X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=python%2Fvserverimpl.c;h=49a22c91af56ed59a14ebc12258df12925b226d5;hb=93df17be4f833ac7131835ec0505fe8a546a0495;hp=85563cced4ecca208d20fbc6838a4c019a6fd8fd;hpb=65095f8401e80f1ed9898c5475f56def965c7e15;p=util-vserver.git

diff --git a/python/vserverimpl.c b/python/vserverimpl.c
index 85563cc..49a22c9 100644
--- a/python/vserverimpl.c
+++ b/python/vserverimpl.c
@@ -39,6 +39,8 @@ POSSIBILITY OF SUCH DAMAGE.
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
+#include <sys/socket.h>
+#include <arpa/inet.h>
 
 #include "config.h"
 #include "pathconfig.h"
@@ -47,11 +49,6 @@ POSSIBILITY OF SUCH DAMAGE.
 #include "planetlab.h"
 #include "vserver-internal.h"
 
-/* I don't like needing to define __KERNEL__ -- mef */
-#define __KERNEL__
-#include "kernel/limit.h"
-#undef __KERNEL__
-
 #define NONE  ({ Py_INCREF(Py_None); Py_None; })
 
 /*
@@ -60,18 +57,18 @@ POSSIBILITY OF SUCH DAMAGE.
 static PyObject *
 vserver_chcontext(PyObject *self, PyObject *args)
 {
-  int  result;
+  int  ctx_is_new;
   xid_t  ctx;
-  uint32_t  flags = 0;
-  uint32_t  bcaps = ~vc_get_insecurebcaps();
+  uint_least64_t bcaps = 0;
 
-  if (!PyArg_ParseTuple(args, "I|K", &ctx, &flags))
+  if (!PyArg_ParseTuple(args, "I|K", &ctx, &bcaps))
     return NULL;
+  bcaps |= ~vc_get_insecurebcaps();
 
-  if ((result = pl_chcontext(ctx, flags, bcaps, 0)) < 0)
+  if ((ctx_is_new = pl_chcontext(ctx, bcaps, 0)) < 0)
     return PyErr_SetFromErrno(PyExc_OSError);
 
-  return PyBool_FromLong(result);
+  return PyBool_FromLong(ctx_is_new);
 }
 
 static PyObject *
@@ -102,9 +99,9 @@ vserver_isrunning(PyObject *self, PyObject *args)
   sprintf(fname,"/proc/virtual/%d", ctx);
 
   if(stat(&fname[0],&statbuf)==0)
-    ret = Py_BuildValue("i",1);
+    ret = PyBool_FromLong(1);
   else
-    ret = Py_BuildValue("i",0);
+    ret = PyBool_FromLong(0);
 
   return ret;
 }
@@ -114,6 +111,7 @@ __vserver_get_rlimit(xid_t xid, int resource) {
   struct vc_rlimit limits;
   PyObject *ret;
 
+  errno = 0;
   if (vc_get_rlimit(xid, resource, &limits)==-1)
     ret = PyErr_SetFromErrno(PyExc_OSError);
   else
@@ -139,7 +137,7 @@ vserver_get_rlimit(PyObject *self, PyObject *args) {
 static PyObject *
 vserver_set_rlimit(PyObject *self, PyObject *args) {
   struct vc_rlimit limits;
-  struct rlimit olim, nlim;
+  struct rlimit lim;
   xid_t xid;
   int resource, lresource;
   PyObject *ret;
@@ -153,29 +151,25 @@ vserver_set_rlimit(PyObject *self, PyObject *args) {
 
   lresource = resource;
   switch (resource) {
-  case VLIMIT_NSOCK:
-  case VLIMIT_ANON:
-  case VLIMIT_SHMEM:
+  case VC_VLIMIT_NSOCK:
+  case VC_VLIMIT_ANON:
+  case VC_VLIMIT_SHMEM:
     goto do_vc_set_rlimit;
-  case VLIMIT_OPENFD:
+  case VC_VLIMIT_OPENFD:
     lresource = RLIMIT_NOFILE;
+    break;
   default:
     break;
   }
 
-  getrlimit(lresource,&olim);
-  if ((limits.min != VC_LIM_KEEP) && (limits.min > olim.rlim_cur)) {
-    nlim.rlim_cur = limits.min;
-    if (limits.min > olim.rlim_max) {
-      nlim.rlim_max = limits.min;
-    } else {
-      nlim.rlim_max = olim.rlim_max;
-    }
-    setrlimit(lresource, &nlim);
+  getrlimit(lresource,&lim);
+  if (adjust_lim(&limits,&lim)) {
+    setrlimit(lresource, &lim);
   }
 
  do_vc_set_rlimit:
-  if (vc_set_rlimit(xid, resource, &limits)) 
+  errno = 0;
+  if (vc_set_rlimit(xid, resource, &limits)==-1) 
     ret = PyErr_SetFromErrno(PyExc_OSError);
   else
     ret = __vserver_get_rlimit(xid, resource);
@@ -210,16 +204,14 @@ vserver_get_dlimit(PyObject *self, PyObject *args)
   PyObject *res;
   char* path;
   unsigned xid;
-  struct vcmd_ctx_dlimit_v0 data;
+  struct vc_ctx_dlimit data;
   int r;
 
   if (!PyArg_ParseTuple(args, "si", &path,&xid))
     return NULL;
 
   memset(&data, 0, sizeof(data));
-  data.name = path;
-  data.flags = 0;
-  r = vserver(VCMD_get_dlimit, xid, &data);
+  r = vc_get_dlimit(path, xid, 0, &data);
   if (r>=0) {
     res = Py_BuildValue("(i,i,i,i,i)",
 			data.space_used,
@@ -240,8 +232,7 @@ vserver_set_dlimit(PyObject *self, PyObject *args)
 {
   char* path;
   unsigned xid;
-  struct vcmd_ctx_dlimit_base_v0 init;
-  struct vcmd_ctx_dlimit_v0 data;
+  struct vc_ctx_dlimit data;
 
   memset(&data,0,sizeof(data));
   if (!PyArg_ParseTuple(args, "siiiiii", &path,
@@ -253,15 +244,8 @@ vserver_set_dlimit(PyObject *self, PyObject *args)
 			&data.reserved))
     return NULL;
 
-  data.name = path;
-  data.flags = 0;
-
-  memset(&init, 0, sizeof(init));
-  init.name = path;
-  init.flags = 0;
-
-  if ((vserver(VCMD_add_dlimit, xid, &init) && errno != EEXIST) ||
-      vserver(VCMD_set_dlimit, xid, &data))
+  if ((vc_add_dlimit(path, xid, 0) && errno != EEXIST) ||
+      vc_set_dlimit(path, xid, 0, &data))
     return PyErr_SetFromErrno(PyExc_OSError);
 
   return NONE;	
@@ -272,16 +256,11 @@ vserver_unset_dlimit(PyObject *self, PyObject *args)
 {
   char  *path;
   unsigned  xid;
-  struct vcmd_ctx_dlimit_base_v0  init;
 
   if (!PyArg_ParseTuple(args, "si", &path, &xid))
     return NULL;
 
-  memset(&init, 0, sizeof(init));
-  init.name = path;
-  init.flags = 0;
-
-  if (vserver(VCMD_rem_dlimit, xid, &init) && errno != ESRCH)
+  if (vc_rem_dlimit(path, xid, 0) && errno != ESRCH)
     return PyErr_SetFromErrno(PyExc_OSError);
 
   return NONE;	
@@ -290,8 +269,16 @@ vserver_unset_dlimit(PyObject *self, PyObject *args)
 static PyObject *
 vserver_killall(PyObject *self, PyObject *args)
 {
-  xid_t  ctx;
-  int  sig;
+  xid_t	ctx;
+  int	sig;
+  struct vc_ctx_flags cflags = {
+    .flagword = 0,
+    .mask = VC_VXF_PERSISTENT
+  };
+  struct vc_net_flags nflags = {
+    .flagword = 0,
+    .mask = VC_NXF_PERSISTENT
+  };
 
   if (!PyArg_ParseTuple(args, "Ii", &ctx, &sig))
     return NULL;
@@ -299,6 +286,160 @@ vserver_killall(PyObject *self, PyObject *args)
   if (vc_ctx_kill(ctx, 0, sig) && errno != ESRCH)
     return PyErr_SetFromErrno(PyExc_OSError);
 
+  if (vc_set_cflags(ctx, &cflags) && errno != ESRCH)
+    return PyErr_SetFromErrno(PyExc_OSError);
+
+  if (vc_set_nflags(ctx, &nflags) && errno != ESRCH)
+    return PyErr_SetFromErrno(PyExc_OSError);
+
+  return NONE;
+}
+
+static PyObject *
+vserver_set_bcaps(PyObject *self, PyObject *args)
+{
+  xid_t ctx;
+  struct vc_ctx_caps caps;
+
+  if (!PyArg_ParseTuple(args, "IK", &ctx, &caps.bcaps))
+    return NULL;
+
+  caps.bmask = vc_get_insecurebcaps();
+  caps.cmask = caps.ccaps = 0;
+  if (vc_set_ccaps(ctx, &caps) == -1 && errno != ESRCH)
+    return PyErr_SetFromErrno(PyExc_OSError);
+
+  return NONE;
+}
+
+static PyObject *
+vserver_text2bcaps(PyObject *self, PyObject *args)
+{
+  struct vc_ctx_caps caps = { .bcaps = 0 };
+  const char *list;
+  int len;
+  struct vc_err_listparser err;
+
+  if (!PyArg_ParseTuple(args, "s#", &list, &len))
+    return NULL;
+
+  vc_list2bcap(list, len, &err, &caps);
+
+  return Py_BuildValue("K", caps.bcaps);
+}
+
+static PyObject *
+vserver_get_bcaps(PyObject *self, PyObject *args)
+{
+  xid_t ctx;
+  struct vc_ctx_caps caps;
+
+  if (!PyArg_ParseTuple(args, "I", &ctx))
+    return NULL;
+
+  if (vc_get_ccaps(ctx, &caps) == -1) {
+    if (errno != -ESRCH)
+      return PyErr_SetFromErrno(PyExc_OSError);
+    else
+      caps.bcaps = 0;
+  }
+
+  return Py_BuildValue("K", caps.bcaps & vc_get_insecurebcaps());
+}
+
+static PyObject *
+vserver_bcaps2text(PyObject *self, PyObject *args)
+{
+  struct vc_ctx_caps caps = { .bcaps = 0 };
+  PyObject *list;
+  const char *cap;
+
+  if (!PyArg_ParseTuple(args, "K", &caps.bcaps))
+    return NULL;
+
+  list = PyString_FromString("");
+
+  while ((cap = vc_lobcap2text(&caps.bcaps)) != NULL) {
+    if (list == NULL)
+      break;
+    PyString_ConcatAndDel(&list, PyString_FromFormat(
+			  (PyString_Size(list) > 0 ? ",CAP_%s" : "CAP_%s" ),
+			  cap));
+  }
+
+  return list;
+}
+
+static inline int
+convertAddress(const char *str, vc_net_nx_type *type, void *dst)
+{
+  int   ret;
+  if (type) *type = vcNET_IPV4;
+  ret = inet_pton(AF_INET, str, dst);
+  if (ret==0) {
+    if (type) *type = vcNET_IPV6;
+    ret = inet_pton(AF_INET6, str, dst);
+  }
+  return ret > 0 ? 0 : -1;
+}
+
+/* XXX These two functions are really similar */
+static PyObject *
+vserver_net_add(PyObject *self, PyObject *args)
+{
+  struct vc_net_nx addr;
+  nid_t nid;
+  const char *ip;
+
+  if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
+    return NULL;
+
+  if (convertAddress(ip, &addr.type, &addr.ip) == -1)
+    return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
+
+  switch (addr.type) {
+  case vcNET_IPV4:	addr.mask[0] = htonl(0xffffff00); break;
+  case vcNET_IPV6:	addr.mask[0] = 64; break;
+  default:		addr.mask[0] = 0; break;
+  }
+  addr.count = 1;
+
+  if (vc_net_add(nid, &addr) == -1 && errno != ESRCH)
+    return PyErr_SetFromErrno(PyExc_OSError);
+
+  return NONE;
+}
+
+static PyObject *
+vserver_net_remove(PyObject *self, PyObject *args)
+{
+  struct vc_net_nx addr;
+  nid_t nid;
+  const char *ip;
+
+  if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
+    return NULL;
+
+  if (strcmp(ip, "all") == 0)
+    addr.type = vcNET_ANY;
+  else if (strcmp(ip, "all4") == 0)
+    addr.type = vcNET_IPV4A;
+  else if (strcmp(ip, "all6") == 0)
+    addr.type = vcNET_IPV6A;
+  else
+    if (convertAddress(ip, &addr.type, &addr.ip) == -1)
+      return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
+
+  switch (addr.type) {
+  case vcNET_IPV4:	addr.mask[0] = htonl(0xffffff00); break;
+  case vcNET_IPV6:	addr.mask[0] = 64; break;
+  default:		addr.mask[0] = 0; break;
+  }
+  addr.count = 1;
+
+  if (vc_net_remove(nid, &addr) == -1 && errno != ESRCH)
+    return PyErr_SetFromErrno(PyExc_OSError);
+
   return NONE;
 }
 
@@ -323,6 +464,18 @@ static PyMethodDef  methods[] = {
     "Send signal to all processes in vserver context" },
   { "isrunning", vserver_isrunning, METH_VARARGS,
     "Check if vserver is running"},
+  { "setbcaps", vserver_set_bcaps, METH_VARARGS,
+    "Set POSIX capabilities of a vserver context" },
+  { "getbcaps", vserver_get_bcaps, METH_VARARGS,
+    "Get POSIX capabilities of a vserver context" },
+  { "text2bcaps", vserver_text2bcaps, METH_VARARGS,
+    "Translate a string of capabilities to a bitmap" },
+  { "bcaps2text", vserver_bcaps2text, METH_VARARGS,
+    "Translate a capability-bitmap into a string" },
+  { "netadd", vserver_net_add, METH_VARARGS,
+    "Assign an IP address to a context" },
+  { "netremove", vserver_net_remove, METH_VARARGS,
+    "Remove IP address(es) from a context" },
   { NULL, NULL, 0, NULL }
 };
 
@@ -340,8 +493,8 @@ initvserverimpl(void)
   PyModule_AddStringConstant(mod, "VSERVER_BASEDIR", DEFAULT_VSERVERDIR);
 
   /* export limit-related constants */
-  PyModule_AddIntConstant(mod, "DLIMIT_KEEP", (int)CDLIM_KEEP);
-  PyModule_AddIntConstant(mod, "DLIMIT_INF", (int)CDLIM_INFINITY);
+  PyModule_AddIntConstant(mod, "DLIMIT_KEEP", (int)VC_CDLIM_KEEP);
+  PyModule_AddIntConstant(mod, "DLIMIT_INF", (int)VC_CDLIM_INFINITY);
   PyModule_AddIntConstant(mod, "VC_LIM_KEEP", (int)VC_LIM_KEEP);
 
   PyModule_AddIntConstant(mod, "RLIMIT_CPU", (int)RLIMIT_CPU);
@@ -355,10 +508,10 @@ initvserverimpl(void)
   PyModule_AddIntConstant(mod, "RLIMIT_SIGPENDING", (int)RLIMIT_SIGPENDING);
   PyModule_AddIntConstant(mod, "RLIMIT_MSGQUEUE", (int)RLIMIT_MSGQUEUE);
 
-  PyModule_AddIntConstant(mod, "VLIMIT_NSOCK", (int)VLIMIT_NSOCK);
-  PyModule_AddIntConstant(mod, "VLIMIT_OPENFD", (int)VLIMIT_OPENFD);
-  PyModule_AddIntConstant(mod, "VLIMIT_ANON", (int)VLIMIT_ANON);
-  PyModule_AddIntConstant(mod, "VLIMIT_SHMEM", (int)VLIMIT_SHMEM);
+  PyModule_AddIntConstant(mod, "VLIMIT_NSOCK", (int)VC_VLIMIT_NSOCK);
+  PyModule_AddIntConstant(mod, "VLIMIT_OPENFD", (int)VC_VLIMIT_OPENFD);
+  PyModule_AddIntConstant(mod, "VLIMIT_ANON", (int)VC_VLIMIT_ANON);
+  PyModule_AddIntConstant(mod, "VLIMIT_SHMEM", (int)VC_VLIMIT_SHMEM);
 
   /* scheduler flags */
   PyModule_AddIntConstant(mod,