[mirror_lxc.git] / src / lxc / monitor.c

/*
 * lxc: linux Container library
 *
 * (C) Copyright IBM Corp. 2007, 2008
 *
 * Authors:
 * Daniel Lezcano <daniel.lezcano at free.fr>
 * Dwight Engen <dwight.engen@oracle.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#include <fcntl.h>
#include <inttypes.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <netinet/in.h>
#include <net/if.h>

#include "error.h"
#include "af_unix.h"

#include <lxc/log.h>
#include <lxc/lxclock.h>
#include <lxc/state.h>
#include <lxc/monitor.h>
#include <lxc/utils.h>

lxc_log_define(lxc_monitor, lxc);

/* routines used by monitor publishers (containers) */
int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
			  int do_mkdirp)
{
	int ret;
	const char *rundir;

	rundir = get_rundir();
	if (do_mkdirp) {
		ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
		if (ret < 0 || ret >= fifo_path_sz) {
			ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
			return -1;
		}
		process_lock();
		ret = mkdir_p(fifo_path, 0755);
		process_unlock();
		if (ret < 0) {
			ERROR("unable to create monitor fifo dir %s", fifo_path);
			return ret;
		}
	}
	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
	if (ret < 0 || ret >= fifo_path_sz) {
		ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
		return -1;
	}
	return 0;
}

static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
{
	int fd,ret;
	char fifo_path[PATH_MAX];

	BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */

	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	if (ret < 0)
		return;

	fd = open(fifo_path, O_WRONLY);
	if (fd < 0) {
		/* it is normal for this open to fail when there is no monitor
		 * running, so we don't log it
		 */
		return;
	}

	ret = write(fd, msg, sizeof(*msg));
	if (ret != sizeof(*msg)) {
		close(fd);
		SYSERROR("failed to write monitor fifo %s", fifo_path);
		return;
	}

	close(fd);
}

void lxc_monitor_send_state(const char *name, lxc_state_t state, const char *lxcpath)
{
	struct lxc_msg msg = { .type = lxc_msg_state,
			       .value = state };
	strncpy(msg.name, name, sizeof(msg.name));
	msg.name[sizeof(msg.name) - 1] = 0;

	lxc_monitor_fifo_send(&msg, lxcpath);
}


/* routines used by monitor subscribers (lxc-monitor) */
int lxc_monitor_close(int fd)
{
	return close(fd);
}

/* Note we don't use SHA-1 here as we don't want to depend on HAVE_GNUTLS.
 * FNV has good anti collision properties and we're not worried
 * about pre-image resistance or one-way-ness, we're just trying to make
 * the name unique in the 108 bytes of space we have.
 */
#define FNV1A_64_INIT ((uint64_t)0xcbf29ce484222325ULL)
static uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval)
{
	unsigned char *bp;

	for(bp = buf; bp < (unsigned char *)buf + len; bp++)
	{
		/* xor the bottom with the current octet */
		hval ^= (uint64_t)*bp;

		/* gcc optimised:
		 * multiply by the 64 bit FNV magic prime mod 2^64
		 */
		hval += (hval << 1) + (hval << 4) + (hval << 5) +
			(hval << 7) + (hval << 8) + (hval << 40);
	}

	return hval;
}

int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr) {
	size_t len;
	int ret;
	char *sockname = &addr->sun_path[1];
	char path[PATH_MAX+18];
	uint64_t hash;

	/* addr.sun_path is only 108 bytes, so we hash the full name and
	 * then append as much of the name as we can fit.
	 */
	memset(addr, 0, sizeof(*addr));
	addr->sun_family = AF_UNIX;
	len = sizeof(addr->sun_path) - 1;
	ret = snprintf(path, sizeof(path), "lxc/%s/monitor-sock", lxcpath);
	if (ret < 0 || ret >= sizeof(path)) {
		ERROR("lxcpath %s too long for monitor unix socket", lxcpath);
		return -1;
	}

	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
	ret = snprintf(sockname, len, "lxc/%016" PRIx64 "/%s", hash, lxcpath);
	if (ret < 0)
		return -1;
	sockname[sizeof(addr->sun_path)-2] = '\0';
	INFO("using monitor sock name %s", sockname);
	return 0;
}

int lxc_monitor_open(const char *lxcpath)
{
	struct sockaddr_un addr;
	int fd,ret;
	int retry,backoff_ms[] = {10, 50, 100};

	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
		return -1;

	fd = socket(PF_UNIX, SOCK_STREAM, 0);
	if (fd < 0) {
		ERROR("socket : %s", strerror(errno));
		return -1;
	}

	for (retry = 0; retry < sizeof(backoff_ms)/sizeof(backoff_ms[0]); retry++) {
		ret = connect(fd, (struct sockaddr *)&addr, sizeof(addr));
		if (ret == 0 || errno != ECONNREFUSED)
			break;
		ERROR("connect : backing off %d", backoff_ms[retry]);
		usleep(backoff_ms[retry] * 1000);
	}

	if (ret < 0) {
		ERROR("connect : %s", strerror(errno));
		goto err1;
	}
	return fd;
err1:
	close(fd);
	return ret;
}

int lxc_monitor_read_fdset(fd_set *rfds, int nfds, struct lxc_msg *msg,
			   int timeout)
{
	struct timeval tval,*tv = NULL;
	int ret,i;

	if (timeout != -1) {
		tv = &tval;
		tv->tv_sec = timeout;
		tv->tv_usec = 0;
	}

	ret = select(nfds, rfds, NULL, NULL, tv);
	if (ret == -1)
		return -1;
	else if (ret == 0)
		return -2;  // timed out

	/* only read from the first ready fd, the others will remain ready
	 * for when this routine is called again
	 */
	for (i = 0; i < nfds; i++) {
		if (FD_ISSET(i, rfds)) {
			ret = recv(i, msg, sizeof(*msg), 0);
			if (ret <= 0) {
				SYSERROR("client failed to recv (monitord died?) %s",
					 strerror(errno));
				return -1;
			}
			return ret;
		}
	}
	SYSERROR("no ready fd found?");
	return -1;
}

int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
{
	fd_set rfds;

	FD_ZERO(&rfds);
	FD_SET(fd, &rfds);

	return lxc_monitor_read_fdset(&rfds, fd+1, msg, timeout);
}

int lxc_monitor_read(int fd, struct lxc_msg *msg)
{
	return lxc_monitor_read_timeout(fd, msg, -1);
}


/* used to spawn a monitord either on startup of a daemon container, or when
 * lxc-monitor starts
 */
int lxc_monitord_spawn(const char *lxcpath)
{
	pid_t pid1,pid2;
	int pipefd[2];
	char pipefd_str[11];

	char * const args[] = {
		"lxc-monitord",
		(char *)lxcpath,
		pipefd_str,
		NULL,
	};

	/* double fork to avoid zombies when monitord exits */
	pid1 = fork();
	if (pid1 < 0) {
		SYSERROR("failed to fork");
		return -1;
	}

	if (pid1) {
		if (waitpid(pid1, NULL, 0) != pid1)
			return -1;
		return 0;
	}

	if (pipe(pipefd) < 0) {
		SYSERROR("failed to create pipe");
		exit(EXIT_FAILURE);
	}

	pid2 = fork();
	if (pid2 < 0) {
		SYSERROR("failed to fork");
		exit(EXIT_FAILURE);
	}
	if (pid2) {
		char c;
		/* wait for daemon to create socket */
		close(pipefd[1]);
		/* sync with child, we're ignoring the return from read
		 * because regardless if it works or not, either way we've
		 * synced with the child process. the if-empty-statement
		 * construct is to quiet the warn-unused-result warning.
		 */
		if (read(pipefd[0], &c, 1)) ;
		close(pipefd[0]);
		exit(EXIT_SUCCESS);
	}

	umask(0);
	if (setsid() < 0) {
		SYSERROR("failed to setsid");
		exit(EXIT_FAILURE);
	}
	close(0);
	close(1);
	close(2);
	open("/dev/null", O_RDONLY);
	open("/dev/null", O_RDWR);
	open("/dev/null", O_RDWR);
	close(pipefd[0]);
	sprintf(pipefd_str, "%d", pipefd[1]);
	execvp(args[0], args);
	exit(EXIT_FAILURE);
}
Commit	Line	Data
0ad19a3f	1	/*
	2	* lxc: linux Container library
	3	*
	4	* (C) Copyright IBM Corp. 2007, 2008
	5	*
	6	* Authors:
9afe19d6	7	* Daniel Lezcano <daniel.lezcano at free.fr>
e51d4895	8	* Dwight Engen <dwight.engen@oracle.com>
0ad19a3f	9	*
	10	* This library is free software; you can redistribute it and/or
	11	* modify it under the terms of the GNU Lesser General Public
	12	* License as published by the Free Software Foundation; either
	13	* version 2.1 of the License, or (at your option) any later version.
	14	*
	15	* This library is distributed in the hope that it will be useful,
	16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	18	* Lesser General Public License for more details.
	19	*
	20	* You should have received a copy of the GNU Lesser General Public
	21	* License along with this library; if not, write to the Free Software
250b1eec	22	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
0ad19a3f	23	*/
e51d4895	24
0ad19a3f	25	#include <stdio.h>
	26	#include <errno.h>
	27	#include <unistd.h>
	28	#include <string.h>
	29	#include <stdlib.h>
	30	#include <fcntl.h>
b45c7011 DE	31	#include <inttypes.h>
b45c7011 DE	32	#include <stdint.h>
0ad19a3f	33	#include <sys/types.h>
	34	#include <sys/stat.h>
	35	#include <sys/param.h>
0ad19a3f	36	#include <sys/socket.h>
e51d4895	37	#include <sys/wait.h>
0ad19a3f	38	#include <netinet/in.h>
0ad19a3f	39	#include <net/if.h>
b113348e	40
e2bcd7db	41	#include "error.h"
31c53c2e	42	#include "af_unix.h"
00b3c2e2	43
36eb9bde	44	#include <lxc/log.h>
9e60f51d	45	#include <lxc/lxclock.h>
00b3c2e2 CLG	46	#include <lxc/state.h>
00b3c2e2 CLG	47	#include <lxc/monitor.h>
e51d4895	48	#include <lxc/utils.h>
36eb9bde CLG	49
36eb9bde CLG	50	lxc_log_define(lxc_monitor, lxc);
0ad19a3f	51
e51d4895	52	/* routines used by monitor publishers (containers) */
9e60f51d DE	53	int lxc_monitor_fifo_name(const char lxcpath, char fifo_path, size_t fifo_path_sz,
	54	int do_mkdirp)
	55	{
	56	int ret;
	57	const char *rundir;
	58
	59	rundir = get_rundir();
	60	if (do_mkdirp) {
	61	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
	62	if (ret < 0 \|\| ret >= fifo_path_sz) {
	63	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
	64	return -1;
	65	}
	66	process_lock();
	67	ret = mkdir_p(fifo_path, 0755);
	68	process_unlock();
	69	if (ret < 0) {
	70	ERROR("unable to create monitor fifo dir %s", fifo_path);
	71	return ret;
	72	}
	73	}
	74	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
	75	if (ret < 0 \|\| ret >= fifo_path_sz) {
	76	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
	77	return -1;
	78	}
	79	return 0;
	80	}
	81
e51d4895	82	static void lxc_monitor_fifo_send(struct lxc_msg msg, const char lxcpath)
0ad19a3f	83	{
e51d4895 DE	84	int fd,ret;
	85	char fifo_path[PATH_MAX];
	86
	87	BUILD_BUG_ON(sizeof(msg) > PIPE_BUF); / write not guaranteed atomic */
9e60f51d DE	88
	89	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	90	if (ret < 0)
9123e471	91	return;
80f41298	92
e51d4895 DE	93	fd = open(fifo_path, O_WRONLY);
	94	if (fd < 0) {
	95	/* it is normal for this open to fail when there is no monitor
	96	* running, so we don't log it
	97	*/
31c53c2e	98	return;
e51d4895	99	}
0ad19a3f	100
e51d4895 DE	101	ret = write(fd, msg, sizeof(*msg));
e51d4895 DE	102	if (ret != sizeof(*msg)) {
e8b9ac8f	103	close(fd);
e51d4895 DE	104	SYSERROR("failed to write monitor fifo %s", fifo_path);
	105	return;
	106	}
0ad19a3f	107
	108	close(fd);
	109	}
	110
9123e471	111	void lxc_monitor_send_state(const char name, lxc_state_t state, const char lxcpath)
eae6543d	112	{
	113	struct lxc_msg msg = { .type = lxc_msg_state,
	114	.value = state };
80f41298	115	strncpy(msg.name, name, sizeof(msg.name));
f3bc28bd	116	msg.name[sizeof(msg.name) - 1] = 0;
eae6543d	117
e51d4895	118	lxc_monitor_fifo_send(&msg, lxcpath);
0ad19a3f	119	}
0ad19a3f	120
e51d4895 DE	121
	122	/* routines used by monitor subscribers (lxc-monitor) */
	123	int lxc_monitor_close(int fd)
0ad19a3f	124	{
e51d4895 DE	125	return close(fd);
	126	}
	127
b45c7011 DE	128	/* Note we don't use SHA-1 here as we don't want to depend on HAVE_GNUTLS.
	129	* FNV has good anti collision properties and we're not worried
	130	* about pre-image resistance or one-way-ness, we're just trying to make
	131	* the name unique in the 108 bytes of space we have.
	132	*/
	133	#define FNV1A_64_INIT ((uint64_t)0xcbf29ce484222325ULL)
	134	static uint64_t fnv_64a_buf(void *buf, size_t len, uint64_t hval)
	135	{
	136	unsigned char *bp;
	137
	138	for(bp = buf; bp < (unsigned char *)buf + len; bp++)
	139	{
	140	/* xor the bottom with the current octet */
	141	hval ^= (uint64_t)*bp;
	142
	143	/* gcc optimised:
	144	* multiply by the 64 bit FNV magic prime mod 2^64
	145	*/
	146	hval += (hval << 1) + (hval << 4) + (hval << 5) +
	147	(hval << 7) + (hval << 8) + (hval << 40);
	148	}
	149
	150	return hval;
	151	}
	152
e51d4895 DE	153	int lxc_monitor_sock_name(const char lxcpath, struct sockaddr_un addr) {
	154	size_t len;
	155	int ret;
b45c7011 DE	156	char *sockname = &addr->sun_path[1];
	157	char path[PATH_MAX+18];
	158	uint64_t hash;
e51d4895	159
b45c7011 DE	160	/* addr.sun_path is only 108 bytes, so we hash the full name and
b45c7011 DE	161	* then append as much of the name as we can fit.
9123e471	162	*/
e51d4895 DE	163	memset(addr, 0, sizeof(*addr));
	164	addr->sun_family = AF_UNIX;
	165	len = sizeof(addr->sun_path) - 1;
b45c7011 DE	166	ret = snprintf(path, sizeof(path), "lxc/%s/monitor-sock", lxcpath);
	167	if (ret < 0 \|\| ret >= sizeof(path)) {
	168	ERROR("lxcpath %s too long for monitor unix socket", lxcpath);
9e60f51d DE	169	return -1;
9e60f51d DE	170	}
9e60f51d	171
b45c7011 DE	172	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
	173	ret = snprintf(sockname, len, "lxc/%016" PRIx64 "/%s", hash, lxcpath);
	174	if (ret < 0)
9123e471	175	return -1;
b45c7011 DE	176	sockname[sizeof(addr->sun_path)-2] = '\0';
b45c7011 DE	177	INFO("using monitor sock name %s", sockname);
e51d4895 DE	178	return 0;
e51d4895 DE	179	}
0ad19a3f	180
e51d4895 DE	181	int lxc_monitor_open(const char *lxcpath)
	182	{
	183	struct sockaddr_un addr;
	184	int fd,ret;
	185	int retry,backoff_ms[] = {10, 50, 100};
	186
	187	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
	188	return -1;
	189
	190	fd = socket(PF_UNIX, SOCK_STREAM, 0);
2c396e12 MN	191	if (fd < 0) {
2c396e12 MN	192	ERROR("socket : %s", strerror(errno));
31c53c2e	193	return -1;
2c396e12	194	}
0ad19a3f	195
e51d4895 DE	196	for (retry = 0; retry < sizeof(backoff_ms)/sizeof(backoff_ms[0]); retry++) {
	197	ret = connect(fd, (struct sockaddr *)&addr, sizeof(addr));
	198	if (ret == 0 \|\| errno != ECONNREFUSED)
	199	break;
	200	ERROR("connect : backing off %d", backoff_ms[retry]);
	201	usleep(backoff_ms[retry] * 1000);
0ad19a3f	202	}
0ad19a3f	203
e51d4895 DE	204	if (ret < 0) {
	205	ERROR("connect : %s", strerror(errno));
	206	goto err1;
	207	}
0ad19a3f	208	return fd;
e51d4895 DE	209	err1:
	210	close(fd);
	211	return ret;
0ad19a3f	212	}
0ad19a3f	213
8d06bd13 DE	214	int lxc_monitor_read_fdset(fd_set rfds, int nfds, struct lxc_msg msg,
8d06bd13 DE	215	int timeout)
0ad19a3f	216	{
8d06bd13 DE	217	struct timeval tval,*tv = NULL;
8d06bd13 DE	218	int ret,i;
72d0e1cb SG	219
72d0e1cb SG	220	if (timeout != -1) {
8d06bd13 DE	221	tv = &tval;
	222	tv->tv_sec = timeout;
	223	tv->tv_usec = 0;
72d0e1cb	224	}
0ad19a3f	225
8d06bd13 DE	226	ret = select(nfds, rfds, NULL, NULL, tv);
8d06bd13 DE	227	if (ret == -1)
75b1e198	228	return -1;
8d06bd13 DE	229	else if (ret == 0)
	230	return -2; // timed out
	231
	232	/* only read from the first ready fd, the others will remain ready
	233	* for when this routine is called again
	234	*/
	235	for (i = 0; i < nfds; i++) {
	236	if (FD_ISSET(i, rfds)) {
	237	ret = recv(i, msg, sizeof(*msg), 0);
	238	if (ret <= 0) {
	239	SYSERROR("client failed to recv (monitord died?) %s",
	240	strerror(errno));
	241	return -1;
	242	}
	243	return ret;
	244	}
0ad19a3f	245	}
8d06bd13 DE	246	SYSERROR("no ready fd found?");
	247	return -1;
	248	}
	249
	250	int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
	251	{
	252	fd_set rfds;
	253
	254	FD_ZERO(&rfds);
	255	FD_SET(fd, &rfds);
	256
	257	return lxc_monitor_read_fdset(&rfds, fd+1, msg, timeout);
0ad19a3f	258	}
0ad19a3f	259
72d0e1cb SG	260	int lxc_monitor_read(int fd, struct lxc_msg *msg)
	261	{
	262	return lxc_monitor_read_timeout(fd, msg, -1);
	263	}
	264
e51d4895 DE	265
	266
	267	/* used to spawn a monitord either on startup of a daemon container, or when
	268	* lxc-monitor starts
	269	*/
	270	int lxc_monitord_spawn(const char *lxcpath)
0ad19a3f	271	{
e51d4895 DE	272	pid_t pid1,pid2;
	273	int pipefd[2];
	274	char pipefd_str[11];
	275
	276	char * const args[] = {
31f58b3f	277	"lxc-monitord",
e51d4895 DE	278	(char *)lxcpath,
	279	pipefd_str,
	280	NULL,
	281	};
	282
	283	/* double fork to avoid zombies when monitord exits */
	284	pid1 = fork();
	285	if (pid1 < 0) {
	286	SYSERROR("failed to fork");
	287	return -1;
	288	}
	289
	290	if (pid1) {
f2bbe86d DE	291	if (waitpid(pid1, NULL, 0) != pid1)
f2bbe86d DE	292	return -1;
e51d4895 DE	293	return 0;
	294	}
	295
	296	if (pipe(pipefd) < 0) {
	297	SYSERROR("failed to create pipe");
	298	exit(EXIT_FAILURE);
	299	}
	300
	301	pid2 = fork();
	302	if (pid2 < 0) {
	303	SYSERROR("failed to fork");
	304	exit(EXIT_FAILURE);
	305	}
	306	if (pid2) {
	307	char c;
	308	/* wait for daemon to create socket */
	309	close(pipefd[1]);
	310	/* sync with child, we're ignoring the return from read
	311	* because regardless if it works or not, either way we've
	312	* synced with the child process. the if-empty-statement
	313	* construct is to quiet the warn-unused-result warning.
	314	*/
	315	if (read(pipefd[0], &c, 1)) ;
	316	close(pipefd[0]);
	317	exit(EXIT_SUCCESS);
	318	}
	319
	320	umask(0);
	321	if (setsid() < 0) {
	322	SYSERROR("failed to setsid");
	323	exit(EXIT_FAILURE);
	324	}
	325	close(0);
	326	close(1);
	327	close(2);
	328	open("/dev/null", O_RDONLY);
	329	open("/dev/null", O_RDWR);
	330	open("/dev/null", O_RDWR);
	331	close(pipefd[0]);
	332	sprintf(pipefd_str, "%d", pipefd[1]);
	333	execvp(args[0], args);
	334	exit(EXIT_FAILURE);
0ad19a3f	335	}