new_gate/ms-runner
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

prettify code

Browse source
This commit is contained in:
dragonmuffin 2024-09-23 22:52:43 +05:00
parent f4c7536a84
commit 8d9687f76f
2 changed files with 54 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
starter/ns_exec.c
View file

@ -12,14 +12,14 @@ static void procfs_prepare()
#define put_old "oldfs" #define put_old "oldfs"
void mnt_prepare(char* rootfs, char* shared_mountpoint) { void mnt_prepare(char* rootfs, char* shared_mountpoint) {
char* shared_folder=NULL; char* shared_folder = NULL;
asprintf(&shared_folder,"../%s",shared_mountpoint); asprintf(&shared_folder, "../%s", shared_mountpoint);
if (mount(rootfs,rootfs,"ext4",MS_BIND,"")) die("failed to mount %s: %m", rootfs); if (mount(rootfs, rootfs, "ext4", MS_BIND,"")) die("failed to mount %s: %m", rootfs);
if (chdir(rootfs)) die("falied to cd:%m"); if (chdir(rootfs)) die("falied to cd:%m");
//if (mount("/sys","sys","sysfs",0,"")) die("failed to mount sysfs: %m"); //if (mount("/sys","sys","sysfs",0,"")) die("failed to mount sysfs: %m");
//if (mount("/dev","dev","udev",0,"")) die("failed to mount: %m"); //if (mount("/dev","dev","udev",0,"")) die("failed to mount: %m");
if (mkdir("shared", 0777) && errno != EEXIST) die("Failed to mkdir %s: %m\n", shared_mountpoint); if (mkdir("shared", 0777) && errno != EEXIST) die("Failed to mkdir %s: %m\n", shared_mountpoint);
if (mount(shared_folder,"shared","ext4",MS_BIND,"")) die("failed to mount shared folder: %m"); if (mount(shared_folder, "shared", "ext4", MS_BIND, "")) die("failed to mount shared folder: %m");
if (mkdir(put_old, 0000) && errno != EEXIST) die("Failed to mkdir %s: %m\n", put_old); if (mkdir(put_old, 0000) && errno != EEXIST) die("Failed to mkdir %s: %m\n", put_old);
if (syscall(SYS_pivot_root, ".", put_old)) die("Failed to pivot_root from %s to %s: %m\n", rootfs, put_old); if (syscall(SYS_pivot_root, ".", put_old)) die("Failed to pivot_root from %s to %s: %m\n", rootfs, put_old);
if (chdir("/")) die("Failed to chdir to new root: %m\n"); if (chdir("/")) die("Failed to chdir to new root: %m\n");
@ -30,14 +30,12 @@ void mnt_prepare(char* rootfs, char* shared_mountpoint) {
} }
void ro_fs(char* shared_mountpoint) { void ro_fs(char* shared_mountpoint) {
char* shared_folder = malloc(strlen(shared_mountpoint)+4); char* shared_folder = malloc(strlen(shared_mountpoint)+4);
strcpy(shared_folder,"../"); strcpy(shared_folder, "../");
strcat(shared_folder,shared_mountpoint); strcat(shared_folder, shared_mountpoint);
if (mount("/","/","ext4",MS_REMOUNT | MS_RDONLY| MS_BIND,"")) die("failed to mount: %m"); if (mount("/", "/", "ext4", MS_REMOUNT | MS_RDONLY| MS_BIND, "")) die("failed to mount: %m");
if (mount(shared_mountpoint,"shared","ext4",MS_REMOUNT | MS_BIND,"")) die("failed to mount: %m"); if (mount(shared_mountpoint, "shared", "ext4", MS_REMOUNT | MS_BIND, "")) die("failed to mount: %m");
free(shared_folder); free(shared_folder);
} }
//#undef shared_mountpoint
//#undef shared_folder
#undef put_old #undef put_old
void await_setup(int pipe) { // wait for signal from parent void await_setup(int pipe) { // wait for signal from parent
@ -51,20 +49,20 @@ static int nsrun(void* arg) {
struct params *params = (struct params*) arg; struct params *params = (struct params*) arg;
await_setup(params->fd[0]); await_setup(params->fd[0]);
char cwd[PATH_MAX]; char cwd[PATH_MAX];
if(getcwd(cwd,sizeof(cwd))==NULL) die("getcwd error: %m"); if(getcwd(cwd, sizeof(cwd))==NULL) die("getcwd error: %m");
if(chdir(params->shared_folder)) die("failed to chdir to shared folder: %m") if(chdir(params->shared_folder)) die("failed to chdir to shared folder: %m")
int out_fd=open("out",O_WRONLY|O_CREAT,0666); int out_fd = open("out", O_WRONLY | O_CREAT, 0666);
if(out_fd==-1) die("unable to open output file:%m") if(out_fd == -1) die("unable to open output file:%m")
else dup2(out_fd,STDOUT_FILENO); else dup2(out_fd, STDOUT_FILENO);
int in_fd=open("in",O_RDONLY|O_CREAT,0666); int in_fd = open("in", O_RDONLY | O_CREAT, 0666);
if(in_fd==-1) die("unable to open input file:%m") if(in_fd == -1) die("unable to open input file:%m")
else dup2(in_fd,STDIN_FILENO); else dup2(in_fd, STDIN_FILENO);
int err_fd=open("err",O_WRONLY|O_CREAT,0666); int err_fd = open("err", O_WRONLY | O_CREAT, 0666);
if(err_fd==-1) die("unable to open error file:%m") if(err_fd == -1) die("unable to open error file:%m")
else dup2(err_fd,STDERR_FILENO); else dup2(err_fd, STDERR_FILENO);
if(chdir(cwd)) die("failed to chdir: %m"); if(chdir(cwd)) die("failed to chdir: %m");
mnt_prepare("minrootfs",params->shared_folder); mnt_prepare("minrootfs", params->shared_folder);
sethostname(hostname,sizeof(hostname)); sethostname(hostname, sizeof(hostname));
ro_fs(params->shared_folder); ro_fs(params->shared_folder);
if(setgid(1000)) die("failed to setgid:%m"); if(setgid(1000)) die("failed to setgid:%m");
if(setuid(1000)) die("failed to setuid:%m"); if(setuid(1000)) die("failed to setuid:%m");
@ -75,6 +73,6 @@ static int nsrun(void* arg) {
"PWD=/", "PWD=/",
NULL, NULL,
}; };
if (execve(cmd,argv,env) == -1) die("failed to exec,%m"); if (execve(cmd, argv, env) == -1) die("failed to exec,%m");
return 1; return 1;// removes warning
} }

62
starter/starter.c
View file

@ -39,19 +39,18 @@ struct killparams{
#include "ns_exec.c" #include "ns_exec.c"
#include "cgroup_prepare.c" #include "cgroup_prepare.c"
//bool TL_achieve=false;
uint64_t time_start; uint64_t time_start;
//get time in milliseconds // get time in milliseconds
uint64_t getmstime() { uint64_t getmstime() {
struct timeval tm; struct timeval tm;
gettimeofday(&tm,NULL); gettimeofday(&tm, NULL);
return (uint64_t)tm.tv_sec*1000+(uint64_t)tm.tv_usec/1000; return (uint64_t) tm.tv_sec * 1000 + (uint64_t) tm.tv_usec / 1000;
} }
//time limit realisation // time limit realisation
static int killafter(void *arg) { static int killafter(void *arg) {
//die when parent dies // die when parent dies
if (prctl(PR_SET_PDEATHSIG, SIGKILL)) die("cannot PR_SET_PDEATHSIG for child process: %m\n"); if (prctl(PR_SET_PDEATHSIG, SIGKILL)) die("cannot PR_SET_PDEATHSIG for child process: %m\n");
struct killparams* params = (struct killparams*) arg; struct killparams* params = (struct killparams*) arg;
struct timespec tw = {params -> time / 1000, ((params->time) % 1000+5) * 1000000}; struct timespec tw = {params -> time / 1000, ((params->time) % 1000+5) * 1000000};
@ -65,7 +64,7 @@ static int killafter(void *arg) {
static char nmstack[STACK_SIZE]; static char nmstack[STACK_SIZE];
static char killstack[STACK_SIZE]; static char killstack[STACK_SIZE];
static void parse_args(int argc, char **argv, struct params *params,struct limits *limits){ static void parse_args(int argc, char **argv, struct params *params, struct limits *limits){
if (argc < 7) { if (argc < 7) {
puts("usage:\n starter <max processes number> <core_id> <memory_amount> <time limit in ms> <shared folder> <command, arg1,arg2,...>"); puts("usage:\n starter <max processes number> <core_id> <memory_amount> <time limit in ms> <shared folder> <command, arg1,arg2,...>");
exit(0); exit(0);
@ -85,18 +84,18 @@ static void parse_args(int argc, char **argv, struct params *params,struct limit
params->argv = argv; params->argv = argv;
} }
//setup user namespace // setup user namespace
static void prepare_userns(int pid) { static void prepare_userns(int pid) {
char path[100]; char path[100];
char line[100]; char line[100];
int uid = 0;//root int uid = 0;// root
int gid = 0;//root int gid = 0;// root
int unprivileged_uid = 66534;//nobody int unprivileged_uid = 66534;// nobody
int unprivileged_gid = 65534;//nogroup int unprivileged_gid = 65534;// nogroup
sprintf(path, "/proc/%d/uid_map", pid); sprintf(path, "/proc/%d/uid_map", pid);
sprintf(line, "0 %d 1\n1 %d 1000\n", uid, unprivileged_uid);//map root to uid 0,nobody to uid 1000 sprintf(line, "0 %d 1\n1 %d 1000\n", uid, unprivileged_uid);// map root to uid 0,nobody to unprivileged uid
write_file(path, line); write_file(path, line);
sprintf(path, "/proc/%d/setgroups", pid); sprintf(path, "/proc/%d/setgroups", pid);
@ -104,45 +103,48 @@ static void prepare_userns(int pid) {
write_file(path, line); write_file(path, line);
sprintf(path, "/proc/%d/gid_map", pid); sprintf(path, "/proc/%d/gid_map", pid);
sprintf(line, "0 %d 1\n1 %d 1000\n", gid, unprivileged_gid);//map root to gid 0,nogroup to gid 1000 sprintf(line, "0 %d 1\n1 %d 1000\n", gid, unprivileged_gid);// map root to gid 0,nogroup to unprivileged gid
write_file(path, line); write_file(path, line);
} }
static void get_real_path(char* path) {
if (realpath (argv[0], path) == 0) die("unable to resolve real path: %m");// get absolute path to executable
for(int i = strlen(path); i > 0 && path[i] != '/';i--) path[i]=0;// cut filename to get directory name
}
int main(int argc,char** argv) { int main(int argc,char** argv) {
if(setuid(0)) die("need to be run as root"); if(setuid(0)) die("must be run as root");
if(setgid(0)) die("need to be run as root"); if(setgid(0)) die("must be run as root");
//get binary folder // get binary path
char bin_path[PATH_MAX]; char real_path[PATH_MAX];
if (realpath (argv[0], bin_path) == 0) die("unable to resolve real path: %m");//get absolute path to executable get_real_path(real_path);
for(int i = strlen(bin_path); i > 0 && bin_path[i] != '/';i--) bin_path[i]=0;//cut filename to get directory name if(chdir(real_path)) die("unable to chdir to binary path: %m");
if(chdir(bin_path)) die("unable to chdir to binary path: %m"); // set random seed
//set random seed
srand(time(NULL)); srand(time(NULL));
//setup parameters // setup parameters
struct params params; struct params params;
memset(&params, 0, sizeof(struct params)); memset(&params, 0, sizeof(struct params));
struct limits limits; struct limits limits;
memset(&limits, 0, sizeof(struct limits)); memset(&limits, 0, sizeof(struct limits));
parse_args(argc, argv, &params, &limits); parse_args(argc, argv, &params, &limits);
prepare_cgroup(&limits); prepare_cgroup(&limits);
if (pipe(params.fd) < 0) die("can't open pipe: %m");//a pipe to report readiness if (pipe(params.fd) < 0) die("can't open pipe: %m");// a pipe to report readiness
int clone_flags = SIGCHLD | CLONE_NEWUTS | CLONE_NEWUSER | CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWCGROUP; int clone_flags = SIGCHLD | CLONE_NEWUTS | CLONE_NEWUSER | CLONE_NEWNS | CLONE_NEWPID | CLONE_NEWNET | CLONE_NEWIPC | CLONE_NEWCGROUP;
int nsrun_pid = clone(nsrun, nmstack + STACK_SIZE, clone_flags, &params);//make new namespace int nsrun_pid = clone(nsrun, nmstack + STACK_SIZE, clone_flags, &params);// make new namespace
//int pipe = params.fd[1];
prepare_userns(nsrun_pid); prepare_userns(nsrun_pid);
if (nsrun_pid < 0) die("faled to clone"); if (nsrun_pid < 0) die("faled to clone");
add_to_cgroup(nsrun_pid); add_to_cgroup(nsrun_pid);
if (write(params.fd[1], "OK", 2) != 2) die("Failed to write to pipe: %m");//report readiness if (write(params.fd[1], "OK", 2) != 2) die("Failed to write to pipe: %m");// report readiness
struct killparams killparams; struct killparams killparams;
killparams.time = limits.time; killparams.time = limits.time;
killparams.pid = nsrun_pid; killparams.pid = nsrun_pid;
int kill_pid = clone(killafter, killstack + STACK_SIZE, SIGCHLD, &killparams); int kill_pid = clone(killafter, killstack + STACK_SIZE, SIGCHLD, &killparams);
time_start = getmstime(); time_start = getmstime();
if (waitpid(nsrun_pid, NULL, 0) == -1) die("Failed to wait pid %d: %m\n", nsrun_pid); if (waitpid(nsrun_pid, NULL, 0) == -1) die("Failed to wait pid %d: %m\n", nsrun_pid);
kill(kill_pid,SIGKILL);//kill killer kill(kill_pid, SIGKILL);// kill killer
int time = getmstime()-time_start; int time = getmstime() - time_start;
if(chdir(params.shared_folder)) die("Failed to chdir to shared folder:%m"); if(chdir(params.shared_folder)) die("Failed to chdir to shared folder:%m");
if(time>=limits.time) { if(time >= limits.time) {
write_file("time", "-1"); write_file("time", "-1");
} }
else { else {