coverity: #1440391

Dereference null return value

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cmd/lxc_init: do not hide global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools/lxc_stop: use correct check

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: prevent values smaller 0

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxccontainer: remove check from goto target

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: remove tautological check

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: use O_CLOEXEC in lxc_pivot_root()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: remove tautological check

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

state: remove tautological check

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools/lxc_info: do not hide global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools/lxc_top: do not hide global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools/lxc_copy: do not hide global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

monitord: do not hide global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: move increment out of branch

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

commands: simplify

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: do not overwrite global variable

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

coverity: update .travis.yml

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

coverity: update .travis.yml

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

coverity: update .travis.yml

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

coverity: update .travis.yml

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

coverity: update .travis.yml

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: compiler based hardening

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: simplify

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tree-wide: coding style fixes

Signed-off-by: 2xsec <dh48.jeong@samsung.com>
[christian.brauner@ubuntu.com: cleanup if-branches in confile.c]
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

parse: fix uninitialized value

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

parse: protect against config updates during parse

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix append_unexp_config_line()

Reported-by: 2xsec dh48.jeong@samsung.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

raw_syscalls: ensure function always returns value

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

include: simplify strlcpy()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: fix global buffer overflow issue

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

autotools: fix --disable-commands builds

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc-init: log to /dev/console

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

checkconfig: Handle missing kernel version

https://github.com/lxc/lxd/issues/5151

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

autools: use -fno-strict-aliasing

The gcc implementation and the C standard are not to be considered sane
in this respect. We don't want to risk reordering of writes when the
compiler incorrectly *thinks* two types do not alias each other.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

monitor: fix coding standard

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

commands_utils: improve code redundancy to make abstract unix socket name

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

monitor: checking name too long to make monitor sock name

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

monitor: log cleanups

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

checkpoint: fix running do_dump()

Testing 'lxc <container> stop --stateful' crashed LXD:

fatal error: unexpected signal during runtime execution
[signal SIGSEGV: segmentation violation code=0x1 addr=0xe8 pc=0x7f3198ff0592]

runtime stack:
runtime.throw(0x117fe4a, 0x2a)
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/panic.go:616 +0x81
runtime.sigpanic()
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/signal_unix.go:372 +0x28e

goroutine 375 [syscall]:
runtime.cgocall(0xef38e3, 0xc420731630, 0x29)
/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang/src/runtime/cgocall.go:128 +0x64 fp=0xc4207315f0 sp=0xc4207315b8 pc=0x410fc4
gopkg.in/lxc/go-lxc%2ev2._Cfunc_go_lxc_migrate(0x7f316c001220, 0xc400000001, 0xc420302460, 0xc4205d6080, 0x0)
_cgo_gotypes.go:752 +0x4d fp=0xc420731630 sp=0xc4207315f0 pc=0x909d7d
gopkg.in/lxc/go-lxc%2ev2.(*Container).Migrate.func4(0x7f316c001220, 0xc400000001, 0xc420302460, 0xc4205d6080, 0x0)
/share/go/src/gopkg.in/lxc/go-lxc.v2/container.go:1798 +0x160 fp=0xc420731668 sp=0xc420731630 pc=0x91b970
gopkg.in/lxc/go-lxc%2ev2.(*Container).Migrate(0xc4207a52f0, 0x1, 0xc42051ec00, 0x20, 0x0, 0x0, 0x0, 0x0, 0x101, 0x10000000, ...)
/share/go/src/gopkg.in/lxc/go-lxc.v2/container.go:1798 +0x29f fp=0xc420731760 sp=0xc420731668 pc=0x9160ef

The commit 5a087e056f94 introduced a second parameter (conf) to the
cgroup escape() function which was never set in do_dump(). Instead of
taking it from opts->handler->conf it is now used from c->lxc_conf.

Fixes: 5a087e056f94 ("cgroups: don't escape if lxc.cgroup.keep is true")
Suggested-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Adrian Reber <areber@redhat.com>

conf: verify_start_hooks() after lxc.mount.entry

Fixes: https://discuss.linuxcontainers.org/t/are-lxc-mount-entry-available-when-lxc-hook-start-is-validated/2906/3
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: log prlimit setup

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

fix post section script error for rpm install

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

fix rpm packaging error for static library

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

parse: fix uninitialized pointer access

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

confile: remove unused variable

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

test: test invalid config keys

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

parse: do not mask failed parse

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

netns_ifaddrs: check for NETLINK_DUMP_STRICT_CHK

Make use of the new socket option, NETLINK_DUMP_STRICT_CHK, that
userspace can use via setsockopt to request strict checking of headers
and attributes on dump requests.

To get dump features such as kernel side filtering based on data in
the header or attributes appended to the dump request, userspace
must call setsockopt() for NETLINK_DUMP_STRICT_CHK and a non-zero
value. This is necessary to make use of the IFA_TARGET_NETNSID property.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add SOL_NETLINK

This allows to set netlink socket properties.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add NETLINK_DUMP_STRICT_CHK

This adds support for the new socket option, NETLINK_DUMP_STRICT_CHK,
that userspace can use via setsockopt to request strict checking of
headers and attributes on dump requests.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

attach: fix missing pthread.h include

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

file_utils: fix too wide or inconsistent non-owner permissions

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

start: change log level

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

attach: reset signal mask

Since we introduced clean exit from the mainloop when SIGTERM is sent we
changed the signal mask of the parent process but we never reset the
signal mask for the actual attached process.

Closes #399.

Fixes: 1349e92e4d23 ("console: exit mainloop on SIGTERM")
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

storage: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

terminal: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

start: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

pam: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

network: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxccontainer: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cmd: s/MAXPATHLEN/PATH_MAX/g

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

macro: add PATH_MAX

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

parse: report errors when failing config parsing

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

parse: remove access() check

We can just fail on open() and not waste an additional syscall.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tools: lxc-unshare: remove unnecessary initialization

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

tools: lxc-start: remove unused argument

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

raw_syscalls: move lxc_raw_gettid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: move signalfd()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: move unshare()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: move sethostname()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: move setns()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: move memfd_create()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: handle v1 cpuset hierarchy first

If the value of cgroup.clone_children in our immediate ancestor cgroup
is 0 then the cpuset of any cgroups we create in subtrees will be empty
and hence we'll copy an empty cpuset at which point we cannot enter the
cpuset cgroup.
Avoid this problem by initializing cgroup.clone_children to 1 an copying
the initialized cpuset of our immediate ancestor. Note, that the cpuset
of our immediate ancestor must be initialized and ours as well otherwise
we couldn't be located in this cgroup.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: fix lxc_set_death_signal()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cgfsng: avoid tiny race window

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

parse: prefault config file with MAP_POPULATE

When we call lxc_file_for_each_line_mmap() we will always parse the
whole config file. Prefault it in case it is really long to optimize
performance.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

netns_iaddrs: remove unused functions

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

cgroups: remove unnecessary line

Signed-off-by: 2xsec <dh48.jeong@samsung.com>

netns_ifaddrs: only use struct rtnl_link_stats64

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: add missing build dependencies

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: fix lxc-usernsexec build

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: fix lxc-user-nic build

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: fix lxc-monitord build

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: fix lxc init build

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

raw_syscalls: add lxc_raw_getpid()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

raw_syscalls: add lxc_raw_clone{_cb}()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

raw_syscalls: add lxc_raw_execveat()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

syscall_wrappers: add pivot_root()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

netns_ifaddrs: handle IFLA_STATS{64} correctly

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: support -z relro and -z now

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

utils: add lxc_setup_keyring()

Allocate a new keyring if we can to prevent information leak.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

configure: fix -Wimplicit-fallthrough check

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

oci-template: Add logic for no /etc/passwd, group

OCI image spec dosen't specify action when there is
no /etc/passwd or /etc/group. So if there is no
/etc/passwd with string user info, set uid to 0. If there
is no /etc/group with string group info, set gid to 0.

Signed-off-by: Jungsub Shin jungsub_shin@tmax.co.kr

btrfs: fix btrfs containers

Closes #2612.
Closes #2655.

Fixes: 9de31d5a1394 ("tree-wide: s/strncpy()/strlcpy()/g")
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>