syscalls: wrap personality syscall if undefined

There's no need to making personality handling conditional as it has
been around for such a long time that only weird systems wouldn't have
support for it. And especially if the user requested a specific
personality to be set but the system doesn't support the personality
syscall we should loudly fail instead of moving on.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: log at debug not info level when receiving file descriptors

Don't spam the logs because we do receive a lot of file descriptors.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: make per_name struct static

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: get around GCC-11 false positives

by getting rid of stpncpy

Tested with gcc (GCC) 11.1.1 20210428 (Red Hat 11.1.1-1)

Closes https://github.com/lxc/lxc/issues/3752

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

github: also pass the j option to make

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

github: remove the dh-* packages

We don't build any packages there so it seems we don't need
those packages any more. Apart from that, it should make the
script work on Ubuntu Hirsute where dh-systemd was merged into
debhelper and is no longer available.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

github: Run apt-get update in sanitizer test

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

conf: fix console chmod error log messages

Signed-off-by: Aaron Thompson <dev@aaront.org>

oss-fuzz: always turn off logging on OSS-Fuzz

Apparently /proc/self/cmd can't be used (reliably) on OSS-Fuzz to figure out
whether the code is run inside the fuzz targets, which causes the
fuzz targets to fill the filesystem with log files.

Related: https://github.com/google/oss-fuzz/issues/5509
Should address https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33835

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Release LXC 4.0.8

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

cgroups: fix fallback attach codepath

When we attach to an old server the server can return ENOSYS instead of
ENOCGROUP2 which causes LXC to abort the attach unnecessary. Fix this!

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage: fix dup_cloexec() call

Fixes: Coverity 1477399
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Release LXC 4.0.7

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

api-extensions: add entry for idmapped_mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: cleanup mount code

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: remove error handling down

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: source can't be empty

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: use "source" and "target" as terms

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: retrieve proper source path later

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: use clear error messages

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage/dir: bdev->dest can't be empty

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

dir: use mnt_opts->data instead of mntdata

Fixes: https://launchpadlibrarian.net/535845165/buildlog_ubuntu-focal-s390x.lxc_1%3A4.0.6+master~20210427-2321-0ubuntu1~focal_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

build-system: turn off lto=thin when building the fuzzers

With lto=thin the fuzzers fail as soon as they start with
```
ERROR: The size of coverage PC tables does not match the
number of instrumented PCs. This might be a compiler bug,
please contact the libFuzzer developers.
Also check https://bugs.llvm.org/show_bug.cgi?id=34636
for possible workarounds (tl;dr: don't use the old GNU ld)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: run the fuzzers along with the other tests

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

log: create log files in "fuzzing" mode if it's called outside fuzz targets

to make it possible to run the fuzzers along with the other tests

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: switch to --enable-fuzzers

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

build-system: add --enable-fuzzers

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

conf: improve idmapped mounts support

Setting up a detached idmapped mount is a privileged operation, mounting
it doesn't have to be.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: s/lxc_rootfs_prepare/lxc_rootfs_init/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: move all mount options into struct lxc_mount_options

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: stash lxc_storage into lxc_rootfs and bind to its lifetime

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

configure: fix function detection

Fixes: #3809
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

dir: fix rootfs mounting

We need to be able to lookup symlinks and allow xdev.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't overrun dest buffer in parse_lxc_mntopts()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: better naming

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

getsubopt: use correct include

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Makefile: fix strchrnul() inclusion

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: include strchrnul for platforms that don't support it

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

strchrnul: include header

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't allow idmapped lxc.mount.{entry,fstab} just yet

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: tweak parse_lxc_mntopts()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

apparmor:  handle on-exec

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: use correct lxc_namespace_t type

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: visually separate pids from fds during initalization

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: verify that the rootfs can support idmapped mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: documented idmapped mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

mount_utils: add two detached mount helpers

They'll come in handy in the future.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: support idmapping directories

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

mount_utils: add helper to determine whether new mount api supports bind mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage: keep a reference to lxc_rootfs in lxc_storage

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

mount_utils: add support for mount_setattr() syscall

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: parse idmap=<path> mount option for rootfs

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: add first, trivial support for idmapped mounts

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: rework lxc specific mount option parsing

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

seccomp: init and destroy notifier.cookie

It's a follow-up to 84cf6d259b24e4ad48e

Closes https://github.com/lxc/lxc/issues/3806

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

autoconf: stop passing -fsanitize=address via AM_LDFLAGS

The snippet is redundant because the build system automatically
passes the sanitizers flags set in AM_CFLAGS to the linker

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: get rid of the -static-libasan stopgap

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

build-system: stop building init.lxc.static with sanitizers

`-static` isn't compatible with `-fsanitize=`:
```
gcc: error: cannot specify -static with -fsanitize=address
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

autoconf: add AC_LANG_SOURCE to CC_CHECK_LDFLAGS

Inspired by https://lore.kernel.org/alsa-devel/18135209-abc9-ca1c-84e0-8ac3e75caaf1@perex.cz/t/

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: make use of --enable-sanitizers instead of CFLAGS

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: free the buffer filled by lxc_cmd_rsp_recv

Fixes https://github.com/lxc/lxc/issues/3796

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Revert "ci: get around https://github.com/lxc/lxc/issues/3796"

This reverts commit 44818e893e68e6e76652323ff4f12c9214d2ffa7.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: build with -Wall -Werror

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: turn on strict_string_checks

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: get around https://github.com/lxc/lxc/issues/3796

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: prevent lxc-exercise from running indefinitely

and show all the commands it runs to make it easier to
debug potential issues.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: get around https://github.com/lxc/lxc/issues/3788

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: get around https://github.com/lxc/lxc/issues/3798

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: switch to lxc-exercise from the lxc-ci repository

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: link lib[au]san with init.lxc.static statically

init.lxc.static is run in arbitrary containers where the libasan library lxc has been built with
isn't always installed. To make it work let's override GCC's default and link both libasan
and libubsan statically. It should help to fix issues like
```
++ lxc-execute -n c1 -- sudo -u ubuntu /nnptest
lxc-init: error while loading shared libraries: libasan.so.5: cannot open shared object file: No such file or directory
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: an attempt to run the tests under ASan/UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

apparmor: turn bytes into null-terminated strings before calling strcspn

```
==70349==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000009fb at pc 0x000000433b70 bp 0x7ffcde087810 sp 0x7ffcde086fd0
READ of size 12 at 0x6020000009fb thread T0
    #0 0x433b6f in strcspn (/usr/bin/lxc-execute+0x433b6f)
    #1 0x7f720413a5cb in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:449:8
    #2 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #3 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #4 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #5 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #6 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #7 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #8 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
    #9 0x7f72034ac0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #10 0x41d93d in _start (/usr/bin/lxc-execute+0x41d93d)
+ echo ---

0x6020000009fb is located 0 bytes to the right of 11-byte region [0x6020000009f0,0x6020000009fb)
allocated by thread T0 here:
    #0 0x496399 in realloc (/usr/bin/lxc-execute+0x496399)
    #1 0x7f7203fcf85c in fd_to_buf /home/runner/work/lxc/lxc/src/lxc/file_utils.c:463:10
    #2 0x7f720413a52b in apparmor_process_label_get /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:442:8
    #3 0x7f720413bc2a in apparmor_prepare /home/runner/work/lxc/lxc/src/lxc/lsm/apparmor.c:1104:13
    #4 0x7f720409b6e9 in lxc_init /home/runner/work/lxc/lxc/src/lxc/start.c:848:8
    #5 0x7f72040a395a in __lxc_start /home/runner/work/lxc/lxc/src/lxc/start.c:2009:8
    #6 0x7f7203fc7186 in lxc_execute /home/runner/work/lxc/lxc/src/lxc/execute.c:99:9
    #7 0x7f7204000e44 in do_lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1112:9
    #8 0x7f7203ff0c07 in lxcapi_start /home/runner/work/lxc/lxc/src/lxc/lxccontainer.c:1149:8
    #9 0x4c6912 in main /home/runner/work/lxc/lxc/src/lxc/tools/lxc_execute.c:224:9
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

commands: don't needlessly allocate

Fixes: #3796
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

process_utils: free stack after return

Fixes: #3789
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

configure: fix sanitizer compilation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

error_utils: add missing macro.h include

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: pass on ASAN/UBSAN options to several tests

to make it easier to run them under ASan/UBSan.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: stop cutting off right square brackets in share_ns

Closes https://github.com/lxc/lxc/issues/3791

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: switch to the "busybox" template in lxc-test-checkpoint-restore

criu can't seem to dump systemd-logind used in Ubuntu due to what appears to be
https://github.com/checkpoint-restore/criu/issues/1430.
Let's switch to busybox where all the processes hopefully can be dumped.

Closes https://github.com/lxc/lxc/issues/3792

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

lxccontainer: fix container creation error paths

Fixes: #3782
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: fix a memory leak in attach

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in cgpath

```
==131188==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 568 byte(s) in 1 object(s) allocated from:
    #0 0x7f8918943bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
    #1 0x7f89181ee5a3 in lxc_container_new /home/vagrant/lxc/src/lxc/lxccontainer.c:5264
    #2 0x55ffc5022869 in test_container /home/vagrant/lxc/src/tests/cgpath.c:176
    #3 0x55ffc5023023 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #4 0x7f891709e0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Revert "confile: make lxc_get_config() and lxc_get_config_net() always return non-NULL"

This reverts commit 674791ed75c53fb18c5823c5807876bde4865616.

Our stable queue tool somehow still listed this patch as pending when it
had already been applied earlier.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: fix a memory leak in lxcpath

```
$ sudo ./src/tests/lxc-test-lxcpath

=================================================================
==95911==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 39 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680c30 in main /home/vagrant/lxc/src/tests/lxcpath.c:49
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x56296168115e in main /home/vagrant/lxc/src/tests/lxcpath.c:77
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7effafc8d3dd in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x963dd)
    #1 0x7effaf5a2de6 in lxcapi_config_file_name /home/vagrant/lxc/src/lxc/lxccontainer.c:3190
    #2 0x562961680f0a in main /home/vagrant/lxc/src/tests/lxcpath.c:63
    #3 0x7effae5150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

SUMMARY: AddressSanitizer: 81 byte(s) leaked in 3 allocation(s).
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

tests: fix a memory leak in cgpath

```
$ sudo ./src/tests/lxc-test-cgpath
Container creation tests...Passed
Container creation with LXCPATH tests...Passed

=================================================================
==57206==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e37 in main /home/vagrant/lxc/src/tests/cgpath.c:233
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Direct leak of 296 byte(s) in 1 object(s) allocated from:
    #0 0x7fef22c27dc6 in calloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10ddc6)
    #1 0x557c6e3ce3d9 in cgroup_ops_init cgroups/cgfsng.c:3347
    #2 0x557c6e3d6516 in cgroup_init cgroups/cgroup.c:33
    #3 0x557c6e3788e2 in test_running_container /home/vagrant/lxc/src/tests/cgpath.c:102
    #4 0x557c6e379c69 in test_container /home/vagrant/lxc/src/tests/cgpath.c:197
    #5 0x557c6e379e61 in main /home/vagrant/lxc/src/tests/cgpath.c:237
    #6 0x7fef2136c0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: make lxc_get_config() and lxc_get_config_net() always return non-NULL

Introduce the concept of an unsupported config item.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Revert "rexec: mark all fds as close-on-exec if possible"

This reverts commit 531d36ad009325b74a105d9d6956e320f37b2937.

Callers might want to explicilty inhert file descriptors so we can't
close them behind their back when we exec.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: don't return early when calculating namespaces via pidfd

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't report success when idmaptools lack all privilege

Fixes: #3777
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: simplify idmaptool_on_path_and_privileged()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: make lxc_get_config() and lxc_get_config_net() always return non-NULL

Introduce the concept of an unsupported config item.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

github: Try to fix action naming

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

confile: enforce maximum subkey length

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: add error_ret()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: ensure ret_errno() always returns negative

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cifuzz: fuzz longer

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: fix a memory leak lxc_config_define_add

```
2021-04-02T05:45:54.9410345Z ==13==ERROR: LeakSanitizer: detected memory leaks
2021-04-02T05:45:54.9410737Z
2021-04-02T05:45:54.9411488Z Direct leak of 16 byte(s) in 1 object(s) allocated from:
2021-04-02T05:45:54.9412556Z     #0 0x54d752 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
2021-04-02T05:45:54.9413360Z     #1 0x583795 in parse_new_conf_line /src/lxc/src/lxc/confile.c:3048:8
2021-04-02T05:45:54.9414057Z     #2 0x582f1a in lxc_config_define_add /src/lxc/src/lxc/confile.c:3090:15
2021-04-02T05:45:54.9415352Z     #3 0x5810fa in LLVMFuzzerTestOneInput /src/lxc/src/tests/fuzz-lxc-define-load.c:30:6
2021-04-02T05:45:54.9419212Z     #4 0x483b93 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
2021-04-02T05:45:54.9421819Z     #5 0x48309a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:505:3
2021-04-02T05:45:54.9424205Z     #6 0x485474 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:814:7
2021-04-02T05:45:54.9426658Z     #7 0x485689 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:845:3
2021-04-02T05:45:54.9428616Z     #8 0x473717 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:906:6
2021-04-02T05:45:54.9429989Z     #9 0x49f572 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
2021-04-02T05:45:54.9433312Z     #10 0x7fa96041b83f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
2021-04-02T05:45:54.9433795Z
2021-04-02T05:45:54.9434661Z DEDUP_TOKEN: calloc--parse_new_conf_line--lxc_config_define_add
2021-04-02T05:45:54.9435483Z SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).
2021-04-02T05:45:54.9435958Z
2021-04-02T05:45:54.9436404Z INFO: a leak has been found in the initial corpus.
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz: fuzz lxc_config_define_add and lxc_config_define_load

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

templates/*.in: fixed PATH handling with spaces

if $PATH already contains a path with a space the append of the
default directories in all template scripts fails with an error
like the following:

/usr/share/lxc/templates/lxc-download: 69: export: (x86)/NVIDIA: bad
variable name

Signed-off-by: Christian Ratzenhofer <christian.ratzenhofer@cdnm.at>

log: ensure we always return negative errno

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>