1 /* $Id: vserver.h 2819 2008-10-31 15:41:04Z dhozac $
3 * Copyright (C) 2003 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2, or (at your option)
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
21 * \brief The public interface of the the libvserver library.
24 #ifndef H_VSERVER_SYSCALL_H
25 #define H_VSERVER_SYSCALL_H
30 #include <sys/types.h>
32 #include <netinet/in.h>
36 # define VC_ATTR_UNUSED __attribute__((__unused__))
37 # define VC_ATTR_NORETURN __attribute__((__noreturn__))
38 # define VC_ATTR_CONST __attribute__((__const__))
39 # define VC_ATTR_DEPRECATED __attribute__((__deprecated__))
40 # if __GNUC__*0x10000 + __GNUC_MINOR__*0x100 + __GNUC_PATCHLEVEL__ >= 0x30300
41 # define VC_ATTR_NONNULL(ARGS) __attribute__((__nonnull__ ARGS))
42 # define VC_ATTR_ALWAYSINLINE __attribute__((__always_inline__))
44 # define VC_ATTR_NONNULL(ARGS)
45 # define VC_ATTR_ALWAYSINLINE
47 # if __GNUC__*0x10000 + __GNUC_MINOR__*0x100 + __GNUC_PATCHLEVEL__ >= 0x30303
48 # define VC_ATTR_PURE __attribute__((__pure__))
53 # define VC_ATTR_NONNULL(ARGS)
54 # define VC_ATTR_UNUSED
55 # define VC_ATTR_NORETURN
56 # define VC_ATTR_ALWAYSINLINE
57 # define VC_ATTR_DEPRECATED
59 # define VC_ATTR_CONST
63 /** the value which is returned in error-case (no ctx found) */
64 #define VC_NOCTX ((xid_t)(-1))
65 #define VC_NOXID ((xid_t)(-1))
66 /** the value which means a random (the next free) ctx */
67 #define VC_DYNAMIC_XID ((xid_t)(-1))
68 /** the value which means the current ctx */
69 #define VC_SAMECTX ((xid_t)(-2))
71 #define VC_NONID ((nid_t)(-1))
72 #define VC_DYNAMIC_NID ((nid_t)(-1))
74 #define VC_LIM_INFINITY (~0ULL)
75 #define VC_LIM_KEEP (~1ULL)
77 #define VC_CDLIM_UNSET (0U)
78 #define VC_CDLIM_INFINITY (~0U)
79 #define VC_CDLIM_KEEP (~1U)
81 #ifndef S_CTX_INFO_LOCK
82 # define S_CTX_INFO_LOCK 1
85 #ifndef S_CTX_INFO_SCHED
86 # define S_CTX_INFO_SCHED 2
89 #ifndef S_CTX_INFO_NPROC
90 # define S_CTX_INFO_NPROC 4
93 #ifndef S_CTX_INFO_PRIVATE
94 # define S_CTX_INFO_PRIVATE 8
97 #ifndef S_CTX_INFO_INIT
98 # define S_CTX_INFO_INIT 16
101 #ifndef S_CTX_INFO_HIDEINFO
102 # define S_CTX_INFO_HIDEINFO 32
105 #ifndef S_CTX_INFO_ULIMIT
106 # define S_CTX_INFO_ULIMIT 64
109 #ifndef S_CTX_INFO_NAMESPACE
110 # define S_CTX_INFO_NAMESPACE 128
113 #define VC_CAP_CHOWN 0
114 #define VC_CAP_DAC_OVERRIDE 1
115 #define VC_CAP_DAC_READ_SEARCH 2
116 #define VC_CAP_FOWNER 3
117 #define VC_CAP_FSETID 4
118 #define VC_CAP_KILL 5
119 #define VC_CAP_SETGID 6
120 #define VC_CAP_SETUID 7
121 #define VC_CAP_SETPCAP 8
122 #define VC_CAP_LINUX_IMMUTABLE 9
123 #define VC_CAP_NET_BIND_SERVICE 10
124 #define VC_CAP_NET_BROADCAST 11
125 #define VC_CAP_NET_ADMIN 12
126 #define VC_CAP_NET_RAW 13
127 #define VC_CAP_IPC_LOCK 14
128 #define VC_CAP_IPC_OWNER 15
129 #define VC_CAP_SYS_MODULE 16
130 #define VC_CAP_SYS_RAWIO 17
131 #define VC_CAP_SYS_CHROOT 18
132 #define VC_CAP_SYS_PTRACE 19
133 #define VC_CAP_SYS_PACCT 20
134 #define VC_CAP_SYS_ADMIN 21
135 #define VC_CAP_SYS_BOOT 22
136 #define VC_CAP_SYS_NICE 23
137 #define VC_CAP_SYS_RESOURCE 24
138 #define VC_CAP_SYS_TIME 25
139 #define VC_CAP_SYS_TTY_CONFIG 26
140 #define VC_CAP_MKNOD 27
141 #define VC_CAP_LEASE 28
142 #define VC_CAP_AUDIT_WRITE 29
143 #define VC_CAP_AUDIT_CONTROL 30
144 #define VC_CAP_SETFCAP 31
145 #define VC_CAP_MAC_OVERRIDE 32
146 #define VC_CAP_MAC_ADMIN 33
148 #define VC_IMMUTABLE_FILE_FL 0x0000010lu
149 #define VC_IMMUTABLE_LINK_FL 0x0008000lu
150 #define VC_IMMUTABLE_ALL (VC_IMMUTABLE_LINK_FL|VC_IMMUTABLE_FILE_FL)
152 #define VC_IATTR_XID 0x01000000u
154 #define VC_IATTR_ADMIN 0x00000001u
155 #define VC_IATTR_WATCH 0x00000002u
156 #define VC_IATTR_HIDE 0x00000004u
157 #define VC_IATTR_WRITE 0x00000008u
158 #define VC_IATTR_FLAGS 0x0000000fu
160 #define VC_IATTR_BARRIER 0x00010000u
161 #define VC_IATTR_IUNLINK 0x00020000u
162 #define VC_IATTR_IMMUTABLE 0x00040000u
166 #define VC_VXF_INFO_LOCK 0x00000001ull
167 #define VC_VXF_INFO_NPROC 0x00000004ull
168 #define VC_VXF_INFO_PRIVATE 0x00000008ull
169 #define VC_VXF_INFO_INIT 0x00000010ull
171 #define VC_VXF_INFO_HIDEINFO 0x00000020ull
172 #define VC_VXF_INFO_ULIMIT 0x00000040ull
173 #define VC_VXF_INFO_NAMESPACE 0x00000080ull
175 #define VC_VXF_SCHED_HARD 0x00000100ull
176 #define VC_VXF_SCHED_PRIO 0x00000200ull
177 #define VC_VXF_SCHED_PAUSE 0x00000400ull
179 #define VC_VXF_VIRT_MEM 0x00010000ull
180 #define VC_VXF_VIRT_UPTIME 0x00020000ull
181 #define VC_VXF_VIRT_CPU 0x00040000ull
182 #define VC_VXF_VIRT_LOAD 0x00080000ull
183 #define VC_VXF_VIRT_TIME 0x00100000ull
185 #define VC_VXF_HIDE_MOUNT 0x01000000ull
186 #define VC_VXF_HIDE_NETIF 0x02000000ull
187 #define VC_VXF_HIDE_VINFO 0x04000000ull
189 #define VC_VXF_STATE_SETUP (1ULL<<32)
190 #define VC_VXF_STATE_INIT (1ULL<<33)
191 #define VC_VXF_STATE_ADMIN (1ULL<<34)
193 #define VC_VXF_SC_HELPER (1ULL<<36)
194 #define VC_VXF_REBOOT_KILL (1ULL<<37)
195 #define VC_VXF_PERSISTENT (1ULL<<38)
197 #define VC_VXF_FORK_RSS (1ULL<<48)
198 #define VC_VXF_PROLIFIC (1ULL<<49)
200 #define VC_VXF_IGNEG_NICE (1ULL<<52)
201 #define VC_VXF_IGNEG_IONICE (1ULL<<53)
205 #define VC_VXC_SET_UTSNAME 0x00000001ull
206 #define VC_VXC_SET_RLIMIT 0x00000002ull
208 #define VC_VXC_RAW_ICMP 0x00000100ull
209 #define VC_VXC_SYSLOG 0x00001000ull
211 #define VC_VXC_SECURE_MOUNT 0x00010000ull
212 #define VC_VXC_SECURE_REMOUNT 0x00020000ull
213 #define VC_VXC_BINARY_MOUNT 0x00040000ull
215 #define VC_VXC_QUOTA_CTL 0x00100000ull
216 #define VC_VXC_ADMIN_MAPPER 0x00200000ull
217 #define VC_VXC_ADMIN_CLOOP 0x00400000ull
219 #define VC_VXC_KTHREAD 0x01000000ull
222 // the scheduler flags
223 #define VC_VXSM_FILL_RATE 0x0001
224 #define VC_VXSM_INTERVAL 0x0002
225 #define VC_VXSM_FILL_RATE2 0x0004
226 #define VC_VXSM_INTERVAL2 0x0008
227 #define VC_VXSM_TOKENS 0x0010
228 #define VC_VXSM_TOKENS_MIN 0x0020
229 #define VC_VXSM_TOKENS_MAX 0x0040
230 #define VC_VXSM_PRIO_BIAS 0x0100
231 #define VC_VXSM_CPU_ID 0x1000
232 #define VC_VXSM_BUCKET_ID 0x2000
234 #define VC_VXSM_IDLE_TIME 0x0200
235 #define VC_VXSM_FORCE 0x0400
236 #define VC_VXSM_MSEC 0x4000
238 #define VC_VXSM_V3_MASK 0x0173
242 #define VC_NXF_INFO_LOCK 0x00000001ull
243 #define VC_NXF_INFO_PRIVATE 0x00000008ull
245 #define VC_NXF_SINGLE_IP 0x00000100ull
246 #define VC_NXF_LBACK_REMAP 0x00000200ull
247 #define VC_NXF_LBACK_ALLOW 0x00000400ull
249 #define VC_NXF_HIDE_NETIF 0x02000000ull
250 #define VC_NXF_HIDE_LBACK 0x04000000ull
252 #define VC_NXF_STATE_SETUP (1ULL<<32)
253 #define VC_NXF_STATE_ADMIN (1ULL<<34)
255 #define VC_NXF_SC_HELPER (1ULL<<36)
256 #define VC_NXF_PERSISTENT (1ULL<<38)
259 // the network capabilities
260 #define VC_NXC_TUN_CREATE 0x00000001ull
262 #define VC_NXC_RAW_ICMP 0x00000100ull
265 // the vserver specific limits
266 #define VC_VLIMIT_NSOCK 16
267 #define VC_VLIMIT_OPENFD 17
268 #define VC_VLIMIT_ANON 18
269 #define VC_VLIMIT_SHMEM 19
270 #define VC_VLIMIT_SEMARY 20
271 #define VC_VLIMIT_NSEMS 21
272 #define VC_VLIMIT_DENTRY 22
273 #define VC_VLIMIT_MAPPED 23
276 // the VCI bit values
277 #define VC_VCI_NO_DYNAMIC (1 << 0)
278 #define VC_VCI_SPACES (1 << 10)
279 #define VC_VCI_NETV2 (1 << 11)
280 #define VC_VCI_PPTAG (1 << 28)
283 // the device mapping flags
284 #define VC_DATTR_CREATE 0x00000001
285 #define VC_DATTR_OPEN 0x00000002
287 #define VC_DATTR_REMAP 0x00000010
290 // the process context migration flags
291 #define VC_VXM_SET_INIT 0x00000001
292 #define VC_VXM_SET_REAPER 0x00000002
295 // the network address flags
296 #define VC_NXA_TYPE_IPV4 0x0001
297 #define VC_NXA_TYPE_IPV6 0x0002
299 #define VC_NXA_TYPE_NONE 0x0000
300 #define VC_NXA_TYPE_ANY 0x00FF
302 #define VC_NXA_TYPE_ADDR 0x0010
303 #define VC_NXA_TYPE_MASK 0x0020
304 #define VC_NXA_TYPE_RANGE 0x0040
306 #define VC_NXA_MOD_BCAST 0x0100
307 #define VC_NXA_MOD_LBACK 0x0200
311 # define CLONE_NEWNS 0x00020000
314 # define CLONE_NEWUTS 0x04000000
317 # define CLONE_NEWIPC 0x08000000
319 #ifndef CLONE_NEWUSER
320 # define CLONE_NEWUSER 0x10000000
323 # define CLONE_NEWPID 0x20000000
326 # define CLONE_NEWNET 0x40000000
330 #define VC_BAD_PERSONALITY ((uint_least32_t)(-1))
333 /** \defgroup syscalls Syscall wrappers
334 * Functions which are calling the vserver syscall directly. */
336 /** \defgroup helper Helper functions
337 * Functions which are doing general helper tasks like parameter parsing. */
339 /** \typedef an_unsigned_integer_type xid_t
340 * The identifier of a context. */
343 typedef an_unsigned_integer_type xid_t;
344 typedef an_unsigned_integer_type nid_t;
345 typedef an_unsigned_integer_type tag_t;
352 /** \brief The generic vserver syscall
355 * This function executes the generic vserver syscall. It uses the
356 * correct syscallnumber (which may differ between the different
359 * \param cmd the command to be executed
360 * \param xid the xid on which the cmd shall be applied
361 * \param data additional arguments; depends on \c cmd
362 * \returns depends on \c cmd; usually, -1 stands for an error
364 int vc_syscall(uint32_t cmd, xid_t xid, void *data);
366 /** \brief Returns the version of the current kernel API.
368 * \returns The versionnumber of the kernel API
370 int vc_get_version();
372 typedef uint64_t vc_vci_t;
373 /** \brief Returns the kernel configuration bits
375 * \returns The kernel configuration bits
377 vc_vci_t vc_get_vci();
379 /** \brief Moves current process into a context
382 * Puts current process into context \a ctx, removes the capabilities
383 * given in \a remove_cap and sets \a flags.
385 * \param ctx The new context; special values for are
386 * - VC_SAMECTX which means the current context (just for changing caps and flags)
387 * - VC_DYNAMIC_XID which means the next free context; this value can be used by
388 * ordinary users also
389 * \param remove_cap The linux capabilities which will be \b removed.
390 * \param flags Special flags which will be set.
392 * \returns The new context-id, or VC_NOCTX on errors; \c errno
393 * will be set appropriately
395 * See http://vserver.13thfloor.at/Stuff/Logic.txt for details */
396 xid_t vc_new_s_context(xid_t ctx, unsigned int remove_cap, unsigned int flags);
398 struct vc_ip_mask_pair {
403 /** \brief Sets the ipv4root information.
405 * \pre \a nb < NB_IPV4ROOT && \a ips != 0 */
406 int vc_set_ipv4root(uint32_t bcast, size_t nb,
407 struct vc_ip_mask_pair const *ips) VC_ATTR_NONNULL((3));
409 /** \brief Returns the value of NB_IPV4ROOT.
412 * This function returns the value of NB_IPV4ROOT which was used when the
413 * library was built, but \b not the value which is used by the currently
415 size_t vc_get_nb_ipv4root() VC_ATTR_CONST VC_ATTR_PURE;
417 /* process context */
418 /** \brief Flags of process-contexts
420 struct vc_ctx_flags {
421 /** \brief Mask of set context flags */
422 uint_least64_t flagword;
423 /** \brief Mask of set and unset context flags when used by set
424 * operations, or modifiable flags when used by get
429 /** \brief Creates a context without starting it.
432 * This functions initializes a new context. When already in a freshly
433 * created context, this old context will be discarded.
435 * \param xid The new context; special values are:
436 * - VC_DYNAMIC_XID which means to create a dynamic context
438 * \returns the xid of the created context, or VC_NOCTX on errors. \c errno
439 * will be set appropriately. */
440 xid_t vc_ctx_create(xid_t xid, struct vc_ctx_flags *flags);
442 /** \brief Moves the current process into the specified context.
445 * \param xid The new context
446 * \param flags The flags, see VC_VXM_*
447 * \returns 0 on success, -1 on errors */
448 int vc_ctx_migrate(xid_t xid, uint_least64_t flags);
450 /** \brief Statistics about a context */
452 uint_least32_t usecnt; ///< number of uses
453 uint_least32_t tasks; ///< number of tasks
456 /** \brief Get some statistics about a context.
459 * \param xid The context to get stats about
460 * \param stat Where to store the result
462 * \returns 0 on success, -1 on errors. */
463 int vc_ctx_stat(xid_t xid, struct vc_ctx_stat /*@out@*/ *stat) VC_ATTR_NONNULL((2));
465 /** \brief Contains further statistics about a context. */
466 struct vc_virt_stat {
467 uint_least64_t offset;
468 uint_least64_t uptime;
469 uint_least32_t nr_threads;
470 uint_least32_t nr_running;
471 uint_least32_t nr_uninterruptible;
472 uint_least32_t nr_onhold;
473 uint_least32_t nr_forks;
474 uint_least32_t load[3];
477 /** \brief Get more statistics about a context.
480 * \param xid The context to get stats about
481 * \param stat Where to store the result
483 * \returns 0 on success, -1 on errors. */
484 int vc_virt_stat(xid_t xid, struct vc_virt_stat /*@out@*/ *stat) VC_ATTR_NONNULL((2));
486 /** \brief Sends a signal to a context/pid
489 * Special values for \a pid are:
490 * - -1 which means every process in ctx except the init-process
491 * - 0 which means every process in ctx inclusive the init-process */
492 int vc_ctx_kill(xid_t ctx, pid_t pid, int sig);
494 int vc_get_cflags(xid_t xid, struct vc_ctx_flags /*@out@*/ *) VC_ATTR_NONNULL((2));
495 int vc_set_cflags(xid_t xid, struct vc_ctx_flags /*@in@*/ const *) VC_ATTR_NONNULL((2));
497 /** \brief Capabilities of process-contexts */
499 /** \brief Mask of set common system capabilities */
500 uint_least64_t bcaps;
501 /** \brief Mask of set and unset common system capabilities when used by
502 * set operations, or the modifiable capabilities when used by
504 uint_least64_t bmask;
505 /** \brief Mask of set process context capabilities */
506 uint_least64_t ccaps;
507 /** \brief Mask of set and unset process context capabilities when used
508 * by set operations, or the modifiable capabilities when used
509 * by get operations */
510 uint_least64_t cmask;
513 int vc_get_ccaps(xid_t xid, struct vc_ctx_caps *);
514 int vc_set_ccaps(xid_t xid, struct vc_ctx_caps const *);
521 int vc_get_vx_info(xid_t xid, struct vc_vx_info *info) VC_ATTR_NONNULL((2));
523 /** \brief Returns the context of the given process.
526 * \param pid the process-id whose xid shall be determined;
527 * pid==0 means the current process.
528 * \returns the xid of process \c pid or -1 on errors
530 xid_t vc_get_task_xid(pid_t pid);
532 /** \brief Waits for the end of a context
535 int vc_wait_exit(xid_t xid);
537 /* rlimit related functions */
539 /** \brief The type which is used for a single limit value.
542 * - VC_LIM_INFINITY ... which is the infinite value
543 * - VC_LIM_KEEP ... which is used to mark values which shall not be
544 * modified by the vc_set_rlimit() operation.
546 * Else, the interpretation of the value depends on the corresponding
547 * resource; it might be bytes, pages, seconds or litres of beer. */
548 typedef uint_least64_t vc_limit_t;
550 /** \brief Masks describing the supported limits. */
551 struct vc_rlimit_mask {
552 uint_least32_t min; ///< masks the resources supporting a minimum limit
553 uint_least32_t soft; ///< masks the resources supporting a soft limit
554 uint_least32_t hard; ///< masks the resources supporting a hard limit
557 /** \brief Returns the limits supported by the kernel */
558 int vc_get_rlimit_mask(xid_t xid,
559 struct vc_rlimit_mask /*@out@*/ *lim) VC_ATTR_NONNULL((2));
561 /** \brief The limits of a resources.
563 * This is a triple consisting of a minimum, soft and hardlimit. */
565 vc_limit_t min; ///< the guaranted minimum of a resources
566 vc_limit_t soft; ///< the softlimit of a resource
567 vc_limit_t hard; ///< the absolute hardlimit of a resource
570 /** \brief Returns the limits of \a resource.
573 * \param xid The id of the context
574 * \param resource The resource which will be queried
575 * \param lim The result which will be filled with the limits
577 * \returns 0 on success, and -1 on errors. */
578 int vc_get_rlimit(xid_t xid, int resource,
579 struct vc_rlimit /*@out@*/ *lim) VC_ATTR_NONNULL((3));
580 /** \brief Sets the limits of \a resource.
583 * \param xid The id of the context
584 * \param resource The resource which will be queried
585 * \param lim The new limits
587 * \returns 0 on success, and -1 on errors. */
588 int vc_set_rlimit(xid_t xid, int resource,
589 struct vc_rlimit const /*@in@*/ *lim) VC_ATTR_NONNULL((3));
591 /** \brief Statistics for a resource limit. */
592 struct vc_rlimit_stat {
593 uint_least32_t hits; ///< number of hits on the limit
594 vc_limit_t value; ///< current value
595 vc_limit_t minimum; ///< minimum value observed
596 vc_limit_t maximum; ///< maximum value observed
599 /** \brief Returns the current stats of \a resource.
602 * \param xid The id of the context
603 * \param resource The resource which will be queried
604 * \param stat The result which will be filled with the stats
606 * \returns 0 on success, and -1 on errors. */
607 int vc_rlimit_stat(xid_t xid, int resource,
608 struct vc_rlimit_stat /*@out@*/ *stat) VC_ATTR_NONNULL((3));
610 /** \brief Resets the minimum and maximum observed values of all resources.
613 * \param xid The id of the context
615 * \returns 0 on success, and -1 on errors. */
616 int vc_reset_minmax(xid_t xid);
618 /** \brief Parses a string describing a limit
621 * This function parses \a str and interprets special words like \p "inf"
622 * or suffixes. Valid suffixes are
628 * \param str The string which shall be parsed
629 * \param res Will be filled with the interpreted value; in errorcase,
630 * this value is undefined.
632 * \returns \a true, iff the string \a str could be parsed. \a res will
633 * be filled with the interpreted value in this case.
635 * \pre \a str!=0 && \a res!=0
637 bool vc_parseLimit(char const /*@in@*/ *str, vc_limit_t /*@out@*/ *res) VC_ATTR_NONNULL((1,2));
640 /* network context */
645 nid_t vc_get_task_nid(pid_t pid);
646 int vc_get_nx_info(nid_t nid, struct vc_nx_info *) VC_ATTR_NONNULL((2));
667 #define vna_v4_ip s.ip.v4
668 #define vna_v4_ip2 s.ip2.v4
669 #define vna_v4_mask s.mask.v4
670 #define vna_v6_ip s.ip.v6
671 #define vna_v6_ip2 s.ip2.v6
672 #define vna_v6_mask s.mask.v6
675 struct vc_net_flags {
676 uint_least64_t flagword;
680 nid_t vc_net_create(nid_t nid);
681 int vc_net_migrate(nid_t nid);
683 int vc_net_add(nid_t nid, struct vc_net_addr const *info);
684 int vc_net_remove(nid_t nid, struct vc_net_addr const *info);
686 int vc_get_nflags(nid_t, struct vc_net_flags *);
687 int vc_set_nflags(nid_t, struct vc_net_flags const *);
690 uint_least64_t ncaps;
691 uint_least64_t cmask;
694 int vc_get_ncaps(nid_t, struct vc_net_caps *);
695 int vc_set_ncaps(nid_t, struct vc_net_caps const *);
698 /* iattr related functions */
700 int vc_set_iattr(char const *filename, xid_t xid,
701 uint_least32_t flags, uint_least32_t mask) VC_ATTR_NONNULL((1));
703 int vc_fset_iattr(int fd, xid_t xid,
704 uint_least32_t flags, uint_least32_t mask);
706 /** \brief Returns information about attributes and assigned context of a file.
709 * This function returns the VC_IATTR_XXX flags and about the assigned
710 * context of a file. To request an information, the appropriate bit in
711 * \c mask must be set and the corresponding parameter (\a xid or \a
712 * flags) must not be NULL.
714 * E.g. to receive the assigned context, the \c VC_IATTR_XID bit must be
715 * set in \a mask, and \a xid must point to valid memory.
717 * Possible flags are \c VC_IATTR_ADMIN, \c VC_IATTR_WATCH , \c VC_IATTR_HIDE,
718 * \c VC_IATTR_BARRIER, \c VC_IATTR_IUNLINK and \c VC_IATTR_IMMUTABLE.
720 * \param filename The name of the file whose attributes shall be determined.
722 * \param xid When non-zero and the VC_IATTR_XID bit is set in \a mask,
723 * the assigned context of \a filename will be stored there.
724 * \param flags When non-zero, a bitmask of current attributes will be
725 * stored there. These attributes must be requested explicitly
726 * by setting the appropriate bit in \a mask
727 * \param mask Points to a bitmask which tells which attributes shall be
728 * determined. On return, it will masquerade the attributes
729 * which were determined.
731 * \pre mask!=0 && !((*mask&VC_IATTR_XID) && xid==0) && !((*mask&~VC_IATTR_XID) && flags==0) */
732 int vc_get_iattr(char const *filename, xid_t * /*@null@*/ xid,
733 uint_least32_t * /*@null@*/ flags,
734 uint_least32_t * /*@null@*/ mask) VC_ATTR_NONNULL((1));
736 int vc_fget_iattr(int fd, xid_t * /*@null@*/ xid,
737 uint_least32_t * /*@null@*/ flags,
738 uint_least32_t * /*@null@*/ mask) VC_ATTR_NONNULL((4));
740 /** \brief Returns the context of \c filename
743 * This function calls vc_get_iattr() with appropriate arguments to
744 * determine the context of \c filename. In error-case or when no context
745 * is assigned, \c VC_NOCTX will be returned. To differ between both cases,
746 * \c errno must be examined.
748 * \b WARNING: this function can modify \c errno although no error happened.
750 * \param filename The file to check
751 * \returns The assigned context, or VC_NOCTX when an error occured or no
752 * such assignment exists. \c errno will be 0 in the latter case */
753 xid_t vc_getfilecontext(char const *filename) VC_ATTR_NONNULL((1));
756 /* vhi related functions */
757 typedef enum { vcVHI_CONTEXT, vcVHI_SYSNAME, vcVHI_NODENAME,
758 vcVHI_RELEASE, vcVHI_VERSION, vcVHI_MACHINE,
759 vcVHI_DOMAINNAME } vc_uts_type;
761 int vc_set_vhi_name(xid_t xid, vc_uts_type type,
762 char const *val, size_t len) VC_ATTR_NONNULL((3));
763 int vc_get_vhi_name(xid_t xid, vc_uts_type type,
764 char *val, size_t len) VC_ATTR_NONNULL((3));
766 /* namespace related functions */
767 int vc_enter_namespace(xid_t xid, uint_least64_t mask, uint32_t index);
768 int vc_set_namespace(xid_t xid, uint_least64_t mask, uint32_t index);
769 int vc_cleanup_namespace(void);
770 uint_least64_t vc_get_space_mask(void);
771 uint_least64_t vc_get_space_default(void);
774 /* disk limit related things */
775 struct vc_ctx_dlimit {
776 uint_least32_t space_used;
777 uint_least32_t space_total;
778 uint_least32_t inodes_used;
779 uint_least32_t inodes_total;
780 uint_least32_t reserved;
784 /** Add a disk limit to a file system. */
785 int vc_add_dlimit(char const *filename, xid_t xid,
786 uint_least32_t flags) VC_ATTR_NONNULL((1));
787 /** Remove a disk limit from a file system. */
788 int vc_rem_dlimit(char const *filename, xid_t xid,
789 uint_least32_t flags) VC_ATTR_NONNULL((1));
791 /** Set a disk limit. */
792 int vc_set_dlimit(char const *filename, xid_t xid,
793 uint_least32_t flags,
794 struct vc_ctx_dlimit const *limits) VC_ATTR_NONNULL((1,4));
795 /** Get a disk limit. */
796 int vc_get_dlimit(char const *filename, xid_t xid,
797 uint_least32_t flags,
798 struct vc_ctx_dlimit *limits) VC_ATTR_NONNULL((1));
800 /** Get the filesystem tag for a process. */
801 tag_t vc_get_task_tag(pid_t pid);
803 /** Create a new filesystem tag space. */
804 int vc_tag_create(tag_t tag);
806 /** Migrate to an existing filesystem tag space. */
807 int vc_tag_migrate(tag_t tag);
809 /* scheduler related syscalls */
810 struct vc_set_sched {
811 uint_least32_t set_mask;
812 int_least32_t fill_rate;
813 int_least32_t interval;
814 int_least32_t fill_rate2;
815 int_least32_t interval2;
816 int_least32_t tokens;
817 int_least32_t tokens_min;
818 int_least32_t tokens_max;
819 int_least32_t priority_bias;
820 int_least32_t cpu_id;
821 int_least32_t bucket_id;
824 int vc_set_sched(xid_t xid, struct vc_set_sched const *) VC_ATTR_NONNULL((2));
825 int vc_get_sched(xid_t xid, struct vc_set_sched *) VC_ATTR_NONNULL((2));
827 struct vc_sched_info {
828 int_least32_t cpu_id;
829 int_least32_t bucket_id;
830 uint_least64_t user_msec;
831 uint_least64_t sys_msec;
832 uint_least64_t hold_msec;
833 uint_least32_t token_usec;
834 int_least32_t vavavoom;
837 int vc_sched_info(xid_t xid, struct vc_sched_info *info) VC_ATTR_NONNULL((2));
840 int vc_set_mapping(xid_t xid, const char *device, const char *target, uint32_t flags);
841 int vc_unset_mapping(xid_t xid, const char *device, const char *target, uint32_t flags);
843 int vc_get_badness(xid_t xid, int64_t *badness);
844 int vc_set_badness(xid_t xid, int64_t badness);
847 /** \brief Information about parsing errors
850 struct vc_err_listparser {
851 char const *ptr; ///< Pointer to the first character of an erroneous string
852 size_t len; ///< Length of the erroneous string
855 /** \brief Converts a single string into bcapability
858 * \param str The string to be parsed;
859 * both "CAP_xxx" and "xxx" will be accepted
860 * \param len The length of the string, or \c 0 for automatic detection
862 * \returns 0 on error; a bitmask on success
865 uint_least64_t vc_text2bcap(char const *str, size_t len);
867 /** \brief Converts the lowest bit of a bcapability or the entire value
868 * (when possible) to a textual representation
871 * \param val The string to be converted; on success, the detected bit(s)
872 * will be unset, in errorcase only the lowest set bit
874 * \returns A textual representation of \a val resp. of its lowest set bit;
875 * or \c NULL in errorcase.
877 * \post \a *val<sub>old</sub> \c != 0 \c <-->
878 * \a *val<sub>old</sub> > \a *val<sub>new</sub>
879 * \post \a *val<sub>old</sub> \c == 0 \c ---> \a result == 0
881 char const * vc_lobcap2text(uint_least64_t *val) VC_ATTR_NONNULL((1));
883 /** \brief Converts a string into a bcapability-bitmask
886 * Syntax of \a str: \verbinclude list2xxx.syntax
888 * When the \c `~' prefix is used, the bits will be unset and a `~' after
889 * another `~' will cancel both ones. The \c `^' prefix specifies a
890 * bitnumber instead of a bitmask.
892 * "literal name" is everything which will be accepted by the
893 * vc_text2bcap() function. The special values for \c NAME will be
894 * recognized case insensitively
896 * \param str The string to be parsed
897 * \param len The length of the string, or \c 0 for automatic detection
898 * \param err Pointer to a structure for error-information, or \c NULL.
899 * \param cap Pointer to a vc_ctx_caps structure holding the results;
900 * only the \a bcaps and \a bmask fields will be changed and
901 * already set values will not be honored. When an error
902 * occured, \a cap will have the value of all processed valid
905 * \returns 0 on success, -1 on error. In error case, \a err will hold
906 * position and length of the first not understood BCAP part
907 * \pre \a str != 0 && \a cap != 0;
908 * \a cap->bcaps and \a cap->bmask must be initialized
910 int vc_list2bcap(char const *str, size_t len,
911 struct vc_err_listparser *err,
912 struct vc_ctx_caps *cap) VC_ATTR_NONNULL((1,4));
914 uint_least64_t vc_text2ccap(char const *, size_t len);
915 char const * vc_loccap2text(uint_least64_t *);
916 int vc_list2ccap(char const *, size_t len,
917 struct vc_err_listparser *err,
918 struct vc_ctx_caps *);
920 int vc_list2cflag(char const *, size_t len,
921 struct vc_err_listparser *err,
922 struct vc_ctx_flags *flags);
923 uint_least64_t vc_text2cflag(char const *, size_t len);
924 char const * vc_locflag2text(uint_least64_t *);
926 uint_least32_t vc_list2cflag_compat(char const *, size_t len,
927 struct vc_err_listparser *err);
928 uint_least32_t vc_text2cflag_compat(char const *, size_t len);
929 char const * vc_hicflag2text_compat(uint_least32_t);
931 int vc_text2cap(char const *);
932 char const * vc_cap2text(unsigned int);
935 int vc_list2nflag(char const *, size_t len,
936 struct vc_err_listparser *err,
937 struct vc_net_flags *flags);
938 uint_least64_t vc_text2nflag(char const *, size_t len);
939 char const * vc_lonflag2text(uint_least64_t *);
941 uint_least64_t vc_text2ncap(char const *, size_t len);
942 char const * vc_loncap2text(uint_least64_t *);
943 int vc_list2ncap(char const *, size_t len,
944 struct vc_err_listparser *err,
945 struct vc_net_caps *);
947 uint_least64_t vc_get_insecurebcaps() VC_ATTR_CONST;
948 inline static uint_least64_t vc_get_insecureccaps() {
949 return ~(VC_VXC_SET_UTSNAME|VC_VXC_RAW_ICMP);
952 inline static int vc_setfilecontext(char const *filename, xid_t xid) {
953 return vc_set_iattr(filename, xid, 0, VC_IATTR_XID);
957 uint_least32_t vc_text2personalityflag(char const *str,
958 size_t len) VC_ATTR_NONNULL((1));
960 char const * vc_lopersonality2text(uint_least32_t *) VC_ATTR_NONNULL((1));
962 int vc_list2personalityflag(char const /*@in@*/ *,
964 uint_least32_t /*@out@*/ *personality,
965 struct vc_err_listparser /*@out@*/ *err) VC_ATTR_NONNULL((1,3));
967 uint_least32_t vc_str2personalitytype(char const /*@in@*/*,
968 size_t len) VC_ATTR_NONNULL((1));
971 typedef enum { vcFEATURE_VKILL, vcFEATURE_IATTR, vcFEATURE_RLIMIT,
972 vcFEATURE_COMPAT, vcFEATURE_MIGRATE, vcFEATURE_NAMESPACE,
973 vcFEATURE_SCHED, vcFEATURE_VINFO, vcFEATURE_VHI,
974 vcFEATURE_VSHELPER0, vcFEATURE_VSHELPER, vcFEATURE_VWAIT,
975 vcFEATURE_VNET, vcFEATURE_VSTAT, vcFEATURE_PPTAG,
976 vcFEATURE_PIDSPACE, vcFEATURE_SPACES, vcFEATURE_PERSISTENT,
977 vcFEATURE_PIVOT_ROOT,
981 bool vc_isSupported(vcFeatureSet) VC_ATTR_CONST;
982 bool vc_isSupportedString(char const *);
985 typedef enum { vcTYPE_INVALID, vcTYPE_MAIN, vcTYPE_WATCH,
986 vcTYPE_STATIC, vcTYPE_DYNAMIC }
989 vcXidType vc_getXIDType(xid_t xid) VC_ATTR_CONST;
991 /** Returns true iff \a xid is a dynamic xid */
992 bool vc_is_dynamic_xid(xid_t xid);
995 /* The management part */
997 #define VC_LIMIT_VSERVER_NAME_LEN 1024
999 typedef enum { vcCFG_NONE, vcCFG_AUTO,
1002 vcCFG_RECENT_FULL } vcCfgStyle;
1005 /** Maps an xid given at '--xid' options to an xid_t */
1006 xid_t vc_xidopt2xid(char const *, bool honor_static, char const **err_info);
1007 /** Maps a nid given at '--nid' options to a nid_t */
1008 nid_t vc_nidopt2nid(char const *, bool honor_static, char const **err_info);
1009 /** Maps a tag given at '--tag' options to a tag_t */
1010 tag_t vc_tagopt2tag(char const *, bool honor_static, char const **err_info);
1012 vcCfgStyle vc_getVserverCfgStyle(char const *id);
1014 /** Resolves the name of the vserver. The result will be allocated and must
1015 be freed by the caller. */
1016 char * vc_getVserverName(char const *id, vcCfgStyle style);
1018 /** Returns the path of the vserver configuration directory. When the given
1019 * vserver does not exist, or when it does not have such a directory, NULL
1020 * will be returned. Else, the result will be allocated and must be freed
1022 char * vc_getVserverCfgDir(char const *id, vcCfgStyle style);
1024 /** Returns the path of the configuration directory for the given
1025 * application. The result will be allocated and must be freed by the
1027 char * vc_getVserverAppDir(char const *id, vcCfgStyle style, char const *app);
1029 /** Returns the path to the vserver root-directory. The result will be
1030 * allocated and must be freed by the caller. */
1031 char * vc_getVserverVdir(char const *id, vcCfgStyle style, bool physical);
1033 typedef enum { vcCTX_XID = 1,
1038 /** Returns the ctx of the given vserver. When vserver is not running and
1039 * 'honor_static' is false, VC_NOCTX will be returned. Else, when
1040 * 'honor_static' is true and a static assignment exists, those value will
1041 * be returned. Else, the result will be VC_NOCTX.
1043 * When 'is_running' is not null, the status of the vserver will be
1044 * assigned to this variable. */
1045 xid_t vc_getVserverCtx(char const *id, vcCfgStyle style,
1046 bool honor_static, bool /*@null@*/ *is_running,
1049 /** Resolves the cfg-path of the vserver owning the given ctx. 'revdir' will
1050 be used as the directory holding the mapping-links; when NULL, the
1051 default value will be assumed. The result will be allocated and must be
1052 freed by the caller. */
1053 char * vc_getVserverByCtx(xid_t ctx, /*@null@*/vcCfgStyle *style,
1054 /*@null@*/char const *revdir);
1056 int vc_compareVserverById(char const *lhs, vcCfgStyle lhs_style,
1057 char const *rhs, vcCfgStyle rhs_style);
1059 void vc_exitLikeProcess(int pid, int ret) VC_ATTR_NORETURN;
1061 #define vcSKEL_INTERFACES 1u
1062 #define vcSKEL_PKGMGMT 2u
1063 #define vcSKEL_FILESYSTEM 4u
1065 /** Create a basic configuration skeleton for a vserver plus toplevel
1066 * directories for pkgmanagemt and filesystem (when requested). */
1067 int vc_createSkeleton(char const *id, vcCfgStyle style, int flags);
1075 #undef VC_ATTR_ALWAYSINLINE
1076 #undef VC_ATTR_NORETURN
1077 #undef VC_ATTR_UNUSED
1078 #undef VC_ATTR_NONNULL
git://git.onelab.eu / util-vserver.git / blob