Update go-lxc library to handle LXC 3.0

vendor/gopkg.in/lxc/go-lxc.v2/Makefile

@@ -45,4 +45,16 @@ escape-analysis:
 ctags:
 	@ctags -R --languages=c,go
 
+scope:
+	@echo "$(OK_COLOR)==> Exported container calls in container.go $(NO_COLOR)"
+	@/bin/grep -E "\bc+\.([A-Z])\w+" container.go || true
+
+setup-test-cgroup:
+	for d in /sys/fs/cgroup/*; do \
+	    [ -f $$d/cgroup.clone_children ] && echo 1 | sudo tee $$d/cgroup.clone_children; \
+	    [ -f $$d/cgroup.use_hierarchy ] && echo 1 | sudo tee $$d/cgroup.use_hierarchy; \
+	    sudo mkdir -p $$d/lxc; \
+	    sudo chown -R $$USER: $$d/lxc; \
+	done
+
 .PHONY: all format test doc vet lint ctags

vendor/gopkg.in/lxc/go-lxc.v2/error.go

@@ -16,6 +16,7 @@ var (
 	ErrAttachInterfaceFailed         = NewError("attaching specified netdev to the container failed")
 	ErrBlkioUsage                    = NewError("BlkioUsage for the container failed")
 	ErrCheckpointFailed              = NewError("checkpoint failed")
+	ErrClearingConfigItemFailed      = NewError("clearing config item for the container failed")
 	ErrClearingCgroupItemFailed      = NewError("clearing cgroup item for the container failed")
 	ErrCloneFailed                   = NewError("cloning the container failed")
 	ErrCloseAllFdsFailed             = NewError("setting close_all_fds flag for container failed")

vendor/gopkg.in/lxc/go-lxc.v2/lxc-binding.c

@@ -15,10 +15,9 @@
 
 #include "lxc-binding.h"
 
-#define VERSION_AT_LEAST(major, minor, micro)							\
-	(!(major > LXC_VERSION_MAJOR ||								\
-	major == LXC_VERSION_MAJOR && minor > LXC_VERSION_MINOR ||				\
-	major == LXC_VERSION_MAJOR && minor == LXC_VERSION_MINOR && micro > LXC_VERSION_MICRO))
+#ifndef LXC_DEVEL
+#define LXC_DEVEL 0
+#endif
 
 bool go_lxc_defined(struct lxc_container *c) {
 	return c->is_defined(c);
@@ -92,16 +91,24 @@ bool go_lxc_wait(struct lxc_container *c, const char *state, int timeout) {
 	return c->wait(c, state, timeout);
 }
 
-char* go_lxc_get_config_item(struct lxc_container *c, const char *key) {
+char *go_lxc_get_config_item(struct lxc_container *c, const char *key)
+{
+	char *value = NULL;
+
 	int len = c->get_config_item(c, key, NULL, 0);
-	if (len <= 0) {
+	if (len <= 0)
+		return NULL;
+
+again:
+	value = (char *)malloc(sizeof(char) * len + 1);
+	if (value == NULL)
+		goto again;
+
+	if (c->get_config_item(c, key, value, len + 1) != len) {
+		free(value);
 		return NULL;
 	}
 
-	char* value = (char*)malloc(sizeof(char)*len + 1);
-	if (c->get_config_item(c, key, value, len + 1) != len) {
-		return NULL;
-	}
 	return value;
 }
 
@@ -121,29 +128,45 @@ char* go_lxc_get_running_config_item(struct lxc_container *c, const char *key) {
 	return c->get_running_config_item(c, key);
 }
 
-char* go_lxc_get_keys(struct lxc_container *c, const char *key) {
+char *go_lxc_get_keys(struct lxc_container *c, const char *key)
+{
+	char *value = NULL;
+
 	int len = c->get_keys(c, key, NULL, 0);
-	if (len <= 0) {
+	if (len <= 0)
+		return NULL;
+
+again:
+	value = (char *)malloc(sizeof(char) * len + 1);
+	if (value == NULL)
+		goto again;
+
+	if (c->get_keys(c, key, value, len + 1) != len) {
+		free(value);
 		return NULL;
 	}
 
-	char* value = (char*)malloc(sizeof(char)*len + 1);
-	if (c->get_keys(c, key, value, len + 1) != len) {
-		return NULL;
-	}
 	return value;
 }
 
-char* go_lxc_get_cgroup_item(struct lxc_container *c, const char *key) {
+char *go_lxc_get_cgroup_item(struct lxc_container *c, const char *key)
+{
+	char *value = NULL;
+
 	int len = c->get_cgroup_item(c, key, NULL, 0);
-	if (len <= 0) {
+	if (len <= 0)
+		return NULL;
+
+again:
+	value = (char *)malloc(sizeof(char) * len + 1);
+	if (value == NULL)
+		goto again;
+
+	if (c->get_cgroup_item(c, key, value, len + 1) != len) {
+		free(value);
 		return NULL;
 	}
 
-	char* value = (char*)malloc(sizeof(char)*len + 1);
-	if (c->get_cgroup_item(c, key, value, len + 1) != len) {
-		return NULL;
-	}
 	return value;
 }
 
@@ -173,10 +196,12 @@ bool go_lxc_clone(struct lxc_container *c, const char *newname, const char *lxcp
 
 int go_lxc_console_getfd(struct lxc_container *c, int ttynum) {
 	int masterfd;
+	int ret = 0;
+
+	ret = c->console_getfd(c, &ttynum, &masterfd);
+	if (ret < 0)
+		return ret;
 
-	if (c->console_getfd(c, &ttynum, &masterfd) < 0) {
-		return -1;
-	}
 	return masterfd;
 }
 
@@ -212,6 +237,51 @@ again:
         return status;
 }
 
+int go_lxc_attach_no_wait(struct lxc_container *c,
+		bool clear_env,
+		int namespaces,
+		long personality,
+		uid_t uid, gid_t gid,
+		int stdinfd, int stdoutfd, int stderrfd,
+		char *initial_cwd,
+		char **extra_env_vars,
+		char **extra_keep_env,
+		const char * const argv[],
+		pid_t *attached_pid) {
+	int ret;
+
+	lxc_attach_options_t attach_options = LXC_ATTACH_OPTIONS_DEFAULT;
+	lxc_attach_command_t command = (lxc_attach_command_t){.program = NULL};
+
+	attach_options.env_policy = LXC_ATTACH_KEEP_ENV;
+	if (clear_env) {
+		attach_options.env_policy = LXC_ATTACH_CLEAR_ENV;
+	}
+
+	attach_options.namespaces = namespaces;
+	attach_options.personality = personality;
+
+	attach_options.uid = uid;
+	attach_options.gid = gid;
+
+	attach_options.stdin_fd = stdinfd;
+	attach_options.stdout_fd = stdoutfd;
+	attach_options.stderr_fd = stderrfd;
+
+	attach_options.initial_cwd = initial_cwd;
+	attach_options.extra_env_vars = extra_env_vars;
+	attach_options.extra_keep_env = extra_keep_env;
+
+	command.program = (char *)argv[0];
+	command.argv = (char **)argv;
+
+	ret = c->attach(c, lxc_attach_run_command, &command, &attach_options, attached_pid);
+	if (ret < 0)
+		return ret;
+
+	return 0;
+}
+
 int go_lxc_attach(struct lxc_container *c,
 		bool clear_env,
 		int namespaces,
@@ -257,16 +327,16 @@ int go_lxc_attach(struct lxc_container *c,
 
 	ret = c->attach(c, lxc_attach_run_shell, NULL, &attach_options, &pid);
 	if (ret < 0)
-		return -1;
+		return ret;
 
 	ret = wait_for_pid_status(pid);
 	if (ret < 0)
-		return -1;
+		return ret;
 
 	if (WIFEXITED(ret))
 		return WEXITSTATUS(ret);
 
-	return -1;
+	return ret;
 }
 
 int go_lxc_attach_run_wait(struct lxc_container *c,
@@ -366,6 +436,9 @@ bool go_lxc_restore(struct lxc_container *c, char *directory, bool verbose) {
 }
 
 int go_lxc_migrate(struct lxc_container *c, unsigned int cmd, struct migrate_opts *opts, struct extra_migrate_opts *extras) {
+#if VERSION_AT_LEAST(3, 0, 0)
+	opts->features_to_check = extras->features_to_check;
+#endif
 #if VERSION_AT_LEAST(2, 0, 4)
 	opts->action_script = extras->action_script;
 	opts->ghost_limit = extras->ghost_limit;
@@ -397,3 +470,34 @@ bool go_lxc_detach_interface(struct lxc_container *c, const char *dev, const cha
 	return false;
 #endif
 }
+
+bool go_lxc_config_item_is_supported(const char *key)
+{
+#if VERSION_AT_LEAST(2, 1, 0)
+	return lxc_config_item_is_supported(key);
+#else
+	return false;
+#endif
+}
+
+int go_lxc_error_num(struct lxc_container *c)
+{
+	return c->error_num;
+}
+
+int go_lxc_console_log(struct lxc_container *c, struct lxc_console_log *log) {
+#if VERSION_AT_LEAST(3, 0, 0)
+	return c->console_log(c, log);
+#else
+	return false;
+#endif
+}
+
+bool go_lxc_has_api_extension(const char *extension)
+{
+#if VERSION_AT_LEAST(3, 1, 0)
+	return lxc_has_api_extension(extension);
+#else
+	return false;
+#endif
+}

vendor/gopkg.in/lxc/go-lxc.v2/lxc-binding.go

@@ -11,10 +11,16 @@ package lxc
 // #include <lxc/lxccontainer.h>
 // #include <lxc/version.h>
 // #include "lxc-binding.h"
+// #ifndef LXC_DEVEL
+// #define LXC_DEVEL 0
+// #endif
 import "C"
 
 import (
+	"fmt"
 	"runtime"
+	"strconv"
+	"strings"
 	"unsafe"
 )
 
@@ -54,12 +60,22 @@ func Release(c *Container) bool {
 	// http://golang.org/pkg/runtime/#SetFinalizer
 	runtime.SetFinalizer(c, nil)
 
+	// Go is bad at refcounting sometimes
+	c.mu.Lock()
+
 	return C.lxc_container_put(c.container) == 1
 }
 
 // Version returns the LXC version.
 func Version() string {
-	return C.GoString(C.lxc_get_version())
+	version := C.GoString(C.lxc_get_version())
+
+	// New liblxc versions append "-devel" when LXC_DEVEL is set.
+	if strings.HasSuffix(version, "-devel") {
+		return fmt.Sprintf("%s (devel)", version[:(len(version)-len("-devel"))])
+	}
+
+	return version
 }
 
 // GlobalConfigItem returns the value of the given global config key.
@@ -108,12 +124,12 @@ func ContainerNames(lxcpath ...string) []string {
 
 // Containers returns the defined and active containers on the system. Only
 // containers that could retrieved successfully are returned.
-func Containers(lxcpath ...string) []Container {
-	var containers []Container
+func Containers(lxcpath ...string) []*Container {
+	var containers []*Container
 
 	for _, v := range ContainerNames(lxcpath...) {
 		if container, err := NewContainer(v, lxcpath...); err == nil {
-			containers = append(containers, *container)
+			containers = append(containers, container)
 		}
 	}
 
@@ -143,12 +159,12 @@ func DefinedContainerNames(lxcpath ...string) []string {
 
 // DefinedContainers returns the defined containers on the system.  Only
 // containers that could retrieved successfully are returned.
-func DefinedContainers(lxcpath ...string) []Container {
-	var containers []Container
+func DefinedContainers(lxcpath ...string) []*Container {
+	var containers []*Container
 
 	for _, v := range DefinedContainerNames(lxcpath...) {
 		if container, err := NewContainer(v, lxcpath...); err == nil {
-			containers = append(containers, *container)
+			containers = append(containers, container)
 		}
 	}
 
@@ -178,18 +194,19 @@ func ActiveContainerNames(lxcpath ...string) []string {
 
 // ActiveContainers returns the active containers on the system. Only
 // containers that could retrieved successfully are returned.
-func ActiveContainers(lxcpath ...string) []Container {
-	var containers []Container
+func ActiveContainers(lxcpath ...string) []*Container {
+	var containers []*Container
 
 	for _, v := range ActiveContainerNames(lxcpath...) {
 		if container, err := NewContainer(v, lxcpath...); err == nil {
-			containers = append(containers, *container)
+			containers = append(containers, container)
 		}
 	}
 
 	return containers
 }
 
+// VersionNumber returns the LXC version.
 func VersionNumber() (major int, minor int) {
 	major = C.LXC_VERSION_MAJOR
 	minor = C.LXC_VERSION_MINOR
@@ -197,7 +214,12 @@ func VersionNumber() (major int, minor int) {
 	return
 }
 
+// VersionAtLeast returns true when the tested version >= current version.
 func VersionAtLeast(major int, minor int, micro int) bool {
+	if C.LXC_DEVEL == 1 {
+		return true
+	}
+
 	if major > C.LXC_VERSION_MAJOR {
 		return false
 	}
@@ -215,3 +237,90 @@ func VersionAtLeast(major int, minor int, micro int) bool {
 
 	return true
 }
+
+// IsSupportedConfigItem returns true if the key belongs to a supported config item.
+func IsSupportedConfigItem(key string) bool {
+	configItem := C.CString(key)
+	defer C.free(unsafe.Pointer(configItem))
+	return bool(C.go_lxc_config_item_is_supported(configItem))
+}
+
+// runtimeLiblxcVersionAtLeast checks if the system's liblxc matches the
+// provided version requirement
+func runtimeLiblxcVersionAtLeast(major int, minor int, micro int) bool {
+	version := Version()
+	version = strings.Replace(version, " (devel)", "-devel", 1)
+	parts := strings.Split(version, ".")
+	partsLen := len(parts)
+	if partsLen == 0 {
+		return false
+	}
+
+	develParts := strings.Split(parts[partsLen-1], "-")
+	if len(develParts) == 2 && develParts[1] == "devel" {
+		return true
+	}
+
+	maj := -1
+	min := -1
+	mic := -1
+
+	for i, v := range parts {
+		if i > 2 {
+			break
+		}
+
+		num, err := strconv.Atoi(v)
+		if err != nil {
+			return false
+		}
+
+		switch i {
+		case 0:
+			maj = num
+		case 1:
+			min = num
+		case 2:
+			mic = num
+		}
+	}
+
+	/* Major version is greater. */
+	if maj > major {
+		return true
+	}
+
+	if maj < major {
+		return false
+	}
+
+	/* Minor number is greater.*/
+	if min > minor {
+		return true
+	}
+
+	if min < minor {
+		return false
+	}
+
+	/* Patch number is greater. */
+	if mic > micro {
+		return true
+	}
+
+	if mic < micro {
+		return false
+	}
+
+	return true
+}
+
+// HasApiExtension returns true if the extension is supported.
+func HasApiExtension(extension string) bool {
+	if runtimeLiblxcVersionAtLeast(3, 1, 0) {
+		apiExtension := C.CString(extension)
+		defer C.free(unsafe.Pointer(apiExtension))
+		return bool(C.go_lxc_has_api_extension(apiExtension))
+	}
+	return false
+}

vendor/gopkg.in/lxc/go-lxc.v2/lxc-binding.h

@@ -2,6 +2,11 @@
 // Use of this source code is governed by a LGPLv2.1
 // license that can be found in the LICENSE file.
 
+#define VERSION_AT_LEAST(major, minor, micro)							\
+	((LXC_DEVEL == 1) || (!(major > LXC_VERSION_MAJOR ||					\
+	major == LXC_VERSION_MAJOR && minor > LXC_VERSION_MINOR ||				\
+	major == LXC_VERSION_MAJOR && minor == LXC_VERSION_MINOR && micro > LXC_VERSION_MICRO)))
+
 extern bool go_lxc_add_device_node(struct lxc_container *c, const char *src_path, const char *dest_path);
 extern void go_lxc_clear_config(struct lxc_container *c);
 extern bool go_lxc_clear_config_item(struct lxc_container *c, const char *key);
@@ -60,19 +65,32 @@ extern int go_lxc_attach(struct lxc_container *c,
 		char *initial_cwd,
 		char **extra_env_vars,
 		char **extra_keep_env);
+extern int go_lxc_attach_no_wait(struct lxc_container *c,
+		bool clear_env,
+		int namespaces,
+		long personality,
+		uid_t uid, gid_t gid,
+		int stdinfd, int stdoutfd, int stderrfd,
+		char *initial_cwd,
+		char **extra_env_vars,
+		char **extra_keep_env,
+		const char * const argv[],
+		pid_t *attached_pid);
 extern int go_lxc_console_getfd(struct lxc_container *c, int ttynum);
 extern int go_lxc_snapshot_list(struct lxc_container *c, struct lxc_snapshot **ret);
 extern int go_lxc_snapshot(struct lxc_container *c);
 extern pid_t go_lxc_init_pid(struct lxc_container *c);
 extern bool go_lxc_checkpoint(struct lxc_container *c, char *directory, bool stop, bool verbose);
 extern bool go_lxc_restore(struct lxc_container *c, char *directory, bool verbose);
+extern bool go_lxc_config_item_is_supported(const char *key);
+extern bool go_lxc_has_api_extension(const char *extension);
 
 /* n.b. that we're just adding the fields here to shorten the definition
  * of go_lxc_migrate; in the case where we don't have the ->migrate API call,
  * we don't want to have to pass all the arguments in to let conditional
  * compilation handle things, but the call will still fail
  */
-#if LXC_VERSION_MAJOR != 2
+#if !VERSION_AT_LEAST(2, 0, 0)
 struct migrate_opts {
 	char *directory;
 	bool verbose;
@@ -89,8 +107,21 @@ struct extra_migrate_opts {
 	bool preserves_inodes;
 	char *action_script;
 	uint64_t ghost_limit;
+	uint64_t features_to_check;
 };
 int go_lxc_migrate(struct lxc_container *c, unsigned int cmd, struct migrate_opts *opts, struct extra_migrate_opts *extras);
 
 extern bool go_lxc_attach_interface(struct lxc_container *c, const char *dev, const char *dst_dev);
 extern bool go_lxc_detach_interface(struct lxc_container *c, const char *dev, const char *dst_dev);
+
+#if !VERSION_AT_LEAST(3, 0, 0)
+struct lxc_console_log {
+	bool clear;
+	bool read;
+	uint64_t *read_max;
+	char *data;
+};
+#endif
+
+extern int go_lxc_console_log(struct lxc_container *c, struct lxc_console_log *log);
+extern int go_lxc_error_num(struct lxc_container *c);

vendor/gopkg.in/lxc/go-lxc.v2/options.go

@@ -142,7 +142,7 @@ type ConsoleOptions struct {
 	EscapeCharacter rune
 }
 
-// DefailtConsoleOptions is a convenient set of options to be used.
+// DefaultConsoleOptions is a convenient set of options to be used.
 var DefaultConsoleOptions = ConsoleOptions{
 	Tty:             -1,
 	StdinFd:         os.Stdin.Fd(),
@@ -175,25 +175,35 @@ var DefaultCloneOptions = CloneOptions{
 	Backend: Directory,
 }
 
-// CheckpointOptions type is used for defining checkpoint options for CRIU
+// CheckpointOptions type is used for defining checkpoint options for CRIU.
 type CheckpointOptions struct {
 	Directory string
 	Stop      bool
 	Verbose   bool
 }
 
-// RestoreOptions type is used for defining restore options for CRIU
+// RestoreOptions type is used for defining restore options for CRIU.
 type RestoreOptions struct {
 	Directory string
 	Verbose   bool
 }
 
+// MigrateOptions type is used for defining migrate options.
 type MigrateOptions struct {
 	Directory       string
+	PredumpDir      string
+	ActionScript    string
 	Verbose         bool
 	Stop            bool
-	PredumpDir      string
 	PreservesInodes bool
-	ActionScript    string
 	GhostLimit      uint64
+	FeaturesToCheck CriuFeatures
+}
+
+// ConsoleLogOptioins type is used for defining console log options.
+type ConsoleLogOptions struct {
+	ClearLog       bool
+	ReadLog        bool
+	ReadMax        uint64
+	WriteToLogFile bool
 }

vendor/gopkg.in/lxc/go-lxc.v2/type.go

@@ -260,7 +260,15 @@ const (
 )
 
 const (
-	MIGRATE_PRE_DUMP = 0
-	MIGRATE_DUMP     = 1
-	MIGRATE_RESTORE  = 2
+	MIGRATE_PRE_DUMP      = 0
+	MIGRATE_DUMP          = 1
+	MIGRATE_RESTORE       = 2
+	MIGRATE_FEATURE_CHECK = 3
+)
+
+type CriuFeatures uint64
+
+const (
+	FEATURE_MEM_TRACK CriuFeatures = 1 << iota
+	FEATURE_LAZY_PAGES
 )

vendor/gopkg.in/lxc/go-lxc.v2/util.go

@@ -12,7 +12,7 @@ package lxc
 
 static char** makeCharArray(size_t size) {
     // caller checks return value
-    return calloc(sizeof(char*), size);
+    return calloc(size, sizeof(char*));
 }
 
 static void setArrayString(char **array, char *string, size_t n) {

vendor/vendor.json

@@ -434,7 +434,7 @@
 		{"path":"google.golang.org/grpc/transport","checksumSHA1":"oFGr0JoquaPGVnV86fVL8MVTc3A=","revision":"0c41876308d45bc82e587965971e28be659a1aca","revisionTime":"2017-07-21T17:58:12Z"},
 		{"path":"gopkg.in/fsnotify.v1","checksumSHA1":"eIhF+hmL/XZhzTiAwhLD0M65vlY=","revision":"629574ca2a5df945712d3079857300b5e4da0236","revisionTime":"2016-10-11T02:33:12Z"},
 		{"path":"gopkg.in/inf.v0","checksumSHA1":"6f8MEU31llHM1sLM/GGH4/Qxu0A=","revision":"3887ee99ecf07df5b447e9b00d9c0b2adaa9f3e4","revisionTime":"2015-09-11T12:57:57Z"},
-		{"path":"gopkg.in/lxc/go-lxc.v2","checksumSHA1":"i97goLq3AIfUNB8l1hxGGMSW0+s=","revision":"f8a6938e600c634232eeef79dc04a1226f73a88b","revisionTime":"2016-08-03T16:52:18Z"},
+		{"path":"gopkg.in/lxc/go-lxc.v2","checksumSHA1":"oAflbBrzWC7OMmZQixkp9bnPQW8=","revision":"0aadfc37157c2e3f0e63bedd10f8615e66e91cad","revisionTime":"2018-11-01T16:03:35Z"},
 		{"path":"gopkg.in/tomb.v1","checksumSHA1":"TO8baX+t1Qs7EmOYth80MkbKzFo=","revision":"dd632973f1e7218eb1089048e0798ec9ae7dceb8","revisionTime":"2014-10-24T13:56:13Z"},
 		{"path":"gopkg.in/tomb.v2","checksumSHA1":"WiyCOMvfzRdymImAJ3ME6aoYUdM=","revision":"14b3d72120e8d10ea6e6b7f87f7175734b1faab8","revisionTime":"2014-06-26T14:46:23Z"},
 		{"path":"gopkg.in/yaml.v2","checksumSHA1":"12GqsW8PiRPnezDDy0v4brZrndM=","revision":"a5b47d31c556af34a302ce5d659e6fea44d90de0","revisionTime":"2016-09-28T15:37:09Z"}