From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: [PATCH v2 qemu-traditional] qemu: Fix race condition
	when opening ports
Date: Mon, 9 Dec 2013 13:27:23 +0000
Message-ID: <1386595643-8639-1-git-send-email-andrew.cooper3@citrix.com>
References: <52A5C2E6.3080005@eu.citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <52A5C2E6.3080005@eu.citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Xen-devel <xen-devel@lists.xen.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>, Ian Jackson <Ian.Jackson@eu.citrix.com>, Ian Campbell <Ian.Campbell@citrix.com>, Stefano Stabellini <stefano.stabellini@citrix.com>
List-Id: xen-devel@lists.xenproject.org

Two Qemus can race to bind the same VNC port.  It is valid for multiple
bind()s on the same socket to succeed, but only the first listen() will
succeed.

In the case that two Qemus are starting at the same time, and both trying to
grab the next free VNC port, the second one will fail with an EADDRINUSE, and
bail with a fatal error which renders the domain functionally useless.

In the case that listen() fails with EADDRINUSE, rebind the socket again and
try for the next port.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Ian Campbell <Ian.Campbell@citrix.com>
CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
CC: Stefano Stabellini <stefano.stabellini@citrix.com>
Release-acked-by: George Dunlap <george.dunlap@eu.citrix.com>

---

Changes in v2:
 * Fix commit message.

This fix has been in XenServer for two and a half years
---
 qemu-sockets.c |   23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/qemu-sockets.c b/qemu-sockets.c
index 9b9fa77..e54f6ad 100644
--- a/qemu-sockets.c
+++ b/qemu-sockets.c
@@ -163,6 +163,7 @@ int inet_listen(const char *str, char *ostr, int olen,
 
     /* create socket + bind */
     for (e = res; e != NULL; e = e->ai_next) {
+    rebind:
 	getnameinfo((struct sockaddr*)e->ai_addr,e->ai_addrlen,
 		    uaddr,INET6_ADDRSTRLEN,uport,32,
 		    NI_NUMERICHOST | NI_NUMERICSERV);
@@ -186,7 +187,20 @@ int inet_listen(const char *str, char *ostr, int olen,
                 if (sockets_debug)
                     fprintf(stderr,"%s: bind(%s,%s,%d): OK\n", __FUNCTION__,
                             inet_strfamily(e->ai_family), uaddr, inet_getport(e));
-                goto listen;
+                if (listen(slisten,1) == 0) {
+                    goto listened;
+                } else {
+                    int err = errno;
+
+                    perror("listen");
+                    closesocket(slisten);
+
+                    if (err == EADDRINUSE)
+                        goto rebind;
+                    freeaddrinfo(res);
+                    return -1;
+                }
+
             }
             try_next = to && (inet_getport(e) <= to + port_offset);
             if (!try_next || sockets_debug)
@@ -205,12 +219,7 @@ int inet_listen(const char *str, char *ostr, int olen,
     freeaddrinfo(res);
     return -1;
 
-listen:
-    if (listen(slisten,1) != 0) {
-        perror("listen");
-        closesocket(slisten);
-        return -1;
-    }
+listened:
     if (ostr) {
         if (e->ai_family == PF_INET6) {
             snprintf(ostr, olen, "[%s]:%d%s", uaddr,
-- 
1.7.10.4