From: Wei Xu <wexu@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: armbru@redhat.com, eblake@redhat.com, amit.shah@redhat.com,
jasowang@redhat.com, qemu-devel@nongnu.org, mprivozn@redhat.com
Subject: Re: [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket
Date: Thu, 2 Jun 2016 00:16:59 +0800 [thread overview]
Message-ID: <574F0A7B.5030401@redhat.com> (raw)
In-Reply-To: <20160531164448.GE21628@redhat.com>
On 2016年06月01日 00:44, Daniel P. Berrange wrote:
> On Wed, Jun 01, 2016 at 12:30:44AM +0800, wexu@redhat.com wrote:
>> From: Wei Xu <wexu@redhat.com>
>>
>> Recently I'm working on a fd passing issue, selinux forbids qemu to
>> create a unix socket for a chardev when managing VMs with libvirt,
>> because qemu don't have sufficient permissions in this case, and
>> proposal from libvirt team is opening the 'fd' in libvirt and merely
>> passing it to qemu.
>
> This sounds like a bug in libvirt, or selinux, or a mistaken configuration
> of the guest. It is entirely possible for QEMU to create a unix socket - not
> least because that is exactly what QEMU uses for its QMP monitor backend.
> Looking at your example command line, I think the issue is simply that you
> should be putting the sockets in a different location. ie at
> /var/lib/libvirt/qemu/$guest-vhost-user1.sock where QEMU has permission to
> create sockets already.
ah.. adjusting permission or file location can solve this problem, i'm
guessing maybe this is a more security concern, the socket is used as a
network interface for a vm, similar as the qcow image file, thus should
prevent it to be arbitrarily accessed.
Michael, do you have any comment on this?
>
> Alternatively you could enhance the SELinux policy to grant svirt_t the
> permission to create sockets under /var/run/openvswitch too.
>
>> I finished a RFC patch for Unix socket after a glance of the code,
>> and not sure if this is right or there maybe other side-effects,
>> please point me out.
>>
>> I tested it for both server and client mode 'PF_UNIX' socket with a VM
>> running vhost-user.
>>
>> Old command line:
>> -chardev socket,id=char0,path=/var/run/openvswitch/vhost-user1,server
>>
>> New command line:
>> -chardev socket,id=char0,path=/var/run/openvswitch/vhost-user1,server,sockfd=$n
>>
>> because unix socket is bundled with a path, so it should be kept even with the
>> 'fd' is indicated, this looks odd, any comments?
>
> Yes, this syntax doesn't really make sense. The passed in sockfd may not
> even be a UNIX socket - it could be a TCP socket. As such, the 'sockfd'
> option should be mutually exclusive with the 'path' and 'host' options.
> ie you can only supply one out of 'sockfd', 'path', or 'host'.
Currently i just add it for unix socket, and the connect/listen syscall
must have a path name, an inet socket doesn't need this param at all,
should it be supported also?
>
>
> FWIW, I think the ability to pass a pre-opened socket FD with the
> -chardev socket backend is a useful enhancement, even though I don't
> think you need this in order to fix the problem you have.
OK, thanks for you quick feedback, i just wonder if 'add-fd' and
qemu_open() can be a more general solution.
>
> Regards,
> Daniel
>
next prev parent reply other threads:[~2016-06-01 16:17 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1464712247-11655-1-git-send-email-wexu@redhat.com>
[not found] ` <574DC83B.9010802@redhat.com>
2016-06-01 15:44 ` [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket Wei Xu
[not found] ` <20160531164448.GE21628@redhat.com>
2016-06-01 16:16 ` Wei Xu [this message]
2016-06-02 7:41 ` Michal Privoznik
2016-06-02 8:29 ` Daniel P. Berrange
2016-06-02 11:38 ` Michal Privoznik
2016-06-02 18:07 ` Wei Xu
2016-06-03 8:32 ` Daniel P. Berrange
2016-06-08 10:07 ` Amnon Ilan
[not found] ` <20160608212738.GH3073@plex>
[not found] ` <f7tvb1jxsfq.fsf@redhat.com>
2016-06-09 7:46 ` Amnon Ilan
2016-06-09 9:16 ` Daniel P. Berrange
2016-06-13 8:57 ` Michal Privoznik
2016-06-14 8:03 ` Wei Xu
2016-06-14 8:17 ` Daniel P. Berrange
2016-06-14 14:23 ` Aaron Conole
2016-06-14 17:50 ` Wei Xu
2016-06-14 12:47 ` Amnon Ilan
2016-06-14 14:21 ` Aaron Conole
2016-06-02 19:27 ` [Qemu-devel] Channel paths (was: Re: [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket) Sascha Silbe
[not found] ` <201606021927.u52JB3YU031760@mx0a-001b2d01.pphosted.com>
2016-06-03 8:34 ` Daniel P. Berrange
2016-06-07 18:44 ` [Qemu-devel] Channel paths Sascha Silbe
2016-06-22 15:24 ` [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket Wei Xu
[not found] ` <1464712247-11655-3-git-send-email-wexu@redhat.com>
[not found] ` <574DC93E.4000700@redhat.com>
2016-06-01 16:20 ` [Qemu-devel] [RFC Patch 2/3] chardev: save the passed in 'fd' parameter during parsing Wei Xu
2016-06-22 15:26 ` Wei Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=574F0A7B.5030401@redhat.com \
--to=wexu@redhat.com \
--cc=amit.shah@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=jasowang@redhat.com \
--cc=mprivozn@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.