0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2025-01-15 13:31:54 +00:00

Flock: Hypervisor has a control socket (not doing anything yet tho)

This commit is contained in:
Maria Matejka 2024-09-04 21:33:43 +02:00
parent f48798d0c3
commit 1310e0160e
3 changed files with 82 additions and 12 deletions

View File

@ -99,16 +99,33 @@ main(int argc, char **argv, char **argh UNUSED)
log_switch(1, NULL, NULL); log_switch(1, NULL, NULL);
/* Find the original UID/GIDs */
uid_t euid = geteuid(), egid = getegid();
/* Parse args */ /* Parse args */
flock_config.exec_name = argv[0] ?: "flock-sim"; flock_config.exec_name = argv[0] ?: "flock-sim";
int opt; int opt;
while ((opt = getopt(argc, argv, "")) != -1) while ((opt = getopt(argc, argv, "ls:")) != -1)
{ {
/* TODO: add some options */ switch (opt)
usage(stderr); {
return 2; case 'l':
flock_config.control_socket_path = "flock-sim.ctl";
break;
case 's':
flock_config.control_socket_path = mb_strdup(&root_pool, optarg);
break;
default:
usage(stderr);
return 2;
}
} }
/* FIXME: have a default */
ASSERT_DIE(flock_config.control_socket_path);
/* Get hypervisor name */ /* Get hypervisor name */
if (optind != argc - 1) if (optind != argc - 1)
{ {
@ -127,11 +144,9 @@ main(int argc, char **argv, char **argh UNUSED)
#undef FROB #undef FROB
sigprocmask(SIG_BLOCK, &newmask, &oldmask); sigprocmask(SIG_BLOCK, &newmask, &oldmask);
/* Keep the original UID/GIDs */ /* First we need to create the PID + mount + user namespace to acquire capabilities,
uid_t euid = geteuid(), egid = getegid(); * and also time namespace for good measure */
SYSCALL(unshare, CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUSER | CLONE_NEWTIME);
/* First we need to create the PID + mount + user namespace to acquire capabilities */
SYSCALL(unshare, CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUSER);
/* Then we have to fork() to become PID 1 of the new PID namespace */ /* Then we have to fork() to become PID 1 of the new PID namespace */
pid_t init_pid = fork(); pid_t init_pid = fork();
@ -173,8 +188,11 @@ main(int argc, char **argv, char **argh UNUSED)
* let's spawn a child to do external communication before unsharing */ * let's spawn a child to do external communication before unsharing */
hypervisor_exposed_fork(); hypervisor_exposed_fork();
/* And now finally we can go for unsharing the rest -- networks and time */ /* We also need to prepare all the hypervisor-init stuff */
SYSCALL(unshare, CLONE_NEWTIME | CLONE_NEWNET); hypervisor_control_socket();
/* And now finally we can go for unsharing the networks */
SYSCALL(unshare, CLONE_NEWNET);
/* Set signal handlers as this process is init in its PID namespace */ /* Set signal handlers as this process is init in its PID namespace */
signal(SIGTERM, hypervisor_poweroff_sighandler); signal(SIGTERM, hypervisor_poweroff_sighandler);
@ -190,6 +208,10 @@ main(int argc, char **argv, char **argh UNUSED)
getrlimit(RLIMIT_CORE, &corelimit); getrlimit(RLIMIT_CORE, &corelimit);
log(L_INFO "Core limit %u %u", corelimit.rlim_cur, corelimit.rlim_max); log(L_INFO "Core limit %u %u", corelimit.rlim_cur, corelimit.rlim_max);
/* Run worker threads */
struct thread_config tc = {};
bird_thread_commit(&tc);
/* Wait for Godot */ /* Wait for Godot */
log(L_INFO "Hypervisor running"); log(L_INFO "Hypervisor running");
while (1) while (1)

View File

@ -5,10 +5,12 @@
#include "lib/birdlib.h" #include "lib/birdlib.h"
void hypervisor_exposed_fork(void); void hypervisor_exposed_fork(void);
void hypervisor_control_socket(void);
struct flock_config { struct flock_config {
const char *hypervisor_name; const char *hypervisor_name;
const char *exec_name; const char *exec_name;
const char *control_socket_path;
}; };
extern struct flock_config flock_config; extern struct flock_config flock_config;

View File

@ -2,10 +2,56 @@
#include "lib/resource.h" #include "lib/resource.h"
#include "lib/io-loop.h" #include "lib/io-loop.h"
#include "lib/socket.h"
#include "flock/flock.h"
#include <sys/socket.h> #include <sys/socket.h>
/* Local communication structure */ /**
* Main control socket
**/
pool *hypervisor_control_socket_pool;
static int
hcs_connect(sock *s, uint size UNUSED)
{
log(L_INFO "CLI connected: %p", s);
sk_close(s);
return 1;
}
static void
hcs_connect_err(sock *s UNUSED, int err)
{
ASSERT_DIE(err);
log(L_INFO "Failed to accept CLI connection: %s", strerror(err));
}
void
hypervisor_control_socket(void)
{
struct birdloop *loop = birdloop_new(&root_pool, DOMAIN_ORDER(control), 0, "Control socket");
birdloop_enter(loop);
pool *p = hypervisor_control_socket_pool = rp_new(birdloop_pool(loop), birdloop_domain(loop), "Control socket pool");
sock *s = sk_new(p);
s->type = SK_UNIX_PASSIVE;
s->rx_hook = hcs_connect;
s->err_hook = hcs_connect_err;
s->rbsize = 1024;
unlink(flock_config.control_socket_path);
if (sk_open_unix(s, loop, flock_config.control_socket_path) < 0)
die("Can't create control socket %s: %m", flock_config.control_socket_path);
birdloop_leave(loop);
}
/**
* Exposed process' communication structure
**/
static struct hypervisor_exposed { static struct hypervisor_exposed {
pool *p; pool *p;
sock *s; sock *s;