Difference between revisions of "Compel"

From CRIU
Jump to navigation Jump to search
Line 16: Line 16:
 
* Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
 
* Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
 
* Binary updates. E.g. live patching or libr relink
 
* Binary updates. E.g. live patching or libr relink
* Inject socket spy -- replace opened socket with unix one, and send the former one to the caller
+
* Tunnelling -- replace opened socket with unix one, and send the former one to the caller
 +
** Inject socket spy
 +
** Pack/Unpack
 +
** Crypt/Uncrypt
 +
** Traffic analyzer
 +
** Traffic fanout (multiplex)
 
* Do "nohup" on the fly
 
* Do "nohup" on the fly
 
* Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets
 
* Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets

Revision as of 15:01, 9 February 2016

[1]

Usage ideas

One thing parasite code can do is call clone() and create thread having access to main process VM, FDT, FS, etc. The new thread can then

  • Check socket FDs to get stuck/closed by polling them
  • Apply "logrotate" on the fly
  • Garbage collector
  • Catch SIGSEGV, do smth with mappings and act upon "illegal" memory access
    • Remote swap for task
    • WSS detction

Another is to do some activity on the victim and then just unload. With this we can

  • Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
  • Binary updates. E.g. live patching or libr relink
  • Tunnelling -- replace opened socket with unix one, and send the former one to the caller
    • Inject socket spy
    • Pack/Unpack
    • Crypt/Uncrypt
    • Traffic analyzer
    • Traffic fanout (multiplex)
  • Do "nohup" on the fly
  • Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets
  • Re-connect sleeping sockets to other addresses (not 100% safe)
  • "Soft" restart of a service -- call execve() from it's context
  • Force entering into CT (except pid namespace, probably)
  • Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
  • Remove leaks from e.g. malloc/free heap