Re: [Qemu-devel] [PATCH v4 7/9] sockets: allow SocketAddress 'fd' to reference numeric file descriptors

["Daniel P. Berrangé" <berrange@redhat.com>]

On Mon, Feb 05, 2018 at 01:42:50PM -0600, Eric Blake wrote:
> On 02/05/2018 09:24 AM, Daniel P. Berrangé wrote:
> > From: "Daniel P. Berrange" <berrange@redhat.com>
> > 
> > The SocketAddress 'fd' kind accepts the name of a file descriptor passed
> > to the monitor with the 'getfd' command. This makes it impossible to use
> > the 'fd' kind in cases where a monitor is not available. This can apply in
> > handling command line argv at startup, or simply if internal code wants to
> > use SocketAddress and pass a numeric FD it has acquired from elsewhere.
> > 
> > Fortunately the 'getfd' command mandated that the FD names must not start
> > with a leading digit. We can thus safely extend semantics of the
> > SocketAddress 'fd' kind, to allow a purely numeric name to reference an
> > file descriptor that QEMU already has open. There will be restrictions on
> > when each kind can be used.
> > 
> > In codepaths where we are handling a monitor command (ie cur_mon != NULL),
> > we will only support use of named file descriptors as before. Use of FD
> > numbers is still not permitted for monitor commands.
> > 
> > In codepaths where we are not handling a monitor command (ie cur_mon ==
> > NULL), we will not support named file descriptors. Instead we can reference
> > FD numers explicitly. This allows the app spawning QEMU to intentionally
> > "leak" a pre-opened socket to QEMU and reference that in a SocketAddress
> > definition, or for code inside QEMU to pass pre-opened FDs around.
> > 
> > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
> > ---
> >   qapi/sockets.json         |   7 +++
> >   tests/test-util-sockets.c | 112 +++++++++++++++++++++++++++++++++++++++++++---
> >   util/qemu-sockets.c       |  16 +++++--
> >   3 files changed, 126 insertions(+), 9 deletions(-)
> > 
> > diff --git a/qapi/sockets.json b/qapi/sockets.json
> > index ac022c6ad0..fc81d8d5e8 100644
> > --- a/qapi/sockets.json
> > +++ b/qapi/sockets.json
> > @@ -123,6 +123,13 @@
> >   #
> >   # @unix:  Unix domain socket
> >   #
> > +# @vsock: VMCI address
> > +#
> > +# @fd: decimal is for file descriptor number, otherwise a file descriptor name.
> > +#      Named file descriptors are permitted in monitor commands, in combination
> > +#      with the 'getfd' command. Decimal file descriptors are permitted at
> > +#      startup or other contexts where no monitor context is active.
> > +#
> >   # Since: 2.9
> 
> There doesn't seem to be any way to introspect if we support decimal fds
> from the command line; is that going to be a problem?

Libvirt needs to know when it can use it, so any suggestions ?


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|