lxccontainer.h

/* SPDX-License-Identifier: LGPL-2.1+ */

#ifndef __LXC_CONTAINER_H
#define __LXC_CONTAINER_H

#include <malloc.h>
#include <semaphore.h>
#include <stdbool.h>
#include <stdint.h>
#include <stdlib.h>

#include <lxc/attach_options.h>

#ifdef  __cplusplus
extern "C" {
#endif

#define LXC_CLONE_KEEPNAME        (1 << 0) 
#define LXC_CLONE_KEEPMACADDR     (1 << 1) 
#define LXC_CLONE_SNAPSHOT        (1 << 2) 
#define LXC_CLONE_KEEPBDEVTYPE    (1 << 3) 
#define LXC_CLONE_MAYBE_SNAPSHOT  (1 << 4) 
#define LXC_CLONE_MAXFLAGS        (1 << 5) 
#define LXC_CLONE_ALLOW_RUNNING   (1 << 6) 
#define LXC_CREATE_QUIET          (1 << 0) 
#define LXC_CREATE_MAXFLAGS       (1 << 1) 
#define LXC_MOUNT_API_V1           1

struct bdev_specs;

struct lxc_snapshot;

struct lxc_lock;

struct migrate_opts;

struct lxc_console_log;

struct lxc_mount {
    int version;
};

struct lxc_container {
    /* private fields */
    char *name;

    char *configfile;

    char *pidfile;

    struct lxc_lock *slock;

    struct lxc_lock *privlock;

    int numthreads;

    struct lxc_conf *lxc_conf;

    /* public fields */
    char *error_string;

    int error_num;

    bool daemonize;

    char *config_path;

    bool (*is_defined)(struct lxc_container *c);

    const char *(*state)(struct lxc_container *c);

    bool (*is_running)(struct lxc_container *c);

    bool (*freeze)(struct lxc_container *c);

    bool (*unfreeze)(struct lxc_container *c);

    pid_t (*init_pid)(struct lxc_container *c);

    bool (*load_config)(struct lxc_container *c, const char *alt_file);

    bool (*start)(struct lxc_container *c, int useinit, char * const argv[]);

    bool (*startl)(struct lxc_container *c, int useinit, ...);

    bool (*stop)(struct lxc_container *c);

    bool (*want_daemonize)(struct lxc_container *c, bool state);

    bool (*want_close_all_fds)(struct lxc_container *c, bool state);

    char *(*config_file_name)(struct lxc_container *c);

    bool (*wait)(struct lxc_container *c, const char *state, int timeout);

    bool (*set_config_item)(struct lxc_container *c, const char *key, const char *value);

    bool (*destroy)(struct lxc_container *c);

    bool (*save_config)(struct lxc_container *c, const char *alt_file);

    bool (*create)(struct lxc_container *c, const char *t, const char *bdevtype,
            struct bdev_specs *specs, int flags, char *const argv[]);

    bool (*createl)(struct lxc_container *c, const char *t, const char *bdevtype,
            struct bdev_specs *specs, int flags, ...);

    bool (*rename)(struct lxc_container *c, const char *newname);

    bool (*reboot)(struct lxc_container *c);

    bool (*shutdown)(struct lxc_container *c, int timeout);

    void (*clear_config)(struct lxc_container *c);

    bool (*clear_config_item)(struct lxc_container *c, const char *key);

    int (*get_config_item)(struct lxc_container *c, const char *key, char *retv, int inlen);


    char* (*get_running_config_item)(struct lxc_container *c, const char *key);

    int (*get_keys)(struct lxc_container *c, const char *key, char *retv, int inlen);

    char** (*get_interfaces)(struct lxc_container *c);

    char** (*get_ips)(struct lxc_container *c, const char* interface, const char* family, int scope);

    int (*get_cgroup_item)(struct lxc_container *c, const char *subsys, char *retv, int inlen);

    bool (*set_cgroup_item)(struct lxc_container *c, const char *subsys, const char *value);

    const char *(*get_config_path)(struct lxc_container *c);

    bool (*set_config_path)(struct lxc_container *c, const char *path);

    struct lxc_container *(*clone)(struct lxc_container *c, const char *newname,
            const char *lxcpath, int flags, const char *bdevtype,
            const char *bdevdata, uint64_t newsize, char **hookargs);

    int (*console_getfd)(struct lxc_container *c, int *ttynum, int *ptxfd);

    int (*console)(struct lxc_container *c, int ttynum,
            int stdinfd, int stdoutfd, int stderrfd, int escape);

    int (*attach)(struct lxc_container *c, lxc_attach_exec_t exec_function,
            void *exec_payload, lxc_attach_options_t *options, pid_t *attached_process);

    int (*attach_run_wait)(struct lxc_container *c, lxc_attach_options_t *options, const char *program, const char * const argv[]);

    int (*attach_run_waitl)(struct lxc_container *c, lxc_attach_options_t *options, const char *program, const char *arg, ...);

    int (*snapshot)(struct lxc_container *c, const char *commentfile);

    int (*snapshot_list)(struct lxc_container *c, struct lxc_snapshot **snapshots);

    bool (*snapshot_restore)(struct lxc_container *c, const char *snapname, const char *newname);

    bool (*snapshot_destroy)(struct lxc_container *c, const char *snapname);

    bool (*may_control)(struct lxc_container *c);

    bool (*add_device_node)(struct lxc_container *c, const char *src_path, const char *dest_path);

    bool (*remove_device_node)(struct lxc_container *c, const char *src_path, const char *dest_path);

    /* Post LXC-1.0 additions */

    bool (*attach_interface)(struct lxc_container *c, const char *dev, const char *dst_dev);

    bool (*detach_interface)(struct lxc_container *c, const char *dev, const char *dst_dev);
    bool (*checkpoint)(struct lxc_container *c, char *directory, bool stop, bool verbose);

    bool (*restore)(struct lxc_container *c, char *directory, bool verbose);

    bool (*destroy_with_snapshots)(struct lxc_container *c);

    bool (*snapshot_destroy_all)(struct lxc_container *c);

    /* Post LXC-1.1 additions */
    int (*migrate)(struct lxc_container *c, unsigned int cmd, struct migrate_opts *opts, unsigned int size);

    int (*console_log)(struct lxc_container *c, struct lxc_console_log *log);

    bool (*reboot2)(struct lxc_container *c, int timeout);

    int (*mount)(struct lxc_container *c, const char *source,
             const char *target, const char *filesystemtype,
             unsigned long mountflags, const void *data,
             struct lxc_mount *mnt);

    int (*umount)(struct lxc_container *c, const char *target,
              unsigned long mountflags, struct lxc_mount *mnt);

    int (*seccomp_notify_fd)(struct lxc_container *c);

    int (*seccomp_notify_fd_active)(struct lxc_container *c);

    int (*init_pidfd)(struct lxc_container *c);

    int (*devpts_fd)(struct lxc_container *c);
};

struct lxc_snapshot {
    char *name; 
    char *comment_pathname; 
    char *timestamp; 
    char *lxcpath; 
    void (*free)(struct lxc_snapshot *s);
};


struct bdev_specs {
    char *fstype; 
    uint64_t fssize;  
    struct {
        char *zfsroot; 
    } zfs;
    struct {
        char *vg; 
        char *lv; 
        char *thinpool; 
    } lvm;
    char *dir; 
    struct {
        char *rbdname; 
        char *rbdpool; 
    } rbd;
};

enum {
    MIGRATE_PRE_DUMP,
    MIGRATE_DUMP,
    MIGRATE_RESTORE,
    MIGRATE_FEATURE_CHECK,
};

#define FEATURE_MEM_TRACK    (1ULL << 0)
#define FEATURE_LAZY_PAGES   (1ULL << 1)

struct migrate_opts {
    /* new members should be added at the end */
    char *directory;
    bool verbose;

    bool stop; /* stop the container after dump? */
    char *predump_dir; /* relative to directory above */
    char *pageserver_address; /* where should memory pages be send? */
    char *pageserver_port;

    /* This flag indicates whether or not the container's rootfs will have
     * the same inodes on checkpoint and restore. In the case of e.g. zfs
     * send or btrfs send, or an LVM snapshot, this will be true, but it
     * won't if e.g. you rsync the filesystems between two machines.
     */
    bool preserves_inodes;

    /* Path to an executable script that will be registered as a criu
     * "action script"
     */
    char *action_script;

    /* If CRIU >= 2.4 is detected the option to skip in-flight connections
     * will be enabled by default. The flag 'disable_skip_in_flight' will
     * unconditionally disable this feature. In-flight connections are
     * not fully established TCP connections: SYN, SYN-ACK */
    bool disable_skip_in_flight;

    /* This is the maximum file size for deleted files (which CRIU calls
     * "ghost" files) that will be handled. 0 indicates the CRIU default,
     * which at this time is 1MB.
     */
    uint64_t ghost_limit;

    /* Some features cannot be checked by comparing the CRIU version.
     * Features like dirty page tracking or userfaultfd depend on
     * the architecture/kernel/criu combination. This is a bitmask
     * in which the desired feature checks can be encoded.
     */
    uint64_t features_to_check;
};

struct lxc_console_log {
    /* Clear the console log. */
    bool clear;

    /* Retrieve the console log. */
    bool read;

    /* This specifies the maximum size to read from the ringbuffer. Setting
     * it to 0 means that the a read can be as big as the whole ringbuffer.
     * On return callers can check how many bytes were actually read.
     * If "read" and "clear" are set to false and a non-zero value is
     * specified then up to "read_max" bytes of data will be discarded from
     * the ringbuffer.
     */
    uint64_t *read_max;

    /* Data that was read from the ringbuffer. If "read_max" is 0 on return
     * "data" is invalid.
     */
    char *data;
};

struct lxc_container *lxc_container_new(const char *name, const char *configpath);

int lxc_container_get(struct lxc_container *c);

int lxc_container_put(struct lxc_container *c);

int lxc_get_wait_states(const char **states);

const char *lxc_get_global_config_item(const char *key);

const char *lxc_get_version(void);

int list_defined_containers(const char *lxcpath, char ***names, struct lxc_container ***cret);

int list_active_containers(const char *lxcpath, char ***names, struct lxc_container ***cret);

int list_all_containers(const char *lxcpath, char ***names, struct lxc_container ***cret);

struct lxc_log {
    const char *name;
    const char *lxcpath;
    const char *file;
    const char *level;
    const char *prefix;
    bool quiet;
};

int lxc_log_init(struct lxc_log *log);

void lxc_log_close(void);

bool lxc_config_item_is_supported(const char *key);

bool lxc_has_api_extension(const char *extension);

#ifdef  __cplusplus
}
#endif

#endif