From: Corey Bryant <coreyb@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com, aliguori@us.ibm.com,
stefanha@linux.vnet.ibm.com, libvir-list@redhat.com,
lcapitulino@redhat.com, pbonzini@redhat.com, eblake@redhat.com
Subject: [Qemu-devel] [PATCH v4 7/7] osdep: Enable qemu_open to dup pre-opened fd
Date: Fri, 22 Jun 2012 14:36:14 -0400 [thread overview]
Message-ID: <1340390174-7493-8-git-send-email-coreyb@linux.vnet.ibm.com> (raw)
In-Reply-To: <1340390174-7493-1-git-send-email-coreyb@linux.vnet.ibm.com>
This patch adds support to qemu_open to dup(fd) a pre-opened file
descriptor if the filename is of the format /dev/fd/X.
This can be used when QEMU is restricted from opening files, and
the management application opens files on QEMU's behalf.
If the fd was passed to the monitor with the pass-fd command, it
must be explicitly closed with the 'closefd' command when it is
no longer required, in order to prevent fd leaks.
Signed-off-by: Corey Bryant <coreyb@linux.vnet.ibm.com>
---
v2:
-Get rid of file_open and move dup code to qemu_open
(kwolf@redhat.com)
-Use strtol wrapper instead of atoi (kwolf@redhat.com)
v3:
-Add note about fd leakage (eblake@redhat.com)
v4
-Moved patch to be later in series (lcapitulino@redhat.com)
-Update qemu_open to check access mode flags and set flags that
can be set (eblake@redhat.com, kwolf@redhat.com)
cutils.c | 26 +++++++++++++----
main-loop.c | 6 ++--
osdep.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
qemu-common.h | 2 +-
4 files changed, 116 insertions(+), 9 deletions(-)
diff --git a/cutils.c b/cutils.c
index af308cd..f45d921 100644
--- a/cutils.c
+++ b/cutils.c
@@ -339,17 +339,33 @@ bool buffer_is_zero(const void *buf, size_t len)
}
#ifndef _WIN32
-/* Sets a specific flag */
-int fcntl_setfl(int fd, int flag)
+/* Sets a specific flag on or off */
+int fcntl_setfl(int fd, int flag, int onoff)
{
int flags;
+ if (onoff != 0 && onoff != 1) {
+ return -EINVAL;
+ }
+
flags = fcntl(fd, F_GETFL);
- if (flags == -1)
+ if (flags == -1) {
return -errno;
+ }
- if (fcntl(fd, F_SETFL, flags | flag) == -1)
- return -errno;
+ if (onoff == 1) {
+ if ((flags & flag) != flag) {
+ if (fcntl(fd, F_SETFL, flags | flag) == -1) {
+ return -errno;
+ }
+ }
+ } else {
+ if ((flags & flag) == flag) {
+ if (fcntl(fd, F_SETFL, flags & ~flag) == -1) {
+ return -errno;
+ }
+ }
+ }
return 0;
}
diff --git a/main-loop.c b/main-loop.c
index eb3b6e6..644fcc3 100644
--- a/main-loop.c
+++ b/main-loop.c
@@ -75,11 +75,11 @@ static int qemu_event_init(void)
if (err == -1) {
return -errno;
}
- err = fcntl_setfl(fds[0], O_NONBLOCK);
+ err = fcntl_setfl(fds[0], O_NONBLOCK, 1);
if (err < 0) {
goto fail;
}
- err = fcntl_setfl(fds[1], O_NONBLOCK);
+ err = fcntl_setfl(fds[1], O_NONBLOCK, 1);
if (err < 0) {
goto fail;
}
@@ -154,7 +154,7 @@ static int qemu_signal_init(void)
return -errno;
}
- fcntl_setfl(sigfd, O_NONBLOCK);
+ fcntl_setfl(sigfd, O_NONBLOCK, 1);
qemu_set_fd_handler2(sigfd, NULL, sigfd_handler, NULL,
(void *)(intptr_t)sigfd);
diff --git a/osdep.c b/osdep.c
index 3e6bada..a6fc758d 100644
--- a/osdep.c
+++ b/osdep.c
@@ -73,6 +73,63 @@ int qemu_madvise(void *addr, size_t len, int advice)
#endif
}
+/*
+ * Dups an fd and sets the flags
+ */
+static int qemu_dup(int fd, int flags)
+{
+ int ret;
+ int serrno;
+
+ if (flags & O_CLOEXEC) {
+ ret = fcntl(fd, F_DUPFD_CLOEXEC, 0);
+ if (ret == -1 && errno == EINVAL) {
+ ret = dup(fd);
+ if (ret == -1) {
+ goto fail;
+ }
+ if (fcntl_setfl(ret, O_CLOEXEC, (flags & O_CLOEXEC) ? 1 : 0) < 0) {
+ goto fail;
+ }
+ }
+ } else {
+ ret = dup(fd);
+ }
+
+ if (ret == -1) {
+ goto fail;
+ }
+
+ /* Truncate the file in the cases that open would truncate it */
+ if (flags & O_TRUNC ||
+ ((flags & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL))) {
+ if (ftruncate(ret, 0) == -1) {
+ goto fail;
+ }
+ }
+
+ if ((fcntl_setfl(ret, O_APPEND, (flags & O_APPEND) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_ASYNC, (flags & O_ASYNC) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_DIRECT, (flags & O_DIRECT) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_LARGEFILE, (flags & O_LARGEFILE) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_NDELAY, (flags & O_NDELAY) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_NOATIME, (flags & O_NOATIME) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_NOCTTY, (flags & O_NOCTTY) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_NONBLOCK, (flags & O_NONBLOCK) ? 1 : 0) < 0) ||
+ (fcntl_setfl(ret, O_SYNC, (flags & O_SYNC) ? 1 : 0) < 0)) {
+ goto fail;
+ }
+
+ return ret;
+
+fail:
+ serrno = errno;
+ if (ret != -1) {
+ close(ret);
+ }
+ errno = serrno;
+ return -1;
+}
/*
* Opens a file with FD_CLOEXEC set
@@ -82,6 +139,40 @@ int qemu_open(const char *name, int flags, ...)
int ret;
int mode = 0;
+#ifndef _WIN32
+ const char *p;
+
+ /* Attempt dup of fd for pre-opened file */
+ if (strstart(name, "/dev/fd/", &p)) {
+ int fd;
+ int eflags;
+
+ fd = qemu_parse_fd(p);
+ if (fd == -1) {
+ return -1;
+ }
+
+ /* Get the existing fd's flags */
+ eflags = fcntl(fd, F_GETFL);
+ if (eflags == -1) {
+ return -1;
+ }
+
+ if (((flags & O_RDWR) != (eflags & O_RDWR)) ||
+ ((flags & O_RDONLY) != (eflags & O_RDONLY)) ||
+ ((flags & O_WRONLY) != (eflags & O_WRONLY))) {
+ errno = EACCES;
+ return -1;
+ }
+
+ if (fcntl_setfl(fd, O_CLOEXEC, 1) < 0) {
+ return -1;
+ }
+
+ return qemu_dup(fd, flags);
+ }
+#endif
+
if (flags & O_CREAT) {
va_list ap;
diff --git a/qemu-common.h b/qemu-common.h
index 91e0562..99cbbc5 100644
--- a/qemu-common.h
+++ b/qemu-common.h
@@ -144,7 +144,7 @@ int qemu_strnlen(const char *s, int max_len);
time_t mktimegm(struct tm *tm);
int qemu_fls(int i);
int qemu_fdatasync(int fd);
-int fcntl_setfl(int fd, int flag);
+int fcntl_setfl(int fd, int flag, int onoff);
int qemu_parse_fd(const char *param);
/*
--
1.7.10.2
next prev parent reply other threads:[~2012-06-22 18:35 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-22 18:36 [Qemu-devel] [PATCH v4 0/7] file descriptor passing using pass-fd Corey Bryant
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 1/7] qemu-char: Add MSG_CMSG_CLOEXEC flag to recvmsg Corey Bryant
2012-06-22 19:31 ` Eric Blake
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 2/7] qapi: Convert getfd and closefd Corey Bryant
2012-07-11 18:51 ` Luiz Capitulino
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 3/7] qapi: Add pass-fd QMP command Corey Bryant
2012-06-22 20:24 ` Eric Blake
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 4/7] qapi: Re-arrange monitor.c functions Corey Bryant
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 5/7] block: Prevent /dev/fd/X filename from being detected as floppy Corey Bryant
2012-06-22 18:36 ` [Qemu-devel] [PATCH v4 6/7] block: Convert open calls to qemu_open Corey Bryant
2012-06-22 18:36 ` Corey Bryant [this message]
2012-06-22 19:58 ` [Qemu-devel] [PATCH v4 7/7] osdep: Enable qemu_open to dup pre-opened fd Eric Blake
[not found] ` <20120626091004.GA14451@redhat.com>
[not found] ` <4FE9A0F0.2050809@redhat.com>
[not found] ` <20120626175045.2c7011b3@doriath.home>
[not found] ` <4FEA37A9.10707@linux.vnet.ibm.com>
[not found] ` <4FEA3D9C.8080205@redhat.com>
2012-07-02 22:02 ` [Qemu-devel] [PATCH v4 0/7] file descriptor passing using pass-fd Corey Bryant
2012-07-02 22:31 ` Eric Blake
2012-07-03 9:07 ` Daniel P. Berrange
2012-07-03 9:40 ` Kevin Wolf
2012-07-03 13:42 ` Corey Bryant
2012-07-03 15:40 ` Corey Bryant
2012-07-03 15:59 ` Kevin Wolf
2012-07-03 16:25 ` Corey Bryant
2012-07-03 17:03 ` Eric Blake
2012-07-03 17:46 ` Corey Bryant
2012-07-03 18:00 ` Eric Blake
2012-07-03 18:21 ` Corey Bryant
2012-07-04 8:09 ` Kevin Wolf
2012-07-05 15:06 ` Corey Bryant
2012-07-09 14:05 ` Luiz Capitulino
2012-07-09 15:05 ` Corey Bryant
2012-07-09 15:46 ` Kevin Wolf
2012-07-09 16:18 ` Luiz Capitulino
2012-07-09 17:59 ` Corey Bryant
2012-07-09 17:35 ` Corey Bryant
2012-07-09 17:48 ` Luiz Capitulino
2012-07-09 18:02 ` Corey Bryant
2012-07-10 7:53 ` Kevin Wolf
2012-07-09 18:20 ` Corey Bryant
2012-07-04 8:00 ` Kevin Wolf
2012-07-05 14:22 ` Corey Bryant
2012-07-05 14:51 ` Kevin Wolf
2012-07-05 16:35 ` Corey Bryant
2012-07-05 16:37 ` Corey Bryant
2012-07-06 9:06 ` Kevin Wolf
2012-07-05 17:00 ` Eric Blake
2012-07-05 17:36 ` Corey Bryant
2012-07-06 9:11 ` Kevin Wolf
2012-07-06 17:14 ` Corey Bryant
2012-07-06 17:15 ` Corey Bryant
2012-07-06 17:40 ` Corey Bryant
2012-07-06 18:19 ` [Qemu-devel] [libvirt] " Corey Bryant
2012-07-09 14:04 ` [Qemu-devel] " Kevin Wolf
2012-07-09 15:23 ` Corey Bryant
2012-07-09 15:30 ` Kevin Wolf
2012-07-09 18:40 ` Anthony Liguori
2012-07-09 19:00 ` Luiz Capitulino
2012-07-10 8:54 ` Daniel P. Berrange
2012-07-10 7:58 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1340390174-7493-8-git-send-email-coreyb@linux.vnet.ibm.com \
--to=coreyb@linux.vnet.ibm.com \
--cc=aliguori@us.ibm.com \
--cc=eblake@redhat.com \
--cc=kwolf@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=libvir-list@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).