1 /* Copyright 2005 Princeton University
3 Redistribution and use in source and binary forms, with or without
4 modification, are permitted provided that the following conditions
7 * Redistributions of source code must retain the above copyright
8 notice, this list of conditions and the following disclaimer.
10 * Redistributions in binary form must reproduce the above
11 copyright notice, this list of conditions and the following
12 disclaimer in the documentation and/or other materials provided
13 with the distribution.
15 * Neither the name of the copyright holder nor the names of its
16 contributors may be used to endorse or promote products derived
17 from this software without specific prior written permission.
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
22 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL PRINCETON
23 UNIVERSITY OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
24 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
25 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
26 OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
27 AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
29 WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30 POSSIBILITY OF SUCH DAMAGE.
38 #include <sys/resource.h>
39 #include <sys/types.h>
42 #include <sys/socket.h>
43 #include <arpa/inet.h>
48 #include "pathconfig.h"
51 #include "planetlab.h"
52 #include "vserver-internal.h"
54 #define NONE ({ Py_INCREF(Py_None); Py_None; })
60 vserver_chcontext(PyObject *self, PyObject *args)
64 uint_least64_t bcaps = 0;
66 if (!PyArg_ParseTuple(args, "I|K", &ctx, &bcaps))
68 bcaps |= ~vc_get_insecurebcaps();
70 if ((ctx_is_new = pl_chcontext(ctx, bcaps, 0)) < 0)
71 return PyErr_SetFromErrno(PyExc_OSError);
73 return PyBool_FromLong(ctx_is_new);
77 vserver_setup_done(PyObject *self, PyObject *args)
81 if (!PyArg_ParseTuple(args, "I", &ctx))
84 if (pl_setup_done(ctx) < 0)
85 return PyErr_SetFromErrno(PyExc_OSError);
91 vserver_isrunning(PyObject *self, PyObject *args)
98 if (!PyArg_ParseTuple(args, "I", &ctx))
101 sprintf(fname,"/proc/virtual/%d", ctx);
103 if(stat(&fname[0],&statbuf)==0)
104 ret = PyBool_FromLong(1);
106 ret = PyBool_FromLong(0);
112 __vserver_get_rlimit(xid_t xid, int resource) {
113 struct vc_rlimit limits;
117 if (vc_get_rlimit(xid, resource, &limits)==-1)
118 ret = PyErr_SetFromErrno(PyExc_OSError);
120 ret = Py_BuildValue("LLL",limits.hard, limits.soft, limits.min);
126 vserver_get_rlimit(PyObject *self, PyObject *args) {
131 if (!PyArg_ParseTuple(args, "Ii", &xid, &resource))
134 ret = __vserver_get_rlimit(xid, resource);
140 vserver_set_rlimit(PyObject *self, PyObject *args) {
141 struct vc_rlimit limits;
144 int resource, lresource;
147 limits.min = VC_LIM_KEEP;
148 limits.soft = VC_LIM_KEEP;
149 limits.hard = VC_LIM_KEEP;
151 if (!PyArg_ParseTuple(args, "IiLLL", &xid, &resource, &limits.hard, &limits.soft, &limits.min))
154 lresource = resource;
156 case VC_VLIMIT_NSOCK:
158 case VC_VLIMIT_SHMEM:
159 goto do_vc_set_rlimit;
160 case VC_VLIMIT_OPENFD:
161 lresource = RLIMIT_NOFILE;
167 getrlimit(lresource,&lim);
168 if (adjust_lim(&limits,&lim)) {
169 setrlimit(lresource, &lim);
174 if (vc_set_rlimit(xid, resource, &limits)==-1)
175 ret = PyErr_SetFromErrno(PyExc_OSError);
177 ret = __vserver_get_rlimit(xid, resource);
186 vserver_setsched(PyObject *self, PyObject *args)
190 uint32_t cpu_sched_flags = VC_VXF_SCHED_FLAGS;
192 if (!PyArg_ParseTuple(args, "II|I", &ctx, &cpu_share, &cpu_sched_flags))
195 /* ESRCH indicates that there are no processes in the context */
196 if (pl_setsched(ctx, cpu_share, cpu_sched_flags) &&
198 return PyErr_SetFromErrno(PyExc_OSError);
204 vserver_get_dlimit(PyObject *self, PyObject *args)
209 struct vc_ctx_dlimit data;
212 if (!PyArg_ParseTuple(args, "si", &path,&xid))
215 memset(&data, 0, sizeof(data));
216 r = vc_get_dlimit(path, xid, 0, &data);
218 res = Py_BuildValue("(i,i,i,i,i)",
225 res = PyErr_SetFromErrno(PyExc_OSError);
233 vserver_set_dlimit(PyObject *self, PyObject *args)
237 struct vc_ctx_dlimit data;
239 memset(&data,0,sizeof(data));
240 if (!PyArg_ParseTuple(args, "siiiiii", &path,
249 if ((vc_add_dlimit(path, xid, 0) && errno != EEXIST) ||
250 vc_set_dlimit(path, xid, 0, &data))
251 return PyErr_SetFromErrno(PyExc_OSError);
257 vserver_unset_dlimit(PyObject *self, PyObject *args)
262 if (!PyArg_ParseTuple(args, "si", &path, &xid))
265 if (vc_rem_dlimit(path, xid, 0) && errno != ESRCH)
266 return PyErr_SetFromErrno(PyExc_OSError);
272 vserver_killall(PyObject *self, PyObject *args)
276 struct vc_ctx_flags cflags = {
278 .mask = VC_VXF_PERSISTENT
280 struct vc_net_flags nflags = {
282 .mask = VC_NXF_PERSISTENT
285 if (!PyArg_ParseTuple(args, "Ii", &ctx, &sig))
288 if (vc_ctx_kill(ctx, 0, sig) && errno != ESRCH)
289 return PyErr_SetFromErrno(PyExc_OSError);
291 if (vc_set_cflags(ctx, &cflags) && errno != ESRCH)
292 return PyErr_SetFromErrno(PyExc_OSError);
294 if (vc_set_nflags(ctx, &nflags) && errno != ESRCH)
295 return PyErr_SetFromErrno(PyExc_OSError);
301 vserver_set_bcaps(PyObject *self, PyObject *args)
304 struct vc_ctx_caps caps;
306 if (!PyArg_ParseTuple(args, "IK", &ctx, &caps.bcaps))
309 caps.bmask = vc_get_insecurebcaps();
310 caps.cmask = caps.ccaps = 0;
311 if (vc_set_ccaps(ctx, &caps) == -1 && errno != ESRCH)
312 return PyErr_SetFromErrno(PyExc_OSError);
318 vserver_text2bcaps(PyObject *self, PyObject *args)
320 struct vc_ctx_caps caps = { .bcaps = 0 };
323 struct vc_err_listparser err;
325 if (!PyArg_ParseTuple(args, "s#", &list, &len))
328 vc_list2bcap(list, len, &err, &caps);
330 return Py_BuildValue("K", caps.bcaps);
334 vserver_get_bcaps(PyObject *self, PyObject *args)
337 struct vc_ctx_caps caps;
339 if (!PyArg_ParseTuple(args, "I", &ctx))
342 if (vc_get_ccaps(ctx, &caps) == -1) {
344 return PyErr_SetFromErrno(PyExc_OSError);
349 return Py_BuildValue("K", caps.bcaps & vc_get_insecurebcaps());
353 vserver_bcaps2text(PyObject *self, PyObject *args)
355 struct vc_ctx_caps caps = { .bcaps = 0 };
359 if (!PyArg_ParseTuple(args, "K", &caps.bcaps))
362 list = PyString_FromString("");
364 while ((cap = vc_lobcap2text(&caps.bcaps)) != NULL) {
367 PyString_ConcatAndDel(&list, PyString_FromFormat(
368 (PyString_Size(list) > 0 ? ",CAP_%s" : "CAP_%s" ),
375 static const struct AF_to_vcNET {
377 vc_net_nx_type vc_net;
381 { AF_INET, vcNET_IPV4, sizeof(struct in_addr), offsetof(struct sockaddr_in, sin_addr.s_addr) },
382 { AF_INET6, vcNET_IPV6, sizeof(struct in6_addr), offsetof(struct sockaddr_in6, sin6_addr.s6_addr) },
387 convert_address(const char *str, vc_net_nx_type *type, void *dst)
389 const struct AF_to_vcNET *i;
390 for (i = converter; i->af; i++) {
391 if (inet_pton(i->af, str, dst)) {
400 get_mask(struct vc_net_nx *addr)
402 const struct AF_to_vcNET *i;
403 struct ifaddrs *head, *ifa;
406 for (i = converter; i->af; i++) {
407 if (i->vc_net == addr->type)
415 if (getifaddrs(&head) == -1)
417 for (ifa = head; ifa; ifa = ifa->ifa_next) {
418 if (ifa->ifa_addr->sa_family == i->af &&
419 memcmp((char *) ifa->ifa_addr + i->offset, addr->ip, i->len) == 0) {
420 switch (addr->type) {
422 memcpy(&addr->mask[0], ifa->ifa_netmask + i->offset, i->len);
425 uint32_t *m = ((struct sockaddr_in6 *) ifa->ifa_netmask)->sin6_addr.s6_addr32;
426 /* optimization for the common case */
427 if ((m[1] & 1) == 1 && (m[2] & 0x80000000) == 0)
431 while (m[addr->mask[0] / 32] & (addr->mask[0] % 32))
440 /* no match, use a default */
442 switch (addr->type) {
443 case vcNET_IPV4: addr->mask[0] = htonl(0xffffff00); break;
444 case vcNET_IPV6: addr->mask[0] = 64; break;
445 default: addr->mask[0] = 0; break;
452 /* XXX These two functions are really similar */
454 vserver_net_add(PyObject *self, PyObject *args)
456 struct vc_net_nx addr;
460 if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
463 if (convert_address(ip, &addr.type, &addr.ip) == -1)
464 return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
466 switch (get_mask(&addr)) {
468 return PyErr_SetFromErrno(PyExc_OSError);
470 /* XXX error here? */
475 if (vc_net_add(nid, &addr) == -1 && errno != ESRCH)
476 return PyErr_SetFromErrno(PyExc_OSError);
482 vserver_net_remove(PyObject *self, PyObject *args)
484 struct vc_net_nx addr;
488 if (!PyArg_ParseTuple(args, "Is", &nid, &ip))
491 if (strcmp(ip, "all") == 0)
492 addr.type = vcNET_ANY;
493 else if (strcmp(ip, "all4") == 0)
494 addr.type = vcNET_IPV4A;
495 else if (strcmp(ip, "all6") == 0)
496 addr.type = vcNET_IPV6A;
498 if (convert_address(ip, &addr.type, &addr.ip) == -1)
499 return PyErr_Format(PyExc_ValueError, "%s is not a valid IP address", ip);
501 switch (get_mask(&addr)) {
503 return PyErr_SetFromErrno(PyExc_OSError);
507 if (vc_net_remove(nid, &addr) == -1 && errno != ESRCH)
508 return PyErr_SetFromErrno(PyExc_OSError);
513 static PyMethodDef methods[] = {
514 { "chcontext", vserver_chcontext, METH_VARARGS,
515 "chcontext to vserver with provided flags" },
516 { "setup_done", vserver_setup_done, METH_VARARGS,
517 "Release vserver setup lock" },
518 { "setsched", vserver_setsched, METH_VARARGS,
519 "Change vserver scheduling attributes for given vserver context" },
520 { "setdlimit", vserver_set_dlimit, METH_VARARGS,
521 "Set disk limits for given vserver context" },
522 { "unsetdlimit", vserver_unset_dlimit, METH_VARARGS,
523 "Remove disk limits for given vserver context" },
524 { "getdlimit", vserver_get_dlimit, METH_VARARGS,
525 "Get disk limits for given vserver context" },
526 { "setrlimit", vserver_set_rlimit, METH_VARARGS,
527 "Set resource limits for given resource of a vserver context" },
528 { "getrlimit", vserver_get_rlimit, METH_VARARGS,
529 "Get resource limits for given resource of a vserver context" },
530 { "killall", vserver_killall, METH_VARARGS,
531 "Send signal to all processes in vserver context" },
532 { "isrunning", vserver_isrunning, METH_VARARGS,
533 "Check if vserver is running"},
534 { "setbcaps", vserver_set_bcaps, METH_VARARGS,
535 "Set POSIX capabilities of a vserver context" },
536 { "getbcaps", vserver_get_bcaps, METH_VARARGS,
537 "Get POSIX capabilities of a vserver context" },
538 { "text2bcaps", vserver_text2bcaps, METH_VARARGS,
539 "Translate a string of capabilities to a bitmap" },
540 { "bcaps2text", vserver_bcaps2text, METH_VARARGS,
541 "Translate a capability-bitmap into a string" },
542 { "netadd", vserver_net_add, METH_VARARGS,
543 "Assign an IP address to a context" },
544 { "netremove", vserver_net_remove, METH_VARARGS,
545 "Remove IP address(es) from a context" },
546 { NULL, NULL, 0, NULL }
550 initvserverimpl(void)
554 mod = Py_InitModule("vserverimpl", methods);
556 /* export the set of 'safe' capabilities */
557 PyModule_AddIntConstant(mod, "CAP_SAFE", ~vc_get_insecurebcaps());
559 /* export the default vserver directory */
560 PyModule_AddStringConstant(mod, "VSERVER_BASEDIR", DEFAULT_VSERVERDIR);
562 /* export limit-related constants */
563 PyModule_AddIntConstant(mod, "DLIMIT_KEEP", (int)VC_CDLIM_KEEP);
564 PyModule_AddIntConstant(mod, "DLIMIT_INF", (int)VC_CDLIM_INFINITY);
565 PyModule_AddIntConstant(mod, "VC_LIM_KEEP", (int)VC_LIM_KEEP);
567 PyModule_AddIntConstant(mod, "RLIMIT_CPU", (int)RLIMIT_CPU);
568 PyModule_AddIntConstant(mod, "RLIMIT_RSS", (int)RLIMIT_RSS);
569 PyModule_AddIntConstant(mod, "RLIMIT_NPROC", (int)RLIMIT_NPROC);
570 PyModule_AddIntConstant(mod, "RLIMIT_NOFILE", (int)RLIMIT_NOFILE);
571 PyModule_AddIntConstant(mod, "RLIMIT_MEMLOCK", (int)RLIMIT_MEMLOCK);
572 PyModule_AddIntConstant(mod, "RLIMIT_AS", (int)RLIMIT_AS);
573 PyModule_AddIntConstant(mod, "RLIMIT_LOCKS", (int)RLIMIT_LOCKS);
575 PyModule_AddIntConstant(mod, "RLIMIT_SIGPENDING", (int)RLIMIT_SIGPENDING);
576 PyModule_AddIntConstant(mod, "RLIMIT_MSGQUEUE", (int)RLIMIT_MSGQUEUE);
578 PyModule_AddIntConstant(mod, "VLIMIT_NSOCK", (int)VC_VLIMIT_NSOCK);
579 PyModule_AddIntConstant(mod, "VLIMIT_OPENFD", (int)VC_VLIMIT_OPENFD);
580 PyModule_AddIntConstant(mod, "VLIMIT_ANON", (int)VC_VLIMIT_ANON);
581 PyModule_AddIntConstant(mod, "VLIMIT_SHMEM", (int)VC_VLIMIT_SHMEM);
583 /* scheduler flags */
584 PyModule_AddIntConstant(mod,
585 "VS_SCHED_CPU_GUARANTEED",
586 VS_SCHED_CPU_GUARANTEED);