]> git.proxmox.com Git - mirror_lxc.git/blob - src/lxc/start.h
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: remove "name" argument from lxc_{fini,abort}()
[mirror_lxc.git] / src / lxc / start.h
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #ifndef __LXC_START_H
4 #define __LXC_START_H
5
6 #include <signal.h>
7 #include <stdbool.h>
8 #include <sys/param.h>
9 #include <sys/socket.h>
10 #include <sys/un.h>
11
12 #include "conf.h"
13 #include "namespace.h"
14 #include "state.h"
15
16 struct lxc_handler {
17 /* Record the clone for namespaces flags that the container requested.
18 *
19 * @ns_clone_flags
20 * - All clone flags that were requested.
21 *
22 * @ns_on_clone_flags
23 * - The clone flags for namespaces to actually use when calling
24 * lxc_clone(): After the container has started ns_on_clone_flags will
25 * list the clone flags that were unshare()ed rather then clone()ed
26 * because of ordering requirements (e.g. e.g. CLONE_NEWNET and
27 * CLONE_NEWUSER) or implementation details.
28 *
29 * @ns_keep_flags;
30 * - The clone flags for the namespaces that the container will inherit
31 * from the parent. They are not recorded in the handler itself but
32 * are present in the container's config.
33 *
34 * @ns_share_flags;
35 * - The clone flags for the namespaces that the container will share
36 * with another process. They are not recorded in the handler itself
37 * but are present in the container's config.
38 */
39 struct /* lxc_ns */ {
40 int ns_clone_flags;
41 int ns_on_clone_flags;
42 };
43
44 /* File descriptor to pin the rootfs for privileged containers. */
45 int pinfd;
46
47 /* Signal file descriptor. */
48 int sigfd;
49
50 /* List of file descriptors referring to the namespaces of the
51 * container. Note that these are not necessarily identical to
52 * the "clone_flags" handler field in case namespace inheritance is
53 * requested.
54 */
55 int nsfd[LXC_NS_MAX];
56
57 /* Abstract unix domain SOCK_DGRAM socketpair to pass arbitrary data
58 * between child and parent.
59 */
60 int data_sock[2];
61
62 /* The socketpair() fds used to wait on successful daemonized startup. */
63 int state_socket_pair[2];
64
65 /* Socketpair to synchronize processes during container creation. */
66 int sync_sock[2];
67
68 /* Pointer to the name of the container. Do not free! */
69 const char *name;
70
71 /* Pointer to the path the container. Do not free! */
72 const char *lxcpath;
73
74 /* Whether the container's startup process euid is 0. */
75 bool am_root;
76
77 /* Indicates whether should we close std{in,out,err} on start. */
78 bool daemonize;
79
80 /* The child's pid. */
81 pid_t pid;
82
83 /* The child's pidfd. */
84 int pidfd;
85
86 /* The grandfather's pid when double-forking. */
87 pid_t transient_pid;
88
89 /* The monitor's pid. */
90 pid_t monitor_pid;
91
92 int monitor_status_fd;
93
94 /* Whether the child has already exited. */
95 bool init_died;
96
97 /* The signal mask prior to setting up the signal file descriptor. */
98 sigset_t oldmask;
99
100 /* The container's in-memory configuration. */
101 struct lxc_conf *conf;
102
103 /* A set of operations to be performed at various stages of the
104 * container's life.
105 */
106 struct lxc_operations *ops;
107
108 /* This holds the cgroup information. Note that the data here is
109 * specific to the cgroup driver used.
110 */
111 void *cgroup_data;
112
113 /* Data to be passed to handler ops. */
114 void *data;
115
116 /* Current state of the container. */
117 lxc_state_t state;
118
119 /* The exit status of the container; not defined unless ->init_died ==
120 * true.
121 */
122 int exit_status;
123
124 struct cgroup_ops *cgroup_ops;
125 };
126
127 struct execute_args {
128 char *init_path;
129 int init_fd;
130 char *const *argv;
131 int quiet;
132 };
133
134 struct lxc_operations {
135 int (*start)(struct lxc_handler *, void *);
136 int (*post_start)(struct lxc_handler *, void *);
137 };
138
139 extern int lxc_poll(const char *name, struct lxc_handler *handler);
140 extern int lxc_set_state(const char *name, struct lxc_handler *handler,
141 lxc_state_t state);
142 extern int lxc_serve_state_clients(const char *name,
143 struct lxc_handler *handler,
144 lxc_state_t state);
145 extern void lxc_abort(struct lxc_handler *handler);
146 extern struct lxc_handler *lxc_init_handler(const char *name,
147 struct lxc_conf *conf,
148 const char *lxcpath,
149 bool daemonize);
150 extern void lxc_zero_handler(struct lxc_handler *handler);
151 extern void lxc_free_handler(struct lxc_handler *handler);
152 extern int lxc_init(const char *name, struct lxc_handler *handler);
153 extern void lxc_fini(struct lxc_handler *handler);
154
155 /* lxc_check_inherited: Check for any open file descriptors and close them if
156 * requested.
157 * @param[in] conf The container's configuration.
158 * @param[in] closeall Whether we should close all open file descriptors.
159 * @param[in] fds_to_ignore Array of file descriptors to ignore.
160 * @param[in] len_fds Length of fds_to_ignore array.
161 */
162 extern int lxc_check_inherited(struct lxc_conf *conf, bool closeall,
163 int *fds_to_ignore, size_t len_fds);
164 extern int __lxc_start(struct lxc_handler *, struct lxc_operations *, void *,
165 const char *, bool, int *);
166
167 extern int resolve_clone_flags(struct lxc_handler *handler);
168
169 #endif
LXC mirror