Allow passing ps-socket file descriptor when launching criu.

Submitted by Paweł Stradomski on June 13, 2018, 10:27 a.m.

Details

Message ID 6475428.se598i2pD0@anselm.c.googlers.com
State Accepted
Series "Allow passing ps-socket file descriptor when launching criu."
Headers show

Commit Message

Paweł Stradomski June 13, 2018, 10:27 a.m.
Allow passing ps-socket file descriptor when launching criu.

This makes it possible to have the pageserver communication go over anonymous
unix sockets, e.g. created by socketpair().

Such setup makes it easier to secure pageserver connection by wrapping
it in an encrypted tunnel. It also helps prevent attacks where
a malicious process connects to page server and injects its own
stream of pages to either fool criu into restoring wrong pages or
to DoS the pageserver by having it exhaust local storage by writing
large .img files.

Signed-off-by: Pawel Stradomski <pstradomski@google.com>
---
 criu/crtools.c | 4 ++++
 1 file changed, 4 insertions(+)

Patch hide | download patch | download mbox

diff --git a/criu/crtools.c b/criu/crtools.c
index 4ff7a9f2..cd049fbc 100644
--- a/criu/crtools.c
+++ b/criu/crtools.c
@@ -351,6 +351,7 @@  int main(int argc, char *argv[], char *envp[])
 		BOOL_OPT("remote", &opts.remote),
 		{ "config",			required_argument,	0, 1089},
 		{ "no-default-config",		no_argument,		0, 1090},
+		{ "ps-socket",			required_argument,	0, 1091},
 		{ },
 	};
 
@@ -679,6 +680,9 @@  int main(int argc, char *argv[], char *envp[])
 			break;
 		case 1090:
 			break;
+		case 1091:
+			opts.ps_socket = atoi(optarg);
+			break;
 		case 'V':
 			pr_msg("Version: %s\n", CRIU_VERSION);
 			if (strcmp(CRIU_GITID, "0"))

Comments

Andrey Vagin June 21, 2018, 8:51 p.m.
On Wed, Jun 13, 2018 at 12:27:37PM +0200, Pawel Stradomski wrote:
> Allow passing ps-socket file descriptor when launching criu.
> 
> This makes it possible to have the pageserver communication go over anonymous
> unix sockets, e.g. created by socketpair().
> 
> Such setup makes it easier to secure pageserver connection by wrapping
> it in an encrypted tunnel. It also helps prevent attacks where
> a malicious process connects to page server and injects its own
> stream of pages to either fool criu into restoring wrong pages or
> to DoS the pageserver by having it exhaust local storage by writing
> large .img files.


Hello Pawel,

Thank you for the patch. Can you add a decription for this option into
Documentation/criu.txt and the usage message (criu/crtools.c).

Thanks,
Andrei

> 
> Signed-off-by: Pawel Stradomski <pstradomski@google.com>
> ---
>  criu/crtools.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/criu/crtools.c b/criu/crtools.c
> index 4ff7a9f2..cd049fbc 100644
> --- a/criu/crtools.c
> +++ b/criu/crtools.c
> @@ -351,6 +351,7 @@ int main(int argc, char *argv[], char *envp[])
>  		BOOL_OPT("remote", &opts.remote),
>  		{ "config",			required_argument,	0, 1089},
>  		{ "no-default-config",		no_argument,		0, 1090},
> +		{ "ps-socket",			required_argument,	0, 1091},
>  		{ },
>  	};
>  
> @@ -679,6 +680,9 @@ int main(int argc, char *argv[], char *envp[])
>  			break;
>  		case 1090:
>  			break;
> +		case 1091:
> +			opts.ps_socket = atoi(optarg);
> +			break;
>  		case 'V':
>  			pr_msg("Version: %s\n", CRIU_VERSION);
>  			if (strcmp(CRIU_GITID, "0"))
> -- 
> 2.18.0.rc1.242.g61856ae69a-goog
> 
> 
> -- 
> Pawel Stradomski
> _______________________________________________
> CRIU mailing list
> CRIU@openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
Paweł Stradomski June 28, 2018, 2:26 p.m.
Done - two more patches sent to this list
czw., 21 cze 2018 o 22:52 Andrei Vagin <avagin@virtuozzo.com> napisał(a):
>
> On Wed, Jun 13, 2018 at 12:27:37PM +0200, Pawel Stradomski wrote:
> > Allow passing ps-socket file descriptor when launching criu.
> >
> > This makes it possible to have the pageserver communication go over anonymous
> > unix sockets, e.g. created by socketpair().
> >
> > Such setup makes it easier to secure pageserver connection by wrapping
> > it in an encrypted tunnel. It also helps prevent attacks where
> > a malicious process connects to page server and injects its own
> > stream of pages to either fool criu into restoring wrong pages or
> > to DoS the pageserver by having it exhaust local storage by writing
> > large .img files.
>
>
> Hello Pawel,
>
> Thank you for the patch. Can you add a decription for this option into
> Documentation/criu.txt and the usage message (criu/crtools.c).
>
> Thanks,
> Andrei
>
> >
> > Signed-off-by: Pawel Stradomski <pstradomski@google.com>
> > ---
> >  criu/crtools.c | 4 ++++
> >  1 file changed, 4 insertions(+)
> >
> > diff --git a/criu/crtools.c b/criu/crtools.c
> > index 4ff7a9f2..cd049fbc 100644
> > --- a/criu/crtools.c
> > +++ b/criu/crtools.c
> > @@ -351,6 +351,7 @@ int main(int argc, char *argv[], char *envp[])
> >               BOOL_OPT("remote", &opts.remote),
> >               { "config",                     required_argument,      0, 1089},
> >               { "no-default-config",          no_argument,            0, 1090},
> > +             { "ps-socket",                  required_argument,      0, 1091},
> >               { },
> >       };
> >
> > @@ -679,6 +680,9 @@ int main(int argc, char *argv[], char *envp[])
> >                       break;
> >               case 1090:
> >                       break;
> > +             case 1091:
> > +                     opts.ps_socket = atoi(optarg);
> > +                     break;
> >               case 'V':
> >                       pr_msg("Version: %s\n", CRIU_VERSION);
> >                       if (strcmp(CRIU_GITID, "0"))
> > --
> > 2.18.0.rc1.242.g61856ae69a-goog
> >
> >
> > --
> > Pawel Stradomski
> > _______________________________________________
> > CRIU mailing list
> > CRIU@openvz.org
> > https://lists.openvz.org/mailman/listinfo/criu



--
Paweł Stradomski
Andrey Vagin June 28, 2018, 9:58 p.m.
Applied, thanks a lot

On Thu, Jun 28, 2018 at 04:26:09PM +0200, Paweł Stradomski wrote:
> Done - two more patches sent to this list
> czw., 21 cze 2018 o 22:52 Andrei Vagin <avagin@virtuozzo.com> napisał(a):
> >
> > On Wed, Jun 13, 2018 at 12:27:37PM +0200, Pawel Stradomski wrote:
> > > Allow passing ps-socket file descriptor when launching criu.
> > >
> > > This makes it possible to have the pageserver communication go over anonymous
> > > unix sockets, e.g. created by socketpair().
> > >
> > > Such setup makes it easier to secure pageserver connection by wrapping
> > > it in an encrypted tunnel. It also helps prevent attacks where
> > > a malicious process connects to page server and injects its own
> > > stream of pages to either fool criu into restoring wrong pages or
> > > to DoS the pageserver by having it exhaust local storage by writing
> > > large .img files.
> >
> >
> > Hello Pawel,
> >
> > Thank you for the patch. Can you add a decription for this option into
> > Documentation/criu.txt and the usage message (criu/crtools.c).
> >
> > Thanks,
> > Andrei
> >
> > >
> > > Signed-off-by: Pawel Stradomski <pstradomski@google.com>
> > > ---
> > >  criu/crtools.c | 4 ++++
> > >  1 file changed, 4 insertions(+)
> > >
> > > diff --git a/criu/crtools.c b/criu/crtools.c
> > > index 4ff7a9f2..cd049fbc 100644
> > > --- a/criu/crtools.c
> > > +++ b/criu/crtools.c
> > > @@ -351,6 +351,7 @@ int main(int argc, char *argv[], char *envp[])
> > >               BOOL_OPT("remote", &opts.remote),
> > >               { "config",                     required_argument,      0, 1089},
> > >               { "no-default-config",          no_argument,            0, 1090},
> > > +             { "ps-socket",                  required_argument,      0, 1091},
> > >               { },
> > >       };
> > >
> > > @@ -679,6 +680,9 @@ int main(int argc, char *argv[], char *envp[])
> > >                       break;
> > >               case 1090:
> > >                       break;
> > > +             case 1091:
> > > +                     opts.ps_socket = atoi(optarg);
> > > +                     break;
> > >               case 'V':
> > >                       pr_msg("Version: %s\n", CRIU_VERSION);
> > >                       if (strcmp(CRIU_GITID, "0"))
> > > --
> > > 2.18.0.rc1.242.g61856ae69a-goog
> > >
> > >
> > > --
> > > Pawel Stradomski
> > > _______________________________________________
> > > CRIU mailing list
> > > CRIU@openvz.org
> > > https://lists.openvz.org/mailman/listinfo/criu
> 
> 
> 
> --
> Paweł Stradomski