Merge pull request #25 from avagin/xemul

libct: add ability to use one library with OpenVZ and upstream kernels
xemul · Nov 20, 2014 · 22f40bb · 22f40bb
2 parents 32ab754 + 4c048c2
commit 22f40bb
Show file tree

Hide file tree

Showing 14 changed files with 79 additions and 43 deletions.
diff --git a/Makefile b/Makefile
@@ -65,9 +65,6 @@ cflags-y	+= -iquote src/lsm
 cflags-y	+= -iquote src
 cflags-y	+= -fno-strict-aliasing
 cflags-y	+= -I/usr/include
-ifeq ($(VZ),1)
-	cflags-y += -I/usr/src/kernels/$(shell uname -r)/include/
-endif
 export cflags-y
 
 VERSION_MAJOR		:= 0
@@ -109,10 +106,6 @@ endif
 
 CFLAGS		+= $(WARNINGS) $(DEFINES)
 
-ifneq ("$(wildcard /proc/vz)","")
-	CFLAGS += -D VZ
-endif
-
 export E Q CC ECHO MAKE CFLAGS LIBS ARCH DEFINES MAKEFLAGS
 export SH RM OBJCOPY LDARCH LD CP MKDIR CD LN
 export ESED SED CAT
@@ -144,11 +137,11 @@ src: $(EARLY-GEN)
 
 .PHONY: src
 
-$(LIBCT).so: src/$(LIBCT).so
+$(LIBCT).a: src/$(LIBCT).a
 	$(E) "  LN      " $@
 	$(Q) $(LN) -sf $^ $@
 
-$(LIBCT).a: src/$(LIBCT).a
+$(LIBCT).so: src/$(LIBCT).so
 	$(E) "  LN      " $@
 	$(Q) $(LN) -sf $^ $@
 

diff --git a/src/ct.c b/src/ct.c
@@ -424,7 +424,8 @@ static int ct_execv(void *a)
 			goto err;
 		}
 		for (i = 0; i < 3; i++)
-			close(ea->fds[i]);
+			if (ea->fds[i] != i)
+				close(ea->fds[i]);
 	}
 
 	sigfillset(&mask);
@@ -651,15 +652,15 @@ static int local_add_map(struct list_head *list, unsigned int first,
 	return 0;
 }
 
-int local_add_uid_map(ct_handler_t h, unsigned int first,
+static int local_add_uid_map(ct_handler_t h, unsigned int first,
 			unsigned int lower_first, unsigned int count)
 {
 	struct container *ct = cth2ct(h);
 
 	return local_add_map(&ct->uid_map, first, lower_first, count);
 }
 
-int local_add_gid_map(ct_handler_t h, unsigned int first,
+static int local_add_gid_map(ct_handler_t h, unsigned int first,
 			unsigned int lower_first, unsigned int count)
 {
 	struct container *ct = cth2ct(h);

diff --git a/src/include/ct.h b/src/include/ct.h
@@ -118,10 +118,6 @@ static inline struct container *cth2ct(struct ct_handler *h)
 }
 
 extern char *local_ct_name(ct_handler_t h);
-extern int local_add_uid_map(ct_handler_t h, unsigned int first,
-			unsigned int lower_first, unsigned int count);
-extern int local_add_gid_map(ct_handler_t h, unsigned int first,
-			unsigned int lower_first, unsigned int count);
 
 static inline bool fs_private(struct container *ct)
 {

diff --git a/src/include/net.h b/src/include/net.h
@@ -8,6 +8,9 @@
 struct _NetaddReq;
 struct container;
 
+typedef const struct ct_net_ops *(*net_get_ops_cb)(enum ct_net_type ntype);
+extern ct_net_t __local_net_add(ct_handler_t h, enum ct_net_type, void *arg, net_get_ops_cb cb);
+
 extern ct_net_t local_net_add(ct_handler_t h, enum ct_net_type, void *arg);
 extern int local_net_del(ct_handler_t h, enum ct_net_type, void *arg);
 extern void net_release(struct container *ct);

diff --git a/src/include/vz/vz_net.h b/src/include/vz/vz_net.h
@@ -4,5 +4,6 @@
 #include "net.h"
 
 extern const struct ct_net_ops *vz_net_get_ops(enum ct_net_type);
+extern ct_net_t vz_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg);
 
 #endif /* __LIBCT_VZ_NET_H__ */
diff --git a/src/namespaces.c b/src/namespaces.c
@@ -34,9 +34,14 @@ static struct ns_desc uts_ns = {
 struct ns_desc *namespaces[] = {
 	&pid_ns,
 	&net_ns,
-	&mnt_ns,
 	&ipc_ns,
 	&uts_ns,
+	/*
+	 * mnt_ns must be the last one. After switching in a mount namespace,
+	 * the old /proc becomes inaccessible and we are not able switch other
+	 * namespaces
+	 */
+	&mnt_ns,
 	NULL
 };
 

diff --git a/src/net.c b/src/net.c
@@ -97,7 +97,7 @@ static int local_net_link_apply(char *name, ct_net_t n, int pid)
 	return ret;
 }
 
-ct_net_t local_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg)
+ct_net_t __local_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg, const struct ct_net_ops *(*get_ops_cb)(enum ct_net_type ntype))
 {
 	struct container *ct = cth2ct(h);
 	const struct ct_net_ops *nops;
@@ -113,11 +113,7 @@ ct_net_t local_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg)
 	if (ntype == CT_NET_NONE)
 		return 0;
 
-#ifndef VZ
-	nops = net_get_ops(ntype);
-#else
-	nops = vz_net_get_ops(ntype);
-#endif
+	nops = get_ops_cb(ntype);
 	if (!nops)
 		return ERR_PTR(-LCTERR_BADTYPE);
 
@@ -129,6 +125,11 @@ ct_net_t local_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg)
 	return cn;
 }
 
+ct_net_t local_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg)
+{
+	return __local_net_add(h, ntype, arg, net_get_ops);
+}
+
 int local_net_del(ct_handler_t h, enum ct_net_type ntype, void *arg)
 {
 	struct container *ct = cth2ct(h);

diff --git a/src/session.c b/src/session.c
@@ -109,11 +109,10 @@ libct_session_t libct_session_open_local(void)
 	if (s) {
 		INIT_LIST_HEAD(&s->s.s_cts);
 		INIT_LIST_HEAD(&s->s.async_list);
-#ifndef VZ
-		s->s.ops = &local_session_ops;
-#else
-		s->s.ops = &vz_session_ops;
-#endif
+		if (!access("/proc/vz", F_OK))
+			s->s.ops = &vz_session_ops;
+		else
+			s->s.ops = &local_session_ops;
 		return &s->s;
 	}
 

diff --git a/src/vz/vz.c b/src/vz/vz.c
@@ -1423,12 +1423,10 @@ static const struct container_ops vz_ct_ops = {
 	.get_state		= vz_get_state,
 	.set_option		= vz_set_option,
 	.set_console_fd		= vz_set_console_fd,
-	.net_add		= local_net_add,
+	.net_add		= vz_net_add,
 	.net_del		= local_net_del,
 	.net_route_add		= local_net_route_add,
 	.uname			= vz_uname,
-	.add_uid_map		= local_add_uid_map,
-	.add_gid_map		= local_add_gid_map,
 };
 
 const struct container_ops *get_vz_ct_ops(void)

diff --git a/src/vz/vz_net.c b/src/vz/vz_net.c
@@ -177,6 +177,11 @@ const struct ct_net_ops *vz_net_get_ops(enum ct_net_type ntype)
 	}
 }
 
+ct_net_t vz_net_add(ct_handler_t h, enum ct_net_type ntype, void *arg)
+{
+	return __local_net_add(h, ntype, arg, vz_net_get_ops);
+}
+
 struct ct_net_veth *cn2vn(struct ct_net *n)
 {
 	return container_of(n, struct ct_net_veth, n);

diff --git a/test/Makefile b/test/Makefile
@@ -1,16 +1,17 @@
 include ../Makefile.config
 
+COMMON_TESTS = vz_create_exec vz_net_veth vz_enter
+
 LOCAL_TESTS =	ct_create ct_enter ct_proc ct_root ct_root_enter \
 	ct_create_exec ct_cgroup_basic ct_net_host \
 	ct_net_veth ct_private_subdir \
 	ct_ext_mount ct_private_subdir_ns \
 	ct_cgroup_sub ct_service ct_kill_nons ct_pid_enter \
 	ct_userns ct_caps
 
-VZ_TESTS = vz_create_exec vz_net_veth vz_enter \
-	vz_cgroup_memory vz_cgroup_cpu vz_cgroup_blkio
+VZ_TESTS = vz_cgroup_memory vz_cgroup_cpu vz_cgroup_blkio
 
-TESTS = $(LOCAL_TESTS) $(VZ_TESTS)
+TESTS = $(LOCAL_TESTS) $(VZ_TESTS) $(COMMON_TESTS)
 
 PIGS  = file_piggy
 
@@ -25,6 +26,7 @@ LDFLAGS = -Wl,--no-as-needed \
 	-lct -L../src/ -Wl,-rpath,'$$ORIGIN/../src' \
 	-lnl-route-3 -lnl-3 -L$(LIBNLDIR) -Wl,-rpath,'$$ORIGIN/$(LIBNLDIR)'
 
+COMMON_OUTS = $(COMMON_TESTS:%=%.out)
 LOCAL_OUTS = $(LOCAL_TESTS:%=%.out)
 VZ_OUTS = $(VZ_TESTS:%=%.out)
 
@@ -53,6 +55,7 @@ clean: cleanouts
 	rm -f $(TESTS)
 	rm -f $(PIGS)
 	rm -f $(OBJS)
+	rm -rf root
 
 %.o: %.c
 	$(CC) -c $(CFLAGS) $^ -o $@
@@ -67,10 +70,14 @@ $(1).out: $(1)
 endef
 $(foreach t, $(TESTS), $(eval $(call gen-out,$(t))))
 
-run-local: cleanouts $(PIGS) $(LOCAL_OUTS)
+run-local: cleanouts root $(PIGS) $(LOCAL_OUTS) $(COMMON_OUTS)
 
-run-vz: cleanouts $(VZ_OUTS)
+run-vz: cleanouts root $(VZ_OUTS) $(COMMON_OUTS)
 
 run: cleanouts $(PIGS) $(OUTS)
 
+root:
+	mkdir root
+	curl http://images.linuxcontainers.org/images/ubuntu/utopic/amd64/default/20141119_03:49/rootfs.tar.xz | tar -JxC root
+
 .PHONY: all local vz clean run run-local run-vz
diff --git a/test/vz_create_exec.c b/test/vz_create_exec.c
@@ -6,7 +6,7 @@
 
 #include "test.h"
 
-#define FS_ROOT		"/"
+#define FS_ROOT		"root"
 int main(int argc, char *argv[])
 {
 	libct_session_t s;

diff --git a/test/vz_enter.c b/test/vz_enter.c
@@ -2,19 +2,25 @@
 #include <stdlib.h>
 #include <libct.h>
 #include <unistd.h>
+#include <fcntl.h>
 #include <linux/sched.h>
+#include <sys/types.h>
+#include <sys/wait.h>
 
 #include "test.h"
 
-#define FS_ROOT		"/"
+#define FS_ROOT		"root"
 int main(int argc, char *argv[])
 {
 	libct_session_t s;
 	ct_handler_t ct;
 	ct_process_desc_t p;
-	char *sleep_a[] = { "sleep", "60", NULL};
-	char *ls_a[] = { "ls", "/root/work/libct/test", NULL};
+	char *sleep_a[] = { "cat", NULL};
+	char *ls_a[] = { "sh", "-c", "echo ok", NULL};
 	int fds[] = {STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO};
+	int pfd[2], tfd[2], status;
+	char buf[10];
+	pid_t pid;
 
 	s = libct_session_open_local();
 	ct = libct_container_create(s, "1339");
@@ -28,11 +34,32 @@ int main(int argc, char *argv[])
 			CLONE_NEWNET |
 			CLONE_NEWPID);
 
-	if (libct_container_spawn_execvfds(ct, p, "/bin/sleep", sleep_a, fds) <= 0)
+	if (pipe(pfd))
 		goto err;
 
-	if (libct_container_enter_execvfds(ct, p, "/bin/ls", ls_a, fds) <= 0)
+	fds[0] = pfd[0];
+	fcntl(pfd[1], F_SETFD, FD_CLOEXEC);
+	if (libct_container_spawn_execvfds(ct, p, "/bin/cat", sleep_a, fds) <= 0)
 		goto err;
+	close(pfd[0]);
+
+	if (pipe(tfd))
+		goto err;
+
+	fds[0] = STDIN_FILENO;
+	fds[1] = tfd[1];
+	fcntl(pfd[0], F_SETFD, FD_CLOEXEC);
+	pid = libct_container_enter_execvfds(ct, p, "/bin/sh", ls_a, fds);
+	if (pid <= 0)
+		goto err;
+	close(tfd[1]);
+
+	if (read(tfd[0], buf, sizeof(buf)) != 3)
+		goto err;
+
+	waitpid(pid, &status, 0);
+
+	close(pfd[1]);
 
 	libct_container_wait(ct);
 	libct_container_destroy(ct);

diff --git a/test/vz_net_veth.c b/test/vz_net_veth.c
@@ -9,7 +9,7 @@
 #define VETH_HOST_NAME	"hveth0"
 #define VETH_CT_NAME	"cveth0"
 
-#define FS_ROOT		"/"
+#define FS_ROOT		"root"
 int main(int argc, char *argv[])
 {
 	libct_session_t s;