From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42568)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cyliu@suse.com>) id 1XOiiO-0000fe-3A
	for qemu-devel@nongnu.org; Tue, 02 Sep 2014 03:41:25 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <cyliu@suse.com>) id 1XOiiJ-0007Vi-2u
	for qemu-devel@nongnu.org; Tue, 02 Sep 2014 03:41:20 -0400
Received: from victor.provo.novell.com ([137.65.250.26]:34499)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <cyliu@suse.com>) id 1XOiiI-0007VY-Sv
	for qemu-devel@nongnu.org; Tue, 02 Sep 2014 03:41:15 -0400
From: Chunyan Liu <cyliu@suse.com>
Date: Tue,  2 Sep 2014 15:40:42 +0800
Message-Id: <1409643643-31589-2-git-send-email-cyliu@suse.com>
In-Reply-To: <1409643643-31589-1-git-send-email-cyliu@suse.com>
References: <1409643643-31589-1-git-send-email-cyliu@suse.com>
Subject: [Qemu-devel] [PATCH 1/2] add 'umask' option to -chardev
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org, libvir-list@redhat.com
Cc: Chunyan Liu <cyliu@suse.com>

To use virtio-serial device, unix socket created for chardev with
default umask(022) has insufficient permissions.

e.g. start kvm guest with:
-device virtio-serial \
-chardev socket,path=/tmp/foo,server,nowait,id=foo \
-device virtserialport,chardev=foo,name=org.fedoraproject.port.0

Check permissions for the socket file that has been created in the host
to enable communication through virtual serial ports in the guest:
#ls -l /tmp/somefile.sock
srwxr-xr-x 1 qemu qemu 0 21. Jul 14:19 /tmp/somefile.sock

Other users in the qemu group (like real user, test engines, etc) cannot
write to this socket.

Problem reported here:
https://sourceware.org/bugzilla/show_bug.cgi?id=13078#c11
https://bugzilla.novell.com/show_bug.cgi?id=888166

This patch tries to add a 'umask' option to 'chardev', so that user
can have chance to indicate a umask overwritting the default one (default
is 022), then create unix sockets with expected permissions.

Signed-off-by: Chunyan Liu <cyliu@suse.com>
---
This is patch for qemu.

 qemu-char.c         |  3 +++
 qemu-options.hx     |  9 +++++++--
 util/qemu-sockets.c | 12 +++++++++++-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/qemu-char.c b/qemu-char.c
index d4f327a..a39a5e4 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -3856,6 +3856,9 @@ QemuOptsList qemu_chardev_opts = {
         },{
             .name = "chardev",
             .type = QEMU_OPT_STRING,
+        },{
+            .name = "umask",
+            .type = QEMU_OPT_NUMBER,
         },
         { /* end of list */ }
     },
diff --git a/qemu-options.hx b/qemu-options.hx
index ecd0e34..078e9db 100644
--- a/qemu-options.hx
+++ b/qemu-options.hx
@@ -1929,7 +1929,7 @@ DEF("chardev", HAS_ARG, QEMU_OPTION_chardev,
     "-chardev null,id=id[,mux=on|off]\n"
     "-chardev socket,id=id[,host=host],port=port[,to=to][,ipv4][,ipv6][,nodelay]\n"
     "         [,server][,nowait][,telnet][,mux=on|off] (tcp)\n"
-    "-chardev socket,id=id,path=path[,server][,nowait][,telnet],[mux=on|off] (unix)\n"
+    "-chardev socket,id=id,path=path[,umask][,server][,nowait][,telnet],[mux=on|off] (unix)\n"
     "-chardev udp,id=id[,host=host],port=port[,localaddr=localaddr]\n"
     "         [,localport=localport][,ipv4][,ipv6][,mux=on|off]\n"
     "-chardev msmouse,id=id[,mux=on|off]\n"
@@ -2001,12 +2001,17 @@ Options to each backend are described below.
 A void device. This device will not emit any data, and will drop any data it
 receives. The null backend does not take any options.
 
-@item -chardev socket ,id=@var{id} [@var{TCP options} or @var{unix options}] [,server] [,nowait] [,telnet]
+@item -chardev socket ,id=@var{id} [@var{TCP options} or @var{unix options}] [,umask][,server] [,nowait] [,telnet]
 
 Create a two-way stream socket, which can be either a TCP or a unix socket. A
 unix socket will be created if @option{path} is specified. Behaviour is
 undefined if TCP options are specified for a unix socket.
 
+@option{umask} specifies the umask used for creating a unix socket. Without
+this option, default umask(022) will be used, permission is not sufficient
+for virtio-serial device. One can indicate umask=0x002 for virtio-serial
+device for correct usage.
+
 @option{server} specifies that the socket shall be a listening socket.
 
 @option{nowait} specifies that QEMU should not block waiting for a client to
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index 5d38395..facf2c6 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -680,7 +680,8 @@ int unix_listen_opts(QemuOpts *opts, Error **errp)
 {
     struct sockaddr_un un;
     const char *path = qemu_opt_get(opts, "path");
-    int sock, fd;
+    int newmask = qemu_opt_get_number(opts, "umask", 0);
+    int sock, fd, oldmask;
 
     sock = qemu_socket(PF_UNIX, SOCK_STREAM, 0);
     if (sock < 0) {
@@ -708,10 +709,19 @@ int unix_listen_opts(QemuOpts *opts, Error **errp)
     }
 
     unlink(un.sun_path);
+    if (newmask) {
+        oldmask = umask(newmask);
+    }
     if (bind(sock, (struct sockaddr*) &un, sizeof(un)) < 0) {
+        if (newmask) {
+            umask(oldmask);
+        }
         error_set_errno(errp, errno, QERR_SOCKET_BIND_FAILED);
         goto err;
     }
+    if (newmask) {
+        umask(oldmask);
+    }
     if (listen(sock, 1) < 0) {
         error_set_errno(errp, errno, QERR_SOCKET_LISTEN_FAILED);
         goto err;
-- 
1.8.5.2