| Message ID | 20220926195048.487915-9-lvivier@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | qapi: net: add unix socket type support to netdev backend | expand |
On Mon, Sep 26, 2022 at 09:50:40PM +0200, Laurent Vivier wrote: > Signed-off-by: Laurent Vivier <lvivier@redhat.com> > Reviewed-by: Stefano Brivio <sbrivio@redhat.com> > --- > net/stream.c | 108 +++++++++++++++++++++++++++++++++++++++++++++--- > qapi/net.json | 2 +- > qemu-options.hx | 1 + > 3 files changed, 105 insertions(+), 6 deletions(-) > > diff --git a/net/stream.c b/net/stream.c > index 3fb899df5d2d..02967c284efc 100644 > --- a/net/stream.c > +++ b/net/stream.c > @@ -235,7 +235,7 @@ static NetStreamState *net_stream_fd_init_stream(NetClientState *peer, > static void net_stream_accept(void *opaque) > { > NetStreamState *s = opaque; > - struct sockaddr_in saddr; > + struct sockaddr_storage saddr; > socklen_t len; > int fd; > > @@ -253,9 +253,27 @@ static void net_stream_accept(void *opaque) > s->fd = fd; > s->nc.link_down = false; > net_stream_connect(s); > - snprintf(s->nc.info_str, sizeof(s->nc.info_str), > - "connection from %s:%d", > - inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port)); > + switch (saddr.ss_family) { > + case AF_INET: { > + struct sockaddr_in *saddr_in = (struct sockaddr_in *)&saddr; > + > + snprintf(s->nc.info_str, sizeof(s->nc.info_str), > + "connection from %s:%d", > + inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port)); So, here you print the address from which the connection has come - the remote address. > + break; > + } > + case AF_UNIX: { > + struct sockaddr_un saddr_un; > + > + len = sizeof(saddr_un); > + getsockname(s->listen_fd, (struct sockaddr *)&saddr_un, &len); > + snprintf(s->nc.info_str, sizeof(s->nc.info_str), > + "connect from %s", saddr_un.sun_path); Here you print the bound address - the local address. Does that make sense? I mean, in almost every occasion the remote Unix socket will be anonymous, so it probably doesn't make sense to display that, but is the bound address actually a useful substitute? Maybe it should just be "connect from Unix socket". > + break; > + } > + default: > + g_assert_not_reached(); > + } > } > > static int net_stream_server_init(NetClientState *peer, > @@ -295,6 +313,43 @@ static int net_stream_server_init(NetClientState *peer, > } > break; > } > + case SOCKET_ADDRESS_TYPE_UNIX: { > + struct sockaddr_un saddr_un; > + > + ret = unlink(addr->u.q_unix.path); > + if (ret < 0 && errno != ENOENT) { > + error_setg_errno(errp, errno, "failed to unlink socket %s", > + addr->u.q_unix.path); > + return -1; > + } > + > + saddr_un.sun_family = PF_UNIX; > + ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s", > + addr->u.q_unix.path); > + if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) { > + error_setg(errp, "UNIX socket path '%s' is too long", > + addr->u.q_unix.path); > + error_append_hint(errp, "Path must be less than %zu bytes\n", > + sizeof(saddr_un.sun_path)); > + return -1; > + } Not necessarily in scope here, but I do wonder if we want a common helper to convert the QAPI SocketAddress to a struct sockaddr, which supports both inet and Unix - and one day IPv6, one hopes - with all the appropriate error handling. > + > + fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0); > + if (fd < 0) { > + error_setg_errno(errp, errno, "can't create stream socket"); > + return -1; > + } > + qemu_socket_set_nonblock(fd); > + > + ret = bind(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un)); > + if (ret < 0) { > + error_setg_errno(errp, errno, "can't create socket with path: %s", > + saddr_un.sun_path); > + closesocket(fd); > + return -1; > + } > + break; > + } > case SOCKET_ADDRESS_TYPE_FD: > fd = monitor_fd_param(monitor_cur(), addr->u.fd.str, errp); > if (fd == -1) { > @@ -380,6 +435,49 @@ static int net_stream_client_init(NetClientState *peer, > ntohs(saddr_in.sin_port)); > break; > } > + case SOCKET_ADDRESS_TYPE_UNIX: { > + struct sockaddr_un saddr_un; > + > + saddr_un.sun_family = PF_UNIX; > + ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s", > + addr->u.q_unix.path); > + if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) { > + error_setg(errp, "UNIX socket path '%s' is too long", > + addr->u.q_unix.path); > + error_append_hint(errp, "Path must be less than %zu bytes\n", > + sizeof(saddr_un.sun_path)); > + return -1; > + } > + > + fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0); > + if (fd < 0) { > + error_setg_errno(errp, errno, "can't create stream socket"); > + return -1; > + } > + qemu_socket_set_nonblock(fd); > + > + connected = 0; > + for (;;) { > + ret = connect(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un)); > + if (ret < 0) { > + if (errno == EINTR || errno == EWOULDBLOCK) { > + /* continue */ > + } else if (errno == EAGAIN || > + errno == EALREADY) { > + break; > + } else { > + error_setg_errno(errp, errno, "can't connect socket"); > + closesocket(fd); > + return -1; > + } > + } else { > + connected = 1; > + break; > + } > + } > + info_str = g_strdup_printf(" connect to %s", saddr_un.sun_path); > + break; > + } > case SOCKET_ADDRESS_TYPE_FD: > fd = monitor_fd_param(monitor_cur(), addr->u.fd.str, errp); > if (fd == -1) { > @@ -395,7 +493,7 @@ static int net_stream_client_init(NetClientState *peer, > info_str = g_strdup_printf("connect to fd %d", fd); > break; > default: > - error_setg(errp, "only support inet or fd type"); > + error_setg(errp, "only support inet, unix or fd type"); > return -1; > } > > diff --git a/qapi/net.json b/qapi/net.json > index e02e8001a000..bb96701a49a7 100644 > --- a/qapi/net.json > +++ b/qapi/net.json > @@ -583,7 +583,7 @@ > # or connect to (server=false) > # @server: create server socket (default: true) > # > -# Only SocketAddress types 'inet' and 'fd' are supported. > +# Only SocketAddress types 'unix', 'inet' and 'fd' are supported. > # > # Since: 7.1 > ## > diff --git a/qemu-options.hx b/qemu-options.hx > index 8c765f345da8..7a34022ac651 100644 > --- a/qemu-options.hx > +++ b/qemu-options.hx > @@ -2735,6 +2735,7 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev, > " configure a network backend to connect to another network\n" > " using an UDP tunnel\n" > "-netdev stream,id=str[,server=on|off],addr.type=inet,addr.host=host,addr.port=port\n" > + "-netdev stream,id=str[,server=on|off],addr.type=unix,addr.path=path\n" > "-netdev stream,id=str[,server=on|off],addr.type=fd,addr.str=h\n" > " configure a network backend to connect to another network\n" > " using a socket connection in stream mode.\n"
On 9/28/22 08:12, David Gibson wrote: >> @@ -253,9 +253,27 @@ static void net_stream_accept(void *opaque) >> s->fd = fd; >> s->nc.link_down = false; >> net_stream_connect(s); >> - snprintf(s->nc.info_str, sizeof(s->nc.info_str), >> - "connection from %s:%d", >> - inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port)); >> + switch (saddr.ss_family) { >> + case AF_INET: { >> + struct sockaddr_in *saddr_in = (struct sockaddr_in *)&saddr; >> + >> + snprintf(s->nc.info_str, sizeof(s->nc.info_str), >> + "connection from %s:%d", >> + inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port)); > So, here you print the address from which the connection has come - > the remote address. > >> + break; >> + } >> + case AF_UNIX: { >> + struct sockaddr_un saddr_un; >> + >> + len = sizeof(saddr_un); >> + getsockname(s->listen_fd, (struct sockaddr *)&saddr_un, &len); >> + snprintf(s->nc.info_str, sizeof(s->nc.info_str), >> + "connect from %s", saddr_un.sun_path); > Here you print the bound address - the local address. Does that make > sense? I mean, in almost every occasion the remote Unix socket will > be anonymous, so it probably doesn't make sense to display that, but > is the bound address actually a useful substitute? > > Maybe it should just be "connect from Unix socket". > I agree the needed information is "connected" and type "unix". But I think more information we can put here can be useful for a debugging purpose. Thanks, Laurent
On Wed, Oct 05, 2022 at 03:38:09PM +0200, Laurent Vivier wrote: > On 9/28/22 08:12, David Gibson wrote: > > > @@ -253,9 +253,27 @@ static void net_stream_accept(void *opaque) > > > s->fd = fd; > > > s->nc.link_down = false; > > > net_stream_connect(s); > > > - snprintf(s->nc.info_str, sizeof(s->nc.info_str), > > > - "connection from %s:%d", > > > - inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port)); > > > + switch (saddr.ss_family) { > > > + case AF_INET: { > > > + struct sockaddr_in *saddr_in = (struct sockaddr_in *)&saddr; > > > + > > > + snprintf(s->nc.info_str, sizeof(s->nc.info_str), > > > + "connection from %s:%d", > > > + inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port)); > > So, here you print the address from which the connection has come - > > the remote address. > > > > > + break; > > > + } > > > + case AF_UNIX: { > > > + struct sockaddr_un saddr_un; > > > + > > > + len = sizeof(saddr_un); > > > + getsockname(s->listen_fd, (struct sockaddr *)&saddr_un, &len); > > > + snprintf(s->nc.info_str, sizeof(s->nc.info_str), > > > + "connect from %s", saddr_un.sun_path); > > Here you print the bound address - the local address. Does that make > > sense? I mean, in almost every occasion the remote Unix socket will > > be anonymous, so it probably doesn't make sense to display that, but > > is the bound address actually a useful substitute? > > > > Maybe it should just be "connect from Unix socket". > > > > I agree the needed information is "connected" and type "unix". > > But I think more information we can put here can be useful for a debugging purpose. Fair enough. I feel like "connect from" is still possible misleading. Maybe "connect via"? Or even "connection to Unix socket %s"?
diff --git a/net/stream.c b/net/stream.c index 3fb899df5d2d..02967c284efc 100644 --- a/net/stream.c +++ b/net/stream.c @@ -235,7 +235,7 @@ static NetStreamState *net_stream_fd_init_stream(NetClientState *peer, static void net_stream_accept(void *opaque) { NetStreamState *s = opaque; - struct sockaddr_in saddr; + struct sockaddr_storage saddr; socklen_t len; int fd; @@ -253,9 +253,27 @@ static void net_stream_accept(void *opaque) s->fd = fd; s->nc.link_down = false; net_stream_connect(s); - snprintf(s->nc.info_str, sizeof(s->nc.info_str), - "connection from %s:%d", - inet_ntoa(saddr.sin_addr), ntohs(saddr.sin_port)); + switch (saddr.ss_family) { + case AF_INET: { + struct sockaddr_in *saddr_in = (struct sockaddr_in *)&saddr; + + snprintf(s->nc.info_str, sizeof(s->nc.info_str), + "connection from %s:%d", + inet_ntoa(saddr_in->sin_addr), ntohs(saddr_in->sin_port)); + break; + } + case AF_UNIX: { + struct sockaddr_un saddr_un; + + len = sizeof(saddr_un); + getsockname(s->listen_fd, (struct sockaddr *)&saddr_un, &len); + snprintf(s->nc.info_str, sizeof(s->nc.info_str), + "connect from %s", saddr_un.sun_path); + break; + } + default: + g_assert_not_reached(); + } } static int net_stream_server_init(NetClientState *peer, @@ -295,6 +313,43 @@ static int net_stream_server_init(NetClientState *peer, } break; } + case SOCKET_ADDRESS_TYPE_UNIX: { + struct sockaddr_un saddr_un; + + ret = unlink(addr->u.q_unix.path); + if (ret < 0 && errno != ENOENT) { + error_setg_errno(errp, errno, "failed to unlink socket %s", + addr->u.q_unix.path); + return -1; + } + + saddr_un.sun_family = PF_UNIX; + ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s", + addr->u.q_unix.path); + if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) { + error_setg(errp, "UNIX socket path '%s' is too long", + addr->u.q_unix.path); + error_append_hint(errp, "Path must be less than %zu bytes\n", + sizeof(saddr_un.sun_path)); + return -1; + } + + fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0); + if (fd < 0) { + error_setg_errno(errp, errno, "can't create stream socket"); + return -1; + } + qemu_socket_set_nonblock(fd); + + ret = bind(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un)); + if (ret < 0) { + error_setg_errno(errp, errno, "can't create socket with path: %s", + saddr_un.sun_path); + closesocket(fd); + return -1; + } + break; + } case SOCKET_ADDRESS_TYPE_FD: fd = monitor_fd_param(monitor_cur(), addr->u.fd.str, errp); if (fd == -1) { @@ -380,6 +435,49 @@ static int net_stream_client_init(NetClientState *peer, ntohs(saddr_in.sin_port)); break; } + case SOCKET_ADDRESS_TYPE_UNIX: { + struct sockaddr_un saddr_un; + + saddr_un.sun_family = PF_UNIX; + ret = snprintf(saddr_un.sun_path, sizeof(saddr_un.sun_path), "%s", + addr->u.q_unix.path); + if (ret < 0 || ret >= sizeof(saddr_un.sun_path)) { + error_setg(errp, "UNIX socket path '%s' is too long", + addr->u.q_unix.path); + error_append_hint(errp, "Path must be less than %zu bytes\n", + sizeof(saddr_un.sun_path)); + return -1; + } + + fd = qemu_socket(PF_UNIX, SOCK_STREAM, 0); + if (fd < 0) { + error_setg_errno(errp, errno, "can't create stream socket"); + return -1; + } + qemu_socket_set_nonblock(fd); + + connected = 0; + for (;;) { + ret = connect(fd, (struct sockaddr *)&saddr_un, sizeof(saddr_un)); + if (ret < 0) { + if (errno == EINTR || errno == EWOULDBLOCK) { + /* continue */ + } else if (errno == EAGAIN || + errno == EALREADY) { + break; + } else { + error_setg_errno(errp, errno, "can't connect socket"); + closesocket(fd); + return -1; + } + } else { + connected = 1; + break; + } + } + info_str = g_strdup_printf(" connect to %s", saddr_un.sun_path); + break; + } case SOCKET_ADDRESS_TYPE_FD: fd = monitor_fd_param(monitor_cur(), addr->u.fd.str, errp); if (fd == -1) { @@ -395,7 +493,7 @@ static int net_stream_client_init(NetClientState *peer, info_str = g_strdup_printf("connect to fd %d", fd); break; default: - error_setg(errp, "only support inet or fd type"); + error_setg(errp, "only support inet, unix or fd type"); return -1; } diff --git a/qapi/net.json b/qapi/net.json index e02e8001a000..bb96701a49a7 100644 --- a/qapi/net.json +++ b/qapi/net.json @@ -583,7 +583,7 @@ # or connect to (server=false) # @server: create server socket (default: true) # -# Only SocketAddress types 'inet' and 'fd' are supported. +# Only SocketAddress types 'unix', 'inet' and 'fd' are supported. # # Since: 7.1 ## diff --git a/qemu-options.hx b/qemu-options.hx index 8c765f345da8..7a34022ac651 100644 --- a/qemu-options.hx +++ b/qemu-options.hx @@ -2735,6 +2735,7 @@ DEF("netdev", HAS_ARG, QEMU_OPTION_netdev, " configure a network backend to connect to another network\n" " using an UDP tunnel\n" "-netdev stream,id=str[,server=on|off],addr.type=inet,addr.host=host,addr.port=port\n" + "-netdev stream,id=str[,server=on|off],addr.type=unix,addr.path=path\n" "-netdev stream,id=str[,server=on|off],addr.type=fd,addr.str=h\n" " configure a network backend to connect to another network\n" " using a socket connection in stream mode.\n"