[CRIU] Re: [PATCH 4/5] util-net: Add send_fds and recv_fds

Wed Mar 21 09:09:57 EDT 2012

On 03/21/2012 03:47 PM, Cyrill Gorcunov wrote:
> We will need these helpers to transfer file
> descriptors from dumpee to our space.
> 
> Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
> ---
>  include/util-net.h |    4 ++
>  util-net.c         |  119 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>  2 files changed, 123 insertions(+), 0 deletions(-)
> 
> diff --git a/include/util-net.h b/include/util-net.h
> index 5993778..553ac30 100644
> --- a/include/util-net.h
> +++ b/include/util-net.h
> @@ -31,4 +31,8 @@ struct scm_fdset {
>  
>  extern int send_fd(int sock, struct sockaddr_un *saddr, int len, int fd);
>  extern int recv_fd(int sock);
> +
> +extern int send_fds(int sock, struct sockaddr_un *saddr, int saddr_len, int *fds, int nr_fds);
> +extern int recv_fds(int sock, int *fds, int nr_fds);
> +
>  #endif
> diff --git a/util-net.c b/util-net.c
> index afd51bd..81d2e05 100644
> --- a/util-net.c
> +++ b/util-net.c
> @@ -1,8 +1,127 @@
>  #include <sys/socket.h>
>  #include <sys/un.h>
> +#include <errno.h>
>  
> +#include "compiler.h"
> +#include "types.h"
> +#include "builtins.h"
>  #include "syscall.h"
>  
> +#include "util-net.h"
> +
> +static void scm_fdset_init_chunk(struct scm_fdset *fdset, int nr_fds)
> +{
> +	int min_fd = min(nr_fds, CR_SCM_MAX_FD);
> +	struct cmsghdr *cmsg;
> +
> +	cmsg				= CMSG_FIRSTHDR(&fdset->hdr);
> +	fdset->hdr.msg_controllen	= CMSG_LEN(sizeof(int) * min_fd);
> +	cmsg->cmsg_len			= fdset->hdr.msg_controllen;
> +	fdset->nr_fds			= min_fd;
> +}
> +
> +static int *scm_fdset_init(struct scm_fdset *fdset, struct sockaddr_un *saddr, int saddr_len)
> +{
> +	struct cmsghdr *cmsg;
> +
> +	BUILD_BUG_ON(CR_SCM_MAX_FD > SCM_MAX_FD);
> +	BUILD_BUG_ON(sizeof(fdset->msg_buf) < (CMSG_SPACE(sizeof(int) * CR_SCM_MAX_FD)));
> +
> +	fdset->nr_fds			= CR_SCM_MAX_FD;

This field is effectively constant is this code. Remove it.

> +	fdset->msg			= 0;
> +
> +	fdset->iov.iov_base		= &fdset->msg;
> +	fdset->iov.iov_len		= sizeof(fdset->msg);
> +
> +	fdset->hdr.msg_iov		= &fdset->iov;
> +	fdset->hdr.msg_iovlen		= 1;
> +	fdset->hdr.msg_name		= (struct sockaddr *)saddr;
> +	fdset->hdr.msg_namelen		= saddr_len;
> +
> +	fdset->hdr.msg_control		= &fdset->msg_buf;
> +	fdset->hdr.msg_controllen	= CMSG_LEN(sizeof(int) * CR_SCM_MAX_FD);
> +
> +	cmsg				= CMSG_FIRSTHDR(&fdset->hdr);
> +	cmsg->cmsg_len			= fdset->hdr.msg_controllen;
> +	cmsg->cmsg_level		= SOL_SOCKET;
> +	cmsg->cmsg_type			= SCM_RIGHTS;
> +
> +	return (int *)CMSG_DATA(cmsg);
> +}
> +
> +static int scm_fdset_send(int sock, struct scm_fdset *fdset)
> +{
> +	int ret = sys_sendmsg(sock, &fdset->hdr, 0);
> +	if (ret <= 0)
> +		return ret;
> +
> +	return fdset->nr_fds;
> +}
> +
> +static int scm_fdset_recv(int sock, struct scm_fdset *fdset)
> +{
> +	struct cmsghdr *cmsg;
> +	int min_fd;
> +	int ret = 0;
> +
> +	scm_fdset_init_chunk(fdset, CR_SCM_MAX_FD);

Already done in caller.

> +	ret = sys_recvmsg(sock, &fdset->hdr, 0);
> +	if (ret < 0)
> +		return ret;
> +
> +	cmsg = CMSG_FIRSTHDR(&fdset->hdr);
> +	if (!cmsg || cmsg->cmsg_type != SCM_RIGHTS)
> +		return -EINVAL;
> +
> +	min_fd = (cmsg->cmsg_len - sizeof(struct cmsghdr)) / sizeof(int);
> +	min_fd = min(min_fd, CR_SCM_MAX_FD);

This is wrong. If the peer has sent us (for any reason) more fds than we expected
we should report an error, not silently trim the array.

> +	fdset->nr_fds = min_fd;
> +
> +	return 0;
> +}
> +
> +int send_fds(int sock, struct sockaddr_un *saddr, int saddr_len, int *fds, int nr_fds)
> +{
> +	struct scm_fdset fdset;
> +	int *fds_tx;
> +	int i, j, ret;
> +
> +	fds_tx = scm_fdset_init(&fdset, saddr, saddr_len);
> +
> +	for (i = 0; i < nr_fds; i += fdset.nr_fds) {
> +		scm_fdset_init_chunk(&fdset, nr_fds - i);

The trim insite the _init_cunk is obfuscating.

> +		builtin_memcpy(fds_tx, &fds[i], sizeof(int) * fdset.nr_fds);
> +
> +		ret = scm_fdset_send(sock, &fdset);
> +		if (ret < 0)
> +			return ret;
> +	}
> +
> +	return 0;
> +}
> +
> +int recv_fds(int sock, int *fds, int nr_fds)
> +{
> +	struct scm_fdset fdset;
> +	int *fds_rx;
> +	int i, j, ret;
> +
> +	fds_rx = scm_fdset_init(&fdset, NULL, 0);
> +
> +	for (i = 0; i < nr_fds; i += fdset.nr_fds) {
> +		scm_fdset_init_chunk(&fdset, CR_SCM_MAX_FD);
> +		ret = scm_fdset_recv(sock, &fdset);
> +		if (ret < 0)
> +			return ret;
> +
> +		builtin_memcpy(&fds[i], fds_rx, sizeof(int) * fdset.nr_fds);
> +	}
> +
> +	return 0;
> +}
> +
>  int send_fd(int sock, struct sockaddr_un *saddr, int len, int fd)
>  {
>  	char cmsgbuf[CMSG_SPACE(sizeof(int))];