templates/*.in: fixed PATH handling with spaces

if $PATH already contains a path with a space the append of the
default directories in all template scripts fails with an error
like the following:

/usr/share/lxc/templates/lxc-download: 69: export: (x86)/NVIDIA: bad
variable name

Signed-off-by: Christian Ratzenhofer <christian.ratzenhofer@cdnm.at>

Merge pull request #3771 from brauner/2021-04-06/fixes

conf: fix setups where /dev is outside of LXC's control

log: ensure we always return negative errno

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix setups where /dev is outside of LXC's control

Fixes: #3770
Suggested-by: Ruben Jenster <r.jenster@drachenfels.de>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3766 from brauner/2021-04-02/fixes_2

lsm: fixes

confile: complain when LXC is built without AppArmor support

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: complain when LXC is built without selinux support

Link: https://github.com/lxc/lxc/issues/3765
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3764 from brauner/2021-04-02/fixes

confile: fix lxc.namespace.share.[identifier]

confile: fix lxc.namespace.share.[identifier]

Link: https://github.com/lxc/lxc/pull/3763/files#r606089660
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3762 from brauner/2021-03-31/fixes

fixes: Makefile, lxc-user-nic, simplify get_network_config_ops()

confile: simplify get_network_config_ops()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: use restrict for lxc_safe_int64_residual()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: ensure that errno is set on return

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: move to lxc-copy() sources

It's the only place where it is still used.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup get_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

lxc_user_nic: cleanup append_alloted()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3760 from evverx/reject-giant-configs

oss-fuzz: reject giant configs early

Merge pull request #3759 from evverx/san-compatible

build-system: make it compatible with ASan/UBsan/Msan

Merge pull request #3758 from brauner/2021-03-31/fixes

confile: cap to last bit in set_config_net_ipv4_address()

confile: cap to last bit in set_config_net_ipv4_address()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32708
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3755 from evverx/lxc-net

oss-fuzz.sh: put the "lxc.net" keys to the seed corpus as well

Merge pull request #3756 from brauner/2021-03-30/fixes_3

string_utils: switch to path_simplify()

string_utils: switch to path_simplify()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32689
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3754 from brauner/2021-03-30/fixes_2

confile: don't jump into the global table twice

confile: don't jump into the global table twice

instead move networking keys into a subtable. This avoids even just the
remote danger of recursion and also speeds up config parsing.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

oss-fuzz: reject giant configs early

It should help the fuzzer to avoid running into timeouts
like https://oss-fuzz.com/testcase-detail/5132999948632064.
Hopefully, once this is merged OSS-Fuzz will report only
infinite loops as timeouts.

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

build-system: make it compatible with ASan/UBsan/MSan

Closes: https://github.com/lxc/lxc/issues/3727
Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: enable PAM

to make sure pam_cgfs is buildable with ASan/UBsan too

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: also build with ASan/UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz.sh: get rid of the sed "no-undefined" kludge

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

ci: stop passing --enable-ubsan

It's just a follow-up to 5f404236273bb211 (where --enable-ubsan
was removed).

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

Merge pull request #3750 from brauner/2021-03-29/fixes_2

autotools: remove --enable-{asan,ubsan} in favor of --enable-sanitizers

Merge pull request #3751 from tomponline/tp-nic-ordering

doc: Documented that net type field must come before other options on the net device

doc: Documented that net type field must come before other options on the net device

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>

README: remove Travis and add Github actions badge

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

autotools: remove --enable-{asan,ubsan} in favor of --enable-sanitizers

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3749 from brauner/2021-03-29/fixes

compiler: fix thread_local detection

Merge pull request #3746 from evverx/CIFuzz-unblock-msan

CIFuzz: turn on MSan

compiler: fix thread_local detection

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3748 from brauner/2021-03-29/fixes

fixes & config key validation

oss-fuzz.sh: put the "lxc.net" keys in the seed corpus as well

It's just a follow-up to 0abcc213e2291d71 (where the "lxc.net" keys
were moved from config_jump_table to config_jump_table_net)

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

lxccontainer: ensure second parameter to bsearch is never NULL

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: fix thread_local support detection

Our detection for TLS wasn't working. Fix it.

Fixes: https://github.com/lxc/lxd/issues/8327
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: add another test for garbage config key

where a valid key has trailing garbage at the end before the "=".

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

tests: fix two false negatives in parse_config_file()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_down()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_script_up()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_mtu()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: cleanup set_config_net_hwaddr()

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: clear netdev on network type change

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32584
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: vet keys more aggressively

Enforce an exact match for all keys where we now the subkeys must match
exactly.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv4_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32586
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: safely clean previous value in set_config_net_ipv6_gateway()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32610
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3745 from evverx/ubsan-msan-support

oss-fuzz/cifuzz: a couple of follow-up commits

Merge pull request #3744 from evverx/oss-fuzz-32596

confile_utils: fix a signed integer overflow

Merge pull request #3743 from brauner/2021-03-27/fixes_3

oss-fuzz: fixes

string_utils: work around an MSan false positive

MSan doesn't instrument stpncpy (https://github.com/google/sanitizers/issues/926),
which causes the fuzzer to fail with:
```
$ cat ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
lxc.console.size=123

$ ./out/fuzz-lxc-config-read ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
INFO: Seed: 3561494591
INFO: Loaded 1 modules   (18795 inline 8-bit counters): 18795 [0x866b98, 0x86b503),
INFO: Loaded 1 PC tables (18795 PCs): 18795 [0x86b508,0x8b4bb8),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: ../minimized-from-740f56329efc60eab59b8194132b712a873e88a3
==850885==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x6b3e7f in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:912:6
    #1 0x550991 in set_config_console_size /home/vagrant/lxc/src/lxc/confile.c:2483:8
    #2 0x5346e2 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
    #3 0x64b3cd in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #4 0x53340c in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3039:9
    #5 0x4e7ec2 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #6 0x44ad2c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x44ad2c)
    #7 0x42ca4d in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42ca4d)
    #8 0x433af0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x433af0)
    #9 0x423ff6 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423ff6)
    #10 0x7f79bdc89081 in __libc_start_main (/lib64/libc.so.6+0x27081)
    #11 0x42402d in _start (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42402d)

  Uninitialized value was created by an allocation of 'dup' in the stack frame of function 'parse_byte_size_string'
    #0 0x6b3330 in parse_byte_size_string /home/vagrant/lxc/src/lxc/string_utils.c:901

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/vagrant/lxc/src/lxc/string_utils.c:912:6 in parse_byte_size_string
Exiting
```

Closes https://oss-fuzz.com/testcase-detail/5829890470445056

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

cifuzz: turn on MSan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

string_utils: handle overflow correct in parse_byte_size_string()

This takes the overflow handling code from the kernel.

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32549
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

cifuzz: turn on UBsan

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

oss-fuzz.sh: take SANITIZER into account

to make it possible to build the fuzzer with UBSan and MSan locally

```
$ SANITIZER=undefined ./src/tests/oss-fuzz.sh
$ printf 'lxc.signal.stop=sigrtmax-020000000020' >oss-fuzz-32596
$ UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 ./out/fuzz-lxc-config-read oss-fuzz-32596
INFO: Seed: 595864277
INFO: Loaded 1 modules   (61553 inline 8-bit counters): 61553 [0x80a1b0, 0x819221),
INFO: Loaded 1 PC tables (61553 PCs): 61553 [0x819228,0x909938),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: oss-fuzz-32596
confile_utils.c:1051:20: runtime error: signed integer overflow: 64 - -2147483632 cannot be represented in type 'int'
    #0 0x51799a in rt_sig_num /home/vagrant/lxc/src/lxc/confile_utils.c:1051:20
    #1 0x517268 in sig_parse /home/vagrant/lxc/src/lxc/confile_utils.c:1069:11
    #2 0x500ca4 in set_config_signal_stop /home/vagrant/lxc/src/lxc/confile.c:1738:10
    #3 0x4b8c7c in parse_line /home/vagrant/lxc/src/lxc/confile.c:2962:9
    #4 0x5a5eb0 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9

```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile_utils: fix a signed integer overflow

This was triggered by the following chain of conversions:

lxc_safe_uint("020000000020") -> 2147483664 (uint)
sig_num(2147483664 (uint)) -> -2147483632 (int)

64 - -2147483632 cannot be represented in type 'int'

Closes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32596

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: don't leak memory in case multiple shmounts are set

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32503
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: add missing prefix validation

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32488
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3741 from brauner/2021-03-27/fixes_2

confile_utils: free list during lxc_remove_nic_by_idx()

confile_utils: free list during lxc_remove_nic_by_idx()

Reported-by: Evgeny Vereshchagin <evvers@ya.ru>
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3739 from brauner/2021-03-27/fixes

oss-fuzz: fixes

ci: turn on ASan on CIFuzz

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: prevent recursion when parsing networks

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558
Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix a memory leak in set_config_net_hwaddr

It was found by ClusterFuzz in https://oss-fuzz.com/testcase-detail/4747480244813824
but hasn't been reported on Monorail
(https://bugs.chromium.org/p/oss-fuzz/) yet

```
$ cat minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
lxc.net.0.hwaddr=0
lxc.net.0.hwaddr=4

./out/fuzz-lxc-config-read minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
INFO: Seed: 1473396311
INFO: Loaded 1 modules   (18821 inline 8-bit counters): 18821 [0x885fa0, 0x88a925),
INFO: Loaded 1 PC tables (18821 PCs): 18821 [0x88a928,0x8d4178),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e

=================================================================
==226185==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4d25d7 in strdup (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x4d25d7)
    #1 0x58e48f in set_config_net_hwaddr /home/vagrant/lxc/src/lxc/confile.c:654:14
    #2 0x59af3b in set_config_net_nic /home/vagrant/lxc/src/lxc/confile.c:5276:9
    #3 0x571c29 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2958:9
    #4 0x61b0b2 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #5 0x5710ed in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3035:9
    #6 0x542cd6 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #7 0x449e8c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x449e8c)
    #8 0x42bbad in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42bbad)
    #9 0x432c50 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x432c50)
    #10 0x423136 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423136)
    #11 0x7f2cbb992081 in __libc_start_main (/lib64/libc.so.6+0x27081)

SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

confile: improve network vetting

Move all input sanity checks up and add two missing checks for the
correct network type when using veth-vlan and vlan network types.

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32513
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: use correct check for too large network lists

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32558
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: make string calculations in get_network_config_ops() more obvious

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: coding style cleanups

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: free network list items

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32484
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: reinitialize lists

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: always memset buf in lxc_safe_int64_residual()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32482
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3738 from brauner/2021-03-26/fixes_3

oss-fuzz: fixes

confile: fix returns in set_config_net_veth_vlan_tagged_id()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32494
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: fix setting prlimits

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

conf: don't leak list

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3736 from brauner/2021-03-26/fixes_3

oss-fuzz: fixes

log: avoid regressions for relative log paths

We need to allow relative log paths.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

string_utils: fix parse_byte_size_string()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32475
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: improve network parser

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3737 from evverx/oss-fuzz-fixes

oss-fuzz: a few follow-up commits

Merge pull request #3731 from samboyles1/master

network: handle name collisions when returning interfaces to host

Merge pull request #3735 from brauner/2021-03-26/fixes_2

oss-fuzz: fixes

conf: prevent UAF in lxc_clear_limits()

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32532
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile_utils: fix real-time signal parsing

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32521
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

confile: don't leak memory when overwriting lxc.rootfs.options

Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32473
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3733 from evverx/move-from-oss-fuzz

oss-fuzz: make it possible to build the fuzzer without docker

Merge pull request #3734 from brauner/2021-03-26/fixes_2

confile: be stricter in config helpers

confile: be stricter in config helpers

We never call these helper without an initialized config afaict but
since we're now exposing these two functions to oss-fuzz directly in a
way we never do to users so let's be stricter about it.

Inspired-by: #3733
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

Merge pull request #3732 from brauner/2021-03-26/fixes

log: dont create log file for fuzz builds

log: handle empty log name

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32491
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: don't create directories for fuzz builds

Fixes: #3730
Fixes: https://github.com/google/oss-fuzz/issues/5509
Suggested-by: Evgeny Vereshchagin <evvers@ya.ru>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

log: dont create log file for fuzz builds

Fixes: #3730
Fixes: https://github.com/google/oss-fuzz/issues/5509
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

fuzz: generate all the config keys and add them to the seed corpus

It should help to cover more code faster

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>

README: add OSS-Fuzz/CIFuzz badges

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>