]> git.proxmox.com Git - mirror_lxc.git/blob - src/tests/share_ns.c
projects / mirror_lxc.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
github: Update for main branch
[mirror_lxc.git] / src / tests / share_ns.c
1 /* liblxcapi
2 *
3 * Copyright © 2017 Christian Brauner <christian.brauner@ubuntu.com>.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2, as
7 * published by the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License along
15 * with this program; if not, write to the Free Software Foundation, Inc.,
16 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
17 */
18
19 #include <alloca.h>
20 #include <errno.h>
21 #include <pthread.h>
22 #include <sched.h>
23 #include <signal.h>
24 #include <stdio.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <sys/reboot.h>
28 #include <sys/types.h>
29 #include <sys/wait.h>
30
31 #include "lxc/lxccontainer.h"
32 #include "lxctest.h"
33
34 struct thread_args {
35 int thread_id;
36 bool success;
37 pid_t init_pid;
38 char *inherited_ipc_ns;
39 char *inherited_net_ns;
40 };
41
42 void *ns_sharing_wrapper(void *data)
43 {
44 int init_pid;
45 ssize_t ret;
46 char name[100];
47 char owning_ns_init_pid[100];
48 char proc_ns_path[4096];
49 char ns_buf[4096];
50 struct lxc_container *c;
51 struct thread_args *args = data;
52
53 lxc_debug("Starting namespace sharing thread %d\n", args->thread_id);
54
55 sprintf(name, "share-ns-%d", args->thread_id);
56 c = lxc_container_new(name, NULL);
57 if (!c) {
58 lxc_error("Failed to create container \"%s\"\n", name);
59 return NULL;
60 }
61
62 if (c->is_defined(c)) {
63 lxc_error("Container \"%s\" is defined\n", name);
64 goto out;
65 }
66
67 if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
68 lxc_error("Failed to create busybox container \"%s\"\n", name);
69 goto out;
70 }
71
72 if (!c->is_defined(c)) {
73 lxc_error("Container \"%s\" is not defined\n", name);
74 goto out;
75 }
76
77 if (!c->load_config(c, NULL)) {
78 lxc_error("Failed to load config for container \"%s\"\n", name);
79 goto out;
80 }
81
82 /* share ipc namespace by container name */
83 if (!c->set_config_item(c, "lxc.namespace.share.ipc", "owning-ns")) {
84 lxc_error("Failed to set \"lxc.namespace.share.ipc=owning-ns\" for container \"%s\"\n", name);
85 goto out;
86 }
87
88 /* clear all network configuration */
89 if (!c->set_config_item(c, "lxc.net", "")) {
90 lxc_error("Failed to set \"lxc.namespace.share.ipc=owning-ns\" for container \"%s\"\n", name);
91 goto out;
92 }
93
94 if (!c->set_config_item(c, "lxc.net.0.type", "empty")) {
95 lxc_error("Failed to set \"lxc.net.0.type=empty\" for container \"%s\"\n", name);
96 goto out;
97 }
98
99 sprintf(owning_ns_init_pid, "%d", args->init_pid);
100 /* share net namespace by pid */
101 if (!c->set_config_item(c, "lxc.namespace.share.net", owning_ns_init_pid)) {
102 lxc_error("Failed to set \"lxc.namespace.share.net=%s\" for container \"%s\"\n", owning_ns_init_pid, name);
103 goto out;
104 }
105
106 if (!c->want_daemonize(c, true)) {
107 lxc_error("Failed to mark container \"%s\" daemonized\n", name);
108 goto out;
109 }
110
111 if (!c->startl(c, 0, NULL)) {
112 lxc_error("Failed to start container \"%s\" daemonized\n", name);
113 goto out;
114 }
115
116 init_pid = c->init_pid(c);
117 if (init_pid < 0) {
118 lxc_error("Failed to retrieve init pid of container \"%s\"\n", name);
119 goto out;
120 }
121
122 /* Check whether we correctly inherited the ipc namespace. */
123 ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/ipc", init_pid);
124 if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
125 lxc_error("Failed to create string for container \"%s\"\n", name);
126 goto out;
127 }
128
129 ret = readlink(proc_ns_path, ns_buf, sizeof(ns_buf));
130 if (ret < 0 || (size_t)ret >= sizeof(ns_buf)) {
131 lxc_error("Failed to retrieve ipc namespace for container \"%s\"\n", name);
132 goto out;
133 }
134 ns_buf[ret] = '\0';
135
136 if (strcmp(args->inherited_ipc_ns, ns_buf) != 0) {
137 lxc_error("Failed to inherit ipc namespace from container \"owning-ns\": %s != %s\n", args->inherited_ipc_ns, ns_buf);
138 goto out;
139 }
140 lxc_debug("Inherited ipc namespace from container \"owning-ns\": %s == %s\n", args->inherited_ipc_ns, ns_buf);
141
142 /* Check whether we correctly inherited the net namespace. */
143 ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/net", init_pid);
144 if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
145 lxc_error("Failed to create string for container \"%s\"\n", name);
146 goto out;
147 }
148
149 ret = readlink(proc_ns_path, ns_buf, sizeof(ns_buf));
150 if (ret < 0 || (size_t)ret >= sizeof(ns_buf)) {
151 lxc_error("Failed to retrieve ipc namespace for container \"%s\"\n", name);
152 goto out;
153 }
154 ns_buf[ret] = '\0';
155
156 if (strcmp(args->inherited_net_ns, ns_buf) != 0) {
157 lxc_error("Failed to inherit net namespace from container \"owning-ns\": %s != %s\n", args->inherited_net_ns, ns_buf);
158 goto out;
159 }
160 lxc_debug("Inherited net namespace from container \"owning-ns\": %s == %s\n", args->inherited_net_ns, ns_buf);
161
162 args->success = true;
163
164 out:
165 if (c->is_running(c) && !c->stop(c)) {
166 lxc_error("Failed to stop container \"%s\"\n", name);
167 goto out;
168 }
169
170 if (!c->destroy(c)) {
171 lxc_error("Failed to destroy container \"%s\"\n", name);
172 goto out;
173 }
174
175 pthread_exit(NULL);
176 return NULL;
177 }
178
179 int main(int argc, char *argv[])
180 {
181 int i, init_pid, j;
182 char proc_ns_path[4096];
183 char ipc_ns_buf[4096];
184 char net_ns_buf[4096];
185 pthread_attr_t attr;
186 pthread_t threads[10];
187 struct thread_args args[10];
188 struct lxc_container *c;
189 int ret = EXIT_FAILURE;
190
191 c = lxc_container_new("owning-ns", NULL);
192 if (!c) {
193 lxc_error("%s", "Failed to create container \"owning-ns\"");
194 exit(ret);
195 }
196
197 if (c->is_defined(c)) {
198 lxc_error("%s\n", "Container \"owning-ns\" is defined");
199 goto on_error_put;
200 }
201
202 if (!c->createl(c, "busybox", NULL, NULL, 0, NULL)) {
203 lxc_error("%s\n", "Failed to create busybox container \"owning-ns\"");
204 goto on_error_put;
205 }
206
207 if (!c->is_defined(c)) {
208 lxc_error("%s\n", "Container \"owning-ns\" is not defined");
209 goto on_error_put;
210 }
211
212 c->clear_config(c);
213
214 if (!c->load_config(c, NULL)) {
215 lxc_error("%s\n", "Failed to load config for container \"owning-ns\"");
216 goto on_error_stop;
217 }
218
219 if (!c->want_daemonize(c, true)) {
220 lxc_error("%s\n", "Failed to mark container \"owning-ns\" daemonized");
221 goto on_error_stop;
222 }
223
224 if (!c->startl(c, 0, NULL)) {
225 lxc_error("%s\n", "Failed to start container \"owning-ns\" daemonized");
226 goto on_error_stop;
227 }
228
229 init_pid = c->init_pid(c);
230 if (init_pid < 0) {
231 lxc_error("%s\n", "Failed to retrieve init pid of container \"owning-ns\"");
232 goto on_error_stop;
233 }
234
235 /* record our ipc namespace */
236 ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/ipc", init_pid);
237 if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
238 lxc_error("%s\n", "Failed to create string for container \"owning-ns\"");
239 goto on_error_stop;
240 }
241
242 ret = readlink(proc_ns_path, ipc_ns_buf, sizeof(ipc_ns_buf));
243 if (ret < 0 || (size_t)ret >= sizeof(ipc_ns_buf)) {
244 lxc_error("%s\n", "Failed to retrieve ipc namespace for container \"owning-ns\"");
245 goto on_error_stop;
246
247 }
248 ipc_ns_buf[ret] = '\0';
249
250 /* record our net namespace */
251 ret = snprintf(proc_ns_path, sizeof(proc_ns_path), "/proc/%d/ns/net", init_pid);
252 if (ret < 0 || (size_t)ret >= sizeof(proc_ns_path)) {
253 lxc_error("%s\n", "Failed to create string for container \"owning-ns\"");
254 goto on_error_stop;
255 }
256
257 ret = readlink(proc_ns_path, net_ns_buf, sizeof(net_ns_buf));
258 if (ret < 0 || (size_t)ret >= sizeof(net_ns_buf)) {
259 lxc_error("%s\n", "Failed to retrieve ipc namespace for container \"owning-ns\"");
260 goto on_error_stop;
261 }
262 net_ns_buf[ret] = '\0';
263
264 sleep(5);
265
266 pthread_attr_init(&attr);
267
268 for (j = 0; j < 10; j++) {
269 lxc_debug("Starting namespace sharing test iteration %d\n", j);
270
271 for (i = 0; i < 10; i++) {
272 int ret;
273
274 args[i].thread_id = i;
275 args[i].success = false;
276 args[i].init_pid = init_pid;
277 args[i].inherited_ipc_ns = ipc_ns_buf;
278 args[i].inherited_net_ns = net_ns_buf;
279
280 ret = pthread_create(&threads[i], &attr, ns_sharing_wrapper, (void *) &args[i]);
281 if (ret != 0)
282 goto on_error_stop;
283 }
284
285 for (i = 0; i < 10; i++) {
286 int ret;
287
288 ret = pthread_join(threads[i], NULL);
289 if (ret != 0)
290 goto on_error_stop;
291
292 if (!args[i].success) {
293 lxc_error("ns sharing thread %d failed\n", args[i].thread_id);
294 goto on_error_stop;
295 }
296 }
297 }
298
299 ret = EXIT_SUCCESS;
300
301 on_error_stop:
302 if (c->is_running(c) && !c->stop(c))
303 lxc_error("%s\n", "Failed to stop container \"owning-ns\"");
304
305 if (!c->destroy(c))
306 lxc_error("%s\n", "Failed to destroy container \"owning-ns\"");
307
308 on_error_put:
309 lxc_container_put(c);
310 if (ret == EXIT_SUCCESS)
311 lxc_debug("%s\n", "All state namespace sharing tests passed");
312 exit(ret);
313 }
LXC mirror