Allow passing ps-socket file descriptor when launching criu.

Submitted by Pawel Stradomski on June 13, 2018, 10:27 a.m.

Details

Message ID 6475428.se598i2pD0@anselm.c.googlers.com
State New
Series "Allow passing ps-socket file descriptor when launching criu."
Headers show

Commit Message

Pawel Stradomski June 13, 2018, 10:27 a.m.
Allow passing ps-socket file descriptor when launching criu.

This makes it possible to have the pageserver communication go over anonymous
unix sockets, e.g. created by socketpair().

Such setup makes it easier to secure pageserver connection by wrapping
it in an encrypted tunnel. It also helps prevent attacks where
a malicious process connects to page server and injects its own
stream of pages to either fool criu into restoring wrong pages or
to DoS the pageserver by having it exhaust local storage by writing
large .img files.

Signed-off-by: Pawel Stradomski <pstradomski@google.com>
---
 criu/crtools.c | 4 ++++
 1 file changed, 4 insertions(+)

Patch hide | download patch | download mbox

diff --git a/criu/crtools.c b/criu/crtools.c
index 4ff7a9f2..cd049fbc 100644
--- a/criu/crtools.c
+++ b/criu/crtools.c
@@ -351,6 +351,7 @@  int main(int argc, char *argv[], char *envp[])
 		BOOL_OPT("remote", &opts.remote),
 		{ "config",			required_argument,	0, 1089},
 		{ "no-default-config",		no_argument,		0, 1090},
+		{ "ps-socket",			required_argument,	0, 1091},
 		{ },
 	};
 
@@ -679,6 +680,9 @@  int main(int argc, char *argv[], char *envp[])
 			break;
 		case 1090:
 			break;
+		case 1091:
+			opts.ps_socket = atoi(optarg);
+			break;
 		case 'V':
 			pr_msg("Version: %s\n", CRIU_VERSION);
 			if (strcmp(CRIU_GITID, "0"))

Comments

Andrey Vagin June 21, 2018, 8:51 p.m.
On Wed, Jun 13, 2018 at 12:27:37PM +0200, Pawel Stradomski wrote:
> Allow passing ps-socket file descriptor when launching criu.
> 
> This makes it possible to have the pageserver communication go over anonymous
> unix sockets, e.g. created by socketpair().
> 
> Such setup makes it easier to secure pageserver connection by wrapping
> it in an encrypted tunnel. It also helps prevent attacks where
> a malicious process connects to page server and injects its own
> stream of pages to either fool criu into restoring wrong pages or
> to DoS the pageserver by having it exhaust local storage by writing
> large .img files.


Hello Pawel,

Thank you for the patch. Can you add a decription for this option into
Documentation/criu.txt and the usage message (criu/crtools.c).

Thanks,
Andrei

> 
> Signed-off-by: Pawel Stradomski <pstradomski@google.com>
> ---
>  criu/crtools.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/criu/crtools.c b/criu/crtools.c
> index 4ff7a9f2..cd049fbc 100644
> --- a/criu/crtools.c
> +++ b/criu/crtools.c
> @@ -351,6 +351,7 @@ int main(int argc, char *argv[], char *envp[])
>  		BOOL_OPT("remote", &opts.remote),
>  		{ "config",			required_argument,	0, 1089},
>  		{ "no-default-config",		no_argument,		0, 1090},
> +		{ "ps-socket",			required_argument,	0, 1091},
>  		{ },
>  	};
>  
> @@ -679,6 +680,9 @@ int main(int argc, char *argv[], char *envp[])
>  			break;
>  		case 1090:
>  			break;
> +		case 1091:
> +			opts.ps_socket = atoi(optarg);
> +			break;
>  		case 'V':
>  			pr_msg("Version: %s\n", CRIU_VERSION);
>  			if (strcmp(CRIU_GITID, "0"))
> -- 
> 2.18.0.rc1.242.g61856ae69a-goog
> 
> 
> -- 
> Pawel Stradomski
> _______________________________________________
> CRIU mailing list
> CRIU@openvz.org
> https://lists.openvz.org/mailman/listinfo/criu