From: Wei Xu <wexu@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: armbru@redhat.com, eblake@redhat.com, amit.shah@redhat.com,
jasowang@redhat.com, qemu-devel@nongnu.org, mprivozn@redhat.com
Subject: Re: [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket
Date: Thu, 2 Jun 2016 00:16:59 +0800 [thread overview]
Message-ID: <574F0A7B.5030401@redhat.com> (raw)
In-Reply-To: <20160531164448.GE21628@redhat.com>
On 2016年06月01日 00:44, Daniel P. Berrange wrote:
> On Wed, Jun 01, 2016 at 12:30:44AM +0800, wexu@redhat.com wrote:
>> From: Wei Xu <wexu@redhat.com>
>>
>> Recently I'm working on a fd passing issue, selinux forbids qemu to
>> create a unix socket for a chardev when managing VMs with libvirt,
>> because qemu don't have sufficient permissions in this case, and
>> proposal from libvirt team is opening the 'fd' in libvirt and merely
>> passing it to qemu.
>
> This sounds like a bug in libvirt, or selinux, or a mistaken configuration
> of the guest. It is entirely possible for QEMU to create a unix socket - not
> least because that is exactly what QEMU uses for its QMP monitor backend.
> Looking at your example command line, I think the issue is simply that you
> should be putting the sockets in a different location. ie at
> /var/lib/libvirt/qemu/$guest-vhost-user1.sock where QEMU has permission to
> create sockets already.
ah.. adjusting permission or file location can solve this problem, i'm
guessing maybe this is a more security concern, the socket is used as a
network interface for a vm, similar as the qcow image file, thus should
prevent it to be arbitrarily accessed.
Michael, do you have any comment on this?
>
> Alternatively you could enhance the SELinux policy to grant svirt_t the
> permission to create sockets under /var/run/openvswitch too.
>
>> I finished a RFC patch for Unix socket after a glance of the code,
>> and not sure if this is right or there maybe other side-effects,
>> please point me out.
>>
>> I tested it for both server and client mode 'PF_UNIX' socket with a VM
>> running vhost-user.
>>
>> Old command line:
>> -chardev socket,id=char0,path=/var/run/openvswitch/vhost-user1,server
>>
>> New command line:
>> -chardev socket,id=char0,path=/var/run/openvswitch/vhost-user1,server,sockfd=$n
>>
>> because unix socket is bundled with a path, so it should be kept even with the
>> 'fd' is indicated, this looks odd, any comments?
>
> Yes, this syntax doesn't really make sense. The passed in sockfd may not
> even be a UNIX socket - it could be a TCP socket. As such, the 'sockfd'
> option should be mutually exclusive with the 'path' and 'host' options.
> ie you can only supply one out of 'sockfd', 'path', or 'host'.
Currently i just add it for unix socket, and the connect/listen syscall
must have a path name, an inet socket doesn't need this param at all,
should it be supported also?
>
>
> FWIW, I think the ability to pass a pre-opened socket FD with the
> -chardev socket backend is a useful enhancement, even though I don't
> think you need this in order to fix the problem you have.
OK, thanks for you quick feedback, i just wonder if 'add-fd' and
qemu_open() can be a more general solution.
>
> Regards,
> Daniel
>
next prev parent reply other threads:[~2016-06-01 16:17 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1464712247-11655-1-git-send-email-wexu@redhat.com>
[not found] ` <574DC83B.9010802@redhat.com>
2016-06-01 15:44 ` [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket Wei Xu
[not found] ` <20160531164448.GE21628@redhat.com>
2016-06-01 16:16 ` Wei Xu [this message]
2016-06-02 7:41 ` Michal Privoznik
2016-06-02 8:29 ` Daniel P. Berrange
2016-06-02 11:38 ` Michal Privoznik
2016-06-02 18:07 ` Wei Xu
2016-06-03 8:32 ` Daniel P. Berrange
2016-06-08 10:07 ` Amnon Ilan
[not found] ` <20160608212738.GH3073@plex>
[not found] ` <f7tvb1jxsfq.fsf@redhat.com>
2016-06-09 7:46 ` Amnon Ilan
2016-06-09 9:16 ` Daniel P. Berrange
2016-06-13 8:57 ` Michal Privoznik
2016-06-14 8:03 ` Wei Xu
2016-06-14 8:17 ` Daniel P. Berrange
2016-06-14 14:23 ` Aaron Conole
2016-06-14 17:50 ` Wei Xu
2016-06-14 12:47 ` Amnon Ilan
2016-06-14 14:21 ` Aaron Conole
2016-06-02 19:27 ` [Qemu-devel] Channel paths (was: Re: [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket) Sascha Silbe
[not found] ` <201606021927.u52JB3YU031760@mx0a-001b2d01.pphosted.com>
2016-06-03 8:34 ` Daniel P. Berrange
2016-06-07 18:44 ` [Qemu-devel] Channel paths Sascha Silbe
2016-06-22 15:24 ` [Qemu-devel] [RFC Patch 0/3] Accept passed in socket 'fd' open from outside for unix socket Wei Xu
[not found] ` <1464712247-11655-3-git-send-email-wexu@redhat.com>
[not found] ` <574DC93E.4000700@redhat.com>
2016-06-01 16:20 ` [Qemu-devel] [RFC Patch 2/3] chardev: save the passed in 'fd' parameter during parsing Wei Xu
2016-06-22 15:26 ` Wei Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=574F0A7B.5030401@redhat.com \
--to=wexu@redhat.com \
--cc=amit.shah@redhat.com \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=eblake@redhat.com \
--cc=jasowang@redhat.com \
--cc=mprivozn@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).