]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/confile_utils.c
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1791 from Blub/unnamed-vs-ovs-bridge
[mirror_lxc.git] / src / lxc / confile_utils.c
1 /* liblxcapi
2 *
3 * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>.
4 * Copyright © 2017 Canonical Ltd.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2, as
8 * published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 */
19
20 #include "config.h"
21
22 #include <ctype.h>
23 #include <stdio.h>
24 #include <stdlib.h>
25 #include <string.h>
26 #include <arpa/inet.h>
27
28 #include "conf.h"
29 #include "confile.h"
30 #include "confile_utils.h"
31 #include "error.h"
32 #include "log.h"
33 #include "list.h"
34 #include "network.h"
35 #include "parse.h"
36 #include "utils.h"
37
38 lxc_log_define(lxc_confile_utils, lxc);
39
40 int parse_idmaps(const char *idmap, char *type, unsigned long *nsid,
41 unsigned long *hostid, unsigned long *range)
42 {
43 int ret = -1;
44 unsigned long tmp_hostid, tmp_nsid, tmp_range;
45 char tmp_type;
46 char *window, *slide;
47 char *dup = NULL;
48
49 /* Duplicate string. */
50 dup = strdup(idmap);
51 if (!dup)
52 goto on_error;
53
54 /* A prototypical idmap entry would be: "u 1000 1000000 65536" */
55
56 /* align */
57 slide = window = dup;
58 /* skip whitespace */
59 slide += strspn(slide, " \t\r");
60 if (slide != window && *slide == '\0')
61 goto on_error;
62
63 /* Validate type. */
64 if (*slide != 'u' && *slide != 'g')
65 goto on_error;
66 /* Assign type. */
67 tmp_type = *slide;
68
69 /* move beyond type */
70 slide++;
71 /* align */
72 window = slide;
73 /* Validate that only whitespace follows. */
74 slide += strspn(slide, " \t\r");
75 /* There must be whitespace. */
76 if (slide == window)
77 goto on_error;
78
79 /* Mark beginning of nsuid. */
80 window = slide;
81 /* Validate that non-whitespace follows. */
82 slide += strcspn(slide, " \t\r");
83 /* There must be non-whitespace. */
84 if (slide == window || *slide == '\0')
85 goto on_error;
86 /* Mark end of nsuid. */
87 *slide = '\0';
88
89 /* Parse nsuid. */
90 if (lxc_safe_ulong(window, &tmp_nsid) < 0)
91 goto on_error;
92
93 /* Move beyond \0. */
94 slide++;
95 /* align */
96 window = slide;
97 /* Validate that only whitespace follows. */
98 slide += strspn(slide, " \t\r");
99 /* If there was only one whitespace then we whiped it with our \0 above.
100 * So only ensure that we're not at the end of the string.
101 */
102 if (*slide == '\0')
103 goto on_error;
104
105 /* Mark beginning of hostid. */
106 window = slide;
107 /* Validate that non-whitespace follows. */
108 slide += strcspn(slide, " \t\r");
109 /* There must be non-whitespace. */
110 if (slide == window || *slide == '\0')
111 goto on_error;
112 /* Mark end of nsuid. */
113 *slide = '\0';
114
115 /* Parse hostid. */
116 if (lxc_safe_ulong(window, &tmp_hostid) < 0)
117 goto on_error;
118
119 /* Move beyond \0. */
120 slide++;
121 /* align */
122 window = slide;
123 /* Validate that only whitespace follows. */
124 slide += strspn(slide, " \t\r");
125 /* If there was only one whitespace then we whiped it with our \0 above.
126 * So only ensure that we're not at the end of the string.
127 */
128 if (*slide == '\0')
129 goto on_error;
130
131 /* Mark beginning of range. */
132 window = slide;
133 /* Validate that non-whitespace follows. */
134 slide += strcspn(slide, " \t\r");
135 /* There must be non-whitespace. */
136 if (slide == window)
137 goto on_error;
138
139 /* The range is the last valid entry we expect. So make sure that there
140 * is not trailing garbage and if there is, error out.
141 */
142 if (*(slide + strspn(slide, " \t\r\n")) != '\0')
143 goto on_error;
144 /* Mark end of range. */
145 *slide = '\0';
146
147 /* Parse range. */
148 if (lxc_safe_ulong(window, &tmp_range) < 0)
149 goto on_error;
150
151 *type = tmp_type;
152 *nsid = tmp_nsid;
153 *hostid = tmp_hostid;
154 *range = tmp_range;
155
156 /* Yay, we survived. */
157 ret = 0;
158
159 on_error:
160 free(dup);
161
162 return ret;
163 }
164
165 bool lxc_config_value_empty(const char *value)
166 {
167 if (value && strlen(value) > 0)
168 return false;
169
170 return true;
171 }
172
173 struct lxc_netdev *lxc_network_add(struct lxc_list *networks, int idx, bool tail)
174 {
175 struct lxc_list *newlist;
176 struct lxc_netdev *netdev = NULL;
177
178 /* network does not exist */
179 netdev = malloc(sizeof(*netdev));
180 if (!netdev)
181 return NULL;
182
183 memset(netdev, 0, sizeof(*netdev));
184 lxc_list_init(&netdev->ipv4);
185 lxc_list_init(&netdev->ipv6);
186
187 /* give network a unique index */
188 netdev->idx = idx;
189
190 /* prepare new list */
191 newlist = malloc(sizeof(*newlist));
192 if (!newlist) {
193 free(netdev);
194 return NULL;
195 }
196
197 lxc_list_init(newlist);
198 newlist->elem = netdev;
199
200 if (tail)
201 lxc_list_add_tail(networks, newlist);
202 else
203 lxc_list_add(networks, newlist);
204 return netdev;
205 }
206
207 /* Takes care of finding the correct netdev struct in the networks list or
208 * allocates a new one if it couldn't be found.
209 */
210 struct lxc_netdev *lxc_get_netdev_by_idx(struct lxc_conf *conf,
211 unsigned int idx, bool allocate)
212 {
213 struct lxc_netdev *netdev = NULL;
214 struct lxc_list *networks = &conf->network;
215 struct lxc_list *insert = networks;
216
217 /* lookup network */
218 if (!lxc_list_empty(networks)) {
219 lxc_list_for_each(insert, networks) {
220 netdev = insert->elem;
221 if (netdev->idx == idx)
222 return netdev;
223 else if (netdev->idx > idx)
224 break;
225 }
226 }
227
228 if (!allocate)
229 return NULL;
230
231 return lxc_network_add(insert, idx, true);
232 }
233
234 void lxc_log_configured_netdevs(const struct lxc_conf *conf)
235 {
236 struct lxc_netdev *netdev;
237 struct lxc_list *it = (struct lxc_list *)&conf->network;;
238
239 if ((conf->loglevel != LXC_LOG_LEVEL_TRACE) &&
240 (lxc_log_get_level() != LXC_LOG_LEVEL_TRACE))
241 return;
242
243 if (lxc_list_empty(it)) {
244 TRACE("container has no networks configured");
245 return;
246 }
247
248 lxc_list_for_each(it, &conf->network) {
249 struct lxc_list *cur, *next;
250 struct lxc_inetdev *inet4dev;
251 struct lxc_inet6dev *inet6dev;
252 char bufinet4[INET_ADDRSTRLEN], bufinet6[INET6_ADDRSTRLEN];
253
254 netdev = it->elem;
255
256 TRACE("index: %zd", netdev->idx);
257 TRACE("ifindex: %d", netdev->ifindex);
258 switch (netdev->type) {
259 case LXC_NET_VETH:
260 TRACE("type: veth");
261 if (netdev->priv.veth_attr.pair[0] != '\0')
262 TRACE("veth pair: %s",
263 netdev->priv.veth_attr.pair);
264 if (netdev->priv.veth_attr.veth1[0] != '\0')
265 TRACE("veth1 : %s",
266 netdev->priv.veth_attr.veth1);
267 if (netdev->priv.veth_attr.ifindex > 0)
268 TRACE("host side ifindex for veth device: %d",
269 netdev->priv.veth_attr.ifindex);
270 break;
271 case LXC_NET_MACVLAN:
272 TRACE("type: macvlan");
273 if (netdev->priv.macvlan_attr.mode > 0) {
274 char *macvlan_mode;
275 macvlan_mode = lxc_macvlan_flag_to_mode(
276 netdev->priv.macvlan_attr.mode);
277 TRACE("macvlan mode: %s",
278 macvlan_mode ? macvlan_mode
279 : "(invalid mode)");
280 }
281 break;
282 case LXC_NET_VLAN:
283 TRACE("type: vlan");
284 TRACE("vlan id: %d", netdev->priv.vlan_attr.vid);
285 break;
286 case LXC_NET_PHYS:
287 TRACE("type: phys");
288 if (netdev->priv.phys_attr.ifindex > 0) {
289 TRACE("host side ifindex for phys device: %d",
290 netdev->priv.phys_attr.ifindex);
291 }
292 break;
293 case LXC_NET_EMPTY:
294 TRACE("type: empty");
295 break;
296 case LXC_NET_NONE:
297 TRACE("type: none");
298 break;
299 default:
300 ERROR("invalid network type %d", netdev->type);
301 return;
302 }
303
304 if (netdev->type != LXC_NET_EMPTY) {
305 TRACE("flags: %s",
306 netdev->flags == IFF_UP ? "up" : "none");
307 if (netdev->link[0] != '\0')
308 TRACE("link: %s", netdev->link);
309 if (netdev->name[0] != '\0')
310 TRACE("name: %s", netdev->name);
311 if (netdev->hwaddr)
312 TRACE("hwaddr: %s", netdev->hwaddr);
313 if (netdev->mtu)
314 TRACE("mtu: %s", netdev->mtu);
315 if (netdev->upscript)
316 TRACE("upscript: %s", netdev->upscript);
317 if (netdev->downscript)
318 TRACE("downscript: %s", netdev->downscript);
319
320 TRACE("ipv4 gateway auto: %s",
321 netdev->ipv4_gateway_auto ? "true" : "false");
322
323 if (netdev->ipv4_gateway) {
324 inet_ntop(AF_INET, netdev->ipv4_gateway,
325 bufinet4, sizeof(bufinet4));
326 TRACE("ipv4 gateway: %s", bufinet4);
327 }
328
329 lxc_list_for_each_safe(cur, &netdev->ipv4, next) {
330 inet4dev = cur->elem;
331 inet_ntop(AF_INET, &inet4dev->addr, bufinet4,
332 sizeof(bufinet4));
333 TRACE("ipv4 addr: %s", bufinet4);
334 }
335
336 TRACE("ipv6 gateway auto: %s",
337 netdev->ipv6_gateway_auto ? "true" : "false");
338 if (netdev->ipv6_gateway) {
339 inet_ntop(AF_INET6, netdev->ipv6_gateway,
340 bufinet6, sizeof(bufinet6));
341 TRACE("ipv6 gateway: %s", bufinet6);
342 }
343 lxc_list_for_each_safe(cur, &netdev->ipv6, next) {
344 inet6dev = cur->elem;
345 inet_ntop(AF_INET6, &inet6dev->addr, bufinet6,
346 sizeof(bufinet6));
347 TRACE("ipv6 addr: %s", bufinet6);
348 }
349 }
350 }
351 }
352
353 static void lxc_free_netdev(struct lxc_netdev *netdev)
354 {
355 struct lxc_list *cur, *next;
356
357 free(netdev->upscript);
358 free(netdev->downscript);
359 free(netdev->hwaddr);
360 free(netdev->mtu);
361
362 free(netdev->ipv4_gateway);
363 lxc_list_for_each_safe(cur, &netdev->ipv4, next) {
364 lxc_list_del(cur);
365 free(cur->elem);
366 free(cur);
367 }
368
369 free(netdev->ipv6_gateway);
370 lxc_list_for_each_safe(cur, &netdev->ipv6, next) {
371 lxc_list_del(cur);
372 free(cur->elem);
373 free(cur);
374 }
375
376 free(netdev);
377 }
378
379 bool lxc_remove_nic_by_idx(struct lxc_conf *conf, unsigned int idx)
380 {
381 struct lxc_list *cur, *next;
382 struct lxc_netdev *netdev;
383 bool found = false;
384
385 lxc_list_for_each_safe(cur, &conf->network, next) {
386 netdev = cur->elem;
387 if (netdev->idx != idx)
388 continue;
389
390 lxc_list_del(cur);
391 found = true;
392 break;
393 }
394
395 if (!found)
396 return false;
397
398 lxc_free_netdev(netdev);
399 free(cur);
400
401 return true;
402 }
403
404 void lxc_free_networks(struct lxc_list *networks)
405 {
406 struct lxc_list *cur, *next;
407 struct lxc_netdev *netdev;
408
409 lxc_list_for_each_safe(cur, networks, next) {
410 netdev = cur->elem;
411 lxc_free_netdev(netdev);
412 free(cur);
413 }
414
415 /* prevent segfaults */
416 lxc_list_init(networks);
417 }
418
419 static struct macvlan_mode {
420 char *name;
421 int mode;
422 } macvlan_mode[] = {
423 { "private", MACVLAN_MODE_PRIVATE },
424 { "vepa", MACVLAN_MODE_VEPA },
425 { "bridge", MACVLAN_MODE_BRIDGE },
426 { "passthru", MACVLAN_MODE_PASSTHRU },
427 };
428
429 int lxc_macvlan_mode_to_flag(int *mode, const char *value)
430 {
431 size_t i;
432
433 for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) {
434 if (strcmp(macvlan_mode[i].name, value))
435 continue;
436
437 *mode = macvlan_mode[i].mode;
438 return 0;
439 }
440
441 return -1;
442 }
443
444 char *lxc_macvlan_flag_to_mode(int mode)
445 {
446 size_t i;
447
448 for (i = 0; i < sizeof(macvlan_mode) / sizeof(macvlan_mode[0]); i++) {
449 if (macvlan_mode[i].mode == mode)
450 continue;
451
452 return macvlan_mode[i].name;
453 }
454
455 return NULL;
456 }
457
458 int set_config_string_item(char **conf_item, const char *value)
459 {
460 char *new_value;
461
462 if (lxc_config_value_empty(value)) {
463 free(*conf_item);
464 *conf_item = NULL;
465 return 0;
466 }
467
468 new_value = strdup(value);
469 if (!new_value) {
470 SYSERROR("failed to duplicate string \"%s\"", value);
471 return -1;
472 }
473
474 free(*conf_item);
475 *conf_item = new_value;
476 return 0;
477 }
478
479 int set_config_string_item_max(char **conf_item, const char *value, size_t max)
480 {
481 if (strlen(value) >= max) {
482 ERROR("%s is too long (>= %lu)", value, (unsigned long)max);
483 return -1;
484 }
485
486 return set_config_string_item(conf_item, value);
487 }
488
489 int set_config_path_item(char **conf_item, const char *value)
490 {
491 return set_config_string_item_max(conf_item, value, PATH_MAX);
492 }
493
494 int config_ip_prefix(struct in_addr *addr)
495 {
496 if (IN_CLASSA(addr->s_addr))
497 return 32 - IN_CLASSA_NSHIFT;
498 if (IN_CLASSB(addr->s_addr))
499 return 32 - IN_CLASSB_NSHIFT;
500 if (IN_CLASSC(addr->s_addr))
501 return 32 - IN_CLASSC_NSHIFT;
502
503 return 0;
504 }
505
506 int network_ifname(char *valuep, const char *value)
507 {
508 if (strlen(value) >= IFNAMSIZ) {
509 ERROR("Network devie name \"%s\" is too long (>= %zu)", value,
510 (size_t)IFNAMSIZ);
511 }
512
513 strcpy(valuep, value);
514 return 0;
515 }
516
517 int rand_complete_hwaddr(char *hwaddr)
518 {
519 const char hex[] = "0123456789abcdef";
520 char *curs = hwaddr;
521
522 #ifndef HAVE_RAND_R
523 randseed(true);
524 #else
525 unsigned int seed;
526
527 seed = randseed(false);
528 #endif
529 while (*curs != '\0' && *curs != '\n') {
530 if (*curs == 'x' || *curs == 'X') {
531 if (curs - hwaddr == 1) {
532 /* ensure address is unicast */
533 #ifdef HAVE_RAND_R
534 *curs = hex[rand_r(&seed) & 0x0E];
535 } else {
536 *curs = hex[rand_r(&seed) & 0x0F];
537 #else
538 *curs = hex[rand() & 0x0E];
539 } else {
540 *curs = hex[rand() & 0x0F];
541 #endif
542 }
543 }
544 curs++;
545 }
546 return 0;
547 }
548
549 bool lxc_config_net_hwaddr(const char *line)
550 {
551 char *copy, *p;
552
553 if (strncmp(line, "lxc.net", 7) != 0)
554 return false;
555 if (strncmp(line, "lxc.network.hwaddr", 18) == 0)
556 return true;
557
558 /* We have to dup the line, if line is something like
559 * "lxc.net.[i].xxx = xxxxx ", we need to remove
560 * '[i]' and compare its key with 'lxc.net.hwaddr'*/
561 copy = strdup(line);
562 if (!copy) {
563 SYSERROR("failed to allocate memory");
564 return false;
565 }
566 if (*(copy + 8) >= '0' && *(copy + 8) <= '9') {
567 p = strchr(copy + 8, '.');
568 if (!p) {
569 free(copy);
570 return false;
571 }
572 /* strlen("hwaddr") = 6 */
573 strncpy(copy + 8, p + 1, 6);
574 copy[8 + 6] = '\0';
575 }
576 if (strncmp(copy, "lxc.net.hwaddr", 14) == 0) {
577 free(copy);
578 return true;
579 }
580 free(copy);
581
582 /* We have to dup the line second time, if line is something like
583 * "lxc.network.[i].xxx = xxxxx ", we need to remove
584 * '[i]' and compare its key with 'lxc.network.hwaddr'*/
585 copy = strdup(line);
586 if (!copy) {
587 SYSERROR("failed to allocate memory");
588 return false;
589 }
590 if (*(copy + 12) >= '0' && *(copy + 12) <= '9') {
591 p = strchr(copy + 12, '.');
592 if (!p) {
593 free(copy);
594 return false;
595 }
596 /* strlen("hwaddr") = 6 */
597 strncpy(copy + 12, p + 1, 6);
598 copy[12 + 6] = '\0';
599 }
600 if (strncmp(copy, "lxc.network.hwaddr", 18) == 0) {
601 free(copy);
602 return true;
603 }
604
605 free(copy);
606 return false;
607 }
608
609 /*
610 * If we find a lxc.net.[i].hwaddr or lxc.network.hwaddr in the original config
611 * file, we expand it in the unexpanded_config, so that after a save_config we
612 * store the hwaddr for re-use.
613 * This is only called when reading the config file, not when executing a
614 * lxc.include.
615 * 'x' and 'X' are substituted in-place.
616 */
617 void update_hwaddr(const char *line)
618 {
619 char *p;
620
621 line += lxc_char_left_gc(line, strlen(line));
622 if (line[0] == '#')
623 return;
624
625 if (!lxc_config_net_hwaddr(line))
626 return;
627
628 /* Let config_net_hwaddr raise the error. */
629 p = strchr(line, '=');
630 if (!p)
631 return;
632 p++;
633
634 while (isblank(*p))
635 p++;
636
637 if (!*p)
638 return;
639
640 rand_complete_hwaddr(p);
641 }
642
643 bool new_hwaddr(char *hwaddr)
644 {
645 int ret;
646
647 (void)randseed(true);
648
649 ret = snprintf(hwaddr, 18, "00:16:3e:%02x:%02x:%02x", rand() % 255,
650 rand() % 255, rand() % 255);
651 if (ret < 0 || ret >= 18) {
652 SYSERROR("Failed to call snprintf().");
653 return false;
654 }
655
656 return true;
657 }
658
659 int lxc_get_conf_str(char *retv, int inlen, const char *value)
660 {
661 if (!value)
662 return 0;
663 if (retv && inlen >= strlen(value) + 1)
664 strncpy(retv, value, strlen(value) + 1);
665
666 return strlen(value);
667 }
668
669 int lxc_get_conf_int(struct lxc_conf *c, char *retv, int inlen, int v)
670 {
671 if (!retv)
672 inlen = 0;
673 else
674 memset(retv, 0, inlen);
675
676 return snprintf(retv, inlen, "%d", v);
677 }
678
679 bool parse_limit_value(const char **value, unsigned long *res)
680 {
681 char *endptr = NULL;
682
683 if (strncmp(*value, "unlimited", sizeof("unlimited") - 1) == 0) {
684 *res = RLIM_INFINITY;
685 *value += sizeof("unlimited") - 1;
686 return true;
687 }
688
689 errno = 0;
690 *res = strtoul(*value, &endptr, 10);
691 if (errno || !endptr)
692 return false;
693 *value = endptr;
694
695 return true;
696 }
LXC mirror