af_unix: add lxc_unix_connect_type

we want to use SOCK_SEQPACKET and in the future perhaps
SOCK_DATAGRAM as well

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

af_unix: add lxc_abstract_unix_recv_fds_iov()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

af_unix: add lxc_abstract_unix_send_fds_iov

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Merge pull request #3085 from Blub/pidfd_send_signal-fixup

pidf_send_signal: fix return value

pidf_send_signal: fix return value

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>

Merge pull request #3083 from brauner/2019-07-07/mount_api

lxccontainer: properly cleanup on mount injection failure

lxccontainer: properly cleanup on mount injection failure

Closes: #3082
Reported-by: Stéphane Graber <stgraber@ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3081 from brauner/2019-07-05/network_unification_fixes

start: call lxc_find_gateway_addresses early

start: call lxc_find_gateway_addresses early

This restores the lxc.net.x.ipv4.gateway = auto and
lxc.net.x.ipv6.gateway = auto functionality.

When the child is created the parent and child have different views of
struct lxc_handler since - obviously - virtual memory is duplicated. So any
changes to done by the parent that the child should see need to be IPCed to it.
For any non-actual device creation stuff this does not make much sense. This
includes finding gateway addresses. Move it back prior to clone().

Fixes #3078

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>
[christian.brauner@ubuntu.com: non-functional changes and update commit message]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3077 from brauner/2019-07-03/network_fixes

network: simplify lxc_network_move_created_netdev_priv()

network: simplify lxc_network_move_created_netdev_priv()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3076 from brauner/2019-07-03/network_fixes

network: fixes after unifying network creation

network: send names for all non-trivial network types

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: record created_name for instantiate_phys()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: simplify instantiate_phys()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: record created_name for instantiate_vlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: simplify instantiate_vlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: record created_name for instantiate_ipvlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: simplify instantiate_ipvlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: stash created_name in instantiate_macvlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: simplify instantiate_macvlan()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: s/loDev/loop_device/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3075 from brauner/2019-07-03/cgroups

cgroups: hande cpuset initialization race

cgroups: hande cpuset initialization race

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3074 from brauner/2019-07-03/fix_phys_network_creation

network: remove faulty restriction

network: remove faulty restriction

Reported-by: Thomas Parrott <thomas.parrott@canonical.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3069 from brauner/2019-07-01/network_creation

start: unify network creation

start: expose LXC_PID to network hooks too

Closes #3066.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: unify and simplify network creation

Make sure that network creation happens at the same time for containers started
by privileged and unprivileged users. The only reason we didn't do this so far
was to avoid sending network device ifindices around in the privileged case.

Link: https://github.com/lxc/lxc/issues/3066
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3064 from brauner/2019-06-27/cleanup_macros

bugfixes

Merge pull request #3059 from brauner/2019-06-21/seccomp_notify

lxccontainer: rework seccomp notify api function

Merge pull request #3067 from Rachid-Koucha/patch-1

Move code/variable in smaller scope

Move code/variable in smaller scope

In start.c, do not fill path[] table if not necessary

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

Merge pull request #3065 from lifeng68/fix_memory_leak

fix memory leak in do_storage_create

fix memory leak in do_storage_create

Signed-off-by: LiFeng <lifeng68@huawei.com>

cgroups: move variable into tighter scope

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: correctly order variables

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: move variable into tighter scope

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: simplify cgfsng_nrtasks()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: move variable into tighter scope

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: move variable into tighter scope

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: use __do_free in cgfsng_attach()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: simplify cgfsng_setup_limits()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: move variables into tighter scope

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: use __do_free

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3063 from lifeng68/fix_memory_leak

cgfsng: fix memory leak in lxc_cpumask_to_cpulist

cgfsng: fix memory leak in lxc_cpumask_to_cpulist

Signed-off-by: LiFeng <lifeng68@huawei.com>

lxccontainer: rework seccomp notify api function

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3056 from brauner/2019-06-20/cpuset

cgfsng: write cpuset.mems of correct ancestor

cgfsng: write cpuset.mems of correct ancestor

Reported-by: Free Ekanayaka <free.ekanayaka@canonical.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3052 from tanyifeng/fd_leak

parse.c: fix fd leak from memfd_create

parse.c: fix fd leak from memfd_create

Signed-off-by: t00416110 <tanyifeng1@huawei.com>

Merge pull request #3050 from hallyn/pkgconfig

lxc.pc.in: add libs.private for static linking

lxc.pc.in: add libs.private for static linking

None of them seem to support pkg-config themselves, else we could add
them to Requires.private.

Signed-off-by: Serge Hallyn <shallyn@cisco.com>

Merge pull request #3047 from Rachid-Koucha/patch-11

Fixed file descriptor leak for network namespace

Fixed file descriptor leak for network namespace

In privileged mode, the container startup looses a file descriptor for "handler->nsfd[LX_NS_NET]". At line 1782, we preserve the namespaces file descriptor (in privileged mode, the network namespace is also preserved) :
for (i = 0; i < LXC_NS_MAX; i++)
if (handler->ns_on_clone_flags & ns_info[i].clone_flag)
INFO("Cloned %s", ns_info[i].flag_name);

if (!lxc_try_preserve_namespaces(handler, handler->ns_on_clone_flags, handler->pid)) {
ERROR("Failed to preserve cloned namespaces for lxc.hook.stop");
goto out_delete_net;
}

Then at line 1830, we preserve one more time the network namespace :
ret = lxc_try_preserve_ns(handler->pid, "net");
if (ret < 0) {
if (ret != -EOPNOTSUPP) {
SYSERROR("Failed to preserve net namespace");
goto out_delete_net;
}
The latter overwrites the file descriptor already stored in handler->nsfd[LXC_NS_NET] at line 1786.

So, this fix checks that the entry is not already filled.

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

Merge pull request #3045 from hallyn/2019-06-13/openssl

[RFC\ Switch from gnutls to openssl for sha1

Merge pull request #3046 from brauner/lxc/master

network: fix lxc_netdev_rename_by_index()

network: fix lxc_netdev_rename_by_index()

Return an error code when the name is invalid instead of pretending that things
are fine.

Closes #3044.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Switch from gnutls to openssl for sha1

The reason for this is because openssl can be statically linked
against, gnutls cannot.

Signed-off-by: Serge Hallyn <shallyn@cisco.com>

Merge pull request #3042 from tenforward/japanese

doc: add a note about shared ns + LSMs to Japanese doc

doc: add a note about shared ns + LSMs to Japanese doc

Update for commit 8de90384363fe01f5258d36724dd3eae55918b5b

Signed-off-by: KATOH Yasufumi <karma@jazz.email.ne.jp>

Merge pull request #3041 from brauner/2019-06-12/seccomp_notify_fixes

seccomp: do not set SECCOMP_FILTER_FLAG_NEW_LISTENER

Merge pull request #3040 from Rachid-Koucha/patch-11

Centralize hook names

seccomp: do not set SECCOMP_FILTER_FLAG_NEW_LISTENER

Do not set SECCOMP_FILTER_FLAG_NEW_LISTENER as seccomp attribute.
Prior to libseccomp merging support for SECCOMP_RET_USER_NOTIF there was a
libseccomp specific attribute that needed to be set before
SECCOMP_RET_USER_NOTIF could be used. This has been removed.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Centralize hook names

The hook string names must not be repeated in the source code to facilitate future changes

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

Merge pull request #3039 from brauner/master

seccomp: add ifdefine for SECCOMP_FILTER_FLAG_NEW_LISTENER

seccomp: add ifdefine for SECCOMP_FILTER_FLAG_NEW_LISTENER

So that we can deal with older kernels.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3038 from brauner/master

seccomp: s/SCMP_FLTATR_NEW_LISTENER/SECCOMP_FILTER_FLAG_NEW_LISTENER/g

seccomp: s/SCMP_FLTATR_NEW_LISTENER/SECCOMP_FILTER_FLAG_NEW_LISTENER/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3037 from brauner/master

seccomp: align with upstream libseccomp

seccomp: s/HAVE_DECL_SECCOMP_NOTIF_GET_FD/HAVE_DECL_SECCOMP_NOTIFY_FD/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: /sseccomp_notif_free/seccomp_notify_free/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/seccomp_notif_alloc/seccomp_notify_alloc/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/seccomp_notif_id_valid/seccomp_notify_id_valid/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/seccomp_notif_send_resp/seccomp_notify_respond/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/seccomp_notif_receive/seccomp_notify_receive/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/seccomp_notif_get_fd/seccomp_notify_fd/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: s/SCMP_ACT_USER_NOTIF/SCMP_ACT_NOTIFY/g

Align with upstream libseccomp.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3032 from promlow/lxcbasename_fix

proposed fix for #2892 - fix lxcbasename in lxc/lxccontainer.c

Merge pull request #3034 from brauner/2019-06-05/boot_id

start: generate new boot id on container start

start: generate new boot id on container start

Closes #3027.

BugLink: https://bugs.launchpad.net/bugs/1831258
Cc: Dimitri John Ledkov <xnox@ubuntu.com>
Cc: Scott Moser <smoser@ubuntu.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

proposed fix for #2892 - fix lxcbasename in lxc/lxccontainer.c

Signed-off-by: Paul Romlow <paul@romlow.com>

Merge pull request #3029 from brauner/2019-06-05/fix_offline_cpus

cgroups: prevent segfault

Merge pull request #3031 from Rachid-Koucha/patch-11

Make /tmp accessible to any user

Make /tmp accessible to any user

/tmp created with "rwxrwxrwt" mode

Signed-off-by: Rachid Koucha <rachid.koucha@gmail.com>

cgroups: prevent segfault

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3028 from lifeng68/fix_memory_leak

start: fix handler memory leak at lxc_init failed

start: fix handler memory leak at lxc_init failed

Signed-off-by: LiFeng <lifeng68@huawei.com>

Merge pull request #3026 from xmcqueen/master

lxc_usernsexec: continuing after unshare fails leads to confusing and…

lxc_usernsexec: continuing after unshare fails leads to confusing and misleading error messages

Signed-off-by: Brian McQueen <bmcqueen@linkedin.com>

Merge pull request #3014 from brauner/2019-05-24/cgroups_handle_offline_cpus

cgroups: handle offline cpus in v1 hierarchy

Merge pull request #3024 from avkvl/fix_groups_with_a_lot_of_members

lxc-user-net: Failed to convert string " Failed to get group name" to integer

getgrgid_r fails with ERANGE if buffer is too small. Retry with a larger buffer.

Signed-off-by: Alexander Kriventsov <akriventsov@nic.ru>

Merge pull request #3018 from tych0/comment-stack-size

lxc_clone: add a comment about stack size

lxc_clone: add a comment about stack size

Signed-off-by: Tycho Andersen <tycho@tycho.ws>

Merge pull request #2987 from tych0/pass-zero-to-clone

Pass zero to clone

lxc_clone: bump stack size to 8MB

This is the default thread size for glibc, so it is reasonable to match
that when we clone().

Mostly this is a science experiment suggested by brauner, and who doesn't
love science?

Signed-off-by: Tycho Andersen <tycho@tycho.ws>

Merge pull request #3015 from avkvl/issue-2765

fix issue 2765

fix issue 2765

Signed-off-by: Alexander Kriventsov <akriventsov@nic.ru>