[1/3] cr-service: open FDs passed via inherit_fd option also in RPC mode

Submitted by Adrian Reber on July 23, 2018, 7:13 p.m.

Details

Message ID 20180723191333.17862-2-adrian@lisas.de
State Rejected
Series "Series without cover letter"
Headers show

Commit Message

Adrian Reber July 23, 2018, 7:13 p.m.
From: Adrian Reber <areber@redhat.com>

Signed-off-by: Adrian Reber <areber@redhat.com>
---
 criu/cr-service.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/criu/cr-service.c b/criu/cr-service.c
index 3a07d5b76..14fb45635 100644
--- a/criu/cr-service.c
+++ b/criu/cr-service.c
@@ -242,6 +242,8 @@  static int setup_opts_from_req(int sk, CriuOpts *req)
 	char images_dir_path[PATH_MAX];
 	char work_dir_path[PATH_MAX];
 	char status_fd[PATH_MAX];
+	char inherit_fd[PATH_MAX];
+	int fd;
 	int i;
 
 	if (getsockopt(sk, SOL_SOCKET, SO_PEERCRED, &ids, &ids_len)) {
@@ -415,7 +417,11 @@  static int setup_opts_from_req(int sk, CriuOpts *req)
 		goto err;
 	}
 	for (i = 0; i < req->n_inherit_fd; i++) {
-		if (inherit_fd_add(req->inherit_fd[i]->fd, req->inherit_fd[i]->key))
+		sprintf(inherit_fd, "/proc/%d/fd/%d", ids.pid, req->inherit_fd[i]->fd);
+		fd = open(inherit_fd, O_RDWR);
+		if (fd < 0)
+			goto err;
+		if (inherit_fd_add(fd, req->inherit_fd[i]->key))
 			goto err;
 	}
 

Comments

Andrey Vagin July 25, 2018, 12:30 a.m.
On Mon, Jul 23, 2018 at 07:13:31PM +0000, Adrian Reber wrote:
> From: Adrian Reber <areber@redhat.com>
> 
> Signed-off-by: Adrian Reber <areber@redhat.com>
> ---
>  criu/cr-service.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
> 
> diff --git a/criu/cr-service.c b/criu/cr-service.c
> index 3a07d5b76..14fb45635 100644
> --- a/criu/cr-service.c
> +++ b/criu/cr-service.c
> @@ -242,6 +242,8 @@ static int setup_opts_from_req(int sk, CriuOpts *req)
>  	char images_dir_path[PATH_MAX];
>  	char work_dir_path[PATH_MAX];
>  	char status_fd[PATH_MAX];
> +	char inherit_fd[PATH_MAX];
> +	int fd;
>  	int i;
>  
>  	if (getsockopt(sk, SOL_SOCKET, SO_PEERCRED, &ids, &ids_len)) {
> @@ -415,7 +417,11 @@ static int setup_opts_from_req(int sk, CriuOpts *req)
>  		goto err;
>  	}
>  	for (i = 0; i < req->n_inherit_fd; i++) {
> -		if (inherit_fd_add(req->inherit_fd[i]->fd, req->inherit_fd[i]->key))
> +		sprintf(inherit_fd, "/proc/%d/fd/%d", ids.pid, req->inherit_fd[i]->fd);
> +		fd = open(inherit_fd, O_RDWR);

This will not work for sockets, read-only or write-only files, etc.

In case of rpc, inherited file descriptors have to be sent via a service
socket.

> +		if (fd < 0)
> +			goto err;
> +		if (inherit_fd_add(fd, req->inherit_fd[i]->key))
>  			goto err;
>  	}
>  
> -- 
> 2.18.0
>
Adrian Reber July 25, 2018, 5:29 a.m.
On Tue, Jul 24, 2018 at 05:30:32PM -0700, Andrei Vagin wrote:
> On Mon, Jul 23, 2018 at 07:13:31PM +0000, Adrian Reber wrote:
> > From: Adrian Reber <areber@redhat.com>
> > 
> > Signed-off-by: Adrian Reber <areber@redhat.com>
> > ---
> >  criu/cr-service.c | 8 +++++++-
> >  1 file changed, 7 insertions(+), 1 deletion(-)
> > 
> > diff --git a/criu/cr-service.c b/criu/cr-service.c
> > index 3a07d5b76..14fb45635 100644
> > --- a/criu/cr-service.c
> > +++ b/criu/cr-service.c
> > @@ -242,6 +242,8 @@ static int setup_opts_from_req(int sk, CriuOpts *req)
> >  	char images_dir_path[PATH_MAX];
> >  	char work_dir_path[PATH_MAX];
> >  	char status_fd[PATH_MAX];
> > +	char inherit_fd[PATH_MAX];
> > +	int fd;
> >  	int i;
> >  
> >  	if (getsockopt(sk, SOL_SOCKET, SO_PEERCRED, &ids, &ids_len)) {
> > @@ -415,7 +417,11 @@ static int setup_opts_from_req(int sk, CriuOpts *req)
> >  		goto err;
> >  	}
> >  	for (i = 0; i < req->n_inherit_fd; i++) {
> > -		if (inherit_fd_add(req->inherit_fd[i]->fd, req->inherit_fd[i]->key))
> > +		sprintf(inherit_fd, "/proc/%d/fd/%d", ids.pid, req->inherit_fd[i]->fd);
> > +		fd = open(inherit_fd, O_RDWR);
> 
> This will not work for sockets, read-only or write-only files, etc.
> 
> In case of rpc, inherited file descriptors have to be sent via a service
> socket.

What is a service socket? Are there already any examples?

		Adrian