[libvirt] [PATCH 3/4] lxc: validate container process during load config
Daniel P. Berrange
berrange at redhat.com
Fri May 30 11:27:27 UTC 2008
On Fri, May 30, 2008 at 02:28:46AM -0400, Daniel Veillard wrote:
> On Thu, May 29, 2008 at 03:20:15PM -0700, Dave Leskovec wrote:
> > + if (ESRCH == errno) {
> > + rc = 0;
> > + DEBUG("pid %d no longer exists", def->id);
> > + goto done;
> > + }
> > +
> > + lxcError(NULL, NULL, VIR_ERR_INTERNAL_ERROR,
> > + _("error checking container process: %d %s"),
> > + def->id, strerror(errno));
> > + goto done;
> > + }
>
> The problem though is that by doing just a passive test for the PID
> it feels like there is a possible race if the process counter rolled over and
> another process with the same PID got create in the meantime.
> i have the feeling that a test based on the state of the file descriptors
> used to communicate with the container would be more reliable. Basically if the
> container disapear, then the pipe should get in a half-closed state,
> detecting the change at that level sounds like it would be more reliable,
> don't you think so ?
Yes, after checking the PID still exists, it needs to validate /proc/$PID/exe
to verify it points to the binary we expect it to.
Regards,
Dan.
--
|: Red Hat, Engineering, Boston -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the libvir-list
mailing list