3 * Copyright © 2014 Canonical, Inc
4 * Author: Serge Hallyn <serge.hallyn@ubuntu.com>
6 * See COPYING file for details.
10 * NOTES - make sure to run this as -s to avoid threading.
11 * TODO - can we enforce that here from the code?
13 #define FUSE_USE_VERSION 26
27 #include <nih/alloc.h>
28 #include <nih/string.h>
30 #include "cgmanager.h"
34 * a null-terminated, nih-allocated list of the mounted subsystems. We
35 * detect this at startup.
39 #define LXCFS_DATA ((struct lxcfs_state *) fuse_get_context()->private_data)
42 * Given a open file * to /proc/pid/{u,g}id_map, and an id
43 * valid in the caller's namespace, return the id mapped into
45 * Returns the mapped id, or -1 on error.
48 convert_id_to_ns(FILE *idfile
, unsigned int in_id
)
50 unsigned int nsuid
, // base id for a range in the idfile's namespace
51 hostuid
, // base id for a range in the caller's namespace
52 count
; // number of ids in this range
56 fseek(idfile
, 0L, SEEK_SET
);
57 while (fgets(line
, 400, idfile
)) {
58 ret
= sscanf(line
, "%u %u %u\n", &nsuid
, &hostuid
, &count
);
61 if (hostuid
+ count
< hostuid
|| nsuid
+ count
< nsuid
) {
63 * uids wrapped around - unexpected as this is a procfile,
66 fprintf(stderr
, "pid wrapparound at entry %u %u %u in %s",
67 nsuid
, hostuid
, count
, line
);
70 if (hostuid
<= in_id
&& hostuid
+count
> in_id
) {
72 * now since hostuid <= in_id < hostuid+count, and
73 * hostuid+count and nsuid+count do not wrap around,
74 * we know that nsuid+(in_id-hostuid) which must be
75 * less that nsuid+(count) must not wrap around
77 return (in_id
- hostuid
) + nsuid
;
86 * for is_privileged_over,
87 * specify whether we require the calling uid to be root in his
90 #define NS_ROOT_REQD true
91 #define NS_ROOT_OPT false
93 static bool is_privileged_over(pid_t pid
, uid_t uid
, uid_t victim
, bool req_ns_root
)
95 nih_local
char *fpath
= NULL
;
99 if (victim
== -1 || uid
== -1)
103 * If the request is one not requiring root in the namespace,
104 * then having the same uid suffices. (i.e. uid 1000 has write
105 * access to files owned by uid 1000
107 if (!req_ns_root
&& uid
== victim
)
110 fpath
= NIH_MUST( nih_sprintf(NULL
, "/proc/%d/uid_map", pid
) );
111 FILE *f
= fopen(fpath
, "r");
115 /* if caller's not root in his namespace, reject */
116 nsuid
= convert_id_to_ns(f
, uid
);
121 * If victim is not mapped into caller's ns, reject.
122 * XXX I'm not sure this check is needed given that fuse
123 * will be sending requests where the vfs has converted
125 nsuid
= convert_id_to_ns(f
, victim
);
136 static bool perms_include(int fmode
, mode_t req_mode
)
140 switch (req_mode
& O_ACCMODE
) {
148 r
= S_IROTH
| S_IWOTH
;
153 return ((fmode
& r
) == r
);
156 static char *get_next_cgroup_dir(const char *taskcg
, const char *querycg
)
160 if (strlen(taskcg
) <= strlen(querycg
)) {
161 fprintf(stderr
, "%s: I was fed bad input\n", __func__
);
165 if (strcmp(querycg
, "/") == 0)
166 start
= NIH_MUST( nih_strdup(NULL
, taskcg
+ 1) );
168 start
= NIH_MUST( nih_strdup(NULL
, taskcg
+ strlen(querycg
) + 1) );
169 end
= strchr(start
, '/');
176 * check whether a fuse context may access a cgroup dir or file
178 * If file is not null, it is a cgroup file to check under cg.
179 * If file is null, then we are checking perms on cg itself.
181 * For files we can check the mode of the list_keys result.
182 * For cgroups, we must make assumptions based on the files under the
183 * cgroup, because cgmanager doesn't tell us ownership/perms of cgroups
186 static bool fc_may_access(struct fuse_context
*fc
, const char *contrl
, const char *cg
, const char *file
, mode_t mode
)
188 nih_local
struct cgm_keys
**list
= NULL
;
197 if (!cgm_list_keys(contrl
, cg
, &list
))
199 for (i
= 0; list
[i
]; i
++) {
200 if (strcmp(list
[i
]->name
, file
) == 0) {
201 struct cgm_keys
*k
= list
[i
];
202 if (is_privileged_over(fc
->pid
, fc
->uid
, k
->uid
, NS_ROOT_OPT
)) {
203 if (perms_include(k
->mode
>> 6, mode
))
206 if (fc
->gid
== k
->gid
) {
207 if (perms_include(k
->mode
>> 3, mode
))
210 return perms_include(k
->mode
, mode
);
217 static void stripnewline(char *x
)
219 size_t l
= strlen(x
);
220 if (l
&& x
[l
-1] == '\n')
225 * If caller is in /a/b/c/d, he may only act on things under cg=/a/b/c/d.
226 * If caller is in /a, he may act on /a/b, but not on /b.
227 * if the answer is false and nextcg is not NULL, then *nextcg will point
228 * to a nih_alloc'd string containing the next cgroup directory under cg
230 static bool caller_is_in_ancestor(pid_t pid
, const char *contrl
, const char *cg
, char **nextcg
)
232 nih_local
char *fnam
= NULL
;
238 fnam
= NIH_MUST( nih_sprintf(NULL
, "/proc/%d/cgroup", pid
) );
239 if (!(f
= fopen(fnam
, "r")))
242 while (getline(&line
, &len
, f
) != -1) {
243 char *c1
, *c2
, *linecmp
;
246 c1
= strchr(line
, ':');
250 c2
= strchr(c1
, ':');
254 if (strcmp(c1
, contrl
) != 0)
259 * callers pass in '/' for root cgroup, otherwise they pass
260 * in a cgroup without leading '/'
262 linecmp
= *cg
== '/' ? c2
: c2
+1;
263 if (strncmp(linecmp
, cg
, strlen(linecmp
)) != 0) {
265 *nextcg
= get_next_cgroup_dir(linecmp
, cg
);
279 * given /cgroup/freezer/a/b, return "freezer". this will be nih-allocated
280 * and needs to be nih_freed.
282 static char *pick_controller_from_path(struct fuse_context
*fc
, const char *path
)
287 if (strlen(path
) < 9)
290 ret
= nih_strdup(NULL
, p1
);
293 slash
= strstr(ret
, "/");
297 /* verify that it is a subsystem */
298 char **list
= LXCFS_DATA
? LXCFS_DATA
->subsystems
: NULL
;
304 for (i
= 0; list
[i
]; i
++) {
305 if (strcmp(list
[i
], ret
) == 0)
313 * Find the start of cgroup in /cgroup/controller/the/cgroup/path
314 * Note that the returned value may include files (keynames) etc
316 static const char *find_cgroup_in_path(const char *path
)
320 if (strlen(path
) < 9)
322 p1
= strstr(path
+8, "/");
328 static bool is_child_cgroup(const char *contr
, const char *dir
, const char *f
)
330 nih_local
char **list
= NULL
;
338 if (!cgm_list_children(contr
, dir
, &list
))
340 for (i
= 0; list
[i
]; i
++) {
341 if (strcmp(list
[i
], f
) == 0)
348 static struct cgm_keys
*get_cgroup_key(const char *contr
, const char *dir
, const char *f
)
350 nih_local
struct cgm_keys
**list
= NULL
;
358 if (!cgm_list_keys(contr
, dir
, &list
))
360 for (i
= 0; list
[i
]; i
++) {
361 if (strcmp(list
[i
]->name
, f
) == 0) {
362 k
= NIH_MUST( nih_alloc(NULL
, (sizeof(*k
))) );
363 k
->name
= NIH_MUST( nih_strdup(k
, list
[i
]->name
) );
364 k
->uid
= list
[i
]->uid
;
365 k
->gid
= list
[i
]->gid
;
366 k
->mode
= list
[i
]->mode
;
374 static void get_cgdir_and_path(const char *cg
, char **dir
, char **file
)
378 *dir
= NIH_MUST( nih_strdup(NULL
, cg
) );
379 *file
= strrchr(cg
, '/');
384 p
= strrchr(*dir
, '/');
388 static size_t get_file_size(const char *contrl
, const char *cg
, const char *f
)
390 nih_local
char *data
= NULL
;
392 if (!cgm_get_value(contrl
, cg
, f
, &data
))
399 * FUSE ops for /cgroup
402 static int cg_getattr(const char *path
, struct stat
*sb
)
405 struct fuse_context
*fc
= fuse_get_context();
406 nih_local
char * cgdir
= NULL
;
407 char *fpath
= NULL
, *path1
, *path2
;
408 nih_local
struct cgm_keys
*k
= NULL
;
410 nih_local
char *controller
= NULL
;
416 memset(sb
, 0, sizeof(struct stat
));
418 if (clock_gettime(CLOCK_REALTIME
, &now
) < 0)
421 sb
->st_uid
= sb
->st_gid
= 0;
422 sb
->st_atim
= sb
->st_mtim
= sb
->st_ctim
= now
;
425 if (strcmp(path
, "/cgroup") == 0) {
426 sb
->st_mode
= S_IFDIR
| 00755;
431 controller
= pick_controller_from_path(fc
, path
);
434 cgroup
= find_cgroup_in_path(path
);
436 /* this is just /cgroup/controller, return it as a dir */
437 sb
->st_mode
= S_IFDIR
| 00755;
442 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
452 /* check that cgcopy is either a child cgroup of cgdir, or listed in its keys.
453 * Then check that caller's cgroup is under path if fpath is a child
454 * cgroup, or cgdir if fpath is a file */
456 if (is_child_cgroup(controller
, path1
, path2
)) {
457 if (!caller_is_in_ancestor(fc
->pid
, controller
, cgroup
, NULL
)) {
458 /* this is just /cgroup/controller, return it as a dir */
459 sb
->st_mode
= S_IFDIR
| 00555;
463 if (!fc_may_access(fc
, controller
, cgroup
, NULL
, O_RDONLY
))
466 // get uid, gid, from '/tasks' file and make up a mode
467 // That is a hack, until cgmanager gains a GetCgroupPerms fn.
468 sb
->st_mode
= S_IFDIR
| 00755;
469 k
= get_cgroup_key(controller
, cgroup
, "tasks");
471 sb
->st_uid
= sb
->st_gid
= 0;
480 if ((k
= get_cgroup_key(controller
, path1
, path2
)) != NULL
) {
481 if (!caller_is_in_ancestor(fc
->pid
, controller
, path1
, NULL
))
483 if (!fc_may_access(fc
, controller
, path1
, path2
, O_RDONLY
))
486 sb
->st_mode
= S_IFREG
| k
->mode
;
490 sb
->st_size
= get_file_size(controller
, path1
, path2
);
498 * TODO - cache these results in a table for use in opendir, free
501 static int cg_opendir(const char *path
, struct fuse_file_info
*fi
)
503 struct fuse_context
*fc
= fuse_get_context();
504 nih_local
struct cgm_keys
**list
= NULL
;
506 nih_local
char *controller
= NULL
;
507 nih_local
char *nextcg
= NULL
;
512 if (strcmp(path
, "/cgroup") == 0)
515 // return list of keys for the controller, and list of child cgroups
516 controller
= pick_controller_from_path(fc
, path
);
520 cgroup
= find_cgroup_in_path(path
);
522 /* this is just /cgroup/controller, return its contents */
526 if (!fc_may_access(fc
, controller
, cgroup
, NULL
, O_RDONLY
))
531 static int cg_readdir(const char *path
, void *buf
, fuse_fill_dir_t filler
, off_t offset
,
532 struct fuse_file_info
*fi
)
534 struct fuse_context
*fc
= fuse_get_context();
539 if (strcmp(path
, "/cgroup") == 0) {
540 // get list of controllers
541 char **list
= LXCFS_DATA
? LXCFS_DATA
->subsystems
: NULL
;
547 for (i
= 0; list
[i
]; i
++) {
548 if (filler(buf
, list
[i
], NULL
, 0) != 0) {
555 // return list of keys for the controller, and list of child cgroups
556 nih_local
struct cgm_keys
**list
= NULL
;
558 nih_local
char *controller
= NULL
;
560 nih_local
char *nextcg
= NULL
;
562 controller
= pick_controller_from_path(fc
, path
);
566 cgroup
= find_cgroup_in_path(path
);
568 /* this is just /cgroup/controller, return its contents */
572 if (!fc_may_access(fc
, controller
, cgroup
, NULL
, O_RDONLY
))
575 if (!cgm_list_keys(controller
, cgroup
, &list
))
576 // not a valid cgroup
579 if (!caller_is_in_ancestor(fc
->pid
, controller
, cgroup
, &nextcg
)) {
582 ret
= filler(buf
, nextcg
, NULL
, 0);
589 for (i
= 0; list
[i
]; i
++) {
590 if (filler(buf
, list
[i
]->name
, NULL
, 0) != 0) {
595 // now get the list of child cgroups
596 nih_local
char **clist
;
598 if (!cgm_list_children(controller
, cgroup
, &clist
))
600 for (i
= 0; clist
[i
]; i
++) {
601 if (filler(buf
, clist
[i
], NULL
, 0) != 0) {
608 static int cg_releasedir(const char *path
, struct fuse_file_info
*fi
)
613 static int cg_open(const char *path
, struct fuse_file_info
*fi
)
615 nih_local
char *controller
= NULL
;
617 char *fpath
= NULL
, *path1
, *path2
;
618 nih_local
char * cgdir
= NULL
;
619 nih_local
struct cgm_keys
*k
= NULL
;
620 struct fuse_context
*fc
= fuse_get_context();
625 controller
= pick_controller_from_path(fc
, path
);
628 cgroup
= find_cgroup_in_path(path
);
632 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
641 if ((k
= get_cgroup_key(controller
, path1
, path2
)) != NULL
) {
642 if (!fc_may_access(fc
, controller
, path1
, path2
, fi
->flags
))
643 // should never get here
646 /* TODO - we want to cache this info for read/write */
653 static int cg_read(const char *path
, char *buf
, size_t size
, off_t offset
,
654 struct fuse_file_info
*fi
)
656 nih_local
char *controller
= NULL
;
658 char *fpath
= NULL
, *path1
, *path2
;
659 struct fuse_context
*fc
= fuse_get_context();
660 nih_local
char * cgdir
= NULL
;
661 nih_local
struct cgm_keys
*k
= NULL
;
669 controller
= pick_controller_from_path(fc
, path
);
672 cgroup
= find_cgroup_in_path(path
);
676 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
685 if ((k
= get_cgroup_key(controller
, path1
, path2
)) != NULL
) {
686 nih_local
char *data
= NULL
;
689 if (!fc_may_access(fc
, controller
, path1
, path2
, O_RDONLY
))
690 // should never get here
693 if (!cgm_get_value(controller
, path1
, path2
, &data
))
699 memcpy(buf
, data
, s
);
707 int cg_write(const char *path
, const char *buf
, size_t size
, off_t offset
,
708 struct fuse_file_info
*fi
)
710 nih_local
char *controller
= NULL
;
712 char *fpath
= NULL
, *path1
, *path2
;
713 struct fuse_context
*fc
= fuse_get_context();
714 nih_local
char * cgdir
= NULL
;
715 nih_local
struct cgm_keys
*k
= NULL
;
723 controller
= pick_controller_from_path(fc
, path
);
726 cgroup
= find_cgroup_in_path(path
);
730 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
739 if ((k
= get_cgroup_key(controller
, path1
, path2
)) != NULL
) {
740 if (!fc_may_access(fc
, controller
, path1
, path2
, O_WRONLY
))
743 if (!cgm_set_value(controller
, path1
, path2
, buf
))
752 int cg_chown(const char *path
, uid_t uid
, gid_t gid
)
754 struct fuse_context
*fc
= fuse_get_context();
755 nih_local
char * cgdir
= NULL
;
756 char *fpath
= NULL
, *path1
, *path2
;
757 nih_local
struct cgm_keys
*k
= NULL
;
759 nih_local
char *controller
= NULL
;
765 if (strcmp(path
, "/cgroup") == 0)
768 controller
= pick_controller_from_path(fc
, path
);
771 cgroup
= find_cgroup_in_path(path
);
773 /* this is just /cgroup/controller */
776 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
786 if (is_child_cgroup(controller
, path1
, path2
)) {
787 // get uid, gid, from '/tasks' file and make up a mode
788 // That is a hack, until cgmanager gains a GetCgroupPerms fn.
789 k
= get_cgroup_key(controller
, cgroup
, "tasks");
792 k
= get_cgroup_key(controller
, path1
, path2
);
798 * This being a fuse request, the uid and gid must be valid
799 * in the caller's namespace. So we can just check to make
800 * sure that the caller is root in his uid, and privileged
801 * over the file's current owner.
803 if (!is_privileged_over(fc
->pid
, fc
->uid
, k
->uid
, NS_ROOT_REQD
))
806 if (!cgm_chown_file(controller
, cgroup
, uid
, gid
))
811 int cg_chmod(const char *path
, mode_t mode
)
813 struct fuse_context
*fc
= fuse_get_context();
814 nih_local
char * cgdir
= NULL
;
815 char *fpath
= NULL
, *path1
, *path2
;
816 nih_local
struct cgm_keys
*k
= NULL
;
818 nih_local
char *controller
= NULL
;
823 if (strcmp(path
, "/cgroup") == 0)
826 controller
= pick_controller_from_path(fc
, path
);
829 cgroup
= find_cgroup_in_path(path
);
831 /* this is just /cgroup/controller */
834 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
844 if (is_child_cgroup(controller
, path1
, path2
)) {
845 // get uid, gid, from '/tasks' file and make up a mode
846 // That is a hack, until cgmanager gains a GetCgroupPerms fn.
847 k
= get_cgroup_key(controller
, cgroup
, "tasks");
850 k
= get_cgroup_key(controller
, path1
, path2
);
856 * This being a fuse request, the uid and gid must be valid
857 * in the caller's namespace. So we can just check to make
858 * sure that the caller is root in his uid, and privileged
859 * over the file's current owner.
861 if (!is_privileged_over(fc
->pid
, fc
->uid
, k
->uid
, NS_ROOT_OPT
))
864 if (!cgm_chmod_file(controller
, cgroup
, mode
))
869 int cg_mkdir(const char *path
, mode_t mode
)
871 struct fuse_context
*fc
= fuse_get_context();
872 nih_local
struct cgm_keys
**list
= NULL
;
873 char *fpath
= NULL
, *path1
;
874 nih_local
char * cgdir
= NULL
;
876 nih_local
char *controller
= NULL
;
882 controller
= pick_controller_from_path(fc
, path
);
886 cgroup
= find_cgroup_in_path(path
);
890 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
896 if (!fc_may_access(fc
, controller
, path1
, NULL
, O_RDWR
))
900 if (!cgm_create(controller
, cgroup
, fc
->uid
, fc
->gid
))
906 static int cg_rmdir(const char *path
)
908 struct fuse_context
*fc
= fuse_get_context();
909 nih_local
struct cgm_keys
**list
= NULL
;
911 nih_local
char * cgdir
= NULL
;
913 nih_local
char *controller
= NULL
;
919 controller
= pick_controller_from_path(fc
, path
);
923 cgroup
= find_cgroup_in_path(path
);
927 get_cgdir_and_path(cgroup
, &cgdir
, &fpath
);
931 if (!fc_may_access(fc
, controller
, cgdir
, NULL
, O_WRONLY
))
934 if (!cgm_remove(controller
, cgroup
))
944 static int proc_meminfo_read(char *buf
, size_t size
, off_t offset
,
945 struct fuse_file_info
*fi
)
951 * Read the cpuset.cpus for cg
952 * Return the answer in a nih_alloced string
954 static char *get_cpuset(const char *cg
)
958 if (!cgm_get_value("cpuset", cg
, "cpuset.cpus", &answer
))
964 * Helper functions for cpuset_in-set
966 char *cpuset_nexttok(const char *c
)
968 char *r
= strchr(c
+1, ',');
974 int cpuset_getrange(const char *c
, int *a
, int *b
)
978 ret
= sscanf(c
, "%d-%d", a
, b
);
983 * cpusets are in format "1,2-3,4"
984 * iow, comma-delimited ranges
986 static bool cpuset_in_set(const char *line
, const char *cpuset
)
991 if (sscanf(line
, "processor : %d", &cpu
) != 1)
993 for (c
= cpuset
; c
; c
= cpuset_nexttok(c
)) {
996 ret
= cpuset_getrange(c
, &a
, &b
);
997 if (ret
== 1 && cpu
== a
)
999 if (ret
!= 2) // bad cpuset!
1001 if (cpu
>= a
&& cpu
<= b
)
1009 * check whether this is a '^processor" line in /proc/cpuinfo
1011 static bool is_processor_line(const char *line
)
1015 if (sscanf(line
, "processor : %d", &cpu
) == 1)
1020 static char *get_pid_cgroup(pid_t pid
, const char *contrl
)
1022 nih_local
char *fnam
= NULL
;
1024 char *answer
= NULL
;
1028 fnam
= NIH_MUST( nih_sprintf(NULL
, "/proc/%d/cgroup", pid
) );
1029 if (!(f
= fopen(fnam
, "r")))
1032 while (getline(&line
, &len
, f
) != -1) {
1036 c1
= strchr(line
, ':');
1040 c2
= strchr(c1
, ':');
1044 if (strcmp(c1
, contrl
) != 0)
1048 answer
= NIH_MUST( nih_strdup(NULL
, c2
) );
1058 static int proc_cpuinfo_read(char *buf
, size_t size
, off_t offset
,
1059 struct fuse_file_info
*fi
)
1061 struct fuse_context
*fc
= fuse_get_context();
1062 nih_local
char *cg
= get_pid_cgroup(fc
->pid
, "cpuset");
1063 nih_local
char *cpuset
= NULL
;
1065 size_t linelen
= 0, total_len
= 0;
1066 bool am_printing
= false;
1076 cpuset
= get_cpuset(cg
);
1080 f
= fopen("/proc/cpuinfo", "r");
1084 while (getline(&line
, &linelen
, f
) != -1) {
1086 if (is_processor_line(line
)) {
1087 am_printing
= cpuset_in_set(line
, cpuset
);
1090 l
= snprintf(buf
, size
, "processor : %d\n", curcpu
);
1098 l
= snprintf(buf
, size
, "%s", line
);
1108 static int proc_stat_read(char *buf
, size_t size
, off_t offset
,
1109 struct fuse_file_info
*fi
)
1114 static int proc_uptime_read(char *buf
, size_t size
, off_t offset
,
1115 struct fuse_file_info
*fi
)
1120 static off_t
get_procfile_size(const char *which
)
1122 FILE *f
= fopen(which
, "r");
1125 ssize_t sz
, answer
= 0;
1129 while ((sz
= getline(&line
, &len
, f
)) != -1)
1136 static int proc_getattr(const char *path
, struct stat
*sb
)
1138 struct timespec now
;
1140 memset(sb
, 0, sizeof(struct stat
));
1141 if (clock_gettime(CLOCK_REALTIME
, &now
) < 0)
1143 sb
->st_uid
= sb
->st_gid
= 0;
1144 sb
->st_atim
= sb
->st_mtim
= sb
->st_ctim
= now
;
1145 if (strcmp(path
, "/proc") == 0) {
1146 sb
->st_mode
= S_IFDIR
| 00555;
1150 if (strcmp(path
, "/proc/meminfo") == 0 ||
1151 strcmp(path
, "/proc/cpuinfo") == 0 ||
1152 strcmp(path
, "/proc/uptime") == 0 ||
1153 strcmp(path
, "/proc/stat") == 0) {
1155 sb
->st_size
= get_procfile_size(path
);
1156 sb
->st_mode
= S_IFREG
| 00444;
1164 static int proc_readdir(const char *path
, void *buf
, fuse_fill_dir_t filler
, off_t offset
,
1165 struct fuse_file_info
*fi
)
1167 if (filler(buf
, "cpuinfo", NULL
, 0) != 0 ||
1168 filler(buf
, "meminfo", NULL
, 0) != 0 ||
1169 filler(buf
, "stat", NULL
, 0) != 0 ||
1170 filler(buf
, "uptime", NULL
, 0) != 0)
1175 static int proc_open(const char *path
, struct fuse_file_info
*fi
)
1177 if (strcmp(path
, "/proc/meminfo") == 0 ||
1178 strcmp(path
, "/proc/cpuinfo") == 0 ||
1179 strcmp(path
, "/proc/uptime") == 0 ||
1180 strcmp(path
, "/proc/stat") == 0)
1185 static int proc_read(const char *path
, char *buf
, size_t size
, off_t offset
,
1186 struct fuse_file_info
*fi
)
1188 if (strcmp(path
, "/proc/meminfo") == 0)
1189 return proc_meminfo_read(buf
, size
, offset
, fi
);
1190 if (strcmp(path
, "/proc/cpuinfo") == 0)
1191 return proc_cpuinfo_read(buf
, size
, offset
, fi
);
1192 if (strcmp(path
, "/proc/uptime") == 0)
1193 return proc_uptime_read(buf
, size
, offset
, fi
);
1194 if (strcmp(path
, "/proc/stat") == 0)
1195 return proc_stat_read(buf
, size
, offset
, fi
);
1201 * these just delegate to the /proc and /cgroup ops as
1205 static int lxcfs_getattr(const char *path
, struct stat
*sb
)
1207 if (strcmp(path
, "/") == 0) {
1208 sb
->st_mode
= S_IFDIR
| 00755;
1212 if (strncmp(path
, "/cgroup", 7) == 0) {
1213 return cg_getattr(path
, sb
);
1215 if (strncmp(path
, "/proc", 5) == 0) {
1216 return proc_getattr(path
, sb
);
1221 static int lxcfs_opendir(const char *path
, struct fuse_file_info
*fi
)
1223 if (strcmp(path
, "/") == 0)
1226 if (strncmp(path
, "/cgroup", 7) == 0) {
1227 return cg_opendir(path
, fi
);
1229 if (strcmp(path
, "/proc") == 0)
1234 static int lxcfs_readdir(const char *path
, void *buf
, fuse_fill_dir_t filler
, off_t offset
,
1235 struct fuse_file_info
*fi
)
1237 if (strcmp(path
, "/") == 0) {
1238 if (filler(buf
, "proc", NULL
, 0) != 0 ||
1239 filler(buf
, "cgroup", NULL
, 0) != 0)
1243 if (strncmp(path
, "/cgroup", 7) == 0)
1244 return cg_readdir(path
, buf
, filler
, offset
, fi
);
1245 if (strcmp(path
, "/proc") == 0)
1246 return proc_readdir(path
, buf
, filler
, offset
, fi
);
1250 static int lxcfs_releasedir(const char *path
, struct fuse_file_info
*fi
)
1252 if (strcmp(path
, "/") == 0)
1254 if (strncmp(path
, "/cgroup", 7) == 0) {
1255 return cg_releasedir(path
, fi
);
1257 if (strcmp(path
, "/proc") == 0)
1262 static int lxcfs_open(const char *path
, struct fuse_file_info
*fi
)
1264 if (strncmp(path
, "/cgroup", 7) == 0)
1265 return cg_open(path
, fi
);
1266 if (strncmp(path
, "/proc", 5) == 0)
1267 return proc_open(path
, fi
);
1272 static int lxcfs_read(const char *path
, char *buf
, size_t size
, off_t offset
,
1273 struct fuse_file_info
*fi
)
1275 if (strncmp(path
, "/cgroup", 7) == 0)
1276 return cg_read(path
, buf
, size
, offset
, fi
);
1277 if (strncmp(path
, "/proc", 5) == 0)
1278 return proc_read(path
, buf
, size
, offset
, fi
);
1283 int lxcfs_write(const char *path
, const char *buf
, size_t size
, off_t offset
,
1284 struct fuse_file_info
*fi
)
1286 if (strncmp(path
, "/cgroup", 7) == 0) {
1287 return cg_write(path
, buf
, size
, offset
, fi
);
1293 static int lxcfs_flush(const char *path
, struct fuse_file_info
*fi
)
1298 static int lxcfs_release(const char *path
, struct fuse_file_info
*fi
)
1303 static int lxcfs_fsync(const char *path
, int datasync
, struct fuse_file_info
*fi
)
1308 int lxcfs_mkdir(const char *path
, mode_t mode
)
1310 if (strncmp(path
, "/cgroup", 7) == 0)
1311 return cg_mkdir(path
, mode
);
1316 int lxcfs_chown(const char *path
, uid_t uid
, gid_t gid
)
1318 if (strncmp(path
, "/cgroup", 7) == 0)
1319 return cg_chown(path
, uid
, gid
);
1325 * cat first does a truncate before doing ops->write. This doesn't
1326 * really make sense for cgroups. So just return 0 always but do
1329 int lxcfs_truncate(const char *path
, off_t newsize
)
1331 if (strncmp(path
, "/cgroup", 7) == 0)
1336 int lxcfs_rmdir(const char *path
)
1338 if (strncmp(path
, "/cgroup", 7) == 0)
1339 return cg_rmdir(path
);
1343 int lxcfs_chmod(const char *path
, mode_t mode
)
1345 if (strncmp(path
, "/cgroup", 7) == 0)
1346 return cg_chmod(path
, mode
);
1350 const struct fuse_operations lxcfs_ops
= {
1351 .getattr
= lxcfs_getattr
,
1355 .mkdir
= lxcfs_mkdir
,
1357 .rmdir
= lxcfs_rmdir
,
1361 .chmod
= lxcfs_chmod
,
1362 .chown
= lxcfs_chown
,
1363 .truncate
= lxcfs_truncate
,
1368 .release
= lxcfs_release
,
1369 .write
= lxcfs_write
,
1372 .flush
= lxcfs_flush
,
1373 .fsync
= lxcfs_fsync
,
1378 .removexattr
= NULL
,
1380 .opendir
= lxcfs_opendir
,
1381 .readdir
= lxcfs_readdir
,
1382 .releasedir
= lxcfs_releasedir
,
1393 static void usage(const char *me
)
1395 fprintf(stderr
, "Usage:\n");
1396 fprintf(stderr
, "\n");
1397 fprintf(stderr
, "%s [FUSE and mount options] mountpoint\n", me
);
1401 static bool is_help(char *w
)
1403 if (strcmp(w
, "-h") == 0 ||
1404 strcmp(w
, "--help") == 0 ||
1405 strcmp(w
, "-help") == 0 ||
1406 strcmp(w
, "help") == 0)
1411 int main(int argc
, char *argv
[])
1414 struct lxcfs_state
*d
;
1416 if (argc
< 2 || is_help(argv
[1]))
1419 d
= malloc(sizeof(*d
));
1423 if (!cgm_escape_cgroup())
1424 fprintf(stderr
, "WARNING: failed to escape to root cgroup\n");
1426 if (!cgm_get_controllers(&d
->subsystems
))
1429 ret
= fuse_main(argc
, argv
, &lxcfs_ops
, d
);