[CRIU] [PATCH 3/3] criu: Restore anonymized images(file paths)

Fri Sep 20 11:15:13 MSK 2019

This commit restores anonymized images containing their file paths
maximized.

This commit introduces the following:
  - anon option for the restore action.

This commit modifies the following:
  - pretend anonymized files in question are opened.

Resolve Issue #360.

Signed-off-by: Harshavardhan Unnibhavi <hvubfoss at gmail.com>
---
 criu/config.c             |  5 +++++
 criu/cr-restore.c         |  5 +++++
 criu/files-reg.c          | 12 ++++++++++--
 criu/files.c              |  4 ++--
 criu/include/cr_options.h |  1 +
 criu/include/restorer.h   |  1 +
 criu/pie/restorer.c       |  4 ++--
 7 files changed, 26 insertions(+), 6 deletions(-)

diff --git a/criu/config.c b/criu/config.c
index c9332203..7881f70d 100644
--- a/criu/config.c
+++ b/criu/config.c
@@ -276,6 +276,7 @@ void init_opts(void)
 	opts.empty_ns = 0;
 	opts.status_fd = -1;
 	opts.log_level = DEFAULT_LOGLEVEL;
+	opts.anonymize = false;
 }
 
 bool deprecated_ok(char *what)
@@ -455,6 +456,7 @@ int parse_options(int argc, char **argv, bool *usage_error,
 		{ "root",			required_argument,	0, 'r'	},
 		{ USK_EXT_PARAM,		optional_argument,	0, 'x'	},
 		{ "help",			no_argument,		0, 'h'	},
+		{ "anon",                       no_argument,            0, 'a'  },
 		BOOL_OPT(SK_EST_PARAM, &opts.tcp_established_ok),
 		{ "close",			required_argument,	0, 1043	},
 		BOOL_OPT("log-pid", &opts.log_file_per_pid),
@@ -575,6 +577,9 @@ int parse_options(int argc, char **argv, bool *usage_error,
 			continue;
 
 		switch (opt) {
+		case 'a':
+			opts.anonymize = true;
+			break;
 		case 's':
 			opts.final_state = TASK_STOPPED;
 			break;
diff --git a/criu/cr-restore.c b/criu/cr-restore.c
index de0b2cb4..05896ab0 100644
--- a/criu/cr-restore.c
+++ b/criu/cr-restore.c
@@ -882,6 +882,9 @@ static int restore_one_alive_task(int pid, CoreEntry *core)
 
 	memzero(ta, args_len);
 
+	if(opts.anonymize)
+		ta->anonymize = true;
+
 	if (prepare_fds(current))
 		return -1;
 
@@ -2268,6 +2271,8 @@ skip_ns_bouncing:
 		goto out_kill;
 
 	pr_info("Restore finished successfully. Resuming tasks.\n");
+	if(opts.anonymize)
+		return 0;
 	__restore_switch_stage(CR_STATE_COMPLETE);
 
 	if (ret == 0)
diff --git a/criu/files-reg.c b/criu/files-reg.c
index 1b51d108..a3a2396d 100644
--- a/criu/files-reg.c
+++ b/criu/files-reg.c
@@ -1745,14 +1745,14 @@ ext:
 			return -1;
 		}
 
-		if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size)) {
+		if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size) && (!opts.anonymize)) {
 			pr_err("File %s has bad size %"PRIu64" (expect %"PRIu64")\n",
 					rfi->path, st.st_size,
 					rfi->rfe->size);
 			return -1;
 		}
 
-		if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode)) {
+		if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode) && (!opts.anonymize)) {
 			pr_err("File %s has bad mode 0%o (expect 0%o)\n",
 			       rfi->path, (int)st.st_mode,
 			       rfi->rfe->mode);
@@ -1793,6 +1793,14 @@ int do_open_reg_noseek_flags(int ns_root_fd, struct reg_file_info *rfi, void *ar
 	flags &= ~O_TMPFILE;
 
 	fd = openat(ns_root_fd, rfi->path, flags);
+	if(opts.anonymize){
+		fd = openat(ns_root_fd, "/dev/zero", flags);
+		if(fd < 0){
+			pr_perror("Unable to create a fake file descriptor");
+			return fd;
+		}
+		pr_info("Restoring anonymized file paths.\n");
+	}
 	if (fd < 0) {
 		pr_perror("Can't open file %s on restore", rfi->path);
 		return fd;
diff --git a/criu/files.c b/criu/files.c
index ffdaa459..a7e76247 100644
--- a/criu/files.c
+++ b/criu/files.c
@@ -1313,7 +1313,7 @@ static int fchroot(int fd)
 	 * it using fchdir()
 	 */
 
-	if (fchdir(fd) < 0) {
+	if (fchdir(fd) < 0 && !(opts.anonymize)) {
 		pr_perror("Can't chdir to proc");
 		return -1;
 	}
@@ -1356,7 +1356,7 @@ int restore_fs(struct pstree_item *me)
 	}
 
 	ret = fchdir(dd_cwd);
-	if (ret < 0) {
+	if (ret < 0 && !(opts.anonymize)) {
 		pr_perror("Can't change cwd");
 		goto out;
 	}
diff --git a/criu/include/cr_options.h b/criu/include/cr_options.h
index 5cbc56f9..516624a3 100644
--- a/criu/include/cr_options.h
+++ b/criu/include/cr_options.h
@@ -112,6 +112,7 @@ struct cr_options {
 	int			enable_external_masters;
 	bool			aufs;		/* auto-detected, not via cli */
 	bool			overlayfs;
+	bool                    anonymize;
 #ifdef CONFIG_BINFMT_MISC_VIRTUALIZED
 	bool			has_binfmt_misc; /* auto-detected */
 #endif
diff --git a/criu/include/restorer.h b/criu/include/restorer.h
index b93807f5..203b1153 100644
--- a/criu/include/restorer.h
+++ b/criu/include/restorer.h
@@ -136,6 +136,7 @@ struct task_restore_args {
 
 	int				uffd;
 	bool				has_thp_enabled;
+	bool                            anonymize;
 
 	/* threads restoration */
 	int				nr_threads;		/* number of threads */
diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
index 390c0e1a..87c8ed4a 100644
--- a/criu/pie/restorer.c
+++ b/criu/pie/restorer.c
@@ -1719,12 +1719,12 @@ long __export_restore_task(struct task_restore_args *args)
 		 */
 		ret |= restore_self_exe_late(args);
 	} else {
-		if (ret)
+		if (ret && !(args->anonymize))
 			pr_err("sys_prctl(PR_SET_MM, PR_SET_MM_MAP) failed with %d\n", (int)ret);
 		sys_close(args->fd_exe_link);
 	}
 
-	if (ret)
+	if (ret && !(args->anonymize))
 		goto core_restore_end;
 
 	/* SELinux (1) process context needs to be set before creating threads. */
-- 
2.17.1

