[CRIU] [PATCH 3/3] criu: Restore anonymized images(file paths)
Harshavardhan Unnibhavi
hvubfoss at gmail.com
Mon Sep 23 13:30:07 MSK 2019
On Mon, Sep 23, 2019 at 3:39 PM Pavel Emelianov <xemul at virtuozzo.com> wrote:
>
>
> On 20.09.2019 11:15, Harshavardhan Unnibhavi wrote:
> > This commit restores anonymized images containing their file paths
> > maximized.
> >
> > This commit introduces the following:
> > - anon option for the restore action.
> >
> > This commit modifies the following:
> > - pretend anonymized files in question are opened.
> >
> > Resolve Issue #360.
> >
> > Signed-off-by: Harshavardhan Unnibhavi <hvubfoss at gmail.com>
> > ---
> > criu/config.c | 5 +++++
> > criu/cr-restore.c | 5 +++++
> > criu/files-reg.c | 12 ++++++++++--
> > criu/files.c | 4 ++--
> > criu/include/cr_options.h | 1 +
> > criu/include/restorer.h | 1 +
> > criu/pie/restorer.c | 4 ++--
> > 7 files changed, 26 insertions(+), 6 deletions(-)
> >
> > diff --git a/criu/config.c b/criu/config.c
> > index c9332203..7881f70d 100644
> > --- a/criu/config.c
> > +++ b/criu/config.c
> > @@ -276,6 +276,7 @@ void init_opts(void)
> > opts.empty_ns = 0;
> > opts.status_fd = -1;
> > opts.log_level = DEFAULT_LOGLEVEL;
> > + opts.anonymize = false;
> > }
> >
> > bool deprecated_ok(char *what)
> > @@ -455,6 +456,7 @@ int parse_options(int argc, char **argv, bool
> *usage_error,
> > { "root", required_argument, 0,
> 'r' },
> > { USK_EXT_PARAM, optional_argument, 0,
> 'x' },
> > { "help", no_argument, 0,
> 'h' },
> > + { "anon", no_argument, 0,
> 'a' },
> > BOOL_OPT(SK_EST_PARAM, &opts.tcp_established_ok),
> > { "close", required_argument, 0,
> 1043 },
> > BOOL_OPT("log-pid", &opts.log_file_per_pid),
> > @@ -575,6 +577,9 @@ int parse_options(int argc, char **argv, bool
> *usage_error,
> > continue;
> >
> > switch (opt) {
> > + case 'a':
> > + opts.anonymize = true;
> > + break;
> > case 's':
> > opts.final_state = TASK_STOPPED;
> > break;
> > diff --git a/criu/cr-restore.c b/criu/cr-restore.c
> > index de0b2cb4..05896ab0 100644
> > --- a/criu/cr-restore.c
> > +++ b/criu/cr-restore.c
> > @@ -882,6 +882,9 @@ static int restore_one_alive_task(int pid, CoreEntry
> *core)
> >
> > memzero(ta, args_len);
> >
> > + if(opts.anonymize)
> > + ta->anonymize = true;
> > +
> > if (prepare_fds(current))
> > return -1;
> >
> > @@ -2268,6 +2271,8 @@ skip_ns_bouncing:
> > goto out_kill;
> >
> > pr_info("Restore finished successfully. Resuming tasks.\n");
> > + if(opts.anonymize)
> > + return 0;
>
> Presumably you should abort the stage so that "restored" tasks die?
>
How would I do this? Using sigreturn( rst_sigreturn(new_sp, rt_sigframe) )
or a sys_exit()?
Also, a message about "aborting restore due to --anon given" is also needed.
>
Sure.
>
> > __restore_switch_stage(CR_STATE_COMPLETE);
> >
> > if (ret == 0)
> > diff --git a/criu/files-reg.c b/criu/files-reg.c
> > index 1b51d108..a3a2396d 100644
> > --- a/criu/files-reg.c
> > +++ b/criu/files-reg.c
> > @@ -1745,14 +1745,14 @@ ext:
> > return -1;
> > }
> >
> > - if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size)) {
> > + if (rfi->rfe->has_size && (st.st_size != rfi->rfe->size)
> && (!opts.anonymize)) {
> > pr_err("File %s has bad size %"PRIu64" (expect
> %"PRIu64")\n",
> > rfi->path, st.st_size,
> > rfi->rfe->size);
> > return -1;
> > }
> >
> > - if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode)) {
> > + if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode)
> && (!opts.anonymize)) {
> > pr_err("File %s has bad mode 0%o (expect 0%o)\n",
> > rfi->path, (int)st.st_mode,
> > rfi->rfe->mode);
>
> The whole block with stat()-ing and size/mode checking can be skipped if
> opts.anonymize.
>
> > @@ -1793,6 +1793,14 @@ int do_open_reg_noseek_flags(int ns_root_fd,
> struct reg_file_info *rfi, void *ar
> > flags &= ~O_TMPFILE;
> >
> > fd = openat(ns_root_fd, rfi->path, flags);
> > + if(opts.anonymize){
>
> Plz, check the patch with checkpatch.pl for coding style.
>
> > + fd = openat(ns_root_fd, "/dev/zero", flags);
>
> Erm... The original fd has been opened, hasn't it? I think it's better to
> fix
> the do_open_reg_noseek() to open /dev/zero in case of opts.anonymize, not
> this helper.
Yes this makes more sense, I will change it.
>
>
> + if(fd < 0){
> > + pr_perror("Unable to create a fake file
> descriptor");
> > + return fd;
> > + }
> > + pr_info("Restoring anonymized file paths.\n");
> > + }
> > if (fd < 0) {
> > pr_perror("Can't open file %s on restore", rfi->path);
> > return fd;
> > diff --git a/criu/files.c b/criu/files.c
> > index ffdaa459..a7e76247 100644
> > --- a/criu/files.c
> > +++ b/criu/files.c
> > @@ -1313,7 +1313,7 @@ static int fchroot(int fd)
> > * it using fchdir()
> > */
> >
> > - if (fchdir(fd) < 0) {
> > + if (fchdir(fd) < 0 && !(opts.anonymize)) {
> > pr_perror("Can't chdir to proc");
> > return -1;
> > }
> > @@ -1356,7 +1356,7 @@ int restore_fs(struct pstree_item *me)
> > }
> >
> > ret = fchdir(dd_cwd);
> > - if (ret < 0) {
> > + if (ret < 0 && !(opts.anonymize)) {
> > pr_perror("Can't change cwd");
> > goto out;
> > }
> > diff --git a/criu/include/cr_options.h b/criu/include/cr_options.h
> > index 5cbc56f9..516624a3 100644
> > --- a/criu/include/cr_options.h
> > +++ b/criu/include/cr_options.h
> > @@ -112,6 +112,7 @@ struct cr_options {
> > int enable_external_masters;
> > bool aufs; /* auto-detected, not via
> cli */
> > bool overlayfs;
> > + bool anonymize;
> > #ifdef CONFIG_BINFMT_MISC_VIRTUALIZED
> > bool has_binfmt_misc; /* auto-detected */
> > #endif
> > diff --git a/criu/include/restorer.h b/criu/include/restorer.h
> > index b93807f5..203b1153 100644
> > --- a/criu/include/restorer.h
> > +++ b/criu/include/restorer.h
> > @@ -136,6 +136,7 @@ struct task_restore_args {
> >
> > int uffd;
> > bool has_thp_enabled;
> > + bool anonymize;
> >
> > /* threads restoration */
> > int nr_threads; /* number
> of threads */
> > diff --git a/criu/pie/restorer.c b/criu/pie/restorer.c
> > index 390c0e1a..87c8ed4a 100644
> > --- a/criu/pie/restorer.c
> > +++ b/criu/pie/restorer.c
> > @@ -1719,12 +1719,12 @@ long __export_restore_task(struct
> task_restore_args *args)
> > */
> > ret |= restore_self_exe_late(args);
> > } else {
> > - if (ret)
> > + if (ret && !(args->anonymize))
> > pr_err("sys_prctl(PR_SET_MM, PR_SET_MM_MAP) failed
> with %d\n", (int)ret);
> > sys_close(args->fd_exe_link);
> > }
> >
> > - if (ret)
> > + if (ret && !(args->anonymize))
> > goto core_restore_end;
> >
> > /* SELinux (1) process context needs to be set before creating
> threads. */
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvz.org/pipermail/criu/attachments/20190923/a28b782e/attachment-0001.html>
More information about the CRIU
mailing list