[pve-devel] [PATCH v4 container 05/12] add open_pid_fd, open_lxc_pid, open_ppid helpers

Wolfgang Bumiller w.bumiller at proxmox.com
Wed Nov 20 08:31:00 CET 2019


Getting a pid and acting on it is always a race, so add
safer helpers for this.

Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
 src/PVE/LXC.pm | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/src/PVE/LXC.pm b/src/PVE/LXC.pm
index d747039..e5b765a 100644
--- a/src/PVE/LXC.pm
+++ b/src/PVE/LXC.pm
@@ -388,6 +388,44 @@ sub find_lxc_pid {
     return $pid;
 }
 
+sub open_pid_fd($) {
+    my ($pid) = @_;
+    sysopen(my $fd, "/proc/$pid", O_RDONLY | O_DIRECTORY)
+	or die "failed to open /proc/$pid pid fd\n";
+    return $fd;
+}
+
+sub open_lxc_pid {
+    my ($vmid) = @_;
+
+    # Find the pid and open:
+    my $pid = find_lxc_pid($vmid);
+    my $fd = open_pid_fd($pid);
+
+    # Verify:
+    my $pid2 = find_lxc_pid($vmid);
+
+    return () if $pid != $pid2;
+    return ($pid, $fd);
+}
+
+sub open_ppid {
+    my ($pid) = @_;
+
+    # Find the parent pid via proc and open it:
+    my $stat = PVE::ProcFSTools::read_proc_pid_stat($pid);
+    my $ppid = $stat->{ppid} // die "failed to get parent pid\n";
+
+    my $fd = open_pid_fd($ppid);
+
+    # Verify:
+    $stat = PVE::ProcFSTools::read_proc_pid_stat($pid);
+    my $ppid2 = $stat->{ppid} // die "failed to get parent pid for verification\n";
+
+    return () if $ppid != $ppid2;
+    return ($ppid, $fd);
+}
+
 # Note: we cannot use Net:IP, because that only allows strict
 # CIDR networks
 sub parse_ipv4_cidr {
-- 
2.20.1





More information about the pve-devel mailing list