The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/go-lxc/pull/136
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com>
From 97e5f4b8182e9f2987b2bc055c433f3e3c74d04a Mon Sep 17 00:00:00 2001 From: Christian Brauner <christian.brau...@ubuntu.com> Date: Tue, 12 May 2020 17:41:26 +0200 Subject: [PATCH 1/2] container: add InitPidFd() api extension Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com> --- container.go | 9 +++++++++ lxc-binding.c | 4 ++++ lxc-binding.h | 1 + 3 files changed, 14 insertions(+) diff --git a/container.go b/container.go index 5cada46..2366c3a 100644 --- a/container.go +++ b/container.go @@ -297,6 +297,15 @@ func (c *Container) InitPid() int { return int(C.go_lxc_init_pid(c.container)) } +// InitPidFd returns the pidfd of the container's init process as +// seen from outside the container. +func (c *Container) InitPidFd() int { + c.mu.RLock() + defer c.mu.RUnlock() + + return int(C.go_lxc_init_pidfd(c.container)) +} + // Daemonize returns true if the container wished to be daemonized. func (c *Container) Daemonize() bool { c.mu.RLock() diff --git a/lxc-binding.c b/lxc-binding.c index 51d6a9a..7f3aad3 100644 --- a/lxc-binding.c +++ b/lxc-binding.c @@ -44,6 +44,10 @@ pid_t go_lxc_init_pid(struct lxc_container *c) { return c->init_pid(c); } +int go_lxc_init_pidfd(struct lxc_container *c) { + return c->init_pidfd(c); +} + bool go_lxc_want_daemonize(struct lxc_container *c, bool state) { return c->want_daemonize(c, state); } diff --git a/lxc-binding.h b/lxc-binding.h index da2cb96..9ae9e8d 100644 --- a/lxc-binding.h +++ b/lxc-binding.h @@ -80,6 +80,7 @@ extern int go_lxc_console_getfd(struct lxc_container *c, int ttynum); extern int go_lxc_snapshot_list(struct lxc_container *c, struct lxc_snapshot **ret); extern int go_lxc_snapshot(struct lxc_container *c); extern pid_t go_lxc_init_pid(struct lxc_container *c); +extern int go_lxc_init_pidfd(struct lxc_container *c); extern bool go_lxc_checkpoint(struct lxc_container *c, char *directory, bool stop, bool verbose); extern bool go_lxc_restore(struct lxc_container *c, char *directory, bool verbose); extern bool go_lxc_config_item_is_supported(const char *key); From 648ab00cb4d7063d12120591d559aff51b5cdabf Mon Sep 17 00:00:00 2001 From: Christian Brauner <christian.brau...@ubuntu.com> Date: Tue, 12 May 2020 17:43:49 +0200 Subject: [PATCH 2/2] container: add SeccompNotifyFd() api extension Signed-off-by: Christian Brauner <christian.brau...@ubuntu.com> --- container.go | 8 ++++++++ lxc-binding.c | 4 ++++ lxc-binding.h | 1 + 3 files changed, 13 insertions(+) diff --git a/container.go b/container.go index 2366c3a..17c08fb 100644 --- a/container.go +++ b/container.go @@ -306,6 +306,14 @@ func (c *Container) InitPidFd() int { return int(C.go_lxc_init_pidfd(c.container)) } +// SeccompNotifyFd returns the seccomp notify fd of the container. +func (c *Container) SeccompNotifyFd() int { + c.mu.RLock() + defer c.mu.RUnlock() + + return int(C.go_lxc_seccomp_notify_fd(c.container)) +} + // Daemonize returns true if the container wished to be daemonized. func (c *Container) Daemonize() bool { c.mu.RLock() diff --git a/lxc-binding.c b/lxc-binding.c index 7f3aad3..261dbef 100644 --- a/lxc-binding.c +++ b/lxc-binding.c @@ -48,6 +48,10 @@ int go_lxc_init_pidfd(struct lxc_container *c) { return c->init_pidfd(c); } +int go_lxc_seccomp_notify_fd(struct lxc_container *c) { + return c->seccomp_notify_fd(c); +} + bool go_lxc_want_daemonize(struct lxc_container *c, bool state) { return c->want_daemonize(c, state); } diff --git a/lxc-binding.h b/lxc-binding.h index 9ae9e8d..b52e2cd 100644 --- a/lxc-binding.h +++ b/lxc-binding.h @@ -81,6 +81,7 @@ extern int go_lxc_snapshot_list(struct lxc_container *c, struct lxc_snapshot **r extern int go_lxc_snapshot(struct lxc_container *c); extern pid_t go_lxc_init_pid(struct lxc_container *c); extern int go_lxc_init_pidfd(struct lxc_container *c); +extern int go_lxc_seccomp_notify_fd(struct lxc_container *c); extern bool go_lxc_checkpoint(struct lxc_container *c, char *directory, bool stop, bool verbose); extern bool go_lxc_restore(struct lxc_container *c, char *directory, bool verbose); extern bool go_lxc_config_item_is_supported(const char *key);
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel