Difference between revisions of "Compel"

From CRIU
Jump to navigation Jump to search
Line 7: Line 7:
 
* Check socket FDs to get stuck/closed by polling them
 
* Check socket FDs to get stuck/closed by polling them
 
* Apply "logrotate" on the fly
 
* Apply "logrotate" on the fly
 +
* Garbage collector
  
 
Another is to do some activity on the victim and then just unload. With this we can
 
Another is to do some activity on the victim and then just unload. With this we can
Line 19: Line 20:
 
* Force entering into CT (except pid namespace, probably)
 
* Force entering into CT (except pid namespace, probably)
 
* Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
 
* Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
 +
* Remove leaks from e.g. malloc/free heap
  
 
[[Category:Empty articles]]
 
[[Category:Empty articles]]
 
[[Category:Sub-projects]]
 
[[Category:Sub-projects]]

Revision as of 14:44, 9 February 2016

[1]

Usage ideas

One thing parasite code can do is call clone() and create thread having access to main process VM, FDT, FS, etc. The new thread can then

  • Check socket FDs to get stuck/closed by polling them
  • Apply "logrotate" on the fly
  • Garbage collector

Another is to do some activity on the victim and then just unload. With this we can

  • Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
  • Binary updates. E.g. live patching or libr relink
  • Inject socket spy -- instead of opened socket create a unix one, put it in place of original one and send the latter back to caller so that any traffic flow in one goes "through" the spy
  • Do "nohup" on the fly
  • Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets
  • Re-connect sleeping sockets to other addresses (not 100% safe)
  • "Soft" restart of a service -- call execve() from it's context
  • Force entering into CT (except pid namespace, probably)
  • Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
  • Remove leaks from e.g. malloc/free heap