feat: 支持网络容器

BREAKING CHANGE: 支持网络容器对外变更: 1.支持网络容器 2.setns, clone, unshare接口支持CLONE_NEWNET Close #I6HPH2 Signed-off-by: zhushengle <zhushengle@huawei.com> Change-Id: Ibaa11056982d465d4006680c8d3fa4ae2b9f25b5
2023-02-24 09:45:59 +08:00
parent 806bd80841
commit 5dc9a0f1a6
46 changed files with 2765 additions and 69 deletions
--- a/fs/proc/os_adapt/plimits_proc.c
+++ b/fs/proc/os_adapt/plimits_proc.c
@@ -585,7 +585,7 @@ static ssize_t MemLimitWriteLimit(struct ProcFile *pf, const CHAR *buf, size_t c
 {
    (void)ppos;
    long long int value = GetPidLimitValue(pf, buf, count);
-    if (value < 0) {
+    if ((value < 0) || (value > (long long int)OS_NULL_INT)) {
        return value;
    }

@@ -678,7 +678,7 @@ static ssize_t IPCLimitWriteShmLimit(struct ProcFile *pf, const CHAR *buf, size_
 {
    (void)ppos;
    long long int value = GetPidLimitValue(pf, buf, count);
-    if (value < 0) {
+    if ((value < 0) || (value > (long long int)OS_NULL_INT)) {
        return value;
    }

--- a/fs/proc/os_adapt/process_proc.c
+++ b/fs/proc/os_adapt/process_proc.c
@@ -91,6 +91,8 @@ static ssize_t ProcessContainerLink(unsigned int containerID, ContainerType type
        count = snprintf_s(buffer, bufLen, bufLen - 1, "'time:[%u]'", containerID);
    } else if (type == USER_CONTAINER) {
        count = snprintf_s(buffer, bufLen, bufLen - 1, "'user:[%u]'", containerID);
+    }  else if (type == NET_CONTAINER) {
+        count = snprintf_s(buffer, bufLen, bufLen - 1, "'net:[%u]'", containerID);
    }

    if (count < 0) {
@@ -574,6 +576,14 @@ static struct ProcProcess g_procProcess[] = {
        .fileOps = &UID_GID_MAP_FOPS
    },
 #endif
+#ifdef LOSCFG_IPC_CONTAINER
+    {
+        .name = "container/net",
+        .mode = S_IFLNK,
+        .type = NET_CONTAINER,
+        .fileOps = &PID_CONTAINER_FOPS
+    },
+#endif
 #endif
 };