mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2025-01-15 13:31:54 +00:00
Flock: Hypervisor has a control socket (not doing anything yet tho)
This commit is contained in:
parent
f48798d0c3
commit
1310e0160e
@ -99,16 +99,33 @@ main(int argc, char **argv, char **argh UNUSED)
|
|||||||
|
|
||||||
log_switch(1, NULL, NULL);
|
log_switch(1, NULL, NULL);
|
||||||
|
|
||||||
|
/* Find the original UID/GIDs */
|
||||||
|
uid_t euid = geteuid(), egid = getegid();
|
||||||
|
|
||||||
/* Parse args */
|
/* Parse args */
|
||||||
flock_config.exec_name = argv[0] ?: "flock-sim";
|
flock_config.exec_name = argv[0] ?: "flock-sim";
|
||||||
int opt;
|
int opt;
|
||||||
while ((opt = getopt(argc, argv, "")) != -1)
|
while ((opt = getopt(argc, argv, "ls:")) != -1)
|
||||||
{
|
{
|
||||||
/* TODO: add some options */
|
switch (opt)
|
||||||
usage(stderr);
|
{
|
||||||
return 2;
|
case 'l':
|
||||||
|
flock_config.control_socket_path = "flock-sim.ctl";
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 's':
|
||||||
|
flock_config.control_socket_path = mb_strdup(&root_pool, optarg);
|
||||||
|
break;
|
||||||
|
|
||||||
|
default:
|
||||||
|
usage(stderr);
|
||||||
|
return 2;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* FIXME: have a default */
|
||||||
|
ASSERT_DIE(flock_config.control_socket_path);
|
||||||
|
|
||||||
/* Get hypervisor name */
|
/* Get hypervisor name */
|
||||||
if (optind != argc - 1)
|
if (optind != argc - 1)
|
||||||
{
|
{
|
||||||
@ -127,11 +144,9 @@ main(int argc, char **argv, char **argh UNUSED)
|
|||||||
#undef FROB
|
#undef FROB
|
||||||
sigprocmask(SIG_BLOCK, &newmask, &oldmask);
|
sigprocmask(SIG_BLOCK, &newmask, &oldmask);
|
||||||
|
|
||||||
/* Keep the original UID/GIDs */
|
/* First we need to create the PID + mount + user namespace to acquire capabilities,
|
||||||
uid_t euid = geteuid(), egid = getegid();
|
* and also time namespace for good measure */
|
||||||
|
SYSCALL(unshare, CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUSER | CLONE_NEWTIME);
|
||||||
/* First we need to create the PID + mount + user namespace to acquire capabilities */
|
|
||||||
SYSCALL(unshare, CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUSER);
|
|
||||||
|
|
||||||
/* Then we have to fork() to become PID 1 of the new PID namespace */
|
/* Then we have to fork() to become PID 1 of the new PID namespace */
|
||||||
pid_t init_pid = fork();
|
pid_t init_pid = fork();
|
||||||
@ -173,8 +188,11 @@ main(int argc, char **argv, char **argh UNUSED)
|
|||||||
* let's spawn a child to do external communication before unsharing */
|
* let's spawn a child to do external communication before unsharing */
|
||||||
hypervisor_exposed_fork();
|
hypervisor_exposed_fork();
|
||||||
|
|
||||||
/* And now finally we can go for unsharing the rest -- networks and time */
|
/* We also need to prepare all the hypervisor-init stuff */
|
||||||
SYSCALL(unshare, CLONE_NEWTIME | CLONE_NEWNET);
|
hypervisor_control_socket();
|
||||||
|
|
||||||
|
/* And now finally we can go for unsharing the networks */
|
||||||
|
SYSCALL(unshare, CLONE_NEWNET);
|
||||||
|
|
||||||
/* Set signal handlers as this process is init in its PID namespace */
|
/* Set signal handlers as this process is init in its PID namespace */
|
||||||
signal(SIGTERM, hypervisor_poweroff_sighandler);
|
signal(SIGTERM, hypervisor_poweroff_sighandler);
|
||||||
@ -190,6 +208,10 @@ main(int argc, char **argv, char **argh UNUSED)
|
|||||||
getrlimit(RLIMIT_CORE, &corelimit);
|
getrlimit(RLIMIT_CORE, &corelimit);
|
||||||
log(L_INFO "Core limit %u %u", corelimit.rlim_cur, corelimit.rlim_max);
|
log(L_INFO "Core limit %u %u", corelimit.rlim_cur, corelimit.rlim_max);
|
||||||
|
|
||||||
|
/* Run worker threads */
|
||||||
|
struct thread_config tc = {};
|
||||||
|
bird_thread_commit(&tc);
|
||||||
|
|
||||||
/* Wait for Godot */
|
/* Wait for Godot */
|
||||||
log(L_INFO "Hypervisor running");
|
log(L_INFO "Hypervisor running");
|
||||||
while (1)
|
while (1)
|
||||||
|
@ -5,10 +5,12 @@
|
|||||||
#include "lib/birdlib.h"
|
#include "lib/birdlib.h"
|
||||||
|
|
||||||
void hypervisor_exposed_fork(void);
|
void hypervisor_exposed_fork(void);
|
||||||
|
void hypervisor_control_socket(void);
|
||||||
|
|
||||||
struct flock_config {
|
struct flock_config {
|
||||||
const char *hypervisor_name;
|
const char *hypervisor_name;
|
||||||
const char *exec_name;
|
const char *exec_name;
|
||||||
|
const char *control_socket_path;
|
||||||
};
|
};
|
||||||
|
|
||||||
extern struct flock_config flock_config;
|
extern struct flock_config flock_config;
|
||||||
|
@ -2,10 +2,56 @@
|
|||||||
|
|
||||||
#include "lib/resource.h"
|
#include "lib/resource.h"
|
||||||
#include "lib/io-loop.h"
|
#include "lib/io-loop.h"
|
||||||
|
#include "lib/socket.h"
|
||||||
|
|
||||||
|
#include "flock/flock.h"
|
||||||
|
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
|
|
||||||
/* Local communication structure */
|
/**
|
||||||
|
* Main control socket
|
||||||
|
**/
|
||||||
|
|
||||||
|
pool *hypervisor_control_socket_pool;
|
||||||
|
|
||||||
|
static int
|
||||||
|
hcs_connect(sock *s, uint size UNUSED)
|
||||||
|
{
|
||||||
|
log(L_INFO "CLI connected: %p", s);
|
||||||
|
sk_close(s);
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
hcs_connect_err(sock *s UNUSED, int err)
|
||||||
|
{
|
||||||
|
ASSERT_DIE(err);
|
||||||
|
log(L_INFO "Failed to accept CLI connection: %s", strerror(err));
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
hypervisor_control_socket(void)
|
||||||
|
{
|
||||||
|
struct birdloop *loop = birdloop_new(&root_pool, DOMAIN_ORDER(control), 0, "Control socket");
|
||||||
|
birdloop_enter(loop);
|
||||||
|
|
||||||
|
pool *p = hypervisor_control_socket_pool = rp_new(birdloop_pool(loop), birdloop_domain(loop), "Control socket pool");
|
||||||
|
sock *s = sk_new(p);
|
||||||
|
s->type = SK_UNIX_PASSIVE;
|
||||||
|
s->rx_hook = hcs_connect;
|
||||||
|
s->err_hook = hcs_connect_err;
|
||||||
|
s->rbsize = 1024;
|
||||||
|
|
||||||
|
unlink(flock_config.control_socket_path);
|
||||||
|
if (sk_open_unix(s, loop, flock_config.control_socket_path) < 0)
|
||||||
|
die("Can't create control socket %s: %m", flock_config.control_socket_path);
|
||||||
|
|
||||||
|
birdloop_leave(loop);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Exposed process' communication structure
|
||||||
|
**/
|
||||||
static struct hypervisor_exposed {
|
static struct hypervisor_exposed {
|
||||||
pool *p;
|
pool *p;
|
||||||
sock *s;
|
sock *s;
|
||||||
|
Loading…
Reference in New Issue
Block a user