mirror of
https://github.com/opencontainers/runc.git
synced 2025-10-07 00:12:53 +08:00
42d5d04801
An init process can join other namespaces (pidns, ipc etc.). This leverages C code defined in nsenter package to spawn a process with correct namespaces and clone if necessary. This moves all setns and cloneflags related code to nsenter layer, which mean that we dont use Go os/exec to create process with cloneflags and set uid/gid_map or setgroups anymore. The necessary data is passed from Go to C using a netlink binary-encoding format. With this change, setns and init processes are almost the same, which brings some opportunity for refactoring. Signed-off-by: Daniel, Dao Quang Minh <dqminh89@gmail.com> [mickael.laventure@docker.com: adapted to apply on master @ d97d5e] Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@docker.com>
89 lines
2.0 KiB
Go
89 lines
2.0 KiB
Go
// +build linux
|
|
|
|
package libcontainer
|
|
|
|
import (
|
|
"syscall"
|
|
|
|
"github.com/vishvananda/netlink/nl"
|
|
)
|
|
|
|
// list of known message types we want to send to bootstrap program
|
|
// The number is randomly chosen to not conflict with known netlink types
|
|
const (
|
|
InitMsg uint16 = 62000
|
|
CloneFlagsAttr uint16 = 27281
|
|
ConsolePathAttr uint16 = 27282
|
|
NsPathsAttr uint16 = 27283
|
|
UidmapAttr uint16 = 27284
|
|
GidmapAttr uint16 = 27285
|
|
SetgroupAttr uint16 = 27286
|
|
// When syscall.NLA_HDRLEN is in gccgo, take this out.
|
|
syscall_NLA_HDRLEN = (syscall.SizeofNlAttr + syscall.NLA_ALIGNTO - 1) & ^(syscall.NLA_ALIGNTO - 1)
|
|
)
|
|
|
|
type Int32msg struct {
|
|
Type uint16
|
|
Value uint32
|
|
}
|
|
|
|
// int32msg has the following representation
|
|
// | nlattr len | nlattr type |
|
|
// | uint32 value |
|
|
func (msg *Int32msg) Serialize() []byte {
|
|
buf := make([]byte, msg.Len())
|
|
native := nl.NativeEndian()
|
|
native.PutUint16(buf[0:2], uint16(msg.Len()))
|
|
native.PutUint16(buf[2:4], msg.Type)
|
|
native.PutUint32(buf[4:8], msg.Value)
|
|
return buf
|
|
}
|
|
|
|
func (msg *Int32msg) Len() int {
|
|
return syscall_NLA_HDRLEN + 4
|
|
}
|
|
|
|
// bytemsg has the following representation
|
|
// | nlattr len | nlattr type |
|
|
// | value | pad |
|
|
type Bytemsg struct {
|
|
Type uint16
|
|
Value []byte
|
|
}
|
|
|
|
func (msg *Bytemsg) Serialize() []byte {
|
|
l := msg.Len()
|
|
buf := make([]byte, (l+syscall.NLA_ALIGNTO-1) & ^(syscall.NLA_ALIGNTO-1))
|
|
native := nl.NativeEndian()
|
|
native.PutUint16(buf[0:2], uint16(l))
|
|
native.PutUint16(buf[2:4], msg.Type)
|
|
copy(buf[4:], msg.Value)
|
|
return buf
|
|
}
|
|
|
|
func (msg *Bytemsg) Len() int {
|
|
return syscall_NLA_HDRLEN + len(msg.Value) + 1 // null-terminated
|
|
}
|
|
|
|
type Boolmsg struct {
|
|
Type uint16
|
|
Value bool
|
|
}
|
|
|
|
func (msg *Boolmsg) Serialize() []byte {
|
|
buf := make([]byte, msg.Len())
|
|
native := nl.NativeEndian()
|
|
native.PutUint16(buf[0:2], uint16(msg.Len()))
|
|
native.PutUint16(buf[2:4], msg.Type)
|
|
if msg.Value {
|
|
buf[4] = 1
|
|
} else {
|
|
buf[4] = 0
|
|
}
|
|
return buf
|
|
}
|
|
|
|
func (msg *Boolmsg) Len() int {
|
|
return syscall_NLA_HDRLEN + 1
|
|
}
|