Add a -j argument and selection mechanism for configuring jailing.

Due to our somewhat spendthrift ways with argument letters, it is not realistic to repurpose -[sS]andbox or -[pP]rivsep argument letters, so the terminology ended up being "jail" because -j was free. Right now no jails are implemented, and the code does nothing.

Add a -j argument and selection mechanism for configuring jailing.
Due to our somewhat spendthrift ways with argument letters, it is not realistic to repurpose -[sS]andbox or -[pP]rivsep argument letters, so the terminology ended up being "jail" because -j was free. Right now no jails are implemented, and the code does nothing.
bb52bd56 · Poul-Henning Kamp · 17dae8e8 · bb52bd56 · bb52bd56 · bb52bd56
Commit bb52bd56 authored Feb 16, 2015 by Poul-Henning Kamp
Showing with 174 additions and 1 deletion

Makefile.am bin/varnishd/Makefile.am +1 -0

mgt.h bin/varnishd/mgt/mgt.h +32 -0

mgt_jail.c bin/varnishd/mgt/mgt_jail.c +120 -0

mgt_main.c bin/varnishd/mgt/mgt_main.c +21 -1

No files found.
--- a/bin/varnishd/Makefile.am
+++ b/bin/varnishd/Makefile.am
@@ -64,6 +64,7 @@ varnishd_SOURCES = \
 	http1/cache_http1_vfp.c \
 	mgt/mgt_child.c \
 	mgt/mgt_cli.c \
+	mgt/mgt_jail.c \
 	mgt/mgt_main.c \
 	mgt/mgt_param.c \
 	mgt/mgt_param_tbl.c \

--- a/bin/varnishd/mgt/mgt.h
+++ b/bin/varnishd/mgt/mgt.h
@@ -62,6 +62,38 @@ void mgt_cli_master(const char *M_arg);
 void mgt_cli_secret(const char *S_arg);
 void mgt_cli_close_all(void);

+/* mgt_jail.c */
+
+enum jail_subproc_e {
+	JAIL_SP_TESTING,
+	JAIL_SP_VCC,
+	JAIL_SP_CC,
+	JAIL_SP_VCLLOAD,
+	JAIL_SP_WORKER,
+};
+
+enum jail_master_e {
+	JAIL_MASTER_LOW,
+	JAIL_MASTER_HIGH,
+};
+
+typedef void jail_init_f(char **);
+typedef void jail_master_f(enum jail_master_e);
+typedef void jail_subproc_f(enum jail_subproc_e);
+
+struct jail_tech {
+	unsigned		magic;
+#define JAIL_TECH_MAGIC		0x4d00fa4d
+	const char		*name;
+	jail_init_f		*init;
+	jail_master_f		*master;
+	jail_subproc_f		*subproc;
+};
+
+void VJ_Init(const char *j_arg);
+void VJ_master(enum jail_master_e jme);
+void VJ_subproc(enum jail_subproc_e jse);
+
 /* mgt_main.c */
 extern struct VSC_C_mgt	*VSC_C_mgt;
 extern struct VSC_C_mgt static_VSC_C_mgt;

--- a/bin/varnishd/mgt/mgt_jail.c
+++ b/bin/varnishd/mgt/mgt_jail.c
+/*-
+ * Copyright (c) 2015 Varnish Software AS
+ * All rights reserved.
+ *
+ * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * Jailing
+ *
+ */
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <syslog.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "mgt/mgt.h"
+#include "vav.h"
+
+/**********************************************************************
+ * A "none" jail implementation which doesn't do anything.
+ */
+
+static void __match_proto__(jail_init_f)
+vjn_init(char **args)
+{
+	if (*args != NULL)
+		ARGV_ERR("-Jnone takes no arguments.\n");
+}
+
+static void __match_proto__(jail_master_f)
+vjn_master(enum jail_master_e jme)
+{
+	(void)jme;
+}
+
+static void __match_proto__(jail_subproc_f)
+vjn_subproc(enum jail_subproc_e jse)
+{
+	(void)jse;
+}
+
+static const struct jail_tech jail_tech_none = {
+	.magic =	JAIL_TECH_MAGIC,
+	.name =		"none",
+	.init =		vjn_init,
+	.master =	vjn_master,
+	.subproc =	vjn_subproc,
+};
+
+/**********************************************************************/
+
+static const struct jail_tech *vjt;
+
+static const struct choice vj_choice[] = {
+	{ "none",	&jail_tech_none },
+	{ NULL,		NULL },
+};
+
+void
+VJ_Init(const char *j_arg)
+{
+	char **av;
+
+	if (j_arg != NULL) {
+		av = VAV_Parse(j_arg, NULL, ARGV_COMMA);
+		AN(av);
+		if (av[0] != NULL)
+			ARGV_ERR("-j argument: %s\n", av[0]);
+		if (av[1] == NULL)
+			ARGV_ERR("-j argument is emtpy\n");
+		vjt = pick(vj_choice, av[1], "jail");
+		CHECK_OBJ_NOTNULL(vjt, JAIL_TECH_MAGIC);
+		vjt->init(av + 2);
+		VAV_Free(av);
+	} else {
+		av = VAV_Parse("", NULL, ARGV_COMMA);
+		vjt = vj_choice[0].ptr;
+		CHECK_OBJ_NOTNULL(vjt, JAIL_TECH_MAGIC);
+		vjt->init(av + 1);
+		VAV_Free(av);
+	}
+}
+
+void
+VJ_master(enum jail_master_e jme)
+{
+	CHECK_OBJ_NOTNULL(vjt, JAIL_TECH_MAGIC);
+	vjt->master(jme);
+}
+
+void
+VJ_subproc(enum jail_subproc_e jse)
+{
+	CHECK_OBJ_NOTNULL(vjt, JAIL_TECH_MAGIC);
+	vjt->subproc(jse);
+}
--- a/bin/varnishd/mgt/mgt_main.c
+++ b/bin/varnishd/mgt/mgt_main.c
@@ -154,6 +154,8 @@ usage(void)
 	fprintf(stderr, FMT, "", "  -h classic");
 	fprintf(stderr, FMT, "", "  -h classic,<buckets>");
 	fprintf(stderr, FMT, "-i identity", "Identity of varnish instance");
+	fprintf(stderr, FMT, "-j jail[,jailoptions]", "Jail specification");
+	fprintf(stderr, FMT, "", "  -j none");
 	fprintf(stderr, FMT, "-l shl,free,fill", "Size of shared memory file");
 	fprintf(stderr, FMT, "", "  shl: space for SHL records [80m]");
 	fprintf(stderr, FMT, "", "  free: space for other allocations [1m]");
@@ -382,6 +384,7 @@ main(int argc, char * const *argv)
 	char *dirname;
 	char **av;
 	unsigned clilim;
+	int jailed = 0;

 	/* Set up the mgt counters */
 	memset(&static_VSC_C_mgt, 0, sizeof static_VSC_C_mgt);
@@ -447,7 +450,23 @@ main(int argc, char * const *argv)
 	cli_check(cli);

 	while ((o = getopt(argc, argv,
-	    "a:b:Cdf:Fg:h:i:l:M:n:P:p:r:S:s:T:t:u:Vx:")) != -1)
+	    "a:b:Cdf:Fg:h:i:j:l:M:n:P:p:r:S:s:T:t:u:Vx:")) != -1) {
+		/*
+		 * -j must be the first argument if specified, because
+		 * it (may) affect subsequent argument processing.
+		 */
+		if (!jailed) {
+			jailed++;
+			if (o == 'j') {
+				VJ_Init(optarg);
+				continue;
+			}
+			VJ_Init(NULL);
+		} else {
+			if (o == 'j')
+				ARGV_ERR("\t-j must be the first argument\n");
+		}
+
 		switch (o) {
 		case 'a':
 			MCF_ParamSet(cli, "listen_address", optarg);
@@ -552,6 +571,7 @@ main(int argc, char * const *argv)
 		default:
 			usage();
 		}
+	}

 	argc -= optind;
 	argv += optind;