CMAKE_MINIMUM_REQUIRED (VERSION 2.6.2)
PROJECT(security-containers)
+## pkgconfig ###################################################################
+INCLUDE(FindPkgConfig)
+
## File names ##################################################################
SET(SERVER_CODENAME "${PROJECT_NAME}-server")
SET(CLIENT_CODENAME "${PROJECT_NAME}-client")
Group: Security/Other
Summary: Daemon for managing containers
BuildRequires: cmake
+BuildRequires: libvirt
+BuildRequires: libvirt-devel
%description
This package provides a daemon used to manage containers - start, stop and switch
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Contact: Bumjin Im <bj.im@samsung.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+/**
+ * @file scs-container.hpp
+ * @author Jan Olszak (j.olszak@samsung.com)
+ * @brief Declaration of the class for managing one container
+ */
+
+
+#ifndef SECURITY_CONTAINERS_SERVER_CONTAINER_HPP
+#define SECURITY_CONTAINERS_SERVER_CONTAINER_HPP
+
+#include <string>
+#include <libvirt/libvirt.h>
+
+namespace security_containers {
+
+class Container {
+
+public:
+ Container();
+ virtual ~Container();
+ void define(const char* configXML = NULL);
+ void undefine();
+ void start();
+ void stop();
+
+private:
+ virConnectPtr mVir = NULL; // pointer to the connection with libvirt
+ virDomainPtr mDom = NULL; // pointer to the domain
+
+ bool mIsRunning = false; // is the domain now running
+
+ // TODO: This is a temporary sollution.
+ const std::string mDefaultConfigXML = "<domain type=\"lxc\">\
+ <name>cnsl</name>\
+ <memory>102400</memory>\
+ <os>\
+ <type>exe</type>\
+ <init>/bin/sh</init>\
+ </os>\
+ <devices>\
+ <console type=\"pty\"/>\
+ </devices>\
+ </domain>";
+ void connect();
+ void disconnect();
+
+};
+}
+#endif // SECURITY_CONTAINERS_SERVER_CONTAINER_HPP
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Contact: Bumjin Im <bj.im@samsung.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+/**
+ * @file scs-exception.hpp
+ * @author Jan Olszak (j.olszak@samsung.com)
+ * @brief Exceptions for the server
+ */
+
+
#ifndef SECURITY_CONTAINERS_SERVER_EXCEPTION_HPP
#define SECURITY_CONTAINERS_SERVER_EXCEPTION_HPP
std::runtime_error(mess) {};
};
+/**
+ * @brief Error occured during an attempt to connect to libvirt's daemon.
+ */
+struct ConnectionException: public ServerException {
+ ConnectionException(const std::string& mess = "Security Containers Connection Exception"):
+ ServerException(mess) {};
+};
+
+/**
+ * @brief Error occured during an attempt to perform an operation on a domain,
+ * e.g. start, stop a container
+ */
+struct DomainOperationException: public ServerException {
+ DomainOperationException(const std::string& mess = "Security Containers Domain Operation Exception"):
+ ServerException(mess) {};
+};
+
}
#endif // SECURITY_CONTAINERS_SERVER_EXCEPTION_HPP
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Contact: Bumjin Im <bj.im@samsung.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+/**
+ * @file scs-log.hpp
+ * @author Jan Olszak (j.olszak@samsung.com)
+ * @brief Logging macros
+ */
+
+
+#ifndef SECURITY_CONTAINERS_SERVER_LOG_HPP
+#define SECURITY_CONTAINERS_SERVER_LOG_HPP
+
+#include <iostream>
+
+#define LOGE(...) std::cerr << "[DS] " << __VA_ARGS__ << std::endl;
+
+#define LOGD(...) std::cout << "[DS] " << __VA_ARGS__ << std::endl;
+
+#define LOGW(...) std::cout << "[DS] " << __VA_ARGS__ << std::endl;
+
+#endif // SECURITY_CONTAINERS_SERVER_LOG_HPP
FILE(GLOB_RECURSE project_SRCS *.cpp *.cxx *.cc *.C *.c *.h *.hpp)
MESSAGE("Files: " ${project_SRCS})
+## Setup target ################################################################
SET(SERVER_CODENAME "${PROJECT_NAME}-server")
-ADD_EXECUTABLE(${SERVER_CODENAME} main.cpp)
+ADD_EXECUTABLE(${SERVER_CODENAME} ${project_SRCS} )
+
+## Link libraries ##############################################################
+PKG_CHECK_MODULES(SERVER_DEPS REQUIRED libvirt)
+INCLUDE_DIRECTORIES(SYSTEM ${SERVER_DEPS_INCLUDE_DIRS})
+TARGET_LINK_LIBRARIES(${SERVER_CODENAME} ${SERVER_DEPS_LIBRARIES})
+
+## Install #####################################################################
INSTALL(TARGETS ${SERVER_CODENAME} DESTINATION bin)
\ No newline at end of file
#include <iostream>
-#include <getopt.h> // For getopt
+#include <getopt.h> // For getopt
+#include <unistd.h> // For sleep
-int main(int argc, char *argv[])
+#include <scs-container.hpp> // TODO: Delete
+
+
+using namespace security_containers;
+
+// TODO: Delete when unit tests introduced.
+void test()
+{
+ Container c;
+ c.define();
+ c.start();
+ sleep(1);
+ c.start();
+ sleep(1);
+ c.stop();
+ sleep(1);
+ c.start();
+ sleep(1);
+ c.stop();
+ sleep(1);
+ c.undefine();
+}
+
+
+int main(int argc, char* argv[])
{
int optIndex = 0;
std::cerr << std::endl;
return 1;
}
+
+ test();
}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Contact: Bumjin Im <bj.im@samsung.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+/**
+ * @file scs-container.cpp
+ * @author Jan Olszak (j.olszak@samsung.com)
+ * @brief Implementation of class for managing one container
+ */
+
+#include <assert.h>
+
+#include <scs-container.hpp>
+#include <scs-exception.hpp>
+#include <scs-log.hpp>
+
+using namespace security_containers;
+
+Container::Container()
+{
+ connect();
+}
+
+
+Container::~Container()
+{
+ disconnect();
+}
+
+
+void
+Container::connect()
+{
+ assert(mVir == NULL);
+
+ mVir = virConnectOpen("lxc://");
+ if (mVir == NULL) {
+ LOGE("Failed to open connection to lxc://");
+ throw ConnectionException();
+ }
+};
+
+
+void
+Container::disconnect()
+{
+ if (mVir == NULL) {
+ return;
+ }
+
+ if (virConnectClose(mVir) < 0) {
+ LOGE("Error during unconnecting from libvirt");
+ };
+ mVir = NULL;
+};
+
+
+void
+Container::start()
+{
+ assert(mVir != NULL);
+ assert(mDom != NULL);
+
+ if (mIsRunning) {
+ return;
+ }
+
+ // Autodestroyed when connection pointer released
+ // Any managed save file for this domain is discarded,
+ // and the domain boots from scratch
+ u_int flags = VIR_DOMAIN_START_AUTODESTROY;
+
+ if (virDomainCreateWithFlags(mDom, flags) < 0) {
+ LOGE("Failed to start the container");
+ throw DomainOperationException();
+ }
+
+ mIsRunning = true;
+};
+
+
+void
+Container::stop()
+{
+ assert(mVir != NULL);
+ assert(mDom != NULL);
+
+ if (!mIsRunning) {
+ return;
+ }
+ // Forceful termination of the guest
+ u_int flags = VIR_DOMAIN_DESTROY_DEFAULT;
+
+ if (virDomainDestroyFlags(mDom, flags) < 0) {
+ LOGE("Error during domain stopping");
+ throw DomainOperationException();
+ }
+
+ mIsRunning = false;
+};
+
+
+void
+Container::define(const char* configXML)
+{
+ assert(mVir != NULL);
+
+ if (configXML) {
+ mDom = virDomainDefineXML(mVir, configXML);
+ } else {
+ mDom = virDomainDefineXML(mVir, mDefaultConfigXML.c_str());
+ }
+
+ if (mDom == NULL) {
+ LOGE("Error during domain defining");
+ throw DomainOperationException();
+ }
+};
+
+
+void
+Container::undefine()
+{
+ assert(mVir != NULL);
+ assert(mDom != NULL);
+
+ stop();
+
+ // Remove domain configuration
+ if (virDomainUndefine(mDom) < 0) {
+ LOGE("Error during domain undefine");
+ throw DomainOperationException();
+ }
+
+ if (virDomainFree(mDom) < 0) {
+ LOGE("Error during domain destruction");
+ throw DomainOperationException();
+ }
+
+ mDom = NULL;
+};
projects / platform / core / security / vasum.git / commitdiff