From f8cc4ae8be0665c8bef9604ece979b5ab30d9b3c Mon Sep 17 00:00:00 2001 From: Christian Brauner Date: Mon, 22 Feb 2021 20:00:18 +0100 Subject: [PATCH] commands: add LXC_CMD_GET_CGROUP_FD Signed-off-by: Christian Brauner --- src/lxc/commands.c | 53 +++++++++++++++++++++++++++++++++------------- src/lxc/commands.h | 4 ++++ 2 files changed, 42 insertions(+), 15 deletions(-) diff --git a/src/lxc/commands.c b/src/lxc/commands.c index ef465d70e..787565a8b 100644 --- a/src/lxc/commands.c +++ b/src/lxc/commands.c @@ -88,6 +88,7 @@ static const char *lxc_cmd_str(lxc_cmd_t cmd) [LXC_CMD_GET_LIMITING_CGROUP2_FD] = "get_limiting_cgroup2_fd", [LXC_CMD_GET_DEVPTS_FD] = "get_devpts_fd", [LXC_CMD_GET_SECCOMP_NOTIFY_FD] = "get_seccomp_notify_fd", + [LXC_CMD_GET_CGROUP_FD] = "get_cgroup_fd", }; if (cmd >= LXC_CMD_MAX) @@ -115,19 +116,34 @@ static const char *lxc_cmd_str(lxc_cmd_t cmd) */ static int lxc_cmd_rsp_recv(int sock, struct lxc_cmd_rr *cmd) { - call_cleaner(put_unix_fds) struct unix_fds *fds = NULL; - int ret; + call_cleaner(put_unix_fds) struct unix_fds *fds = &(struct unix_fds){}; struct lxc_cmd_rsp *rsp = &cmd->rsp; + int ret; - fds = &(struct unix_fds){ - .fd_count_max = 1, - }; - + switch (cmd->req.cmd) { + case LXC_CMD_GET_CGROUP2_FD: + __fallthrough; + case LXC_CMD_GET_LIMITING_CGROUP2_FD: + __fallthrough; + case LXC_CMD_GET_INIT_PIDFD: + __fallthrough; + case LXC_CMD_GET_SECCOMP_NOTIFY_FD: + __fallthrough; + case LXC_CMD_GET_DEVPTS_FD: + __fallthrough; + case LXC_CMD_CONSOLE: + fds->fd_count_max = 1; + break; + case LXC_CMD_GET_CGROUP_FD: + fds->fd_count_max = KERNEL_SCM_MAX_FD; + break; + default: + fds->fd_count_max = 0; + } ret = lxc_abstract_unix_recv_fds(sock, fds, rsp, sizeof(*rsp)); if (ret < 0) - return log_warn_errno(-1, - errno, "Failed to receive response for command \"%s\"", - lxc_cmd_str(cmd->req.cmd)); + return syserrno(ret, "Failed to receive response for command \"%s\"", + lxc_cmd_str(cmd->req.cmd)); TRACE("Command \"%s\" received response", lxc_cmd_str(cmd->req.cmd)); if (cmd->req.cmd == LXC_CMD_CONSOLE) { @@ -585,14 +601,20 @@ static int lxc_cmd_get_cgroup_fd_callback(int fd, struct lxc_cmd_req *req, struct lxc_handler *handler, struct lxc_epoll_descr *descr) { + struct lxc_cmd_rsp rsp = { + .ret = 0, + }; struct cgroup_ops *cgroup_ops = handler->cgroup_ops; - struct lxc_cmd_rsp rsp = {}; - struct unix_fds fds = {}; + struct unix_fds *fds = {}; + int ret; + + fds->fd_count_max = cgroup_fds(cgroup_ops, fds->fd); + ret = lxc_abstract_unix_send_fds(fd, fds->fd, fds->fd_count_max, + &rsp, sizeof(rsp)); + if (ret < 0) + return log_error(ret, "Failed to send cgroup fds"); - fds.fd_count_max = cgroup_fds(cgroup_ops, fds.fd); - if (fds.fd_count_max == 0) - rsp.ret = -ENOENT; - return rsp_many_fds(fd, &fds, &rsp); + return log_trace(LXC_CMD_REAP_CLIENT_FD, "Sent cgroup fds"); } /* @@ -1590,6 +1612,7 @@ static int lxc_cmd_process(int fd, struct lxc_cmd_req *req, [LXC_CMD_GET_LIMITING_CGROUP2_FD] = lxc_cmd_get_limiting_cgroup2_fd_callback, [LXC_CMD_GET_DEVPTS_FD] = lxc_cmd_get_devpts_fd_callback, [LXC_CMD_GET_SECCOMP_NOTIFY_FD] = lxc_cmd_get_seccomp_notify_fd_callback, + [LXC_CMD_GET_CGROUP_FD] = lxc_cmd_get_cgroup_fd_callback, }; if (req->cmd >= LXC_CMD_MAX) diff --git a/src/lxc/commands.h b/src/lxc/commands.h index 45c30c1f5..2ce5de61f 100644 --- a/src/lxc/commands.h +++ b/src/lxc/commands.h @@ -43,6 +43,7 @@ typedef enum { LXC_CMD_GET_LIMITING_CGROUP2_FD = 20, LXC_CMD_GET_DEVPTS_FD = 21, LXC_CMD_GET_SECCOMP_NOTIFY_FD = 22, + LXC_CMD_GET_CGROUP_FD = 23, LXC_CMD_MAX, } lxc_cmd_t; @@ -122,6 +123,9 @@ __hidden extern int lxc_try_cmd(const char *name, const char *lxcpath); __hidden extern int lxc_cmd_console_log(const char *name, const char *lxcpath, struct lxc_console_log *log); __hidden extern int lxc_cmd_get_seccomp_notify_fd(const char *name, const char *lxcpath); +__hidden extern int lxc_cmd_get_cgroup_fd(const char *name, const char *lxcpath, + const char *controller, bool batch, + struct unix_fds *ret_fds); __hidden extern int lxc_cmd_seccomp_notify_add_listener(const char *name, const char *lxcpath, int fd, /* unused */ unsigned int command, /* unused */ unsigned int flags); -- 2.47.2