container: improve documentation

This change removes inconsistencies collected over time in this package.

Signed-off-by: Ophestra <cat@gensokyo.uk>

container/init.go

@@ -33,12 +33,12 @@ const (
 	- This path is only accessible by init and root:
 	  The container init sets SUID_DUMP_DISABLE and terminates if that fails.
 
-	It should be noted that none of this should become relevant at any point since the resulting
-	intermediate root tmpfs should be effectively anonymous. */
+	It should be noted that none of this should become relevant at any point
+	since the resulting intermediate root tmpfs should be effectively anonymous. */
 	intermediateHostPath = fhs.Proc + "self/fd"
 
-	// setupEnv is the name of the environment variable holding the string representation of
-	// the read end file descriptor of the setup params pipe.
+	// setupEnv is the name of the environment variable holding the string
+	// representation of the read end file descriptor of the setup params pipe.
 	setupEnv = "HAKUREI_SETUP"
 
 	// exitUnexpectedWait4 is the exit code if wait4 returns an unexpected errno.
@@ -59,7 +59,8 @@ type (
 		// late is called right before starting the initial process.
 		late(state *setupState, k syscallDispatcher) error
 
-		// prefix returns a log message prefix, and whether this Op prints no identifying message on its own.
+		// prefix returns a log message prefix, and whether this Op prints no
+		// identifying message on its own.
 		prefix() (string, bool)
 
 		Is(op Op) bool
@@ -71,9 +72,11 @@ type (
 	setupState struct {
 		nonrepeatable uintptr
 
-		// Whether early reaping has concluded. Must only be accessed in the wait4 loop.
+		// Whether early reaping has concluded. Must only be accessed in the
+		// wait4 loop.
 		processConcluded bool
-		// Process to syscall.WaitStatus populated in the wait4 loop. Freed after early reaping concludes.
+		// Process to syscall.WaitStatus populated in the wait4 loop. Freed
+		// after early reaping concludes.
 		process map[int]WaitStatus
 		// Synchronises access to process.
 		processMu sync.RWMutex
@@ -216,9 +219,10 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 	defer cancel()
 
 	/* early is called right before pivot_root into intermediate root;
-	this step is mostly for gathering information that would otherwise be difficult to obtain
-	via library functions after pivot_root, and implementations are expected to avoid changing
-	the state of the mount namespace */
+	this step is mostly for gathering information that would otherwise be
+	difficult to obtain via library functions after pivot_root, and
+	implementations are expected to avoid changing the state of the mount
+	namespace */
 	for i, op := range *params.Ops {
 		if op == nil || !op.Valid() {
 			k.fatalf(msg, "invalid op at index %d", i)
@@ -258,10 +262,10 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 		k.fatalf(msg, "cannot enter intermediate root: %v", err)
 	}
 
-	/* apply is called right after pivot_root and entering the new root;
-	this step sets up the container filesystem, and implementations are expected to keep the host root
-	and sysroot mount points intact but otherwise can do whatever they need to;
-	chdir is allowed but discouraged */
+	/* apply is called right after pivot_root and entering the new root. This
+	step sets up the container filesystem, and implementations are expected to
+	keep the host root and sysroot mount points intact but otherwise can do
+	whatever they need to. Calling chdir is allowed but discouraged. */
 	for i, op := range *params.Ops {
 		// ops already checked during early setup
 		if prefix, ok := op.prefix(); ok {