commands: rsp_one_fd_{reap,keep}() and rsp_many_fds_reap()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: cleanup error handling and variable naming

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3697 from brauner/2021-02-25/fixes

commands: improvements and fixes

commands: port misnamed functions to general style

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: use debug logging

It is fine to fail these commands when a new client talks to an old server or
the kernel doesn't support the necessary features.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: add some more log and return helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: add logging to lxc-test-lxc-attach

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: improve lxc_cmd_get_tty_fd()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: rework lxc_cmd_rsp_recv() to make it more obvious

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

af_unix: allow caller and callee to negotiate expectations and reality

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add hweight*() helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: let lxc_cmd() return ssize_t to indicate that it returns not just 0 on success

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_limit_cgroup2_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_cgroup2_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_limit_cgroup_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_cgroup_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_unfreeze() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_freeze() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_seccomp_notify_add_listener() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_serve_state_clients() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_console_log() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_add_bpf_device_cgropu() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_add_state_client() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_lxcpath() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_name() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_get_tty_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_stop() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_state() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_config_item() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: portlxc_cmd_get_cgroup_path_do() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_clone_flags() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_cgroup_ctx() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_seccomp_notify_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_devpts_fd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_init_pidfd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_cmd_get_init_pid() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: port lxc_try_cmd() to new helpers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: add lxc_cmd_init() and lxc_cmd_data()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: s/lxc_cmd_init()/lxc_server_init()/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: switch to bool

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: use IN_SET() in lxc_cmd()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3695 from brauner/2021-02-24/fixes_3

commands: array hardening

commands: ensure that non-NULL and MAX_STATE is always passed

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: annotate array argument

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3694 from brauner/2021-02-24/fixes_2

commands: rework and add LXC_CMD_GET_CGROUP_FD and LXC_CMD_GET_LIMIT_CGROUP_FD

commands: s/LXC_CMD_CONSOLE/LXC_CMD_GET_TTY_FD/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: add LXC_CMD_GET_CGROUP_FD and LXC_CMD_GET_LIMIT_CGROUP_FD

and port cgroup_get() and cgroup_set(). This means no more useless cgroup
driver initialization on ever get or set.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: extend rsp_one_fd() to also handle additional data

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

file_utils: actually open the file for reading

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: set rsp.ret to 0 for lxc_cmd_get_cgroup_ctx_callback()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: s/cgroup_layout/layout/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: add LXC_CMD_GET_CGROUP_FD and LXC_CMD_GET_LIMIT_CGROUP_FD

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: s/_LIMITING_/_LIMIT_/g and s/_limiting_/_limit_/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: simplify lxc_cmd_get_cgroup_ctx()

Instead of allowing individual hierarchy fd retrieval through
lxc_cmd_get_cgroup_ctx() let's add a dedicated method instead.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: fix alignment for lxc_cmd_get_cgroup_ctx()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: handle fallback gracefully

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: make use of ERRNO_IS_NOT_SUPPORTED()

This will hopefully prevent backwards compatibility fallback errors.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

error_utils: copy over Lennart's IN_SET()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: tweak return values

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

error_utils: move error helper to separate header

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: simple variable reordering

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3692 from brauner/2021-02-23/fixes

build fix & cgroup braino

attach: be paranoid about file descriptors

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: fix braino during controller list creation

Co-mounted controllers are conventionally separated by ",".

Fixes: https://jenkins.linuxcontainers.org/job/lxd-github-commit/1905/arch=amd64,backend=dir,compiler=golang-1.15/consoleFull
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: remove faulty use of access attribute

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3691 from brauner/2021-02-23/fixes

Fix issues reported by Coverity

cgroups: fix error checking

Fixes: Coverity 1473310
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

af_unix: prevent oob writes

Fixes: Coverity 1473309
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: only deref once

Fixes: Coverity 1473308
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3690 from brauner/2021-02-21/fixes

attach: improve attaching of new clients to old servers

commands: handle old clients for LXC_CMD_GET_CGROUP_CTX

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: handle new and old clients

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: make fd sending more uniform

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

terminal: dumb logging down

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3689 from brauner/2021-02-21/fixes

cgroups: introduce fd-only cgroup attach via LXC_CMD_GET_CGROUP_CTX

attach: fix namespace preservation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: verify expected file descriptors were sent

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: handle older clients gracefully

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: remove additional newline

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

af_unix: add comment about cast

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: fix unsupported namespaces

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: lxc_cmd_add_state_client_callback()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: handle older clients elegantly

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: send ENOSYS response

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: introduce fd-only cgroup attach

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: introduce LXC_CMD_GET_CGROUP_CTX

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: add copy_struct_to_client()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: add syswarn_set()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: add copy_struct_from_client()

Which is our variant of copy_struct_from_user() that Aleksa and I added to the
kernel.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add min() macro

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: allow cgroup fd batch retrieval

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: add LXC_CMD_GET_CGROUP_FD

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: introduce rsp_many_fds()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: introduce rsp_one_fd()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: introduce lxc_cmd_rsp_send_reap()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: be more explicit during command processing

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

state: _never_ return NULL from lxc_state2str()

Cc: Thomas Parrott <thomas.parrott@canonical.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: add cgroup_fds() helper

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

af_unix: improve SCM_RIGHTS file descriptor retrieval

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: tweak validate_string_request()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>