tree-wide: non-functional changes

src/lxc/arguments.h

@@ -58,7 +58,7 @@ struct lxc_arguments {
 	int lxcpath_additional;
 
 	/* for lxc-start */
-	const char *share_ns[32]; // size must be greater than LXC_NS_MAX
+	const char *share_ns[32]; /* size must be greater than LXC_NS_MAX */
 
 	/* for lxc-console */
 	unsigned int ttynum;

src/lxc/attach_options.h

@@ -35,29 +35,28 @@ extern "C" {
  * LXC environment policy.
  */
 typedef enum lxc_attach_env_policy_t {
-	LXC_ATTACH_KEEP_ENV,   //!< Retain the environment
-	LXC_ATTACH_CLEAR_ENV   //!< Clear the environment
+	LXC_ATTACH_KEEP_ENV,   /*!< Retain the environment */
+	LXC_ATTACH_CLEAR_ENV   /*!< Clear the environment */
 } lxc_attach_env_policy_t;
 
 enum {
-	/* the following are on by default: */
-	LXC_ATTACH_MOVE_TO_CGROUP        = 0x00000001, //!< Move to cgroup
-	LXC_ATTACH_DROP_CAPABILITIES     = 0x00000002, //!< Drop capabilities
-	LXC_ATTACH_SET_PERSONALITY       = 0x00000004, //!< Set personality
-	LXC_ATTACH_LSM_EXEC              = 0x00000008, //!< Execute under a Linux Security Module
-
-	/* the following are off by default */
-	LXC_ATTACH_REMOUNT_PROC_SYS      = 0x00010000, //!< Remount /proc filesystem
-	LXC_ATTACH_LSM_NOW               = 0x00020000, //!< FIXME: unknown
+	/* The following are on by default: */
+	LXC_ATTACH_MOVE_TO_CGROUP        = 0x00000001, /*!< Move to cgroup */
+	LXC_ATTACH_DROP_CAPABILITIES     = 0x00000002, /*!< Drop capabilities */
+	LXC_ATTACH_SET_PERSONALITY       = 0x00000004, /*!< Set personality */
+	LXC_ATTACH_LSM_EXEC              = 0x00000008, /*!< Execute under a Linux Security Module */
+
+	/* The following are off by default: */
+	LXC_ATTACH_REMOUNT_PROC_SYS      = 0x00010000, /*!< Remount /proc filesystem */
+	LXC_ATTACH_LSM_NOW               = 0x00020000, /*!< FIXME: unknown */
 	/* Set PR_SET_NO_NEW_PRIVS to block execve() gainable privileges. */
-	LXC_ATTACH_NO_NEW_PRIVS		 = 0x00040000, //!< PR_SET_NO_NEW_PRIVS
+	LXC_ATTACH_NO_NEW_PRIVS		 = 0x00040000, /*!< PR_SET_NO_NEW_PRIVS */
 
-	/* we have 16 bits for things that are on by default
-	 * and 16 bits that are off by default, that should
-	 * be sufficient to keep binary compatibility for
-	 * a while
+	/* We have 16 bits for things that are on by default and 16 bits that
+	 * are off by default, that should be sufficient to keep binary
+	 * compatibility for a while
 	 */
-	LXC_ATTACH_DEFAULT               = 0x0000FFFF  //!< Mask of flags to apply by default
+	LXC_ATTACH_DEFAULT               = 0x0000FFFF  /*!< Mask of flags to apply by default */
 };
 
 /*! All Linux Security Module flags */
@@ -84,13 +83,14 @@ typedef struct lxc_attach_options_t {
 	int namespaces;
 
 	/*! Initial personality (\c -1 to autodetect).
-	 * \warning This may be ignored if lxc is compiled without personality support)
+	 * \warning This may be ignored if lxc is compiled without personality
+	 * support)
 	 */
 	long personality;
 
 	/*! Initial current directory, use \c NULL to use cwd.
-	 * If the current directory does not exist in the container, the
-	 * root directory will be used instead because of kernel defaults.
+	 * If the current directory does not exist in the container, the root
+	 * directory will be used instead because of kernel defaults.
 	 */
 	char* initial_cwd;
 
@@ -134,18 +134,18 @@ typedef struct lxc_attach_options_t {
 } lxc_attach_options_t;
 
 /*! Default attach options to use */
-#define LXC_ATTACH_OPTIONS_DEFAULT \
-	{ \
-		/* .attach_flags = */   LXC_ATTACH_DEFAULT, \
-		/* .namespaces = */     -1, \
-		/* .personality = */    -1, \
-		/* .initial_cwd = */    NULL, \
-		/* .uid = */            (uid_t)-1, \
-		/* .gid = */            (gid_t)-1, \
-		/* .env_policy = */     LXC_ATTACH_KEEP_ENV, \
-		/* .extra_env_vars = */ NULL, \
-		/* .extra_keep_env = */ NULL, \
-		/* .stdin_fd = */       0, 1, 2 \
+#define LXC_ATTACH_OPTIONS_DEFAULT                                             \
+	{                                                                      \
+		/* .attach_flags = */   LXC_ATTACH_DEFAULT,                    \
+		/* .namespaces = */     -1,                                    \
+		/* .personality = */    -1,                                    \
+		/* .initial_cwd = */    NULL,                                  \
+		/* .uid = */            (uid_t)-1,                             \
+		/* .gid = */            (gid_t)-1,                             \
+		/* .env_policy = */     LXC_ATTACH_KEEP_ENV,                   \
+		/* .extra_env_vars = */ NULL,                                  \
+		/* .extra_keep_env = */ NULL,                                  \
+		/* .stdin_fd = */       0, 1, 2                                \
 	}
 
 /*!

src/lxc/cgroups/cgfs.c

@@ -1800,7 +1800,9 @@ static char **subsystems_from_mount_options(const char *mount_options,
 			goto out_free;
 		result[result_count + 1] = NULL;
 		if (strncmp(token, "name=", 5) && !lxc_string_in_array(token, (const char **)kernel_list)) {
-			// this is eg 'systemd' but the mount will be 'name=systemd'
+			/* this is eg 'systemd' but the mount will be
+			 * 'name=systemd'
+			 */
 			result[result_count] = malloc(strlen(token) + 6);
 			if (result[result_count])
 				sprintf(result[result_count], "name=%s", token);
@@ -2068,9 +2070,10 @@ static bool cgroup_devices_has_allow_or_deny(struct cgfs_data *d,
 		NULL
 	};
 
-	// XXX FIXME if users could use something other than 'lxc.devices.deny = a'.
-	// not sure they ever do, but they *could*
-	// right now, I'm assuming they do NOT
+	/* XXX FIXME if users could use something other than 'lxc.devices.deny =
+	 * a'.  not sure they ever do, but they *could* right now, I'm assuming
+	 * they do NOT
+	 */
 	if (!for_allow && strcmp(v, "a") != 0 && strcmp(v, "a *:* rwm") != 0)
 		return false;
 

src/lxc/cgroups/cgfsng.c

@@ -90,8 +90,8 @@ struct hierarchy {
  */
 struct cgfsng_handler_data {
 	char *cgroup_pattern;
-	char *container_cgroup; // cgroup we created for the container
-	char *name; // container name
+	char *container_cgroup; /* cgroup we created for the container */
+	char *name; /* container name */
 };
 
 /*
@@ -386,7 +386,7 @@ static ssize_t get_max_cpus(char *cpulist)
 		c2 = c1;
 	else if (c1 < c2)
 		c1 = c2;
-	else if (!c1 && c2) // The reverse case is obvs. not needed.
+	else if (!c1 && c2) /* The reverse case is obvs. not needed. */
 		c1 = c2;
 
 	/* If the above logic is correct, c1 should always hold a valid string
@@ -414,7 +414,7 @@ static bool filter_and_set_cpus(char *path, bool am_initialized)
 	bool bret = false, flipped_bit = false;
 
 	lastslash = strrchr(path, '/');
-	if (!lastslash) { // bug...  this shouldn't be possible
+	if (!lastslash) { /* bug...  this shouldn't be possible */
 		ERROR("Invalid path: %s.", path);
 		return bret;
 	}
@@ -546,7 +546,7 @@ static bool copy_parent_file(char *path, char *file)
 	int ret;
 
 	lastslash = strrchr(path, '/');
-	if (!lastslash) { // bug...  this shouldn't be possible
+	if (!lastslash) { /* bug...  this shouldn't be possible */
 		ERROR("cgfsng:copy_parent_file: bad path %s", path);
 		return false;
 	}
@@ -1141,7 +1141,7 @@ static bool collect_hierarchy_info(void)
 	const char *tmp;
 	errno = 0;
 	tmp = lxc_global_config_value("lxc.cgroup.use");
-	if (!cgroup_use && errno != 0) { // lxc.cgroup.use can be NULL
+	if (!cgroup_use && errno != 0) { /* lxc.cgroup.use can be NULL */
 		SYSERROR("cgfsng: error reading list of cgroups to use");
 		return false;
 	}
@@ -1161,7 +1161,7 @@ static void *cgfsng_init(const char *name)
 	d->name = must_copy_string(name);
 
 	cgroup_pattern = lxc_global_config_value("lxc.cgroup.pattern");
-	if (!cgroup_pattern) { // lxc.cgroup.pattern is only NULL on error
+	if (!cgroup_pattern) { /* lxc.cgroup.pattern is only NULL on error */
 		ERROR("Error getting cgroup pattern");
 		goto out_free;
 	}
@@ -1291,7 +1291,7 @@ struct cgroup_ops *cgfsng_ops_init(void)
 static bool create_path_for_hierarchy(struct hierarchy *h, char *cgname)
 {
 	h->fullcgpath = must_make_path(h->mountpoint, h->base_cgroup, cgname, NULL);
-	if (dir_exists(h->fullcgpath)) { // it must not already exist
+	if (dir_exists(h->fullcgpath)) { /* it must not already exist */
 		ERROR("Path \"%s\" already existed.", h->fullcgpath);
 		return false;
 	}
@@ -1334,7 +1334,7 @@ static inline bool cgfsng_create(void *hdata)
 		ERROR("Failed expanding cgroup name pattern");
 		return false;
 	}
-	len = strlen(tmp) + 5; // leave room for -NNN\0
+	len = strlen(tmp) + 5; /* leave room for -NNN\0 */
 	cgname = must_alloc(len);
 	strcpy(cgname, tmp);
 	free(tmp);
@@ -1362,7 +1362,7 @@ again:
 	for (i = 0; hierarchies[i]; i++) {
 		if (!create_path_for_hierarchy(hierarchies[i], cgname)) {
 			int j;
-			SYSERROR("Failed to create %s: %s", hierarchies[i]->fullcgpath, strerror(errno));
+			ERROR("Failed to create \"%s\"", hierarchies[i]->fullcgpath);
 			free(hierarchies[i]->fullcgpath);
 			hierarchies[i]->fullcgpath = NULL;
 			for (j = 0; j < i; j++)
@@ -1405,7 +1405,7 @@ static bool cgfsng_enter(void *hdata, pid_t pid)
 
 struct chown_data {
 	struct cgfsng_handler_data *d;
-	uid_t origuid; // target uid in parent namespace
+	uid_t origuid; /* target uid in parent namespace */
 };
 
 /*
@@ -1814,7 +1814,7 @@ static bool cgfsng_attach(const char *name, const char *lxcpath, pid_t pid)
 		struct hierarchy *h = hierarchies[i];
 
 		path = lxc_cmd_get_cgroup_path(name, lxcpath, h->controllers[0]);
-		if (!path) // not running
+		if (!path) /* not running */
 			continue;
 
 		fullpath = build_full_cgpath_from_monitorpath(h, path, "cgroup.procs");
@@ -1847,7 +1847,7 @@ static int cgfsng_get(const char *filename, char *value, size_t len, const char
 		*p = '\0';
 
 	path = lxc_cmd_get_cgroup_path(name, lxcpath, subsystem);
-	if (!path) // not running
+	if (!path) /* not running */
 		return -1;
 
 	h = get_hierarchy(subsystem);
@@ -1879,7 +1879,7 @@ static int cgfsng_set(const char *filename, const char *value, const char *name,
 		*p = '\0';
 
 	path = lxc_cmd_get_cgroup_path(name, lxcpath, subsystem);
-	if (!path) // not running
+	if (!path) /* not running */
 		return -1;
 
 	h = get_hierarchy(subsystem);
@@ -1979,7 +1979,8 @@ static int lxc_cgroup_set_data(const char *filename, const char *value, struct c
 	char *subsystem = NULL, *p;
 	int ret = 0;
 	struct hierarchy *h;
-	char converted_value[50]; // "b|c <2^64-1>:<2^64-1> r|w|m" = 47 chars max
+	/* "b|c <2^64-1>:<2^64-1> r|w|m" = 47 chars max */
+	char converted_value[50];
 
 	subsystem = alloca(strlen(filename) + 1);
 	strcpy(subsystem, filename);

src/lxc/cgroups/cgmanager.c

@@ -139,7 +139,7 @@ static bool cgm_dbus_connect(void)
 
 	cgm_lock();
 	if (!dbus_threads_initialized) {
-		// tell dbus to do struct locking for thread safety
+		/* tell dbus to do struct locking for thread safety */
 		dbus_threads_init_default();
 		dbus_threads_initialized = true;
 	}
@@ -169,7 +169,7 @@ static bool cgm_dbus_connect(void)
 		return false;
 	}
 
-	// get the api version
+	/* get the api version */
 	if (cgmanager_get_api_version_sync(NULL, cgroup_manager, &api_version) != 0) {
 		NihError *nerr;
 		nerr = nih_error_get();
@@ -562,7 +562,7 @@ static void *cgm_init(const char *name)
 
 	d->cgroup_pattern = lxc_global_config_value("lxc.cgroup.pattern");
 
-	// cgm_create immediately gets called so keep the connection open
+	/* cgm_create immediately gets called so keep the connection open */
 	return d;
 
 err1:
@@ -620,10 +620,10 @@ static inline bool cgm_create(void *hdata)
 
 	if (!d)
 		return false;
-// XXX we should send a hint to the cgmanager that when these
-// cgroups become empty they should be deleted.  Requires a cgmanager
-// extension
 
+	/* XXX we should send a hint to the cgmanager that when these cgroups
+	 * become empty they should be deleted. Requires a cgmanager extension.
+	 */
 	memset(result, 0, MAXPATHLEN);
 	tmp = lxc_string_replace("%n", d->name, d->cgroup_pattern);
 	if (!tmp)
@@ -639,7 +639,7 @@ static inline bool cgm_create(void *hdata)
 	while (*tmp == '/')
 		tmp++;
 again:
-	if (index == 100) { // turn this into a warn later
+	if (index == 100) { /* turn this into a warn later */
 		ERROR("cgroup error?  100 cgroups with this name already running");
 		goto bad;
 	}
@@ -662,7 +662,7 @@ again:
 		if (existed == 1)
 			goto next;
 	}
-	// success
+	/* success */
 	cgroup_path = strdup(tmp);
 	if (!cgroup_path) {
 		cleanup_cgroups(tmp);
@@ -947,7 +947,7 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
 		close(p[1]);
 		return -1;
 	}
-	if (!pid) // do_cgm_get exits
+	if (!pid) /* do_cgm_get exits */
 		do_cgm_get(name, lxcpath, filename, p[1], len && value);
 	close(p[1]);
 	ret = read(p[0], &newlen, sizeof(newlen));
@@ -962,12 +962,12 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
 		goto out;
 	}
 	memset(value, 0, len);
-	if (newlen < 0) { // child is reporting an error
+	if (newlen < 0) { /* child is reporting an error */
 		close(p[0]);
 		ret = -1;
 		goto out;
 	}
-	if (newlen == 0) { // empty read
+	if (newlen == 0) { /* empty read */
 		close(p[0]);
 		ret = 0;
 		goto out;
@@ -983,7 +983,7 @@ static int cgm_get(const char *filename, char *value, size_t len, const char *na
 		value[len-1] = '\0';
 		newlen = len-1;
 	} else if (newlen+1 < len) {
-		// cgmanager doesn't add eol to last entry
+		/* cgmanager doesn't add eol to last entry */
 		value[newlen++] = '\n';
 		value[newlen] = '\0';
 	}
@@ -997,7 +997,7 @@ out:
 static void do_cgm_set(const char *name, const char *lxcpath, const char *filename, const char *value, int outp)
 {
 	char *controller, *key, *cgroup = NULL;
-	int retval = 0;  // value we are sending to the parent over outp
+	int retval = 0;  /* value we are sending to the parent over outp */
 	int ret;
 	char *cglast;
 
@@ -1083,7 +1083,7 @@ static int cgm_set(const char *filename, const char *value, const char *name, co
 		close(p[0]);
 		return -1;
 	}
-	if (!pid) // do_cgm_set exits
+	if (!pid) /* do_cgm_set exits */
 		do_cgm_set(name, lxcpath, filename, value, p[1]);
 	close(p[1]);
 	ret = read(p[0], &v, sizeof(v));
@@ -1328,7 +1328,7 @@ static bool collect_subsystems(void)
 	size_t sz = 0;
 	FILE *f = NULL;
 
-	if (subsystems) // already initialized
+	if (subsystems) /* already initialized */
 		return true;
 
 	subsystems_inone = malloc(2 * sizeof(char *));
@@ -1439,7 +1439,7 @@ struct cgroup_ops *cgm_ops_init(void)
 	if (api_version < CGM_SUPPORTS_MULT_CONTROLLERS)
 		cgm_all_controllers_same = false;
 
-	// if root, try to escape to root cgroup
+	/* if root, try to escape to root cgroup */
 	if (geteuid() == 0 && !cgm_escape(NULL)) {
 		free_subsystems();
 		return NULL;
@@ -1502,7 +1502,7 @@ static bool cgm_setup_limits(void *hdata, struct lxc_list *cgroup_settings, bool
 		cg = iterator->elem;
 		if (do_devices != !strncmp("devices", cg->subsystem, 7))
 			continue;
-		if (strlen(cg->subsystem) > 100) // i smell a rat
+		if (strlen(cg->subsystem) > 100) /* i smell a rat */
 			goto out;
 		strcpy(controller, cg->subsystem);
 		p = strchr(controller, '.');
@@ -1648,7 +1648,7 @@ static bool cgm_mount_cgroup(void *hdata, const char *root, int type)
 		return cgm_bind_dir(root, CGMANAGER_LOWER_SOCK);
 	if (dir_exists(CGMANAGER_UPPER_SOCK))
 		return cgm_bind_dir(root, CGMANAGER_UPPER_SOCK);
-	// Host doesn't have cgmanager running?  Then how did we get here?
+	/* Host doesn't have cgmanager running?  Then how did we get here? */
 	return false;
 }
 

src/lxc/conf.c

@@ -2289,7 +2289,7 @@ static int dropcaps_except(struct lxc_list *caps)
 	if (numcaps <= 0 || numcaps > 200)
 		return -1;
 
-	// caplist[i] is 1 if we keep capability i
+	/* caplist[i] is 1 if we keep capability i */
 	int *caplist = alloca(numcaps * sizeof(int));
 	memset(caplist, 0, numcaps * sizeof(int));
 
@@ -3292,7 +3292,7 @@ static int unpriv_assign_nic(const char *lxcpath, char *lxcname,
 		return -1;
 	}
 
-	if (child == 0) { // child
+	if (child == 0) { /* child */
 		/* Call lxc-user-nic pid type bridge. */
 		int ret;
 		char pidstr[LXC_NUMSTRLEN64];
@@ -3870,7 +3870,7 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
 	}
 
 	if (rootuid == hostuid) {
-		// nothing to do
+		/* nothing to do */
 		INFO("Container root is our uid; no need to chown");
 		return 0;
 	}
@@ -3897,28 +3897,28 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
 		return -1;
 	}
 
-	// "u:0:rootuid:1"
+	/* "u:0:rootuid:1" */
 	ret = snprintf(map1, 100, "u:0:%d:1", rootuid);
 	if (ret < 0 || ret >= 100) {
 		ERROR("Error uid printing map string");
 		return -1;
 	}
 
-	// "u:hostuid:hostuid:1"
+	/* "u:hostuid:hostuid:1" */
 	ret = snprintf(map2, 100, "u:%d:%d:1", hostuid, hostuid);
 	if (ret < 0 || ret >= 100) {
 		ERROR("Error uid printing map string");
 		return -1;
 	}
 
-	// "g:0:rootgid:1"
+	/* "g:0:rootgid:1" */
 	ret = snprintf(map3, 100, "g:0:%d:1", rootgid);
 	if (ret < 0 || ret >= 100) {
 		ERROR("Error gid printing map string");
 		return -1;
 	}
 
-	// "g:pathgid:rootgid+pathgid:1"
+	/* "g:pathgid:rootgid+pathgid:1" */
 	ret = snprintf(map4, 100, "g:%d:%d:1", (gid_t)sb.st_gid,
 		       rootgid + (gid_t)sb.st_gid);
 	if (ret < 0 || ret >= 100) {
@@ -3926,14 +3926,14 @@ int chown_mapped_root(char *path, struct lxc_conf *conf)
 		return -1;
 	}
 
-	// "g:hostgid:hostgid:1"
+	/* "g:hostgid:hostgid:1" */
 	ret = snprintf(map5, 100, "g:%d:%d:1", hostgid, hostgid);
 	if (ret < 0 || ret >= 100) {
 		ERROR("Error gid printing map string");
 		return -1;
 	}
 
-	// "0:pathgid" (chown)
+	/* "0:pathgid" (chown) */
 	ret = snprintf(ugid, 100, "0:%d", (gid_t)sb.st_gid);
 	if (ret < 0 || ret >= 100) {
 		ERROR("Error owner printing format string for chown");
@@ -4367,7 +4367,7 @@ int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
 
 int lxc_clear_config_caps(struct lxc_conf *c)
 {
-	struct lxc_list *it,*next;
+	struct lxc_list *it, *next;
 
 	lxc_list_for_each_safe(it, &c->caps, next) {
 		lxc_list_del(it);

src/lxc/conf.h

@@ -26,8 +26,8 @@
 #include "config.h"
 
 #include <stdio.h>
-#include <netinet/in.h>
 #include <net/if.h>
+#include <netinet/in.h>
 #include <sys/param.h>
 #include <sys/types.h>
 #if HAVE_SYS_RESOURCE_H
@@ -301,9 +301,17 @@ enum {
  * @lsm_se_context : selinux type to switch to or NULL
  */
 enum lxchooks {
-	LXCHOOK_PRESTART, LXCHOOK_PREMOUNT, LXCHOOK_MOUNT, LXCHOOK_AUTODEV,
-	LXCHOOK_START, LXCHOOK_STOP, LXCHOOK_POSTSTOP, LXCHOOK_CLONE, LXCHOOK_DESTROY,
-	NUM_LXC_HOOKS};
+	LXCHOOK_PRESTART,
+	LXCHOOK_PREMOUNT,
+	LXCHOOK_MOUNT,
+	LXCHOOK_AUTODEV,
+	LXCHOOK_START,
+	LXCHOOK_STOP,
+	LXCHOOK_POSTSTOP,
+	LXCHOOK_CLONE,
+	LXCHOOK_DESTROY,
+	NUM_LXC_HOOKS
+};
 extern char *lxchook_names[NUM_LXC_HOOKS];
 
 struct saved_nic {
@@ -341,24 +349,24 @@ struct lxc_conf {
 	unsigned int lsm_aa_allow_incomplete;
 	char *lsm_se_context;
 	int tmp_umount_proc;
-	char *seccomp;  // filename with the seccomp rules
+	char *seccomp;  /* filename with the seccomp rules */
 #if HAVE_SCMP_FILTER_CTX
 	scmp_filter_ctx seccomp_ctx;
 #endif
 	int maincmd_fd;
-	unsigned int autodev;  // if 1, mount and fill a /dev at start
-	int haltsignal; // signal used to halt container
-	int rebootsignal; // signal used to reboot container
-	int stopsignal; // signal used to hard stop container
-	char *rcfile;	// Copy of the top level rcfile we read
-
-	// Logfile and logleve can be set in a container config file.
-	// Those function as defaults.  The defaults can be overriden
-	// by command line.  However we don't want the command line
-	// specified values to be saved on c->save_config().  So we
-	// store the config file specified values here.
-	char *logfile;  // the logfile as specifed in config
-	int loglevel;   // loglevel as specifed in config (if any)
+	unsigned int autodev;  /* if 1, mount and fill a /dev at start */
+	int haltsignal; /* signal used to halt container */
+	int rebootsignal; /* signal used to reboot container */
+	int stopsignal; /* signal used to hard stop container */
+	char *rcfile;	/* Copy of the top level rcfile we read */
+
+	/* Logfile and logleve can be set in a container config file. Those
+	 * function as defaults. The defaults can be overriden by command line.
+	 * However we don't want the command line specified values to be saved
+	 * on c->save_config(). So we store the config file specified values
+	 * here. */
+	char *logfile; /* the logfile as specifed in config */
+	int loglevel; /* loglevel as specifed in config (if any) */
 	int logfd;
 
 	int inherit_ns_fd[LXC_NS_MAX];
@@ -422,19 +430,12 @@ extern __thread struct lxc_conf *current_config;
 extern struct lxc_conf *current_config;
 #endif
 
-int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
-		  const char *lxcpath, char *argv[]);
-
+extern int run_lxc_hooks(const char *name, char *hook, struct lxc_conf *conf,
+			 const char *lxcpath, char *argv[]);
 extern int detect_shared_rootfs(void);
-
-/*
- * Initialize the lxc configuration structure
- */
 extern struct lxc_conf *lxc_conf_init(void);
 extern void lxc_conf_free(struct lxc_conf *conf);
-
 extern int pin_rootfs(const char *rootfs);
-
 extern int lxc_requests_empty_network(struct lxc_handler *handler);
 extern int lxc_setup_networks_in_parent_namespaces(struct lxc_handler *handler);
 extern bool lxc_delete_network(struct lxc_handler *handler);
@@ -442,10 +443,8 @@ extern int lxc_assign_network(const char *lxcpath, char *lxcname,
 			      struct lxc_list *networks, pid_t pid);
 extern int lxc_map_ids(struct lxc_list *idmap, pid_t pid);
 extern int lxc_find_gateway_addresses(struct lxc_handler *handler);
-
 extern int lxc_create_tty(const char *name, struct lxc_conf *conf);
 extern void lxc_delete_tty(struct lxc_tty_info *tty_info);
-
 extern int lxc_clear_config_caps(struct lxc_conf *c);
 extern int lxc_clear_config_keepcaps(struct lxc_conf *c);
 extern int lxc_clear_cgroups(struct lxc_conf *c, const char *key);
@@ -458,23 +457,15 @@ extern int lxc_clear_environment(struct lxc_conf *c);
 extern int lxc_clear_limits(struct lxc_conf *c, const char *key);
 extern int lxc_delete_autodev(struct lxc_handler *handler);
 extern void lxc_clear_includes(struct lxc_conf *conf);
-
 extern int do_rootfs_setup(struct lxc_conf *conf, const char *name,
 			   const char *lxcpath);
-
-/*
- * Configure the container from inside
- */
-
 struct cgroup_process_info;
 extern int lxc_setup(struct lxc_handler *handler);
-
 extern int setup_resource_limits(struct lxc_list *limits, pid_t pid);
-
 extern void lxc_restore_phys_nics_to_netns(int netnsfd, struct lxc_conf *conf);
-
 extern int find_unmapped_nsid(struct lxc_conf *conf, enum idtype idtype);
-extern int mapped_hostid(unsigned id, struct lxc_conf *conf, enum idtype idtype);
+extern int mapped_hostid(unsigned id, struct lxc_conf *conf,
+			 enum idtype idtype);
 extern int chown_mapped_root(char *path, struct lxc_conf *conf);
 extern int lxc_ttys_shift_ids(struct lxc_conf *c);
 extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
@@ -482,11 +473,11 @@ extern int userns_exec_1(struct lxc_conf *conf, int (*fn)(void *), void *data,
 extern int parse_mntopts(const char *mntopts, unsigned long *mntflags,
 			 char **mntdata);
 extern void tmp_proc_unmount(struct lxc_conf *lxc_conf);
-void remount_all_slave(void);
+extern void remount_all_slave(void);
 extern void suggest_default_idmap(void);
-FILE *make_anonymous_mount_file(struct lxc_list *mount);
-struct lxc_list *sort_cgroup_settings(struct lxc_list* cgroup_settings);
-unsigned long add_required_remount_flags(const char *s, const char *d,
-		unsigned long flags);
+extern FILE *make_anonymous_mount_file(struct lxc_list *mount);
+extern struct lxc_list *sort_cgroup_settings(struct lxc_list *cgroup_settings);
+extern unsigned long add_required_remount_flags(const char *s, const char *d,
+						unsigned long flags);
 
-#endif
+#endif /* __LXC_CONF_H */

src/lxc/criu.c

@@ -779,8 +779,9 @@ out_unlock:
 	return !has_error;
 }
 
-// do_restore never returns, the calling process is used as the
-// monitor process. do_restore calls exit() if it fails.
+/* do_restore never returns, the calling process is used as the monitor process.
+ * do_restore calls exit() if it fails.
+ */
 static void do_restore(struct lxc_container *c, int status_pipe, struct migrate_opts *opts, char *criu_version)
 {
 	pid_t pid;
@@ -1214,7 +1215,7 @@ bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts)
 
 	if (pid == 0) {
 		close(pipefd[0]);
-		// this never returns
+		/* this never returns */
 		do_restore(c, pipefd[1], opts, criu_version);
 	}
 
@@ -1227,9 +1228,10 @@ bool __criu_restore(struct lxc_container *c, struct migrate_opts *opts)
 		goto err_wait;
 	}
 
-	// If the criu process was killed or exited nonzero, wait() for the
-	// handler, since the restore process died. Otherwise, we don't need to
-	// wait, since the child becomes the monitor process.
+	/* If the criu process was killed or exited nonzero, wait() for the
+	 * handler, since the restore process died. Otherwise, we don't need to
+	 * wait, since the child becomes the monitor process.
+	 */
 	if (!WIFEXITED(status) || WEXITSTATUS(status))
 		goto err_wait;
 	return true;

src/lxc/list.h

@@ -24,45 +24,44 @@
 #ifndef __LXC_LIST_H
 #define __LXC_LIST_H
 
+#include <stdio.h>
+
 struct lxc_list {
 	void *elem;
 	struct lxc_list *next;
 	struct lxc_list *prev;
 };
 
-#define lxc_init_list(l) { .next = l, .prev = l }
+#define lxc_init_list(l)                                                       \
+	{                                                                      \
+		.next = l, .prev = l                                           \
+	}
 
 /*
  * Iterate through an lxc list. An example for an idiom would be:
  *
  * struct lxc_list *iterator;
- * type *tmp; // where "type" can be an int, char * etc.
  * lxc_list_for_each(iterator, list) {
+ *        type *tmp;
  * 	  tmp = iterator->elem;
- *        // Do stuff with tmp.
  * }
- * free(iterator);
  */
-#define lxc_list_for_each(__iterator, __list)				\
-	for (__iterator = (__list)->next;				\
-	     __iterator != __list;					\
+#define lxc_list_for_each(__iterator, __list)                                  \
+	for (__iterator = (__list)->next; __iterator != __list;                \
 	     __iterator = __iterator->next)
 
-/*
- * Iterate safely through an lxc list. An example for an appropriate use case
+/* Iterate safely through an lxc list. An example for an appropriate use case
  * would be:
  *
- * struct lxc_list *iterator;
- * lxc_list_for_each_safe(iterator, list, list->next) {
- * 	  tmp = iterator->elem;
- *        // Do stuff with tmp.
+ * struct lxc_list *cur, *next;
+ * lxc_list_for_each_safe(cur, list, next) {
+ *        type *tmp;
+ * 	  tmp = cur->elem;
  * }
- * free(iterator);
  */
-#define lxc_list_for_each_safe(__iterator, __list, __next)		\
-	for (__iterator = (__list)->next, __next = __iterator->next;	\
-	     __iterator != __list;					\
-	     __iterator = __next, __next = __next->next)
+#define lxc_list_for_each_safe(__iterator, __list, __next)                     \
+	for (__iterator = (__list)->next, __next = __iterator->next;           \
+	     __iterator != __list; __iterator = __next, __next = __next->next)
 
 /* Initalize list. */
 static inline void lxc_list_init(struct lxc_list *list)
@@ -72,7 +71,8 @@ static inline void lxc_list_init(struct lxc_list *list)
 }
 
 /* Add an element to a list. See lxc_list_add() and lxc_list_add_tail() for an
- * idiom. */
+ * idiom.
+ */
 static inline void lxc_list_add_elem(struct lxc_list *list, void *elem)
 {
 	list->elem = elem;
@@ -97,8 +97,7 @@ static inline int lxc_list_empty(struct lxc_list *list)
 }
 
 /* Workhorse to be called from lxc_list_add() and lxc_list_add_tail(). */
-static inline void __lxc_list_add(struct lxc_list *new,
-				  struct lxc_list *prev,
+static inline void __lxc_list_add(struct lxc_list *new, struct lxc_list *prev,
 				  struct lxc_list *next)
 {
 	next->prev = new;
@@ -107,8 +106,7 @@ static inline void __lxc_list_add(struct lxc_list *new,
 	prev->next = new;
 }
 
-/*
- * Idiom to add an element to the beginning of an lxc list:
+/* Idiom to add an element to the beginning of an lxc list:
  *
  *	struct lxc_list *tmp = malloc(sizeof(*tmp));
  *	if (tmp == NULL)
@@ -121,8 +119,7 @@ static inline void lxc_list_add(struct lxc_list *head, struct lxc_list *list)
 	__lxc_list_add(list, head, head->next);
 }
 
-/*
- * Idiom to add an element to the end of an lxc list:
+/* Idiom to add an element to the end of an lxc list:
  *
  *	struct lxc_list *tmp = malloc(sizeof(*tmp));
  *	if (tmp == NULL)
@@ -136,14 +133,13 @@ static inline void lxc_list_add_tail(struct lxc_list *head,
 	__lxc_list_add(list, head->prev, head);
 }
 
-/*
- * Idiom to free an lxc list:
- *
- * lxc_list_for_each_safe(iterator, list, list->next) {
- * 	  lxc_list_del(iterator);
- * 	  free(iterator);
+/* Idiom to remove an element from a list:
+ * struct lxc_list *cur, *next;
+ * lxc_list_for_each_safe(cur, list, next) {
+ * 	  lxc_list_del(cur);
+ * 	  free(cur->elem);
+ * 	  free(cur);
  * }
- * free(iterator);
  */
 static inline void lxc_list_del(struct lxc_list *list)
 {
@@ -160,6 +156,7 @@ static inline size_t lxc_list_len(struct lxc_list *list)
 {
 	 size_t i = 0;
 	 struct lxc_list *iter;
+
 	 lxc_list_for_each(iter, list) {
 		i++;
 	 }
@@ -167,4 +164,4 @@ static inline size_t lxc_list_len(struct lxc_list *list)
 	 return i;
 }
 
-#endif
+#endif /* __LXC_LIST_H */

src/lxc/log.c

@@ -340,10 +340,11 @@ struct lxc_log_category lxc_log_category_lxc = {
 /*---------------------------------------------------------------------------*/
 static int build_dir(const char *name)
 {
-	char *n = strdup(name);  // because we'll be modifying it
-	char *p, *e;
 	int ret;
+	char *e, *n, *p;
 
+	/* Make copy of string since we'll be modifying it. */
+	n = strdup(name);
 	if (!n) {
 		ERROR("Out of memory while creating directory '%s'.", name);
 		return -1;
@@ -470,10 +471,9 @@ extern void lxc_log_close(void)
  */
 static int __lxc_log_set_file(const char *fname, int create_dirs)
 {
-	if (lxc_log_fd != -1) {
-		// we are overriding the default.
+	/* we are overriding the default. */
+	if (lxc_log_fd != -1)
 		lxc_log_close();
-	}
 
 	if (!fname)
 		return -1;
@@ -484,8 +484,9 @@ static int __lxc_log_set_file(const char *fname, int create_dirs)
 	}
 
 #if USE_CONFIGPATH_LOGS
-	// we don't build_dir for the default if the default is
-	// i.e. /var/lib/lxc/$container/$container.log
+	/* We don't build_dir for the default if the default is i.e.
+	 * /var/lib/lxc/$container/$container.log.
+	 */
 	if (create_dirs)
 #endif
 	if (build_dir(fname)) {

src/lxc/lsm/apparmor.c

@@ -189,10 +189,10 @@ static int apparmor_process_label_set(const char *inlabel, struct lxc_conf *conf
 	curlabel = apparmor_process_label_get(getpid());
 
 	if (!aa_stacking_supported() && aa_needs_transition(curlabel)) {
-		// we're already confined, and stacking isn't supported
+		/* we're already confined, and stacking isn't supported */
 
 		if (!label || strcmp(curlabel, label) == 0) {
-			// no change requested
+			/* no change requested */
 			free(curlabel);
 			return 0;
 		}

src/lxc/lxc_user_nic.c

@@ -208,7 +208,7 @@ static struct alloted_s *append_alloted(struct alloted_s **head, char *name, int
 	struct alloted_s *cur, *al;
 
 	if (!head || !name) {
-		// sanity check. parameters should not be null
+		/* sanity check. parameters should not be null */
 		usernic_error("%s\n", "Unexpected NULL argument.");
 		return NULL;
 	}
@@ -797,9 +797,10 @@ static int rename_in_ns(int pid, char *oldname, char **newnamep)
 			      "user id and real user id to %d, and saved user "
 			      "ID to 0: %s.\n",
 			      ruid, strerror(errno));
-		// COMMENT(brauner): It's ok to jump to do_full_cleanup here
-		// since setresuid() will succeed when trying to set real,
-		// effective, and saved to values they currently have.
+		/* It's ok to jump to do_full_cleanup here since setresuid()
+		 * will succeed when trying to set real, effective, and saved to
+		 * values they currently have.
+		 */
 		goto do_full_cleanup;
 	}
 
@@ -844,9 +845,6 @@ do_full_cleanup:
 			      "ID to %d: %s.\n",
 			      ruid, euid, suid, strerror(errno));
 		fret = -1;
-		// COMMENT(brauner): setns() should fail if setresuid() doesn't
-		// succeed but there's no harm in falling through; keeps the
-		// code cleaner.
 	}
 
 	ret = setns(ofd, CLONE_NEWNET);
@@ -865,10 +863,8 @@ do_partial_cleanup:
 	return fret;
 }
 
-/*
- * If the caller (real uid, not effective uid) may read the
- * /proc/[pid]/ns/net, then it is either the caller's netns or one
- * which it created.
+/* If the caller (real uid, not effective uid) may read the /proc/[pid]/ns/net,
+ * then it is either the caller's netns or one which it created.
  */
 static bool may_access_netns(int pid)
 {

src/lxc/lxccontainer.h

@@ -59,7 +59,7 @@ struct migrate_opts;
  * changes, whenever possible stick to simply appending new members.
  */
 struct lxc_container {
-	// private fields
+	/* private fields */
 	/*!
 	 * \private
 	 * Name of container.
@@ -105,7 +105,7 @@ struct lxc_container {
 	 */
 	struct lxc_conf *lxc_conf;
 
-	// public fields
+	/* public fields */
 	/*! Human-readable string representing last error */
 	char *error_string;
 

src/lxc/lxclock.c

@@ -54,7 +54,7 @@ static inline void dump_stacktrace(void)
 	size = backtrace(array, MAX_STACKDEPTH);
 	strings = backtrace_symbols(array, size);
 
-	// Using fprintf here as our logging module is not thread safe
+	/* Using fprintf here as our logging module is not thread safe. */
 	fprintf(stderr, "\tObtained %zu stack frames.\n", size);
 
 	for (i = 0; i < size; i++)

src/lxc/lxclock.h

@@ -33,21 +33,21 @@
 #define LXC_LOCK_ANON_SEM 1 /*!< Anonymous semaphore lock */
 #define LXC_LOCK_FLOCK    2 /*!< flock(2) lock */
 
-// private
+/* private */
 /*!
  * LXC Lock
 */
 struct lxc_lock {
-	short type; //!< Lock type
+	short type; /*!< Lock type */
 
 	union {
-		sem_t *sem; //!< Anonymous semaphore (LXC_LOCK_ANON_SEM)
+		sem_t *sem; /*!< Anonymous semaphore (LXC_LOCK_ANON_SEM) */
 		/*! LXC_LOCK_FLOCK details */
 		struct {
-			int   fd; //!< fd on which a lock is held (if not -1)
-			char *fname; //!< Name of lock
+			int   fd; /*!< fd on which a lock is held (if not -1) */
+			char *fname; /*!< Name of lock */
 		} f;
-	} u; //!< Container for lock type elements
+	} u; /*!< Container for lock type elements */
 };
 
 /*!

src/lxc/monitor.c

@@ -262,7 +262,7 @@ int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
 	if (ret == -1)
 		return -1;
 	else if (ret == 0)
-		return -2;  // timed out
+		return -2;  /* timed out */
 
 	/* Only read from the first ready fd, the others will remain ready for
 	 * when this routine is called again.

src/lxc/network.c

@@ -156,7 +156,7 @@ static char * is_wlan(const char *ifname)
 		goto bad;
 	if (!(f = fopen(path, "r")))
 		goto bad;
-	// feh - sb.st_size is always 4096
+	/* Feh - sb.st_size is always 4096. */
 	fseek(f, 0, SEEK_END);
 	physlen = ftell(f);
 	fseek(f, 0, SEEK_SET);
@@ -223,7 +223,7 @@ lxc_netdev_move_wlan(char *physname, const char *ifname, pid_t pid, const char*
 		sprintf(pidstr, "%d", pid);
 		if (execlp("iw", "iw", "phy", physname, "set", "netns", pidstr, (char *)NULL))
 			exit(1);
-		exit(0); // notreached
+		exit(0); /* notreached */
 	}
 	if (wait_for_pid(fpid))
 		goto out1;
@@ -1438,7 +1438,7 @@ static int attach_to_ovs_bridge(const char *lxcpath, const char *name, const cha
 			return ret;
 		pid = fork();
 		if (pid < 0)
-			return -1;  // how to properly recover?
+			return -1;  /* how to properly recover? */
 		if (pid > 0)
 			return 0;
 		ovs_cleanup_nic(lxcpath, name, bridge, nic);
@@ -1447,13 +1447,12 @@ static int attach_to_ovs_bridge(const char *lxcpath, const char *name, const cha
 
 	if (execlp("ovs-vsctl", "ovs-vsctl", "add-port", bridge, nic, (char *)NULL))
 		exit(1);
-	// not reached
+	/* not reached */
 	exit(1);
 }
 
-/*
- * There is a lxc_bridge_attach, but no need of a bridge detach
- * as automatically done by kernel when a netdev is deleted.
+/* There is a lxc_bridge_attach, but no need of a bridge detach as automatically
+ * done by kernel when a netdev is deleted.
  */
 int lxc_bridge_attach(const char *lxcpath, const char *name, const char *bridge, const char *ifname)
 {

src/lxc/nl.c

@@ -156,7 +156,7 @@ extern struct nlmsg *nlmsg_alloc_reserve(size_t size)
 	if (!nlmsg)
 		return NULL;
 
-	// just set message length to cap directly
+	/* Just set message length to cap directly. */
 	nlmsg->nlmsghdr->nlmsg_len = nlmsg->cap;
 	return nlmsg;
 }
@@ -178,14 +178,14 @@ extern int netlink_rcv(struct nl_handler *handler, struct nlmsg *answer)
 		.iov_base = answer->nlmsghdr,
 		.iov_len = answer->nlmsghdr->nlmsg_len,
 	};
-	
+
 	struct msghdr msg = {
 		.msg_name = &nladdr,
 		.msg_namelen = sizeof(nladdr),
 		.msg_iov = &iov,
 		.msg_iovlen = 1,
 	};
-	
+
 	memset(&nladdr, 0, sizeof(nladdr));
 	nladdr.nl_family = AF_NETLINK;
 	nladdr.nl_pid = 0;
@@ -223,7 +223,7 @@ extern int netlink_send(struct nl_handler *handler, struct nlmsg *nlmsg)
 		.msg_iovlen = 1,
 	};
 	int ret;
-	
+
 	memset(&nladdr, 0, sizeof(nladdr));
 	nladdr.nl_family = AF_NETLINK;
 	nladdr.nl_pid = 0;

src/lxc/parse.c

@@ -51,8 +51,9 @@ int lxc_file_for_each_line(const char *file, lxc_file_cb callback, void *data)
 	while (getline(&line, &len, f) != -1) {
 		err = callback(line, data);
 		if (err) {
-			// callback rv > 0 means stop here
-			// callback rv < 0 means error
+			/* Callback rv > 0 means stop here callback rv < 0 means
+			 * error.
+			 */
 			if (err < 0)
 				ERROR("Failed to parse config: %s", line);
 			break;

src/lxc/seccomp.c

@@ -75,7 +75,7 @@ static uint32_t get_v2_default_action(char *line)
 
 	while (*line == ' ')
 		line++;
-	// after 'whitelist' or 'blacklist' comes default behavior
+	/* After 'whitelist' or 'blacklist' comes default behavior. */
 	if (strncmp(line, "kill", 4) == 0)
 		ret_action = SCMP_ACT_KILL;
 	else if (strncmp(line, "errno", 5) == 0) {
@@ -94,7 +94,7 @@ static uint32_t get_v2_default_action(char *line)
 
 static const char *get_action_name(uint32_t action)
 {
-	// The upper 16 bits indicate the type of the seccomp action
+	/* The upper 16 bits indicate the type of the seccomp action. */
 	switch(action & 0xffff0000){
 	case SCMP_ACT_KILL:
 		return "kill";
@@ -170,7 +170,7 @@ int get_hostarch(void)
 	}
 	if (strcmp(uts.machine, "i686") == 0)
 		return lxc_seccomp_arch_i386;
-	// no x32 kernels
+	/* no x32 kernels */
 	else if (strcmp(uts.machine, "x86_64") == 0)
 		return lxc_seccomp_arch_amd64;
 	else if (strncmp(uts.machine, "armv7", 5) == 0)
@@ -434,7 +434,7 @@ static int parse_config_v2(FILE *f, char *line, struct lxc_conf *conf)
 		remove_trailing_newlines(line);
 		INFO("processing: .%s.", line);
 		if (line[0] == '[') {
-			// read the architecture for next set of rules
+			/* Read the architecture for next set of rules. */
 			if (strcmp(line, "[x86]") == 0 ||
 			    strcmp(line, "[X86]") == 0) {
 				if (native_arch != lxc_seccomp_arch_i386 &&

src/lxc/start.h

@@ -48,13 +48,16 @@ struct lxc_handler {
 	int pinfd;
 	const char *lxcpath;
 	void *cgroup_data;
-	int ttysock[2]; // socketpair for child->parent tty fd passing
-	bool backgrounded; // indicates whether should we close std{in,out,err} on start
+
+	/* socketpair for child->parent tty fd passing */
+	int ttysock[2];
+
+	/* indicates whether should we close std{in,out,err} on start */
+	bool backgrounded;
 	int nsfd[LXC_NS_MAX];
 	int netnsfd;
-	/* The socketpair() fds used to wait on successful daemonized
-	 * startup.
-	 */
+
+	/* The socketpair() fds used to wait on successful daemonized startup. */
 	int state_socket_pair[2];
 	struct lxc_list state_clients;
 };

src/lxc/storage/btrfs.c

@@ -99,10 +99,6 @@ char *get_btrfs_subvol_path(int fd, u64 dir_id, u64 objid, char *name,
 	return retpath;
 }
 
-//
-// btrfs ops
-//
-
 int btrfs_list_get_path_rootid(int fd, u64 *treeid)
 {
 	int  ret;
@@ -126,7 +122,7 @@ bool is_btrfs_fs(const char *path)
 	int fd, ret;
 	struct btrfs_ioctl_space_args sargs;
 
-	// make sure this is a btrfs filesystem
+	/* Make sure this is a btrfs filesystem. */
 	fd = open(path, O_RDONLY);
 	if (fd < 0)
 		return false;

src/lxc/storage/btrfs.h

@@ -95,7 +95,7 @@ struct btrfs_ioctl_vol_args_v2 {
 	union {
 		struct {
 			unsigned long long size;
-			//struct btrfs_qgroup_inherit *qgroup_inherit;
+			/*struct btrfs_qgroup_inherit *qgroup_inherit; */
 			void *qgroup_inherit;
 		};
 		unsigned long long unused[4];

src/lxc/storage/loop.c

@@ -322,7 +322,7 @@ static int do_loop_create(const char *path, uint64_t size, const char *fstype)
 		return -1;
 	}
 
-	// create an fs in the loopback file
+	/* Create an fs in the loopback file. */
 	ret = run_command(cmd_output, sizeof(cmd_output), do_mkfs_exec_wrapper,
 			  (void *)cmd_args);
 	if (ret < 0) {

src/lxc/storage/rsync.h

@@ -43,4 +43,4 @@ extern int lxc_storage_rsync_exec_wrapper(void *data);
 extern int lxc_rsync_exec(const char *src, const char *dest);
 extern int lxc_rsync(struct rsync_data *data);
 
-#endif // __LXC_RSYNC_H
+#endif /* __LXC_RSYNC_H */

src/lxc/storage/storage.h

@@ -70,7 +70,8 @@ struct lxc_storage;
 struct lxc_storage_ops {
 	/* detect whether path is of this bdev type */
 	bool (*detect)(const char *path);
-	// mount requires src and dest to be set.
+
+	/* mount requires src and dest to be set. */
 	int (*mount)(struct lxc_storage *bdev);
 	int (*umount)(struct lxc_storage *bdev);
 	int (*destroy)(struct lxc_storage *bdev);

src/lxc/storage/storage_utils.c

@@ -85,13 +85,17 @@ char *dir_new_path(char *src, const char *oldname, const char *name,
 	}
 
 	while ((p2 = strstr(src, oldname)) != NULL) {
-		strncpy(p, src, p2 - src); // copy text up to oldname
-		p += p2 - src;		   // move target pointer (p)
-		p += sprintf(p, "%s",
-			     name); // print new name in place of oldname
-		src = p2 + l2;      // move src to end of oldname
+		/* copy text up to oldname */
+		strncpy(p, src, p2 - src);
+		/* move target pointer (p) */
+		p += p2 - src;
+		/* print new name in place of oldname */
+		p += sprintf(p, "%s", name);
+		/* move src to end of oldname */
+		src = p2 + l2;
 	}
-	sprintf(p, "%s", src); // copy the rest of src
+	/* copy the rest of src */
+	sprintf(p, "%s", src);
 	return ret;
 }
 
@@ -136,7 +140,8 @@ int blk_getsize(struct lxc_storage *bdev, uint64_t *size)
 	if (fd < 0)
 		return -1;
 
-	ret = ioctl(fd, BLKGETSIZE64, size); // size of device in bytes
+	/* size of device in bytes */
+	ret = ioctl(fd, BLKGETSIZE64, size);
 	close(fd);
 	return ret;
 }
@@ -213,7 +218,7 @@ int detect_fs(struct lxc_storage *bdev, char *type, int len)
 		exit(1);
 	}
 
-	// if symlink, get the real dev name
+	/* if symlink, get the real dev name */
 	char devpath[MAXPATHLEN];
 	char *l = linkderef(srcdev, devpath);
 	if (!l)
@@ -410,9 +415,10 @@ bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
 			 bool maybesnap)
 {
 	if (!t) {
-		// new type will be same as original
-		// (unless snap && b->type == dir, in which case it will be
-		// overlayfs -- which is also allowed)
+		/* New type will be same as original (unless snap && b->type ==
+		 * dir, in which case it will be overlayfs -- which is also
+		 * allowed).
+		 */
 		if (strcmp(b->type, "dir") == 0 ||
 		    strcmp(b->type, "aufs") == 0 ||
 		    strcmp(b->type, "overlay") == 0 ||
@@ -424,8 +430,9 @@ bool unpriv_snap_allowed(struct lxc_storage *b, const char *t, bool snap,
 		return false;
 	}
 
-	// unprivileged users can copy and snapshot dir, overlayfs,
-	// and loop.  In particular, not zfs, btrfs, or lvm.
+	/* Unprivileged users can copy and snapshot dir, overlayfs, and loop.
+	 * In particular, not zfs, btrfs, or lvm.
+	 */
 	if (strcmp(t, "dir") == 0 ||
 	    strcmp(t, "aufs") == 0 ||
 	    strcmp(t, "overlay") == 0 ||

src/lxc/tools/lxc_clone.c

@@ -53,7 +53,7 @@ static uint64_t get_fssize(char *s)
 	while (isblank(*end))
 		end++;
 	if (*end == '\0')
-		ret *= 1024ULL * 1024ULL; // MB by default
+		ret *= 1024ULL * 1024ULL; /* MB by default */
 	else if (*end == 'b' || *end == 'B')
 		ret *= 1ULL;
 	else if (*end == 'k' || *end == 'K')
@@ -163,9 +163,10 @@ int main(int argc, char *argv[])
 	if (keepname)  flags |= LXC_CLONE_KEEPNAME;
 	if (keepmac)   flags |= LXC_CLONE_KEEPMACADDR;
 
-	// vgname and fstype could be supported by sending them through the
-	// bdevdata.  However, they currently are not yet.  I'm not convinced
-	// they are worthwhile.
+	/* vgname and fstype could be supported by sending them through the
+	 * bdevdata.  However, they currently are not yet.  I'm not convinced
+	 * they are worthwhile.
+	 */
 	if (vgname) {
 		printf("Error: vgname not supported\n");
 		usage(argv[0]);

src/lxc/tools/lxc_copy.c

@@ -575,7 +575,7 @@ static uint64_t get_fssize(char *s)
 	while (isblank(*end))
 		end++;
 	if (*end == '\0') {
-		ret *= 1024ULL * 1024ULL; // MB by default
+		ret *= 1024ULL * 1024ULL; /* MB by default */
 	} else if (*end == 'b' || *end == 'B') {
 		ret *= 1ULL;
 	} else if (*end == 'k' || *end == 'K') {

src/lxc/tools/lxc_create.c

@@ -49,7 +49,7 @@ static uint64_t get_fssize(char *s)
 	while (isblank(*end))
 		end++;
 	if (*end == '\0')
-		ret *= 1024ULL * 1024ULL; // MB by default
+		ret *= 1024ULL * 1024ULL; /* MB by default */
 	else if (*end == 'b' || *end == 'B')
 		ret *= 1ULL;
 	else if (*end == 'k' || *end == 'K')
@@ -248,7 +248,7 @@ int main(int argc, char *argv[])
 	if (strcmp(my_args.bdevtype, "none") == 0)
 		my_args.bdevtype = "dir";
 
-	// Final check whether the user gave use a valid bdev type.
+	/* Final check whether the user gave use a valid bdev type. */
 	if (strcmp(my_args.bdevtype, "best") &&
 	    strcmp(my_args.bdevtype, "_unset") &&
 	    !is_valid_storage_type(my_args.bdevtype)) {

src/lxc/tools/lxc_ls.c

@@ -677,18 +677,22 @@ static char *ls_get_interface(struct lxc_container *c)
  */
 static double ls_get_swap(struct lxc_container *c)
 {
+	char *stat, *swap, *tmp;
 	unsigned long long int num = 0;
-	char *stat = ls_get_cgroup_item(c, "memory.stat");
+
+	stat = ls_get_cgroup_item(c, "memory.stat");
 	if (!stat)
 		goto out;
 
-	char *swap = strstr(stat, "\nswap");
+	swap = strstr(stat, "\nswap");
 	if (!swap)
 		goto out;
 
-	swap = 1 + swap + 4 + 1; // start_of_swap_value = '\n' + strlen(swap) + ' '
+	/* start_of_swap_value = '\n' + strlen(swap) + ' ' */
+	swap = 1 + swap + 4 + 1;
 
-	char *tmp = strchr(swap, '\n'); // find end of swap value
+	/* find end of swap value */
+	tmp = strchr(swap, '\n');
 	if (!tmp)
 		goto out;
 

src/lxc/tools/lxc_unshare.c

@@ -137,7 +137,7 @@ static int do_start(void *arg)
 			exit(EXIT_FAILURE);
 		}
 
-	// Setuid is useful even without a new user id space
+	/* Setuid is useful even without a new user id space. */
 	if (start_arg->setuid && setuid(uid)) {
 		ERROR("failed to set uid %d: %s", uid, strerror(errno));
 		exit(EXIT_FAILURE);

src/lxc/tools/lxc_usernsexec.c

@@ -99,13 +99,13 @@ static void opentty(const char * tty, int which) {
 		close(fd);
 	}
 }
-// Code copy end
+/* Code copy end */
 
 static int do_child(void *vargv)
 {
 	char **argv = (char **)vargv;
 
-	// Assume we want to become root
+	/* Assume we want to become root */
 	if (setgid(0) < 0) {
 		perror("setgid");
 		return -1;
@@ -272,8 +272,8 @@ int main(int argc, char *argv[])
 	int pid;
 	char *default_args[] = {"/bin/sh", NULL};
 	char buf[1];
-	int pipe1[2],  // child tells parent it has unshared
-	    pipe2[2];  // parent tells child it is mapped and may proceed
+	int pipe1[2],  /* child tells parent it has unshared */
+	    pipe2[2];  /* parent tells child it is mapped and may proceed */
 
 	memset(ttyname0, '\0', sizeof(ttyname0));
 	memset(ttyname1, '\0', sizeof(ttyname1));
@@ -326,7 +326,7 @@ int main(int argc, char *argv[])
 		exit(EXIT_FAILURE);
 	}
 	if ((pid = fork()) == 0) {
-		// Child.
+		/* Child. */
 
 		close(pipe1[0]);
 		close(pipe2[1]);

src/lxc/utils.c

@@ -1069,7 +1069,7 @@ bool dir_exists(const char *path)
 
 	ret = stat(path, &sb);
 	if (ret < 0)
-		// could be something other than eexist, just say no
+		/* Could be something other than eexist, just say "no". */
 		return false;
 	return S_ISDIR(sb.st_mode);
 }
@@ -1125,7 +1125,7 @@ int detect_shared_rootfs(void)
 			continue;
 		*p2 = '\0';
 		if (strcmp(p + 1, "/") == 0) {
-			// this is '/'.  is it shared?
+			/* This is '/'. Is it shared? */
 			p = strchr(p2 + 1, ' ');
 			if (p && strstr(p, "shared:")) {
 				fclose(f);
@@ -1191,7 +1191,7 @@ bool detect_ramfs_rootfs(void)
 			continue;
 		*p2 = '\0';
 		if (strcmp(p + 1, "/") == 0) {
-			// this is '/'.  is it the ramfs?
+			/* This is '/'. Is it the ramfs? */
 			p = strchr(p2 + 1, '-');
 			if (p && strncmp(p, "- rootfs rootfs ", 16) == 0) {
 				free(line);
@@ -1572,20 +1572,21 @@ static int check_symlink(int fd)
 static int open_if_safe(int dirfd, const char *nextpath)
 {
 	int newfd = openat(dirfd, nextpath, O_RDONLY | O_NOFOLLOW);
-	if (newfd >= 0) // was not a symlink, all good
+	if (newfd >= 0) /* Was not a symlink, all good. */
 		return newfd;
 
 	if (errno == ELOOP)
 		return newfd;
 
 	if (errno == EPERM || errno == EACCES) {
-		/* we're not root (cause we got EPERM) so
-		   try opening with O_PATH */
+		/* We're not root (cause we got EPERM) so try opening with
+		 * O_PATH.
+		 */
 		newfd = openat(dirfd, nextpath, O_PATH | O_NOFOLLOW);
 		if (newfd >= 0) {
-			/* O_PATH will return an fd for symlinks.  We know
-			 * nextpath wasn't a symlink at last openat, so if fd
-			 * is now a link, then something * fishy is going on
+			/* O_PATH will return an fd for symlinks. We know
+			 * nextpath wasn't a symlink at last openat, so if fd is
+			 * now a link, then something * fishy is going on.
 			 */
 			int ret = check_symlink(newfd);
 			if (ret < 0) {
@@ -1685,8 +1686,10 @@ out:
 int safe_mount(const char *src, const char *dest, const char *fstype,
 		unsigned long flags, const void *data, const char *rootfs)
 {
-	int srcfd = -1, destfd, ret, saved_errno;
-	char srcbuf[50], destbuf[50]; // only needs enough for /proc/self/fd/<fd>
+	int destfd, ret, saved_errno;
+	/* Only needs enough for /proc/self/fd/<fd>. */
+	char srcbuf[50], destbuf[50];
+	int srcfd = -1;
 	const char *mntsrc = src;
 
 	if (!rootfs)

src/lxc/utils.h

@@ -92,7 +92,7 @@ static inline int unshare(int flags)
 #endif
 }
 #else
-int unshare(int);
+extern int unshare(int);
 #endif
 
 /* Define signalfd() if missing from the C library */
@@ -245,24 +245,30 @@ extern int lxc_wait_for_pid_status(pid_t pid);
 /* send and receive buffers completely */
 extern ssize_t lxc_write_nointr(int fd, const void* buf, size_t count);
 extern ssize_t lxc_read_nointr(int fd, void* buf, size_t count);
-extern ssize_t lxc_read_nointr_expect(int fd, void* buf, size_t count, const void* expected_buf);
+extern ssize_t lxc_read_nointr_expect(int fd, void *buf, size_t count,
+				      const void *expected_buf);
 #if HAVE_LIBGNUTLS
 #define SHA_DIGEST_LENGTH 20
 extern int sha1sum_file(char *fnam, unsigned char *md_value);
 #endif
 
 /* read and write whole files */
-extern int lxc_write_to_file(const char *filename, const void* buf, size_t count, bool add_newline);
+extern int lxc_write_to_file(const char *filename, const void *buf,
+			     size_t count, bool add_newline);
 extern int lxc_read_from_file(const char *filename, void* buf, size_t count);
 
 /* convert variadic argument lists to arrays (for execl type argument lists) */
 extern char** lxc_va_arg_list_to_argv(va_list ap, size_t skip, int do_strdup);
 extern const char** lxc_va_arg_list_to_argv_const(va_list ap, size_t skip);
 
-/* Some simple string functions; if they return pointers, they are allocated buffers. */
-extern char *lxc_string_replace(const char *needle, const char *replacement, const char *haystack);
+/* Some simple string functions; if they return pointers, they are allocated
+ * buffers.
+ */
+extern char *lxc_string_replace(const char *needle, const char *replacement,
+				const char *haystack);
 extern bool lxc_string_in_array(const char *needle, const char **haystack);
-extern char *lxc_string_join(const char *sep, const char **parts, bool use_as_prefix);
+extern char *lxc_string_join(const char *sep, const char **parts,
+			     bool use_as_prefix);
 /* Normalize and split path: Leading and trailing / are removed, multiple
  * / are compactified, .. and . are resolved (.. on the top level is considered
  * identical to .).
@@ -281,7 +287,8 @@ extern char *lxc_append_paths(const char *first, const char *second);
  *       consider an empty element, even if two delimiters are next to
  *       each other.
  */
-extern bool lxc_string_in_list(const char *needle, const char *haystack, char sep);
+extern bool lxc_string_in_list(const char *needle, const char *haystack,
+			       char sep);
 extern char **lxc_string_split(const char *string, char sep);
 extern char **lxc_string_split_and_trim(const char *string, char sep);
 /* Append string to NULL-terminated string array. */
@@ -290,7 +297,8 @@ extern int lxc_append_string(char ***list, char *entry);
 /* some simple array manipulation utilities */
 typedef void (*lxc_free_fn)(void *);
 typedef void *(*lxc_dup_fn)(void *);
-extern int lxc_grow_array(void ***array, size_t* capacity, size_t new_size, size_t capacity_increment);
+extern int lxc_grow_array(void ***array, size_t *capacity, size_t new_size,
+			  size_t capacity_increment);
 extern void lxc_free_array(void **array, lxc_free_fn element_free_fn);
 extern size_t lxc_array_len(void **array);
 
@@ -303,7 +311,7 @@ extern void *lxc_strmmap(void *addr, size_t length, int prot, int flags, int fd,
 /* munmap() wrapper. Use it to free memory mmap()ed with lxc_strmmap(). */
 extern int lxc_strmunmap(void *addr, size_t length);
 
-//initialize rand with urandom
+/* initialize rand with urandom */
 extern int randseed(bool);
 
 inline static bool am_unpriv(void) {
@@ -318,50 +326,51 @@ extern uid_t get_ns_uid(uid_t orig);
 extern bool dir_exists(const char *path);
 
 #define FNV1A_64_INIT ((uint64_t)0xcbf29ce484222325ULL)
-uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
-
-int detect_shared_rootfs(void);
-bool detect_ramfs_rootfs(void);
-char *on_path(const char *cmd, const char *rootfs);
-bool file_exists(const char *f);
-bool cgns_supported(void);
-char *choose_init(const char *rootfs);
-int print_to_file(const char *file, const char *content);
-bool switch_to_ns(pid_t pid, const char *ns);
-int is_dir(const char *path);
-char *get_template_path(const char *t);
-int setproctitle(char *title);
-int safe_mount(const char *src, const char *dest, const char *fstype,
-		unsigned long flags, const void *data, const char *rootfs);
-int lxc_mount_proc_if_needed(const char *rootfs);
-int open_devnull(void);
-int set_stdfds(int fd);
-int null_stdfds(void);
-int lxc_count_file_lines(const char *fn);
-int lxc_preserve_ns(const int pid, const char *ns);
+extern uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval);
+
+extern int detect_shared_rootfs(void);
+extern bool detect_ramfs_rootfs(void);
+extern char *on_path(const char *cmd, const char *rootfs);
+extern bool file_exists(const char *f);
+extern bool cgns_supported(void);
+extern char *choose_init(const char *rootfs);
+extern int print_to_file(const char *file, const char *content);
+extern bool switch_to_ns(pid_t pid, const char *ns);
+extern int is_dir(const char *path);
+extern char *get_template_path(const char *t);
+extern int setproctitle(char *title);
+extern int safe_mount(const char *src, const char *dest, const char *fstype,
+		      unsigned long flags, const void *data,
+		      const char *rootfs);
+extern int lxc_mount_proc_if_needed(const char *rootfs);
+extern int open_devnull(void);
+extern int set_stdfds(int fd);
+extern int null_stdfds(void);
+extern int lxc_count_file_lines(const char *fn);
+extern int lxc_preserve_ns(const int pid, const char *ns);
 
 /* Check whether a signal is blocked by a process. */
-bool task_blocking_signal(pid_t pid, int signal);
+extern bool task_blocking_signal(pid_t pid, int signal);
 
 /* Helper functions to parse numbers. */
-int lxc_safe_uint(const char *numstr, unsigned int *converted);
-int lxc_safe_int(const char *numstr, int *converted);
-int lxc_safe_long(const char *numstr, long int *converted);
-int lxc_safe_ulong(const char *numstr, unsigned long *converted);
+extern int lxc_safe_uint(const char *numstr, unsigned int *converted);
+extern int lxc_safe_int(const char *numstr, int *converted);
+extern int lxc_safe_long(const char *numstr, long int *converted);
+extern int lxc_safe_ulong(const char *numstr, unsigned long *converted);
 
 /* Switch to a new uid and gid. */
-int lxc_switch_uid_gid(uid_t uid, gid_t gid);
-int lxc_setgroups(int size, gid_t list[]);
+extern int lxc_switch_uid_gid(uid_t uid, gid_t gid);
+extern int lxc_setgroups(int size, gid_t list[]);
 
 /* Find an unused loop device and associate it with source. */
-int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
+extern int lxc_prepare_loop_dev(const char *source, char *loop_dev, int flags);
 
 /* Clear all mounts on a given node.
  * >= 0 successfully cleared. The number returned is the number of umounts
  *      performed.
  * < 0  error umounting. Return -errno.
  */
-int lxc_unstack_mountpoint(const char *path, bool lazy);
+extern int lxc_unstack_mountpoint(const char *path, bool lazy);
 
 /*
  * run_command runs a command and collect it's std{err,out} output in buf.
@@ -375,22 +384,23 @@ int lxc_unstack_mountpoint(const char *path, bool lazy);
  *                     function must exec.
  * @param[in] args     Arguments to be passed to child_fn.
  */
-int run_command(char *buf, size_t buf_size, int (*child_fn)(void *), void *args);
+extern int run_command(char *buf, size_t buf_size, int (*child_fn)(void *),
+		       void *args);
 
 /* Concatenate all passed-in strings into one path. Do not fail. If any piece
  * is not prefixed with '/', add a '/'.
  */
-char *must_make_path(const char *first, ...) __attribute__((sentinel));
+extern char *must_make_path(const char *first, ...) __attribute__((sentinel));
 
 /* return copy of string @entry;  do not fail. */
-char *must_copy_string(const char *entry);
+extern char *must_copy_string(const char *entry);
 
 /* Re-alllocate a pointer, do not fail */
-void *must_realloc(void *orig, size_t sz);
+extern void *must_realloc(void *orig, size_t sz);
 
 /* __typeof__ should be safe to use with all compilers. */
 typedef __typeof__(((struct statfs *)NULL)->f_type) fs_type_magic;
-bool has_fs_type(const char *path, fs_type_magic magic_val);
-bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
+extern bool has_fs_type(const char *path, fs_type_magic magic_val);
+extern bool is_fs_type(const struct statfs *fs, fs_type_magic magic_val);
 
 #endif /* __LXC_UTILS_H */