Difference between revisions of "Compel"

From CRIU
Jump to navigation Jump to search
(make the link visible)
m (a few typos)
Line 10: Line 10:
 
* Catch SIGSEGV, do smth with mappings and act upon "illegal" memory access
 
* Catch SIGSEGV, do smth with mappings and act upon "illegal" memory access
 
** Remote swap for task
 
** Remote swap for task
** WSS detction
+
** WSS detection
  
 
Another is to do some activity on the victim and then just unload. With this we can
 
Another is to do some activity on the victim and then just unload. With this we can
  
 
* Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
 
* Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
* Binary updates. E.g. live patching or libr relink
+
* Binary updates. E.g. live patching or libs relink
 
* Tunneling -- replace opened socket with unix one, and send the former one to the caller
 
* Tunneling -- replace opened socket with unix one, and send the former one to the caller
 
** Inject socket spy
 
** Inject socket spy

Revision as of 19:06, 10 February 2016

Compel GIT repo is at http://github.com/xemul/compel

Usage ideas

One thing parasite code can do is call clone() and create thread having access to main process VM, FDT, FS, etc. The new thread can then

  • Check socket FDs to get stuck/closed by polling them
  • Apply "logrotate" on the fly
  • Garbage collector
  • Catch SIGSEGV, do smth with mappings and act upon "illegal" memory access
    • Remote swap for task
    • WSS detection

Another is to do some activity on the victim and then just unload. With this we can

  • Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
  • Binary updates. E.g. live patching or libs relink
  • Tunneling -- replace opened socket with unix one, and send the former one to the caller
    • Inject socket spy
    • Pack/Unpack
    • Crypt/Decrypt
    • Traffic analyzer
    • Traffic fanout (multiplex)
  • The same for files on disks -- proxy via pipe(s)
    • Filter/split logs
  • Do "nohup" on the fly
  • Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets
  • Re-connect sleeping sockets to other addresses (not 100% safe)
  • "Soft" restart of a service -- call execve() from it's context
  • Force entering into CT (except pid namespace, probably)
  • Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
  • Remove leaks from e.g. malloc/free heap
  • Force reparent (pid change!)
    • Re-open all files -- force daemonize