Skip to content

Commit

Permalink
[workspacekit] Refactor lift command
Browse files Browse the repository at this point in the history
  • Loading branch information
@aledbf
aledbf committed May 18, 2021
1 parent 154960b commit 04dae3f
Show file tree
Hide file tree
Showing 3 changed files with 52 additions and 20 deletions.
6 changes: 3 additions & 3 deletions components/workspacekit/cmd/rings.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,11 +119,11 @@ var ring0Cmd = &cobra.Command{
for {
sig := <-sigc
if sig != unix.SIGTERM {
cmd.Process.Signal(sig)
_ = cmd.Process.Signal(sig)
continue
}

cmd.Process.Signal(unix.SIGTERM)
_ = cmd.Process.Signal(unix.SIGTERM)
time.Sleep(ring1ShutdownTimeout)
if cmd.Process == nil {
return
Expand Down Expand Up @@ -216,7 +216,7 @@ var ring1Cmd = &cobra.Command{
// (cw) I have been able to reproduce this issue without newuidmap/newgidmap.
// See https://gist.github.com/csweichel/3fc9d4b0752367d4a436f969c8685c06
runtime.LockOSThread()
unix.Prctl(unix.PR_SET_PDEATHSIG, uintptr(unix.SIGKILL), 0, 0, 0)
_ = unix.Prctl(unix.PR_SET_PDEATHSIG, uintptr(unix.SIGKILL), 0, 0, 0)
runtime.UnlockOSThread()

ring2Root, err := os.MkdirTemp("", "supervisor")
Expand Down
64 changes: 48 additions & 16 deletions components/workspacekit/pkg/lift/lift.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,13 @@ func ServeLift(socket string) error {
if err != nil {
return err
}
defer skt.Close()

defer func() {
err := skt.Close()
if err != nil {
log.WithError(err).Error("unexpected error closing listener")
}
}()

for {
conn, err := skt.Accept()
Expand All @@ -59,11 +65,21 @@ func serveLiftClient(conn net.Conn) error {
if err != nil {
return err
}
defer f.Close()
connfd := int(f.Fd())

defer func() {
err := f.Close()
if err != nil {
log.WithError(err).Error("unexpected error closing connection")
}

err = conn.Close()
if err != nil {
log.WithError(err).Error("unexpected error closing connection")
}
}()

buf := make([]byte, unix.CmsgSpace(3*4)) // we expect 3 FDs
_, _, _, _, err = unix.Recvmsg(connfd, nil, buf, 0)
_, _, _, _, err = unix.Recvmsg(int(f.Fd()), nil, buf, 0)
if err != nil {
return err
}
Expand All @@ -72,21 +88,20 @@ func serveLiftClient(conn net.Conn) error {
if err != nil {
return err
}

if len(msgs) != 1 {
return fmt.Errorf("expected a single socket control message")
}

fds, err := unix.ParseUnixRights(&msgs[0])
if err != nil {
return err
}

if len(fds) != 3 {
return fmt.Errorf("expected three file descriptors")
}

soutW := os.NewFile(uintptr(fds[0]), "stdout")
serrW := os.NewFile(uintptr(fds[1]), "stderr")
sinR := os.NewFile(uintptr(fds[2]), "stdin")

rd := bufio.NewReader(f)
line, err := rd.ReadBytes('\n')
if err != nil {
Expand All @@ -98,6 +113,7 @@ func serveLiftClient(conn net.Conn) error {
if err != nil {
return err
}

if len(msg.Command) == 0 {
return fmt.Errorf("expected non-empty command")
}
Expand All @@ -108,18 +124,26 @@ func serveLiftClient(conn net.Conn) error {
cmd.SysProcAttr = &unix.SysProcAttr{
Setpgid: true,
}
cmd.Stdout = soutW
cmd.Stderr = serrW
cmd.Stdin = sinR
cmd.Stdout = os.NewFile(uintptr(fds[0]), "stdout")
cmd.Stderr = os.NewFile(uintptr(fds[1]), "stderr")
cmd.Stdin = os.NewFile(uintptr(fds[2]), "stdin")

err = cmd.Start()
if err != nil {
return err
}

defer func() {
cmd.Process.Kill()
err := cmd.Process.Kill()
if err != nil && err.Error() != "os: process already finished" {
log.WithError(err).Error("unexpected error terminating process")
}
}()
cmd.Wait()

err = cmd.Wait()
if err != nil {
log.WithError(err).Error("unexpected error running process")
}

return nil
}
Expand All @@ -129,15 +153,21 @@ func RunCommand(socket string, command []string) error {
if err != nil {
return err
}

conn := rconn.(*net.UnixConn)
f, err := conn.File()
if err != nil {
return err
}
defer f.Close()
connfd := int(f.Fd())

err = unix.Sendmsg(connfd, nil, unix.UnixRights(int(os.Stdout.Fd()), int(os.Stderr.Fd()), int(os.Stdin.Fd())), nil, 0)
defer func() {
err := f.Close()
if err != nil {
log.WithError(err).Error("unexpected error closing lift connection")
}
}()

err = unix.Sendmsg(int(f.Fd()), nil, unix.UnixRights(int(os.Stdout.Fd()), int(os.Stderr.Fd()), int(os.Stdin.Fd())), nil, 0)
if err != nil {
return err
}
Expand All @@ -146,10 +176,12 @@ func RunCommand(socket string, command []string) error {
if err != nil {
return err
}

_, err = conn.Write(msg)
if err != nil {
return err
}

_, err = conn.Write([]byte{'\n'})
if err != nil {
return err
Expand Down
2 changes: 1 addition & 1 deletion components/workspacekit/pkg/seccomp/notify.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ func Handle(fd libseccomp.ScmpFd, handler SyscallHandler) (stop chan<- struct{},
// if we're asked stop we might still have to answer a syscall.
// We do this on a best effort basis answering with EPERM.
if err != nil {
libseccomp.NotifRespond(fd, &libseccomp.ScmpNotifResp{
_ = libseccomp.NotifRespond(fd, &libseccomp.ScmpNotifResp{
ID: req.ID,
Error: 1,
Val: 0,
Expand Down

0 comments on commit 04dae3f

Please sign in to comment.