From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1M3VYK-00068I-VZ for qemu-devel@nongnu.org; Mon, 11 May 2009 09:28:21 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1M3VYF-00066O-2k for qemu-devel@nongnu.org; Mon, 11 May 2009 09:28:19 -0400 Received: from [199.232.76.173] (port=40368 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1M3VYD-000669-MY for qemu-devel@nongnu.org; Mon, 11 May 2009 09:28:14 -0400 Received: from mail-bw0-f223.google.com ([209.85.218.223]:35111) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1M3VYD-00040R-3L for qemu-devel@nongnu.org; Mon, 11 May 2009 09:28:13 -0400 Received: by bwz23 with SMTP id 23so2454084bwz.34 for ; Mon, 11 May 2009 06:28:11 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <1242029023.4638.3.camel@frecb07144> References: <8e04b5820905101119u39ae84bfp1bae24be6e057086@mail.gmail.com> <1242029023.4638.3.camel@frecb07144> Date: Mon, 11 May 2009 16:28:11 +0300 Message-ID: <8e04b5820905110628u3b8ac9ecm8f433e80f400508@mail.gmail.com> From: "Ciprian Dorin, Craciun" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] Re: [Nbd] Transforming stdin and stdout pair into a socket List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Laurent Vivier Cc: nbd-general@lists.sourceforge.net, linux-newbie@vger.kernel.org, qemu-devel@nongnu.org On Mon, May 11, 2009 at 11:03 AM, Laurent Vivier wrote: > Le dimanche 10 mai 2009 =C3=A0 21:19 +0300, Ciprian Dorin, Craciun a =C3= =A9crit : >> Hello all! > > Hi, > > perhaps the attached patch I wrote last year (november) is what you > want... > > I didn't try to apply it to an up-to-date qemu-nbd. > > Regards, > Laurent > >> =C2=A0 =C2=A0 Today I've played around with NBD (Network Block Disk), an= d >> qemu-nbd (a NBD client that exports QEMU disks as NBD's). >> >> =C2=A0 =C2=A0 My problem is the following: both NBD kernel module and qe= mu-nbd >> implementation expect to use a socket in order to communicate. >> =C2=A0 =C2=A0 This means that in order to securely tunnel the connection= over >> SSH (OpenSSH), I need an intermediary process that creates a socket >> and forwards all input / output between this socket and stdin / stdout >> (which are in fact pipes received from OpenSSH). >> >> =C2=A0 =C2=A0 My question is: can I somehow make the pair of stdin / std= out seem >> as a socket to the Linux syscalls (read and write)? (I would have to >> make stdin / stdout pair look like a single file descriptor.) (This >> would eliminate the intermediate process that just pipes data, and >> thus reduce the overhead.) >> >> =C2=A0 =C2=A0 Just to be clear: I know how to trick an application to ha= ve it's >> stdin and stdout be an opened socket (by using dup syscall). But in >> this case I need to trick the Linux kernel into thinking that stdin / >> stdout pair is a socket (or a single file descriptor). >> >> =C2=A0 =C2=A0 Thank you, >> =C2=A0 =C2=A0 Ciprian Craciun. >> >> ------------------------------------------------------------------------= ------ >> The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your >> production scanning environment may not be a perfect world - but thanks = to >> Kodak, there's a perfect scanner to get the job done! With the NEW KODAK= i700 >> Series Scanner you'll get full speed at 300 dpi even with all image >> processing features enabled. http://p.sf.net/sfu/kodak-com >> _______________________________________________ >> Nbd-general mailing list >> Nbd-general@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nbd-general >> > -- > ------------------ Laurent.Vivier@bull.net =C2=A0------------------ > "Tout ce qui est impossible reste =C3=A0 accomplir" =C2=A0 =C2=A0Jules Ve= rne > "Things are only impossible until they're not" Jean-Luc Picard Well, very clever! :) From what I've seen you are actually using the stdin as the socket descriptor, knowing that if qemu-nbd was started with the -i flag it means that inetd has already set both stdin and stdout to a real socket, and thus everything works Ok. Unfortunately this works only with inetd (or compatible system) without any SSL/TLS wrapping. My problem is that if the stdin and stdout are instead pipes (as it would happen in case of sshd?, or socat with SSL connector?) this would not work... Thank you for the idea. I could use if I don't find another solution. Ciprian.