[PATCH 08/14] Add helper for running code in separate namespaces

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Implement virProcessRunInMountNamespace, which runs callback of type
virProcessNamespaceCallback in a container namespace. This uses a
child process to run the callback, since you can't change the mount
namespace of a thread. This implies that callbacks have to be careful
about what code they run due to async safety rules.

Idea by Dan Berrange, based on an initial report by Reco
<recoverym4n@xxxxxxxxx> at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732394

Signed-off-by: Daniel Berrange <berrange@xxxxxxxxxx>
---
 src/libvirt_private.syms |   1 +
 src/util/virprocess.c    | 114 +++++++++++++++++++++++++++++++++++++++++++++++
 src/util/virprocess.h    |  11 +++++
 3 files changed, 126 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5554a30..3066506 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1670,6 +1670,7 @@ virProcessGetNamespaces;
 virProcessGetStartTime;
 virProcessKill;
 virProcessKillPainfully;
+virProcessRunInMountNamespace;
 virProcessSetAffinity;
 virProcessSetMaxFiles;
 virProcessSetMaxMemLock;
diff --git a/src/util/virprocess.c b/src/util/virprocess.c
index 83d0679..a0cbfbf 100644
--- a/src/util/virprocess.c
+++ b/src/util/virprocess.c
@@ -50,6 +50,8 @@
 #include "virlog.h"
 #include "virutil.h"
 #include "virstring.h"
+#include "virthread.h"
+#include "vircommand.h"
 
 #define VIR_FROM_THIS VIR_FROM_NONE
 
@@ -877,3 +879,115 @@ int virProcessGetStartTime(pid_t pid,
     return 0;
 }
 #endif
+
+
+#ifdef HAVE_SETNS
+static int virProcessNamespaceHelper(int errfd,
+                                     pid_t pid,
+                                     virProcessNamespaceCallback cb,
+                                     void *opaque)
+{
+    char *path;
+    int fd = -1;
+    int ret = -1;
+
+    if (virAsprintf(&path, "/proc/%llu/ns/mnt", (unsigned long long)pid) < 0)
+        goto cleanup;
+
+    if ((fd = open(path, O_RDONLY)) < 0) {
+        virReportSystemError(errno, "%s",
+                             _("Kernel does not provide mount namespace"));
+        goto cleanup;
+    }
+
+    if (setns(fd, 0) < 0) {
+        virReportSystemError(errno, "%s",
+                             _("Unable to enter mount namespace"));
+        goto cleanup;
+    }
+
+    ret = cb(pid, opaque);
+
+ cleanup:
+    if (ret < 0) {
+        virErrorPtr err = virGetLastError();
+        if (err) {
+            size_t len = strlen(err->message) + 1;
+            ignore_value(safewrite(errfd, err->message, len));
+        }
+    }
+    VIR_FREE(path);
+    VIR_FORCE_CLOSE(fd);
+    return ret;
+}
+
+/* Run cb(opaque) in the mount namespace of pid.  Return -1 with error
+ * message raised if we fail to run the child, if the child dies from
+ * a signal, or if the child has status EXIT_CANCELED; otherwise
+ * return the exit status of the child. The callback will be run in a
+ * child process so must be careful to only use async signal safe
+ * functions.
+ */
+int
+virProcessRunInMountNamespace(pid_t pid,
+                              virProcessNamespaceCallback cb,
+                              void *opaque)
+{
+    int ret = -1;
+    pid_t child = -1;
+    int errfd[2] = { -1, -1 };
+
+    if (pipe(errfd) < 0) {
+        virReportSystemError(errno, "%s",
+                             _("Cannot create pipe for child"));
+        return -1;
+    }
+
+    ret = virFork(&child);
+
+    if (ret < 0 || child < 0) {
+        if (child == 0)
+            _exit(1);
+        else if (child > 0)
+            virProcessAbort(child);
+        goto cleanup;
+    }
+
+    if (child == 0) {
+        VIR_FORCE_CLOSE(errfd[0]);
+        ret = virProcessNamespaceHelper(errfd[1], pid,
+                                        cb, opaque);
+        VIR_FORCE_CLOSE(errfd[1]);
+        _exit(ret < 0 ? 1 : 0);
+    } else {
+        int status;
+        char *buf = NULL;
+        VIR_FORCE_CLOSE(errfd[1]);
+
+        ignore_value(virFileReadHeaderFD(errfd[0], 1024, &buf));
+        if (virProcessWait(child, &status) < 0)
+            ret = -1;
+        else
+            ret = status == 0 ? 0 : -1;
+        if (ret < 0)
+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                           buf ? buf : _("Failed to run callback in mount namespace"));
+        VIR_FREE(buf);
+    }
+
+cleanup:
+    VIR_FORCE_CLOSE(errfd[0]);
+    VIR_FORCE_CLOSE(errfd[1]);
+    return ret;
+}
+#else /* !HAVE_SETNS */
+int
+virProcessRunInMountNamespace(pid_t pid ATTRIBUTE_UNUSED,
+                              virProcessNamespaceCallback cb ATTRIBUTE_UNUSED,
+                              void *opaque ATTRIBUTE_UNUSED)
+{
+    virReportSystemError(ENOSYS, "%s",
+                         _("Mount namespaces are not available on this platform"));
+    return -1;
+}
+#endif
diff --git a/src/util/virprocess.h b/src/util/virprocess.h
index 9f77bc5..75c7d1b 100644
--- a/src/util/virprocess.h
+++ b/src/util/virprocess.h
@@ -60,4 +60,15 @@ int virProcessSetNamespaces(size_t nfdlist,
 int virProcessSetMaxMemLock(pid_t pid, unsigned long long bytes);
 int virProcessSetMaxProcesses(pid_t pid, unsigned int procs);
 int virProcessSetMaxFiles(pid_t pid, unsigned int files);
+
+/* Callback to run code within the mount namespace tied to the given
+ * pid.  This function must use only async-signal-safe functions, as
+ * it gets run after a fork of a multi-threaded process.  The return
+ * value of this function is passed to _exit(), except that a
+ * negative value is treated as EXIT_CANCELED.  */
+typedef int (*virProcessNamespaceCallback)(pid_t pid, void *opaque);
+
+int virProcessRunInMountNamespace(pid_t pid,
+                                  virProcessNamespaceCallback cb,
+                                  void *opaque);
 #endif /* __VIR_PROCESS_H__ */
-- 
1.8.5.3

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]