libct: move StartInitialization

No code change, just moving a function from factory_linux.go to
init_linux.go.

Signed-off-by: Kir Kolyshkin <[email protected]>

Author: kolyshkin

libcontainer/factory_linux.go

@@ -5,8 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"os"
-	"runtime/debug"
-	"strconv"
 
 	securejoin "github.com/cyphar/filepath-securejoin"
 	"golang.org/x/sys/unix"
@@ -18,7 +16,6 @@ import (
 	"github.com/opencontainers/runc/libcontainer/configs/validate"
 	"github.com/opencontainers/runc/libcontainer/intelrdt"
 	"github.com/opencontainers/runc/libcontainer/utils"
-	"github.com/sirupsen/logrus"
 )
 
 const (
@@ -151,90 +148,6 @@ func Load(root, id string) (*Container, error) {
 	return c, nil
 }
 
-// StartInitialization loads a container by opening the pipe fd from the parent
-// to read the configuration and state. This is a low level implementation
-// detail of the reexec and should not be consumed externally.
-func StartInitialization() (err error) {
-	// Get the INITPIPE.
-	envInitPipe := os.Getenv("_LIBCONTAINER_INITPIPE")
-	pipefd, err := strconv.Atoi(envInitPipe)
-	if err != nil {
-		err = fmt.Errorf("unable to convert _LIBCONTAINER_INITPIPE: %w", err)
-		logrus.Error(err)
-		return err
-	}
-	pipe := os.NewFile(uintptr(pipefd), "pipe")
-	defer pipe.Close()
-
-	defer func() {
-		// We have an error during the initialization of the container's init,
-		// send it back to the parent process in the form of an initError.
-		if werr := writeSync(pipe, procError); werr != nil {
-			fmt.Fprintln(os.Stderr, err)
-			return
-		}
-		if werr := utils.WriteJSON(pipe, &initError{Message: err.Error()}); werr != nil {
-			fmt.Fprintln(os.Stderr, err)
-			return
-		}
-	}()
-
-	// Only init processes have FIFOFD.
-	fifofd := -1
-	envInitType := os.Getenv("_LIBCONTAINER_INITTYPE")
-	it := initType(envInitType)
-	if it == initStandard {
-		envFifoFd := os.Getenv("_LIBCONTAINER_FIFOFD")
-		if fifofd, err = strconv.Atoi(envFifoFd); err != nil {
-			return fmt.Errorf("unable to convert _LIBCONTAINER_FIFOFD: %w", err)
-		}
-	}
-
-	var consoleSocket *os.File
-	if envConsole := os.Getenv("_LIBCONTAINER_CONSOLE"); envConsole != "" {
-		console, err := strconv.Atoi(envConsole)
-		if err != nil {
-			return fmt.Errorf("unable to convert _LIBCONTAINER_CONSOLE: %w", err)
-		}
-		consoleSocket = os.NewFile(uintptr(console), "console-socket")
-		defer consoleSocket.Close()
-	}
-
-	logPipeFdStr := os.Getenv("_LIBCONTAINER_LOGPIPE")
-	logPipeFd, err := strconv.Atoi(logPipeFdStr)
-	if err != nil {
-		return fmt.Errorf("unable to convert _LIBCONTAINER_LOGPIPE: %w", err)
-	}
-
-	// Get mount files (O_PATH).
-	mountFds, err := parseMountFds()
-	if err != nil {
-		return err
-	}
-
-	// clear the current process's environment to clean any libcontainer
-	// specific env vars.
-	os.Clearenv()
-
-	defer func() {
-		if e := recover(); e != nil {
-			if ee, ok := e.(error); ok {
-				err = fmt.Errorf("panic from initialization: %w, %s", ee, debug.Stack())
-			} else {
-				err = fmt.Errorf("panic from initialization: %v, %s", e, debug.Stack())
-			}
-		}
-	}()
-
-	i, err := newContainerInit(it, pipe, consoleSocket, fifofd, logPipeFd, mountFds)
-	if err != nil {
-		return err
-	}
-
-	// If Init succeeds, syscall.Exec will not return, hence none of the defers will be called.
-	return i.Init()
-}
-
 func loadState(root string) (*State, error) {
 	stateFilePath, err := securejoin.SecureJoin(root, stateFilename)
 	if err != nil {

libcontainer/init_linux.go

@@ -8,6 +8,8 @@ import (
 	"io"
 	"net"
 	"os"
+	"runtime/debug"
+	"strconv"
 	"strings"
 	"unsafe"
 
@@ -71,6 +73,90 @@ type initConfig struct {
 	Cgroup2Path      string                `json:"cgroup2_path,omitempty"`
 }
 
+// StartInitialization loads a container by opening the pipe fd from the parent
+// to read the configuration and state. This is a low level implementation
+// detail of the reexec and should not be consumed externally.
+func StartInitialization() (err error) {
+	// Get the INITPIPE.
+	envInitPipe := os.Getenv("_LIBCONTAINER_INITPIPE")
+	pipefd, err := strconv.Atoi(envInitPipe)
+	if err != nil {
+		err = fmt.Errorf("unable to convert _LIBCONTAINER_INITPIPE: %w", err)
+		logrus.Error(err)
+		return err
+	}
+	pipe := os.NewFile(uintptr(pipefd), "pipe")
+	defer pipe.Close()
+
+	defer func() {
+		// We have an error during the initialization of the container's init,
+		// send it back to the parent process in the form of an initError.
+		if werr := writeSync(pipe, procError); werr != nil {
+			fmt.Fprintln(os.Stderr, err)
+			return
+		}
+		if werr := utils.WriteJSON(pipe, &initError{Message: err.Error()}); werr != nil {
+			fmt.Fprintln(os.Stderr, err)
+			return
+		}
+	}()
+
+	// Only init processes have FIFOFD.
+	fifofd := -1
+	envInitType := os.Getenv("_LIBCONTAINER_INITTYPE")
+	it := initType(envInitType)
+	if it == initStandard {
+		envFifoFd := os.Getenv("_LIBCONTAINER_FIFOFD")
+		if fifofd, err = strconv.Atoi(envFifoFd); err != nil {
+			return fmt.Errorf("unable to convert _LIBCONTAINER_FIFOFD: %w", err)
+		}
+	}
+
+	var consoleSocket *os.File
+	if envConsole := os.Getenv("_LIBCONTAINER_CONSOLE"); envConsole != "" {
+		console, err := strconv.Atoi(envConsole)
+		if err != nil {
+			return fmt.Errorf("unable to convert _LIBCONTAINER_CONSOLE: %w", err)
+		}
+		consoleSocket = os.NewFile(uintptr(console), "console-socket")
+		defer consoleSocket.Close()
+	}
+
+	logPipeFdStr := os.Getenv("_LIBCONTAINER_LOGPIPE")
+	logPipeFd, err := strconv.Atoi(logPipeFdStr)
+	if err != nil {
+		return fmt.Errorf("unable to convert _LIBCONTAINER_LOGPIPE: %w", err)
+	}
+
+	// Get mount files (O_PATH).
+	mountFds, err := parseMountFds()
+	if err != nil {
+		return err
+	}
+
+	// clear the current process's environment to clean any libcontainer
+	// specific env vars.
+	os.Clearenv()
+
+	defer func() {
+		if e := recover(); e != nil {
+			if ee, ok := e.(error); ok {
+				err = fmt.Errorf("panic from initialization: %w, %s", ee, debug.Stack())
+			} else {
+				err = fmt.Errorf("panic from initialization: %v, %s", e, debug.Stack())
+			}
+		}
+	}()
+
+	i, err := newContainerInit(it, pipe, consoleSocket, fifofd, logPipeFd, mountFds)
+	if err != nil {
+		return err
+	}
+
+	// If Init succeeds, syscall.Exec will not return, hence none of the defers will be called.
+	return i.Init()
+}
+
 type initer interface {
 	Init() error
 }