ret;
1651
1652 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1653 if (ret < 0)
1654 return log_debug_errno(-1, errno, "Failed to process limit cgroup fd command");
1655
1656 if (cmd.rsp.ret < 0)
1657 return log_debug_errno(-EBADF, errno, "Failed to receive limit cgroup fd");
1658
1659 return 0;
1660 }
1661
1662 static int __lxc_cmd_get_cgroup_fd_callback(int fd, struct lxc_cmd_req *req,
1663 struct lxc_handler *handler,
1664 struct lxc_epoll_descr *descr,
1665 bool limit)
1666 {
1667 struct lxc_cmd_rsp rsp = {
1668 .ret = -EINVAL,
1669 };
1670 struct cgroup_ops *ops = handler->cgroup_ops;
1671 struct cgroup_fd fd_server = {};
1672 int ret;
1673
1674 ret = copy_struct_from_client(sizeof(struct cgroup_fd), &fd_server,
1675 req->datalen, req->data);
1676 if (ret < 0)
1677 return lxc_cmd_rsp_send_reap(fd, &rsp);
1678
1679 if (strnlen(fd_server.controller, MAX_CGROUP_ROOT_NAMELEN) == 0)
1680 return lxc_cmd_rsp_send_reap(fd, &rsp);
1681
1682 ret = prepare_cgroup_fd(ops, &fd_server, limit);
1683 if (ret < 0) {
1684 rsp.ret = ret;
1685 return lxc_cmd_rsp_send_reap(fd, &rsp);
1686 }
1687
1688 rsp.ret = 0;
1689 rsp.data = &fd_server;
1690 rsp.datalen = min(sizeof(struct cgroup_fd), (size_t)req->datalen);
1691 return rsp_one_fd(fd, fd_server.fd, &rsp);
1692 }
1693
1694 static int lxc_cmd_get_cgroup_fd_callback(int fd, struct lxc_cmd_req *req,
1695 struct lxc_handler *handler,
1696 struct lxc_epoll_descr *descr)
1697 {
1698 return __lxc_cmd_get_cgroup_fd_callback(fd, req, handler, descr, false);
1699 }
1700
1701 static int lxc_cmd_get_limit_cgroup_fd_callback(int fd, struct lxc_cmd_req *req,
1702 struct lxc_handler *handler,
1703 struct lxc_epoll_descr *descr)
1704 {
1705 return __lxc_cmd_get_cgroup_fd_callback(fd, req, handler, descr, true);
1706 }
1707
1708 int lxc_cmd_get_cgroup2_fd(const char *name, const char *lxcpath)
1709 {
1710 bool stopped = false;
1711 struct lxc_cmd_rr cmd = {
1712 .req = {
1713 .cmd = LXC_CMD_GET_CGROUP2_FD,
1714 },
1715 .rsp = {
1716 .ret = -ENOSYS,
1717 },
1718 };
1719 int ret;
1720
1721 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1722 if (ret < 0)
1723 return -1;
1724
1725 if (cmd.rsp.ret < 0)
1726 return log_debug_errno(cmd.rsp.ret, -cmd.rsp.ret, "Failed to receive cgroup2 fd");
1727
1728 return PTR_TO_INT(cmd.rsp.data);
1729 }
1730
1731 int lxc_cmd_get_limit_cgroup2_fd(const char *name, const char *lxcpath)
1732 {
1733 bool stopped = false;
1734 struct lxc_cmd_rr cmd = {
1735 .req = {
1736 .cmd = LXC_CMD_GET_LIMIT_CGROUP2_FD,
1737 },
1738 .rsp = {
1739 .ret = -ENOSYS,
1740 },
1741 };
1742 int ret;
1743
1744 ret = lxc_cmd(name, &cmd, &stopped, lxcpath, NULL);
1745 if (ret < 0)
1746 return -1;
1747
1748 if (cmd.rsp.ret < 0)
1749 return syswarn_set(cmd.rsp.ret, "Failed to receive cgroup2 limit fd");
1750
1751 return PTR_TO_INT(cmd.rsp.data);
1752 }
1753
1754 static int lxc_cmd_get_cgroup2_fd_callback_do(int fd, struct lxc_cmd_req *req,
1755 struct lxc_handler *handler,
1756 struct lxc_epoll_descr *descr,
1757 bool limiting_cgroup)
1758 {
1759 struct lxc_cmd_rsp rsp = {
1760 .ret = -EINVAL,
1761 };
1762 struct cgroup_ops *ops = handler->cgroup_ops;
1763 int send_fd;
1764
1765 if (!pure_unified_layout(ops) || !ops->unified)
1766 return lxc_cmd_rsp_send_reap(fd, &rsp);
1767
1768 send_fd = limiting_cgroup ? ops->unified->dfd_lim
1769 : ops->unified->dfd_con;
1770
1771 if (send_fd < 0) {
1772 rsp.ret = -EBADF;
1773 return lxc_cmd_rsp_send_reap(fd, &rsp);
1774 }
1775
1776 rsp.ret = 0;
1777 return rsp_one_fd(fd, send_fd, &rsp);
1778 }
1779
1780 static int lxc_cmd_get_cgroup2_fd_callback(int fd, struct lxc_cmd_req *req,
1781 struct lxc_handler *handler,
1782 struct lxc_epoll_descr *descr)
1783 {
1784 return lxc_cmd_get_cgroup2_fd_callback_do(fd, req, handler, descr,
1785 false);
1786 }
1787
1788 static int lxc_cmd_get_limit_cgroup2_fd_callback(int fd, struct lxc_cmd_req *req,
1789 struct lxc_handler *handler,
1790 struct lxc_epoll_descr *descr)
1791 {
1792 return lxc_cmd_get_cgroup2_fd_callback_do(fd, req, handler, descr,
1793 true);
1794 }
1795
1796 static int lxc_cmd_rsp_send_enosys(int fd, int id)
1797 {
1798 struct lxc_cmd_rsp rsp = {
1799 .ret = -ENOSYS,
1800 };
1801
1802 __lxc_cmd_rsp_send(fd, &rsp);
1803 return syserrno_set(-ENOSYS, "Invalid command id %d", id);
1804 }
1805
1806 static int lxc_cmd_process(int fd, struct lxc_cmd_req *req,
1807 struct lxc_handler *handler,
1808 struct lxc_epoll_descr *descr)
1809 {
1810 typedef int (*callback)(int, struct lxc_cmd_req *, struct lxc_handler *,
1811 struct lxc_epoll_descr *);
1812
1813 callback cb[LXC_CMD_MAX] = {
1814 [LXC_CMD_GET_TTY_FD] = lxc_cmd_get_tty_fd_callback,
1815 [LXC_CMD_TERMINAL_WINCH] = lxc_cmd_terminal_winch_callback,
1816 [LXC_CMD_STOP] = lxc_cmd_stop_callback,
1817 [LXC_CMD_GET_STATE] = lxc_cmd_get_state_callback,
1818 [LXC_CMD_GET_INIT_PID] = lxc_cmd_get_init_pid_callback,
1819 [LXC_CMD_GET_CLONE_FLAGS] = lxc_cmd_get_clone_flags_callback,
1820 [LXC_CMD_GET_CGROUP] = lxc_cmd_get_cgroup_callback,
1821 [LXC_CMD_GET_CONFIG_ITEM] = lxc_cmd_get_config_item_callback,
1822 [LXC_CMD_GET_NAME] = lxc_cmd_get_name_callback,
1823 [LXC_CMD_GET_LXCPATH] = lxc_cmd_get_lxcpath_callback,
1824 [LXC_CMD_ADD_STATE_CLIENT] = lxc_cmd_add_state_client_callback,
1825 [LXC_CMD_CONSOLE_LOG] = lxc_cmd_console_log_callback,
1826 [LXC_CMD_SERVE_STATE_CLIENTS] = lxc_cmd_serve_state_clients_callback,
1827 [LXC_CMD_SECCOMP_NOTIFY_ADD_LISTENER] = lxc_cmd_seccomp_notify_add_listener_callback,
1828 [LXC_CMD_ADD_BPF_DEVICE_CGROUP] = lxc_cmd_add_bpf_device_cgroup_callback,
1829 [LXC_CMD_FREEZE] = lxc_cmd_freeze_callback,
1830 [LXC_CMD_UNFREEZE] = lxc_cmd_unfreeze_callback,
1831 [LXC_CMD_GET_CGROUP2_FD] = lxc_cmd_get_cgroup2_fd_callback,
1832 [LXC_CMD_GET_INIT_PIDFD] = lxc_cmd_get_init_pidfd_callback,
1833 [LXC_CMD_GET_LIMIT_CGROUP] = lxc_cmd_get_limit_cgroup_callback,
1834 [LXC_CMD_GET_LIMIT_CGROUP2_FD] = lxc_cmd_get_limit_cgroup2_fd_callback,
1835 [LXC_CMD_GET_DEVPTS_FD] = lxc_cmd_get_devpts_fd_callback,
1836 [LXC_CMD_GET_SECCOMP_NOTIFY_FD] = lxc_cmd_get_seccomp_notify_fd_callback,
1837 [LXC_CMD_GET_CGROUP_CTX] = lxc_cmd_get_cgroup_ctx_callback,
1838 [LXC_CMD_GET_CGROUP_FD] = lxc_cmd_get_cgroup_fd_callback,
1839 [LXC_CMD_GET_LIMIT_CGROUP_FD] = lxc_cmd_get_limit_cgroup_fd_callback,
1840 };
1841
1842 if (req->cmd >= LXC_CMD_MAX)
1843 return lxc_cmd_rsp_send_enosys(fd, req->cmd);
1844
1845 return cb[req->cmd](fd, req, handler, descr);
1846 }
1847
1848 static void lxc_cmd_fd_cleanup(int fd, struct lxc_handler *handler,
1849 struct lxc_epoll_descr *descr, const lxc_cmd_t cmd)
1850 {
1851 lxc_terminal_free(handler->conf, fd);
1852 lxc_mainloop_del_handler(descr, fd);
1853
1854 if (cmd == LXC_CMD_ADD_STATE_CLIENT) {
1855 struct lxc_list *cur, *next;
1856
1857 lxc_list_for_each_safe(cur, &handler->conf->state_clients, next) {
1858 struct lxc_state_client *client = cur->elem;
1859
1860 if (client->clientfd != fd)
1861 continue;
1862
1863 /*
1864 * Only kick client from list so it can't be found
1865 * anymore. The actual close happens, as for all other
1866 * file descriptors, below.
1867 */
1868 lxc_list_del(cur);
1869 free(cur->elem);
1870 free(cur);
1871
1872 /*
1873 * No need to walk the whole list. If we found the state
1874 * client fd there can't be a second one.
1875 */
1876 TRACE("Found state client fd %d in state client list for command \"%s\"", fd, lxc_cmd_str(cmd));
1877 break;
1878 }
1879
1880 /*
1881 * We didn't add the state client to the list. Either because
1882 * we failed to allocate memory (unlikely) or because the state
1883 * was already reached by the time we were ready to add it. So
1884 * fallthrough and clean it up.
1885 */
1886 TRACE("Closing state client fd %d for command \"%s\"", fd, lxc_cmd_str(cmd));
1887 }
1888
1889 TRACE("Closing client fd %d for command \"%s\"", fd, lxc_cmd_str(cmd));
1890 close(fd);
1891 }
1892
1893 static int lxc_cmd_handler(int fd, uint32_t events, void *data,
1894 struct lxc_epoll_descr *descr)
1895 {
1896 __do_free void *reqdata = NULL;
1897 int ret;
1898 struct lxc_cmd_req req;
1899 struct lxc_handler *handler = data;
1900
1901 ret = lxc_abstract_unix_rcv_credential(fd, &req, sizeof(req));
1902 if (ret < 0) {
1903 SYSERROR("Failed to receive data on command socket for command \"%s\"", lxc_cmd_str(req.cmd));
1904
1905 if (errno == EACCES) {
1906 /* We don't care for the peer, just send and close. */
1907 struct lxc_cmd_rsp rsp = {
1908 .ret = -EPERM,
1909 };
1910
1911 __lxc_cmd_rsp_send(fd, &rsp);
1912 }
1913
1914 goto out_close;
1915 }
1916
1917 if (ret == 0)
1918 goto out_close;
1919
1920 if (ret != sizeof(req)) {
1921 WARN("Failed to receive full command request. Ignoring request for \"%s\"", lxc_cmd_str(req.cmd));
1922 goto out_close;
1923 }
1924
1925 if ((req.datalen > LXC_CMD_DATA_MAX) && (req.cmd != LXC_CMD_CONSOLE_LOG)) {
1926 ERROR("Received command data length %d is too large for command \"%s\"", req.datalen, lxc_cmd_str(req.cmd));
1927 goto out_close;
1928 }
1929
1930 if (req.datalen > 0) {
1931 reqdata = must_realloc(NULL, req.datalen);
1932 ret = lxc_recv_nointr(fd, reqdata, req.datalen, 0);
1933 if (ret != req.datalen) {
1934 WARN("Failed to receive full command request. Ignoring request for \"%s\"", lxc_cmd_str(req.cmd));
1935 goto out_close;
1936 }
1937
1938 req.data = reqdata;
1939 }
1940
1941 ret = lxc_cmd_process(fd, &req, handler, descr);
1942 if (ret < 0) {
1943 DEBUG("Failed to process command %s; cleaning up client fd %d", lxc_cmd_str(req.cmd), fd);
1944 goto out_close;
1945 } else if (ret == LXC_CMD_REAP_CLIENT_FD) {
1946 TRACE("Processed command %s; cleaning up client fd %d", lxc_cmd_str(req.cmd), fd);
1947 goto out_close;
1948 } else {
1949 TRACE("Processed command %s; keeping client fd %d", lxc_cmd_str(req.cmd), fd);
1950 }
1951
1952 out:
1953 return LXC_MAINLOOP_CONTINUE;
1954
1955 out_close:
1956 lxc_cmd_fd_cleanup(fd, handler, descr, req.cmd);
1957 goto out;
1958 }
1959
1960 static int lxc_cmd_accept(int fd, uint32_t events, void *data,
1961 struct lxc_epoll_descr *descr)
1962 {
1963 __do_close int connection = -EBADF;
1964 int opt = 1, ret = -1;
1965
1966 connection = accept(fd, NULL, 0);
1967 if (connection < 0)
1968 return log_error_errno(LXC_MAINLOOP_ERROR, errno, "Failed to accept connection to run command");
1969
1970 ret = fcntl(connection, F_SETFD, FD_CLOEXEC);
1971 if (ret < 0)
1972 return log_error_errno(ret, errno, "Failed to set close-on-exec on incoming command connection");
1973
1974 ret = setsockopt(connection, SOL_SOCKET, SO_PASSCRED, &opt, sizeof(opt));
1975 if (ret < 0)
1976 return log_error_errno(ret, errno, "Failed to enable necessary credentials on command socket");
1977
1978 ret = lxc_mainloop_add_handler(descr, connection, lxc_cmd_handler, data);
1979 if (ret)
1980 return log_error(ret, "Failed to add command handler");
1981
1982 TRACE("Accepted new client as fd %d on command server fd %d", connection, fd);
1983 move_fd(connection);
1984 return ret;
1985 }
1986
1987 int lxc_server_init(const char *name, const char *lxcpath, const char *suffix)
1988 {
1989 __do_close int fd = -EBADF;
1990 int ret;
1991 char path[LXC_AUDS_ADDR_LEN] = {0};
1992
1993 ret = lxc_make_abstract_socket_name(path, sizeof(path), name, lxcpath, NULL, suffix);
1994 if (ret < 0)
1995 return -1;
1996
1997 fd = lxc_abstract_unix_open(path, SOCK_STREAM, 0);
1998 if (fd < 0) {
1999 if (errno == EADDRINUSE)
2000 ERROR("Container \"%s\" appears to be already running", name);
2001
2002 return log_error_errno(-1, errno, "Failed to create command socket %s", &path[1]);
2003 }
2004
2005 ret = fcntl(fd, F_SETFD, FD_CLOEXEC);
2006 if (ret < 0)
2007 return log_error_errno(-1, errno, "Failed to set FD_CLOEXEC on command socket file descriptor");
2008
2009 return log_trace(move_fd(fd), "Created abstract unix socket \"%s\"", &path[1]);
2010 }
2011
2012 int lxc_cmd_mainloop_add(const char *name, struct lxc_epoll_descr *descr,
2013 struct lxc_handler *handler)
2014 {
2015 int ret;
2016
2017 ret = lxc_mainloop_add_handler(descr, handler->conf->maincmd_fd, lxc_cmd_accept, handler);
2018 if (ret < 0)
2019 return log_error(ret, "Failed to add handler for command socket fd %d", handler->conf->maincmd_fd);
2020
2021 return ret;
2022 }
LXC mirror