The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/go-lxc/pull/136

This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
From 97e5f4b8182e9f2987b2bc055c433f3e3c74d04a Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Tue, 12 May 2020 17:41:26 +0200
Subject: [PATCH 1/2] container: add InitPidFd() api extension

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 container.go  | 9 +++++++++
 lxc-binding.c | 4 ++++
 lxc-binding.h | 1 +
 3 files changed, 14 insertions(+)

diff --git a/container.go b/container.go
index 5cada46..2366c3a 100644
--- a/container.go
+++ b/container.go
@@ -297,6 +297,15 @@ func (c *Container) InitPid() int {
        return int(C.go_lxc_init_pid(c.container))
 }
 
+// InitPidFd returns the pidfd of the container's init process as
+// seen from outside the container.
+func (c *Container) InitPidFd() int {
+       c.mu.RLock()
+       defer c.mu.RUnlock()
+
+       return int(C.go_lxc_init_pidfd(c.container))
+}
+
 // Daemonize returns true if the container wished to be daemonized.
 func (c *Container) Daemonize() bool {
        c.mu.RLock()
diff --git a/lxc-binding.c b/lxc-binding.c
index 51d6a9a..7f3aad3 100644
--- a/lxc-binding.c
+++ b/lxc-binding.c
@@ -44,6 +44,10 @@ pid_t go_lxc_init_pid(struct lxc_container *c) {
        return c->init_pid(c);
 }
 
+int go_lxc_init_pidfd(struct lxc_container *c) {
+       return c->init_pidfd(c);
+}
+
 bool go_lxc_want_daemonize(struct lxc_container *c, bool state) {
        return c->want_daemonize(c, state);
 }
diff --git a/lxc-binding.h b/lxc-binding.h
index da2cb96..9ae9e8d 100644
--- a/lxc-binding.h
+++ b/lxc-binding.h
@@ -80,6 +80,7 @@ extern int go_lxc_console_getfd(struct lxc_container *c, int 
ttynum);
 extern int go_lxc_snapshot_list(struct lxc_container *c, struct lxc_snapshot 
**ret);
 extern int go_lxc_snapshot(struct lxc_container *c);
 extern pid_t go_lxc_init_pid(struct lxc_container *c);
+extern int go_lxc_init_pidfd(struct lxc_container *c);
 extern bool go_lxc_checkpoint(struct lxc_container *c, char *directory, bool 
stop, bool verbose);
 extern bool go_lxc_restore(struct lxc_container *c, char *directory, bool 
verbose);
 extern bool go_lxc_config_item_is_supported(const char *key);

From 648ab00cb4d7063d12120591d559aff51b5cdabf Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brau...@ubuntu.com>
Date: Tue, 12 May 2020 17:43:49 +0200
Subject: [PATCH 2/2] container: add SeccompNotifyFd() api extension

Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
---
 container.go  | 8 ++++++++
 lxc-binding.c | 4 ++++
 lxc-binding.h | 1 +
 3 files changed, 13 insertions(+)

diff --git a/container.go b/container.go
index 2366c3a..17c08fb 100644
--- a/container.go
+++ b/container.go
@@ -306,6 +306,14 @@ func (c *Container) InitPidFd() int {
        return int(C.go_lxc_init_pidfd(c.container))
 }
 
+// SeccompNotifyFd returns the seccomp notify fd of the container.
+func (c *Container) SeccompNotifyFd() int {
+       c.mu.RLock()
+       defer c.mu.RUnlock()
+
+       return int(C.go_lxc_seccomp_notify_fd(c.container))
+}
+
 // Daemonize returns true if the container wished to be daemonized.
 func (c *Container) Daemonize() bool {
        c.mu.RLock()
diff --git a/lxc-binding.c b/lxc-binding.c
index 7f3aad3..261dbef 100644
--- a/lxc-binding.c
+++ b/lxc-binding.c
@@ -48,6 +48,10 @@ int go_lxc_init_pidfd(struct lxc_container *c) {
        return c->init_pidfd(c);
 }
 
+int go_lxc_seccomp_notify_fd(struct lxc_container *c) {
+       return c->seccomp_notify_fd(c);
+}
+
 bool go_lxc_want_daemonize(struct lxc_container *c, bool state) {
        return c->want_daemonize(c, state);
 }
diff --git a/lxc-binding.h b/lxc-binding.h
index 9ae9e8d..b52e2cd 100644
--- a/lxc-binding.h
+++ b/lxc-binding.h
@@ -81,6 +81,7 @@ extern int go_lxc_snapshot_list(struct lxc_container *c, 
struct lxc_snapshot **r
 extern int go_lxc_snapshot(struct lxc_container *c);
 extern pid_t go_lxc_init_pid(struct lxc_container *c);
 extern int go_lxc_init_pidfd(struct lxc_container *c);
+extern int go_lxc_seccomp_notify_fd(struct lxc_container *c);
 extern bool go_lxc_checkpoint(struct lxc_container *c, char *directory, bool 
stop, bool verbose);
 extern bool go_lxc_restore(struct lxc_container *c, char *directory, bool 
verbose);
 extern bool go_lxc_config_item_is_supported(const char *key);
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to