gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/pkg/sentry/fsimpl/host/save_restore.go

gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/pkg/sentry/fsimpl/host/save_restore.go (about)

     1  // Copyright 2020 The gVisor Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package host
    16  
    17  import (
    18  	"context"
    19  	"fmt"
    20  	"io"
    21  
    22  	"golang.org/x/sys/unix"
    23  	"gvisor.dev/gvisor/pkg/fdnotifier"
    24  	"gvisor.dev/gvisor/pkg/hostarch"
    25  	"gvisor.dev/gvisor/pkg/safemem"
    26  	"gvisor.dev/gvisor/pkg/sentry/hostfd"
    27  	"gvisor.dev/gvisor/pkg/sentry/vfs"
    28  )
    29  
    30  // MakeRestoreID creates a RestoreID for a given application FD. The application
    31  // FD remains the same between restores, e.g. stdout=2 before and after restore,
    32  // but the host FD that is maps to can change between restores. This ID is used
    33  // to map application FDs to their respective FD after a restore happens.
    34  func MakeRestoreID(containerName string, fd int) vfs.RestoreID {
    35  	return vfs.RestoreID{
    36  		ContainerName: containerName,
    37  		Path:          fmt.Sprintf("host:%d", fd),
    38  	}
    39  }
    40  
    41  // beforeSave is invoked by stateify.
    42  func (i *inode) beforeSave() {
    43  	if !i.savable {
    44  		panic("host.inode is not savable")
    45  	}
    46  	if i.ftype == unix.S_IFIFO {
    47  		// If this pipe FD is readable, drain it so that bytes in the pipe can
    48  		// be read after restore. (This is a legacy VFS1 feature.) We don't
    49  		// know if the pipe FD is readable, so just try reading and tolerate
    50  		// EBADF from the read.
    51  		i.bufMu.Lock()
    52  		defer i.bufMu.Unlock()
    53  		var buf [hostarch.PageSize]byte
    54  		for {
    55  			n, err := hostfd.Preadv2(int32(i.hostFD), safemem.BlockSeqOf(safemem.BlockFromSafeSlice(buf[:])), -1 /* offset */, 0 /* flags */)
    56  			if n != 0 {
    57  				i.buf = append(i.buf, buf[:n]...)
    58  			}
    59  			if err != nil {
    60  				if err == io.EOF || err == unix.EAGAIN || err == unix.EBADF {
    61  					break
    62  				}
    63  				panic(fmt.Errorf("host.inode.beforeSave: buffering from pipe failed: %v", err))
    64  			}
    65  		}
    66  		if len(i.buf) != 0 {
    67  			i.haveBuf.Store(1)
    68  		}
    69  	}
    70  }
    71  
    72  // afterLoad is invoked by stateify.
    73  func (i *inode) afterLoad(ctx context.Context) {
    74  	fdmap := vfs.RestoreFilesystemFDMapFromContext(ctx)
    75  	fd, ok := fdmap[i.restoreKey]
    76  	if !ok {
    77  		panic(fmt.Sprintf("no host FD available for %+v, map: %v", i.restoreKey, fdmap))
    78  	}
    79  	i.hostFD = fd
    80  
    81  	if i.epollable {
    82  		if err := unix.SetNonblock(i.hostFD, true); err != nil {
    83  			panic(fmt.Sprintf("host.inode.afterLoad: failed to set host FD %d non-blocking: %v", i.hostFD, err))
    84  		}
    85  		if err := fdnotifier.AddFD(int32(i.hostFD), &i.queue); err != nil {
    86  			panic(fmt.Sprintf("host.inode.afterLoad: fdnotifier.AddFD(%d) failed: %v", i.hostFD, err))
    87  		}
    88  	}
    89  }