1 /* Copyright 2005 Princeton University
3 Redistribution and use in source and binary forms, with or without
4 modification, are permitted provided that the following conditions
7 * Redistributions of source code must retain the above copyright
8 notice, this list of conditions and the following disclaimer.
10 * Redistributions in binary form must reproduce the above
11 copyright notice, this list of conditions and the following
12 disclaimer in the documentation and/or other materials provided
13 with the distribution.
15 * Neither the name of the copyright holder nor the names of its
16 contributors may be used to endorse or promote products derived
17 from this software without specific prior written permission.
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL PRINCETON
23 UNIVERSITY OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
24 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
25 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
26 OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
27 AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
29 WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 POSSIBILITY OF SUCH DAMAGE.
38 #include <sys/resource.h>
39 #include <sys/types.h>
42 #include <sys/socket.h>
43 #include <arpa/inet.h>
47 #include <sys/mount.h>
52 #include "planetlab.h"
54 static inline PyObject *inc_and_ret_none(void)
60 #define NONE inc_and_ret_none()
62 #define PL_INSECURE_BCAPS (vc_get_insecurebcaps() | (1 << VC_CAP_NET_BIND_SERVICE))
63 #define PL_INSECURE_CCAPS vc_get_insecureccaps()
69 vserver_chcontext(PyObject *self, PyObject *args)
73 uint_least64_t bcaps = 0;
75 if (!PyArg_ParseTuple(args, "I|K", &ctx, &bcaps))
77 bcaps |= ~PL_INSECURE_BCAPS;
79 if ((ctx_is_new = pl_chcontext(ctx, bcaps, 0)) < 0)
80 return PyErr_SetFromErrno(PyExc_OSError);
82 return PyBool_FromLong(ctx_is_new);
86 vserver_setup_done(PyObject *self, PyObject *args)
90 if (!PyArg_ParseTuple(args, "I", &ctx))
93 if (pl_setup_done(ctx) < 0)
94 return PyErr_SetFromErrno(PyExc_OSError);
100 vserver_isrunning(PyObject *self, PyObject *args)
107 if (!PyArg_ParseTuple(args, "I", &ctx))
110 sprintf(fname,"/proc/virtual/%d", ctx);
112 if(stat(&fname[0],&statbuf)==0)
113 ret = PyBool_FromLong(1);
115 ret = PyBool_FromLong(0);
121 __vserver_get_rlimit(xid_t xid, int resource) {
122 struct vc_rlimit limits;
126 if (vc_get_rlimit(xid, resource, &limits)==-1)
127 ret = PyErr_SetFromErrno(PyExc_OSError);
129 ret = Py_BuildValue("LLL",limits.hard, limits.soft, limits.min);
135 vserver_get_rlimit(PyObject *self, PyObject *args) {
140 if (!PyArg_ParseTuple(args, "Ii", &xid, &resource))
143 ret = __vserver_get_rlimit(xid, resource);
149 vserver_set_rlimit(PyObject *self, PyObject *args) {
150 struct vc_rlimit limits;
151 struct vc_rlimit_mask mask;
157 limits.min = VC_LIM_KEEP;
158 limits.soft = VC_LIM_KEEP;
159 limits.hard = VC_LIM_KEEP;
161 if (!PyArg_ParseTuple(args, "IiLLL", &xid, &resource, &limits.hard, &limits.soft, &limits.min))
166 if (vc_get_rlimit_mask(xid, &mask)==-1) {
167 ret = PyErr_SetFromErrno(PyExc_OSError);
169 bitmask = (1<<resource);
170 if ((mask.min|mask.soft|mask.hard) & bitmask)
171 if (vc_set_rlimit(xid, resource, &limits)==-1)
172 ret = PyErr_SetFromErrno(PyExc_OSError);
174 ret = __vserver_get_rlimit(xid, resource);
184 vserver_setsched(PyObject *self, PyObject *args)
190 if (!PyArg_ParseTuple(args, "II|I", &ctx, &cpu_min, &cpu_share))
193 /* ESRCH indicates that there are no processes in the context */
194 if (pl_setsched(ctx, cpu_min, cpu_share) &&
196 return PyErr_SetFromErrno(PyExc_OSError);
202 vserver_get_dlimit(PyObject *self, PyObject *args)
207 struct vc_ctx_dlimit data;
210 if (!PyArg_ParseTuple(args, "si", &path,&xid))
213 memset(&data, 0, sizeof(data));
214 r = vc_get_dlimit(path, xid, 0, &data);
216 res = Py_BuildValue("(i,i,i,i,i)",
223 res = PyErr_SetFromErrno(PyExc_OSError);
231 vserver_set_dlimit(PyObject *self, PyObject *args)
235 struct vc_ctx_dlimit data;
237 memset(&data,0,sizeof(data));
238 if (!PyArg_ParseTuple(args, "siiiiii", &path,
247 if ((vc_add_dlimit(path, xid, 0) && errno != EEXIST) ||
248 vc_set_dlimit(path, xid, 0, &data))
249 return PyErr_SetFromErrno(PyExc_OSError);
255 vserver_unset_dlimit(PyObject *self, PyObject *args)
260 if (!PyArg_ParseTuple(args, "si", &path, &xid))
263 if (vc_rem_dlimit(path, xid, 0) && errno != ESRCH)
264 return PyErr_SetFromErrno(PyExc_OSError);
270 vserver_killall(PyObject *self, PyObject *args)
274 struct vc_ctx_flags cflags = {
276 .mask = VC_VXF_PERSISTENT
278 struct vc_net_flags nflags = {
280 .mask = VC_NXF_PERSISTENT
283 if (!PyArg_ParseTuple(args, "Ii", &ctx, &sig))
286 if (vc_ctx_kill(ctx, 0, sig) && errno != ESRCH)
287 return PyErr_SetFromErrno(PyExc_OSError);
289 if (vc_set_cflags(ctx, &cflags) && errno != ESRCH)
290 return PyErr_SetFromErrno(PyExc_OSError);
292 if (vc_set_nflags(ctx, &nflags) && errno != ESRCH)
293 return PyErr_SetFromErrno(PyExc_OSError);
299 vserver_set_bcaps(PyObject *self, PyObject *args)
302 struct vc_ctx_caps caps;
304 if (!PyArg_ParseTuple(args, "IK", &ctx, &caps.bcaps))
307 caps.bmask = PL_INSECURE_BCAPS;
308 caps.cmask = caps.ccaps = 0;
309 if (vc_set_ccaps(ctx, &caps) == -1 && errno != ESRCH)
310 return PyErr_SetFromErrno(PyExc_OSError);
316 vserver_text2bcaps(PyObject *self, PyObject *args)
318 struct vc_ctx_caps caps = { .bcaps = 0 };
321 struct vc_err_listparser err;
323 if (!PyArg_ParseTuple(args, "s#", &list, &len))
326 vc_list2bcap(list, len, &err, &caps);
328 return Py_BuildValue("K", caps.bcaps);
332 vserver_get_bcaps(PyObject *self, PyObject *args)
335 struct vc_ctx_caps caps;
337 if (!PyArg_ParseTuple(args, "I", &ctx))
340 if (vc_get_ccaps(ctx, &caps) == -1) {
342 return PyErr_SetFromErrno(PyExc_OSError);
347 return Py_BuildValue("K", caps.bcaps & PL_INSECURE_BCAPS);
351 vserver_bcaps2text(PyObject *self, PyObject *args)
353 struct vc_ctx_caps caps = { .bcaps = 0 };
357 if (!PyArg_ParseTuple(args, "K", &caps.bcaps))
360 list = PyString_FromString("");
362 while ((cap = vc_lobcap2text(&caps.bcaps)) != NULL) {
365 PyString_ConcatAndDel(&list, PyString_FromFormat(
366 (PyString_Size(list) > 0 ? ",CAP_%s" : "CAP_%s" ),
374 vserver_set_ccaps(PyObject *self, PyObject *args)
377 struct vc_ctx_caps caps;
379 if (!PyArg_ParseTuple(args, "IK", &ctx, &caps.ccaps))
382 caps.cmask = PL_INSECURE_CCAPS;
383 caps.bmask = caps.bcaps = 0;
384 if (vc_set_ccaps(ctx, &caps) == -1 && errno != ESRCH)
385 return PyErr_SetFromErrno(PyExc_OSError);
391 vserver_text2ccaps(PyObject *self, PyObject *args)
393 struct vc_ctx_caps caps = { .ccaps = 0 };
396 struct vc_err_listparser err;
398 if (!PyArg_ParseTuple(args, "s#", &list, &len))
401 vc_list2ccap(list, len, &err, &caps);
403 return Py_BuildValue("K", caps.ccaps);
407 vserver_get_ccaps(PyObject *self, PyObject *args)
410 struct vc_ctx_caps caps;
412 if (!PyArg_ParseTuple(args, "I", &ctx))
415 if (vc_get_ccaps(ctx, &caps) == -1) {
417 return PyErr_SetFromErrno(PyExc_OSError);
422 return Py_BuildValue("K", caps.ccaps & PL_INSECURE_CCAPS);
426 vserver_ccaps2text(PyObject *self, PyObject *args)
428 struct vc_ctx_caps caps = { .ccaps = 0 };
432 if (!PyArg_ParseTuple(args, "K", &caps.ccaps))
435 list = PyString_FromString("");
437 while ((cap = vc_loccap2text(&caps.ccaps)) != NULL) {
440 PyString_ConcatAndDel(&list, PyString_FromFormat(
441 (PyString_Size(list) > 0 ? ",%s" : "%s" ),
449 convert_address(const char *str, struct vc_net_addr *addr)
452 if (inet_pton(AF_INET6, str, addr->vna_v6_ip.s6_addr) > 0) {
453 addr->vna_type = VC_NXA_TYPE_IPV6;
456 else if (inet_pton(AF_INET, str, &addr->vna_v4_ip.s_addr) > 0) {
457 addr->vna_type = VC_NXA_TYPE_IPV4;
464 mask_to_prefix(void *data, int limit)
466 uint8_t *mask = data;
468 for (prefix = 0; prefix < limit && mask[prefix >> 3] & (1 << (prefix & 0x07)); prefix++)
474 get_mask(struct vc_net_addr *addr)
476 struct ifaddrs *head, *ifa;
478 int family, offset, len;
481 switch (addr->vna_type) {
482 case VC_NXA_TYPE_IPV4:
484 offset = offsetof(struct sockaddr_in, sin_addr.s_addr);
485 ip = &addr->vna_v4_ip.s_addr;
487 addr->vna_v4_mask.s_addr = htonl(0xffffff00);
488 addr->vna_prefix = 24;
490 case VC_NXA_TYPE_IPV6:
492 offset = offsetof(struct sockaddr_in6, sin6_addr.s6_addr);
493 ip = addr->vna_v6_ip.s6_addr;
495 addr->vna_v6_mask.s6_addr32[9] = addr->vna_v6_mask.s6_addr32[1] = 0xffffffff;
496 addr->vna_v6_mask.s6_addr32[2] = addr->vna_v6_mask.s6_addr32[3] = 0x00000000;
497 addr->vna_prefix = 64;
504 if (getifaddrs(&head) == -1)
506 for (ifa = head; ifa; ifa = ifa->ifa_next) {
507 if (ifa->ifa_addr->sa_family == family &&
508 memcmp((char *) ifa->ifa_addr + offset, ip, len) == 0) {
509 switch (addr->vna_type) {
510 case VC_NXA_TYPE_IPV4:
511 memcpy(&addr->vna_v4_mask.s_addr, ifa->ifa_netmask + offset, len);
512 addr->vna_prefix = mask_to_prefix(&addr->vna_v4_mask.s_addr, 32);
514 case VC_NXA_TYPE_IPV6:
515 memcpy(addr->vna_v6_mask.s6_addr, ifa->ifa_netmask + offset, len);
516 addr->vna_prefix = mask_to_prefix(addr->vna_v6_mask.s6_addr, 128);
527 /* XXX These two functions are really similar */
529 vserver_net_add(PyObject *self, PyObject *args)
531 struct vc_net_addr addr = { .vna_type = 0 };
535 if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
538 /* Optimize standard case, which also needs to be handled differently */
539 if (strcmp(ip, "0.0.0.0") == 0) {
540 addr.vna_type = VC_NXA_TYPE_MASK | VC_NXA_TYPE_IPV4;
544 addr.vna_v4_mask.s_addr = 0;
545 addr.vna_v4_ip.s_addr = 0;
548 if (convert_address(ip, &addr) == -1)
549 return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
551 switch (get_mask(&addr)) {
553 return PyErr_SetFromErrno(PyExc_OSError);
555 /* XXX error here? */
558 addr.vna_type |= VC_NXA_TYPE_ADDR;
561 if (vc_net_add(nid, &addr) == -1 && errno != ESRCH)
562 return PyErr_SetFromErrno(PyExc_OSError);
568 vserver_net_remove(PyObject *self, PyObject *args)
570 struct vc_net_addr addr;
574 if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
577 if (strcmp(ip, "all") == 0)
578 addr.vna_type = VC_NXA_TYPE_ANY;
579 else if (strcmp(ip, "all4") == 0)
580 addr.vna_type = VC_NXA_TYPE_IPV4 | VC_NXA_TYPE_ANY;
581 else if (strcmp(ip, "all6") == 0)
582 addr.vna_type = VC_NXA_TYPE_IPV6 | VC_NXA_TYPE_ANY;
584 if (convert_address(ip, &addr) == -1)
585 return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
587 switch (get_mask(&addr)) {
589 return PyErr_SetFromErrno(PyExc_OSError);
592 addr.vna_type |= VC_NXA_TYPE_ADDR;
595 if (vc_net_remove(nid, &addr) == -1 && errno != ESRCH)
596 return PyErr_SetFromErrno(PyExc_OSError);
611 if (fchdir(fd) == -1 || chroot(".") == -1)
617 restore_dirs(struct secure_dirs *dirs)
619 if (dirs->host_fd != -1) {
620 if (fchroot(dirs->host_fd) == -1)
622 if (close(dirs->host_fd) == -1)
625 if (dirs->guest_fd != -1) {
626 if (close(dirs->guest_fd) == -1)
629 if (dirs->target_fd != -1) {
630 if (close(dirs->target_fd) == -1)
633 if (dirs->cwd_fd != -1) {
634 if (fchdir(dirs->cwd_fd) == -1)
636 if (close(dirs->cwd_fd) == -1)
643 secure_chdir(struct secure_dirs *dirs, const char *guest, const char *target)
645 dirs->host_fd = dirs->cwd_fd = dirs->guest_fd = dirs->target_fd = -1;
647 dirs->host_fd = open("/", O_RDONLY|O_DIRECTORY);
648 if (dirs->host_fd == -1)
651 dirs->cwd_fd = open(".", O_RDONLY|O_DIRECTORY);
652 if (dirs->cwd_fd == -1)
655 dirs->guest_fd = open(guest, O_RDONLY|O_DIRECTORY);
656 if (dirs->guest_fd == -1)
658 if (fchroot(dirs->guest_fd) == -1)
661 dirs->target_fd = open(target, O_RDONLY|O_DIRECTORY);
662 if (dirs->target_fd == -1)
665 if (fchroot(dirs->host_fd) == -1 || close(dirs->host_fd) == -1)
668 if (close(dirs->guest_fd) == -1)
672 if (fchdir(dirs->target_fd) == -1 || close(dirs->target_fd) == -1)
679 vserver_mount(PyObject *self, PyObject *args)
681 const char *guest, *target, *source, *type, *data = NULL;
682 unsigned long flags = 0;
683 struct secure_dirs dirs;
685 if (!PyArg_ParseTuple(args, "ssss|ks", &source, &guest, &target, &type,
689 if (secure_chdir(&dirs, guest, target) == -1)
691 if (mount(source, ".", type, flags, data) == -1 && errno != EBUSY)
699 return PyErr_SetFromErrno(PyExc_OSError);
703 vserver_umount(PyObject *self, PyObject *args)
705 const char *guest, *target;
710 if (!PyArg_ParseTuple(args, "ss|i", &guest, &target, &flags))
713 path = calloc(strlen(guest) + strlen(target) + 2, sizeof(char));
714 sprintf(path, "%s/%s", guest, target);
715 if (umount2(path, flags) == -1)
716 ret = PyErr_SetFromErrno(PyExc_OSError);
725 vserver_set_runlevel(PyObject *self, PyObject *args)
731 if (!PyArg_ParseTuple(args, "si", &file, &runlevel))
736 memset(&ut, 0, sizeof(ut));
737 ut.ut_type = RUN_LVL;
738 ut.ut_pid = ('#' << 8) + runlevel + '0';
746 vserver_set_name(PyObject *self, PyObject *args)
751 if (!PyArg_ParseTuple(args, "II", &ctx, &slice_id))
754 if (vc_set_vhi_name(ctx, vcVHI_CONTEXT, (char *)&slice_id, sizeof(slice_id)) != 0 && errno != ESRCH) {
755 return PyErr_SetFromErrno(PyExc_OSError);
762 vserver_get_name(PyObject *self, PyObject *args)
767 if (!PyArg_ParseTuple(args, "I", &ctx))
770 if (vc_get_vhi_name(ctx, vcVHI_CONTEXT, (char *)&slice_id, sizeof(slice_id)) != 0) {
771 ret = PyErr_SetFromErrno(PyExc_OSError);
773 ret = Py_BuildValue("i", slice_id);
778 static PyMethodDef methods[] = {
779 { "chcontext", vserver_chcontext, METH_VARARGS,
780 "chcontext to vserver with provided flags" },
781 { "setup_done", vserver_setup_done, METH_VARARGS,
782 "Release vserver setup lock" },
783 { "setsched", vserver_setsched, METH_VARARGS,
784 "Change vserver scheduling attributes for given vserver context" },
785 { "setdlimit", vserver_set_dlimit, METH_VARARGS,
786 "Set disk limits for given vserver context" },
787 { "unsetdlimit", vserver_unset_dlimit, METH_VARARGS,
788 "Remove disk limits for given vserver context" },
789 { "getdlimit", vserver_get_dlimit, METH_VARARGS,
790 "Get disk limits for given vserver context" },
791 { "setrlimit", vserver_set_rlimit, METH_VARARGS,
792 "Set resource limits for given resource of a vserver context" },
793 { "getrlimit", vserver_get_rlimit, METH_VARARGS,
794 "Get resource limits for given resource of a vserver context" },
795 { "killall", vserver_killall, METH_VARARGS,
796 "Send signal to all processes in vserver context" },
797 { "isrunning", vserver_isrunning, METH_VARARGS,
798 "Check if vserver is running"},
799 { "setbcaps", vserver_set_bcaps, METH_VARARGS,
800 "Set POSIX capabilities of a vserver context" },
801 { "getbcaps", vserver_get_bcaps, METH_VARARGS,
802 "Get POSIX capabilities of a vserver context" },
803 { "text2bcaps", vserver_text2bcaps, METH_VARARGS,
804 "Translate a string of capabilities to a bitmap" },
805 { "bcaps2text", vserver_bcaps2text, METH_VARARGS,
806 "Translate a capability-bitmap into a string" },
807 { "setccaps", vserver_set_ccaps, METH_VARARGS,
808 "Set context capabilities of a vserver context" },
809 { "getccaps", vserver_get_ccaps, METH_VARARGS,
810 "Get context capabilities of a vserver context" },
811 { "text2ccaps", vserver_text2ccaps, METH_VARARGS,
812 "Translate a string of context capabilities to a bitmap" },
813 { "ccaps2text", vserver_ccaps2text, METH_VARARGS,
814 "Translate a context-capability-bitmap into a string" },
815 { "netadd", vserver_net_add, METH_VARARGS,
816 "Assign an IP address to a context" },
817 { "netremove", vserver_net_remove, METH_VARARGS,
818 "Remove IP address(es) from a context" },
819 { "mount", vserver_mount, METH_VARARGS,
820 "Perform the mount() system call" },
821 { "umount", vserver_umount, METH_VARARGS,
822 "Perform the umount2() system call" },
823 { "setrunlevel", vserver_set_runlevel, METH_VARARGS,
824 "Set the runlevel in utmp" },
825 { "setname", vserver_set_name, METH_VARARGS,
826 "Set the vcVHI_CONTEXT for a xid." },
827 { "getname", vserver_get_name, METH_VARARGS,
828 "Get the vcVHI_CONTEXT for a xid." },
829 { NULL, NULL, 0, NULL }
833 initvserverimpl(void)
837 mod = Py_InitModule("vserverimpl", methods);
839 /* export the set of 'safe' capabilities */
840 PyModule_AddIntConstant(mod, "CAP_SAFE", ~vc_get_insecurebcaps());
842 /* export the default vserver directory */
843 PyModule_AddStringConstant(mod, "VSERVER_BASEDIR", DEFAULT_VSERVERDIR);
845 /* export limit-related constants */
846 PyModule_AddIntConstant(mod, "DLIMIT_KEEP", (int)VC_CDLIM_KEEP);
847 PyModule_AddIntConstant(mod, "DLIMIT_INF", (int)VC_CDLIM_INFINITY);
848 PyModule_AddIntConstant(mod, "VC_LIM_KEEP", (int)VC_LIM_KEEP);
850 PyModule_AddIntConstant(mod, "RLIMIT_CPU", (int)RLIMIT_CPU);
851 PyModule_AddIntConstant(mod, "RLIMIT_RSS", (int)RLIMIT_RSS);
852 PyModule_AddIntConstant(mod, "RLIMIT_NPROC", (int)RLIMIT_NPROC);
853 PyModule_AddIntConstant(mod, "RLIMIT_NOFILE", (int)RLIMIT_NOFILE);
854 PyModule_AddIntConstant(mod, "RLIMIT_MEMLOCK", (int)RLIMIT_MEMLOCK);
855 PyModule_AddIntConstant(mod, "RLIMIT_AS", (int)RLIMIT_AS);
856 PyModule_AddIntConstant(mod, "RLIMIT_LOCKS", (int)RLIMIT_LOCKS);
858 PyModule_AddIntConstant(mod, "RLIMIT_SIGPENDING", (int)RLIMIT_SIGPENDING);
859 PyModule_AddIntConstant(mod, "RLIMIT_MSGQUEUE", (int)RLIMIT_MSGQUEUE);
861 PyModule_AddIntConstant(mod, "VLIMIT_NSOCK", (int)VC_VLIMIT_NSOCK);
862 PyModule_AddIntConstant(mod, "VLIMIT_OPENFD", (int)VC_VLIMIT_OPENFD);
863 PyModule_AddIntConstant(mod, "VLIMIT_ANON", (int)VC_VLIMIT_ANON);
864 PyModule_AddIntConstant(mod, "VLIMIT_SHMEM", (int)VC_VLIMIT_SHMEM);