[CRIU] [PATCH 3/3] criu: Restore anonymized images(file paths)

Andrei Vagin avagin at gmail.com
Sun Sep 15 07:49:20 MSK 2019 

I see only the third patch of this series. Where are two others and a
cover letter?

On Thu, Sep 05, 2019 at 07:25:59PM +0530, Harshavardhan Unnibhavi wrote:
> This commit restores anonymized images containing their file paths
> maximized.
> 
> This commit introduces the following:
>   - anon option for the restore action.
> 
> This commit modifies the following:
>   - pretend anonymized files in question are opened.
> 
> Resolve Issue #360.
> 
> Signed-off-by: Harshavardhan Unnibhavi <hvubfoss at gmail.com>
> ---
>  criu/config.c             |  5 +++++
>  criu/cr-restore.c         |  5 +++++
>  criu/files-reg.c          | 12 ++++++++++--
>  criu/files.c              |  4 ++--
>  criu/include/cr_options.h |  1 +
>  criu/include/restorer.h   |  1 +
>  criu/pie/restorer.c       |  4 ++--
>  7 files changed, 26 insertions(+), 6 deletions(-)
> 
> diff --git a/criu/config.c b/criu/config.c
> index 3a54afd4..d36150e0 100644
> --- a/criu/config.c
> +++ b/criu/config.c
> @@ -276,6 +276,7 @@ void init_opts(void)
>  	opts.empty_ns = 0;
>  	opts.status_fd = -1;
>  	opts.log_level = DEFAULT_LOGLEVEL;
> +	opts.anonymize = false;
>  }
>  
>  bool deprecated_ok(char *what)
> @@ -455,6 +456,7 @@ int parse_options(int argc, char **argv, bool *usage_error,
>  		{ "root",			required_argument,	0, 'r'	},
>  		{ USK_EXT_PARAM,		optional_argument,	0, 'x'	},
>  		{ "help",			no_argument,		0, 'h'	},
> +		{ "anon",                       no_argument,            0, 'a'  },
>  		BOOL_OPT(SK_EST_PARAM, &opts.tcp_established_ok),
>  		{ "close",			required_argument,	0, 1043	},
>  		BOOL_OPT("log-pid", &opts.log_file_per_pid),
> @@ -574,6 +576,9 @@ int parse_options(int argc, char **argv, bool *usage_error,
>  			continue;
>  
>  		switch (opt) {
> +		case 'a':
> +			opts.anonymize = true;
> +			break;
>  		case 's':
>  			opts.final_state = TASK_STOPPED;
>  			break;
> diff --git a/criu/cr-restore.c b/criu/cr-restore.c
> index de0b2cb4..05896ab0 100644
> --- a/criu/cr-restore.c
> +++ b/criu/cr-restore.c
> @@ -882,6 +882,9 @@ static int restore_one_alive_task(int pid, CoreEntry *core)
>  
>  	memzero(ta, args_len);
>  
> +	if(opts.anonymize)
> +		ta->anonymize = true;
> +
>  	if (prepare_fds(current))
>  		return -1;
>  
> @@ -2268,6 +2271,8 @@ skip_ns_bouncing:
>  		goto out_kill;
>  
>  	pr_info("Restore finished successfully. Resuming tasks.\n");
> +	if(opts.anonymize)
> +		return 0;
>  	__restore_switch_stage(CR_STATE_COMPLETE);
>  
>  	if (ret == 0)
> diff --git a/criu/files-reg.c b/criu/files-reg.c
> index 1b51d108..a3a2396d 100644
> --- a/criu/files-reg.c
> +++ b/criu/files-reg.c
> @@ -1745,14 +1745,14 @@ ext:
>  			return -1;
>  		}
>  
> -		if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size)) {
> +		if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size) && (!opts.anonymize)) {
>  			pr_err("File %s has bad size %"PRIu64" (expect %"PRIu64")\n",
>  					rfi->path, st.st_size,
>  					rfi->rfe->size);
>  			return -1;
>  		}
>  
> -		if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode)) {
> +		if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode) && (!opts.anonymize)) {
>  			pr_err("File %s has bad mode 0%o (expect 0%o)\n",
>  			       rfi->path, (int)st.st_mode,
>  			       rfi->rfe->mode);
> @@ -1793,6 +1793,14 @@ int do_open_reg_noseek_flags(int ns_root_fd, struct reg_file_info *rfi, void *ar
>  	flags &= ~O_TMPFILE;
>  
>  	fd = openat(ns_root_fd, rfi->path, flags);
> +	if(opts.anonymize){
> +		fd = openat(ns_root_fd, "/dev/zero", flags);
> +		if(fd < 0){
> +			pr_perror("Unable to create a fake file descriptor");
> +			return fd;
> +		}
> +		pr_info("Restoring anonymized file paths.\n");
> +	}
>  	if (fd < 0) {
>  		pr_perror("Can't open file %s on restore", rfi->path);
>  		return fd;
> diff --git a/criu/files.c b/criu/files.c
> index ffdaa459..a7e76247 100644
> --- a/criu/files.c
> +++ b/criu/files.c
> @@ -1313,7 +1313,7 @@ static int fchroot(int fd)
>  	 * it using fchdir()
>  	 */
>  
> -	if (fchdir(fd) < 0) {
> +	if (fchdir(fd) < 0 && !(opts.anonymize)) {
>  		pr_perror("Can't chdir to proc");
>  		return -1;
>  	}
> @@ -1356,7 +1356,7 @@ int restore_fs(struct pstree_item *me)
>  	}
>  
>  	ret = fchdir(dd_cwd);
> -	if (ret < 0) {
> +	if (ret < 0 && !(opts.anonymize)) {
>  		pr_perror("Can't change cwd");
>  		goto out;
>  	}
> diff --git a/criu/include/cr_options.h b/criu/include/cr_options.h
> index c519c740..75539625 100644
> --- a/criu/include/cr_options.h
> +++ b/criu/include/cr_options.h
> @@ -111,6 +111,7 @@ struct cr_options {
>  	int			enable_external_masters;
>  	bool			aufs;		/* auto-detected, not via cli */
>  	bool			overlayfs;
> +	bool                    anonymize;
>  #ifdef CONFIG_BINFMT_MISC_VIRTUALIZED
>  	bool			has_binfmt_misc; /* auto-detected */
>  #endif
> diff --git a/criu/include/restorer.h b/criu/include/restorer.h
> index b93807f5..203b1153 100644
> --- a/criu/include/restorer.h
> +++ b/criu/include/restorer.h
> @@ -136,6 +136,7 @@ struct task_restore_args {
>  
>  	int				uffd;
>  	bool				has_thp_enabled;
> +	bool                            anonymize;
>  
>  	/* threads restoration */
>  	int				nr_threads;		/* number of threads */
> diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
> index 390c0e1a..87c8ed4a 100644
> --- a/criu/pie/restorer.c
> +++ b/criu/pie/restorer.c
> @@ -1719,12 +1719,12 @@ long __export_restore_task(struct task_restore_args *args)
>  		 */
>  		ret |= restore_self_exe_late(args);
>  	} else {
> -		if (ret)
> +		if (ret && !(args->anonymize))
>  			pr_err("sys_prctl(PR_SET_MM, PR_SET_MM_MAP) failed with %d\n", (int)ret);
>  		sys_close(args->fd_exe_link);
>  	}
>  
> -	if (ret)
> +	if (ret && !(args->anonymize))
>  		goto core_restore_end;
>  
>  	/* SELinux (1) process context needs to be set before creating threads. */
> -- 
> 2.17.1
> 
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu

More information about the CRIU mailing list