conf: fix setups where /dev is outside of LXC's control

Fixes: #3770
Suggested-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: complain when LXC is built without AppArmor support

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: complain when LXC is built without selinux support

Link: https://github.com/lxc/lxc/issues/3765
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix lxc.namespace.share.[identifier]

Link: https://github.com/lxc/lxc/pull/3763/files#r606089660
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: simplify get_network_config_ops()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: use restrict for lxc_safe_int64_residual()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: ensure that errno is set on return

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: move to lxc-copy() sources

It's the only place where it is still used.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup get_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup append_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cap to last bit in set_config_net_ipv4_address()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32708
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: switch to path_simplify()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32689
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: don't jump into the global table twice

instead move networking keys into a subtable. This avoids even just the
remote danger of recursion and also speeds up config parsing.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

oss-fuzz: reject giant configs early

It should help the fuzzer to avoid running into timeouts
like https://oss-fuzz.com/testcase-detail/5132999948632064.
Hopefully, once this is merged OSS-Fuzz will report only
infinite loops as timeouts.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

build-system: make it compatible with ASan/UBsan/MSan

Closes: https://github.com/lxc/lxc/issues/3727
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: enable PAM

to make sure pam_cgfs is buildable with ASan/UBsan too

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: also build with ASan/UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz.sh: get rid of the sed "no-undefined" kludge

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: stop passing --enable-ubsan

It's just a follow-up to 5f404236273bb211 (where --enable-ubsan
was removed).

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

doc: Documented that net type field must come before other options on the net device

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>

README: remove Travis and add Github actions badge

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: remove --enable-{asan,ubsan} in favor of --enable-sanitizers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

oss-fuzz.sh: put the "lxc.net" keys in the seed corpus as well

It's just a follow-up to 0abcc213e2291d71 (where the "lxc.net" keys
were moved from config_jump_table to config_jump_table_net)

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

compiler: fix thread_local detection

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxccontainer: ensure second parameter to bsearch is never NULL

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix thread_local support detection

Our detection for TLS wasn't working. Fix it.

Fixes: https://github.com/lxc/lxd/issues/8327
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: add another test for garbage config key

where a valid key has trailing garbage at the end before the "=".

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: fix two false negatives in parse_config_file()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_down()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_up()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_mtu()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_hwaddr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: clear netdev on network type change

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32584
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: vet keys more aggressively

Enforce an exact match for all keys where we now the subkeys must match
exactly.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv4_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32586
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv6_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32610
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: work around an MSan false positive

MSan doesn't instrument stpncpy (https://github.com/google/sanitizers/issues/926),
which causes the fuzzer to fail with:
```
$ cat ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
lxc.console.size=123

$ ./out/fuzz-lxc-config-read ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
INFO: Seed: 3561494591
INFO: Loaded 1 modules   (18795 inline 8-bit counters): 18795 [0x866b98, 0x86b503),
INFO: Loaded 1 PC tables (18795 PCs): 18795 [0x86b508,0x8b4bb8),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
==850885==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x6b3e7f in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:912:6
    #1 0x550991 in set_config_console_size /home/vagrant/lxc/src/lxc/confile.c:2483:8
    #2 0x5346e2 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
    #3 0x64b3cd in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #4 0x53340c in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3039:9
    #5 0x4e7ec2 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #6 0x44ad2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x44ad2c)
    #7 0x42ca4d in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42ca4d)
    #8 0x433af0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x433af0)
    #9 0x423ff6 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423ff6)
    #10 0x7f79bdc89081 in __libc_start_main (/lib64/libc.so.6+0x27081)
    #11 0x42402d in _start (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42402d)

  Uninitialized value was created by an allocation of 'dup' in the stack frame of function 'parse_byte_size_string'
    #0 0x6b3330 in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:901

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/vagrant/lxc/src/lxc/string_utils.c:912:6 in parse_byte_size_string
Exiting
```

Closes https://oss-fuzz.com/testcase-detail/5829890470445056

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

cifuzz: turn on MSan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

string_utils: handle overflow correct in parse_byte_size_string()

This takes the overflow handling code from the kernel.

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32549
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cifuzz: turn on UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz.sh: take SANITIZER into account

to make it possible to build the fuzzer with UBSan and MSan locally

```
$ SANITIZER=undefined ./src/tests/oss-fuzz.sh
$ printf 'lxc.signal.stop=sigrtmax-020000000020' >oss-fuzz-32596
$ UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 ./out/fuzz-lxc-config-read oss-fuzz-32596
INFO: Seed: 595864277
INFO: Loaded 1 modules   (61553 inline 8-bit counters): 61553 [0x80a1b0, 0x819221),
INFO: Loaded 1 PC tables (61553 PCs): 61553 [0x819228,0x909938),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: oss-fuzz-32596
confile_utils.c:1051:20: runtime error: signed integer overflow: 64 - -2147483632 cannot be represented in type 'int'
    #0 0x51799a in rt_sig_num /home/vagrant/lxc/src/lxc/confile_utils.c:1051:20
    #1 0x517268 in sig_parse /home/vagrant/lxc/src/lxc/confile_utils.c:1069:11
    #2 0x500ca4 in set_config_signal_stop /home/vagrant/lxc/src/lxc/confile.c:1738:10
    #3 0x4b8c7c in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
    #4 0x5a5eb0 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9

```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile_utils: fix a signed integer overflow

This was triggered by the following chain of conversions:

lxc_safe_uint("020000000020") -> 2147483664 (uint)
sig_num(2147483664 (uint)) -> -2147483632 (int)

64 - -2147483632 cannot be represented in type 'int'

Closes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32596

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: don't leak memory in case multiple shmounts are set

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32503
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: add missing prefix validation

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32488
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: free list during lxc_remove_nic_by_idx()

Reported-by: Evgeny Vereshchagin <evvers@ya.ru>
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

ci: turn on ASan on CIFuzz

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: prevent recursion when parsing networks

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix a memory leak in set_config_net_hwaddr

It was found by ClusterFuzz in https://oss-fuzz.com/testcase-detail/4747480244813824
but hasn't been reported on Monorail
(https://bugs.chromium.org/p/oss-fuzz/) yet

```
$ cat minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
lxc.net.0.hwaddr=0
lxc.net.0.hwaddr=4

./out/fuzz-lxc-config-read minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
INFO: Seed: 1473396311
INFO: Loaded 1 modules   (18821 inline 8-bit counters): 18821 [0x885fa0, 0x88a925),
INFO: Loaded 1 PC tables (18821 PCs): 18821 [0x88a928,0x8d4178),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e

=================================================================
==226185==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4d25d7 in strdup (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x4d25d7)
    #1 0x58e48f in set_config_net_hwaddr /home/vagrant/lxc/src/lxc/confile.c:654:14
    #2 0x59af3b in set_config_net_nic /home/vagrant/lxc/src/lxc/confile.c:5276:9
    #3 0x571c29 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2958:9
    #4 0x61b0b2 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #5 0x5710ed in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3035:9
    #6 0x542cd6 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #7 0x449e8c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x449e8c)
    #8 0x42bbad in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42bbad)
    #9 0x432c50 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x432c50)
    #10 0x423136 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423136)
    #11 0x7f2cbb992081 in __libc_start_main (/lib64/libc.so.6+0x27081)

SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: improve network vetting

Move all input sanity checks up and add two missing checks for the
correct network type when using veth-vlan and vlan network types.

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32513
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: use correct check for too large network lists

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: make string calculations in get_network_config_ops() more obvious

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: coding style cleanups

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: free network list items

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: reinitialize lists

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: always memset buf in lxc_safe_int64_residual()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32482
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix setting prlimits

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't leak list

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: avoid regressions for relative log paths

We need to allow relative log paths.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: fix parse_byte_size_string()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32475
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: improve network parser

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: prevent UAF in lxc_clear_limits()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: fix real-time signal parsing

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32521
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: don't leak memory when overwriting lxc.rootfs.options

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32473
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: be stricter in config helpers

We never call these helper without an initialized config afaict but
since we're now exposing these two functions to oss-fuzz directly in a
way we never do to users so let's be stricter about it.

Inspired-by: #3733
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: handle empty log name

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32491
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: don't create directories for fuzz builds

Fixes: #3730
Fixes: https://github.com/google/oss-fuzz/issues/5509
Suggested-by: Evgeny Vereshchagin <evvers@ya.ru>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: dont create log file for fuzz builds

Fixes: #3730
Fixes: https://github.com/google/oss-fuzz/issues/5509
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

fuzz: generate all the config keys and add them to the seed corpus

It should help to cover more code faster

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

README: add OSS-Fuzz/CIFuzz badges

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

fuzz: create tmpfiles in /tmp

It's mostly a cosmetic change that should prevent the fuzzer
from cluttering the "$OUT" directory (which OSS-Fuzz uses to
build docker images):

```
Step #44: Already have image: gcr.io/oss-fuzz/lxc
Step #44:   adding: fuzz-lxc-config-read (deflated 67%)
Step #44:   adding: fuzz-lxc-config-read-WBWKxN (deflated 32%)
Step #44:   adding: fuzz-lxc-config-read_seed_corpus.zip (stored 0%)
Step #44:   adding: honggfuzz (deflated 66%)
Step #44:   adding: llvm-symbolizer (deflated 65%)
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

network: handle name collisions when returning physical interfaces to host

Reviewed-by: Blair Steven <blair.steven@alliedtelesis.co.nz>
Signed-off-by: Sam Boyles <sam.boyles@alliedtelesis.co.nz>

oss-fuzz: make it possible to build the fuzzer without docker

With this patch applied the fuzz target can be built (with ASan)
and run with
```
./src/tests/oss-fuzz.sh
./out/fuzz-lxc-config-read doc/examples/
```

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32475 can be
reproduced by running
```
$ echo "lxc.console.buffer.size=d" >oss-fuzz-32475
$ ./out/fuzz-lxc-config-read ./oss-fuzz-32475
INFO: Seed: 1044753468
INFO: Loaded 1 modules   (18770 inline 8-bit counters): 18770 [0x883cc0, 0x888612),
INFO: Loaded 1 PC tables (18770 PCs): 18770 [0x888618,0x8d1b38),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: oss-fuzz-32475
=================================================================
==2052097==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffcca063e7f at pc 0x000000659e0d bp 0x7ffcca063e30 sp 0x7ffcca063e28
READ of size 1 at 0x7ffcca063e7f thread T0
...
```

I'll point OSS-Fuzz to the build script once this patch is merged.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

conf: use lxc_list_new() everywhere

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: use lxc_list_new() everywhere

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

list: add lxc_list_new() helper

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: delete netdev from list

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32478
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: reinitialize sysctl list after clearing it

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32474
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix set_config_sysctl()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32487
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

ci: turn on CIFuzz

Now that lxc has been integrated into OSS-Fuzz it should be
possible to start using https://google.github.io/oss-fuzz/getting-started/continuous-integration/
(mostly to make sure that the project is buildable there).

It should help to keep the integration in more or less good shape.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

conf: fix a memory leak

It was triggered by passing "lxc.selinux.context.keyring=xroot" to the
fuzz target introduced in https://github.com/google/oss-fuzz/pull/5498
```
=================================================================
==22==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 6 byte(s) in 1 object(s) allocated from:
    #0 0x538ca4 in __strdup /src/llvm-project/compiler-rt/lib/asan/asan_interceptors.cpp:468:3
    #1 0x5c40e8 in set_config_string_item /src/lxc/src/lxc/confile_utils.c:635:14
    #2 0x44394e in set_config_selinux_context_keyring /src/lxc/src/lxc/confile.c:1596:9
    #3 0x5af955 in parse_line /src/lxc/src/lxc/confile.c:2953:9
    #4 0x4475cd in lxc_file_for_each_line_mmap /src/lxc/src/lxc/parse.c:125:9
    #5 0x5af24f in lxc_config_read /src/lxc/src/lxc/confile.c:3024:9
    #6 0x580b04 in LLVMFuzzerTestOneInput /src/fuzz-lxc-config-read.c:36:2
    #7 0x483643 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
    #8 0x46d4a2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
    #9 0x4732ea in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
    #10 0x49f022 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7f16d09b883f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)
```

This is a follow-up to https://github.com/lxc/lxc/commit/4fef78bc332a2d186dca6f

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile_utils: don't free netdev twice

lxc_free_netdev() will already free the list element.

Fixes: https://github.com/google/oss-fuzz/pull/5498
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

strchrnul: fix copy-paste braino

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

strchrnul: ignore increased required alignment warning

Fixes: https://jenkins.linuxcontainers.org/view/LXC/job/lxc-build-android/7949/console
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

configure: fix strchrnul conditiona compilation

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

include: fix typo

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: provide a version of strchrnul() in case it's not available

This should only happen on Android.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

rexec: don't close stderr

Otherwise we'll fail to attach to containers later on.

Fixes: https://discuss.linuxcontainers.org/t/error-failed-to-retrieve-pid-of-executing-child-process
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

github: Fix invalid syntax for coverity

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Switch to Github actions

Travis-CI has been a disaster lately with us running out of credits or
their system thinking we're out of credit anyway...

So with Jenkins now covering arm64, let's move the rest of the CI to
Github Actions instead.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

macro: define __aligned_u64 to handle kernels without such support

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgroups: ignore unused controllers

Someone might have created a name=<controller> controller after the
container has started and so the container doesn't make use of this
controller.

Link: https://github.com/lxc/lxd/issues/8577
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: add missing newline in lxc_mount_auto_mounts()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: simplify logging in lxc_mount_auto_mounts()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: cleanup automounting

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: ensure that procfs and sysfs are unmounted

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: simplify dependent mount logic

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: tweak comment about transient procfs mount

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: handle CLONE_PIDFD on arm64

Reported-by: Ondrej Kubik <ondrej.kubik@canonical.com>
Cc: stable-4.0
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach_options: add explicit defines for all enums

This makes it easier to detect support for various features at compile
time.

Enables: https://github.com/lxc/go-lxc/pull/149
Fixes: https://launchpadlibrarian.net/526273274/buildlog_snap_ubuntu_bionic_i386_lxd-4.0-edge_BUILDING.txt.gz
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach_options: fix whitespace error in LXC_ATTACH_NO_NEW_PRIVS

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>