[CRIU] [PATCHv5 3/3] crtools: cr_service() meat and a few fixes to properly dump cr_service socket

Ruslan Kuprieiev kupruser at gmail.com
Mon Sep 9 08:30:46 EDT 2013


On 09/09/2013 04:14 PM, Ruslan Kuprieiev wrote:
> Signed-off-by: Ruslan Kuprieiev kupruser at gmail.com
>
I'm sorry, there was a whitespace. Here is fixed one.
-------------- next part --------------
diff --git a/cr-service.c b/cr-service.c
index e921828..d0b3c0e 100644
--- a/cr-service.c
+++ b/cr-service.c
@@ -1,4 +1,232 @@
-int cr_service(void)
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+
+#include "crtools.h"
+#include "util-pie.h"
+#include "log.h"
+#include "protobuf.h"
+#include "protobuf/criu-dump-req.pb-c.h"
+#include "protobuf/criu-dump-resp.pb-c.h"
+
+static int client_fd;
+
+/*
+ * This function is needed in sk-unix.c,
+ * to recognize connection to service socket
+ * and treat it properly.
+ */
+int get_lib_sk_ino(void)
 {
+	struct stat st;
+
+	if (fstat(client_fd, &st)) {
+		pr_perror("Can't get library socket stat");
+		return -1;
+	}
+
+	return st.st_ino;
+}
+
+static int treat_req(CriuDumpReq *req, CriuDumpResp *resp)
+{
+	struct ucred ids;
+	struct stat st;
+	socklen_t ids_len = sizeof(struct ucred);
+
+	if (getsockopt(client_fd, SOL_SOCKET, SO_PEERCRED, &ids, &ids_len)) {
+		pr_perror("Can't get socket options.");
+		goto err;
+	}
+
+	if (req->pid == -1) {
+		req->pid = ids.pid;
+	} else if (req->pid != ids.pid) {
+		/*
+		 * FIXME Add some flag to resp for this case.
+		 */
+		if (ids.uid != 0) {
+			pr_perror("Client has no permissions to dump task %d",
+								     req->pid);
+			goto err;
+		}
+	}
+
+	/* going to dir, where to place images*/
+	if (req->images_dir == NULL) {
+		pr_perror("No images dir");
+		goto err;
+	}
+
+	if (stat(req->images_dir, &st) == -1) {
+		pr_perror("Can't stat images direcrtory");
+		goto err;
+	}
+
+	if (ids.uid == st.st_uid || ids.gid == st.st_gid || ids.uid == 0) {
+		if (chdir(req->images_dir)) {
+			pr_perror("Can't change dir");
+			goto err;
+		}
+	} else {
+		pr_perror("Client has no permissions to use images directory");
+		goto err;
+	}
+
+	/* initiate log file in imgs dir */
+	opts.output = xmalloc(sizeof(char)*PATH_MAX);
+	strcpy(opts.output, getcwd(NULL, PATH_MAX));
+	strcat(opts.output, "/dump.log");
+
+	if (open_image_dir() < 0) {
+		pr_perror("Can't open current directory.");
+		goto err;
+	}
+
+	/* setting loglevel */
+	log_set_loglevel(req->log_level);
+	if (log_init(opts.output) == -1) {
+		pr_perror("Can't initiate log.");
+		goto err;
+	}
+
+	/* checking dump flags from client */
+	if (req->leave_running)
+		opts.final_state = TASK_ALIVE;
+
+	opts.ext_unix_sk	= req->ext_unix_sk;
+	opts.tcp_established_ok	= req->tcp_established;
+	opts.evasive_devices	= req->evasive_devices;
+	opts.shell_job		= req->shell_job;
+	opts.handle_file_locks	= req->file_locks;
+
+	return 0;
+
+err:	resp->bad_args	= true;
+	return -1;
+}
+
+int cr_service(bool daemon_mode)
+{
+	int server_fd;
+	int child_pid;
+	struct sockaddr_un server_addr;
+	struct sockaddr_un client_addr;
+	socklen_t server_addr_len;
+	socklen_t client_addr_len;
+	CriuDumpReq *req;
+	CriuDumpResp resp = CRIU_DUMP_RESP__INIT;
+
+	server_fd = socket(AF_LOCAL, SOCK_STREAM, 0);
+	if (server_fd == -1) {
+		pr_perror("Can't initialize service socket.");
+		return -1;
+	}
+
+	memset(&server_addr, 0, sizeof(server_addr));
+	memset(&client_addr, 0, sizeof(client_addr));
+	server_addr.sun_family = AF_LOCAL;
+
+	if (opts.addr == NULL)
+		opts.addr = CR_DEFAULT_SERVICE_ADDRESS;
+
+	strcpy(server_addr.sun_path, opts.addr);
+
+	server_addr_len = strlen(server_addr.sun_path)
+			+ sizeof(server_addr.sun_family);
+	client_addr_len = sizeof(client_addr);
+
+	unlink(server_addr.sun_path);
+
+	if (bind(server_fd, (struct sockaddr *) &server_addr,
+					server_addr_len) == -1) {
+		pr_perror("Can't bind.");
+		return -1;
+	}
+
+	/* change service socket permissions, so anyone can connect to it */
+	if (chmod(server_addr.sun_path, 0666)) {
+		pr_perror("Can't change permissions of the service socket.");
+		return -1;
+	}
+
+	if (daemon_mode) {
+		if (daemon(0, 0) == -1) {
+			pr_perror("Can't run service server in the background");
+			return -errno;
+		}
+	}
+
+	if (listen(server_fd, 16) == -1) {
+		pr_perror("Can't listen for socket connections.");
+		return -1;
+	}
+
+	/* FIXME Do not ignore children's return values */
+	signal(SIGCHLD, SIG_IGN);
+
+	while (1) {
+		pr_info("Waiting for connection...\n");
+
+		client_fd = accept(server_fd, &client_addr, &client_addr_len);
+		if (client_fd == -1) {
+			pr_perror("Can't accept connection.");
+			continue;
+		}
+
+		pr_info("Connected.\n");
+
+		switch (child_pid = fork()) {
+		case -1:
+			pr_perror("Can't fork a child.");
+			continue;
+		case 0:
+
+			if (pb_read_one_eof(client_fd,
+						&req, PB_CRIU_DUMP_REQ) == -1) {
+				pr_perror("Can't recv request");
+				resp.bad_args = true;
+				goto exit;
+			}
+
+			if (treat_req(req, &resp) == -1) {
+				pr_perror("Arguments treating fail");
+				goto exit;
+			}
+
+			if (cr_dump_tasks(req->pid) == -1) {
+				pr_perror("Dump fail");
+				goto exit;
+			}
+
+			resp.success = true;
+exit:			if (pb_write_one(client_fd,
+					 &resp, PB_CRIU_DUMP_RESP) == -1) {
+				pr_perror("Can't send response");
+				resp.success = false;
+			}
+
+			close(client_fd);
+
+			if (resp.success)
+				exit(0);
+			else
+				exit(1);
+		default:
+			close(client_fd);
+		}
+	}
+
 	return 0;
 }
diff --git a/crtools.c b/crtools.c
index 6642dde..5421b0a 100644
--- a/crtools.c
+++ b/crtools.c
@@ -335,7 +335,7 @@ int main(int argc, char *argv[])
 		return cr_page_server(opts.restore_detach);
 
 	if (!strcmp(argv[optind], "service"))
-		return cr_service();
+		return cr_service(opts.restore_detach);
 
 	pr_msg("Unknown command \"%s\"\n", argv[optind]);
 usage:
@@ -403,14 +403,11 @@ usage:
 "  --prev-images-dir DIR path to images from previous dump (relative to -D)\n"
 "  --page-server         send pages to page server (see options below as well)\n"
 "\n"
-"Page server options\n"
-"  --address ADDR        address of page server\n"
+"Page/Service server options\n"
+"  --address ADDR        address of server\n"
 "  --port PORT           port of page server\n"
 "  -d|--daemon           run in the background after creating socket\n"
 "\n"
-"Service server options\n"
-"  --address ADDR        address, where to put service socket\n"
-"\n"
 "Show options:\n"
 "  -f|--file FILE        show contents of a checkpoint file\n"
 "  -D|--images-dir DIR   directory where to get images from\n"
diff --git a/include/crtools.h b/include/crtools.h
index d867522..742db88 100644
--- a/include/crtools.h
+++ b/include/crtools.h
@@ -119,7 +119,10 @@ int cr_show(int pid);
 int convert_to_elf(char *elf_path, int fd_core);
 int cr_check(void);
 int cr_exec(int pid, char **opts);
-int cr_service(void);
+int cr_service(bool daemon_mode);
+
+#define CR_DEFAULT_SERVICE_ADDRESS "/tmp/criu_service.socket"
+int get_lib_sk_ino(void);
 
 #define O_DUMP	(O_RDWR | O_CREAT | O_EXCL)
 #define O_SHOW	(O_RDONLY)
diff --git a/include/image.h b/include/image.h
index 5cd7741..b201226 100644
--- a/include/image.h
+++ b/include/image.h
@@ -18,6 +18,7 @@
 #define REMAP_GHOST	(1 << 31)
 
 #define USK_EXTERN	(1 << 0)
+#define USK_LIB_CTRL	(1 << 1)
 
 #define VMA_AREA_NONE		(0 <<  0)
 #define VMA_AREA_REGULAR	(1 <<  0)	/* Dumpable area */
diff --git a/include/protobuf-desc.h b/include/protobuf-desc.h
index fd9ee43..2d6dd8d 100644
--- a/include/protobuf-desc.h
+++ b/include/protobuf-desc.h
@@ -59,6 +59,8 @@ enum {
 	PB_SK_QUEUES,
 	PB_IPCNS_MSG,
 	PB_IPCNS_MSG_ENT,
+	PB_CRIU_DUMP_REQ,
+	PB_CRIU_DUMP_RESP,
 
 	PB_MAX,
 };
diff --git a/protobuf-desc.c b/protobuf-desc.c
index 1d0f7cd..b506ad2 100644
--- a/protobuf-desc.c
+++ b/protobuf-desc.c
@@ -56,6 +56,8 @@
 #include "protobuf/sk-netlink.pb-c.h"
 #include "protobuf/vma.pb-c.h"
 #include "protobuf/tun.pb-c.h"
+#include "protobuf/criu-dump-req.pb-c.h"
+#include "protobuf/criu-dump-resp.pb-c.h"
 
 struct cr_pb_message_desc cr_pb_descs[PB_MAX];
 
@@ -92,6 +94,8 @@ void cr_pb_init(void)
 	CR_PB_DESC(REMAP_FPATH,		RemapFilePath,	remap_file_path);
 	CR_PB_DESC(NETDEV,		NetDevice,	net_device);
 	CR_PB_MDESC_INIT(cr_pb_descs[PB_PAGEMAP_HEAD],	PagemapHead,	pagemap_head);
+	CR_PB_MDESC_INIT(cr_pb_descs[PB_CRIU_DUMP_REQ], CriuDumpReq,	criu_dump_req);
+	CR_PB_MDESC_INIT(cr_pb_descs[PB_CRIU_DUMP_RESP], CriuDumpResp,	criu_dump_resp);
 
 #include "protobuf-desc-gen.h"
 }
diff --git a/sk-unix.c b/sk-unix.c
index cf024a5..8caf263 100644
--- a/sk-unix.c
+++ b/sk-unix.c
@@ -24,6 +24,7 @@
 
 #include "protobuf.h"
 #include "protobuf/sk-unix.pb-c.h"
+#include "protobuf/criu-dump-resp.pb-c.h"
 
 struct unix_sk_desc {
 	struct socket_desc	sd;
@@ -138,6 +139,16 @@ static int dump_one_unix_fd(int lfd, u32 id, const struct fd_parms *p)
 	ue.opts		= &skopts;
 	ue.uflags	= 0;
 
+	/*
+	 * Check if this socket is connected to criu service.
+	 * Dump it like closed one and mark it for restore.
+	 */
+	if (ue.peer == get_lib_sk_ino()) {
+		ue.state = TCP_CLOSE;
+		ue.peer = 0;
+		ue.uflags |= USK_LIB_CTRL;
+	}
+
 	if (sk->namelen && *sk->name) {
 		ue.file_perms = &perms;
 
@@ -716,7 +727,30 @@ static int open_unixsk_standalone(struct unix_sk_info *ui)
 	pr_info("Opening standalone socket (id %#x ino %#x peer %#x)\n",
 			ui->ue->id, ui->ue->ino, ui->ue->peer);
 
-	if ((ui->ue->state == TCP_ESTABLISHED) && !ui->ue->peer) {
+	/*
+	 * Check if socket was connected to service socket.
+	 * If so, put response, that dumping and restoring
+	 * was successful.
+	 */
+	if (ui->ue->uflags & USK_LIB_CTRL) {
+		int sks[2];
+		CriuDumpResp resp = CRIU_DUMP_RESP__INIT;
+
+		resp.success = true;
+
+		if (socketpair(PF_UNIX, ui->ue->type, 0, sks)) {
+			pr_perror("Can't create socketpair");
+			return -1;
+		}
+
+		if (pb_write_one(sks[1], &resp, PB_CRIU_DUMP_RESP) == -1) {
+			pr_perror("Can't send response");
+			return -1;
+		}
+
+		close(sks[1]);
+		sk = sks[0];
+	} else if ((ui->ue->state == TCP_ESTABLISHED) && !ui->ue->peer) {
 		int ret, sks[2];
 
 		if (ui->ue->type != SOCK_STREAM) {


More information about the CRIU mailing list