From: Eric Blake <eblake@redhat.com>
To: Lei Li <lilei@linux.vnet.ibm.com>, qemu-devel@nongnu.org
Cc: pbonzini@redhat.com, mohan@in.ibm.com
Subject: Re: [Qemu-devel] [PATCH 1/6] qemu-fd-exchange: provide common methods for exchange fd
Date: Thu, 16 Jan 2014 08:26:22 -0700 [thread overview]
Message-ID: <52D7FA1E.9040102@redhat.com> (raw)
In-Reply-To: <1389172376-30636-2-git-send-email-lilei@linux.vnet.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 3474 bytes --]
On 01/08/2014 02:12 AM, Lei Li wrote:
> Signed-off-by: Lei Li <lilei@linux.vnet.ibm.com>
> ---
> include/qemu/fd-exchange.h | 25 +++++++++++
> util/Makefile.objs | 1 +
> util/qemu-fd-exchange.c | 97 ++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 123 insertions(+), 0 deletions(-)
> create mode 100644 include/qemu/fd-exchange.h
> create mode 100644 util/qemu-fd-exchange.c
>
> diff --git a/include/qemu/fd-exchange.h b/include/qemu/fd-exchange.h
> new file mode 100644
> index 0000000..6929026
> --- /dev/null
> +++ b/include/qemu/fd-exchange.h
> @@ -0,0 +1,25 @@
> +/*
> + * Internel common methods for exchange of FD
s/Internel/Internal/
> +++ b/util/qemu-fd-exchange.c
> @@ -0,0 +1,97 @@
> +/*
> + * Internel common methods for exchange of FD
and again.
> +ssize_t qemu_send_with_fd(int sockfd, int passed_fd,
> + const void *buf, size_t len)
> +{
> + struct msghdr msg;
> + struct iovec iov;
> + struct cmsghdr *cmsg;
> + union MsgControl msg_control;
> + int retval;
> +
> + iov.iov_base = (int *)buf;
> + iov.iov_len = len;
> +
> + memset(&msg, 0, sizeof(msg));
> + msg.msg_iov = &iov;
> + msg.msg_iovlen = len;
> + msg.msg_control = &msg_control;
> + msg.msg_controllen = sizeof(msg_control);
> +
> + if (passed_fd < 0) {
> + *(int *)buf = passed_fd;
Is it safe to assume that buf is aligned well enough to be casting it to
int* then dereferencing it? Why not just type the parameter correctly
to begin with? And why are you even writing into the caller's buffer
when they pass a negative fd, but leaving it alone when they pass a
non-negative fd?
> +ssize_t qemu_recv_with_fd(int sockfd, int *passed_fd,
> + void *buf, size_t len)
> +{
> + struct iovec iov;
> + struct msghdr msg;
> + struct cmsghdr *cmsg;
> + union MsgControl msg_control;
> + int retval;
> + int data = *(int *)buf;
Again, why not type buf correctly, since otherwise you risk a user
passing in a buffer that is unsuitably aligned for dereferencing as an
int pointer.
> +
> + iov.iov_base = buf;
> + iov.iov_len = len;
> +
> + memset(&msg, 0, sizeof(msg));
> + msg.msg_iov = &iov;
> + msg.msg_iovlen = 1;
> + msg.msg_control = &msg_control;
> + msg.msg_controllen = sizeof(msg_control);
> +
Should you take advantage of Linux' ability to use MSG_CMSG_CLOEXEC to
guarantee the received fd is atomically marked cloexec when possible?
> + do {
> + retval = recvmsg(sockfd, &msg, 0);
> + } while (retval < 0 && errno == EINTR);
> +
> + if (retval <= 0) {
> + return retval;
> + }
> +
> + if (data != *(int *)buf) {
> + *passed_fd = data;
> + return 0;
> + }
> +
> + for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) {
> + if (cmsg->cmsg_len != CMSG_LEN(sizeof(int)) ||
> + cmsg->cmsg_level != SOL_SOCKET ||
> + cmsg->cmsg_type != SCM_RIGHTS) {
> + continue;
> + }
> +
> + memcpy(passed_fd, CMSG_DATA(cmsg), sizeof(*passed_fd));
> + return 0;
> + }
And even when MSG_CMSG_CLOEXEC is not available, shouldn't you ensure
that cloexec is set after the fact?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
next prev parent reply other threads:[~2014-01-16 15:26 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-08 9:12 [Qemu-devel] [PATCH resend 0/6 RFC] Provide common methods for exchange FD Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 1/6] qemu-fd-exchange: provide common methods for exchange fd Lei Li
2014-01-16 15:16 ` Eric Blake
2014-01-17 3:40 ` Lei Li
2014-01-16 15:26 ` Eric Blake [this message]
2014-01-17 3:41 ` Lei Li
2014-01-17 10:02 ` Daniel P. Berrange
2014-01-20 1:50 ` Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 2/6] qemu-bridge-helper: replace send_fd with qemu_send_with_fd Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 3/6] net/tap: replace recv_fd with qemu_recv_with_fd Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 4/6] virtfs-proxy-helper: replace send_fd with qemu_send_with_fd Lei Li
2014-01-16 10:15 ` Daniel P. Berrange
2014-01-17 3:40 ` Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 5/6] virtio-9p-proxy: replace v9fs_receivefd with qemu_recv_with_fd Lei Li
2014-01-16 10:16 ` Daniel P. Berrange
2014-01-17 3:40 ` Lei Li
2014-01-08 9:12 ` [Qemu-devel] [PATCH 6/6] migration-local: replace send_pipefd with qemu_send_with_fd Lei Li
2014-01-16 9:26 ` [Qemu-devel] [PATCH resend 0/6 RFC] Provide common methods for exchange FD Lei Li
2014-01-16 10:17 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52D7FA1E.9040102@redhat.com \
--to=eblake@redhat.com \
--cc=lilei@linux.vnet.ibm.com \
--cc=mohan@in.ibm.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.