Difference between revisions of "Remote syscall execution"
(Created page describing 'exec' command.) |
(crtools -> criu) |
||
Line 1: | Line 1: | ||
− | This page describes how the <code>exec</code> command in | + | This page describes how the <code>exec</code> command in criu works. |
== Description == | == Description == | ||
Line 10: | Line 10: | ||
<pre> | <pre> | ||
− | + | criu exec -t <pid> <syscall-name> <syscall-arguments> | |
</pre> | </pre> | ||
Line 33: | Line 33: | ||
<pre> | <pre> | ||
− | # | + | # criu exec -t <pid> close 1 |
− | # | + | # criu exec -t <pid> open '&<path-to-file>' 2 |
</pre> | </pre> | ||
Line 44: | Line 44: | ||
<pre> | <pre> | ||
− | # | + | # criu exec -t <pid> madvise <start> <lenght> <madvise-bits-value> |
</pre> | </pre> |
Revision as of 16:39, 30 April 2013
This page describes how the exec
command in criu works.
Description
The exec
command executes arbitrary system call from another task's context. It does so by exploiting the parasite code execution feature, which is also used to dump various process' information.
Syntax
The command syntax is
criu exec -t <pid> <syscall-name> <syscall-arguments>
The syscall-name
is just a name of a system call. Since typically each syscall is wrapped with the respective glibc function, you can find out information about the interesting system call in the respective man page.
The rest of the command line is treated as syscall-arguments
. Each command line argument in this list is converted into the system call argument by the following rules:
- If an argument starts with '&', the rest of it is copied to the target task's address space (it's allocated by remotely calling the
mmap
syscall) and the pointer to this area is passed as the system call argument
- Otherwise, the argument is converted into an
unsigned long
number withstrtol
and passed to system call directly
- Not specified arguments (if required by system call) are set to 0
In order to execute a system call for remote task, you don't have to be root -- you should only have rights to do debugging (strace) on it.
If you want to make task perform some action, that consists of several syscalls, you should first stop it with SIG_STOP
.
Examples
Re-opening stdout
You can close the 1st fd from a task and re-open it into some other file like this
# criu exec -t <pid> close 1 # criu exec -t <pid> open '&<path-to-file>' 2
In the 2nd string 2 means the O_RDWR
opening mode.
Adding madvise-s to a mapping
You can tune the task's address space with madvise
bits like this
# criu exec -t <pid> madvise <start> <lenght> <madvise-bits-value>