Compel

Revision as of 05:04, 17 September 2016 by Xemul (talk | contribs)

Compel temporary GIT repo is at http://github.com/xemul/compel. Now compel sits in the main criu repo at https://github.com/xemul/criu/tree/criu-dev/compel.

Usage ideas

One thing parasite code can do is call clone() and create thread having access to main process VM, FDT, FS, etc. The new thread can then

  • Check socket FDs to get stuck/closed by polling them
  • Apply "logrotate" on the fly
  • Garbage collector
  • Catch SIGSEGV, do smth with mappings and act upon "illegal" memory access
    • Remote swap for task
    • WSS detection

Another is to do some activity on the victim and then just unload. With this we can

  • Death detection. Open pipe/socket and pass the other end outside. Once the victim dies the pipe/socket will wake up.
  • Binary updates. E.g. live patching or libs relink
  • Tunneling -- replace opened socket with unix one, and send the former one to the caller
    • Inject socket spy
    • Pack/Unpack
    • Crypt/Decrypt
    • Traffic analyzer
    • Traffic fanout (multiplex)
  • The same for files on disks -- proxy via pipe(s)
    • Filter/split logs
  • Do "nohup" on the fly
  • Debug stuff by MSG_PEEK-ing sockets messages of tee+splice sockets
  • Re-connect sleeping sockets to other addresses (not 100% safe)
  • "Soft" restart of a service -- call execve() from it's context
  • Force entering into CT (except pid namespace, probably)
  • Re-open all files (and cwd, root) to facilitate moving on new / (e.g. for disk replacement)
  • Remove leaks from e.g. malloc/free heap
  • Force reparent (pid change!)
    • Re-open all files -- force daemonize