From nobody Wed Apr 24 04:33:15 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=quarantine dis=quarantine) header.from=polymtl.ca ARC-Seal: i=1; a=rsa-sha256; t=1682658905; cv=none; d=zohomail.com; s=zohoarc; b=kgPX2zg3nfYlJ2NXxOeVTShI8vC2HpJM+LgD/YejNS+0cWH0p7Ef8yAZ1KwV69Z5zNBZkG79F1JOmFxq2SnGYd8DJkU0rJ5YXKenzzWNuZbL+hdshxsRZTpd494/E24kDyJpEj8Z0+1ji5AwEA71XCC2r91OpkYE98LZeGCJX2o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1682658905; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9vM5my3E8VOB3h/o6AEOL3oH5z3f1vVUarJFE30idQ8=; b=V4bm6Q0OWNPBW8dM2tpg0jUWtchiO6uy2Sdhd2shCIev1RiUbIto3y8mi4eL9s9RKDDxQIRyijt01fuoRmtSQPp2mpWlKR4vzuud/n0uXWFlYweil/Oh4t3gpmYPJVNMKEEuBnTQYIkqDA+fWd918wfk3fud57A8XPBa1xklEEE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail header.from= (p=quarantine dis=quarantine) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1682658905976816.6993602629027; Thu, 27 Apr 2023 22:15:05 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-6-VXCodLYcOya-wVPcN98-xQ-1; Fri, 28 Apr 2023 01:15:02 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 1C5272807D75; Fri, 28 Apr 2023 05:15:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 07FAA40C2064; Fri, 28 Apr 2023 05:15:00 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E5A781946A49; Fri, 28 Apr 2023 05:14:59 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A7D141946A45 for ; Fri, 28 Apr 2023 05:14:50 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 939D310DF8; Fri, 28 Apr 2023 05:14:50 +0000 (UTC) Received: from mimecast-mx02.redhat.com (mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C95151E3 for ; Fri, 28 Apr 2023 05:14:50 +0000 (UTC) Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6DFF0185A79C for ; Fri, 28 Apr 2023 05:14:50 +0000 (UTC) Received: from joplin.neuro.polymtl.ca (joplin.neuro.polymtl.ca [132.207.65.211]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-635-1u_j7s9_OOWOukVwixOF0w-2; Fri, 28 Apr 2023 01:14:48 -0400 Received: from localhost (joplin.neuro.polymtl.ca [local]) by joplin.neuro.polymtl.ca (OpenSMTPD) with ESMTPA id ad153b72; Fri, 28 Apr 2023 05:14:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1682658904; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=9vM5my3E8VOB3h/o6AEOL3oH5z3f1vVUarJFE30idQ8=; b=g11FjrYt8B6ZP/92pa0FGb90WbjslrwN6g5l0fXEgSA20kXiLy6iGdOHsBdCcU9JygLD/E US08Cfe2IeJ06vm9yA7w3J2bLuhf9O+31Ma1rxmUFRPOH7lhdGb6PMh5vlQ5NCB589RE58 7oXZoNZQbQo3AN/bRp06etTHR+tX63s= X-MC-Unique: VXCodLYcOya-wVPcN98-xQ-1 X-Original-To: libvir-list@listman.corp.redhat.com X-MC-Unique: 1u_j7s9_OOWOukVwixOF0w-2 From: Nick Guenther To: libvir-list@redhat.com Subject: [PATCH v2 1/1] qemu: Allow sockets in long or deep paths. Date: Fri, 28 Apr 2023 01:14:07 -0400 Message-Id: <20230428051406.361424-2-nick.guenther@polymtl.ca> In-Reply-To: <20230428051406.361424-1-nick.guenther@polymtl.ca> References: <20230428051406.361424-1-nick.guenther@polymtl.ca> MIME-Version: 1.0 X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection Definition; Similar Internal Domain=false; Similar Monitored External Domain=false; Custom External Domain=false; Mimecast External Domain=false; Newly Observed Domain=false; Internal User Name=false; Custom Display Name List=false; Reply-to Address Mismatch=false; Targeted Threat Dictionary=false; Mimecast Threat Dictionary=false; Custom Threat Dictionary=false X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Nick Guenther Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: polymtl.ca Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1682658906611100003 Content-Type: text/plain; charset="utf-8"; x-default="true" The qemu driver creates IPC sockets using absolute paths, but under POSIX socket paths are constrained pretty tightly. On systems with homedirs on an unusual mount point, like network homedirs, or just particularly long usernames, this could make starting VMs under qemu:///session impossible. Resolves https://gitlab.com/libvirt/libvirt/-/issues/466 Signed-off-by: Nick Guenther --- src/qemu/qemu_command.c | 72 ++++++++++++++++++++++++++++++++--------- 1 file changed, 57 insertions(+), 15 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 4ca93bf3dc..4bedbb515f 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4860,12 +4860,64 @@ qemuBuildSCSIHostdevDevProps(const virDomainDef *de= f, return g_steal_pointer(&props); } =20 +struct qemuBindSocketData { + int fd; + char* path; +}; + +static int +qemuBindSocket(pid_t ppid G_GNUC_UNUSED, void *opaque) +{ + /* The path length of a unix socket is limited to what fits in sockadd= r_un. + * It's pretty short: 108 on Linux, and this is too easy to hit. + * + * Work around this limit by using a *relative path*, by chdir()ing fi= rst. + * But chdir() isn't thread-safe, so run it in a *subprocess* (this fu= nction) + * where the chdir() will be instantly forgotten once it has helped co= nfigure fd. + * + * background: https://stackoverflow.com/questions/34829600/why-is-the= -maximal-path-length-allowed-for-unix-sockets-on-linux-108 + */ + + g_autofree char *dir =3D NULL; + g_autofree char *name =3D NULL; + + struct sockaddr_un addr; + struct qemuBindSocketData *data =3D opaque; + + dir =3D g_path_get_dirname(data->path); + name =3D g_path_get_basename(data->path); + + memset(&addr, 0, sizeof(addr)); + addr.sun_family =3D AF_UNIX; + if (virStrcpyStatic(addr.sun_path, name) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("UNIX socket name '%1$s' too long"), + name); + return -1; + } + + if (chdir(dir) < 0) { + virReportSystemError(errno, + _("Unable to chdir to containing directory '%= 1$s' while binding UNIX socket '%2$s'"), + dir, name); + return -1; + } + + if (bind(data->fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) { + virReportSystemError(errno, + _("Unable to bind UNIX socket '%1$s/%2$s'"), + dir, name); + return -1; + } + + return 0; +} + int qemuOpenChrChardevUNIXSocket(const virDomainChrSourceDef *dev) { - struct sockaddr_un addr; - socklen_t addrlen =3D sizeof(addr); int fd; + struct qemuBindSocketData bindData; =20 if ((fd =3D socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { virReportSystemError(errno, "%s", @@ -4873,15 +4925,6 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourc= eDef *dev) goto error; } =20 - memset(&addr, 0, sizeof(addr)); - addr.sun_family =3D AF_UNIX; - if (virStrcpyStatic(addr.sun_path, dev->data.nix.path) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("UNIX socket path '%1$s' too long"), - dev->data.nix.path); - goto error; - } - if (unlink(dev->data.nix.path) < 0 && errno !=3D ENOENT) { virReportSystemError(errno, _("Unable to unlink %1$s"), @@ -4889,10 +4932,9 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourc= eDef *dev) goto error; } =20 - if (bind(fd, (struct sockaddr *)&addr, addrlen) < 0) { - virReportSystemError(errno, - _("Unable to bind to UNIX socket path '%1$s'"= ), - dev->data.nix.path); + bindData.fd =3D fd; + bindData.path =3D dev->data.nix.path; + if (virProcessRunInFork(qemuBindSocket, &bindData) < 0) { goto error; } =20 --=20 2.34.1