[CRIU] [PATCH] Allow passing ps-socket file descriptor when launching criu.

Paweł Stradomski pstradomski at google.com
Thu Jun 28 17:26:09 MSK 2018 

Done - two more patches sent to this list
czw., 21 cze 2018 o 22:52 Andrei Vagin <avagin at virtuozzo.com> napisał(a):
>
> On Wed, Jun 13, 2018 at 12:27:37PM +0200, Pawel Stradomski wrote:
> > Allow passing ps-socket file descriptor when launching criu.
> >
> > This makes it possible to have the pageserver communication go over anonymous
> > unix sockets, e.g. created by socketpair().
> >
> > Such setup makes it easier to secure pageserver connection by wrapping
> > it in an encrypted tunnel. It also helps prevent attacks where
> > a malicious process connects to page server and injects its own
> > stream of pages to either fool criu into restoring wrong pages or
> > to DoS the pageserver by having it exhaust local storage by writing
> > large .img files.
>
>
> Hello Pawel,
>
> Thank you for the patch. Can you add a decription for this option into
> Documentation/criu.txt and the usage message (criu/crtools.c).
>
> Thanks,
> Andrei
>
> >
> > Signed-off-by: Pawel Stradomski <pstradomski at google.com>
> > ---
> >  criu/crtools.c | 4 ++++
> >  1 file changed, 4 insertions(+)
> >
> > diff --git a/criu/crtools.c b/criu/crtools.c
> > index 4ff7a9f2..cd049fbc 100644
> > --- a/criu/crtools.c
> > +++ b/criu/crtools.c
> > @@ -351,6 +351,7 @@ int main(int argc, char *argv[], char *envp[])
> >               BOOL_OPT("remote", &opts.remote),
> >               { "config",                     required_argument,      0, 1089},
> >               { "no-default-config",          no_argument,            0, 1090},
> > +             { "ps-socket",                  required_argument,      0, 1091},
> >               { },
> >       };
> >
> > @@ -679,6 +680,9 @@ int main(int argc, char *argv[], char *envp[])
> >                       break;
> >               case 1090:
> >                       break;
> > +             case 1091:
> > +                     opts.ps_socket = atoi(optarg);
> > +                     break;
> >               case 'V':
> >                       pr_msg("Version: %s\n", CRIU_VERSION);
> >                       if (strcmp(CRIU_GITID, "0"))
> > --
> > 2.18.0.rc1.242.g61856ae69a-goog
> >
> >
> > --
> > Pawel Stradomski
> > _______________________________________________
> > CRIU mailing list
> > CRIU at openvz.org
> > https://lists.openvz.org/mailman/listinfo/criu



--
Paweł Stradomski

More information about the CRIU mailing list