From fe5cf27244a30bf95e51286cca1e4d8db0968d27 Mon Sep 17 00:00:00 2001 From: Lai Jiangshan Date: Fri, 23 Dec 2016 11:33:51 +0800 Subject: [PATCH 1/4] introduce hyper_find_process() Signed-off-by: Lai Jiangshan --- src/exec.c | 18 ++++++++++++++++++ src/exec.h | 1 + src/init.c | 15 +++------------ 3 files changed, 22 insertions(+), 12 deletions(-) diff --git a/src/exec.c b/src/exec.c index 96b1c534..449d7ac6 100644 --- a/src/exec.c +++ b/src/exec.c @@ -719,6 +719,24 @@ static int hyper_release_exec(struct hyper_exec *exec) return 0; } +struct hyper_exec *hyper_find_process(struct hyper_pod *pod, const char *container, const char *process) +{ + struct hyper_container *c = hyper_find_container(pod, container); + if (c) { + if (strcmp(c->exec.id, process) == 0) { + return &c->exec; + } + } else { + return NULL; + } + + struct hyper_exec *exec = hyper_find_exec_by_name(pod, process); + if (strcmp(exec->container_id, container) == 0) { + return exec; + } + return NULL; +} + struct hyper_exec *hyper_find_exec_by_name(struct hyper_pod *pod, const char *process) { struct hyper_exec *exec; diff --git a/src/exec.h b/src/exec.h index 09ef1ebe..3965ea83 100644 --- a/src/exec.h +++ b/src/exec.h @@ -46,6 +46,7 @@ struct hyper_pod; int hyper_exec_cmd(char *json, int length); int hyper_run_process(struct hyper_exec *e); +struct hyper_exec *hyper_find_process(struct hyper_pod *pod, const char *container, const char *process); struct hyper_exec *hyper_find_exec_by_name(struct hyper_pod *pod, const char *process); struct hyper_exec *hyper_find_exec_by_pid(struct list_head *head, int pid); struct hyper_exec *hyper_find_exec_by_seq(struct hyper_pod *pod, uint64_t seq); diff --git a/src/init.c b/src/init.c index df67fc32..0b34cc1d 100644 --- a/src/init.c +++ b/src/init.c @@ -62,20 +62,11 @@ static int hyper_set_win_size(struct hyper_pod *pod, char *json, int length) goto out; } - struct hyper_container *c = hyper_find_container(pod, container); - if (!c) { - fprintf(stderr, "call hyper_set_win_size, can not find the container: %s\n", container); + exec = hyper_find_process(pod, container, process); + if (!exec) { + fprintf(stderr, "call hyper_set_win_size, can not find the process: %s\n", process); goto out; } - if (strcmp(c->exec.id, process) == 0) { - exec = &c->exec; - } else { - exec = hyper_find_exec_by_name(pod, process); - if (!exec) { - fprintf(stderr, "call hyper_set_win_size, can not find the process: %s\n", process); - goto out; - } - } size.ws_row = (int)json_object_get_number(json_object(value), "row"); size.ws_col = (int)json_object_get_number(json_object(value), "column"); From 4f6aeb8407fb8fd8f6434e4307ba878785589912 Mon Sep 17 00:00:00 2001 From: Lai Jiangshan Date: Fri, 23 Dec 2016 11:59:36 +0800 Subject: [PATCH 2/4] check conflicts when add new container Signed-off-by: Lai Jiangshan --- src/init.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/init.c b/src/init.c index 0b34cc1d..cdd678b1 100644 --- a/src/init.c +++ b/src/init.c @@ -603,6 +603,12 @@ static int hyper_new_container(char *json, int length) return -1; } + if (hyper_find_container(pod, c->id) != NULL) { + fprintf(stderr, "container id conflicts"); + hyper_cleanup_container(c, pod); + return -1; + } + list_add_tail(&c->list, &pod->containers); ret = hyper_setup_container(c, pod); if (ret >= 0) From 3d53c5a0bdebbf14df2fef9add99d878da3e81fe Mon Sep 17 00:00:00 2001 From: Lai Jiangshan Date: Fri, 23 Dec 2016 12:05:06 +0800 Subject: [PATCH 3/4] add argument struct hyper_pod *pod to functions Signed-off-by: Lai Jiangshan --- src/exec.c | 4 ++-- src/exec.h | 2 +- src/hyper.h | 1 - src/init.c | 32 +++++++++++++------------------- 4 files changed, 16 insertions(+), 23 deletions(-) diff --git a/src/exec.c b/src/exec.c index 449d7ac6..52c5da1d 100644 --- a/src/exec.c +++ b/src/exec.c @@ -590,7 +590,7 @@ static void hyper_free_exec(struct hyper_exec *exec) free(exec); } -int hyper_exec_cmd(char *json, int length) +int hyper_exec_cmd(struct hyper_pod *pod, char *json, int length) { struct hyper_exec *exec; @@ -602,7 +602,7 @@ int hyper_exec_cmd(char *json, int length) return -1; } - exec->pod = &global_pod; + exec->pod = pod; int ret = hyper_run_process(exec); if (ret < 0) { hyper_free_exec(exec); diff --git a/src/exec.h b/src/exec.h index 3965ea83..bad5ca49 100644 --- a/src/exec.h +++ b/src/exec.h @@ -44,7 +44,7 @@ struct hyper_exec { struct hyper_pod; -int hyper_exec_cmd(char *json, int length); +int hyper_exec_cmd(struct hyper_pod *pod, char *json, int length); int hyper_run_process(struct hyper_exec *e); struct hyper_exec *hyper_find_process(struct hyper_pod *pod, const char *container, const char *process); struct hyper_exec *hyper_find_exec_by_name(struct hyper_pod *pod, const char *process); diff --git a/src/hyper.h b/src/hyper.h index ec67a052..c6e38f96 100644 --- a/src/hyper.h +++ b/src/hyper.h @@ -87,7 +87,6 @@ int hyper_enter_sandbox(struct hyper_pod *pod, int pidpipe); void hyper_pod_destroyed(int failed); int hyper_ctl_append_msg(struct hyper_event *he, uint32_t type, uint8_t *data, uint32_t len); -extern struct hyper_pod global_pod; extern struct hyper_epoll hyper_epoll; extern sigset_t orig_mask; #endif diff --git a/src/init.c b/src/init.c index cdd678b1..bf5b4ce9 100644 --- a/src/init.c +++ b/src/init.c @@ -30,7 +30,7 @@ #include "container.h" #include "syscall.h" -struct hyper_pod global_pod = { +static struct hyper_pod global_pod = { .containers = LIST_HEAD_INIT(global_pod.containers), .exec_head = LIST_HEAD_INIT(global_pod.exec_head), }; @@ -555,10 +555,8 @@ static int hyper_destroy_pod(struct hyper_pod *pod, int error) return 0; } -static int hyper_start_pod(char *json, int length) +static int hyper_start_pod(struct hyper_pod *pod, char *json, int length) { - struct hyper_pod *pod = &global_pod; - fprintf(stdout, "call hyper_start_pod, json %s, len %d\n", json, length); if (pod->init_pid) @@ -584,11 +582,10 @@ static int hyper_start_pod(char *json, int length) return 0; } -static int hyper_new_container(char *json, int length) +static int hyper_new_container(struct hyper_pod *pod, char *json, int length) { int ret; struct hyper_container *c; - struct hyper_pod *pod = &global_pod; fprintf(stdout, "call hyper_new_container, json %s, len %d\n", json, length); @@ -624,10 +621,9 @@ static int hyper_new_container(char *json, int length) return ret; } -static int hyper_kill_container(char *json, int length) +static int hyper_kill_container(struct hyper_pod *pod, char *json, int length) { struct hyper_container *c; - struct hyper_pod *pod = &global_pod; int ret = -1; JSON_Value *value = hyper_json_parse(json, length); @@ -649,10 +645,9 @@ static int hyper_kill_container(char *json, int length) return ret; } -static int hyper_remove_container(char *json, int length) +static int hyper_remove_container(struct hyper_pod *pod, char *json, int length) { struct hyper_container *c; - struct hyper_pod *pod = &global_pod; int ret = -1; JSON_Value *value = hyper_json_parse(json, length); @@ -716,7 +711,7 @@ static int hyper_open_container_file(void *data) exit(ret); } -static int hyper_cmd_rw_file(char *json, int length, uint32_t *rdatalen, uint8_t **rdata, int rw) +static int hyper_cmd_rw_file(struct hyper_pod *pod, char *json, int length, uint32_t *rdatalen, uint8_t **rdata, int rw) { struct file_command cmd = { .id = NULL, @@ -727,7 +722,6 @@ static int hyper_cmd_rw_file(char *json, int length, uint32_t *rdatalen, uint8_t .rw = rw, }; struct hyper_container *c; - struct hyper_pod *pod = &global_pod; char *data = NULL; void *stack = NULL; int stacksize = getpagesize() * 4; @@ -1102,7 +1096,7 @@ static int hyper_ctlmsg_handle(struct hyper_event *he, uint32_t len) hyper_set_be32(data, APIVERSION); break; case STARTPOD: - ret = hyper_start_pod((char *)buf->data + 8, len - 8); + ret = hyper_start_pod(pod, (char *)buf->data + 8, len - 8); hyper_print_uptime(); break; case DESTROYPOD: @@ -1111,13 +1105,13 @@ static int hyper_ctlmsg_handle(struct hyper_event *he, uint32_t len) hyper_destroy_pod(pod, 0); return 0; case EXECCMD: - ret = hyper_exec_cmd((char *)buf->data + 8, len - 8); + ret = hyper_exec_cmd(pod, (char *)buf->data + 8, len - 8); break; case WRITEFILE: - ret = hyper_cmd_rw_file((char *)buf->data + 8, len - 8, NULL, NULL, WRITEFILE); + ret = hyper_cmd_rw_file(pod, (char *)buf->data + 8, len - 8, NULL, NULL, WRITEFILE); break; case READFILE: - ret = hyper_cmd_rw_file((char *)buf->data + 8, len - 8, &datalen, &data, READFILE); + ret = hyper_cmd_rw_file(pod, (char *)buf->data + 8, len - 8, &datalen, &data, READFILE); break; case PING: break; @@ -1128,13 +1122,13 @@ static int hyper_ctlmsg_handle(struct hyper_event *he, uint32_t len) ret = hyper_set_win_size(pod, (char *)buf->data + 8, len - 8); break; case NEWCONTAINER: - ret = hyper_new_container((char *)buf->data + 8, len - 8); + ret = hyper_new_container(pod, (char *)buf->data + 8, len - 8); break; case KILLCONTAINER: - ret = hyper_kill_container((char *)buf->data + 8, len - 8); + ret = hyper_kill_container(pod, (char *)buf->data + 8, len - 8); break; case REMOVECONTAINER: - ret = hyper_remove_container((char *)buf->data + 8, len - 8); + ret = hyper_remove_container(pod, (char *)buf->data + 8, len - 8); break; case ONLINECPUMEM: hyper_cmd_online_cpu_mem(); From a325b7f150dacb1040c9d00447c0f8aa2b32c45a Mon Sep 17 00:00:00 2001 From: Lai Jiangshan Date: Fri, 23 Dec 2016 12:22:07 +0800 Subject: [PATCH 4/4] check conflicts when add new process Signed-off-by: Lai Jiangshan --- src/exec.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/exec.c b/src/exec.c index 52c5da1d..5c5998c9 100644 --- a/src/exec.c +++ b/src/exec.c @@ -602,6 +602,17 @@ int hyper_exec_cmd(struct hyper_pod *pod, char *json, int length) return -1; } + if (hyper_find_container(pod, exec->container_id) == NULL) { + fprintf(stderr, "call hyper_exec_cmd, no such container: %s\n", exec->container_id); + hyper_free_exec(exec); + return -1; + } + if (hyper_find_exec_by_name(pod, exec->id) != NULL) { + fprintf(stderr, "call hyper_exec_cmd, process id conflicts"); + hyper_free_exec(exec); + return -1; + } + exec->pod = pod; int ret = hyper_run_process(exec); if (ret < 0) {