rpms
/
qemu
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qemu-4.2.0-4.fc32 

virtio-fs support from upstream
This commit is contained in:
Cole Robinson 2020-01-28 09:48:34 -05:00
parent b98348b411
commit 1d442bb612
118 changed files with 42758 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
0001-tests-fix-modules-test-duplicate-test-case-error.patch
View File

@ -1,5 +1,3 @@
From d64c9aa098cc6e5c0b638438c4959eddfa7e24e2 Mon Sep 17 00:00:00 2001
Message-Id: <d64c9aa098cc6e5c0b638438c4959eddfa7e24e2.1573679311.git.crobinso@redhat.com>
From: Cole Robinson <crobinso@redhat.com>
Date: Wed, 13 Nov 2019 16:05:11 -0500
Subject: [PATCH] tests: fix modules-test 'duplicate test case' error
@ -35,6 +33,3 @@ index d1a6ace218..88217686e1 100644
qtest_add_data_func(testname, modules + i, test_modules_load);
g_free(testname);
}
--
2.23.0

6
0001-riscv-sifive_u-fix-a-memory-leak-in-soc_realize.patch → 0002-riscv-sifive_u-fix-a-memory-leak-in-soc_realize.patch
View File

@ -1,7 +1,6 @@
From bb8136df698bd565ee4f6c18d26c50dee320bfe4 Mon Sep 17 00:00:00 2001
From: Pan Nengyuan <pannengyuan@huawei.com>
Date: Tue, 10 Dec 2019 15:14:37 +0800
Subject: [PATCH 1/5] riscv/sifive_u: fix a memory leak in soc_realize()
Subject: [PATCH] riscv/sifive_u: fix a memory leak in soc_realize()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -29,6 +28,3 @@ index 0140e95732..0e12b3ccef 100644
sifive_uart_create(system_memory, memmap[SIFIVE_U_UART0].base,
serial_hd(0), qdev_get_gpio_in(DEVICE(s->plic), SIFIVE_U_UART0_IRQ));
sifive_uart_create(system_memory, memmap[SIFIVE_U_UART1].base,
--
2.24.1

6
0002-riscv-Set-xPIE-to-1-after-xRET.patch → 0003-riscv-Set-xPIE-to-1-after-xRET.patch
View File

@ -1,7 +1,6 @@
From a37f21c27d3e2342c2080aafd4cfe7e949612428 Mon Sep 17 00:00:00 2001
From: Yiting Wang <yiting.wang@windriver.com>
Date: Fri, 3 Jan 2020 11:53:42 +0800
Subject: [PATCH 2/5] riscv: Set xPIE to 1 after xRET
Subject: [PATCH] riscv: Set xPIE to 1 after xRET
When executing an xRET instruction, supposing xPP holds the
value y, xIE is set to xPIE; the privilege mode is changed to y;
@ -38,6 +37,3 @@ index 331cc36232..e87c9115bc 100644
mstatus = set_field(mstatus, MSTATUS_MPP, PRV_U);
riscv_cpu_set_mode(env, prev_priv);
env->mstatus = mstatus;
--
2.24.1

6
0003-target-riscv-Fix-tb-flags-FS-status.patch → 0004-target-riscv-Fix-tb-flags-FS-status.patch
View File

@ -1,7 +1,6 @@
From 613fa160e19abe8e1fe44423fcfa8ec73d3d48e5 Mon Sep 17 00:00:00 2001
From: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue, 14 Jan 2020 22:17:31 -0800
Subject: [PATCH 3/5] target/riscv: Fix tb->flags FS status
Subject: [PATCH] target/riscv: Fix tb->flags FS status
It was found that running libquantum on riscv-linux qemu produced an
incorrect result. After investigation, FP registers are not saved
@ -43,6 +42,3 @@ index e59343e13c..de0a8d893a 100644
#endif
}
--
2.24.1

6
0004-target-riscv-fsd-fsw-doesn-t-dirty-FP-state.patch → 0005-target-riscv-fsd-fsw-doesn-t-dirty-FP-state.patch
View File

@ -1,7 +1,6 @@
From a59796eb6d59bbd74ce28ddbddb1b83e60674e96 Mon Sep 17 00:00:00 2001
From: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue, 14 Jan 2020 22:17:32 -0800
Subject: [PATCH 4/5] target/riscv: fsd/fsw doesn't dirty FP state
Subject: [PATCH] target/riscv: fsd/fsw doesn't dirty FP state
Signed-off-by: ShihPo Hung <shihpo.hung@sifive.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
@ -36,6 +35,3 @@ index 172dbfa919..e23cd639a6 100644
return true;
}
--
2.24.1

6
0005-target-riscv-update-mstatus.SD-when-FS-is-set-dirty.patch → 0006-target-riscv-update-mstatus.SD-when-FS-is-set-dirty.patch
View File

@ -1,7 +1,6 @@
From 82f014671cf057de51c4a577c9e2ad637dcec6f9 Mon Sep 17 00:00:00 2001
From: ShihPo Hung <shihpo.hung@sifive.com>
Date: Tue, 14 Jan 2020 22:17:33 -0800
Subject: [PATCH 5/5] target/riscv: update mstatus.SD when FS is set dirty
Subject: [PATCH] target/riscv: update mstatus.SD when FS is set dirty
remove the check becuase SD bit should summarize FS and XS fields
unconditionally.
@ -42,6 +41,3 @@ index ab6a891dc3..8e40ed3ac4 100644
tcg_gen_st_tl(tmp, cpu_env, offsetof(CPURISCVState, mstatus));
tcg_temp_free(tmp);
}
--
2.24.1

41
0007-virtio-fs-fix-MSI-X-nvectors-calculation.patch Normal file
View File

@ -0,0 +1,41 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:00:36 +0000
Subject: [PATCH] virtio-fs: fix MSI-X nvectors calculation
The following MSI-X vectors are required:
* VIRTIO Configuration Change
* hiprio virtqueue
* requests virtqueues
Fix the calculation to reserve enough MSI-X vectors. Otherwise guest
drivers fall back to a sub-optional configuration where all virtqueues
share a single vector.
This change does not break live migration compatibility since
vhost-user-fs-pci devices are not migratable yet.
Reported-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20191209110759.35227-1-stefanha@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 366844f3d1329c6423dd752891a28ccb3ee8fddd)
---
hw/virtio/vhost-user-fs-pci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/hw/virtio/vhost-user-fs-pci.c b/hw/virtio/vhost-user-fs-pci.c
index 933a3f265b..e3a649d4a6 100644
--- a/hw/virtio/vhost-user-fs-pci.c
+++ b/hw/virtio/vhost-user-fs-pci.c
@@ -40,7 +40,8 @@ static void vhost_user_fs_pci_realize(VirtIOPCIProxy *vpci_dev, Error **errp)
DeviceState *vdev = DEVICE(&dev->vdev);
if (vpci_dev->nvectors == DEV_NVECTORS_UNSPECIFIED) {
- vpci_dev->nvectors = dev->vdev.conf.num_request_queues + 1;
+ /* Also reserve config change and hiprio queue vectors */
+ vpci_dev->nvectors = dev->vdev.conf.num_request_queues + 2;
}
qdev_set_parent_bus(vdev, BUS(&vpci_dev->bus));

43
0008-vhost-user-fs-remove-vhostfd-property.patch Normal file
View File

@ -0,0 +1,43 @@
From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Mon, 27 Jan 2020 19:00:37 +0000
Subject: [PATCH] vhost-user-fs: remove "vhostfd" property
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The property doesn't make much sense for a vhost-user device.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-Id: <20191116112016.14872-1-marcandre.lureau@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 703857348724319735d9be7b5b996e6445c6e6b9)
---
hw/virtio/vhost-user-fs.c | 1 -
include/hw/virtio/vhost-user-fs.h | 1 -
2 files changed, 2 deletions(-)
diff --git a/hw/virtio/vhost-user-fs.c b/hw/virtio/vhost-user-fs.c
index f0df7f4746..ca0b7fc9de 100644
--- a/hw/virtio/vhost-user-fs.c
+++ b/hw/virtio/vhost-user-fs.c
@@ -263,7 +263,6 @@ static Property vuf_properties[] = {
DEFINE_PROP_UINT16("num-request-queues", VHostUserFS,
conf.num_request_queues, 1),
DEFINE_PROP_UINT16("queue-size", VHostUserFS, conf.queue_size, 128),
- DEFINE_PROP_STRING("vhostfd", VHostUserFS, conf.vhostfd),
DEFINE_PROP_END_OF_LIST(),
};
diff --git a/include/hw/virtio/vhost-user-fs.h b/include/hw/virtio/vhost-user-fs.h
index 539885b458..9ff1bdb7cf 100644
--- a/include/hw/virtio/vhost-user-fs.h
+++ b/include/hw/virtio/vhost-user-fs.h
@@ -28,7 +28,6 @@ typedef struct {
char *tag;
uint16_t num_request_queues;
uint16_t queue_size;
- char *vhostfd;
} VHostUserFSConf;
typedef struct {

118
0009-build-rename-CONFIG_LIBCAP-to-CONFIG_LIBCAP_NG.patch Normal file
View File

@ -0,0 +1,118 @@
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Mon, 27 Jan 2020 19:00:38 +0000
Subject: [PATCH] build: rename CONFIG_LIBCAP to CONFIG_LIBCAP_NG
Since we are actually testing for the newer capng library, rename the
symbol to match.
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit a358bca24026a377e0804e137a4499e4e041918d)
---
configure | 2 +-
qemu-bridge-helper.c | 6 +++---
scsi/qemu-pr-helper.c | 12 ++++++------
3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/configure b/configure
index 6099be1d84..afe9393f04 100755
--- a/configure
+++ b/configure
@@ -6759,7 +6759,7 @@ if test "$l2tpv3" = "yes" ; then
echo "CONFIG_L2TPV3=y" >> $config_host_mak
fi
if test "$cap_ng" = "yes" ; then
- echo "CONFIG_LIBCAP=y" >> $config_host_mak
+ echo "CONFIG_LIBCAP_NG=y" >> $config_host_mak
fi
echo "CONFIG_AUDIO_DRIVERS=$audio_drv_list" >> $config_host_mak
for drv in $audio_drv_list; do
diff --git a/qemu-bridge-helper.c b/qemu-bridge-helper.c
index 3d50ec094c..88b26747fc 100644
--- a/qemu-bridge-helper.c
+++ b/qemu-bridge-helper.c
@@ -43,7 +43,7 @@
#include "net/tap-linux.h"
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
#include <cap-ng.h>
#endif
@@ -207,7 +207,7 @@ static int send_fd(int c, int fd)
return sendmsg(c, &msg, 0);
}
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
static int drop_privileges(void)
{
/* clear all capabilities */
@@ -246,7 +246,7 @@ int main(int argc, char **argv)
int access_allowed, access_denied;
int ret = EXIT_SUCCESS;
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
/* if we're run from an suid binary, immediately drop privileges preserving
* cap_net_admin */
if (geteuid() == 0 && getuid() != geteuid()) {
diff --git a/scsi/qemu-pr-helper.c b/scsi/qemu-pr-helper.c
index debb18f4aa..0659ceef09 100644
--- a/scsi/qemu-pr-helper.c
+++ b/scsi/qemu-pr-helper.c
@@ -24,7 +24,7 @@
#include <linux/dm-ioctl.h>
#include <scsi/sg.h>
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
#include <cap-ng.h>
#endif
#include <pwd.h>
@@ -70,7 +70,7 @@ static int num_active_sockets = 1;
static int noisy;
static int verbose;
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
static int uid = -1;
static int gid = -1;
#endif
@@ -97,7 +97,7 @@ static void usage(const char *name)
" (default '%s')\n"
" -T, --trace [[enable=]<pattern>][,events=<file>][,file=<file>]\n"
" specify tracing options\n"
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
" -u, --user=USER user to drop privileges to\n"
" -g, --group=GROUP group to drop privileges to\n"
#endif
@@ -827,7 +827,7 @@ static void close_server_socket(void)
num_active_sockets--;
}
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
static int drop_privileges(void)
{
/* clear all capabilities */
@@ -920,7 +920,7 @@ int main(int argc, char **argv)
pidfile = g_strdup(optarg);
pidfile_specified = true;
break;
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
case 'u': {
unsigned long res;
struct passwd *userinfo = getpwnam(optarg);
@@ -1056,7 +1056,7 @@ int main(int argc, char **argv)
exit(EXIT_FAILURE);
}
-#ifdef CONFIG_LIBCAP
+#ifdef CONFIG_LIBCAP_NG
if (drop_privileges() < 0) {
error_report("Failed to drop privileges: %s", strerror(errno));
exit(EXIT_FAILURE);

4895
0010-virtiofsd-Pull-in-upstream-headers.patch Normal file
View File

File diff suppressed because it is too large Load Diff

929
0011-virtiofsd-Pull-in-kernel-s-fuse.h.patch Normal file
View File

@ -0,0 +1,929 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:40 +0000
Subject: [PATCH] virtiofsd: Pull in kernel's fuse.h
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Update scripts/update-linux-headers.sh to add fuse.h and
use it to pull in fuse.h from the kernel; from v5.5-rc1
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit a62a9e192bc5f0aa0bc076b51db5a069add87c78)
---
include/standard-headers/linux/fuse.h | 891 ++++++++++++++++++++++++++
scripts/update-linux-headers.sh | 1 +
2 files changed, 892 insertions(+)
create mode 100644 include/standard-headers/linux/fuse.h
diff --git a/include/standard-headers/linux/fuse.h b/include/standard-headers/linux/fuse.h
new file mode 100644
index 0000000000..f4df0a40f6
--- /dev/null
+++ b/include/standard-headers/linux/fuse.h
@@ -0,0 +1,891 @@
+/* SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) */
+/*
+ This file defines the kernel interface of FUSE
+ Copyright (C) 2001-2008 Miklos Szeredi <miklos@szeredi.hu>
+
+ This program can be distributed under the terms of the GNU GPL.
+ See the file COPYING.
+
+ This -- and only this -- header file may also be distributed under
+ the terms of the BSD Licence as follows:
+
+ Copyright (C) 2001-2007 Miklos Szeredi. All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+ 1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
+ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ SUCH DAMAGE.
+*/
+
+/*
+ * This file defines the kernel interface of FUSE
+ *
+ * Protocol changelog:
+ *
+ * 7.1:
+ * - add the following messages:
+ * FUSE_SETATTR, FUSE_SYMLINK, FUSE_MKNOD, FUSE_MKDIR, FUSE_UNLINK,
+ * FUSE_RMDIR, FUSE_RENAME, FUSE_LINK, FUSE_OPEN, FUSE_READ, FUSE_WRITE,
+ * FUSE_RELEASE, FUSE_FSYNC, FUSE_FLUSH, FUSE_SETXATTR, FUSE_GETXATTR,
+ * FUSE_LISTXATTR, FUSE_REMOVEXATTR, FUSE_OPENDIR, FUSE_READDIR,
+ * FUSE_RELEASEDIR
+ * - add padding to messages to accommodate 32-bit servers on 64-bit kernels
+ *
+ * 7.2:
+ * - add FOPEN_DIRECT_IO and FOPEN_KEEP_CACHE flags
+ * - add FUSE_FSYNCDIR message
+ *
+ * 7.3:
+ * - add FUSE_ACCESS message
+ * - add FUSE_CREATE message
+ * - add filehandle to fuse_setattr_in
+ *
+ * 7.4:
+ * - add frsize to fuse_kstatfs
+ * - clean up request size limit checking
+ *
+ * 7.5:
+ * - add flags and max_write to fuse_init_out
+ *
+ * 7.6:
+ * - add max_readahead to fuse_init_in and fuse_init_out
+ *
+ * 7.7:
+ * - add FUSE_INTERRUPT message
+ * - add POSIX file lock support
+ *
+ * 7.8:
+ * - add lock_owner and flags fields to fuse_release_in
+ * - add FUSE_BMAP message
+ * - add FUSE_DESTROY message
+ *
+ * 7.9:
+ * - new fuse_getattr_in input argument of GETATTR
+ * - add lk_flags in fuse_lk_in
+ * - add lock_owner field to fuse_setattr_in, fuse_read_in and fuse_write_in
+ * - add blksize field to fuse_attr
+ * - add file flags field to fuse_read_in and fuse_write_in
+ * - Add ATIME_NOW and MTIME_NOW flags to fuse_setattr_in
+ *
+ * 7.10
+ * - add nonseekable open flag
+ *
+ * 7.11
+ * - add IOCTL message
+ * - add unsolicited notification support
+ * - add POLL message and NOTIFY_POLL notification
+ *
+ * 7.12
+ * - add umask flag to input argument of create, mknod and mkdir
+ * - add notification messages for invalidation of inodes and
+ * directory entries
+ *
+ * 7.13
+ * - make max number of background requests and congestion threshold
+ * tunables
+ *
+ * 7.14
+ * - add splice support to fuse device
+ *
+ * 7.15
+ * - add store notify
+ * - add retrieve notify
+ *
+ * 7.16
+ * - add BATCH_FORGET request
+ * - FUSE_IOCTL_UNRESTRICTED shall now return with array of 'struct
+ * fuse_ioctl_iovec' instead of ambiguous 'struct iovec'
+ * - add FUSE_IOCTL_32BIT flag
+ *
+ * 7.17
+ * - add FUSE_FLOCK_LOCKS and FUSE_RELEASE_FLOCK_UNLOCK
+ *
+ * 7.18
+ * - add FUSE_IOCTL_DIR flag
+ * - add FUSE_NOTIFY_DELETE
+ *
+ * 7.19
+ * - add FUSE_FALLOCATE
+ *
+ * 7.20
+ * - add FUSE_AUTO_INVAL_DATA
+ *
+ * 7.21
+ * - add FUSE_READDIRPLUS
+ * - send the requested events in POLL request
+ *
+ * 7.22
+ * - add FUSE_ASYNC_DIO
+ *
+ * 7.23
+ * - add FUSE_WRITEBACK_CACHE
+ * - add time_gran to fuse_init_out
+ * - add reserved space to fuse_init_out
+ * - add FATTR_CTIME
+ * - add ctime and ctimensec to fuse_setattr_in
+ * - add FUSE_RENAME2 request
+ * - add FUSE_NO_OPEN_SUPPORT flag
+ *
+ * 7.24
+ * - add FUSE_LSEEK for SEEK_HOLE and SEEK_DATA support
+ *
+ * 7.25
+ * - add FUSE_PARALLEL_DIROPS
+ *
+ * 7.26
+ * - add FUSE_HANDLE_KILLPRIV
+ * - add FUSE_POSIX_ACL
+ *
+ * 7.27
+ * - add FUSE_ABORT_ERROR
+ *
+ * 7.28
+ * - add FUSE_COPY_FILE_RANGE
+ * - add FOPEN_CACHE_DIR
+ * - add FUSE_MAX_PAGES, add max_pages to init_out
+ * - add FUSE_CACHE_SYMLINKS
+ *
+ * 7.29
+ * - add FUSE_NO_OPENDIR_SUPPORT flag
+ *
+ * 7.30
+ * - add FUSE_EXPLICIT_INVAL_DATA
+ * - add FUSE_IOCTL_COMPAT_X32
+ *
+ * 7.31
+ * - add FUSE_WRITE_KILL_PRIV flag
+ * - add FUSE_SETUPMAPPING and FUSE_REMOVEMAPPING
+ * - add map_alignment to fuse_init_out, add FUSE_MAP_ALIGNMENT flag
+ */
+
+#ifndef _LINUX_FUSE_H
+#define _LINUX_FUSE_H
+
+#include <stdint.h>
+
+/*
+ * Version negotiation:
+ *
+ * Both the kernel and userspace send the version they support in the
+ * INIT request and reply respectively.
+ *
+ * If the major versions match then both shall use the smallest
+ * of the two minor versions for communication.
+ *
+ * If the kernel supports a larger major version, then userspace shall
+ * reply with the major version it supports, ignore the rest of the
+ * INIT message and expect a new INIT message from the kernel with a
+ * matching major version.
+ *
+ * If the library supports a larger major version, then it shall fall
+ * back to the major protocol version sent by the kernel for
+ * communication and reply with that major version (and an arbitrary
+ * supported minor version).
+ */
+
+/** Version number of this interface */
+#define FUSE_KERNEL_VERSION 7
+
+/** Minor version number of this interface */
+#define FUSE_KERNEL_MINOR_VERSION 31
+
+/** The node ID of the root inode */
+#define FUSE_ROOT_ID 1
+
+/* Make sure all structures are padded to 64bit boundary, so 32bit
+ userspace works under 64bit kernels */
+
+struct fuse_attr {
+ uint64_t ino;
+ uint64_t size;
+ uint64_t blocks;
+ uint64_t atime;
+ uint64_t mtime;
+ uint64_t ctime;
+ uint32_t atimensec;
+ uint32_t mtimensec;
+ uint32_t ctimensec;
+ uint32_t mode;
+ uint32_t nlink;
+ uint32_t uid;
+ uint32_t gid;
+ uint32_t rdev;
+ uint32_t blksize;
+ uint32_t padding;
+};
+
+struct fuse_kstatfs {
+ uint64_t blocks;
+ uint64_t bfree;
+ uint64_t bavail;
+ uint64_t files;
+ uint64_t ffree;
+ uint32_t bsize;
+ uint32_t namelen;
+ uint32_t frsize;
+ uint32_t padding;
+ uint32_t spare[6];
+};
+
+struct fuse_file_lock {
+ uint64_t start;
+ uint64_t end;
+ uint32_t type;
+ uint32_t pid; /* tgid */
+};
+
+/**
+ * Bitmasks for fuse_setattr_in.valid
+ */
+#define FATTR_MODE (1 << 0)
+#define FATTR_UID (1 << 1)
+#define FATTR_GID (1 << 2)
+#define FATTR_SIZE (1 << 3)
+#define FATTR_ATIME (1 << 4)
+#define FATTR_MTIME (1 << 5)
+#define FATTR_FH (1 << 6)
+#define FATTR_ATIME_NOW (1 << 7)
+#define FATTR_MTIME_NOW (1 << 8)
+#define FATTR_LOCKOWNER (1 << 9)
+#define FATTR_CTIME (1 << 10)
+
+/**
+ * Flags returned by the OPEN request
+ *
+ * FOPEN_DIRECT_IO: bypass page cache for this open file
+ * FOPEN_KEEP_CACHE: don't invalidate the data cache on open
+ * FOPEN_NONSEEKABLE: the file is not seekable
+ * FOPEN_CACHE_DIR: allow caching this directory
+ * FOPEN_STREAM: the file is stream-like (no file position at all)
+ */
+#define FOPEN_DIRECT_IO (1 << 0)
+#define FOPEN_KEEP_CACHE (1 << 1)
+#define FOPEN_NONSEEKABLE (1 << 2)
+#define FOPEN_CACHE_DIR (1 << 3)
+#define FOPEN_STREAM (1 << 4)
+
+/**
+ * INIT request/reply flags
+ *
+ * FUSE_ASYNC_READ: asynchronous read requests
+ * FUSE_POSIX_LOCKS: remote locking for POSIX file locks
+ * FUSE_FILE_OPS: kernel sends file handle for fstat, etc... (not yet supported)
+ * FUSE_ATOMIC_O_TRUNC: handles the O_TRUNC open flag in the filesystem
+ * FUSE_EXPORT_SUPPORT: filesystem handles lookups of "." and ".."
+ * FUSE_BIG_WRITES: filesystem can handle write size larger than 4kB
+ * FUSE_DONT_MASK: don't apply umask to file mode on create operations
+ * FUSE_SPLICE_WRITE: kernel supports splice write on the device
+ * FUSE_SPLICE_MOVE: kernel supports splice move on the device
+ * FUSE_SPLICE_READ: kernel supports splice read on the device
+ * FUSE_FLOCK_LOCKS: remote locking for BSD style file locks
+ * FUSE_HAS_IOCTL_DIR: kernel supports ioctl on directories
+ * FUSE_AUTO_INVAL_DATA: automatically invalidate cached pages
+ * FUSE_DO_READDIRPLUS: do READDIRPLUS (READDIR+LOOKUP in one)
+ * FUSE_READDIRPLUS_AUTO: adaptive readdirplus
+ * FUSE_ASYNC_DIO: asynchronous direct I/O submission
+ * FUSE_WRITEBACK_CACHE: use writeback cache for buffered writes
+ * FUSE_NO_OPEN_SUPPORT: kernel supports zero-message opens
+ * FUSE_PARALLEL_DIROPS: allow parallel lookups and readdir
+ * FUSE_HANDLE_KILLPRIV: fs handles killing suid/sgid/cap on write/chown/trunc
+ * FUSE_POSIX_ACL: filesystem supports posix acls
+ * FUSE_ABORT_ERROR: reading the device after abort returns ECONNABORTED
+ * FUSE_MAX_PAGES: init_out.max_pages contains the max number of req pages
+ * FUSE_CACHE_SYMLINKS: cache READLINK responses
+ * FUSE_NO_OPENDIR_SUPPORT: kernel supports zero-message opendir
+ * FUSE_EXPLICIT_INVAL_DATA: only invalidate cached pages on explicit request
+ * FUSE_MAP_ALIGNMENT: map_alignment field is valid
+ */
+#define FUSE_ASYNC_READ (1 << 0)
+#define FUSE_POSIX_LOCKS (1 << 1)
+#define FUSE_FILE_OPS (1 << 2)
+#define FUSE_ATOMIC_O_TRUNC (1 << 3)
+#define FUSE_EXPORT_SUPPORT (1 << 4)
+#define FUSE_BIG_WRITES (1 << 5)
+#define FUSE_DONT_MASK (1 << 6)
+#define FUSE_SPLICE_WRITE (1 << 7)
+#define FUSE_SPLICE_MOVE (1 << 8)
+#define FUSE_SPLICE_READ (1 << 9)
+#define FUSE_FLOCK_LOCKS (1 << 10)
+#define FUSE_HAS_IOCTL_DIR (1 << 11)
+#define FUSE_AUTO_INVAL_DATA (1 << 12)
+#define FUSE_DO_READDIRPLUS (1 << 13)
+#define FUSE_READDIRPLUS_AUTO (1 << 14)
+#define FUSE_ASYNC_DIO (1 << 15)
+#define FUSE_WRITEBACK_CACHE (1 << 16)
+#define FUSE_NO_OPEN_SUPPORT (1 << 17)
+#define FUSE_PARALLEL_DIROPS (1 << 18)
+#define FUSE_HANDLE_KILLPRIV (1 << 19)
+#define FUSE_POSIX_ACL (1 << 20)
+#define FUSE_ABORT_ERROR (1 << 21)
+#define FUSE_MAX_PAGES (1 << 22)
+#define FUSE_CACHE_SYMLINKS (1 << 23)
+#define FUSE_NO_OPENDIR_SUPPORT (1 << 24)
+#define FUSE_EXPLICIT_INVAL_DATA (1 << 25)
+#define FUSE_MAP_ALIGNMENT (1 << 26)
+
+/**
+ * CUSE INIT request/reply flags
+ *
+ * CUSE_UNRESTRICTED_IOCTL: use unrestricted ioctl
+ */
+#define CUSE_UNRESTRICTED_IOCTL (1 << 0)
+
+/**
+ * Release flags
+ */
+#define FUSE_RELEASE_FLUSH (1 << 0)
+#define FUSE_RELEASE_FLOCK_UNLOCK (1 << 1)
+
+/**
+ * Getattr flags
+ */
+#define FUSE_GETATTR_FH (1 << 0)
+
+/**
+ * Lock flags
+ */
+#define FUSE_LK_FLOCK (1 << 0)
+
+/**
+ * WRITE flags
+ *
+ * FUSE_WRITE_CACHE: delayed write from page cache, file handle is guessed
+ * FUSE_WRITE_LOCKOWNER: lock_owner field is valid
+ * FUSE_WRITE_KILL_PRIV: kill suid and sgid bits
+ */
+#define FUSE_WRITE_CACHE (1 << 0)
+#define FUSE_WRITE_LOCKOWNER (1 << 1)
+#define FUSE_WRITE_KILL_PRIV (1 << 2)
+
+/**
+ * Read flags
+ */
+#define FUSE_READ_LOCKOWNER (1 << 1)
+
+/**
+ * Ioctl flags
+ *
+ * FUSE_IOCTL_COMPAT: 32bit compat ioctl on 64bit machine
+ * FUSE_IOCTL_UNRESTRICTED: not restricted to well-formed ioctls, retry allowed
+ * FUSE_IOCTL_RETRY: retry with new iovecs
+ * FUSE_IOCTL_32BIT: 32bit ioctl
+ * FUSE_IOCTL_DIR: is a directory
+ * FUSE_IOCTL_COMPAT_X32: x32 compat ioctl on 64bit machine (64bit time_t)
+ *
+ * FUSE_IOCTL_MAX_IOV: maximum of in_iovecs + out_iovecs
+ */
+#define FUSE_IOCTL_COMPAT (1 << 0)
+#define FUSE_IOCTL_UNRESTRICTED (1 << 1)
+#define FUSE_IOCTL_RETRY (1 << 2)
+#define FUSE_IOCTL_32BIT (1 << 3)
+#define FUSE_IOCTL_DIR (1 << 4)
+#define FUSE_IOCTL_COMPAT_X32 (1 << 5)
+
+#define FUSE_IOCTL_MAX_IOV 256
+
+/**
+ * Poll flags
+ *
+ * FUSE_POLL_SCHEDULE_NOTIFY: request poll notify
+ */
+#define FUSE_POLL_SCHEDULE_NOTIFY (1 << 0)
+
+/**
+ * Fsync flags
+ *
+ * FUSE_FSYNC_FDATASYNC: Sync data only, not metadata
+ */
+#define FUSE_FSYNC_FDATASYNC (1 << 0)
+
+enum fuse_opcode {
+ FUSE_LOOKUP = 1,
+ FUSE_FORGET = 2, /* no reply */
+ FUSE_GETATTR = 3,
+ FUSE_SETATTR = 4,
+ FUSE_READLINK = 5,
+ FUSE_SYMLINK = 6,
+ FUSE_MKNOD = 8,
+ FUSE_MKDIR = 9,
+ FUSE_UNLINK = 10,
+ FUSE_RMDIR = 11,
+ FUSE_RENAME = 12,
+ FUSE_LINK = 13,
+ FUSE_OPEN = 14,
+ FUSE_READ = 15,
+ FUSE_WRITE = 16,
+ FUSE_STATFS = 17,
+ FUSE_RELEASE = 18,
+ FUSE_FSYNC = 20,
+ FUSE_SETXATTR = 21,
+ FUSE_GETXATTR = 22,
+ FUSE_LISTXATTR = 23,
+ FUSE_REMOVEXATTR = 24,
+ FUSE_FLUSH = 25,
+ FUSE_INIT = 26,
+ FUSE_OPENDIR = 27,
+ FUSE_READDIR = 28,
+ FUSE_RELEASEDIR = 29,
+ FUSE_FSYNCDIR = 30,
+ FUSE_GETLK = 31,
+ FUSE_SETLK = 32,
+ FUSE_SETLKW = 33,
+ FUSE_ACCESS = 34,
+ FUSE_CREATE = 35,
+ FUSE_INTERRUPT = 36,
+ FUSE_BMAP = 37,
+ FUSE_DESTROY = 38,
+ FUSE_IOCTL = 39,
+ FUSE_POLL = 40,
+ FUSE_NOTIFY_REPLY = 41,
+ FUSE_BATCH_FORGET = 42,
+ FUSE_FALLOCATE = 43,
+ FUSE_READDIRPLUS = 44,
+ FUSE_RENAME2 = 45,
+ FUSE_LSEEK = 46,
+ FUSE_COPY_FILE_RANGE = 47,
+ FUSE_SETUPMAPPING = 48,
+ FUSE_REMOVEMAPPING = 49,
+
+ /* CUSE specific operations */
+ CUSE_INIT = 4096,
+
+ /* Reserved opcodes: helpful to detect structure endian-ness */
+ CUSE_INIT_BSWAP_RESERVED = 1048576, /* CUSE_INIT << 8 */
+ FUSE_INIT_BSWAP_RESERVED = 436207616, /* FUSE_INIT << 24 */
+};
+
+enum fuse_notify_code {
+ FUSE_NOTIFY_POLL = 1,
+ FUSE_NOTIFY_INVAL_INODE = 2,
+ FUSE_NOTIFY_INVAL_ENTRY = 3,
+ FUSE_NOTIFY_STORE = 4,
+ FUSE_NOTIFY_RETRIEVE = 5,
+ FUSE_NOTIFY_DELETE = 6,
+ FUSE_NOTIFY_CODE_MAX,
+};
+
+/* The read buffer is required to be at least 8k, but may be much larger */
+#define FUSE_MIN_READ_BUFFER 8192
+
+#define FUSE_COMPAT_ENTRY_OUT_SIZE 120
+
+struct fuse_entry_out {
+ uint64_t nodeid; /* Inode ID */
+ uint64_t generation; /* Inode generation: nodeid:gen must
+ be unique for the fs's lifetime */
+ uint64_t entry_valid; /* Cache timeout for the name */
+ uint64_t attr_valid; /* Cache timeout for the attributes */
+ uint32_t entry_valid_nsec;
+ uint32_t attr_valid_nsec;
+ struct fuse_attr attr;
+};
+
+struct fuse_forget_in {
+ uint64_t nlookup;
+};
+
+struct fuse_forget_one {
+ uint64_t nodeid;
+ uint64_t nlookup;
+};
+
+struct fuse_batch_forget_in {
+ uint32_t count;
+ uint32_t dummy;
+};
+
+struct fuse_getattr_in {
+ uint32_t getattr_flags;
+ uint32_t dummy;
+ uint64_t fh;
+};
+
+#define FUSE_COMPAT_ATTR_OUT_SIZE 96
+
+struct fuse_attr_out {
+ uint64_t attr_valid; /* Cache timeout for the attributes */
+ uint32_t attr_valid_nsec;
+ uint32_t dummy;
+ struct fuse_attr attr;
+};
+
+#define FUSE_COMPAT_MKNOD_IN_SIZE 8
+
+struct fuse_mknod_in {
+ uint32_t mode;
+ uint32_t rdev;
+ uint32_t umask;
+ uint32_t padding;
+};
+
+struct fuse_mkdir_in {
+ uint32_t mode;
+ uint32_t umask;
+};
+
+struct fuse_rename_in {
+ uint64_t newdir;
+};
+
+struct fuse_rename2_in {
+ uint64_t newdir;
+ uint32_t flags;
+ uint32_t padding;
+};
+
+struct fuse_link_in {
+ uint64_t oldnodeid;
+};
+
+struct fuse_setattr_in {
+ uint32_t valid;
+ uint32_t padding;
+ uint64_t fh;
+ uint64_t size;
+ uint64_t lock_owner;
+ uint64_t atime;
+ uint64_t mtime;
+ uint64_t ctime;
+ uint32_t atimensec;
+ uint32_t mtimensec;
+ uint32_t ctimensec;
+ uint32_t mode;
+ uint32_t unused4;
+ uint32_t uid;
+ uint32_t gid;
+ uint32_t unused5;
+};
+
+struct fuse_open_in {
+ uint32_t flags;
+ uint32_t unused;
+};
+
+struct fuse_create_in {
+ uint32_t flags;
+ uint32_t mode;
+ uint32_t umask;
+ uint32_t padding;
+};
+
+struct fuse_open_out {
+ uint64_t fh;
+ uint32_t open_flags;
+ uint32_t padding;
+};
+
+struct fuse_release_in {
+ uint64_t fh;
+ uint32_t flags;
+ uint32_t release_flags;
+ uint64_t lock_owner;
+};
+
+struct fuse_flush_in {
+ uint64_t fh;
+ uint32_t unused;
+ uint32_t padding;
+ uint64_t lock_owner;
+};
+
+struct fuse_read_in {
+ uint64_t fh;
+ uint64_t offset;
+ uint32_t size;
+ uint32_t read_flags;
+ uint64_t lock_owner;
+ uint32_t flags;
+ uint32_t padding;
+};
+
+#define FUSE_COMPAT_WRITE_IN_SIZE 24
+
+struct fuse_write_in {
+ uint64_t fh;
+ uint64_t offset;
+ uint32_t size;
+ uint32_t write_flags;
+ uint64_t lock_owner;
+ uint32_t flags;
+ uint32_t padding;
+};
+
+struct fuse_write_out {
+ uint32_t size;
+ uint32_t padding;
+};
+
+#define FUSE_COMPAT_STATFS_SIZE 48
+
+struct fuse_statfs_out {
+ struct fuse_kstatfs st;
+};
+
+struct fuse_fsync_in {
+ uint64_t fh;
+ uint32_t fsync_flags;
+ uint32_t padding;
+};
+
+struct fuse_setxattr_in {
+ uint32_t size;
+ uint32_t flags;
+};
+
+struct fuse_getxattr_in {
+ uint32_t size;
+ uint32_t padding;
+};
+
+struct fuse_getxattr_out {
+ uint32_t size;
+ uint32_t padding;
+};
+
+struct fuse_lk_in {
+ uint64_t fh;
+ uint64_t owner;
+ struct fuse_file_lock lk;
+ uint32_t lk_flags;
+ uint32_t padding;
+};
+
+struct fuse_lk_out {
+ struct fuse_file_lock lk;
+};
+
+struct fuse_access_in {
+ uint32_t mask;
+ uint32_t padding;
+};
+
+struct fuse_init_in {
+ uint32_t major;
+ uint32_t minor;
+ uint32_t max_readahead;
+ uint32_t flags;
+};
+
+#define FUSE_COMPAT_INIT_OUT_SIZE 8
+#define FUSE_COMPAT_22_INIT_OUT_SIZE 24
+
+struct fuse_init_out {
+ uint32_t major;
+ uint32_t minor;
+ uint32_t max_readahead;
+ uint32_t flags;
+ uint16_t max_background;
+ uint16_t congestion_threshold;
+ uint32_t max_write;
+ uint32_t time_gran;
+ uint16_t max_pages;
+ uint16_t map_alignment;
+ uint32_t unused[8];
+};
+
+#define CUSE_INIT_INFO_MAX 4096
+
+struct cuse_init_in {
+ uint32_t major;
+ uint32_t minor;
+ uint32_t unused;
+ uint32_t flags;
+};
+
+struct cuse_init_out {
+ uint32_t major;
+ uint32_t minor;
+ uint32_t unused;
+ uint32_t flags;
+ uint32_t max_read;
+ uint32_t max_write;
+ uint32_t dev_major; /* chardev major */
+ uint32_t dev_minor; /* chardev minor */
+ uint32_t spare[10];
+};
+
+struct fuse_interrupt_in {
+ uint64_t unique;
+};
+
+struct fuse_bmap_in {
+ uint64_t block;
+ uint32_t blocksize;
+ uint32_t padding;
+};
+
+struct fuse_bmap_out {
+ uint64_t block;
+};
+
+struct fuse_ioctl_in {
+ uint64_t fh;
+ uint32_t flags;
+ uint32_t cmd;
+ uint64_t arg;
+ uint32_t in_size;
+ uint32_t out_size;
+};
+
+struct fuse_ioctl_iovec {
+ uint64_t base;
+ uint64_t len;
+};
+
+struct fuse_ioctl_out {
+ int32_t result;
+ uint32_t flags;
+ uint32_t in_iovs;
+ uint32_t out_iovs;
+};
+
+struct fuse_poll_in {
+ uint64_t fh;
+ uint64_t kh;
+ uint32_t flags;
+ uint32_t events;
+};
+
+struct fuse_poll_out {
+ uint32_t revents;
+ uint32_t padding;
+};
+
+struct fuse_notify_poll_wakeup_out {
+ uint64_t kh;
+};
+
+struct fuse_fallocate_in {
+ uint64_t fh;
+ uint64_t offset;
+ uint64_t length;
+ uint32_t mode;
+ uint32_t padding;
+};
+
+struct fuse_in_header {
+ uint32_t len;
+ uint32_t opcode;
+ uint64_t unique;
+ uint64_t nodeid;
+ uint32_t uid;
+ uint32_t gid;
+ uint32_t pid;
+ uint32_t padding;
+};
+
+struct fuse_out_header {
+ uint32_t len;
+ int32_t error;
+ uint64_t unique;
+};
+
+struct fuse_dirent {
+ uint64_t ino;
+ uint64_t off;
+ uint32_t namelen;
+ uint32_t type;
+ char name[];
+};
+
+#define FUSE_NAME_OFFSET offsetof(struct fuse_dirent, name)
+#define FUSE_DIRENT_ALIGN(x) \
+ (((x) + sizeof(uint64_t) - 1) & ~(sizeof(uint64_t) - 1))
+#define FUSE_DIRENT_SIZE(d) \
+ FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET + (d)->namelen)
+
+struct fuse_direntplus {
+ struct fuse_entry_out entry_out;
+ struct fuse_dirent dirent;
+};
+
+#define FUSE_NAME_OFFSET_DIRENTPLUS \
+ offsetof(struct fuse_direntplus, dirent.name)
+#define FUSE_DIRENTPLUS_SIZE(d) \
+ FUSE_DIRENT_ALIGN(FUSE_NAME_OFFSET_DIRENTPLUS + (d)->dirent.namelen)
+
+struct fuse_notify_inval_inode_out {
+ uint64_t ino;
+ int64_t off;
+ int64_t len;
+};
+
+struct fuse_notify_inval_entry_out {
+ uint64_t parent;
+ uint32_t namelen;
+ uint32_t padding;
+};
+
+struct fuse_notify_delete_out {
+ uint64_t parent;
+ uint64_t child;
+ uint32_t namelen;
+ uint32_t padding;
+};
+
+struct fuse_notify_store_out {
+ uint64_t nodeid;
+ uint64_t offset;
+ uint32_t size;
+ uint32_t padding;
+};
+
+struct fuse_notify_retrieve_out {
+ uint64_t notify_unique;
+ uint64_t nodeid;
+ uint64_t offset;
+ uint32_t size;
+ uint32_t padding;
+};
+
+/* Matches the size of fuse_write_in */
+struct fuse_notify_retrieve_in {
+ uint64_t dummy1;
+ uint64_t offset;
+ uint32_t size;
+ uint32_t dummy2;
+ uint64_t dummy3;
+ uint64_t dummy4;
+};
+
+/* Device ioctls: */
+#define FUSE_DEV_IOC_CLONE _IOR(229, 0, uint32_t)
+
+struct fuse_lseek_in {
+ uint64_t fh;
+ uint64_t offset;
+ uint32_t whence;
+ uint32_t padding;
+};
+
+struct fuse_lseek_out {
+ uint64_t offset;
+};
+
+struct fuse_copy_file_range_in {
+ uint64_t fh_in;
+ uint64_t off_in;
+ uint64_t nodeid_out;
+ uint64_t fh_out;
+ uint64_t off_out;
+ uint64_t len;
+ uint64_t flags;
+};
+
+#endif /* _LINUX_FUSE_H */
diff --git a/scripts/update-linux-headers.sh b/scripts/update-linux-headers.sh
index f76d77363b..29c27f4681 100755
--- a/scripts/update-linux-headers.sh
+++ b/scripts/update-linux-headers.sh
@@ -186,6 +186,7 @@ rm -rf "$output/include/standard-headers/linux"
mkdir -p "$output/include/standard-headers/linux"
for i in "$tmpdir"/include/linux/*virtio*.h \
"$tmpdir/include/linux/qemu_fw_cfg.h" \
+ "$tmpdir/include/linux/fuse.h" \
"$tmpdir/include/linux/input.h" \
"$tmpdir/include/linux/input-event-codes.h" \
"$tmpdir/include/linux/pci_regs.h" \

1371
0012-virtiofsd-Add-auxiliary-.c-s.patch Normal file
View File

File diff suppressed because it is too large Load Diff

3156
0013-virtiofsd-Add-fuse_lowlevel.c.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1370
0014-virtiofsd-Add-passthrough_ll.patch Normal file
View File

File diff suppressed because it is too large Load Diff

1565
0015-virtiofsd-Trim-down-imported-files.patch Normal file
View File

File diff suppressed because it is too large Load Diff

14727
0016-virtiofsd-Format-imported-files-to-qemu-style.patch Normal file
View File

File diff suppressed because it is too large Load Diff

143
0017-virtiofsd-remove-mountpoint-dummy-argument.patch Normal file
View File

@ -0,0 +1,143 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:00:46 +0000
Subject: [PATCH] virtiofsd: remove mountpoint dummy argument
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Classic FUSE file system daemons take a mountpoint argument but
virtiofsd exposes a vhost-user UNIX domain socket instead. The
mountpoint argument is not used by virtiofsd but the user is still
required to pass a dummy argument on the command-line.
Remove the mountpoint argument to clean up the command-line.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 67aab02272f6cb47c56420f60b370c184961b5ca)
---
tools/virtiofsd/fuse_lowlevel.c | 2 +-
tools/virtiofsd/fuse_lowlevel.h | 4 +---
tools/virtiofsd/helper.c | 20 +++-----------------
tools/virtiofsd/passthrough_ll.c | 12 ++----------
4 files changed, 7 insertions(+), 31 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 5c9cb52f2a..2f32c68161 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2455,7 +2455,7 @@ out1:
return NULL;
}
-int fuse_session_mount(struct fuse_session *se, const char *mountpoint)
+int fuse_session_mount(struct fuse_session *se)
{
int fd;
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index adb9054bb1..8d8909b35d 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1863,7 +1863,6 @@ struct fuse_cmdline_opts {
int foreground;
int debug;
int nodefault_subtype;
- char *mountpoint;
int show_version;
int show_help;
unsigned int max_idle_threads;
@@ -1924,12 +1923,11 @@ struct fuse_session *fuse_session_new(struct fuse_args *args,
/**
* Mount a FUSE file system.
*
- * @param mountpoint the mount point path
* @param se session object
*
* @return 0 on success, -1 on failure.
**/
-int fuse_session_mount(struct fuse_session *se, const char *mountpoint);
+int fuse_session_mount(struct fuse_session *se);
/**
* Enter a single threaded, blocking event loop.
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 5711dd2660..5e6f2051a7 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -140,27 +140,13 @@ void fuse_cmdline_help(void)
static int fuse_helper_opt_proc(void *data, const char *arg, int key,
struct fuse_args *outargs)
{
+ (void)data;
(void)outargs;
- struct fuse_cmdline_opts *opts = data;
switch (key) {
case FUSE_OPT_KEY_NONOPT:
- if (!opts->mountpoint) {
- if (fuse_mnt_parse_fuse_fd(arg) != -1) {
- return fuse_opt_add_opt(&opts->mountpoint, arg);
- }
-
- char mountpoint[PATH_MAX] = "";
- if (realpath(arg, mountpoint) == NULL) {
- fuse_log(FUSE_LOG_ERR, "fuse: bad mount point `%s': %s\n", arg,
- strerror(errno));
- return -1;
- }
- return fuse_opt_add_opt(&opts->mountpoint, mountpoint);
- } else {
- fuse_log(FUSE_LOG_ERR, "fuse: invalid argument `%s'\n", arg);
- return -1;
- }
+ fuse_log(FUSE_LOG_ERR, "fuse: invalid argument `%s'\n", arg);
+ return -1;
default:
/* Pass through unknown options */
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index c5850ef803..9377718d9d 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1297,7 +1297,7 @@ int main(int argc, char *argv[])
return 1;
}
if (opts.show_help) {
- printf("usage: %s [options] <mountpoint>\n\n", argv[0]);
+ printf("usage: %s [options]\n\n", argv[0]);
fuse_cmdline_help();
fuse_lowlevel_help();
ret = 0;
@@ -1308,13 +1308,6 @@ int main(int argc, char *argv[])
goto err_out1;
}
- if (opts.mountpoint == NULL) {
- printf("usage: %s [options] <mountpoint>\n", argv[0]);
- printf(" %s --help\n", argv[0]);
- ret = 1;
- goto err_out1;
- }
-
if (fuse_opt_parse(&args, &lo, lo_opts, NULL) == -1) {
return 1;
}
@@ -1374,7 +1367,7 @@ int main(int argc, char *argv[])
goto err_out2;
}
- if (fuse_session_mount(se, opts.mountpoint) != 0) {
+ if (fuse_session_mount(se) != 0) {
goto err_out3;
}
@@ -1393,7 +1386,6 @@ err_out3:
err_out2:
fuse_session_destroy(se);
err_out1:
- free(opts.mountpoint);
fuse_opt_free_args(&args);
if (lo.root.fd >= 0) {

278
0018-virtiofsd-remove-unused-notify-reply-support.patch Normal file
View File

@ -0,0 +1,278 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:00:47 +0000
Subject: [PATCH] virtiofsd: remove unused notify reply support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Notify reply support is unused by virtiofsd. The code would need to be
updated to validate input buffer sizes. Remove this unused code since
changes to it are untestable.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 64c6f408a29ef03e9b8da9f5a5d8fd511b0d801e)
---
tools/virtiofsd/fuse_lowlevel.c | 147 +-------------------------------
tools/virtiofsd/fuse_lowlevel.h | 47 ----------
2 files changed, 1 insertion(+), 193 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 2f32c68161..eb0ec49d38 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -31,12 +31,6 @@
#define PARAM(inarg) (((char *)(inarg)) + sizeof(*(inarg)))
#define OFFSET_MAX 0x7fffffffffffffffLL
-#define container_of(ptr, type, member) \
- ({ \
- const typeof(((type *)0)->member) *__mptr = (ptr); \
- (type *)((char *)__mptr - offsetof(type, member)); \
- })
-
struct fuse_pollhandle {
uint64_t kh;
struct fuse_session *se;
@@ -1862,52 +1856,6 @@ static void do_destroy(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
send_reply_ok(req, NULL, 0);
}
-static void list_del_nreq(struct fuse_notify_req *nreq)
-{
- struct fuse_notify_req *prev = nreq->prev;
- struct fuse_notify_req *next = nreq->next;
- prev->next = next;
- next->prev = prev;
-}
-
-static void list_add_nreq(struct fuse_notify_req *nreq,
- struct fuse_notify_req *next)
-{
- struct fuse_notify_req *prev = next->prev;
- nreq->next = next;
- nreq->prev = prev;
- prev->next = nreq;
- next->prev = nreq;
-}
-
-static void list_init_nreq(struct fuse_notify_req *nreq)
-{
- nreq->next = nreq;
- nreq->prev = nreq;
-}
-
-static void do_notify_reply(fuse_req_t req, fuse_ino_t nodeid,
- const void *inarg, const struct fuse_buf *buf)
-{
- struct fuse_session *se = req->se;
- struct fuse_notify_req *nreq;
- struct fuse_notify_req *head;
-
- pthread_mutex_lock(&se->lock);
- head = &se->notify_list;
- for (nreq = head->next; nreq != head; nreq = nreq->next) {
- if (nreq->unique == req->unique) {
- list_del_nreq(nreq);
- break;
- }
- }
- pthread_mutex_unlock(&se->lock);
-
- if (nreq != head) {
- nreq->reply(nreq, req, nodeid, inarg, buf);
- }
-}
-
static int send_notify_iov(struct fuse_session *se, int notify_code,
struct iovec *iov, int count)
{
@@ -2059,95 +2007,6 @@ int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
return res;
}
-struct fuse_retrieve_req {
- struct fuse_notify_req nreq;
- void *cookie;
-};
-
-static void fuse_ll_retrieve_reply(struct fuse_notify_req *nreq, fuse_req_t req,
- fuse_ino_t ino, const void *inarg,
- const struct fuse_buf *ibuf)
-{
- struct fuse_session *se = req->se;
- struct fuse_retrieve_req *rreq =
- container_of(nreq, struct fuse_retrieve_req, nreq);
- const struct fuse_notify_retrieve_in *arg = inarg;
- struct fuse_bufvec bufv = {
- .buf[0] = *ibuf,
- .count = 1,
- };
-
- if (!(bufv.buf[0].flags & FUSE_BUF_IS_FD)) {
- bufv.buf[0].mem = PARAM(arg);
- }
-
- bufv.buf[0].size -=
- sizeof(struct fuse_in_header) + sizeof(struct fuse_notify_retrieve_in);
-
- if (bufv.buf[0].size < arg->size) {
- fuse_log(FUSE_LOG_ERR, "fuse: retrieve reply: buffer size too small\n");
- fuse_reply_none(req);
- goto out;
- }
- bufv.buf[0].size = arg->size;
-
- if (se->op.retrieve_reply) {
- se->op.retrieve_reply(req, rreq->cookie, ino, arg->offset, &bufv);
- } else {
- fuse_reply_none(req);
- }
-out:
- free(rreq);
-}
-
-int fuse_lowlevel_notify_retrieve(struct fuse_session *se, fuse_ino_t ino,
- size_t size, off_t offset, void *cookie)
-{
- struct fuse_notify_retrieve_out outarg;
- struct iovec iov[2];
- struct fuse_retrieve_req *rreq;
- int err;
-
- if (!se) {
- return -EINVAL;
- }
-
- if (se->conn.proto_major < 6 || se->conn.proto_minor < 15) {
- return -ENOSYS;
- }
-
- rreq = malloc(sizeof(*rreq));
- if (rreq == NULL) {
- return -ENOMEM;
- }
-
- pthread_mutex_lock(&se->lock);
- rreq->cookie = cookie;
- rreq->nreq.unique = se->notify_ctr++;
- rreq->nreq.reply = fuse_ll_retrieve_reply;
- list_add_nreq(&rreq->nreq, &se->notify_list);
- pthread_mutex_unlock(&se->lock);
-
- outarg.notify_unique = rreq->nreq.unique;
- outarg.nodeid = ino;
- outarg.offset = offset;
- outarg.size = size;
- outarg.padding = 0;
-
- iov[1].iov_base = &outarg;
- iov[1].iov_len = sizeof(outarg);
-
- err = send_notify_iov(se, FUSE_NOTIFY_RETRIEVE, iov, 2);
- if (err) {
- pthread_mutex_lock(&se->lock);
- list_del_nreq(&rreq->nreq);
- pthread_mutex_unlock(&se->lock);
- free(rreq);
- }
-
- return err;
-}
-
void *fuse_req_userdata(fuse_req_t req)
{
return req->se->userdata;
@@ -2226,7 +2085,7 @@ static struct {
[FUSE_POLL] = { do_poll, "POLL" },
[FUSE_FALLOCATE] = { do_fallocate, "FALLOCATE" },
[FUSE_DESTROY] = { do_destroy, "DESTROY" },
- [FUSE_NOTIFY_REPLY] = { (void *)1, "NOTIFY_REPLY" },
+ [FUSE_NOTIFY_REPLY] = { NULL, "NOTIFY_REPLY" },
[FUSE_BATCH_FORGET] = { do_batch_forget, "BATCH_FORGET" },
[FUSE_READDIRPLUS] = { do_readdirplus, "READDIRPLUS" },
[FUSE_RENAME2] = { do_rename2, "RENAME2" },
@@ -2333,8 +2192,6 @@ void fuse_session_process_buf_int(struct fuse_session *se,
inarg = (void *)&in[1];
if (in->opcode == FUSE_WRITE && se->op.write_buf) {
do_write_buf(req, in->nodeid, inarg, buf);
- } else if (in->opcode == FUSE_NOTIFY_REPLY) {
- do_notify_reply(req, in->nodeid, inarg, buf);
} else {
fuse_ll_ops[in->opcode].func(req, in->nodeid, inarg);
}
@@ -2437,8 +2294,6 @@ struct fuse_session *fuse_session_new(struct fuse_args *args,
list_init_req(&se->list);
list_init_req(&se->interrupts);
- list_init_nreq(&se->notify_list);
- se->notify_ctr = 1;
fuse_mutex_init(&se->lock);
memcpy(&se->op, op, op_size);
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index 8d8909b35d..12a84b460f 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1084,21 +1084,6 @@ struct fuse_lowlevel_ops {
void (*write_buf)(fuse_req_t req, fuse_ino_t ino, struct fuse_bufvec *bufv,
off_t off, struct fuse_file_info *fi);
- /**
- * Callback function for the retrieve request
- *
- * Valid replies:
- * fuse_reply_none
- *
- * @param req request handle
- * @param cookie user data supplied to fuse_lowlevel_notify_retrieve()
- * @param ino the inode number supplied to fuse_lowlevel_notify_retrieve()
- * @param offset the offset supplied to fuse_lowlevel_notify_retrieve()
- * @param bufv the buffer containing the returned data
- */
- void (*retrieve_reply)(fuse_req_t req, void *cookie, fuse_ino_t ino,
- off_t offset, struct fuse_bufvec *bufv);
-
/**
* Forget about multiple inodes
*
@@ -1726,38 +1711,6 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
off_t offset, struct fuse_bufvec *bufv,
enum fuse_buf_copy_flags flags);
-/**
- * Retrieve data from the kernel buffers
- *
- * Retrieve data in the kernel buffers belonging to the given inode.
- * If successful then the retrieve_reply() method will be called with
- * the returned data.
- *
- * Only present pages are returned in the retrieve reply. Retrieving
- * stops when it finds a non-present page and only data prior to that
- * is returned.
- *
- * If this function returns an error, then the retrieve will not be
- * completed and no reply will be sent.
- *
- * This function doesn't change the dirty state of pages in the kernel
- * buffer. For dirty pages the write() method will be called
- * regardless of having been retrieved previously.
- *
- * Added in FUSE protocol version 7.15. If the kernel does not support
- * this (or a newer) version, the function will return -ENOSYS and do
- * nothing.
- *
- * @param se the session object
- * @param ino the inode number
- * @param size the number of bytes to retrieve
- * @param offset the starting offset into the file to retrieve from
- * @param cookie user data to supply to the reply callback
- * @return zero for success, -errno for failure
- */
-int fuse_lowlevel_notify_retrieve(struct fuse_session *se, fuse_ino_t ino,
- size_t size, off_t offset, void *cookie);
-
/*
* Utility functions

252
0019-virtiofsd-Remove-unused-enum-fuse_buf_copy_flags.patch Normal file
View File

@ -0,0 +1,252 @@
From: Xiao Yang <yangx.jy@cn.fujitsu.com>
Date: Mon, 27 Jan 2020 19:00:48 +0000
Subject: [PATCH] virtiofsd: Remove unused enum fuse_buf_copy_flags
Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 8c3fe75e0308ba2f01d160ace534b7e386cea808)
---
tools/virtiofsd/buffer.c | 7 +++--
tools/virtiofsd/fuse_common.h | 46 +-------------------------------
tools/virtiofsd/fuse_lowlevel.c | 13 ++++-----
tools/virtiofsd/fuse_lowlevel.h | 35 ++----------------------
tools/virtiofsd/passthrough_ll.c | 4 +--
5 files changed, 13 insertions(+), 92 deletions(-)
diff --git a/tools/virtiofsd/buffer.c b/tools/virtiofsd/buffer.c
index 5df946c82c..4d507f3302 100644
--- a/tools/virtiofsd/buffer.c
+++ b/tools/virtiofsd/buffer.c
@@ -171,7 +171,7 @@ static ssize_t fuse_buf_fd_to_fd(const struct fuse_buf *dst, size_t dst_off,
static ssize_t fuse_buf_copy_one(const struct fuse_buf *dst, size_t dst_off,
const struct fuse_buf *src, size_t src_off,
- size_t len, enum fuse_buf_copy_flags flags)
+ size_t len)
{
int src_is_fd = src->flags & FUSE_BUF_IS_FD;
int dst_is_fd = dst->flags & FUSE_BUF_IS_FD;
@@ -224,8 +224,7 @@ static int fuse_bufvec_advance(struct fuse_bufvec *bufv, size_t len)
return 1;
}
-ssize_t fuse_buf_copy(struct fuse_bufvec *dstv, struct fuse_bufvec *srcv,
- enum fuse_buf_copy_flags flags)
+ssize_t fuse_buf_copy(struct fuse_bufvec *dstv, struct fuse_bufvec *srcv)
{
size_t copied = 0;
@@ -249,7 +248,7 @@ ssize_t fuse_buf_copy(struct fuse_bufvec *dstv, struct fuse_bufvec *srcv,
dst_len = dst->size - dstv->off;
len = min_size(src_len, dst_len);
- res = fuse_buf_copy_one(dst, dstv->off, src, srcv->off, len, flags);
+ res = fuse_buf_copy_one(dst, dstv->off, src, srcv->off, len);
if (res < 0) {
if (!copied) {
return res;
diff --git a/tools/virtiofsd/fuse_common.h b/tools/virtiofsd/fuse_common.h
index bd9bf861f0..0cb33acc2f 100644
--- a/tools/virtiofsd/fuse_common.h
+++ b/tools/virtiofsd/fuse_common.h
@@ -604,48 +604,6 @@ enum fuse_buf_flags {
FUSE_BUF_FD_RETRY = (1 << 3),
};
-/**
- * Buffer copy flags
- */
-enum fuse_buf_copy_flags {
- /**
- * Don't use splice(2)
- *
- * Always fall back to using read and write instead of
- * splice(2) to copy data from one file descriptor to another.
- *
- * If this flag is not set, then only fall back if splice is
- * unavailable.
- */
- FUSE_BUF_NO_SPLICE = (1 << 1),
-
- /**
- * Force splice
- *
- * Always use splice(2) to copy data from one file descriptor
- * to another. If splice is not available, return -EINVAL.
- */
- FUSE_BUF_FORCE_SPLICE = (1 << 2),
-
- /**
- * Try to move data with splice.
- *
- * If splice is used, try to move pages from the source to the
- * destination instead of copying. See documentation of
- * SPLICE_F_MOVE in splice(2) man page.
- */
- FUSE_BUF_SPLICE_MOVE = (1 << 3),
-
- /**
- * Don't block on the pipe when copying data with splice
- *
- * Makes the operations on the pipe non-blocking (if the pipe
- * is full or empty). See SPLICE_F_NONBLOCK in the splice(2)
- * man page.
- */
- FUSE_BUF_SPLICE_NONBLOCK = (1 << 4),
-};
-
/**
* Single data buffer
*
@@ -741,11 +699,9 @@ size_t fuse_buf_size(const struct fuse_bufvec *bufv);
*
* @param dst destination buffer vector
* @param src source buffer vector
- * @param flags flags controlling the copy
* @return actual number of bytes copied or -errno on error
*/
-ssize_t fuse_buf_copy(struct fuse_bufvec *dst, struct fuse_bufvec *src,
- enum fuse_buf_copy_flags flags);
+ssize_t fuse_buf_copy(struct fuse_bufvec *dst, struct fuse_bufvec *src);
/*
* Signal handling
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index eb0ec49d38..3da80de233 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -490,16 +490,14 @@ static int fuse_send_data_iov_fallback(struct fuse_session *se,
static int fuse_send_data_iov(struct fuse_session *se, struct fuse_chan *ch,
struct iovec *iov, int iov_count,
- struct fuse_bufvec *buf, unsigned int flags)
+ struct fuse_bufvec *buf)
{
size_t len = fuse_buf_size(buf);
- (void)flags;
return fuse_send_data_iov_fallback(se, ch, iov, iov_count, buf, len);
}
-int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv,
- enum fuse_buf_copy_flags flags)
+int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv)
{
struct iovec iov[2];
struct fuse_out_header out;
@@ -511,7 +509,7 @@ int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv,
out.unique = req->unique;
out.error = 0;
- res = fuse_send_data_iov(req->se, req->ch, iov, 1, bufv, flags);
+ res = fuse_send_data_iov(req->se, req->ch, iov, 1, bufv);
if (res <= 0) {
fuse_free_req(req);
return res;
@@ -1969,8 +1967,7 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
}
int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
- off_t offset, struct fuse_bufvec *bufv,
- enum fuse_buf_copy_flags flags)
+ off_t offset, struct fuse_bufvec *bufv)
{
struct fuse_out_header out;
struct fuse_notify_store_out outarg;
@@ -1999,7 +1996,7 @@ int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
iov[1].iov_base = &outarg;
iov[1].iov_len = sizeof(outarg);
- res = fuse_send_data_iov(se, NULL, iov, 2, bufv, flags);
+ res = fuse_send_data_iov(se, NULL, iov, 2, bufv);
if (res > 0) {
res = -res;
}
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index 12a84b460f..2fa225d40b 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1363,33 +1363,6 @@ int fuse_reply_buf(fuse_req_t req, const char *buf, size_t size);
/**
* Reply with data copied/moved from buffer(s)
*
- * Zero copy data transfer ("splicing") will be used under
- * the following circumstances:
- *
- * 1. FUSE_CAP_SPLICE_WRITE is set in fuse_conn_info.want, and
- * 2. the kernel supports splicing from the fuse device
- * (FUSE_CAP_SPLICE_WRITE is set in fuse_conn_info.capable), and
- * 3. *flags* does not contain FUSE_BUF_NO_SPLICE
- * 4. The amount of data that is provided in file-descriptor backed
- * buffers (i.e., buffers for which bufv[n].flags == FUSE_BUF_FD)
- * is at least twice the page size.
- *
- * In order for SPLICE_F_MOVE to be used, the following additional
- * conditions have to be fulfilled:
- *
- * 1. FUSE_CAP_SPLICE_MOVE is set in fuse_conn_info.want, and
- * 2. the kernel supports it (i.e, FUSE_CAP_SPLICE_MOVE is set in
- fuse_conn_info.capable), and
- * 3. *flags* contains FUSE_BUF_SPLICE_MOVE
- *
- * Note that, if splice is used, the data is actually spliced twice:
- * once into a temporary pipe (to prepend header data), and then again
- * into the kernel. If some of the provided buffers are memory-backed,
- * the data in them is copied in step one and spliced in step two.
- *
- * The FUSE_BUF_SPLICE_FORCE_SPLICE and FUSE_BUF_SPLICE_NONBLOCK flags
- * are silently ignored.
- *
* Possible requests:
* read, readdir, getxattr, listxattr
*
@@ -1400,11 +1373,9 @@ int fuse_reply_buf(fuse_req_t req, const char *buf, size_t size);
*
* @param req request handle
* @param bufv buffer vector
- * @param flags flags controlling the copy
* @return zero for success, -errno for failure to send reply
*/
-int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv,
- enum fuse_buf_copy_flags flags);
+int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv);
/**
* Reply with data vector
@@ -1705,12 +1676,10 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
* @param ino the inode number
* @param offset the starting offset into the file to store to
* @param bufv buffer vector
- * @param flags flags controlling the copy
* @return zero for success, -errno for failure
*/
int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
- off_t offset, struct fuse_bufvec *bufv,
- enum fuse_buf_copy_flags flags);
+ off_t offset, struct fuse_bufvec *bufv);
/*
* Utility functions
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 9377718d9d..126a56ccbd 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -931,7 +931,7 @@ static void lo_read(fuse_req_t req, fuse_ino_t ino, size_t size, off_t offset,
buf.buf[0].fd = fi->fh;
buf.buf[0].pos = offset;
- fuse_reply_data(req, &buf, FUSE_BUF_SPLICE_MOVE);
+ fuse_reply_data(req, &buf);
}
static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
@@ -952,7 +952,7 @@ static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
out_buf.buf[0].size, (unsigned long)off);
}
- res = fuse_buf_copy(&out_buf, in_buf, 0);
+ res = fuse_buf_copy(&out_buf, in_buf);
if (res < 0) {
fuse_reply_err(req, -res);
} else {

104
0020-virtiofsd-Fix-fuse_daemonize-ignored-return-values.patch Normal file
View File

@ -0,0 +1,104 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:49 +0000
Subject: [PATCH] virtiofsd: Fix fuse_daemonize ignored return values
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
QEMU's compiler enables warnings/errors for ignored values
and the (void) trick used in the fuse code isn't enough.
Turn all the return values into a return value on the function.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 30d8e49760712d65697ea517c53671bd1d214fc7)
---
tools/virtiofsd/helper.c | 33 ++++++++++++++++++++++-----------
1 file changed, 22 insertions(+), 11 deletions(-)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 5e6f2051a7..d9227d7367 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -10,12 +10,10 @@
* See the file COPYING.LIB.
*/
-#include "config.h"
#include "fuse_i.h"
#include "fuse_lowlevel.h"
#include "fuse_misc.h"
#include "fuse_opt.h"
-#include "mount_util.h"
#include <errno.h>
#include <limits.h>
@@ -171,6 +169,7 @@ int fuse_parse_cmdline(struct fuse_args *args, struct fuse_cmdline_opts *opts)
int fuse_daemonize(int foreground)
{
+ int ret = 0, rett;
if (!foreground) {
int nullfd;
int waiter[2];
@@ -192,8 +191,8 @@ int fuse_daemonize(int foreground)
case 0:
break;
default:
- (void)read(waiter[0], &completed, sizeof(completed));
- _exit(0);
+ _exit(read(waiter[0], &completed,
+ sizeof(completed) != sizeof(completed)));
}
if (setsid() == -1) {
@@ -201,13 +200,22 @@ int fuse_daemonize(int foreground)
return -1;
}
- (void)chdir("/");
+ ret = chdir("/");
nullfd = open("/dev/null", O_RDWR, 0);
if (nullfd != -1) {
- (void)dup2(nullfd, 0);
- (void)dup2(nullfd, 1);
- (void)dup2(nullfd, 2);
+ rett = dup2(nullfd, 0);
+ if (!ret) {
+ ret = rett;
+ }
+ rett = dup2(nullfd, 1);
+ if (!ret) {
+ ret = rett;
+ }
+ rett = dup2(nullfd, 2);
+ if (!ret) {
+ ret = rett;
+ }
if (nullfd > 2) {
close(nullfd);
}
@@ -215,13 +223,16 @@ int fuse_daemonize(int foreground)
/* Propagate completion of daemon initialization */
completed = 1;
- (void)write(waiter[1], &completed, sizeof(completed));
+ rett = write(waiter[1], &completed, sizeof(completed));
+ if (!ret) {
+ ret = rett;
+ }
close(waiter[0]);
close(waiter[1]);
} else {
- (void)chdir("/");
+ ret = chdir("/");
}
- return 0;
+ return ret;
}
void fuse_apply_conn_info_opts(struct fuse_conn_info_opts *opts,

147
0021-virtiofsd-Fix-common-header-and-define-for-QEMU-buil.patch Normal file
View File

@ -0,0 +1,147 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:50 +0000
Subject: [PATCH] virtiofsd: Fix common header and define for QEMU builds
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
All of the fuse files include config.h and define GNU_SOURCE
where we don't have either under our build - remove them.
Fixup path to the kernel's fuse.h in the QEMUs world.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 09863ebc7e32a107235b3c815ad54d26cc64f07a)
---
tools/virtiofsd/buffer.c | 4 +---
tools/virtiofsd/fuse_i.h | 3 +++
tools/virtiofsd/fuse_log.c | 1 +
tools/virtiofsd/fuse_lowlevel.c | 6 ++----
tools/virtiofsd/fuse_opt.c | 2 +-
tools/virtiofsd/fuse_signals.c | 2 +-
tools/virtiofsd/helper.c | 1 +
tools/virtiofsd/passthrough_ll.c | 8 ++------
8 files changed, 12 insertions(+), 15 deletions(-)
diff --git a/tools/virtiofsd/buffer.c b/tools/virtiofsd/buffer.c
index 4d507f3302..772efa922d 100644
--- a/tools/virtiofsd/buffer.c
+++ b/tools/virtiofsd/buffer.c
@@ -9,9 +9,7 @@
* See the file COPYING.LIB
*/
-#define _GNU_SOURCE
-
-#include "config.h"
+#include "qemu/osdep.h"
#include "fuse_i.h"
#include "fuse_lowlevel.h"
#include <assert.h>
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index e63cb58388..bae06992e0 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -6,6 +6,9 @@
* See the file COPYING.LIB
*/
+#define FUSE_USE_VERSION 31
+
+
#include "fuse.h"
#include "fuse_lowlevel.h"
diff --git a/tools/virtiofsd/fuse_log.c b/tools/virtiofsd/fuse_log.c
index 11345f9ec8..c301ff6da1 100644
--- a/tools/virtiofsd/fuse_log.c
+++ b/tools/virtiofsd/fuse_log.c
@@ -8,6 +8,7 @@
* See the file COPYING.LIB
*/
+#include "qemu/osdep.h"
#include "fuse_log.h"
#include <stdarg.h>
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 3da80de233..07fb8a6095 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -9,11 +9,9 @@
* See the file COPYING.LIB
*/
-#define _GNU_SOURCE
-
-#include "config.h"
+#include "qemu/osdep.h"
#include "fuse_i.h"
-#include "fuse_kernel.h"
+#include "standard-headers/linux/fuse.h"
#include "fuse_misc.h"
#include "fuse_opt.h"
diff --git a/tools/virtiofsd/fuse_opt.c b/tools/virtiofsd/fuse_opt.c
index edd36f4a3b..28922361a2 100644
--- a/tools/virtiofsd/fuse_opt.c
+++ b/tools/virtiofsd/fuse_opt.c
@@ -9,8 +9,8 @@
* See the file COPYING.LIB
*/
+#include "qemu/osdep.h"
#include "fuse_opt.h"
-#include "config.h"
#include "fuse_i.h"
#include "fuse_misc.h"
diff --git a/tools/virtiofsd/fuse_signals.c b/tools/virtiofsd/fuse_signals.c
index 19d6791cb9..dc7c8ac025 100644
--- a/tools/virtiofsd/fuse_signals.c
+++ b/tools/virtiofsd/fuse_signals.c
@@ -8,7 +8,7 @@
* See the file COPYING.LIB
*/
-#include "config.h"
+#include "qemu/osdep.h"
#include "fuse_i.h"
#include "fuse_lowlevel.h"
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index d9227d7367..9333691525 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -10,6 +10,7 @@
* See the file COPYING.LIB.
*/
+#include "qemu/osdep.h"
#include "fuse_i.h"
#include "fuse_lowlevel.h"
#include "fuse_misc.h"
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 126a56ccbd..322a889cdf 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -35,15 +35,11 @@
* \include passthrough_ll.c
*/
-#define _GNU_SOURCE
-#define FUSE_USE_VERSION 31
-
-#include "config.h"
-
+#include "qemu/osdep.h"
+#include "fuse_lowlevel.h"
#include <assert.h>
#include <dirent.h>
#include <errno.h>
-#include <fuse_lowlevel.h>
#include <inttypes.h>
#include <limits.h>
#include <pthread.h>

529
0022-virtiofsd-Trim-out-compatibility-code.patch Normal file
View File

@ -0,0 +1,529 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:51 +0000
Subject: [PATCH] virtiofsd: Trim out compatibility code
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd only supports major=7, minor>=31; trim out a lot of
old compatibility code.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 72c42e2d65510e073cf78fdc924d121c77fa0080)
---
tools/virtiofsd/fuse_lowlevel.c | 330 ++++++++++++--------------------
1 file changed, 119 insertions(+), 211 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 07fb8a6095..514d79cb24 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -387,16 +387,7 @@ static void fill_open(struct fuse_open_out *arg, const struct fuse_file_info *f)
int fuse_reply_entry(fuse_req_t req, const struct fuse_entry_param *e)
{
struct fuse_entry_out arg;
- size_t size = req->se->conn.proto_minor < 9 ? FUSE_COMPAT_ENTRY_OUT_SIZE :
- sizeof(arg);
-
- /*
- * before ABI 7.4 e->ino == 0 was invalid, only ENOENT meant
- * negative entry
- */
- if (!e->ino && req->se->conn.proto_minor < 4) {
- return fuse_reply_err(req, ENOENT);
- }
+ size_t size = sizeof(arg);
memset(&arg, 0, sizeof(arg));
fill_entry(&arg, e);
@@ -407,9 +398,7 @@ int fuse_reply_create(fuse_req_t req, const struct fuse_entry_param *e,
const struct fuse_file_info *f)
{
char buf[sizeof(struct fuse_entry_out) + sizeof(struct fuse_open_out)];
- size_t entrysize = req->se->conn.proto_minor < 9 ?
- FUSE_COMPAT_ENTRY_OUT_SIZE :
- sizeof(struct fuse_entry_out);
+ size_t entrysize = sizeof(struct fuse_entry_out);
struct fuse_entry_out *earg = (struct fuse_entry_out *)buf;
struct fuse_open_out *oarg = (struct fuse_open_out *)(buf + entrysize);
@@ -423,8 +412,7 @@ int fuse_reply_attr(fuse_req_t req, const struct stat *attr,
double attr_timeout)
{
struct fuse_attr_out arg;
- size_t size =
- req->se->conn.proto_minor < 9 ? FUSE_COMPAT_ATTR_OUT_SIZE : sizeof(arg);
+ size_t size = sizeof(arg);
memset(&arg, 0, sizeof(arg));
arg.attr_valid = calc_timeout_sec(attr_timeout);
@@ -519,8 +507,7 @@ int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv)
int fuse_reply_statfs(fuse_req_t req, const struct statvfs *stbuf)
{
struct fuse_statfs_out arg;
- size_t size =
- req->se->conn.proto_minor < 4 ? FUSE_COMPAT_STATFS_SIZE : sizeof(arg);
+ size_t size = sizeof(arg);
memset(&arg, 0, sizeof(arg));
convert_statfs(stbuf, &arg.st);
@@ -604,45 +591,31 @@ int fuse_reply_ioctl_retry(fuse_req_t req, const struct iovec *in_iov,
iov[count].iov_len = sizeof(arg);
count++;
- if (req->se->conn.proto_minor < 16) {
- if (in_count) {
- iov[count].iov_base = (void *)in_iov;
- iov[count].iov_len = sizeof(in_iov[0]) * in_count;
- count++;
- }
+ /* Can't handle non-compat 64bit ioctls on 32bit */
+ if (sizeof(void *) == 4 && req->ioctl_64bit) {
+ res = fuse_reply_err(req, EINVAL);
+ goto out;
+ }
- if (out_count) {
- iov[count].iov_base = (void *)out_iov;
- iov[count].iov_len = sizeof(out_iov[0]) * out_count;
- count++;
+ if (in_count) {
+ in_fiov = fuse_ioctl_iovec_copy(in_iov, in_count);
+ if (!in_fiov) {
+ goto enomem;
}
- } else {
- /* Can't handle non-compat 64bit ioctls on 32bit */
- if (sizeof(void *) == 4 && req->ioctl_64bit) {
- res = fuse_reply_err(req, EINVAL);
- goto out;
- }
-
- if (in_count) {
- in_fiov = fuse_ioctl_iovec_copy(in_iov, in_count);
- if (!in_fiov) {
- goto enomem;
- }
- iov[count].iov_base = (void *)in_fiov;
- iov[count].iov_len = sizeof(in_fiov[0]) * in_count;
- count++;
+ iov[count].iov_base = (void *)in_fiov;
+ iov[count].iov_len = sizeof(in_fiov[0]) * in_count;
+ count++;
+ }
+ if (out_count) {
+ out_fiov = fuse_ioctl_iovec_copy(out_iov, out_count);
+ if (!out_fiov) {
+ goto enomem;
}
- if (out_count) {
- out_fiov = fuse_ioctl_iovec_copy(out_iov, out_count);
- if (!out_fiov) {
- goto enomem;
- }
- iov[count].iov_base = (void *)out_fiov;
- iov[count].iov_len = sizeof(out_fiov[0]) * out_count;
- count++;
- }
+ iov[count].iov_base = (void *)out_fiov;
+ iov[count].iov_len = sizeof(out_fiov[0]) * out_count;
+ count++;
}
res = send_reply_iov(req, 0, iov, count);
@@ -784,14 +757,12 @@ static void do_getattr(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
struct fuse_file_info *fip = NULL;
struct fuse_file_info fi;
- if (req->se->conn.proto_minor >= 9) {
- struct fuse_getattr_in *arg = (struct fuse_getattr_in *)inarg;
+ struct fuse_getattr_in *arg = (struct fuse_getattr_in *)inarg;
- if (arg->getattr_flags & FUSE_GETATTR_FH) {
- memset(&fi, 0, sizeof(fi));
- fi.fh = arg->fh;
- fip = &fi;
- }
+ if (arg->getattr_flags & FUSE_GETATTR_FH) {
+ memset(&fi, 0, sizeof(fi));
+ fi.fh = arg->fh;
+ fip = &fi;
}
if (req->se->op.getattr) {
@@ -856,11 +827,7 @@ static void do_mknod(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
struct fuse_mknod_in *arg = (struct fuse_mknod_in *)inarg;
char *name = PARAM(arg);
- if (req->se->conn.proto_minor >= 12) {
- req->ctx.umask = arg->umask;
- } else {
- name = (char *)inarg + FUSE_COMPAT_MKNOD_IN_SIZE;
- }
+ req->ctx.umask = arg->umask;
if (req->se->op.mknod) {
req->se->op.mknod(req, nodeid, name, arg->mode, arg->rdev);
@@ -873,9 +840,7 @@ static void do_mkdir(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
{
struct fuse_mkdir_in *arg = (struct fuse_mkdir_in *)inarg;
- if (req->se->conn.proto_minor >= 12) {
- req->ctx.umask = arg->umask;
- }
+ req->ctx.umask = arg->umask;
if (req->se->op.mkdir) {
req->se->op.mkdir(req, nodeid, PARAM(arg), arg->mode);
@@ -967,11 +932,7 @@ static void do_create(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
- if (req->se->conn.proto_minor >= 12) {
- req->ctx.umask = arg->umask;
- } else {
- name = (char *)inarg + sizeof(struct fuse_open_in);
- }
+ req->ctx.umask = arg->umask;
req->se->op.create(req, nodeid, name, arg->mode, &fi);
} else {
@@ -1003,10 +964,8 @@ static void do_read(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
- if (req->se->conn.proto_minor >= 9) {
- fi.lock_owner = arg->lock_owner;
- fi.flags = arg->flags;
- }
+ fi.lock_owner = arg->lock_owner;
+ fi.flags = arg->flags;
req->se->op.read(req, nodeid, arg->size, arg->offset, &fi);
} else {
fuse_reply_err(req, ENOSYS);
@@ -1023,13 +982,9 @@ static void do_write(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
fi.fh = arg->fh;
fi.writepage = (arg->write_flags & FUSE_WRITE_CACHE) != 0;
- if (req->se->conn.proto_minor < 9) {
- param = ((char *)arg) + FUSE_COMPAT_WRITE_IN_SIZE;
- } else {
- fi.lock_owner = arg->lock_owner;
- fi.flags = arg->flags;
- param = PARAM(arg);
- }
+ fi.lock_owner = arg->lock_owner;
+ fi.flags = arg->flags;
+ param = PARAM(arg);
if (req->se->op.write) {
req->se->op.write(req, nodeid, param, arg->size, arg->offset, &fi);
@@ -1053,21 +1008,14 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
fi.fh = arg->fh;
fi.writepage = arg->write_flags & FUSE_WRITE_CACHE;
- if (se->conn.proto_minor < 9) {
- bufv.buf[0].mem = ((char *)arg) + FUSE_COMPAT_WRITE_IN_SIZE;
- bufv.buf[0].size -=
- sizeof(struct fuse_in_header) + FUSE_COMPAT_WRITE_IN_SIZE;
- assert(!(bufv.buf[0].flags & FUSE_BUF_IS_FD));
- } else {
- fi.lock_owner = arg->lock_owner;
- fi.flags = arg->flags;
- if (!(bufv.buf[0].flags & FUSE_BUF_IS_FD)) {
- bufv.buf[0].mem = PARAM(arg);
- }
-
- bufv.buf[0].size -=
- sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in);
+ fi.lock_owner = arg->lock_owner;
+ fi.flags = arg->flags;
+ if (!(bufv.buf[0].flags & FUSE_BUF_IS_FD)) {
+ bufv.buf[0].mem = PARAM(arg);
}
+
+ bufv.buf[0].size -=
+ sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in);
if (bufv.buf[0].size < arg->size) {
fuse_log(FUSE_LOG_ERR, "fuse: do_write_buf: buffer size too small\n");
fuse_reply_err(req, EIO);
@@ -1086,9 +1034,7 @@ static void do_flush(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.flush = 1;
- if (req->se->conn.proto_minor >= 7) {
- fi.lock_owner = arg->lock_owner;
- }
+ fi.lock_owner = arg->lock_owner;
if (req->se->op.flush) {
req->se->op.flush(req, nodeid, &fi);
@@ -1105,10 +1051,8 @@ static void do_release(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
memset(&fi, 0, sizeof(fi));
fi.flags = arg->flags;
fi.fh = arg->fh;
- if (req->se->conn.proto_minor >= 8) {
- fi.flush = (arg->release_flags & FUSE_RELEASE_FLUSH) ? 1 : 0;
- fi.lock_owner = arg->lock_owner;
- }
+ fi.flush = (arg->release_flags & FUSE_RELEASE_FLUSH) ? 1 : 0;
+ fi.lock_owner = arg->lock_owner;
if (arg->release_flags & FUSE_RELEASE_FLOCK_UNLOCK) {
fi.flock_release = 1;
fi.lock_owner = arg->lock_owner;
@@ -1477,8 +1421,7 @@ static void do_ioctl(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
- if (sizeof(void *) == 4 && req->se->conn.proto_minor >= 16 &&
- !(flags & FUSE_IOCTL_32BIT)) {
+ if (sizeof(void *) == 4 && !(flags & FUSE_IOCTL_32BIT)) {
req->ioctl_64bit = 1;
}
@@ -1603,7 +1546,7 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
outarg.major = FUSE_KERNEL_VERSION;
outarg.minor = FUSE_KERNEL_MINOR_VERSION;
- if (arg->major < 7) {
+ if (arg->major < 7 || (arg->major == 7 && arg->minor < 31)) {
fuse_log(FUSE_LOG_ERR, "fuse: unsupported protocol version: %u.%u\n",
arg->major, arg->minor);
fuse_reply_err(req, EPROTO);
@@ -1616,81 +1559,71 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
return;
}
- if (arg->minor >= 6) {
- if (arg->max_readahead < se->conn.max_readahead) {
- se->conn.max_readahead = arg->max_readahead;
- }
- if (arg->flags & FUSE_ASYNC_READ) {
- se->conn.capable |= FUSE_CAP_ASYNC_READ;
- }
- if (arg->flags & FUSE_POSIX_LOCKS) {
- se->conn.capable |= FUSE_CAP_POSIX_LOCKS;
- }
- if (arg->flags & FUSE_ATOMIC_O_TRUNC) {
- se->conn.capable |= FUSE_CAP_ATOMIC_O_TRUNC;
- }
- if (arg->flags & FUSE_EXPORT_SUPPORT) {
- se->conn.capable |= FUSE_CAP_EXPORT_SUPPORT;
- }
- if (arg->flags & FUSE_DONT_MASK) {
- se->conn.capable |= FUSE_CAP_DONT_MASK;
- }
- if (arg->flags & FUSE_FLOCK_LOCKS) {
- se->conn.capable |= FUSE_CAP_FLOCK_LOCKS;
- }
- if (arg->flags & FUSE_AUTO_INVAL_DATA) {
- se->conn.capable |= FUSE_CAP_AUTO_INVAL_DATA;
- }
- if (arg->flags & FUSE_DO_READDIRPLUS) {
- se->conn.capable |= FUSE_CAP_READDIRPLUS;
- }
- if (arg->flags & FUSE_READDIRPLUS_AUTO) {
- se->conn.capable |= FUSE_CAP_READDIRPLUS_AUTO;
- }
- if (arg->flags & FUSE_ASYNC_DIO) {
- se->conn.capable |= FUSE_CAP_ASYNC_DIO;
- }
- if (arg->flags & FUSE_WRITEBACK_CACHE) {
- se->conn.capable |= FUSE_CAP_WRITEBACK_CACHE;
- }
- if (arg->flags & FUSE_NO_OPEN_SUPPORT) {
- se->conn.capable |= FUSE_CAP_NO_OPEN_SUPPORT;
- }
- if (arg->flags & FUSE_PARALLEL_DIROPS) {
- se->conn.capable |= FUSE_CAP_PARALLEL_DIROPS;
- }
- if (arg->flags & FUSE_POSIX_ACL) {
- se->conn.capable |= FUSE_CAP_POSIX_ACL;
- }
- if (arg->flags & FUSE_HANDLE_KILLPRIV) {
- se->conn.capable |= FUSE_CAP_HANDLE_KILLPRIV;
- }
- if (arg->flags & FUSE_NO_OPENDIR_SUPPORT) {
- se->conn.capable |= FUSE_CAP_NO_OPENDIR_SUPPORT;
- }
- if (!(arg->flags & FUSE_MAX_PAGES)) {
- size_t max_bufsize =
- FUSE_DEFAULT_MAX_PAGES_PER_REQ * getpagesize() +
- FUSE_BUFFER_HEADER_SIZE;
- if (bufsize > max_bufsize) {
- bufsize = max_bufsize;
- }
+ if (arg->max_readahead < se->conn.max_readahead) {
+ se->conn.max_readahead = arg->max_readahead;
+ }
+ if (arg->flags & FUSE_ASYNC_READ) {
+ se->conn.capable |= FUSE_CAP_ASYNC_READ;
+ }
+ if (arg->flags & FUSE_POSIX_LOCKS) {
+ se->conn.capable |= FUSE_CAP_POSIX_LOCKS;
+ }
+ if (arg->flags & FUSE_ATOMIC_O_TRUNC) {
+ se->conn.capable |= FUSE_CAP_ATOMIC_O_TRUNC;
+ }
+ if (arg->flags & FUSE_EXPORT_SUPPORT) {
+ se->conn.capable |= FUSE_CAP_EXPORT_SUPPORT;
+ }
+ if (arg->flags & FUSE_DONT_MASK) {
+ se->conn.capable |= FUSE_CAP_DONT_MASK;
+ }
+ if (arg->flags & FUSE_FLOCK_LOCKS) {
+ se->conn.capable |= FUSE_CAP_FLOCK_LOCKS;
+ }
+ if (arg->flags & FUSE_AUTO_INVAL_DATA) {
+ se->conn.capable |= FUSE_CAP_AUTO_INVAL_DATA;
+ }
+ if (arg->flags & FUSE_DO_READDIRPLUS) {
+ se->conn.capable |= FUSE_CAP_READDIRPLUS;
+ }
+ if (arg->flags & FUSE_READDIRPLUS_AUTO) {
+ se->conn.capable |= FUSE_CAP_READDIRPLUS_AUTO;
+ }
+ if (arg->flags & FUSE_ASYNC_DIO) {
+ se->conn.capable |= FUSE_CAP_ASYNC_DIO;
+ }
+ if (arg->flags & FUSE_WRITEBACK_CACHE) {
+ se->conn.capable |= FUSE_CAP_WRITEBACK_CACHE;
+ }
+ if (arg->flags & FUSE_NO_OPEN_SUPPORT) {
+ se->conn.capable |= FUSE_CAP_NO_OPEN_SUPPORT;
+ }
+ if (arg->flags & FUSE_PARALLEL_DIROPS) {
+ se->conn.capable |= FUSE_CAP_PARALLEL_DIROPS;
+ }
+ if (arg->flags & FUSE_POSIX_ACL) {
+ se->conn.capable |= FUSE_CAP_POSIX_ACL;
+ }
+ if (arg->flags & FUSE_HANDLE_KILLPRIV) {
+ se->conn.capable |= FUSE_CAP_HANDLE_KILLPRIV;
+ }
+ if (arg->flags & FUSE_NO_OPENDIR_SUPPORT) {
+ se->conn.capable |= FUSE_CAP_NO_OPENDIR_SUPPORT;
+ }
+ if (!(arg->flags & FUSE_MAX_PAGES)) {
+ size_t max_bufsize = FUSE_DEFAULT_MAX_PAGES_PER_REQ * getpagesize() +
+ FUSE_BUFFER_HEADER_SIZE;
+ if (bufsize > max_bufsize) {
+ bufsize = max_bufsize;
}
- } else {
- se->conn.max_readahead = 0;
}
-
- if (se->conn.proto_minor >= 14) {
#ifdef HAVE_SPLICE
#ifdef HAVE_VMSPLICE
- se->conn.capable |= FUSE_CAP_SPLICE_WRITE | FUSE_CAP_SPLICE_MOVE;
+ se->conn.capable |= FUSE_CAP_SPLICE_WRITE | FUSE_CAP_SPLICE_MOVE;
#endif
- se->conn.capable |= FUSE_CAP_SPLICE_READ;
+ se->conn.capable |= FUSE_CAP_SPLICE_READ;
#endif
- }
- if (se->conn.proto_minor >= 18) {
- se->conn.capable |= FUSE_CAP_IOCTL_DIR;
- }
+ se->conn.capable |= FUSE_CAP_IOCTL_DIR;
/*
* Default settings for modern filesystems.
@@ -1797,24 +1730,20 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
outarg.max_readahead = se->conn.max_readahead;
outarg.max_write = se->conn.max_write;
- if (se->conn.proto_minor >= 13) {
- if (se->conn.max_background >= (1 << 16)) {
- se->conn.max_background = (1 << 16) - 1;
- }
- if (se->conn.congestion_threshold > se->conn.max_background) {
- se->conn.congestion_threshold = se->conn.max_background;
- }
- if (!se->conn.congestion_threshold) {
- se->conn.congestion_threshold = se->conn.max_background * 3 / 4;
- }
-
- outarg.max_background = se->conn.max_background;
- outarg.congestion_threshold = se->conn.congestion_threshold;
+ if (se->conn.max_background >= (1 << 16)) {
+ se->conn.max_background = (1 << 16) - 1;
+ }
+ if (se->conn.congestion_threshold > se->conn.max_background) {
+ se->conn.congestion_threshold = se->conn.max_background;
}
- if (se->conn.proto_minor >= 23) {
- outarg.time_gran = se->conn.time_gran;
+ if (!se->conn.congestion_threshold) {
+ se->conn.congestion_threshold = se->conn.max_background * 3 / 4;
}
+ outarg.max_background = se->conn.max_background;
+ outarg.congestion_threshold = se->conn.congestion_threshold;
+ outarg.time_gran = se->conn.time_gran;
+
if (se->debug) {
fuse_log(FUSE_LOG_DEBUG, " INIT: %u.%u\n", outarg.major,
outarg.minor);
@@ -1828,11 +1757,6 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
outarg.congestion_threshold);
fuse_log(FUSE_LOG_DEBUG, " time_gran=%u\n", outarg.time_gran);
}
- if (arg->minor < 5) {
- outargsize = FUSE_COMPAT_INIT_OUT_SIZE;
- } else if (arg->minor < 23) {
- outargsize = FUSE_COMPAT_22_INIT_OUT_SIZE;
- }
send_reply_ok(req, &outarg, outargsize);
}
@@ -1896,10 +1820,6 @@ int fuse_lowlevel_notify_inval_inode(struct fuse_session *se, fuse_ino_t ino,
return -EINVAL;
}
- if (se->conn.proto_major < 6 || se->conn.proto_minor < 12) {
- return -ENOSYS;
- }
-
outarg.ino = ino;
outarg.off = off;
outarg.len = len;
@@ -1920,10 +1840,6 @@ int fuse_lowlevel_notify_inval_entry(struct fuse_session *se, fuse_ino_t parent,
return -EINVAL;
}
- if (se->conn.proto_major < 6 || se->conn.proto_minor < 12) {
- return -ENOSYS;
- }
-
outarg.parent = parent;
outarg.namelen = namelen;
outarg.padding = 0;
@@ -1947,10 +1863,6 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
return -EINVAL;
}
- if (se->conn.proto_major < 6 || se->conn.proto_minor < 18) {
- return -ENOSYS;
- }
-
outarg.parent = parent;
outarg.child = child;
outarg.namelen = namelen;
@@ -1977,10 +1889,6 @@ int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
return -EINVAL;
}
- if (se->conn.proto_major < 6 || se->conn.proto_minor < 15) {
- return -ENOSYS;
- }
-
out.unique = 0;
out.error = FUSE_NOTIFY_STORE;

36
0023-vitriofsd-passthrough_ll-fix-fallocate-ifdefs.patch Normal file
View File

@ -0,0 +1,36 @@
From: Xiao Yang <yangx.jy@cn.fujitsu.com>
Date: Mon, 27 Jan 2020 19:00:52 +0000
Subject: [PATCH] vitriofsd/passthrough_ll: fix fallocate() ifdefs
1) Use correct CONFIG_FALLOCATE macro to check if fallocate() is supported.(i.e configure
script sets CONFIG_FALLOCATE intead of HAVE_FALLOCATE if fallocate() is supported)
2) Replace HAVE_POSIX_FALLOCATE with CONFIG_POSIX_FALLOCATE.
Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Merged from two of Xiao Yang's patches
(cherry picked from commit 9776457ca6f05d5900e27decb1dba2ffddf95a22)
---
tools/virtiofsd/passthrough_ll.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 322a889cdf..6c4da18075 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -975,13 +975,13 @@ static void lo_fallocate(fuse_req_t req, fuse_ino_t ino, int mode, off_t offset,
int err = EOPNOTSUPP;
(void)ino;
-#ifdef HAVE_FALLOCATE
+#ifdef CONFIG_FALLOCATE
err = fallocate(fi->fh, mode, offset, length);
if (err < 0) {
err = errno;
}
-#elif defined(HAVE_POSIX_FALLOCATE)
+#elif defined(CONFIG_POSIX_FALLOCATE)
if (mode) {
fuse_reply_err(req, EOPNOTSUPP);
return;

79
0024-virtiofsd-Make-fsync-work-even-if-only-inode-is-pass.patch Normal file
View File

@ -0,0 +1,79 @@
From: Vivek Goyal <vgoyal@redhat.com>
Date: Mon, 27 Jan 2020 19:00:53 +0000
Subject: [PATCH] virtiofsd: Make fsync work even if only inode is passed in
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If caller has not sent file handle in request, then using inode, retrieve
the fd opened using O_PATH and use that to open file again and issue
fsync. This will be needed when dax_flush() calls fsync. At that time
we only have inode information (and not file).
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 1b209805f8159c3f4d89ddb9390a5f64887cebff)
---
tools/virtiofsd/fuse_lowlevel.c | 6 +++++-
tools/virtiofsd/passthrough_ll.c | 28 ++++++++++++++++++++++++++--
2 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 514d79cb24..8552cfb8af 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -1075,7 +1075,11 @@ static void do_fsync(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
fi.fh = arg->fh;
if (req->se->op.fsync) {
- req->se->op.fsync(req, nodeid, datasync, &fi);
+ if (fi.fh == (uint64_t)-1) {
+ req->se->op.fsync(req, nodeid, datasync, NULL);
+ } else {
+ req->se->op.fsync(req, nodeid, datasync, &fi);
+ }
} else {
fuse_reply_err(req, ENOSYS);
}
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 6c4da18075..26ac87013b 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -903,10 +903,34 @@ static void lo_fsync(fuse_req_t req, fuse_ino_t ino, int datasync,
{
int res;
(void)ino;
+ int fd;
+ char *buf;
+
+ fuse_log(FUSE_LOG_DEBUG, "lo_fsync(ino=%" PRIu64 ", fi=0x%p)\n", ino,
+ (void *)fi);
+
+ if (!fi) {
+ res = asprintf(&buf, "/proc/self/fd/%i", lo_fd(req, ino));
+ if (res == -1) {
+ return (void)fuse_reply_err(req, errno);
+ }
+
+ fd = open(buf, O_RDWR);
+ free(buf);
+ if (fd == -1) {
+ return (void)fuse_reply_err(req, errno);
+ }
+ } else {
+ fd = fi->fh;
+ }
+
if (datasync) {
- res = fdatasync(fi->fh);
+ res = fdatasync(fd);
} else {
- res = fsync(fi->fh);
+ res = fsync(fd);
+ }
+ if (!fi) {
+ close(fd);
}
fuse_reply_err(req, res == -1 ? errno : 0);
}

84
0025-virtiofsd-Add-options-for-virtio.patch Normal file
View File

@ -0,0 +1,84 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:54 +0000
Subject: [PATCH] virtiofsd: Add options for virtio
Add options to specify parameters for virtio-fs paths, i.e.
./virtiofsd -o vhost_user_socket=/tmp/vhostqemu
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 205de006aab8dcbe546a7e3a51d295c2d05e654b)
---
tools/virtiofsd/fuse_i.h | 1 +
tools/virtiofsd/fuse_lowlevel.c | 11 ++++++++---
tools/virtiofsd/helper.c | 14 +++++++-------
3 files changed, 16 insertions(+), 10 deletions(-)
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index bae06992e0..26b1a7da88 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -63,6 +63,7 @@ struct fuse_session {
struct fuse_notify_req notify_list;
size_t bufsize;
int error;
+ char *vu_socket_path;
};
struct fuse_chan {
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 8552cfb8af..17e8718283 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2115,8 +2115,11 @@ reply_err:
}
static const struct fuse_opt fuse_ll_opts[] = {
- LL_OPTION("debug", debug, 1), LL_OPTION("-d", debug, 1),
- LL_OPTION("--debug", debug, 1), LL_OPTION("allow_root", deny_others, 1),
+ LL_OPTION("debug", debug, 1),
+ LL_OPTION("-d", debug, 1),
+ LL_OPTION("--debug", debug, 1),
+ LL_OPTION("allow_root", deny_others, 1),
+ LL_OPTION("--socket-path=%s", vu_socket_path, 0),
FUSE_OPT_END
};
@@ -2132,7 +2135,9 @@ void fuse_lowlevel_help(void)
* These are not all options, but the ones that are
* potentially of interest to an end-user
*/
- printf(" -o allow_root allow access by root\n");
+ printf(
+ " -o allow_root allow access by root\n"
+ " --socket-path=PATH path for the vhost-user socket\n");
}
void fuse_session_destroy(struct fuse_session *se)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 9333691525..676032e71f 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -127,13 +127,13 @@ static const struct fuse_opt conn_info_opt_spec[] = {
void fuse_cmdline_help(void)
{
- printf(
- " -h --help print help\n"
- " -V --version print version\n"
- " -d -o debug enable debug output (implies -f)\n"
- " -f foreground operation\n"
- " -o max_idle_threads the maximum number of idle worker threads\n"
- " allowed (default: 10)\n");
+ printf(" -h --help print help\n"
+ " -V --version print version\n"
+ " -d -o debug enable debug output (implies -f)\n"
+ " -f foreground operation\n"
+ " -o max_idle_threads the maximum number of idle worker "
+ "threads\n"
+ " allowed (default: 10)\n");
}
static int fuse_helper_opt_proc(void *data, const char *arg, int key,

30
0026-virtiofsd-add-o-source-PATH-to-help-output.patch Normal file
View File

@ -0,0 +1,30 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:00:55 +0000
Subject: [PATCH] virtiofsd: add -o source=PATH to help output
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The -o source=PATH option will be used by most command-line invocations.
Let's document it!
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 4ff075f72be2f489c8998ae492ec5cdbbbd73e07)
---
tools/virtiofsd/passthrough_ll.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 26ac87013b..fc9b264d56 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1319,6 +1319,7 @@ int main(int argc, char *argv[])
if (opts.show_help) {
printf("usage: %s [options]\n\n", argv[0]);
fuse_cmdline_help();
+ printf(" -o source=PATH shared directory tree\n");
fuse_lowlevel_help();
ret = 0;
goto err_out1;

241
0027-virtiofsd-Open-vhost-connection-instead-of-mounting.patch Normal file
View File

@ -0,0 +1,241 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:56 +0000
Subject: [PATCH] virtiofsd: Open vhost connection instead of mounting
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When run with vhost-user options we conect to the QEMU instead
via a socket. Start this off by creating the socket.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit d14bf584dd965821e80d14c16d9292a464b1ab85)
---
tools/virtiofsd/fuse_i.h | 7 ++-
tools/virtiofsd/fuse_lowlevel.c | 55 +++--------------------
tools/virtiofsd/fuse_virtio.c | 79 +++++++++++++++++++++++++++++++++
tools/virtiofsd/fuse_virtio.h | 23 ++++++++++
4 files changed, 114 insertions(+), 50 deletions(-)
create mode 100644 tools/virtiofsd/fuse_virtio.c
create mode 100644 tools/virtiofsd/fuse_virtio.h
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index 26b1a7da88..82d6ac7115 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -6,9 +6,10 @@
* See the file COPYING.LIB
*/
-#define FUSE_USE_VERSION 31
-
+#ifndef FUSE_I_H
+#define FUSE_I_H
+#define FUSE_USE_VERSION 31
#include "fuse.h"
#include "fuse_lowlevel.h"
@@ -101,3 +102,5 @@ void fuse_session_process_buf_int(struct fuse_session *se,
/* room needed in buffer to accommodate header */
#define FUSE_BUFFER_HEADER_SIZE 0x1000
+
+#endif
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 17e8718283..5df124e64b 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -14,6 +14,7 @@
#include "standard-headers/linux/fuse.h"
#include "fuse_misc.h"
#include "fuse_opt.h"
+#include "fuse_virtio.h"
#include <assert.h>
#include <errno.h>
@@ -2202,6 +2203,11 @@ struct fuse_session *fuse_session_new(struct fuse_args *args,
goto out4;
}
+ if (!se->vu_socket_path) {
+ fprintf(stderr, "fuse: missing -o vhost_user_socket option\n");
+ goto out4;
+ }
+
se->bufsize = FUSE_MAX_MAX_PAGES * getpagesize() + FUSE_BUFFER_HEADER_SIZE;
list_init_req(&se->list);
@@ -2224,54 +2230,7 @@ out1:
int fuse_session_mount(struct fuse_session *se)
{
- int fd;
-
- /*
- * Make sure file descriptors 0, 1 and 2 are open, otherwise chaos
- * would ensue.
- */
- do {
- fd = open("/dev/null", O_RDWR);
- if (fd > 2) {
- close(fd);
- }
- } while (fd >= 0 && fd <= 2);
-
- /*
- * To allow FUSE daemons to run without privileges, the caller may open
- * /dev/fuse before launching the file system and pass on the file
- * descriptor by specifying /dev/fd/N as the mount point. Note that the
- * parent process takes care of performing the mount in this case.
- */
- fd = fuse_mnt_parse_fuse_fd(mountpoint);
- if (fd != -1) {
- if (fcntl(fd, F_GETFD) == -1) {
- fuse_log(FUSE_LOG_ERR, "fuse: Invalid file descriptor /dev/fd/%u\n",
- fd);
- return -1;
- }
- se->fd = fd;
- return 0;
- }
-
- /* Open channel */
- fd = fuse_kern_mount(mountpoint, se->mo);
- if (fd == -1) {
- return -1;
- }
- se->fd = fd;
-
- /* Save mountpoint */
- se->mountpoint = strdup(mountpoint);
- if (se->mountpoint == NULL) {
- goto error_out;
- }
-
- return 0;
-
-error_out:
- fuse_kern_unmount(mountpoint, fd);
- return -1;
+ return virtio_session_mount(se);
}
int fuse_session_fd(struct fuse_session *se)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
new file mode 100644
index 0000000000..cbef6ffdda
--- /dev/null
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -0,0 +1,79 @@
+/*
+ * virtio-fs glue for FUSE
+ * Copyright (C) 2018 Red Hat, Inc. and/or its affiliates
+ *
+ * Authors:
+ * Dave Gilbert <dgilbert@redhat.com>
+ *
+ * Implements the glue between libfuse and libvhost-user
+ *
+ * This program can be distributed under the terms of the GNU LGPLv2.
+ * See the file COPYING.LIB
+ */
+
+#include "fuse_i.h"
+#include "standard-headers/linux/fuse.h"
+#include "fuse_misc.h"
+#include "fuse_opt.h"
+#include "fuse_virtio.h"
+
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/un.h>
+#include <unistd.h>
+
+/* From spec */
+struct virtio_fs_config {
+ char tag[36];
+ uint32_t num_queues;
+};
+
+int virtio_session_mount(struct fuse_session *se)
+{
+ struct sockaddr_un un;
+ mode_t old_umask;
+
+ if (strlen(se->vu_socket_path) >= sizeof(un.sun_path)) {
+ fuse_log(FUSE_LOG_ERR, "Socket path too long\n");
+ return -1;
+ }
+
+ se->fd = -1;
+
+ /*
+ * Create the Unix socket to communicate with qemu
+ * based on QEMU's vhost-user-bridge
+ */
+ unlink(se->vu_socket_path);
+ strcpy(un.sun_path, se->vu_socket_path);
+ size_t addr_len = sizeof(un);
+
+ int listen_sock = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (listen_sock == -1) {
+ fuse_log(FUSE_LOG_ERR, "vhost socket creation: %m\n");
+ return -1;
+ }
+ un.sun_family = AF_UNIX;
+
+ /*
+ * Unfortunately bind doesn't let you set the mask on the socket,
+ * so set umask to 077 and restore it later.
+ */
+ old_umask = umask(0077);
+ if (bind(listen_sock, (struct sockaddr *)&un, addr_len) == -1) {
+ fuse_log(FUSE_LOG_ERR, "vhost socket bind: %m\n");
+ umask(old_umask);
+ return -1;
+ }
+ umask(old_umask);
+
+ if (listen(listen_sock, 1) == -1) {
+ fuse_log(FUSE_LOG_ERR, "vhost socket listen: %m\n");
+ return -1;
+ }
+
+ return -1;
+}
diff --git a/tools/virtiofsd/fuse_virtio.h b/tools/virtiofsd/fuse_virtio.h
new file mode 100644
index 0000000000..8f2edb69ca
--- /dev/null
+++ b/tools/virtiofsd/fuse_virtio.h
@@ -0,0 +1,23 @@
+/*
+ * virtio-fs glue for FUSE
+ * Copyright (C) 2018 Red Hat, Inc. and/or its affiliates
+ *
+ * Authors:
+ * Dave Gilbert <dgilbert@redhat.com>
+ *
+ * Implements the glue between libfuse and libvhost-user
+ *
+ * This program can be distributed under the terms of the GNU LGPLv2.
+ * See the file COPYING.LIB
+ */
+
+#ifndef FUSE_VIRTIO_H
+#define FUSE_VIRTIO_H
+
+#include "fuse_i.h"
+
+struct fuse_session;
+
+int virtio_session_mount(struct fuse_session *se);
+
+#endif

231
0028-virtiofsd-Start-wiring-up-vhost-user.patch Normal file
View File

@ -0,0 +1,231 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:57 +0000
Subject: [PATCH] virtiofsd: Start wiring up vhost-user
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Listen on our unix socket for the connection from QEMU, when we get it
initialise vhost-user and dive into our own loop variant (currently
dummy).
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit f6f3573c6f271af5ded63ce28589a113f7205c72)
---
tools/virtiofsd/fuse_i.h | 4 ++
tools/virtiofsd/fuse_lowlevel.c | 5 ++
tools/virtiofsd/fuse_lowlevel.h | 7 +++
tools/virtiofsd/fuse_virtio.c | 87 +++++++++++++++++++++++++++++++-
tools/virtiofsd/fuse_virtio.h | 2 +
tools/virtiofsd/passthrough_ll.c | 7 +--
6 files changed, 106 insertions(+), 6 deletions(-)
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index 82d6ac7115..ec04449069 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -13,6 +13,8 @@
#include "fuse.h"
#include "fuse_lowlevel.h"
+struct fv_VuDev;
+
struct fuse_req {
struct fuse_session *se;
uint64_t unique;
@@ -65,6 +67,8 @@ struct fuse_session {
size_t bufsize;
int error;
char *vu_socket_path;
+ int vu_socketfd;
+ struct fv_VuDev *virtio_dev;
};
struct fuse_chan {
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 5df124e64b..af09fa2b94 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2242,6 +2242,11 @@ void fuse_session_unmount(struct fuse_session *se)
{
}
+int fuse_lowlevel_is_virtio(struct fuse_session *se)
+{
+ return se->vu_socket_path != NULL;
+}
+
#ifdef linux
int fuse_req_getgroups(fuse_req_t req, int size, gid_t list[])
{
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index 2fa225d40b..f6b34700af 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1755,6 +1755,13 @@ void fuse_req_interrupt_func(fuse_req_t req, fuse_interrupt_func_t func,
*/
int fuse_req_interrupted(fuse_req_t req);
+/**
+ * Check if the session is connected via virtio
+ *
+ * @param se session object
+ * @return 1 if the session is a virtio session
+ */
+int fuse_lowlevel_is_virtio(struct fuse_session *se);
/*
* Inquiry functions
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index cbef6ffdda..2ae3c764dd 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -19,18 +19,78 @@
#include <stdint.h>
#include <stdio.h>
+#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/un.h>
#include <unistd.h>
+#include "contrib/libvhost-user/libvhost-user.h"
+
+/*
+ * We pass the dev element into libvhost-user
+ * and then use it to get back to the outer
+ * container for other data.
+ */
+struct fv_VuDev {
+ VuDev dev;
+ struct fuse_session *se;
+};
+
/* From spec */
struct virtio_fs_config {
char tag[36];
uint32_t num_queues;
};
+/*
+ * Callback from libvhost-user if there's a new fd we're supposed to listen
+ * to, typically a queue kick?
+ */
+static void fv_set_watch(VuDev *dev, int fd, int condition, vu_watch_cb cb,
+ void *data)
+{
+ fuse_log(FUSE_LOG_WARNING, "%s: TODO! fd=%d\n", __func__, fd);
+}
+
+/*
+ * Callback from libvhost-user if we're no longer supposed to listen on an fd
+ */
+static void fv_remove_watch(VuDev *dev, int fd)
+{
+ fuse_log(FUSE_LOG_WARNING, "%s: TODO! fd=%d\n", __func__, fd);
+}
+
+/* Callback from libvhost-user to panic */
+static void fv_panic(VuDev *dev, const char *err)
+{
+ fuse_log(FUSE_LOG_ERR, "%s: libvhost-user: %s\n", __func__, err);
+ /* TODO: Allow reconnects?? */
+ exit(EXIT_FAILURE);
+}
+
+static bool fv_queue_order(VuDev *dev, int qidx)
+{
+ return false;
+}
+
+static const VuDevIface fv_iface = {
+ /* TODO: Add other callbacks */
+ .queue_is_processed_in_order = fv_queue_order,
+};
+
+int virtio_loop(struct fuse_session *se)
+{
+ fuse_log(FUSE_LOG_INFO, "%s: Entry\n", __func__);
+
+ while (1) {
+ /* TODO: Add stuffing */
+ }
+
+ fuse_log(FUSE_LOG_INFO, "%s: Exit\n", __func__);
+}
+
int virtio_session_mount(struct fuse_session *se)
{
struct sockaddr_un un;
@@ -75,5 +135,30 @@ int virtio_session_mount(struct fuse_session *se)
return -1;
}
- return -1;
+ fuse_log(FUSE_LOG_INFO, "%s: Waiting for vhost-user socket connection...\n",
+ __func__);
+ int data_sock = accept(listen_sock, NULL, NULL);
+ if (data_sock == -1) {
+ fuse_log(FUSE_LOG_ERR, "vhost socket accept: %m\n");
+ close(listen_sock);
+ return -1;
+ }
+ close(listen_sock);
+ fuse_log(FUSE_LOG_INFO, "%s: Received vhost-user socket connection\n",
+ __func__);
+
+ /* TODO: Some cleanup/deallocation! */
+ se->virtio_dev = calloc(sizeof(struct fv_VuDev), 1);
+ if (!se->virtio_dev) {
+ fuse_log(FUSE_LOG_ERR, "%s: virtio_dev calloc failed\n", __func__);
+ close(data_sock);
+ return -1;
+ }
+
+ se->vu_socketfd = data_sock;
+ se->virtio_dev->se = se;
+ vu_init(&se->virtio_dev->dev, 2, se->vu_socketfd, fv_panic, fv_set_watch,
+ fv_remove_watch, &fv_iface);
+
+ return 0;
}
diff --git a/tools/virtiofsd/fuse_virtio.h b/tools/virtiofsd/fuse_virtio.h
index 8f2edb69ca..23026d6e4c 100644
--- a/tools/virtiofsd/fuse_virtio.h
+++ b/tools/virtiofsd/fuse_virtio.h
@@ -20,4 +20,6 @@ struct fuse_session;
int virtio_session_mount(struct fuse_session *se);
+int virtio_loop(struct fuse_session *se);
+
#endif
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index fc9b264d56..037c5d7b26 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -36,6 +36,7 @@
*/
#include "qemu/osdep.h"
+#include "fuse_virtio.h"
#include "fuse_lowlevel.h"
#include <assert.h>
#include <dirent.h>
@@ -1395,11 +1396,7 @@ int main(int argc, char *argv[])
fuse_daemonize(opts.foreground);
/* Block until ctrl+c or fusermount -u */
- if (opts.singlethread) {
- ret = fuse_session_loop(se);
- } else {
- ret = fuse_session_loop_mt(se, opts.clone_fd);
- }
+ ret = virtio_loop(se);
fuse_session_unmount(se);
err_out3:

89
0029-virtiofsd-Add-main-virtio-loop.patch Normal file
View File

@ -0,0 +1,89 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:58 +0000
Subject: [PATCH] virtiofsd: Add main virtio loop
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Processes incoming requests on the vhost-user fd.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 204d8ae57b3c57098642c79b3c03d42495149c09)
---
tools/virtiofsd/fuse_virtio.c | 42 ++++++++++++++++++++++++++++++++---
1 file changed, 39 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 2ae3c764dd..1928a2025c 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -11,12 +11,14 @@
* See the file COPYING.LIB
*/
+#include "fuse_virtio.h"
#include "fuse_i.h"
#include "standard-headers/linux/fuse.h"
#include "fuse_misc.h"
#include "fuse_opt.h"
-#include "fuse_virtio.h"
+#include <assert.h>
+#include <errno.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
@@ -80,15 +82,49 @@ static const VuDevIface fv_iface = {
.queue_is_processed_in_order = fv_queue_order,
};
+/*
+ * Main loop; this mostly deals with events on the vhost-user
+ * socket itself, and not actual fuse data.
+ */
int virtio_loop(struct fuse_session *se)
{
fuse_log(FUSE_LOG_INFO, "%s: Entry\n", __func__);
- while (1) {
- /* TODO: Add stuffing */
+ while (!fuse_session_exited(se)) {
+ struct pollfd pf[1];
+ pf[0].fd = se->vu_socketfd;
+ pf[0].events = POLLIN;
+ pf[0].revents = 0;
+
+ fuse_log(FUSE_LOG_DEBUG, "%s: Waiting for VU event\n", __func__);
+ int poll_res = ppoll(pf, 1, NULL, NULL);
+
+ if (poll_res == -1) {
+ if (errno == EINTR) {
+ fuse_log(FUSE_LOG_INFO, "%s: ppoll interrupted, going around\n",
+ __func__);
+ continue;
+ }
+ fuse_log(FUSE_LOG_ERR, "virtio_loop ppoll: %m\n");
+ break;
+ }
+ assert(poll_res == 1);
+ if (pf[0].revents & (POLLERR | POLLHUP | POLLNVAL)) {
+ fuse_log(FUSE_LOG_ERR, "%s: Unexpected poll revents %x\n", __func__,
+ pf[0].revents);
+ break;
+ }
+ assert(pf[0].revents & POLLIN);
+ fuse_log(FUSE_LOG_DEBUG, "%s: Got VU event\n", __func__);
+ if (!vu_dispatch(&se->virtio_dev->dev)) {
+ fuse_log(FUSE_LOG_ERR, "%s: vu_dispatch failed\n", __func__);
+ break;
+ }
}
fuse_log(FUSE_LOG_INFO, "%s: Exit\n", __func__);
+
+ return 0;
}
int virtio_session_mount(struct fuse_session *se)

50
0030-virtiofsd-get-set-features-callbacks.patch Normal file
View File

@ -0,0 +1,50 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:00:59 +0000
Subject: [PATCH] virtiofsd: get/set features callbacks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Add the get/set features callbacks.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit f2cef5fb9ae20136ca18d16328787b69b3abfa18)
---
tools/virtiofsd/fuse_virtio.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 1928a2025c..4819e56568 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -46,6 +46,17 @@ struct virtio_fs_config {
uint32_t num_queues;
};
+/* Callback from libvhost-user */
+static uint64_t fv_get_features(VuDev *dev)
+{
+ return 1ULL << VIRTIO_F_VERSION_1;
+}
+
+/* Callback from libvhost-user */
+static void fv_set_features(VuDev *dev, uint64_t features)
+{
+}
+
/*
* Callback from libvhost-user if there's a new fd we're supposed to listen
* to, typically a queue kick?
@@ -78,7 +89,9 @@ static bool fv_queue_order(VuDev *dev, int qidx)
}
static const VuDevIface fv_iface = {
- /* TODO: Add other callbacks */
+ .get_features = fv_get_features,
+ .set_features = fv_set_features,
+
.queue_is_processed_in_order = fv_queue_order,
};

148
0031-virtiofsd-Start-queue-threads.patch Normal file
View File

@ -0,0 +1,148 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:00 +0000
Subject: [PATCH] virtiofsd: Start queue threads
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Start a thread for each queue when we get notified it's been started.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
fix by:
Signed-off-by: Jun Piao <piaojun@huawei.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit e4c55a3c144493b436e40031e2eed61a84eca47b)
---
tools/virtiofsd/fuse_virtio.c | 89 +++++++++++++++++++++++++++++++++++
1 file changed, 89 insertions(+)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 4819e56568..2a94bb3cca 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -11,6 +11,7 @@
* See the file COPYING.LIB
*/
+#include "qemu/osdep.h"
#include "fuse_virtio.h"
#include "fuse_i.h"
#include "standard-headers/linux/fuse.h"
@@ -30,6 +31,15 @@
#include "contrib/libvhost-user/libvhost-user.h"
+struct fv_QueueInfo {
+ pthread_t thread;
+ struct fv_VuDev *virtio_dev;
+
+ /* Our queue index, corresponds to array position */
+ int qidx;
+ int kick_fd;
+};
+
/*
* We pass the dev element into libvhost-user
* and then use it to get back to the outer
@@ -38,6 +48,13 @@
struct fv_VuDev {
VuDev dev;
struct fuse_session *se;
+
+ /*
+ * The following pair of fields are only accessed in the main
+ * virtio_loop
+ */
+ size_t nqueues;
+ struct fv_QueueInfo **qi;
};
/* From spec */
@@ -83,6 +100,75 @@ static void fv_panic(VuDev *dev, const char *err)
exit(EXIT_FAILURE);
}
+static void *fv_queue_thread(void *opaque)
+{
+ struct fv_QueueInfo *qi = opaque;
+ fuse_log(FUSE_LOG_INFO, "%s: Start for queue %d kick_fd %d\n", __func__,
+ qi->qidx, qi->kick_fd);
+ while (1) {
+ /* TODO */
+ }
+
+ return NULL;
+}
+
+/* Callback from libvhost-user on start or stop of a queue */
+static void fv_queue_set_started(VuDev *dev, int qidx, bool started)
+{
+ struct fv_VuDev *vud = container_of(dev, struct fv_VuDev, dev);
+ struct fv_QueueInfo *ourqi;
+
+ fuse_log(FUSE_LOG_INFO, "%s: qidx=%d started=%d\n", __func__, qidx,
+ started);
+ assert(qidx >= 0);
+
+ /*
+ * Ignore additional request queues for now. passthrough_ll.c must be
+ * audited for thread-safety issues first. It was written with a
+ * well-behaved client in mind and may not protect against all types of
+ * races yet.
+ */
+ if (qidx > 1) {
+ fuse_log(FUSE_LOG_ERR,
+ "%s: multiple request queues not yet implemented, please only "
+ "configure 1 request queue\n",
+ __func__);
+ exit(EXIT_FAILURE);
+ }
+
+ if (started) {
+ /* Fire up a thread to watch this queue */
+ if (qidx >= vud->nqueues) {
+ vud->qi = realloc(vud->qi, (qidx + 1) * sizeof(vud->qi[0]));
+ assert(vud->qi);
+ memset(vud->qi + vud->nqueues, 0,
+ sizeof(vud->qi[0]) * (1 + (qidx - vud->nqueues)));
+ vud->nqueues = qidx + 1;
+ }
+ if (!vud->qi[qidx]) {
+ vud->qi[qidx] = calloc(sizeof(struct fv_QueueInfo), 1);
+ assert(vud->qi[qidx]);
+ vud->qi[qidx]->virtio_dev = vud;
+ vud->qi[qidx]->qidx = qidx;
+ } else {
+ /* Shouldn't have been started */
+ assert(vud->qi[qidx]->kick_fd == -1);
+ }
+ ourqi = vud->qi[qidx];
+ ourqi->kick_fd = dev->vq[qidx].kick_fd;
+ if (pthread_create(&ourqi->thread, NULL, fv_queue_thread, ourqi)) {
+ fuse_log(FUSE_LOG_ERR, "%s: Failed to create thread for queue %d\n",
+ __func__, qidx);
+ assert(0);
+ }
+ } else {
+ /* TODO: Kill the thread */
+ assert(qidx < vud->nqueues);
+ ourqi = vud->qi[qidx];
+ ourqi->kick_fd = -1;
+ }
+}
+
static bool fv_queue_order(VuDev *dev, int qidx)
{
return false;
@@ -92,6 +178,9 @@ static const VuDevIface fv_iface = {
.get_features = fv_get_features,
.set_features = fv_set_features,
+ /* Don't need process message, we've not got any at vhost-user level */
+ .queue_set_started = fv_queue_set_started,
+
.queue_is_processed_in_order = fv_queue_order,
};

81
0032-virtiofsd-Poll-kick_fd-for-queue.patch Normal file
View File

@ -0,0 +1,81 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:01 +0000
Subject: [PATCH] virtiofsd: Poll kick_fd for queue
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In the queue thread poll the kick_fd we're passed.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 5dcd1f56141378226d33dc3df68ec57913e0aa04)
---
tools/virtiofsd/fuse_virtio.c | 40 ++++++++++++++++++++++++++++++++++-
1 file changed, 39 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 2a94bb3cca..05e7258712 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -24,6 +24,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <sys/eventfd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <sys/un.h>
@@ -100,13 +101,50 @@ static void fv_panic(VuDev *dev, const char *err)
exit(EXIT_FAILURE);
}
+/* Thread function for individual queues, created when a queue is 'started' */
static void *fv_queue_thread(void *opaque)
{
struct fv_QueueInfo *qi = opaque;
fuse_log(FUSE_LOG_INFO, "%s: Start for queue %d kick_fd %d\n", __func__,
qi->qidx, qi->kick_fd);
while (1) {
- /* TODO */
+ struct pollfd pf[1];
+ pf[0].fd = qi->kick_fd;
+ pf[0].events = POLLIN;
+ pf[0].revents = 0;
+
+ fuse_log(FUSE_LOG_DEBUG, "%s: Waiting for Queue %d event\n", __func__,
+ qi->qidx);
+ int poll_res = ppoll(pf, 1, NULL, NULL);
+
+ if (poll_res == -1) {
+ if (errno == EINTR) {
+ fuse_log(FUSE_LOG_INFO, "%s: ppoll interrupted, going around\n",
+ __func__);
+ continue;
+ }
+ fuse_log(FUSE_LOG_ERR, "fv_queue_thread ppoll: %m\n");
+ break;
+ }
+ assert(poll_res == 1);
+ if (pf[0].revents & (POLLERR | POLLHUP | POLLNVAL)) {
+ fuse_log(FUSE_LOG_ERR, "%s: Unexpected poll revents %x Queue %d\n",
+ __func__, pf[0].revents, qi->qidx);
+ break;
+ }
+ assert(pf[0].revents & POLLIN);
+ fuse_log(FUSE_LOG_DEBUG, "%s: Got queue event on Queue %d\n", __func__,
+ qi->qidx);
+
+ eventfd_t evalue;
+ if (eventfd_read(qi->kick_fd, &evalue)) {
+ fuse_log(FUSE_LOG_ERR, "Eventfd_read for queue: %m\n");
+ break;
+ }
+ if (qi->virtio_dev->se->debug) {
+ fprintf(stderr, "%s: Queue %d gave evalue: %zx\n", __func__,
+ qi->qidx, (size_t)evalue);
+ }
}
return NULL;

184
0033-virtiofsd-Start-reading-commands-from-queue.patch Normal file
View File

@ -0,0 +1,184 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:02 +0000
Subject: [PATCH] virtiofsd: Start reading commands from queue
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Pop queue elements off queues, copy the data from them and
pass that to fuse.
Note: 'out' in a VuVirtqElement is from QEMU
'in' in libfuse is into the daemon
So we read from the out iov's to get a fuse_in_header
When we get a kick we've got to read all the elements until the queue
is empty.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit b509e1228b3e5eb83c14819045988999fc2dbd1b)
---
tools/virtiofsd/fuse_i.h | 2 +
tools/virtiofsd/fuse_virtio.c | 99 +++++++++++++++++++++++++++++++++--
2 files changed, 98 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index ec04449069..1126723d18 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -14,6 +14,7 @@
#include "fuse_lowlevel.h"
struct fv_VuDev;
+struct fv_QueueInfo;
struct fuse_req {
struct fuse_session *se;
@@ -75,6 +76,7 @@ struct fuse_chan {
pthread_mutex_t lock;
int ctr;
int fd;
+ struct fv_QueueInfo *qi;
};
/**
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 05e7258712..3841b20129 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -12,6 +12,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/iov.h"
#include "fuse_virtio.h"
#include "fuse_i.h"
#include "standard-headers/linux/fuse.h"
@@ -32,6 +33,7 @@
#include "contrib/libvhost-user/libvhost-user.h"
+struct fv_VuDev;
struct fv_QueueInfo {
pthread_t thread;
struct fv_VuDev *virtio_dev;
@@ -101,10 +103,41 @@ static void fv_panic(VuDev *dev, const char *err)
exit(EXIT_FAILURE);
}
+/*
+ * Copy from an iovec into a fuse_buf (memory only)
+ * Caller must ensure there is space
+ */
+static void copy_from_iov(struct fuse_buf *buf, size_t out_num,
+ const struct iovec *out_sg)
+{
+ void *dest = buf->mem;
+
+ while (out_num) {
+ size_t onelen = out_sg->iov_len;
+ memcpy(dest, out_sg->iov_base, onelen);
+ dest += onelen;
+ out_sg++;
+ out_num--;
+ }
+}
+
/* Thread function for individual queues, created when a queue is 'started' */
static void *fv_queue_thread(void *opaque)
{
struct fv_QueueInfo *qi = opaque;
+ struct VuDev *dev = &qi->virtio_dev->dev;
+ struct VuVirtq *q = vu_get_queue(dev, qi->qidx);
+ struct fuse_session *se = qi->virtio_dev->se;
+ struct fuse_chan ch;
+ struct fuse_buf fbuf;
+
+ fbuf.mem = NULL;
+ fbuf.flags = 0;
+
+ fuse_mutex_init(&ch.lock);
+ ch.fd = (int)0xdaff0d111;
+ ch.qi = qi;
+
fuse_log(FUSE_LOG_INFO, "%s: Start for queue %d kick_fd %d\n", __func__,
qi->qidx, qi->kick_fd);
while (1) {
@@ -141,11 +174,71 @@ static void *fv_queue_thread(void *opaque)
fuse_log(FUSE_LOG_ERR, "Eventfd_read for queue: %m\n");
break;
}
- if (qi->virtio_dev->se->debug) {
- fprintf(stderr, "%s: Queue %d gave evalue: %zx\n", __func__,
- qi->qidx, (size_t)evalue);
+ /* out is from guest, in is too guest */
+ unsigned int in_bytes, out_bytes;
+ vu_queue_get_avail_bytes(dev, q, &in_bytes, &out_bytes, ~0, ~0);
+
+ fuse_log(FUSE_LOG_DEBUG,
+ "%s: Queue %d gave evalue: %zx available: in: %u out: %u\n",
+ __func__, qi->qidx, (size_t)evalue, in_bytes, out_bytes);
+
+ while (1) {
+ /*
+ * An element contains one request and the space to send our
+ * response They're spread over multiple descriptors in a
+ * scatter/gather set and we can't trust the guest to keep them
+ * still; so copy in/out.
+ */
+ VuVirtqElement *elem = vu_queue_pop(dev, q, sizeof(VuVirtqElement));
+ if (!elem) {
+ break;
+ }
+
+ if (!fbuf.mem) {
+ fbuf.mem = malloc(se->bufsize);
+ assert(fbuf.mem);
+ assert(se->bufsize > sizeof(struct fuse_in_header));
+ }
+ /* The 'out' part of the elem is from qemu */
+ unsigned int out_num = elem->out_num;
+ struct iovec *out_sg = elem->out_sg;
+ size_t out_len = iov_size(out_sg, out_num);
+ fuse_log(FUSE_LOG_DEBUG,
+ "%s: elem %d: with %d out desc of length %zd\n", __func__,
+ elem->index, out_num, out_len);
+
+ /*
+ * The elem should contain a 'fuse_in_header' (in to fuse)
+ * plus the data based on the len in the header.
+ */
+ if (out_len < sizeof(struct fuse_in_header)) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too short for in_header\n",
+ __func__, elem->index);
+ assert(0); /* TODO */
+ }
+ if (out_len > se->bufsize) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too large for buffer\n",
+ __func__, elem->index);
+ assert(0); /* TODO */
+ }
+ copy_from_iov(&fbuf, out_num, out_sg);
+ fbuf.size = out_len;
+
+ /* TODO! Endianness of header */
+
+ /* TODO: Fixup fuse_send_msg */
+ /* TODO: Add checks for fuse_session_exited */
+ fuse_session_process_buf_int(se, &fbuf, &ch);
+
+ /* TODO: vu_queue_push(dev, q, elem, qi->write_count); */
+ vu_queue_notify(dev, q);
+
+ free(elem);
+ elem = NULL;
}
}
+ pthread_mutex_destroy(&ch.lock);
+ free(fbuf.mem);
return NULL;
}

183
0034-virtiofsd-Send-replies-to-messages.patch Normal file
View File

@ -0,0 +1,183 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:03 +0000
Subject: [PATCH] virtiofsd: Send replies to messages
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Route fuse out messages back through the same queue elements
that had the command that triggered the request.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit df57ba919ec3edef9cc208d35685095e6e92713e)
---
tools/virtiofsd/fuse_lowlevel.c | 4 ++
tools/virtiofsd/fuse_virtio.c | 107 ++++++++++++++++++++++++++++++--
tools/virtiofsd/fuse_virtio.h | 4 ++
3 files changed, 111 insertions(+), 4 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index af09fa2b94..380d93bd01 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -171,6 +171,10 @@ static int fuse_send_msg(struct fuse_session *se, struct fuse_chan *ch,
}
}
+ if (fuse_lowlevel_is_virtio(se)) {
+ return virtio_send_msg(se, ch, iov, count);
+ }
+
abort(); /* virtio should have taken it before here */
return 0;
}
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 3841b20129..05d0e29f12 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -41,6 +41,9 @@ struct fv_QueueInfo {
/* Our queue index, corresponds to array position */
int qidx;
int kick_fd;
+
+ /* The element for the command currently being processed */
+ VuVirtqElement *qe;
};
/*
@@ -121,6 +124,105 @@ static void copy_from_iov(struct fuse_buf *buf, size_t out_num,
}
}
+/*
+ * Copy from one iov to another, the given number of bytes
+ * The caller must have checked sizes.
+ */
+static void copy_iov(struct iovec *src_iov, int src_count,
+ struct iovec *dst_iov, int dst_count, size_t to_copy)
+{
+ size_t dst_offset = 0;
+ /* Outer loop copies 'src' elements */
+ while (to_copy) {
+ assert(src_count);
+ size_t src_len = src_iov[0].iov_len;
+ size_t src_offset = 0;
+
+ if (src_len > to_copy) {
+ src_len = to_copy;
+ }
+ /* Inner loop copies contents of one 'src' to maybe multiple dst. */
+ while (src_len) {
+ assert(dst_count);
+ size_t dst_len = dst_iov[0].iov_len - dst_offset;
+ if (dst_len > src_len) {
+ dst_len = src_len;
+ }
+
+ memcpy(dst_iov[0].iov_base + dst_offset,
+ src_iov[0].iov_base + src_offset, dst_len);
+ src_len -= dst_len;
+ to_copy -= dst_len;
+ src_offset += dst_len;
+ dst_offset += dst_len;
+
+ assert(dst_offset <= dst_iov[0].iov_len);
+ if (dst_offset == dst_iov[0].iov_len) {
+ dst_offset = 0;
+ dst_iov++;
+ dst_count--;
+ }
+ }
+ src_iov++;
+ src_count--;
+ }
+}
+
+/*
+ * Called back by ll whenever it wants to send a reply/message back
+ * The 1st element of the iov starts with the fuse_out_header
+ * 'unique'==0 means it's a notify message.
+ */
+int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
+ struct iovec *iov, int count)
+{
+ VuVirtqElement *elem;
+ VuVirtq *q;
+
+ assert(count >= 1);
+ assert(iov[0].iov_len >= sizeof(struct fuse_out_header));
+
+ struct fuse_out_header *out = iov[0].iov_base;
+ /* TODO: Endianness! */
+
+ size_t tosend_len = iov_size(iov, count);
+
+ /* unique == 0 is notification, which we don't support */
+ assert(out->unique);
+ /* For virtio we always have ch */
+ assert(ch);
+ elem = ch->qi->qe;
+ q = &ch->qi->virtio_dev->dev.vq[ch->qi->qidx];
+
+ /* The 'in' part of the elem is to qemu */
+ unsigned int in_num = elem->in_num;
+ struct iovec *in_sg = elem->in_sg;
+ size_t in_len = iov_size(in_sg, in_num);
+ fuse_log(FUSE_LOG_DEBUG, "%s: elem %d: with %d in desc of length %zd\n",
+ __func__, elem->index, in_num, in_len);
+
+ /*
+ * The elem should have room for a 'fuse_out_header' (out from fuse)
+ * plus the data based on the len in the header.
+ */
+ if (in_len < sizeof(struct fuse_out_header)) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too short for out_header\n",
+ __func__, elem->index);
+ return -E2BIG;
+ }
+ if (in_len < tosend_len) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too small for data len %zd\n",
+ __func__, elem->index, tosend_len);
+ return -E2BIG;
+ }
+
+ copy_iov(iov, count, in_sg, in_num, tosend_len);
+ vu_queue_push(&se->virtio_dev->dev, q, elem, tosend_len);
+ vu_queue_notify(&se->virtio_dev->dev, q);
+
+ return 0;
+}
+
/* Thread function for individual queues, created when a queue is 'started' */
static void *fv_queue_thread(void *opaque)
{
@@ -226,13 +328,10 @@ static void *fv_queue_thread(void *opaque)
/* TODO! Endianness of header */
- /* TODO: Fixup fuse_send_msg */
/* TODO: Add checks for fuse_session_exited */
fuse_session_process_buf_int(se, &fbuf, &ch);
- /* TODO: vu_queue_push(dev, q, elem, qi->write_count); */
- vu_queue_notify(dev, q);
-
+ qi->qe = NULL;
free(elem);
elem = NULL;
}
diff --git a/tools/virtiofsd/fuse_virtio.h b/tools/virtiofsd/fuse_virtio.h
index 23026d6e4c..135a14875a 100644
--- a/tools/virtiofsd/fuse_virtio.h
+++ b/tools/virtiofsd/fuse_virtio.h
@@ -22,4 +22,8 @@ int virtio_session_mount(struct fuse_session *se);
int virtio_loop(struct fuse_session *se);
+
+int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
+ struct iovec *iov, int count);
+
#endif

100
0035-virtiofsd-Keep-track-of-replies.patch Normal file
View File

@ -0,0 +1,100 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:04 +0000
Subject: [PATCH] virtiofsd: Keep track of replies
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Keep track of whether we sent a reply to a request; this is a bit
paranoid but it means:
a) We should always recycle an element even if there was an error
in the request
b) Never try and send two replies on one queue element
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 2f65e69a7f22da8d20c747f34f339ebb40a0634f)
---
tools/virtiofsd/fuse_virtio.c | 23 ++++++++++++++++++++---
1 file changed, 20 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 05d0e29f12..f1adeb6345 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -44,6 +44,7 @@ struct fv_QueueInfo {
/* The element for the command currently being processed */
VuVirtqElement *qe;
+ bool reply_sent;
};
/*
@@ -178,6 +179,7 @@ int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
{
VuVirtqElement *elem;
VuVirtq *q;
+ int ret = 0;
assert(count >= 1);
assert(iov[0].iov_len >= sizeof(struct fuse_out_header));
@@ -191,6 +193,7 @@ int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
assert(out->unique);
/* For virtio we always have ch */
assert(ch);
+ assert(!ch->qi->reply_sent);
elem = ch->qi->qe;
q = &ch->qi->virtio_dev->dev.vq[ch->qi->qidx];
@@ -208,19 +211,23 @@ int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
if (in_len < sizeof(struct fuse_out_header)) {
fuse_log(FUSE_LOG_ERR, "%s: elem %d too short for out_header\n",
__func__, elem->index);
- return -E2BIG;
+ ret = -E2BIG;
+ goto err;
}
if (in_len < tosend_len) {
fuse_log(FUSE_LOG_ERR, "%s: elem %d too small for data len %zd\n",
__func__, elem->index, tosend_len);
- return -E2BIG;
+ ret = -E2BIG;
+ goto err;
}
copy_iov(iov, count, in_sg, in_num, tosend_len);
vu_queue_push(&se->virtio_dev->dev, q, elem, tosend_len);
vu_queue_notify(&se->virtio_dev->dev, q);
+ ch->qi->reply_sent = true;
- return 0;
+err:
+ return ret;
}
/* Thread function for individual queues, created when a queue is 'started' */
@@ -296,6 +303,9 @@ static void *fv_queue_thread(void *opaque)
break;
}
+ qi->qe = elem;
+ qi->reply_sent = false;
+
if (!fbuf.mem) {
fbuf.mem = malloc(se->bufsize);
assert(fbuf.mem);
@@ -331,6 +341,13 @@ static void *fv_queue_thread(void *opaque)
/* TODO: Add checks for fuse_session_exited */
fuse_session_process_buf_int(se, &fbuf, &ch);
+ if (!qi->reply_sent) {
+ fuse_log(FUSE_LOG_DEBUG, "%s: elem %d no reply sent\n",
+ __func__, elem->index);
+ /* I think we've still got to recycle the element */
+ vu_queue_push(dev, q, elem, 0);
+ vu_queue_notify(dev, q);
+ }
qi->qe = NULL;
free(elem);
elem = NULL;

90
0036-virtiofsd-Add-Makefile-wiring-for-virtiofsd-contrib.patch Normal file
View File

@ -0,0 +1,90 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:05 +0000
Subject: [PATCH] virtiofsd: Add Makefile wiring for virtiofsd contrib
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Wire up the building of the virtiofsd in tools.
virtiofsd relies on Linux-specific system calls and seccomp. Anyone
wishing to port it to other host operating systems should do so
carefully and without reducing security.
Only allow building on Linux hosts.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 81bfc42dcf473bc8d3790622633410da72d8e622)
---
Makefile | 10 ++++++++++
Makefile.objs | 1 +
tools/virtiofsd/Makefile.objs | 9 +++++++++
3 files changed, 20 insertions(+)
create mode 100644 tools/virtiofsd/Makefile.objs
diff --git a/Makefile b/Makefile
index b437a346d7..10fd31e705 100644
--- a/Makefile
+++ b/Makefile
@@ -330,6 +330,10 @@ endif
endif
endif
+ifdef CONFIG_LINUX
+HELPERS-y += virtiofsd$(EXESUF)
+endif
+
# Sphinx does not allow building manuals into the same directory as
# the source files, so if we're doing an in-tree QEMU build we must
# build the manuals into a subdirectory (and then install them from
@@ -430,6 +434,7 @@ dummy := $(call unnest-vars,, \
elf2dmp-obj-y \
ivshmem-client-obj-y \
ivshmem-server-obj-y \
+ virtiofsd-obj-y \
rdmacm-mux-obj-y \
libvhost-user-obj-y \
vhost-user-scsi-obj-y \
@@ -674,6 +679,11 @@ rdmacm-mux$(EXESUF): LIBS += "-libumad"
rdmacm-mux$(EXESUF): $(rdmacm-mux-obj-y) $(COMMON_LDADDS)
$(call LINK, $^)
+ifdef CONFIG_LINUX # relies on Linux-specific syscalls
+virtiofsd$(EXESUF): $(virtiofsd-obj-y) libvhost-user.a $(COMMON_LDADDS)
+ $(call LINK, $^)
+endif
+
vhost-user-gpu$(EXESUF): $(vhost-user-gpu-obj-y) $(libvhost-user-obj-y) libqemuutil.a libqemustub.a
$(call LINK, $^)
diff --git a/Makefile.objs b/Makefile.objs
index 11ba1a36bd..b5f667a4ba 100644
--- a/Makefile.objs
+++ b/Makefile.objs
@@ -125,6 +125,7 @@ vhost-user-blk-obj-y = contrib/vhost-user-blk/
rdmacm-mux-obj-y = contrib/rdmacm-mux/
vhost-user-input-obj-y = contrib/vhost-user-input/
vhost-user-gpu-obj-y = contrib/vhost-user-gpu/
+virtiofsd-obj-y = tools/virtiofsd/
######################################################################
trace-events-subdirs =
diff --git a/tools/virtiofsd/Makefile.objs b/tools/virtiofsd/Makefile.objs
new file mode 100644
index 0000000000..45a807500d
--- /dev/null
+++ b/tools/virtiofsd/Makefile.objs
@@ -0,0 +1,9 @@
+virtiofsd-obj-y = buffer.o \
+ fuse_opt.o \
+ fuse_log.o \
+ fuse_lowlevel.o \
+ fuse_signals.o \
+ fuse_virtio.o \
+ helper.o \
+ passthrough_ll.o
+

220
0037-virtiofsd-Fast-path-for-virtio-read.patch Normal file
View File

@ -0,0 +1,220 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:06 +0000
Subject: [PATCH] virtiofsd: Fast path for virtio read
Readv the data straight into the guests buffer.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
With fix by:
Signed-off-by: Eryu Guan <eguan@linux.alibaba.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit eb49d187ef5134483a34c970bbfece28aaa686a7)
---
tools/virtiofsd/fuse_lowlevel.c | 5 +
tools/virtiofsd/fuse_virtio.c | 162 ++++++++++++++++++++++++++++++++
tools/virtiofsd/fuse_virtio.h | 4 +
3 files changed, 171 insertions(+)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 380d93bd01..4f4684d942 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -475,6 +475,11 @@ static int fuse_send_data_iov_fallback(struct fuse_session *se,
return fuse_send_msg(se, ch, iov, iov_count);
}
+ if (fuse_lowlevel_is_virtio(se) && buf->count == 1 &&
+ buf->buf[0].flags == (FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK)) {
+ return virtio_send_data_iov(se, ch, iov, iov_count, buf, len);
+ }
+
abort(); /* Will have taken vhost path */
return 0;
}
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index f1adeb6345..7e2711b504 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -230,6 +230,168 @@ err:
return ret;
}
+/*
+ * Callback from fuse_send_data_iov_* when it's virtio and the buffer
+ * is a single FD with FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK
+ * We need send the iov and then the buffer.
+ * Return 0 on success
+ */
+int virtio_send_data_iov(struct fuse_session *se, struct fuse_chan *ch,
+ struct iovec *iov, int count, struct fuse_bufvec *buf,
+ size_t len)
+{
+ int ret = 0;
+ VuVirtqElement *elem;
+ VuVirtq *q;
+
+ assert(count >= 1);
+ assert(iov[0].iov_len >= sizeof(struct fuse_out_header));
+
+ struct fuse_out_header *out = iov[0].iov_base;
+ /* TODO: Endianness! */
+
+ size_t iov_len = iov_size(iov, count);
+ size_t tosend_len = iov_len + len;
+
+ out->len = tosend_len;
+
+ fuse_log(FUSE_LOG_DEBUG, "%s: count=%d len=%zd iov_len=%zd\n", __func__,
+ count, len, iov_len);
+
+ /* unique == 0 is notification which we don't support */
+ assert(out->unique);
+
+ /* For virtio we always have ch */
+ assert(ch);
+ assert(!ch->qi->reply_sent);
+ elem = ch->qi->qe;
+ q = &ch->qi->virtio_dev->dev.vq[ch->qi->qidx];
+
+ /* The 'in' part of the elem is to qemu */
+ unsigned int in_num = elem->in_num;
+ struct iovec *in_sg = elem->in_sg;
+ size_t in_len = iov_size(in_sg, in_num);
+ fuse_log(FUSE_LOG_DEBUG, "%s: elem %d: with %d in desc of length %zd\n",
+ __func__, elem->index, in_num, in_len);
+
+ /*
+ * The elem should have room for a 'fuse_out_header' (out from fuse)
+ * plus the data based on the len in the header.
+ */
+ if (in_len < sizeof(struct fuse_out_header)) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too short for out_header\n",
+ __func__, elem->index);
+ ret = E2BIG;
+ goto err;
+ }
+ if (in_len < tosend_len) {
+ fuse_log(FUSE_LOG_ERR, "%s: elem %d too small for data len %zd\n",
+ __func__, elem->index, tosend_len);
+ ret = E2BIG;
+ goto err;
+ }
+
+ /* TODO: Limit to 'len' */
+
+ /* First copy the header data from iov->in_sg */
+ copy_iov(iov, count, in_sg, in_num, iov_len);
+
+ /*
+ * Build a copy of the the in_sg iov so we can skip bits in it,
+ * including changing the offsets
+ */
+ struct iovec *in_sg_cpy = calloc(sizeof(struct iovec), in_num);
+ assert(in_sg_cpy);
+ memcpy(in_sg_cpy, in_sg, sizeof(struct iovec) * in_num);
+ /* These get updated as we skip */
+ struct iovec *in_sg_ptr = in_sg_cpy;
+ int in_sg_cpy_count = in_num;
+
+ /* skip over parts of in_sg that contained the header iov */
+ size_t skip_size = iov_len;
+
+ size_t in_sg_left = 0;
+ do {
+ while (skip_size != 0 && in_sg_cpy_count) {
+ if (skip_size >= in_sg_ptr[0].iov_len) {
+ skip_size -= in_sg_ptr[0].iov_len;
+ in_sg_ptr++;
+ in_sg_cpy_count--;
+ } else {
+ in_sg_ptr[0].iov_len -= skip_size;
+ in_sg_ptr[0].iov_base += skip_size;
+ break;
+ }
+ }
+
+ int i;
+ for (i = 0, in_sg_left = 0; i < in_sg_cpy_count; i++) {
+ in_sg_left += in_sg_ptr[i].iov_len;
+ }
+ fuse_log(FUSE_LOG_DEBUG,
+ "%s: after skip skip_size=%zd in_sg_cpy_count=%d "
+ "in_sg_left=%zd\n",
+ __func__, skip_size, in_sg_cpy_count, in_sg_left);
+ ret = preadv(buf->buf[0].fd, in_sg_ptr, in_sg_cpy_count,
+ buf->buf[0].pos);
+
+ if (ret == -1) {
+ ret = errno;
+ fuse_log(FUSE_LOG_DEBUG, "%s: preadv failed (%m) len=%zd\n",
+ __func__, len);
+ free(in_sg_cpy);
+ goto err;
+ }
+ fuse_log(FUSE_LOG_DEBUG, "%s: preadv ret=%d len=%zd\n", __func__,
+ ret, len);
+ if (ret < len && ret) {
+ fuse_log(FUSE_LOG_DEBUG, "%s: ret < len\n", __func__);
+ /* Skip over this much next time around */
+ skip_size = ret;
+ buf->buf[0].pos += ret;
+ len -= ret;
+
+ /* Lets do another read */
+ continue;
+ }
+ if (!ret) {
+ /* EOF case? */
+ fuse_log(FUSE_LOG_DEBUG, "%s: !ret in_sg_left=%zd\n", __func__,
+ in_sg_left);
+ break;
+ }
+ if (ret != len) {
+ fuse_log(FUSE_LOG_DEBUG, "%s: ret!=len\n", __func__);
+ ret = EIO;
+ free(in_sg_cpy);
+ goto err;
+ }
+ in_sg_left -= ret;
+ len -= ret;
+ } while (in_sg_left);
+ free(in_sg_cpy);
+
+ /* Need to fix out->len on EOF */
+ if (len) {
+ struct fuse_out_header *out_sg = in_sg[0].iov_base;
+
+ tosend_len -= len;
+ out_sg->len = tosend_len;
+ }
+
+ ret = 0;
+
+ vu_queue_push(&se->virtio_dev->dev, q, elem, tosend_len);
+ vu_queue_notify(&se->virtio_dev->dev, q);
+
+err:
+ if (ret == 0) {
+ ch->qi->reply_sent = true;
+ }
+
+ return ret;
+}
+
/* Thread function for individual queues, created when a queue is 'started' */
static void *fv_queue_thread(void *opaque)
{
diff --git a/tools/virtiofsd/fuse_virtio.h b/tools/virtiofsd/fuse_virtio.h
index 135a14875a..cc676b9193 100644
--- a/tools/virtiofsd/fuse_virtio.h
+++ b/tools/virtiofsd/fuse_virtio.h
@@ -26,4 +26,8 @@ int virtio_loop(struct fuse_session *se);
int virtio_send_msg(struct fuse_session *se, struct fuse_chan *ch,
struct iovec *iov, int count);
+int virtio_send_data_iov(struct fuse_session *se, struct fuse_chan *ch,
+ struct iovec *iov, int count,
+ struct fuse_bufvec *buf, size_t len);
+
#endif

154
0038-virtiofsd-add-fd-FDNUM-fd-passing-option.patch Normal file
View File

@ -0,0 +1,154 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:07 +0000
Subject: [PATCH] virtiofsd: add --fd=FDNUM fd passing option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Although --socket-path=PATH is useful for manual invocations, management
tools typically create the UNIX domain socket themselves and pass it to
the vhost-user device backend. This way QEMU can be launched
immediately with a valid socket. No waiting for the vhost-user device
backend is required when fd passing is used.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit cee8e35d4386e34bf79c3ca2aab7f7b1bb48cf8d)
---
tools/virtiofsd/fuse_i.h | 1 +
tools/virtiofsd/fuse_lowlevel.c | 16 ++++++++++++----
tools/virtiofsd/fuse_virtio.c | 31 +++++++++++++++++++++++++------
3 files changed, 38 insertions(+), 10 deletions(-)
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index 1126723d18..45995f3246 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -68,6 +68,7 @@ struct fuse_session {
size_t bufsize;
int error;
char *vu_socket_path;
+ int vu_listen_fd;
int vu_socketfd;
struct fv_VuDev *virtio_dev;
};
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 4f4684d942..95f4db8fcf 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2130,6 +2130,7 @@ static const struct fuse_opt fuse_ll_opts[] = {
LL_OPTION("--debug", debug, 1),
LL_OPTION("allow_root", deny_others, 1),
LL_OPTION("--socket-path=%s", vu_socket_path, 0),
+ LL_OPTION("--fd=%d", vu_listen_fd, 0),
FUSE_OPT_END
};
@@ -2147,7 +2148,8 @@ void fuse_lowlevel_help(void)
*/
printf(
" -o allow_root allow access by root\n"
- " --socket-path=PATH path for the vhost-user socket\n");
+ " --socket-path=PATH path for the vhost-user socket\n"
+ " --fd=FDNUM fd number of vhost-user socket\n");
}
void fuse_session_destroy(struct fuse_session *se)
@@ -2191,6 +2193,7 @@ struct fuse_session *fuse_session_new(struct fuse_args *args,
goto out1;
}
se->fd = -1;
+ se->vu_listen_fd = -1;
se->conn.max_write = UINT_MAX;
se->conn.max_readahead = UINT_MAX;
@@ -2212,8 +2215,13 @@ struct fuse_session *fuse_session_new(struct fuse_args *args,
goto out4;
}
- if (!se->vu_socket_path) {
- fprintf(stderr, "fuse: missing -o vhost_user_socket option\n");
+ if (!se->vu_socket_path && se->vu_listen_fd < 0) {
+ fuse_log(FUSE_LOG_ERR, "fuse: missing --socket-path or --fd option\n");
+ goto out4;
+ }
+ if (se->vu_socket_path && se->vu_listen_fd >= 0) {
+ fuse_log(FUSE_LOG_ERR,
+ "fuse: --socket-path and --fd cannot be given together\n");
goto out4;
}
@@ -2253,7 +2261,7 @@ void fuse_session_unmount(struct fuse_session *se)
int fuse_lowlevel_is_virtio(struct fuse_session *se)
{
- return se->vu_socket_path != NULL;
+ return !!se->virtio_dev;
}
#ifdef linux
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 7e2711b504..635f87756a 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -638,18 +638,21 @@ int virtio_loop(struct fuse_session *se)
return 0;
}
-int virtio_session_mount(struct fuse_session *se)
+static int fv_create_listen_socket(struct fuse_session *se)
{
struct sockaddr_un un;
mode_t old_umask;
+ /* Nothing to do if fd is already initialized */
+ if (se->vu_listen_fd >= 0) {
+ return 0;
+ }
+
if (strlen(se->vu_socket_path) >= sizeof(un.sun_path)) {
fuse_log(FUSE_LOG_ERR, "Socket path too long\n");
return -1;
}
- se->fd = -1;
-
/*
* Create the Unix socket to communicate with qemu
* based on QEMU's vhost-user-bridge
@@ -682,15 +685,31 @@ int virtio_session_mount(struct fuse_session *se)
return -1;
}
+ se->vu_listen_fd = listen_sock;
+ return 0;
+}
+
+int virtio_session_mount(struct fuse_session *se)
+{
+ int ret;
+
+ ret = fv_create_listen_socket(se);
+ if (ret < 0) {
+ return ret;
+ }
+
+ se->fd = -1;
+
fuse_log(FUSE_LOG_INFO, "%s: Waiting for vhost-user socket connection...\n",
__func__);
- int data_sock = accept(listen_sock, NULL, NULL);
+ int data_sock = accept(se->vu_listen_fd, NULL, NULL);
if (data_sock == -1) {
fuse_log(FUSE_LOG_ERR, "vhost socket accept: %m\n");
- close(listen_sock);
+ close(se->vu_listen_fd);
return -1;
}
- close(listen_sock);
+ close(se->vu_listen_fd);
+ se->vu_listen_fd = -1;
fuse_log(FUSE_LOG_INFO, "%s: Received vhost-user socket connection\n",
__func__);

60
0039-virtiofsd-make-f-foreground-the-default.patch Normal file
View File

@ -0,0 +1,60 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:08 +0000
Subject: [PATCH] virtiofsd: make -f (foreground) the default
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
According to vhost-user.rst "Backend program conventions", backend
programs should run in the foregound by default. Follow the
conventions so libvirt and other management tools can control virtiofsd
in a standard way.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 0bbd31753714ac2899efda0f0de31e353e965789)
---
tools/virtiofsd/helper.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 676032e71f..a3645fc807 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -29,6 +29,11 @@
{ \
t, offsetof(struct fuse_cmdline_opts, p), 1 \
}
+#define FUSE_HELPER_OPT_VALUE(t, p, v) \
+ { \
+ t, offsetof(struct fuse_cmdline_opts, p), v \
+ }
+
static const struct fuse_opt fuse_helper_opts[] = {
FUSE_HELPER_OPT("-h", show_help),
@@ -42,6 +47,7 @@ static const struct fuse_opt fuse_helper_opts[] = {
FUSE_OPT_KEY("-d", FUSE_OPT_KEY_KEEP),
FUSE_OPT_KEY("debug", FUSE_OPT_KEY_KEEP),
FUSE_HELPER_OPT("-f", foreground),
+ FUSE_HELPER_OPT_VALUE("--daemonize", foreground, 0),
FUSE_HELPER_OPT("fsname=", nodefault_subtype),
FUSE_OPT_KEY("fsname=", FUSE_OPT_KEY_KEEP),
FUSE_HELPER_OPT("subtype=", nodefault_subtype),
@@ -131,6 +137,7 @@ void fuse_cmdline_help(void)
" -V --version print version\n"
" -d -o debug enable debug output (implies -f)\n"
" -f foreground operation\n"
+ " --daemonize run in background\n"
" -o max_idle_threads the maximum number of idle worker "
"threads\n"
" allowed (default: 10)\n");
@@ -158,6 +165,7 @@ int fuse_parse_cmdline(struct fuse_args *args, struct fuse_cmdline_opts *opts)
memset(opts, 0, sizeof(struct fuse_cmdline_opts));
opts->max_idle_threads = 10;
+ opts->foreground = 1;
if (fuse_opt_parse(args, opts, fuse_helper_opts, fuse_helper_opt_proc) ==
-1) {

57
0040-virtiofsd-add-vhost-user.json-file.patch Normal file
View File

@ -0,0 +1,57 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:09 +0000
Subject: [PATCH] virtiofsd: add vhost-user.json file
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Install a vhost-user.json file describing virtiofsd. This allows
libvirt and other management tools to enumerate vhost-user backend
programs.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 315616ed50ba15a5d7236ade8a402a93898202de)
---
.gitignore | 1 +
Makefile | 1 +
tools/virtiofsd/50-qemu-virtiofsd.json.in | 5 +++++
3 files changed, 7 insertions(+)
create mode 100644 tools/virtiofsd/50-qemu-virtiofsd.json.in
diff --git a/.gitignore b/.gitignore
index 7de868d1ea..c56ec1d122 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,6 +6,7 @@
/config-target.*
/config.status
/config-temp
+/tools/virtiofsd/50-qemu-virtiofsd.json
/elf2dmp
/trace-events-all
/trace/generated-events.h
diff --git a/Makefile b/Makefile
index 10fd31e705..aebb57aed8 100644
--- a/Makefile
+++ b/Makefile
@@ -332,6 +332,7 @@ endif
ifdef CONFIG_LINUX
HELPERS-y += virtiofsd$(EXESUF)
+vhost-user-json-y += tools/virtiofsd/50-qemu-virtiofsd.json
endif
# Sphinx does not allow building manuals into the same directory as
diff --git a/tools/virtiofsd/50-qemu-virtiofsd.json.in b/tools/virtiofsd/50-qemu-virtiofsd.json.in
new file mode 100644
index 0000000000..9bcd86f8dc
--- /dev/null
+++ b/tools/virtiofsd/50-qemu-virtiofsd.json.in
@@ -0,0 +1,5 @@
+{
+ "description": "QEMU virtiofsd vhost-user-fs",
+ "type": "fs",
+ "binary": "@libexecdir@/virtiofsd"
+}

105
0041-virtiofsd-add-print-capabilities-option.patch Normal file
View File

@ -0,0 +1,105 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:10 +0000
Subject: [PATCH] virtiofsd: add --print-capabilities option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Add the --print-capabilities option as per vhost-user.rst "Backend
programs conventions". Currently there are no advertised features.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 45018fbb0a73ce66fd3dd87ecd2872b45658add4)
---
docs/interop/vhost-user.json | 4 +++-
tools/virtiofsd/fuse_lowlevel.h | 1 +
tools/virtiofsd/helper.c | 2 ++
tools/virtiofsd/passthrough_ll.c | 12 ++++++++++++
4 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/docs/interop/vhost-user.json b/docs/interop/vhost-user.json
index da6aaf51c8..d4ea1f7ac5 100644
--- a/docs/interop/vhost-user.json
+++ b/docs/interop/vhost-user.json
@@ -31,6 +31,7 @@
# @rproc-serial: virtio remoteproc serial link
# @scsi: virtio scsi
# @vsock: virtio vsock transport
+# @fs: virtio fs (since 4.2)
#
# Since: 4.0
##
@@ -50,7 +51,8 @@
'rpmsg',
'rproc-serial',
'scsi',
- 'vsock'
+ 'vsock',
+ 'fs'
]
}
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index f6b34700af..0d61df8110 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1794,6 +1794,7 @@ struct fuse_cmdline_opts {
int nodefault_subtype;
int show_version;
int show_help;
+ int print_capabilities;
unsigned int max_idle_threads;
};
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index a3645fc807..b8ec5ac8dc 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -40,6 +40,7 @@ static const struct fuse_opt fuse_helper_opts[] = {
FUSE_HELPER_OPT("--help", show_help),
FUSE_HELPER_OPT("-V", show_version),
FUSE_HELPER_OPT("--version", show_version),
+ FUSE_HELPER_OPT("--print-capabilities", print_capabilities),
FUSE_HELPER_OPT("-d", debug),
FUSE_HELPER_OPT("debug", debug),
FUSE_HELPER_OPT("-d", foreground),
@@ -135,6 +136,7 @@ void fuse_cmdline_help(void)
{
printf(" -h --help print help\n"
" -V --version print version\n"
+ " --print-capabilities print vhost-user.json\n"
" -d -o debug enable debug output (implies -f)\n"
" -f foreground operation\n"
" --daemonize run in background\n"
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 037c5d7b26..cd27c09f59 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1298,6 +1298,14 @@ static struct fuse_lowlevel_ops lo_oper = {
.lseek = lo_lseek,
};
+/* Print vhost-user.json backend program capabilities */
+static void print_capabilities(void)
+{
+ printf("{\n");
+ printf(" \"type\": \"fs\"\n");
+ printf("}\n");
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -1328,6 +1336,10 @@ int main(int argc, char *argv[])
fuse_lowlevel_version();
ret = 0;
goto err_out1;
+ } else if (opts.print_capabilities) {
+ print_capabilities();
+ ret = 0;
+ goto err_out1;
}
if (fuse_opt_parse(&args, &lo, lo_opts, NULL) == -1) {

36
0042-virtiofs-Add-maintainers-entry.patch Normal file
View File

@ -0,0 +1,36 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:11 +0000
Subject: [PATCH] virtiofs: Add maintainers entry
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit bad7d2c3ad1af9344df035aedaf8e0967a543070)
---
MAINTAINERS | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 5e5e3e52d6..d1b3e262d2 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1575,6 +1575,14 @@ T: git https://github.com/cohuck/qemu.git s390-next
T: git https://github.com/borntraeger/qemu.git s390-next
L: qemu-s390x@nongnu.org
+virtiofs
+M: Dr. David Alan Gilbert <dgilbert@redhat.com>
+M: Stefan Hajnoczi <stefanha@redhat.com>
+S: Supported
+F: tools/virtiofsd/*
+F: hw/virtio/vhost-user-fs*
+F: include/hw/virtio/vhost-user-fs.h
+
virtio-input
M: Gerd Hoffmann <kraxel@redhat.com>
S: Maintained

179
0043-virtiofsd-passthrough_ll-create-new-files-in-caller-.patch Normal file
View File

@ -0,0 +1,179 @@
From: Vivek Goyal <vgoyal@redhat.com>
Date: Mon, 27 Jan 2020 19:01:12 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: create new files in caller's
context
We need to create files in the caller's context. Otherwise after
creating a file, the caller might not be able to do file operations on
that file.
Changed effective uid/gid to caller's uid/gid, create file and then
switch back to uid/gid 0.
Use syscall(setresuid, ...) otherwise glibc does some magic to change EUID
in all threads, which is not what we want.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 929cfb7a9a1b101cdfc9ac19807ecab4c81a13e4)
---
tools/virtiofsd/passthrough_ll.c | 96 ++++++++++++++++++++++++++++++--
1 file changed, 91 insertions(+), 5 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index cd27c09f59..5e061797d4 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -50,6 +50,7 @@
#include <stdlib.h>
#include <string.h>
#include <sys/file.h>
+#include <sys/syscall.h>
#include <sys/xattr.h>
#include <unistd.h>
@@ -83,6 +84,11 @@ struct lo_inode {
uint64_t refcount; /* protected by lo->mutex */
};
+struct lo_cred {
+ uid_t euid;
+ gid_t egid;
+};
+
enum {
CACHE_NEVER,
CACHE_NORMAL,
@@ -383,6 +389,69 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
}
}
+/*
+ * On some archs, setres*id is limited to 2^16 but they
+ * provide setres*id32 variants that allow 2^32.
+ * Others just let setres*id do 2^32 anyway.
+ */
+#ifdef SYS_setresgid32
+#define OURSYS_setresgid SYS_setresgid32
+#else
+#define OURSYS_setresgid SYS_setresgid
+#endif
+
+#ifdef SYS_setresuid32
+#define OURSYS_setresuid SYS_setresuid32
+#else
+#define OURSYS_setresuid SYS_setresuid
+#endif
+
+/*
+ * Change to uid/gid of caller so that file is created with
+ * ownership of caller.
+ * TODO: What about selinux context?
+ */
+static int lo_change_cred(fuse_req_t req, struct lo_cred *old)
+{
+ int res;
+
+ old->euid = geteuid();
+ old->egid = getegid();
+
+ res = syscall(OURSYS_setresgid, -1, fuse_req_ctx(req)->gid, -1);
+ if (res == -1) {
+ return errno;
+ }
+
+ res = syscall(OURSYS_setresuid, -1, fuse_req_ctx(req)->uid, -1);
+ if (res == -1) {
+ int errno_save = errno;
+
+ syscall(OURSYS_setresgid, -1, old->egid, -1);
+ return errno_save;
+ }
+
+ return 0;
+}
+
+/* Regain Privileges */
+static void lo_restore_cred(struct lo_cred *old)
+{
+ int res;
+
+ res = syscall(OURSYS_setresuid, -1, old->euid, -1);
+ if (res == -1) {
+ fuse_log(FUSE_LOG_ERR, "seteuid(%u): %m\n", old->euid);
+ exit(1);
+ }
+
+ res = syscall(OURSYS_setresgid, -1, old->egid, -1);
+ if (res == -1) {
+ fuse_log(FUSE_LOG_ERR, "setegid(%u): %m\n", old->egid);
+ exit(1);
+ }
+}
+
static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
const char *name, mode_t mode, dev_t rdev,
const char *link)
@@ -391,12 +460,21 @@ static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
int saverr;
struct lo_inode *dir = lo_inode(req, parent);
struct fuse_entry_param e;
+ struct lo_cred old = {};
saverr = ENOMEM;
+ saverr = lo_change_cred(req, &old);
+ if (saverr) {
+ goto out;
+ }
+
res = mknod_wrapper(dir->fd, name, link, mode, rdev);
saverr = errno;
+
+ lo_restore_cred(&old);
+
if (res == -1) {
goto out;
}
@@ -794,26 +872,34 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name,
struct lo_data *lo = lo_data(req);
struct fuse_entry_param e;
int err;
+ struct lo_cred old = {};
if (lo_debug(req)) {
fuse_log(FUSE_LOG_DEBUG, "lo_create(parent=%" PRIu64 ", name=%s)\n",
parent, name);
}
+ err = lo_change_cred(req, &old);
+ if (err) {
+ goto out;
+ }
+
fd = openat(lo_fd(req, parent), name, (fi->flags | O_CREAT) & ~O_NOFOLLOW,
mode);
- if (fd == -1) {
- return (void)fuse_reply_err(req, errno);
- }
+ err = fd == -1 ? errno : 0;
+ lo_restore_cred(&old);
- fi->fh = fd;
+ if (!err) {
+ fi->fh = fd;
+ err = lo_do_lookup(req, parent, name, &e);
+ }
if (lo->cache == CACHE_NEVER) {
fi->direct_io = 1;
} else if (lo->cache == CACHE_ALWAYS) {
fi->keep_cache = 1;
}
- err = lo_do_lookup(req, parent, name, &e);
+out:
if (err) {
fuse_reply_err(req, err);
} else {

162
0044-virtiofsd-passthrough_ll-add-lo_map-for-ino-fh-indir.patch Normal file
View File

@ -0,0 +1,162 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:13 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add lo_map for ino/fh indirection
A layer of indirection is needed because passthrough_ll cannot expose
pointers or file descriptor numbers to untrusted clients. Malicious
clients could send invalid pointers or file descriptors in order to
crash or exploit the file system daemon.
lo_map provides an integer key->value mapping. This will be used for
ino and fh fields in the patches that follow.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 25c135727b08dca90f00094e522a69170b13dfac)
---
tools/virtiofsd/passthrough_ll.c | 124 +++++++++++++++++++++++++++++++
1 file changed, 124 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 5e061797d4..e83a976587 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -74,6 +74,21 @@ struct _uintptr_to_must_hold_fuse_ino_t_dummy_struct {
};
#endif
+struct lo_map_elem {
+ union {
+ /* Element values will go here... */
+ ssize_t freelist;
+ };
+ bool in_use;
+};
+
+/* Maps FUSE fh or ino values to internal objects */
+struct lo_map {
+ struct lo_map_elem *elems;
+ size_t nelems;
+ ssize_t freelist;
+};
+
struct lo_inode {
struct lo_inode *next; /* protected by lo->mutex */
struct lo_inode *prev; /* protected by lo->mutex */
@@ -130,6 +145,115 @@ static struct lo_data *lo_data(fuse_req_t req)
return (struct lo_data *)fuse_req_userdata(req);
}
+__attribute__((unused)) static void lo_map_init(struct lo_map *map)
+{
+ map->elems = NULL;
+ map->nelems = 0;
+ map->freelist = -1;
+}
+
+__attribute__((unused)) static void lo_map_destroy(struct lo_map *map)
+{
+ free(map->elems);
+}
+
+static int lo_map_grow(struct lo_map *map, size_t new_nelems)
+{
+ struct lo_map_elem *new_elems;
+ size_t i;
+
+ if (new_nelems <= map->nelems) {
+ return 1;
+ }
+
+ new_elems = realloc(map->elems, sizeof(map->elems[0]) * new_nelems);
+ if (!new_elems) {
+ return 0;
+ }
+
+ for (i = map->nelems; i < new_nelems; i++) {
+ new_elems[i].freelist = i + 1;
+ new_elems[i].in_use = false;
+ }
+ new_elems[new_nelems - 1].freelist = -1;
+
+ map->elems = new_elems;
+ map->freelist = map->nelems;
+ map->nelems = new_nelems;
+ return 1;
+}
+
+__attribute__((unused)) static struct lo_map_elem *
+lo_map_alloc_elem(struct lo_map *map)
+{
+ struct lo_map_elem *elem;
+
+ if (map->freelist == -1 && !lo_map_grow(map, map->nelems + 256)) {
+ return NULL;
+ }
+
+ elem = &map->elems[map->freelist];
+ map->freelist = elem->freelist;
+
+ elem->in_use = true;
+
+ return elem;
+}
+
+__attribute__((unused)) static struct lo_map_elem *
+lo_map_reserve(struct lo_map *map, size_t key)
+{
+ ssize_t *prev;
+
+ if (!lo_map_grow(map, key + 1)) {
+ return NULL;
+ }
+
+ for (prev = &map->freelist; *prev != -1;
+ prev = &map->elems[*prev].freelist) {
+ if (*prev == key) {
+ struct lo_map_elem *elem = &map->elems[key];
+
+ *prev = elem->freelist;
+ elem->in_use = true;
+ return elem;
+ }
+ }
+ return NULL;
+}
+
+__attribute__((unused)) static struct lo_map_elem *
+lo_map_get(struct lo_map *map, size_t key)
+{
+ if (key >= map->nelems) {
+ return NULL;
+ }
+ if (!map->elems[key].in_use) {
+ return NULL;
+ }
+ return &map->elems[key];
+}
+
+__attribute__((unused)) static void lo_map_remove(struct lo_map *map,
+ size_t key)
+{
+ struct lo_map_elem *elem;
+
+ if (key >= map->nelems) {
+ return;
+ }
+
+ elem = &map->elems[key];
+ if (!elem->in_use) {
+ return;
+ }
+
+ elem->in_use = false;
+
+ elem->freelist = map->freelist;
+ map->freelist = key;
+}
+
static struct lo_inode *lo_inode(fuse_req_t req, fuse_ino_t ino)
{
if (ino == FUSE_ROOT_ID) {

376
0045-virtiofsd-passthrough_ll-add-ino_map-to-hide-lo_inod.patch Normal file
View File

@ -0,0 +1,376 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:14 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add ino_map to hide lo_inode
pointers
Do not expose lo_inode pointers to clients.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 92fb57b83cdbfc4bf53c0c46a3d0bcbc36e64126)
---
tools/virtiofsd/passthrough_ll.c | 144 ++++++++++++++++++++++++-------
1 file changed, 114 insertions(+), 30 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index e83a976587..a3ebf74eab 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -57,8 +57,8 @@
#include "passthrough_helpers.h"
/*
- * We are re-using pointers to our `struct lo_inode` and `struct
- * lo_dirp` elements as inodes. This means that we must be able to
+ * We are re-using pointers to our `struct lo_inode`
+ * elements as inodes. This means that we must be able to
* store uintptr_t values in a fuse_ino_t variable. The following
* incantation checks this condition at compile time.
*/
@@ -76,7 +76,7 @@ struct _uintptr_to_must_hold_fuse_ino_t_dummy_struct {
struct lo_map_elem {
union {
- /* Element values will go here... */
+ struct lo_inode *inode;
ssize_t freelist;
};
bool in_use;
@@ -97,6 +97,7 @@ struct lo_inode {
ino_t ino;
dev_t dev;
uint64_t refcount; /* protected by lo->mutex */
+ fuse_ino_t fuse_ino;
};
struct lo_cred {
@@ -121,6 +122,7 @@ struct lo_data {
int cache;
int timeout_set;
struct lo_inode root; /* protected by lo->mutex */
+ struct lo_map ino_map; /* protected by lo->mutex */
};
static const struct fuse_opt lo_opts[] = {
@@ -145,14 +147,14 @@ static struct lo_data *lo_data(fuse_req_t req)
return (struct lo_data *)fuse_req_userdata(req);
}
-__attribute__((unused)) static void lo_map_init(struct lo_map *map)
+static void lo_map_init(struct lo_map *map)
{
map->elems = NULL;
map->nelems = 0;
map->freelist = -1;
}
-__attribute__((unused)) static void lo_map_destroy(struct lo_map *map)
+static void lo_map_destroy(struct lo_map *map)
{
free(map->elems);
}
@@ -183,8 +185,7 @@ static int lo_map_grow(struct lo_map *map, size_t new_nelems)
return 1;
}
-__attribute__((unused)) static struct lo_map_elem *
-lo_map_alloc_elem(struct lo_map *map)
+static struct lo_map_elem *lo_map_alloc_elem(struct lo_map *map)
{
struct lo_map_elem *elem;
@@ -200,8 +201,7 @@ lo_map_alloc_elem(struct lo_map *map)
return elem;
}
-__attribute__((unused)) static struct lo_map_elem *
-lo_map_reserve(struct lo_map *map, size_t key)
+static struct lo_map_elem *lo_map_reserve(struct lo_map *map, size_t key)
{
ssize_t *prev;
@@ -222,8 +222,7 @@ lo_map_reserve(struct lo_map *map, size_t key)
return NULL;
}
-__attribute__((unused)) static struct lo_map_elem *
-lo_map_get(struct lo_map *map, size_t key)
+static struct lo_map_elem *lo_map_get(struct lo_map *map, size_t key)
{
if (key >= map->nelems) {
return NULL;
@@ -234,8 +233,7 @@ lo_map_get(struct lo_map *map, size_t key)
return &map->elems[key];
}
-__attribute__((unused)) static void lo_map_remove(struct lo_map *map,
- size_t key)
+static void lo_map_remove(struct lo_map *map, size_t key)
{
struct lo_map_elem *elem;
@@ -254,18 +252,40 @@ __attribute__((unused)) static void lo_map_remove(struct lo_map *map,
map->freelist = key;
}
+/* Assumes lo->mutex is held */
+static ssize_t lo_add_inode_mapping(fuse_req_t req, struct lo_inode *inode)
+{
+ struct lo_map_elem *elem;
+
+ elem = lo_map_alloc_elem(&lo_data(req)->ino_map);
+ if (!elem) {
+ return -1;
+ }
+
+ elem->inode = inode;
+ return elem - lo_data(req)->ino_map.elems;
+}
+
static struct lo_inode *lo_inode(fuse_req_t req, fuse_ino_t ino)
{
- if (ino == FUSE_ROOT_ID) {
- return &lo_data(req)->root;
- } else {
- return (struct lo_inode *)(uintptr_t)ino;
+ struct lo_data *lo = lo_data(req);
+ struct lo_map_elem *elem;
+
+ pthread_mutex_lock(&lo->mutex);
+ elem = lo_map_get(&lo->ino_map, ino);
+ pthread_mutex_unlock(&lo->mutex);
+
+ if (!elem) {
+ return NULL;
}
+
+ return elem->inode;
}
static int lo_fd(fuse_req_t req, fuse_ino_t ino)
{
- return lo_inode(req, ino)->fd;
+ struct lo_inode *inode = lo_inode(req, ino);
+ return inode ? inode->fd : -1;
}
static bool lo_debug(fuse_req_t req)
@@ -337,10 +357,18 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
{
int saverr;
char procname[64];
- struct lo_inode *inode = lo_inode(req, ino);
- int ifd = inode->fd;
+ struct lo_inode *inode;
+ int ifd;
int res;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ ifd = inode->fd;
+
if (valid & FUSE_SET_ATTR_MODE) {
if (fi) {
res = fchmod(fi->fh, attr->st_mode);
@@ -470,6 +498,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
inode->dev = e->attr.st_dev;
pthread_mutex_lock(&lo->mutex);
+ inode->fuse_ino = lo_add_inode_mapping(req, inode);
prev = &lo->root;
next = prev->next;
next->prev = inode;
@@ -478,7 +507,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
prev->next = inode;
pthread_mutex_unlock(&lo->mutex);
}
- e->ino = (uintptr_t)inode;
+ e->ino = inode->fuse_ino;
if (lo_debug(req)) {
fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n",
@@ -582,10 +611,16 @@ static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
{
int res;
int saverr;
- struct lo_inode *dir = lo_inode(req, parent);
+ struct lo_inode *dir;
struct fuse_entry_param e;
struct lo_cred old = {};
+ dir = lo_inode(req, parent);
+ if (!dir) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
saverr = ENOMEM;
saverr = lo_change_cred(req, &old);
@@ -663,10 +698,16 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
{
int res;
struct lo_data *lo = lo_data(req);
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
struct fuse_entry_param e;
int saverr;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
memset(&e, 0, sizeof(struct fuse_entry_param));
e.attr_timeout = lo->timeout;
e.entry_timeout = lo->timeout;
@@ -684,7 +725,7 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
pthread_mutex_lock(&lo->mutex);
inode->refcount++;
pthread_mutex_unlock(&lo->mutex);
- e.ino = (uintptr_t)inode;
+ e.ino = inode->fuse_ino;
if (lo_debug(req)) {
fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n",
@@ -750,10 +791,10 @@ static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n)
next->prev = prev;
prev->next = next;
+ lo_map_remove(&lo->ino_map, inode->fuse_ino);
pthread_mutex_unlock(&lo->mutex);
close(inode->fd);
free(inode);
-
} else {
pthread_mutex_unlock(&lo->mutex);
}
@@ -762,7 +803,12 @@ static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n)
static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
{
struct lo_data *lo = lo_data(req);
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
+
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ return;
+ }
if (lo_debug(req)) {
fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n",
@@ -1244,10 +1290,16 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
{
char *value = NULL;
char procname[64];
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
ssize_t ret;
int saverr;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
saverr = ENOSYS;
if (!lo_data(req)->xattr) {
goto out;
@@ -1306,10 +1358,16 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
{
char *value = NULL;
char procname[64];
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
ssize_t ret;
int saverr;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
saverr = ENOSYS;
if (!lo_data(req)->xattr) {
goto out;
@@ -1367,10 +1425,16 @@ static void lo_setxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
const char *value, size_t size, int flags)
{
char procname[64];
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
ssize_t ret;
int saverr;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
saverr = ENOSYS;
if (!lo_data(req)->xattr) {
goto out;
@@ -1400,10 +1464,16 @@ out:
static void lo_removexattr(fuse_req_t req, fuse_ino_t ino, const char *name)
{
char procname[64];
- struct lo_inode *inode = lo_inode(req, ino);
+ struct lo_inode *inode;
ssize_t ret;
int saverr;
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
saverr = ENOSYS;
if (!lo_data(req)->xattr) {
goto out;
@@ -1522,6 +1592,7 @@ int main(int argc, char *argv[])
struct fuse_session *se;
struct fuse_cmdline_opts opts;
struct lo_data lo = { .debug = 0, .writeback = 0 };
+ struct lo_map_elem *root_elem;
int ret = -1;
/* Don't mask creation mode, kernel already did that */
@@ -1530,8 +1601,19 @@ int main(int argc, char *argv[])
pthread_mutex_init(&lo.mutex, NULL);
lo.root.next = lo.root.prev = &lo.root;
lo.root.fd = -1;
+ lo.root.fuse_ino = FUSE_ROOT_ID;
lo.cache = CACHE_NORMAL;
+ /*
+ * Set up the ino map like this:
+ * [0] Reserved (will not be used)
+ * [1] Root inode
+ */
+ lo_map_init(&lo.ino_map);
+ lo_map_reserve(&lo.ino_map, 0)->in_use = false;
+ root_elem = lo_map_reserve(&lo.ino_map, lo.root.fuse_ino);
+ root_elem->inode = &lo.root;
+
if (fuse_parse_cmdline(&args, &opts) != 0) {
return 1;
}
@@ -1628,6 +1710,8 @@ err_out2:
err_out1:
fuse_opt_free_args(&args);
+ lo_map_destroy(&lo.ino_map);
+
if (lo.root.fd >= 0) {
close(lo.root.fd);
}

222
0046-virtiofsd-passthrough_ll-add-dirp_map-to-hide-lo_dir.patch Normal file
View File

@ -0,0 +1,222 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:15 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add dirp_map to hide lo_dirp
pointers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Do not expose lo_dirp pointers to clients.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit b39bce121bfad8757eec0ee41f14607b883935d3)
---
tools/virtiofsd/passthrough_ll.c | 103 +++++++++++++++++++++++--------
1 file changed, 76 insertions(+), 27 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index a3ebf74eab..5f5a72fdbb 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -56,27 +56,10 @@
#include "passthrough_helpers.h"
-/*
- * We are re-using pointers to our `struct lo_inode`
- * elements as inodes. This means that we must be able to
- * store uintptr_t values in a fuse_ino_t variable. The following
- * incantation checks this condition at compile time.
- */
-#if defined(__GNUC__) && \
- (__GNUC__ > 4 || __GNUC__ == 4 && __GNUC_MINOR__ >= 6) && \
- !defined __cplusplus
-_Static_assert(sizeof(fuse_ino_t) >= sizeof(uintptr_t),
- "fuse_ino_t too small to hold uintptr_t values!");
-#else
-struct _uintptr_to_must_hold_fuse_ino_t_dummy_struct {
- unsigned _uintptr_to_must_hold_fuse_ino_t
- : ((sizeof(fuse_ino_t) >= sizeof(uintptr_t)) ? 1 : -1);
-};
-#endif
-
struct lo_map_elem {
union {
struct lo_inode *inode;
+ struct lo_dirp *dirp;
ssize_t freelist;
};
bool in_use;
@@ -123,6 +106,7 @@ struct lo_data {
int timeout_set;
struct lo_inode root; /* protected by lo->mutex */
struct lo_map ino_map; /* protected by lo->mutex */
+ struct lo_map dirp_map; /* protected by lo->mutex */
};
static const struct fuse_opt lo_opts[] = {
@@ -252,6 +236,20 @@ static void lo_map_remove(struct lo_map *map, size_t key)
map->freelist = key;
}
+/* Assumes lo->mutex is held */
+static ssize_t lo_add_dirp_mapping(fuse_req_t req, struct lo_dirp *dirp)
+{
+ struct lo_map_elem *elem;
+
+ elem = lo_map_alloc_elem(&lo_data(req)->dirp_map);
+ if (!elem) {
+ return -1;
+ }
+
+ elem->dirp = dirp;
+ return elem - lo_data(req)->dirp_map.elems;
+}
+
/* Assumes lo->mutex is held */
static ssize_t lo_add_inode_mapping(fuse_req_t req, struct lo_inode *inode)
{
@@ -861,9 +859,19 @@ struct lo_dirp {
off_t offset;
};
-static struct lo_dirp *lo_dirp(struct fuse_file_info *fi)
+static struct lo_dirp *lo_dirp(fuse_req_t req, struct fuse_file_info *fi)
{
- return (struct lo_dirp *)(uintptr_t)fi->fh;
+ struct lo_data *lo = lo_data(req);
+ struct lo_map_elem *elem;
+
+ pthread_mutex_lock(&lo->mutex);
+ elem = lo_map_get(&lo->dirp_map, fi->fh);
+ pthread_mutex_unlock(&lo->mutex);
+ if (!elem) {
+ return NULL;
+ }
+
+ return elem->dirp;
}
static void lo_opendir(fuse_req_t req, fuse_ino_t ino,
@@ -873,6 +881,7 @@ static void lo_opendir(fuse_req_t req, fuse_ino_t ino,
struct lo_data *lo = lo_data(req);
struct lo_dirp *d;
int fd;
+ ssize_t fh;
d = calloc(1, sizeof(struct lo_dirp));
if (d == NULL) {
@@ -892,7 +901,14 @@ static void lo_opendir(fuse_req_t req, fuse_ino_t ino,
d->offset = 0;
d->entry = NULL;
- fi->fh = (uintptr_t)d;
+ pthread_mutex_lock(&lo->mutex);
+ fh = lo_add_dirp_mapping(req, d);
+ pthread_mutex_unlock(&lo->mutex);
+ if (fh == -1) {
+ goto out_err;
+ }
+
+ fi->fh = fh;
if (lo->cache == CACHE_ALWAYS) {
fi->keep_cache = 1;
}
@@ -903,6 +919,9 @@ out_errno:
error = errno;
out_err:
if (d) {
+ if (d->dp) {
+ closedir(d->dp);
+ }
if (fd != -1) {
close(fd);
}
@@ -920,17 +939,21 @@ static int is_dot_or_dotdot(const char *name)
static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
off_t offset, struct fuse_file_info *fi, int plus)
{
- struct lo_dirp *d = lo_dirp(fi);
- char *buf;
+ struct lo_dirp *d;
+ char *buf = NULL;
char *p;
size_t rem = size;
- int err;
+ int err = ENOMEM;
(void)ino;
+ d = lo_dirp(req, fi);
+ if (!d) {
+ goto error;
+ }
+
buf = calloc(1, size);
if (!buf) {
- err = ENOMEM;
goto error;
}
p = buf;
@@ -1028,8 +1051,21 @@ static void lo_readdirplus(fuse_req_t req, fuse_ino_t ino, size_t size,
static void lo_releasedir(fuse_req_t req, fuse_ino_t ino,
struct fuse_file_info *fi)
{
- struct lo_dirp *d = lo_dirp(fi);
+ struct lo_data *lo = lo_data(req);
+ struct lo_dirp *d;
+
(void)ino;
+
+ d = lo_dirp(req, fi);
+ if (!d) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ pthread_mutex_lock(&lo->mutex);
+ lo_map_remove(&lo->dirp_map, fi->fh);
+ pthread_mutex_unlock(&lo->mutex);
+
closedir(d->dp);
free(d);
fuse_reply_err(req, 0);
@@ -1081,8 +1117,18 @@ static void lo_fsyncdir(fuse_req_t req, fuse_ino_t ino, int datasync,
struct fuse_file_info *fi)
{
int res;
- int fd = dirfd(lo_dirp(fi)->dp);
+ struct lo_dirp *d;
+ int fd;
+
(void)ino;
+
+ d = lo_dirp(req, fi);
+ if (!d) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ fd = dirfd(d->dp);
if (datasync) {
res = fdatasync(fd);
} else {
@@ -1614,6 +1660,8 @@ int main(int argc, char *argv[])
root_elem = lo_map_reserve(&lo.ino_map, lo.root.fuse_ino);
root_elem->inode = &lo.root;
+ lo_map_init(&lo.dirp_map);
+
if (fuse_parse_cmdline(&args, &opts) != 0) {
return 1;
}
@@ -1710,6 +1758,7 @@ err_out2:
err_out1:
fuse_opt_free_args(&args);
+ lo_map_destroy(&lo.dirp_map);
lo_map_destroy(&lo.ino_map);
if (lo.root.fd >= 0) {

308
0047-virtiofsd-passthrough_ll-add-fd_map-to-hide-file-des.patch Normal file
View File

@ -0,0 +1,308 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:16 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add fd_map to hide file
descriptors
Do not expose file descriptor numbers to clients. This prevents the
abuse of internal file descriptors (like stdin/stdout).
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Fix from:
Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
dgilbert:
Added lseek
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 73b4d19dfc4248a74c1f3e511cfa934681d9c602)
---
tools/virtiofsd/passthrough_ll.c | 116 +++++++++++++++++++++++++------
1 file changed, 94 insertions(+), 22 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 5f5a72fdbb..9815bfa5c5 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -60,6 +60,7 @@ struct lo_map_elem {
union {
struct lo_inode *inode;
struct lo_dirp *dirp;
+ int fd;
ssize_t freelist;
};
bool in_use;
@@ -107,6 +108,7 @@ struct lo_data {
struct lo_inode root; /* protected by lo->mutex */
struct lo_map ino_map; /* protected by lo->mutex */
struct lo_map dirp_map; /* protected by lo->mutex */
+ struct lo_map fd_map; /* protected by lo->mutex */
};
static const struct fuse_opt lo_opts[] = {
@@ -236,6 +238,20 @@ static void lo_map_remove(struct lo_map *map, size_t key)
map->freelist = key;
}
+/* Assumes lo->mutex is held */
+static ssize_t lo_add_fd_mapping(fuse_req_t req, int fd)
+{
+ struct lo_map_elem *elem;
+
+ elem = lo_map_alloc_elem(&lo_data(req)->fd_map);
+ if (!elem) {
+ return -1;
+ }
+
+ elem->fd = fd;
+ return elem - lo_data(req)->fd_map.elems;
+}
+
/* Assumes lo->mutex is held */
static ssize_t lo_add_dirp_mapping(fuse_req_t req, struct lo_dirp *dirp)
{
@@ -350,6 +366,22 @@ static int utimensat_empty_nofollow(struct lo_inode *inode,
return utimensat(AT_FDCWD, procname, tv, 0);
}
+static int lo_fi_fd(fuse_req_t req, struct fuse_file_info *fi)
+{
+ struct lo_data *lo = lo_data(req);
+ struct lo_map_elem *elem;
+
+ pthread_mutex_lock(&lo->mutex);
+ elem = lo_map_get(&lo->fd_map, fi->fh);
+ pthread_mutex_unlock(&lo->mutex);
+
+ if (!elem) {
+ return -1;
+ }
+
+ return elem->fd;
+}
+
static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
int valid, struct fuse_file_info *fi)
{
@@ -358,6 +390,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
struct lo_inode *inode;
int ifd;
int res;
+ int fd;
inode = lo_inode(req, ino);
if (!inode) {
@@ -367,9 +400,14 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
ifd = inode->fd;
+ /* If fi->fh is invalid we'll report EBADF later */
+ if (fi) {
+ fd = lo_fi_fd(req, fi);
+ }
+
if (valid & FUSE_SET_ATTR_MODE) {
if (fi) {
- res = fchmod(fi->fh, attr->st_mode);
+ res = fchmod(fd, attr->st_mode);
} else {
sprintf(procname, "/proc/self/fd/%i", ifd);
res = chmod(procname, attr->st_mode);
@@ -389,7 +427,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
}
if (valid & FUSE_SET_ATTR_SIZE) {
if (fi) {
- res = ftruncate(fi->fh, attr->st_size);
+ res = ftruncate(fd, attr->st_size);
} else {
sprintf(procname, "/proc/self/fd/%i", ifd);
res = truncate(procname, attr->st_size);
@@ -419,7 +457,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
}
if (fi) {
- res = futimens(fi->fh, tv);
+ res = futimens(fd, tv);
} else {
res = utimensat_empty_nofollow(inode, tv);
}
@@ -1096,7 +1134,18 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name,
lo_restore_cred(&old);
if (!err) {
- fi->fh = fd;
+ ssize_t fh;
+
+ pthread_mutex_lock(&lo->mutex);
+ fh = lo_add_fd_mapping(req, fd);
+ pthread_mutex_unlock(&lo->mutex);
+ if (fh == -1) {
+ close(fd);
+ fuse_reply_err(req, ENOMEM);
+ return;
+ }
+
+ fi->fh = fh;
err = lo_do_lookup(req, parent, name, &e);
}
if (lo->cache == CACHE_NEVER) {
@@ -1140,6 +1189,7 @@ static void lo_fsyncdir(fuse_req_t req, fuse_ino_t ino, int datasync,
static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
{
int fd;
+ ssize_t fh;
char buf[64];
struct lo_data *lo = lo_data(req);
@@ -1175,7 +1225,16 @@ static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
return (void)fuse_reply_err(req, errno);
}
- fi->fh = fd;
+ pthread_mutex_lock(&lo->mutex);
+ fh = lo_add_fd_mapping(req, fd);
+ pthread_mutex_unlock(&lo->mutex);
+ if (fh == -1) {
+ close(fd);
+ fuse_reply_err(req, ENOMEM);
+ return;
+ }
+
+ fi->fh = fh;
if (lo->cache == CACHE_NEVER) {
fi->direct_io = 1;
} else if (lo->cache == CACHE_ALWAYS) {
@@ -1187,9 +1246,18 @@ static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
static void lo_release(fuse_req_t req, fuse_ino_t ino,
struct fuse_file_info *fi)
{
+ struct lo_data *lo = lo_data(req);
+ int fd;
+
(void)ino;
- close(fi->fh);
+ fd = lo_fi_fd(req, fi);
+
+ pthread_mutex_lock(&lo->mutex);
+ lo_map_remove(&lo->fd_map, fi->fh);
+ pthread_mutex_unlock(&lo->mutex);
+
+ close(fd);
fuse_reply_err(req, 0);
}
@@ -1197,7 +1265,7 @@ static void lo_flush(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
{
int res;
(void)ino;
- res = close(dup(fi->fh));
+ res = close(dup(lo_fi_fd(req, fi)));
fuse_reply_err(req, res == -1 ? errno : 0);
}
@@ -1224,7 +1292,7 @@ static void lo_fsync(fuse_req_t req, fuse_ino_t ino, int datasync,
return (void)fuse_reply_err(req, errno);
}
} else {
- fd = fi->fh;
+ fd = lo_fi_fd(req, fi);
}
if (datasync) {
@@ -1251,7 +1319,7 @@ static void lo_read(fuse_req_t req, fuse_ino_t ino, size_t size, off_t offset,
}
buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK;
- buf.buf[0].fd = fi->fh;
+ buf.buf[0].fd = lo_fi_fd(req, fi);
buf.buf[0].pos = offset;
fuse_reply_data(req, &buf);
@@ -1266,7 +1334,7 @@ static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
struct fuse_bufvec out_buf = FUSE_BUFVEC_INIT(fuse_buf_size(in_buf));
out_buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK;
- out_buf.buf[0].fd = fi->fh;
+ out_buf.buf[0].fd = lo_fi_fd(req, fi);
out_buf.buf[0].pos = off;
if (lo_debug(req)) {
@@ -1303,7 +1371,7 @@ static void lo_fallocate(fuse_req_t req, fuse_ino_t ino, int mode, off_t offset,
(void)ino;
#ifdef CONFIG_FALLOCATE
- err = fallocate(fi->fh, mode, offset, length);
+ err = fallocate(lo_fi_fd(req, fi), mode, offset, length);
if (err < 0) {
err = errno;
}
@@ -1314,7 +1382,7 @@ static void lo_fallocate(fuse_req_t req, fuse_ino_t ino, int mode, off_t offset,
return;
}
- err = posix_fallocate(fi->fh, offset, length);
+ err = posix_fallocate(lo_fi_fd(req, fi), offset, length);
#endif
fuse_reply_err(req, err);
@@ -1326,7 +1394,7 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
int res;
(void)ino;
- res = flock(fi->fh, op);
+ res = flock(lo_fi_fd(req, fi), op);
fuse_reply_err(req, res == -1 ? errno : 0);
}
@@ -1551,17 +1619,19 @@ static void lo_copy_file_range(fuse_req_t req, fuse_ino_t ino_in, off_t off_in,
off_t off_out, struct fuse_file_info *fi_out,
size_t len, int flags)
{
+ int in_fd, out_fd;
ssize_t res;
- if (lo_debug(req))
- fuse_log(FUSE_LOG_DEBUG,
- "lo_copy_file_range(ino=%" PRIu64 "/fd=%lu, "
- "off=%lu, ino=%" PRIu64 "/fd=%lu, "
- "off=%lu, size=%zd, flags=0x%x)\n",
- ino_in, fi_in->fh, off_in, ino_out, fi_out->fh, off_out, len,
- flags);
+ in_fd = lo_fi_fd(req, fi_in);
+ out_fd = lo_fi_fd(req, fi_out);
+
+ fuse_log(FUSE_LOG_DEBUG,
+ "lo_copy_file_range(ino=%" PRIu64 "/fd=%d, "
+ "off=%lu, ino=%" PRIu64 "/fd=%d, "
+ "off=%lu, size=%zd, flags=0x%x)\n",
+ ino_in, in_fd, off_in, ino_out, out_fd, off_out, len, flags);
- res = copy_file_range(fi_in->fh, &off_in, fi_out->fh, &off_out, len, flags);
+ res = copy_file_range(in_fd, &off_in, out_fd, &off_out, len, flags);
if (res < 0) {
fuse_reply_err(req, -errno);
} else {
@@ -1576,7 +1646,7 @@ static void lo_lseek(fuse_req_t req, fuse_ino_t ino, off_t off, int whence,
off_t res;
(void)ino;
- res = lseek(fi->fh, off, whence);
+ res = lseek(lo_fi_fd(req, fi), off, whence);
if (res != -1) {
fuse_reply_lseek(req, res);
} else {
@@ -1661,6 +1731,7 @@ int main(int argc, char *argv[])
root_elem->inode = &lo.root;
lo_map_init(&lo.dirp_map);
+ lo_map_init(&lo.fd_map);
if (fuse_parse_cmdline(&args, &opts) != 0) {
return 1;
@@ -1758,6 +1829,7 @@ err_out2:
err_out1:
fuse_opt_free_args(&args);
+ lo_map_destroy(&lo.fd_map);
lo_map_destroy(&lo.dirp_map);
lo_map_destroy(&lo.ino_map);

284
0048-virtiofsd-passthrough_ll-add-fallback-for-racy-ops.patch Normal file
View File

@ -0,0 +1,284 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:17 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add fallback for racy ops
We have two operations that cannot be done race-free on a symlink in
certain cases: utimes and link.
Add racy fallback for these if the race-free method doesn't work. We do
our best to avoid races even in this case:
- get absolute path by reading /proc/self/fd/NN symlink
- lookup parent directory: after this we are safe against renames in
ancestors
- lookup name in parent directory, and verify that we got to the original
inode, if not retry the whole thing
Both utimes(2) and link(2) hold i_lock on the inode across the operation,
so a racing rename/delete by this fuse instance is not possible, only from
other entities changing the filesystem.
If the "norace" option is given, then disable the racy fallbacks.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 5fe319a7b19c9c328e6e061bffcf1ff6cc8b89ce)
---
tools/virtiofsd/helper.c | 5 +-
tools/virtiofsd/passthrough_ll.c | 157 +++++++++++++++++++++++++++----
2 files changed, 145 insertions(+), 17 deletions(-)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index b8ec5ac8dc..5531425223 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -142,7 +142,10 @@ void fuse_cmdline_help(void)
" --daemonize run in background\n"
" -o max_idle_threads the maximum number of idle worker "
"threads\n"
- " allowed (default: 10)\n");
+ " allowed (default: 10)\n"
+ " -o norace disable racy fallback\n"
+ " default: false\n"
+ );
}
static int fuse_helper_opt_proc(void *data, const char *arg, int key,
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 9815bfa5c5..ac380efcb1 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -98,6 +98,7 @@ enum {
struct lo_data {
pthread_mutex_t mutex;
int debug;
+ int norace;
int writeback;
int flock;
int xattr;
@@ -124,10 +125,15 @@ static const struct fuse_opt lo_opts[] = {
{ "cache=never", offsetof(struct lo_data, cache), CACHE_NEVER },
{ "cache=auto", offsetof(struct lo_data, cache), CACHE_NORMAL },
{ "cache=always", offsetof(struct lo_data, cache), CACHE_ALWAYS },
-
+ { "norace", offsetof(struct lo_data, norace), 1 },
FUSE_OPT_END
};
+static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
+
+static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st);
+
+
static struct lo_data *lo_data(fuse_req_t req)
{
return (struct lo_data *)fuse_req_userdata(req);
@@ -347,23 +353,127 @@ static void lo_getattr(fuse_req_t req, fuse_ino_t ino,
fuse_reply_attr(req, &buf, lo->timeout);
}
-static int utimensat_empty_nofollow(struct lo_inode *inode,
- const struct timespec *tv)
+static int lo_parent_and_name(struct lo_data *lo, struct lo_inode *inode,
+ char path[PATH_MAX], struct lo_inode **parent)
{
- int res;
char procname[64];
+ char *last;
+ struct stat stat;
+ struct lo_inode *p;
+ int retries = 2;
+ int res;
+
+retry:
+ sprintf(procname, "/proc/self/fd/%i", inode->fd);
+
+ res = readlink(procname, path, PATH_MAX);
+ if (res < 0) {
+ fuse_log(FUSE_LOG_WARNING, "%s: readlink failed: %m\n", __func__);
+ goto fail_noretry;
+ }
+
+ if (res >= PATH_MAX) {
+ fuse_log(FUSE_LOG_WARNING, "%s: readlink overflowed\n", __func__);
+ goto fail_noretry;
+ }
+ path[res] = '\0';
+
+ last = strrchr(path, '/');
+ if (last == NULL) {
+ /* Shouldn't happen */
+ fuse_log(
+ FUSE_LOG_WARNING,
+ "%s: INTERNAL ERROR: bad path read from proc\n", __func__);
+ goto fail_noretry;
+ }
+ if (last == path) {
+ p = &lo->root;
+ pthread_mutex_lock(&lo->mutex);
+ p->refcount++;
+ pthread_mutex_unlock(&lo->mutex);
+ } else {
+ *last = '\0';
+ res = fstatat(AT_FDCWD, last == path ? "/" : path, &stat, 0);
+ if (res == -1) {
+ if (!retries) {
+ fuse_log(FUSE_LOG_WARNING,
+ "%s: failed to stat parent: %m\n", __func__);
+ }
+ goto fail;
+ }
+ p = lo_find(lo, &stat);
+ if (p == NULL) {
+ if (!retries) {
+ fuse_log(FUSE_LOG_WARNING,
+ "%s: failed to find parent\n", __func__);
+ }
+ goto fail;
+ }
+ }
+ last++;
+ res = fstatat(p->fd, last, &stat, AT_SYMLINK_NOFOLLOW);
+ if (res == -1) {
+ if (!retries) {
+ fuse_log(FUSE_LOG_WARNING,
+ "%s: failed to stat last\n", __func__);
+ }
+ goto fail_unref;
+ }
+ if (stat.st_dev != inode->dev || stat.st_ino != inode->ino) {
+ if (!retries) {
+ fuse_log(FUSE_LOG_WARNING,
+ "%s: failed to match last\n", __func__);
+ }
+ goto fail_unref;
+ }
+ *parent = p;
+ memmove(path, last, strlen(last) + 1);
+
+ return 0;
+
+fail_unref:
+ unref_inode(lo, p, 1);
+fail:
+ if (retries) {
+ retries--;
+ goto retry;
+ }
+fail_noretry:
+ errno = EIO;
+ return -1;
+}
+
+static int utimensat_empty(struct lo_data *lo, struct lo_inode *inode,
+ const struct timespec *tv)
+{
+ int res;
+ struct lo_inode *parent;
+ char path[PATH_MAX];
if (inode->is_symlink) {
- res = utimensat(inode->fd, "", tv, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW);
+ res = utimensat(inode->fd, "", tv, AT_EMPTY_PATH);
if (res == -1 && errno == EINVAL) {
/* Sorry, no race free way to set times on symlink. */
- errno = EPERM;
+ if (lo->norace) {
+ errno = EPERM;
+ } else {
+ goto fallback;
+ }
}
return res;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(path, "/proc/self/fd/%i", inode->fd);
- return utimensat(AT_FDCWD, procname, tv, 0);
+ return utimensat(AT_FDCWD, path, tv, 0);
+
+fallback:
+ res = lo_parent_and_name(lo, inode, path, &parent);
+ if (res != -1) {
+ res = utimensat(parent->fd, path, tv, AT_SYMLINK_NOFOLLOW);
+ unref_inode(lo, parent, 1);
+ }
+
+ return res;
}
static int lo_fi_fd(fuse_req_t req, struct fuse_file_info *fi)
@@ -387,6 +497,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
{
int saverr;
char procname[64];
+ struct lo_data *lo = lo_data(req);
struct lo_inode *inode;
int ifd;
int res;
@@ -459,7 +570,7 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
if (fi) {
res = futimens(fd, tv);
} else {
- res = utimensat_empty_nofollow(inode, tv);
+ res = utimensat_empty(lo, inode, tv);
}
if (res == -1) {
goto out_err;
@@ -709,24 +820,38 @@ static void lo_symlink(fuse_req_t req, const char *link, fuse_ino_t parent,
lo_mknod_symlink(req, parent, name, S_IFLNK, 0, link);
}
-static int linkat_empty_nofollow(struct lo_inode *inode, int dfd,
- const char *name)
+static int linkat_empty_nofollow(struct lo_data *lo, struct lo_inode *inode,
+ int dfd, const char *name)
{
int res;
- char procname[64];
+ struct lo_inode *parent;
+ char path[PATH_MAX];
if (inode->is_symlink) {
res = linkat(inode->fd, "", dfd, name, AT_EMPTY_PATH);
if (res == -1 && (errno == ENOENT || errno == EINVAL)) {
/* Sorry, no race free way to hard-link a symlink. */
- errno = EPERM;
+ if (lo->norace) {
+ errno = EPERM;
+ } else {
+ goto fallback;
+ }
}
return res;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(path, "/proc/self/fd/%i", inode->fd);
+
+ return linkat(AT_FDCWD, path, dfd, name, AT_SYMLINK_FOLLOW);
+
+fallback:
+ res = lo_parent_and_name(lo, inode, path, &parent);
+ if (res != -1) {
+ res = linkat(parent->fd, path, dfd, name, 0);
+ unref_inode(lo, parent, 1);
+ }
- return linkat(AT_FDCWD, procname, dfd, name, AT_SYMLINK_FOLLOW);
+ return res;
}
static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
@@ -748,7 +873,7 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
e.attr_timeout = lo->timeout;
e.entry_timeout = lo->timeout;
- res = linkat_empty_nofollow(inode, lo_fd(req, parent), name);
+ res = linkat_empty_nofollow(lo, inode, lo_fd(req, parent), name);
if (res == -1) {
goto out_err;
}

148
0049-virtiofsd-validate-path-components.patch Normal file
View File

@ -0,0 +1,148 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:18 +0000
Subject: [PATCH] virtiofsd: validate path components
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Several FUSE requests contain single path components. A correct FUSE
client sends well-formed path components but there is currently no input
validation in case something went wrong or the client is malicious.
Refuse ".", "..", and paths containing '/' when we expect a path
component.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 25dae28c58d7e706b5d5db99042c9db3cef2e657)
---
tools/virtiofsd/passthrough_ll.c | 59 ++++++++++++++++++++++++++++----
1 file changed, 53 insertions(+), 6 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index ac380efcb1..e375406160 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -133,6 +133,21 @@ static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st);
+static int is_dot_or_dotdot(const char *name)
+{
+ return name[0] == '.' &&
+ (name[1] == '\0' || (name[1] == '.' && name[2] == '\0'));
+}
+
+/* Is `path` a single path component that is not "." or ".."? */
+static int is_safe_path_component(const char *path)
+{
+ if (strchr(path, '/')) {
+ return 0;
+ }
+
+ return !is_dot_or_dotdot(path);
+}
static struct lo_data *lo_data(fuse_req_t req)
{
@@ -681,6 +696,15 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
parent, name);
}
+ /*
+ * Don't use is_safe_path_component(), allow "." and ".." for NFS export
+ * support.
+ */
+ if (strchr(name, '/')) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
err = lo_do_lookup(req, parent, name, &e);
if (err) {
fuse_reply_err(req, err);
@@ -762,6 +786,11 @@ static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
struct fuse_entry_param e;
struct lo_cred old = {};
+ if (!is_safe_path_component(name)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
dir = lo_inode(req, parent);
if (!dir) {
fuse_reply_err(req, EBADF);
@@ -863,6 +892,11 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
struct fuse_entry_param e;
int saverr;
+ if (!is_safe_path_component(name)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
inode = lo_inode(req, ino);
if (!inode) {
fuse_reply_err(req, EBADF);
@@ -904,6 +938,10 @@ out_err:
static void lo_rmdir(fuse_req_t req, fuse_ino_t parent, const char *name)
{
int res;
+ if (!is_safe_path_component(name)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
res = unlinkat(lo_fd(req, parent), name, AT_REMOVEDIR);
@@ -916,6 +954,11 @@ static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name,
{
int res;
+ if (!is_safe_path_component(name) || !is_safe_path_component(newname)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
if (flags) {
fuse_reply_err(req, EINVAL);
return;
@@ -930,6 +973,11 @@ static void lo_unlink(fuse_req_t req, fuse_ino_t parent, const char *name)
{
int res;
+ if (!is_safe_path_component(name)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
res = unlinkat(lo_fd(req, parent), name, 0);
fuse_reply_err(req, res == -1 ? errno : 0);
@@ -1093,12 +1141,6 @@ out_err:
fuse_reply_err(req, error);
}
-static int is_dot_or_dotdot(const char *name)
-{
- return name[0] == '.' &&
- (name[1] == '\0' || (name[1] == '.' && name[2] == '\0'));
-}
-
static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
off_t offset, struct fuse_file_info *fi, int plus)
{
@@ -1248,6 +1290,11 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name,
parent, name);
}
+ if (!is_safe_path_component(name)) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
err = lo_change_cred(req, &old);
if (err) {
goto out;

149
0050-virtiofsd-Plumb-fuse_bufvec-through-to-do_write_buf.patch Normal file
View File

@ -0,0 +1,149 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:19 +0000
Subject: [PATCH] virtiofsd: Plumb fuse_bufvec through to do_write_buf
Let fuse_session_process_buf_int take a fuse_bufvec * instead of a
fuse_buf; and then through to do_write_buf - where in the best
case it can pass that straight through to op.write_buf without copying
(other than skipping a header).
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 469f9d2fc405b0508e6cf1b4b5bbcadfc82064e5)
---
tools/virtiofsd/fuse_i.h | 2 +-
tools/virtiofsd/fuse_lowlevel.c | 61 ++++++++++++++++++++++-----------
tools/virtiofsd/fuse_virtio.c | 3 +-
3 files changed, 44 insertions(+), 22 deletions(-)
diff --git a/tools/virtiofsd/fuse_i.h b/tools/virtiofsd/fuse_i.h
index 45995f3246..a20854f1c4 100644
--- a/tools/virtiofsd/fuse_i.h
+++ b/tools/virtiofsd/fuse_i.h
@@ -100,7 +100,7 @@ int fuse_send_reply_iov_nofree(fuse_req_t req, int error, struct iovec *iov,
void fuse_free_req(fuse_req_t req);
void fuse_session_process_buf_int(struct fuse_session *se,
- const struct fuse_buf *buf,
+ struct fuse_bufvec *bufv,
struct fuse_chan *ch);
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 95f4db8fcf..7e10995adc 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -1004,11 +1004,12 @@ static void do_write(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
- const struct fuse_buf *ibuf)
+ struct fuse_bufvec *ibufv)
{
struct fuse_session *se = req->se;
- struct fuse_bufvec bufv = {
- .buf[0] = *ibuf,
+ struct fuse_bufvec *pbufv = ibufv;
+ struct fuse_bufvec tmpbufv = {
+ .buf[0] = ibufv->buf[0],
.count = 1,
};
struct fuse_write_in *arg = (struct fuse_write_in *)inarg;
@@ -1018,22 +1019,31 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
fi.fh = arg->fh;
fi.writepage = arg->write_flags & FUSE_WRITE_CACHE;
- fi.lock_owner = arg->lock_owner;
- fi.flags = arg->flags;
- if (!(bufv.buf[0].flags & FUSE_BUF_IS_FD)) {
- bufv.buf[0].mem = PARAM(arg);
- }
-
- bufv.buf[0].size -=
- sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in);
- if (bufv.buf[0].size < arg->size) {
- fuse_log(FUSE_LOG_ERR, "fuse: do_write_buf: buffer size too small\n");
- fuse_reply_err(req, EIO);
- return;
+ if (ibufv->count == 1) {
+ fi.lock_owner = arg->lock_owner;
+ fi.flags = arg->flags;
+ if (!(tmpbufv.buf[0].flags & FUSE_BUF_IS_FD)) {
+ tmpbufv.buf[0].mem = PARAM(arg);
+ }
+ tmpbufv.buf[0].size -=
+ sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in);
+ if (tmpbufv.buf[0].size < arg->size) {
+ fuse_log(FUSE_LOG_ERR,
+ "fuse: do_write_buf: buffer size too small\n");
+ fuse_reply_err(req, EIO);
+ return;
+ }
+ tmpbufv.buf[0].size = arg->size;
+ pbufv = &tmpbufv;
+ } else {
+ /*
+ * Input bufv contains the headers in the first element
+ * and the data in the rest, we need to skip that first element
+ */
+ ibufv->buf[0].size = 0;
}
- bufv.buf[0].size = arg->size;
- se->op.write_buf(req, nodeid, &bufv, arg->offset, &fi);
+ se->op.write_buf(req, nodeid, pbufv, arg->offset, &fi);
}
static void do_flush(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
@@ -2024,13 +2034,24 @@ static const char *opname(enum fuse_opcode opcode)
void fuse_session_process_buf(struct fuse_session *se,
const struct fuse_buf *buf)
{
- fuse_session_process_buf_int(se, buf, NULL);
+ struct fuse_bufvec bufv = { .buf[0] = *buf, .count = 1 };
+ fuse_session_process_buf_int(se, &bufv, NULL);
}
+/*
+ * Restriction:
+ * bufv is normally a single entry buffer, except for a write
+ * where (if it's in memory) then the bufv may be multiple entries,
+ * where the first entry contains all headers and subsequent entries
+ * contain data
+ * bufv shall not use any offsets etc to make the data anything
+ * other than contiguous starting from 0.
+ */
void fuse_session_process_buf_int(struct fuse_session *se,
- const struct fuse_buf *buf,
+ struct fuse_bufvec *bufv,
struct fuse_chan *ch)
{
+ const struct fuse_buf *buf = bufv->buf;
struct fuse_in_header *in;
const void *inarg;
struct fuse_req *req;
@@ -2108,7 +2129,7 @@ void fuse_session_process_buf_int(struct fuse_session *se,
inarg = (void *)&in[1];
if (in->opcode == FUSE_WRITE && se->op.write_buf) {
- do_write_buf(req, in->nodeid, inarg, buf);
+ do_write_buf(req, in->nodeid, inarg, bufv);
} else {
fuse_ll_ops[in->opcode].func(req, in->nodeid, inarg);
}
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 635f87756a..fd588a4829 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -501,7 +501,8 @@ static void *fv_queue_thread(void *opaque)
/* TODO! Endianness of header */
/* TODO: Add checks for fuse_session_exited */
- fuse_session_process_buf_int(se, &fbuf, &ch);
+ struct fuse_bufvec bufv = { .buf[0] = fbuf, .count = 1 };
+ fuse_session_process_buf_int(se, &bufv, &ch);
if (!qi->reply_sent) {
fuse_log(FUSE_LOG_DEBUG, "%s: elem %d no reply sent\n",

121
0051-virtiofsd-Pass-write-iov-s-all-the-way-through.patch Normal file
View File

@ -0,0 +1,121 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:20 +0000
Subject: [PATCH] virtiofsd: Pass write iov's all the way through
Pass the write iov pointing to guest RAM all the way through rather
than copying the data.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit e17f7a580e2c599330ad3a6946be615ca2fe97d9)
---
tools/virtiofsd/fuse_virtio.c | 79 ++++++++++++++++++++++++++++++++---
1 file changed, 73 insertions(+), 6 deletions(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index fd588a4829..872968f2c8 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -454,6 +454,10 @@ static void *fv_queue_thread(void *opaque)
__func__, qi->qidx, (size_t)evalue, in_bytes, out_bytes);
while (1) {
+ bool allocated_bufv = false;
+ struct fuse_bufvec bufv;
+ struct fuse_bufvec *pbufv;
+
/*
* An element contains one request and the space to send our
* response They're spread over multiple descriptors in a
@@ -495,14 +499,76 @@ static void *fv_queue_thread(void *opaque)
__func__, elem->index);
assert(0); /* TODO */
}
- copy_from_iov(&fbuf, out_num, out_sg);
- fbuf.size = out_len;
+ /* Copy just the first element and look at it */
+ copy_from_iov(&fbuf, 1, out_sg);
+
+ if (out_num > 2 &&
+ out_sg[0].iov_len == sizeof(struct fuse_in_header) &&
+ ((struct fuse_in_header *)fbuf.mem)->opcode == FUSE_WRITE &&
+ out_sg[1].iov_len == sizeof(struct fuse_write_in)) {
+ /*
+ * For a write we don't actually need to copy the
+ * data, we can just do it straight out of guest memory
+ * but we must still copy the headers in case the guest
+ * was nasty and changed them while we were using them.
+ */
+ fuse_log(FUSE_LOG_DEBUG, "%s: Write special case\n", __func__);
+
+ /* copy the fuse_write_in header after the fuse_in_header */
+ fbuf.mem += out_sg->iov_len;
+ copy_from_iov(&fbuf, 1, out_sg + 1);
+ fbuf.mem -= out_sg->iov_len;
+ fbuf.size = out_sg[0].iov_len + out_sg[1].iov_len;
+
+ /* Allocate the bufv, with space for the rest of the iov */
+ allocated_bufv = true;
+ pbufv = malloc(sizeof(struct fuse_bufvec) +
+ sizeof(struct fuse_buf) * (out_num - 2));
+ if (!pbufv) {
+ vu_queue_unpop(dev, q, elem, 0);
+ free(elem);
+ fuse_log(FUSE_LOG_ERR, "%s: pbufv malloc failed\n",
+ __func__);
+ goto out;
+ }
+
+ pbufv->count = 1;
+ pbufv->buf[0] = fbuf;
+
+ size_t iovindex, pbufvindex;
+ iovindex = 2; /* 2 headers, separate iovs */
+ pbufvindex = 1; /* 2 headers, 1 fusebuf */
+
+ for (; iovindex < out_num; iovindex++, pbufvindex++) {
+ pbufv->count++;
+ pbufv->buf[pbufvindex].pos = ~0; /* Dummy */
+ pbufv->buf[pbufvindex].flags = 0;
+ pbufv->buf[pbufvindex].mem = out_sg[iovindex].iov_base;
+ pbufv->buf[pbufvindex].size = out_sg[iovindex].iov_len;
+ }
+ } else {
+ /* Normal (non fast write) path */
+
+ /* Copy the rest of the buffer */
+ fbuf.mem += out_sg->iov_len;
+ copy_from_iov(&fbuf, out_num - 1, out_sg + 1);
+ fbuf.mem -= out_sg->iov_len;
+ fbuf.size = out_len;
- /* TODO! Endianness of header */
+ /* TODO! Endianness of header */
- /* TODO: Add checks for fuse_session_exited */
- struct fuse_bufvec bufv = { .buf[0] = fbuf, .count = 1 };
- fuse_session_process_buf_int(se, &bufv, &ch);
+ /* TODO: Add checks for fuse_session_exited */
+ bufv.buf[0] = fbuf;
+ bufv.count = 1;
+ pbufv = &bufv;
+ }
+ pbufv->idx = 0;
+ pbufv->off = 0;
+ fuse_session_process_buf_int(se, pbufv, &ch);
+
+ if (allocated_bufv) {
+ free(pbufv);
+ }
if (!qi->reply_sent) {
fuse_log(FUSE_LOG_DEBUG, "%s: elem %d no reply sent\n",
@@ -516,6 +582,7 @@ static void *fv_queue_thread(void *opaque)
elem = NULL;
}
}
+out:
pthread_mutex_destroy(&ch.lock);
free(fbuf.mem);

115
0052-virtiofsd-add-fuse_mbuf_iter-API.patch Normal file
View File

@ -0,0 +1,115 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:21 +0000
Subject: [PATCH] virtiofsd: add fuse_mbuf_iter API
Introduce an API for consuming bytes from a buffer with size checks.
All FUSE operations will be converted to use this safe API instead of
void *inarg.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit dad157e880416ab3a0e45beaa0e81977516568bc)
---
tools/virtiofsd/buffer.c | 28 ++++++++++++++++++++
tools/virtiofsd/fuse_common.h | 49 ++++++++++++++++++++++++++++++++++-
2 files changed, 76 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/buffer.c b/tools/virtiofsd/buffer.c
index 772efa922d..42a608f6bd 100644
--- a/tools/virtiofsd/buffer.c
+++ b/tools/virtiofsd/buffer.c
@@ -267,3 +267,31 @@ ssize_t fuse_buf_copy(struct fuse_bufvec *dstv, struct fuse_bufvec *srcv)
return copied;
}
+
+void *fuse_mbuf_iter_advance(struct fuse_mbuf_iter *iter, size_t len)
+{
+ void *ptr;
+
+ if (len > iter->size - iter->pos) {
+ return NULL;
+ }
+
+ ptr = iter->mem + iter->pos;
+ iter->pos += len;
+ return ptr;
+}
+
+const char *fuse_mbuf_iter_advance_str(struct fuse_mbuf_iter *iter)
+{
+ const char *str = iter->mem + iter->pos;
+ size_t remaining = iter->size - iter->pos;
+ size_t i;
+
+ for (i = 0; i < remaining; i++) {
+ if (str[i] == '\0') {
+ iter->pos += i + 1;
+ return str;
+ }
+ }
+ return NULL;
+}
diff --git a/tools/virtiofsd/fuse_common.h b/tools/virtiofsd/fuse_common.h
index 0cb33acc2f..f8f6433743 100644
--- a/tools/virtiofsd/fuse_common.h
+++ b/tools/virtiofsd/fuse_common.h
@@ -703,10 +703,57 @@ size_t fuse_buf_size(const struct fuse_bufvec *bufv);
*/
ssize_t fuse_buf_copy(struct fuse_bufvec *dst, struct fuse_bufvec *src);
+/**
+ * Memory buffer iterator
+ *
+ */
+struct fuse_mbuf_iter {
+ /**
+ * Data pointer
+ */
+ void *mem;
+
+ /**
+ * Total length, in bytes
+ */
+ size_t size;
+
+ /**
+ * Offset from start of buffer
+ */
+ size_t pos;
+};
+
+/* Initialize memory buffer iterator from a fuse_buf */
+#define FUSE_MBUF_ITER_INIT(fbuf) \
+ ((struct fuse_mbuf_iter){ \
+ .mem = fbuf->mem, \
+ .size = fbuf->size, \
+ .pos = 0, \
+ })
+
+/**
+ * Consume bytes from a memory buffer iterator
+ *
+ * @param iter memory buffer iterator
+ * @param len number of bytes to consume
+ * @return pointer to start of consumed bytes or
+ * NULL if advancing beyond end of buffer
+ */
+void *fuse_mbuf_iter_advance(struct fuse_mbuf_iter *iter, size_t len);
+
+/**
+ * Consume a NUL-terminated string from a memory buffer iterator
+ *
+ * @param iter memory buffer iterator
+ * @return pointer to the string or
+ * NULL if advancing beyond end of buffer or there is no NUL-terminator
+ */
+const char *fuse_mbuf_iter_advance_str(struct fuse_mbuf_iter *iter);
+
/*
* Signal handling
*/
-
/**
* Exit session on HUP, TERM and INT signals and ignore PIPE signal
*

117
0053-virtiofsd-validate-input-buffer-sizes-in-do_write_bu.patch Normal file
View File

@ -0,0 +1,117 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:22 +0000
Subject: [PATCH] virtiofsd: validate input buffer sizes in do_write_buf()
There is a small change in behavior: if fuse_write_in->size doesn't
match the input buffer size then the request is failed. Previously
write requests with 1 fuse_buf element would truncate to
fuse_write_in->size.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 0ba8c3c6fce8fe949d59c1fd84d98d220ef9e759)
---
tools/virtiofsd/fuse_lowlevel.c | 49 ++++++++++++++++++++-------------
1 file changed, 30 insertions(+), 19 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 7e10995adc..611e8b0354 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -1003,8 +1003,8 @@ static void do_write(fuse_req_t req, fuse_ino_t nodeid, const void *inarg)
}
}
-static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
- struct fuse_bufvec *ibufv)
+static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid,
+ struct fuse_mbuf_iter *iter, struct fuse_bufvec *ibufv)
{
struct fuse_session *se = req->se;
struct fuse_bufvec *pbufv = ibufv;
@@ -1012,28 +1012,27 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
.buf[0] = ibufv->buf[0],
.count = 1,
};
- struct fuse_write_in *arg = (struct fuse_write_in *)inarg;
+ struct fuse_write_in *arg;
+ size_t arg_size = sizeof(*arg);
struct fuse_file_info fi;
memset(&fi, 0, sizeof(fi));
+
+ arg = fuse_mbuf_iter_advance(iter, arg_size);
+ if (!arg) {
+ fuse_reply_err(req, EINVAL);
+ return;
+ }
+
+ fi.lock_owner = arg->lock_owner;
+ fi.flags = arg->flags;
fi.fh = arg->fh;
fi.writepage = arg->write_flags & FUSE_WRITE_CACHE;
if (ibufv->count == 1) {
- fi.lock_owner = arg->lock_owner;
- fi.flags = arg->flags;
- if (!(tmpbufv.buf[0].flags & FUSE_BUF_IS_FD)) {
- tmpbufv.buf[0].mem = PARAM(arg);
- }
- tmpbufv.buf[0].size -=
- sizeof(struct fuse_in_header) + sizeof(struct fuse_write_in);
- if (tmpbufv.buf[0].size < arg->size) {
- fuse_log(FUSE_LOG_ERR,
- "fuse: do_write_buf: buffer size too small\n");
- fuse_reply_err(req, EIO);
- return;
- }
- tmpbufv.buf[0].size = arg->size;
+ assert(!(tmpbufv.buf[0].flags & FUSE_BUF_IS_FD));
+ tmpbufv.buf[0].mem = ((char *)arg) + arg_size;
+ tmpbufv.buf[0].size -= sizeof(struct fuse_in_header) + arg_size;
pbufv = &tmpbufv;
} else {
/*
@@ -1043,6 +1042,13 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid, const void *inarg,
ibufv->buf[0].size = 0;
}
+ if (fuse_buf_size(pbufv) != arg->size) {
+ fuse_log(FUSE_LOG_ERR,
+ "fuse: do_write_buf: buffer size doesn't match arg->size\n");
+ fuse_reply_err(req, EIO);
+ return;
+ }
+
se->op.write_buf(req, nodeid, pbufv, arg->offset, &fi);
}
@@ -2052,12 +2058,17 @@ void fuse_session_process_buf_int(struct fuse_session *se,
struct fuse_chan *ch)
{
const struct fuse_buf *buf = bufv->buf;
+ struct fuse_mbuf_iter iter = FUSE_MBUF_ITER_INIT(buf);
struct fuse_in_header *in;
const void *inarg;
struct fuse_req *req;
int err;
- in = buf->mem;
+ /* The first buffer must be a memory buffer */
+ assert(!(buf->flags & FUSE_BUF_IS_FD));
+
+ in = fuse_mbuf_iter_advance(&iter, sizeof(*in));
+ assert(in); /* caller guarantees the input buffer is large enough */
if (se->debug) {
fuse_log(FUSE_LOG_DEBUG,
@@ -2129,7 +2140,7 @@ void fuse_session_process_buf_int(struct fuse_session *se,
inarg = (void *)&in[1];
if (in->opcode == FUSE_WRITE && se->op.write_buf) {
- do_write_buf(req, in->nodeid, inarg, bufv);
+ do_write_buf(req, in->nodeid, &iter, bufv);
} else {
fuse_ll_ops[in->opcode].func(req, in->nodeid, inarg);
}

1091
0054-virtiofsd-check-input-buffer-size-in-fuse_lowlevel.c.patch Normal file
View File

File diff suppressed because it is too large Load Diff

35
0055-virtiofsd-prevent-.-escape-in-lo_do_lookup.patch Normal file
View File

@ -0,0 +1,35 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:24 +0000
Subject: [PATCH] virtiofsd: prevent ".." escape in lo_do_lookup()
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 854684bc0b3d63eb90b3abdfe471c2e4271ef176)
---
tools/virtiofsd/passthrough_ll.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index e375406160..79d5966eea 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -624,12 +624,17 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
int res;
int saverr;
struct lo_data *lo = lo_data(req);
- struct lo_inode *inode;
+ struct lo_inode *inode, *dir = lo_inode(req, parent);
memset(e, 0, sizeof(*e));
e->attr_timeout = lo->timeout;
e->entry_timeout = lo->timeout;
+ /* Do not allow escaping root directory */
+ if (dir == &lo->root && strcmp(name, "..") == 0) {
+ name = ".";
+ }
+
newfd = openat(lo_fd(req, parent), name, O_PATH | O_NOFOLLOW);
if (newfd == -1) {
goto out_err;

89
0056-virtiofsd-prevent-.-escape-in-lo_do_readdir.patch Normal file
View File

@ -0,0 +1,89 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:25 +0000
Subject: [PATCH] virtiofsd: prevent ".." escape in lo_do_readdir()
Construct a fake dirent for the root directory's ".." entry. This hides
the parent directory from the FUSE client.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 752272da2b68a2312f0e11fc5303015a6c3ee1ac)
---
tools/virtiofsd/passthrough_ll.c | 36 +++++++++++++++++++-------------
1 file changed, 22 insertions(+), 14 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 79d5966eea..e3d65c3676 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1149,19 +1149,25 @@ out_err:
static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
off_t offset, struct fuse_file_info *fi, int plus)
{
+ struct lo_data *lo = lo_data(req);
struct lo_dirp *d;
+ struct lo_inode *dinode;
char *buf = NULL;
char *p;
size_t rem = size;
- int err = ENOMEM;
+ int err = EBADF;
- (void)ino;
+ dinode = lo_inode(req, ino);
+ if (!dinode) {
+ goto error;
+ }
d = lo_dirp(req, fi);
if (!d) {
goto error;
}
+ err = ENOMEM;
buf = calloc(1, size);
if (!buf) {
goto error;
@@ -1192,15 +1198,21 @@ static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
}
nextoff = d->entry->d_off;
name = d->entry->d_name;
+
fuse_ino_t entry_ino = 0;
+ struct fuse_entry_param e = (struct fuse_entry_param){
+ .attr.st_ino = d->entry->d_ino,
+ .attr.st_mode = d->entry->d_type << 12,
+ };
+
+ /* Hide root's parent directory */
+ if (dinode == &lo->root && strcmp(name, "..") == 0) {
+ e.attr.st_ino = lo->root.ino;
+ e.attr.st_mode = DT_DIR << 12;
+ }
+
if (plus) {
- struct fuse_entry_param e;
- if (is_dot_or_dotdot(name)) {
- e = (struct fuse_entry_param){
- .attr.st_ino = d->entry->d_ino,
- .attr.st_mode = d->entry->d_type << 12,
- };
- } else {
+ if (!is_dot_or_dotdot(name)) {
err = lo_do_lookup(req, ino, name, &e);
if (err) {
goto error;
@@ -1210,11 +1222,7 @@ static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
entsize = fuse_add_direntry_plus(req, p, rem, name, &e, nextoff);
} else {
- struct stat st = {
- .st_ino = d->entry->d_ino,
- .st_mode = d->entry->d_type << 12,
- };
- entsize = fuse_add_direntry(req, p, rem, name, &st, nextoff);
+ entsize = fuse_add_direntry(req, p, rem, name, &e.attr, nextoff);
}
if (entsize > rem) {
if (entry_ino != 0) {

374
0057-virtiofsd-use-proc-self-fd-O_PATH-file-descriptor.patch Normal file
View File

@ -0,0 +1,374 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:26 +0000
Subject: [PATCH] virtiofsd: use /proc/self/fd/ O_PATH file descriptor
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sandboxing will remove /proc from the mount namespace so we can no
longer build string paths into "/proc/self/fd/...".
Keep an O_PATH file descriptor so we can still re-open fds via
/proc/self/fd.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 9f59d175e2ca96f0b87f534dba69ea547dd35945)
---
tools/virtiofsd/passthrough_ll.c | 130 ++++++++++++++++++++++++-------
1 file changed, 103 insertions(+), 27 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index e3d65c3676..e2e2211ea1 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -110,6 +110,9 @@ struct lo_data {
struct lo_map ino_map; /* protected by lo->mutex */
struct lo_map dirp_map; /* protected by lo->mutex */
struct lo_map fd_map; /* protected by lo->mutex */
+
+ /* An O_PATH file descriptor to /proc/self/fd/ */
+ int proc_self_fd;
};
static const struct fuse_opt lo_opts[] = {
@@ -379,9 +382,9 @@ static int lo_parent_and_name(struct lo_data *lo, struct lo_inode *inode,
int res;
retry:
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(procname, "%i", inode->fd);
- res = readlink(procname, path, PATH_MAX);
+ res = readlinkat(lo->proc_self_fd, procname, path, PATH_MAX);
if (res < 0) {
fuse_log(FUSE_LOG_WARNING, "%s: readlink failed: %m\n", __func__);
goto fail_noretry;
@@ -477,9 +480,9 @@ static int utimensat_empty(struct lo_data *lo, struct lo_inode *inode,
}
return res;
}
- sprintf(path, "/proc/self/fd/%i", inode->fd);
+ sprintf(path, "%i", inode->fd);
- return utimensat(AT_FDCWD, path, tv, 0);
+ return utimensat(lo->proc_self_fd, path, tv, 0);
fallback:
res = lo_parent_and_name(lo, inode, path, &parent);
@@ -535,8 +538,8 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
if (fi) {
res = fchmod(fd, attr->st_mode);
} else {
- sprintf(procname, "/proc/self/fd/%i", ifd);
- res = chmod(procname, attr->st_mode);
+ sprintf(procname, "%i", ifd);
+ res = fchmodat(lo->proc_self_fd, procname, attr->st_mode, 0);
}
if (res == -1) {
goto out_err;
@@ -552,11 +555,23 @@ static void lo_setattr(fuse_req_t req, fuse_ino_t ino, struct stat *attr,
}
}
if (valid & FUSE_SET_ATTR_SIZE) {
+ int truncfd;
+
if (fi) {
- res = ftruncate(fd, attr->st_size);
+ truncfd = fd;
} else {
- sprintf(procname, "/proc/self/fd/%i", ifd);
- res = truncate(procname, attr->st_size);
+ sprintf(procname, "%i", ifd);
+ truncfd = openat(lo->proc_self_fd, procname, O_RDWR);
+ if (truncfd < 0) {
+ goto out_err;
+ }
+ }
+
+ res = ftruncate(truncfd, attr->st_size);
+ if (!fi) {
+ saverr = errno;
+ close(truncfd);
+ errno = saverr;
}
if (res == -1) {
goto out_err;
@@ -874,9 +889,9 @@ static int linkat_empty_nofollow(struct lo_data *lo, struct lo_inode *inode,
return res;
}
- sprintf(path, "/proc/self/fd/%i", inode->fd);
+ sprintf(path, "%i", inode->fd);
- return linkat(AT_FDCWD, path, dfd, name, AT_SYMLINK_FOLLOW);
+ return linkat(lo->proc_self_fd, path, dfd, name, AT_SYMLINK_FOLLOW);
fallback:
res = lo_parent_and_name(lo, inode, path, &parent);
@@ -1404,8 +1419,8 @@ static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
fi->flags &= ~O_APPEND;
}
- sprintf(buf, "/proc/self/fd/%i", lo_fd(req, ino));
- fd = open(buf, fi->flags & ~O_NOFOLLOW);
+ sprintf(buf, "%i", lo_fd(req, ino));
+ fd = openat(lo->proc_self_fd, buf, fi->flags & ~O_NOFOLLOW);
if (fd == -1) {
return (void)fuse_reply_err(req, errno);
}
@@ -1458,7 +1473,6 @@ static void lo_fsync(fuse_req_t req, fuse_ino_t ino, int datasync,
struct fuse_file_info *fi)
{
int res;
- (void)ino;
int fd;
char *buf;
@@ -1466,12 +1480,14 @@ static void lo_fsync(fuse_req_t req, fuse_ino_t ino, int datasync,
(void *)fi);
if (!fi) {
- res = asprintf(&buf, "/proc/self/fd/%i", lo_fd(req, ino));
+ struct lo_data *lo = lo_data(req);
+
+ res = asprintf(&buf, "%i", lo_fd(req, ino));
if (res == -1) {
return (void)fuse_reply_err(req, errno);
}
- fd = open(buf, O_RDWR);
+ fd = openat(lo->proc_self_fd, buf, O_RDWR);
free(buf);
if (fd == -1) {
return (void)fuse_reply_err(req, errno);
@@ -1587,11 +1603,13 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
size_t size)
{
+ struct lo_data *lo = lo_data(req);
char *value = NULL;
char procname[64];
struct lo_inode *inode;
ssize_t ret;
int saverr;
+ int fd = -1;
inode = lo_inode(req, ino);
if (!inode) {
@@ -1616,7 +1634,11 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
goto out;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(procname, "%i", inode->fd);
+ fd = openat(lo->proc_self_fd, procname, O_RDONLY);
+ if (fd < 0) {
+ goto out_err;
+ }
if (size) {
value = malloc(size);
@@ -1624,7 +1646,7 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
goto out_err;
}
- ret = getxattr(procname, name, value, size);
+ ret = fgetxattr(fd, name, value, size);
if (ret == -1) {
goto out_err;
}
@@ -1635,7 +1657,7 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
fuse_reply_buf(req, value, ret);
} else {
- ret = getxattr(procname, name, NULL, 0);
+ ret = fgetxattr(fd, name, NULL, 0);
if (ret == -1) {
goto out_err;
}
@@ -1644,6 +1666,10 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
}
out_free:
free(value);
+
+ if (fd >= 0) {
+ close(fd);
+ }
return;
out_err:
@@ -1655,11 +1681,13 @@ out:
static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
{
+ struct lo_data *lo = lo_data(req);
char *value = NULL;
char procname[64];
struct lo_inode *inode;
ssize_t ret;
int saverr;
+ int fd = -1;
inode = lo_inode(req, ino);
if (!inode) {
@@ -1683,7 +1711,11 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
goto out;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(procname, "%i", inode->fd);
+ fd = openat(lo->proc_self_fd, procname, O_RDONLY);
+ if (fd < 0) {
+ goto out_err;
+ }
if (size) {
value = malloc(size);
@@ -1691,7 +1723,7 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
goto out_err;
}
- ret = listxattr(procname, value, size);
+ ret = flistxattr(fd, value, size);
if (ret == -1) {
goto out_err;
}
@@ -1702,7 +1734,7 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
fuse_reply_buf(req, value, ret);
} else {
- ret = listxattr(procname, NULL, 0);
+ ret = flistxattr(fd, NULL, 0);
if (ret == -1) {
goto out_err;
}
@@ -1711,6 +1743,10 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
}
out_free:
free(value);
+
+ if (fd >= 0) {
+ close(fd);
+ }
return;
out_err:
@@ -1724,9 +1760,11 @@ static void lo_setxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
const char *value, size_t size, int flags)
{
char procname[64];
+ struct lo_data *lo = lo_data(req);
struct lo_inode *inode;
ssize_t ret;
int saverr;
+ int fd = -1;
inode = lo_inode(req, ino);
if (!inode) {
@@ -1751,21 +1789,31 @@ static void lo_setxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
goto out;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(procname, "%i", inode->fd);
+ fd = openat(lo->proc_self_fd, procname, O_RDWR);
+ if (fd < 0) {
+ saverr = errno;
+ goto out;
+ }
- ret = setxattr(procname, name, value, size, flags);
+ ret = fsetxattr(fd, name, value, size, flags);
saverr = ret == -1 ? errno : 0;
out:
+ if (fd >= 0) {
+ close(fd);
+ }
fuse_reply_err(req, saverr);
}
static void lo_removexattr(fuse_req_t req, fuse_ino_t ino, const char *name)
{
char procname[64];
+ struct lo_data *lo = lo_data(req);
struct lo_inode *inode;
ssize_t ret;
int saverr;
+ int fd = -1;
inode = lo_inode(req, ino);
if (!inode) {
@@ -1789,12 +1837,20 @@ static void lo_removexattr(fuse_req_t req, fuse_ino_t ino, const char *name)
goto out;
}
- sprintf(procname, "/proc/self/fd/%i", inode->fd);
+ sprintf(procname, "%i", inode->fd);
+ fd = openat(lo->proc_self_fd, procname, O_RDWR);
+ if (fd < 0) {
+ saverr = errno;
+ goto out;
+ }
- ret = removexattr(procname, name);
+ ret = fremovexattr(fd, name);
saverr = ret == -1 ? errno : 0;
out:
+ if (fd >= 0) {
+ close(fd);
+ }
fuse_reply_err(req, saverr);
}
@@ -1887,12 +1943,25 @@ static void print_capabilities(void)
printf("}\n");
}
+static void setup_proc_self_fd(struct lo_data *lo)
+{
+ lo->proc_self_fd = open("/proc/self/fd", O_PATH);
+ if (lo->proc_self_fd == -1) {
+ fuse_log(FUSE_LOG_ERR, "open(/proc/self/fd, O_PATH): %m\n");
+ exit(1);
+ }
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
struct fuse_session *se;
struct fuse_cmdline_opts opts;
- struct lo_data lo = { .debug = 0, .writeback = 0 };
+ struct lo_data lo = {
+ .debug = 0,
+ .writeback = 0,
+ .proc_self_fd = -1,
+ };
struct lo_map_elem *root_elem;
int ret = -1;
@@ -2003,6 +2072,9 @@ int main(int argc, char *argv[])
fuse_daemonize(opts.foreground);
+ /* Must be after daemonize to get the right /proc/self/fd */
+ setup_proc_self_fd(&lo);
+
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);
@@ -2018,6 +2090,10 @@ err_out1:
lo_map_destroy(&lo.dirp_map);
lo_map_destroy(&lo.ino_map);
+ if (lo.proc_self_fd >= 0) {
+ close(lo.proc_self_fd);
+ }
+
if (lo.root.fd >= 0) {
close(lo.root.fd);
}

150
0058-virtiofsd-sandbox-mount-namespace.patch Normal file
View File

@ -0,0 +1,150 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:27 +0000
Subject: [PATCH] virtiofsd: sandbox mount namespace
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Use a mount namespace with the shared directory tree mounted at "/" and
no other mounts.
This prevents symlink escape attacks because symlink targets are
resolved only against the shared directory and cannot go outside it.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Peng Tao <tao.peng@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 5baa3b8e95064c2434bd9e2f312edd5e9ae275dc)
---
tools/virtiofsd/passthrough_ll.c | 89 ++++++++++++++++++++++++++++++++
1 file changed, 89 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index e2e2211ea1..0570453eef 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -50,6 +50,7 @@
#include <stdlib.h>
#include <string.h>
#include <sys/file.h>
+#include <sys/mount.h>
#include <sys/syscall.h>
#include <sys/xattr.h>
#include <unistd.h>
@@ -1943,6 +1944,58 @@ static void print_capabilities(void)
printf("}\n");
}
+/* This magic is based on lxc's lxc_pivot_root() */
+static void setup_pivot_root(const char *source)
+{
+ int oldroot;
+ int newroot;
+
+ oldroot = open("/", O_DIRECTORY | O_RDONLY | O_CLOEXEC);
+ if (oldroot < 0) {
+ fuse_log(FUSE_LOG_ERR, "open(/): %m\n");
+ exit(1);
+ }
+
+ newroot = open(source, O_DIRECTORY | O_RDONLY | O_CLOEXEC);
+ if (newroot < 0) {
+ fuse_log(FUSE_LOG_ERR, "open(%s): %m\n", source);
+ exit(1);
+ }
+
+ if (fchdir(newroot) < 0) {
+ fuse_log(FUSE_LOG_ERR, "fchdir(newroot): %m\n");
+ exit(1);
+ }
+
+ if (syscall(__NR_pivot_root, ".", ".") < 0) {
+ fuse_log(FUSE_LOG_ERR, "pivot_root(., .): %m\n");
+ exit(1);
+ }
+
+ if (fchdir(oldroot) < 0) {
+ fuse_log(FUSE_LOG_ERR, "fchdir(oldroot): %m\n");
+ exit(1);
+ }
+
+ if (mount("", ".", "", MS_SLAVE | MS_REC, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(., MS_SLAVE | MS_REC): %m\n");
+ exit(1);
+ }
+
+ if (umount2(".", MNT_DETACH) < 0) {
+ fuse_log(FUSE_LOG_ERR, "umount2(., MNT_DETACH): %m\n");
+ exit(1);
+ }
+
+ if (fchdir(newroot) < 0) {
+ fuse_log(FUSE_LOG_ERR, "fchdir(newroot): %m\n");
+ exit(1);
+ }
+
+ close(newroot);
+ close(oldroot);
+}
+
static void setup_proc_self_fd(struct lo_data *lo)
{
lo->proc_self_fd = open("/proc/self/fd", O_PATH);
@@ -1952,6 +2005,39 @@ static void setup_proc_self_fd(struct lo_data *lo)
}
}
+/*
+ * Make the source directory our root so symlinks cannot escape and no other
+ * files are accessible.
+ */
+static void setup_mount_namespace(const char *source)
+{
+ if (unshare(CLONE_NEWNS) != 0) {
+ fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWNS): %m\n");
+ exit(1);
+ }
+
+ if (mount(NULL, "/", NULL, MS_REC | MS_SLAVE, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(/, MS_REC|MS_PRIVATE): %m\n");
+ exit(1);
+ }
+
+ if (mount(source, source, NULL, MS_BIND, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(%s, %s, MS_BIND): %m\n", source, source);
+ exit(1);
+ }
+
+ setup_pivot_root(source);
+}
+
+/*
+ * Lock down this process to prevent access to other processes or files outside
+ * source directory. This reduces the impact of arbitrary code execution bugs.
+ */
+static void setup_sandbox(struct lo_data *lo)
+{
+ setup_mount_namespace(lo->source);
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2052,6 +2138,7 @@ int main(int argc, char *argv[])
}
lo.root.fd = open(lo.source, O_PATH);
+
if (lo.root.fd == -1) {
fuse_log(FUSE_LOG_ERR, "open(\"%s\", O_PATH): %m\n", lo.source);
exit(1);
@@ -2075,6 +2162,8 @@ int main(int argc, char *argv[])
/* Must be after daemonize to get the right /proc/self/fd */
setup_proc_self_fd(&lo);
+ setup_sandbox(&lo);
+
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);

50
0059-virtiofsd-move-to-an-empty-network-namespace.patch Normal file
View File

@ -0,0 +1,50 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:28 +0000
Subject: [PATCH] virtiofsd: move to an empty network namespace
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the process is compromised there should be no network access. Use an
empty network namespace to sandbox networking.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit d74830d12ae233186ff74ddf64c552d26bb39e50)
---
tools/virtiofsd/passthrough_ll.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 0570453eef..27ab328722 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1944,6 +1944,19 @@ static void print_capabilities(void)
printf("}\n");
}
+/*
+ * Called after our UNIX domain sockets have been created, now we can move to
+ * an empty network namespace to prevent TCP/IP and other network activity in
+ * case this process is compromised.
+ */
+static void setup_net_namespace(void)
+{
+ if (unshare(CLONE_NEWNET) != 0) {
+ fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWNET): %m\n");
+ exit(1);
+ }
+}
+
/* This magic is based on lxc's lxc_pivot_root() */
static void setup_pivot_root(const char *source)
{
@@ -2035,6 +2048,7 @@ static void setup_mount_namespace(const char *source)
*/
static void setup_sandbox(struct lo_data *lo)
{
+ setup_net_namespace();
setup_mount_namespace(lo->source);
}

207
0060-virtiofsd-move-to-a-new-pid-namespace.patch Normal file
View File

@ -0,0 +1,207 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:29 +0000
Subject: [PATCH] virtiofsd: move to a new pid namespace
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd needs access to /proc/self/fd. Let's move to a new pid
namespace so that a compromised process cannot see another other
processes running on the system.
One wrinkle in this approach: unshare(CLONE_NEWPID) affects *child*
processes and not the current process. Therefore we need to fork the
pid 1 process that will actually run virtiofsd and leave a parent in
waitpid(2). This is not the same thing as daemonization and parent
processes should not notice a difference.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 8e1d4ef231d8327be219f7aea7aa15d181375bbc)
---
tools/virtiofsd/passthrough_ll.c | 134 ++++++++++++++++++++-----------
1 file changed, 86 insertions(+), 48 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 27ab328722..0947d14e5b 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -51,7 +51,10 @@
#include <string.h>
#include <sys/file.h>
#include <sys/mount.h>
+#include <sys/prctl.h>
#include <sys/syscall.h>
+#include <sys/types.h>
+#include <sys/wait.h>
#include <sys/xattr.h>
#include <unistd.h>
@@ -1945,24 +1948,95 @@ static void print_capabilities(void)
}
/*
- * Called after our UNIX domain sockets have been created, now we can move to
- * an empty network namespace to prevent TCP/IP and other network activity in
- * case this process is compromised.
+ * Move to a new mount, net, and pid namespaces to isolate this process.
*/
-static void setup_net_namespace(void)
+static void setup_namespaces(struct lo_data *lo, struct fuse_session *se)
{
- if (unshare(CLONE_NEWNET) != 0) {
- fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWNET): %m\n");
+ pid_t child;
+
+ /*
+ * Create a new pid namespace for *child* processes. We'll have to
+ * fork in order to enter the new pid namespace. A new mount namespace
+ * is also needed so that we can remount /proc for the new pid
+ * namespace.
+ *
+ * Our UNIX domain sockets have been created. Now we can move to
+ * an empty network namespace to prevent TCP/IP and other network
+ * activity in case this process is compromised.
+ */
+ if (unshare(CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWNET) != 0) {
+ fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWPID | CLONE_NEWNS): %m\n");
+ exit(1);
+ }
+
+ child = fork();
+ if (child < 0) {
+ fuse_log(FUSE_LOG_ERR, "fork() failed: %m\n");
+ exit(1);
+ }
+ if (child > 0) {
+ pid_t waited;
+ int wstatus;
+
+ /* The parent waits for the child */
+ do {
+ waited = waitpid(child, &wstatus, 0);
+ } while (waited < 0 && errno == EINTR && !se->exited);
+
+ /* We were terminated by a signal, see fuse_signals.c */
+ if (se->exited) {
+ exit(0);
+ }
+
+ if (WIFEXITED(wstatus)) {
+ exit(WEXITSTATUS(wstatus));
+ }
+
+ exit(1);
+ }
+
+ /* Send us SIGTERM when the parent thread terminates, see prctl(2) */
+ prctl(PR_SET_PDEATHSIG, SIGTERM);
+
+ /*
+ * If the mounts have shared propagation then we want to opt out so our
+ * mount changes don't affect the parent mount namespace.
+ */
+ if (mount(NULL, "/", NULL, MS_REC | MS_SLAVE, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(/, MS_REC|MS_SLAVE): %m\n");
+ exit(1);
+ }
+
+ /* The child must remount /proc to use the new pid namespace */
+ if (mount("proc", "/proc", "proc",
+ MS_NODEV | MS_NOEXEC | MS_NOSUID | MS_RELATIME, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(/proc): %m\n");
+ exit(1);
+ }
+
+ /* Now we can get our /proc/self/fd directory file descriptor */
+ lo->proc_self_fd = open("/proc/self/fd", O_PATH);
+ if (lo->proc_self_fd == -1) {
+ fuse_log(FUSE_LOG_ERR, "open(/proc/self/fd, O_PATH): %m\n");
exit(1);
}
}
-/* This magic is based on lxc's lxc_pivot_root() */
-static void setup_pivot_root(const char *source)
+/*
+ * Make the source directory our root so symlinks cannot escape and no other
+ * files are accessible. Assumes unshare(CLONE_NEWNS) was already called.
+ */
+static void setup_mounts(const char *source)
{
int oldroot;
int newroot;
+ if (mount(source, source, NULL, MS_BIND, NULL) < 0) {
+ fuse_log(FUSE_LOG_ERR, "mount(%s, %s, MS_BIND): %m\n", source, source);
+ exit(1);
+ }
+
+ /* This magic is based on lxc's lxc_pivot_root() */
oldroot = open("/", O_DIRECTORY | O_RDONLY | O_CLOEXEC);
if (oldroot < 0) {
fuse_log(FUSE_LOG_ERR, "open(/): %m\n");
@@ -2009,47 +2083,14 @@ static void setup_pivot_root(const char *source)
close(oldroot);
}
-static void setup_proc_self_fd(struct lo_data *lo)
-{
- lo->proc_self_fd = open("/proc/self/fd", O_PATH);
- if (lo->proc_self_fd == -1) {
- fuse_log(FUSE_LOG_ERR, "open(/proc/self/fd, O_PATH): %m\n");
- exit(1);
- }
-}
-
-/*
- * Make the source directory our root so symlinks cannot escape and no other
- * files are accessible.
- */
-static void setup_mount_namespace(const char *source)
-{
- if (unshare(CLONE_NEWNS) != 0) {
- fuse_log(FUSE_LOG_ERR, "unshare(CLONE_NEWNS): %m\n");
- exit(1);
- }
-
- if (mount(NULL, "/", NULL, MS_REC | MS_SLAVE, NULL) < 0) {
- fuse_log(FUSE_LOG_ERR, "mount(/, MS_REC|MS_PRIVATE): %m\n");
- exit(1);
- }
-
- if (mount(source, source, NULL, MS_BIND, NULL) < 0) {
- fuse_log(FUSE_LOG_ERR, "mount(%s, %s, MS_BIND): %m\n", source, source);
- exit(1);
- }
-
- setup_pivot_root(source);
-}
-
/*
* Lock down this process to prevent access to other processes or files outside
* source directory. This reduces the impact of arbitrary code execution bugs.
*/
-static void setup_sandbox(struct lo_data *lo)
+static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
{
- setup_net_namespace();
- setup_mount_namespace(lo->source);
+ setup_namespaces(lo, se);
+ setup_mounts(lo->source);
}
int main(int argc, char *argv[])
@@ -2173,10 +2214,7 @@ int main(int argc, char *argv[])
fuse_daemonize(opts.foreground);
- /* Must be after daemonize to get the right /proc/self/fd */
- setup_proc_self_fd(&lo);
-
- setup_sandbox(&lo);
+ setup_sandbox(&lo, se);
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);

265
0061-virtiofsd-add-seccomp-whitelist.patch Normal file
View File

@ -0,0 +1,265 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:30 +0000
Subject: [PATCH] virtiofsd: add seccomp whitelist
Only allow system calls that are needed by virtiofsd. All other system
calls cause SIGSYS to be directed at the thread and the process will
coredump.
Restricting system calls reduces the kernel attack surface and limits
what the process can do when compromised.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
with additional entries by:
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: piaojun <piaojun@huawei.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 4f8bde99c175ffd86b5125098a4707d43f5e80c6)
---
Makefile | 5 +-
tools/virtiofsd/Makefile.objs | 5 +-
tools/virtiofsd/passthrough_ll.c | 2 +
tools/virtiofsd/seccomp.c | 151 +++++++++++++++++++++++++++++++
tools/virtiofsd/seccomp.h | 14 +++
5 files changed, 174 insertions(+), 3 deletions(-)
create mode 100644 tools/virtiofsd/seccomp.c
create mode 100644 tools/virtiofsd/seccomp.h
diff --git a/Makefile b/Makefile
index aebb57aed8..9a17e34603 100644
--- a/Makefile
+++ b/Makefile
@@ -330,7 +330,7 @@ endif
endif
endif
-ifdef CONFIG_LINUX
+ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP),yy)
HELPERS-y += virtiofsd$(EXESUF)
vhost-user-json-y += tools/virtiofsd/50-qemu-virtiofsd.json
endif
@@ -680,7 +680,8 @@ rdmacm-mux$(EXESUF): LIBS += "-libumad"
rdmacm-mux$(EXESUF): $(rdmacm-mux-obj-y) $(COMMON_LDADDS)
$(call LINK, $^)
-ifdef CONFIG_LINUX # relies on Linux-specific syscalls
+# relies on Linux-specific syscalls
+ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP),yy)
virtiofsd$(EXESUF): $(virtiofsd-obj-y) libvhost-user.a $(COMMON_LDADDS)
$(call LINK, $^)
endif
diff --git a/tools/virtiofsd/Makefile.objs b/tools/virtiofsd/Makefile.objs
index 45a807500d..076f667e46 100644
--- a/tools/virtiofsd/Makefile.objs
+++ b/tools/virtiofsd/Makefile.objs
@@ -5,5 +5,8 @@ virtiofsd-obj-y = buffer.o \
fuse_signals.o \
fuse_virtio.o \
helper.o \
- passthrough_ll.o
+ passthrough_ll.o \
+ seccomp.o
+seccomp.o-cflags := $(SECCOMP_CFLAGS)
+seccomp.o-libs := $(SECCOMP_LIBS)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 0947d14e5b..bd8925bd83 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -59,6 +59,7 @@
#include <unistd.h>
#include "passthrough_helpers.h"
+#include "seccomp.h"
struct lo_map_elem {
union {
@@ -2091,6 +2092,7 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
{
setup_namespaces(lo, se);
setup_mounts(lo->source);
+ setup_seccomp();
}
int main(int argc, char *argv[])
diff --git a/tools/virtiofsd/seccomp.c b/tools/virtiofsd/seccomp.c
new file mode 100644
index 0000000000..691fb63dea
--- /dev/null
+++ b/tools/virtiofsd/seccomp.c
@@ -0,0 +1,151 @@
+/*
+ * Seccomp sandboxing for virtiofsd
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#include "qemu/osdep.h"
+#include "seccomp.h"
+#include "fuse_i.h"
+#include "fuse_log.h"
+#include <errno.h>
+#include <glib.h>
+#include <seccomp.h>
+#include <stdlib.h>
+
+/* Bodge for libseccomp 2.4.2 which broke ppoll */
+#if !defined(__SNR_ppoll) && defined(__SNR_brk)
+#ifdef __NR_ppoll
+#define __SNR_ppoll __NR_ppoll
+#else
+#define __SNR_ppoll __PNR_ppoll
+#endif
+#endif
+
+static const int syscall_whitelist[] = {
+ /* TODO ireg sem*() syscalls */
+ SCMP_SYS(brk),
+ SCMP_SYS(capget), /* For CAP_FSETID */
+ SCMP_SYS(capset),
+ SCMP_SYS(clock_gettime),
+ SCMP_SYS(clone),
+#ifdef __NR_clone3
+ SCMP_SYS(clone3),
+#endif
+ SCMP_SYS(close),
+ SCMP_SYS(copy_file_range),
+ SCMP_SYS(dup),
+ SCMP_SYS(eventfd2),
+ SCMP_SYS(exit),
+ SCMP_SYS(exit_group),
+ SCMP_SYS(fallocate),
+ SCMP_SYS(fchmodat),
+ SCMP_SYS(fchownat),
+ SCMP_SYS(fcntl),
+ SCMP_SYS(fdatasync),
+ SCMP_SYS(fgetxattr),
+ SCMP_SYS(flistxattr),
+ SCMP_SYS(flock),
+ SCMP_SYS(fremovexattr),
+ SCMP_SYS(fsetxattr),
+ SCMP_SYS(fstat),
+ SCMP_SYS(fstatfs),
+ SCMP_SYS(fsync),
+ SCMP_SYS(ftruncate),
+ SCMP_SYS(futex),
+ SCMP_SYS(getdents),
+ SCMP_SYS(getdents64),
+ SCMP_SYS(getegid),
+ SCMP_SYS(geteuid),
+ SCMP_SYS(getpid),
+ SCMP_SYS(gettid),
+ SCMP_SYS(gettimeofday),
+ SCMP_SYS(linkat),
+ SCMP_SYS(lseek),
+ SCMP_SYS(madvise),
+ SCMP_SYS(mkdirat),
+ SCMP_SYS(mknodat),
+ SCMP_SYS(mmap),
+ SCMP_SYS(mprotect),
+ SCMP_SYS(mremap),
+ SCMP_SYS(munmap),
+ SCMP_SYS(newfstatat),
+ SCMP_SYS(open),
+ SCMP_SYS(openat),
+ SCMP_SYS(ppoll),
+ SCMP_SYS(prctl), /* TODO restrict to just PR_SET_NAME? */
+ SCMP_SYS(preadv),
+ SCMP_SYS(pread64),
+ SCMP_SYS(pwritev),
+ SCMP_SYS(pwrite64),
+ SCMP_SYS(read),
+ SCMP_SYS(readlinkat),
+ SCMP_SYS(recvmsg),
+ SCMP_SYS(renameat),
+ SCMP_SYS(renameat2),
+ SCMP_SYS(rt_sigaction),
+ SCMP_SYS(rt_sigprocmask),
+ SCMP_SYS(rt_sigreturn),
+ SCMP_SYS(sendmsg),
+ SCMP_SYS(setresgid),
+ SCMP_SYS(setresuid),
+#ifdef __NR_setresgid32
+ SCMP_SYS(setresgid32),
+#endif
+#ifdef __NR_setresuid32
+ SCMP_SYS(setresuid32),
+#endif
+ SCMP_SYS(set_robust_list),
+ SCMP_SYS(symlinkat),
+ SCMP_SYS(time), /* Rarely needed, except on static builds */
+ SCMP_SYS(tgkill),
+ SCMP_SYS(unlinkat),
+ SCMP_SYS(utimensat),
+ SCMP_SYS(write),
+ SCMP_SYS(writev),
+};
+
+void setup_seccomp(void)
+{
+ scmp_filter_ctx ctx;
+ size_t i;
+
+#ifdef SCMP_ACT_KILL_PROCESS
+ ctx = seccomp_init(SCMP_ACT_KILL_PROCESS);
+ /* Handle a newer libseccomp but an older kernel */
+ if (!ctx && errno == EOPNOTSUPP) {
+ ctx = seccomp_init(SCMP_ACT_TRAP);
+ }
+#else
+ ctx = seccomp_init(SCMP_ACT_TRAP);
+#endif
+ if (!ctx) {
+ fuse_log(FUSE_LOG_ERR, "seccomp_init() failed\n");
+ exit(1);
+ }
+
+ for (i = 0; i < G_N_ELEMENTS(syscall_whitelist); i++) {
+ if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
+ syscall_whitelist[i], 0) != 0) {
+ fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d",
+ syscall_whitelist[i]);
+ exit(1);
+ }
+ }
+
+ /* libvhost-user calls this for post-copy migration, we don't need it */
+ if (seccomp_rule_add(ctx, SCMP_ACT_ERRNO(ENOSYS),
+ SCMP_SYS(userfaultfd), 0) != 0) {
+ fuse_log(FUSE_LOG_ERR, "seccomp_rule_add userfaultfd failed\n");
+ exit(1);
+ }
+
+ if (seccomp_load(ctx) < 0) {
+ fuse_log(FUSE_LOG_ERR, "seccomp_load() failed\n");
+ exit(1);
+ }
+
+ seccomp_release(ctx);
+}
diff --git a/tools/virtiofsd/seccomp.h b/tools/virtiofsd/seccomp.h
new file mode 100644
index 0000000000..86bce72652
--- /dev/null
+++ b/tools/virtiofsd/seccomp.h
@@ -0,0 +1,14 @@
+/*
+ * Seccomp sandboxing for virtiofsd
+ *
+ * Copyright (C) 2019 Red Hat, Inc.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef VIRTIOFSD_SECCOMP_H
+#define VIRTIOFSD_SECCOMP_H
+
+void setup_seccomp(void);
+
+#endif /* VIRTIOFSD_SECCOMP_H */

57
0062-virtiofsd-Parse-flag-FUSE_WRITE_KILL_PRIV.patch Normal file
View File

@ -0,0 +1,57 @@
From: Vivek Goyal <vgoyal@redhat.com>
Date: Mon, 27 Jan 2020 19:01:31 +0000
Subject: [PATCH] virtiofsd: Parse flag FUSE_WRITE_KILL_PRIV
Caller can set FUSE_WRITE_KILL_PRIV in write_flags. Parse it and pass it
to the filesystem.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit f779bc5265e7e7abb13a03d4bfbc74151afc15c2)
---
tools/virtiofsd/fuse_common.h | 6 +++++-
tools/virtiofsd/fuse_lowlevel.c | 4 +++-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/tools/virtiofsd/fuse_common.h b/tools/virtiofsd/fuse_common.h
index f8f6433743..686c42c0a5 100644
--- a/tools/virtiofsd/fuse_common.h
+++ b/tools/virtiofsd/fuse_common.h
@@ -93,8 +93,12 @@ struct fuse_file_info {
*/
unsigned int cache_readdir:1;
+ /* Indicates that suid/sgid bits should be removed upon write */
+ unsigned int kill_priv:1;
+
+
/** Padding. Reserved for future use*/
- unsigned int padding:25;
+ unsigned int padding:24;
unsigned int padding2:32;
/*
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 02e1d83038..2d6dc5a680 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -1142,6 +1142,7 @@ static void do_write(fuse_req_t req, fuse_ino_t nodeid,
memset(&fi, 0, sizeof(fi));
fi.fh = arg->fh;
fi.writepage = (arg->write_flags & FUSE_WRITE_CACHE) != 0;
+ fi.kill_priv = !!(arg->write_flags & FUSE_WRITE_KILL_PRIV);
fi.lock_owner = arg->lock_owner;
fi.flags = arg->flags;
@@ -1177,7 +1178,8 @@ static void do_write_buf(fuse_req_t req, fuse_ino_t nodeid,
fi.lock_owner = arg->lock_owner;
fi.flags = arg->flags;
fi.fh = arg->fh;
- fi.writepage = arg->write_flags & FUSE_WRITE_CACHE;
+ fi.writepage = !!(arg->write_flags & FUSE_WRITE_CACHE);
+ fi.kill_priv = !!(arg->write_flags & FUSE_WRITE_KILL_PRIV);
if (ibufv->count == 1) {
assert(!(tmpbufv.buf[0].flags & FUSE_BUF_IS_FD));

159
0063-virtiofsd-cap-ng-helpers.patch Normal file
View File

@ -0,0 +1,159 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:32 +0000
Subject: [PATCH] virtiofsd: cap-ng helpers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
libcap-ng reads /proc during capng_get_caps_process, and virtiofsd's
sandboxing doesn't have /proc mounted; thus we have to do the
caps read before we sandbox it and save/restore the state.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 2405f3c0d19eb4d516a88aa4e5c54e5f9c6bbea3)
---
Makefile | 4 +-
tools/virtiofsd/passthrough_ll.c | 72 ++++++++++++++++++++++++++++++++
2 files changed, 74 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index 9a17e34603..14793cad11 100644
--- a/Makefile
+++ b/Makefile
@@ -330,7 +330,7 @@ endif
endif
endif
-ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP),yy)
+ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP)$(CONFIG_LIBCAP_NG),yyy)
HELPERS-y += virtiofsd$(EXESUF)
vhost-user-json-y += tools/virtiofsd/50-qemu-virtiofsd.json
endif
@@ -681,7 +681,7 @@ rdmacm-mux$(EXESUF): $(rdmacm-mux-obj-y) $(COMMON_LDADDS)
$(call LINK, $^)
# relies on Linux-specific syscalls
-ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP),yy)
+ifeq ($(CONFIG_LINUX)$(CONFIG_SECCOMP)$(CONFIG_LIBCAP_NG),yyy)
virtiofsd$(EXESUF): $(virtiofsd-obj-y) libvhost-user.a $(COMMON_LDADDS)
$(call LINK, $^)
endif
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index bd8925bd83..97e7c75667 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -39,6 +39,7 @@
#include "fuse_virtio.h"
#include "fuse_lowlevel.h"
#include <assert.h>
+#include <cap-ng.h>
#include <dirent.h>
#include <errno.h>
#include <inttypes.h>
@@ -139,6 +140,13 @@ static const struct fuse_opt lo_opts[] = {
static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
+static struct {
+ pthread_mutex_t mutex;
+ void *saved;
+} cap;
+/* That we loaded cap-ng in the current thread from the saved */
+static __thread bool cap_loaded = 0;
+
static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st);
static int is_dot_or_dotdot(const char *name)
@@ -162,6 +170,37 @@ static struct lo_data *lo_data(fuse_req_t req)
return (struct lo_data *)fuse_req_userdata(req);
}
+/*
+ * Load capng's state from our saved state if the current thread
+ * hadn't previously been loaded.
+ * returns 0 on success
+ */
+static int load_capng(void)
+{
+ if (!cap_loaded) {
+ pthread_mutex_lock(&cap.mutex);
+ capng_restore_state(&cap.saved);
+ /*
+ * restore_state free's the saved copy
+ * so make another.
+ */
+ cap.saved = capng_save_state();
+ if (!cap.saved) {
+ fuse_log(FUSE_LOG_ERR, "capng_save_state (thread)\n");
+ return -EINVAL;
+ }
+ pthread_mutex_unlock(&cap.mutex);
+
+ /*
+ * We want to use the loaded state for our pid,
+ * not the original
+ */
+ capng_setpid(syscall(SYS_gettid));
+ cap_loaded = true;
+ }
+ return 0;
+}
+
static void lo_map_init(struct lo_map *map)
{
map->elems = NULL;
@@ -2023,6 +2062,35 @@ static void setup_namespaces(struct lo_data *lo, struct fuse_session *se)
}
}
+/*
+ * Capture the capability state, we'll need to restore this for individual
+ * threads later; see load_capng.
+ */
+static void setup_capng(void)
+{
+ /* Note this accesses /proc so has to happen before the sandbox */
+ if (capng_get_caps_process()) {
+ fuse_log(FUSE_LOG_ERR, "capng_get_caps_process\n");
+ exit(1);
+ }
+ pthread_mutex_init(&cap.mutex, NULL);
+ pthread_mutex_lock(&cap.mutex);
+ cap.saved = capng_save_state();
+ if (!cap.saved) {
+ fuse_log(FUSE_LOG_ERR, "capng_save_state\n");
+ exit(1);
+ }
+ pthread_mutex_unlock(&cap.mutex);
+}
+
+static void cleanup_capng(void)
+{
+ free(cap.saved);
+ cap.saved = NULL;
+ pthread_mutex_destroy(&cap.mutex);
+}
+
+
/*
* Make the source directory our root so symlinks cannot escape and no other
* files are accessible. Assumes unshare(CLONE_NEWNS) was already called.
@@ -2216,12 +2284,16 @@ int main(int argc, char *argv[])
fuse_daemonize(opts.foreground);
+ /* Must be before sandbox since it wants /proc */
+ setup_capng();
+
setup_sandbox(&lo, se);
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);
fuse_session_unmount(se);
+ cleanup_capng();
err_out3:
fuse_remove_signal_handlers(se);
err_out2:

156
0064-virtiofsd-Drop-CAP_FSETID-if-client-asked-for-it.patch Normal file
View File

@ -0,0 +1,156 @@
From: Vivek Goyal <vgoyal@redhat.com>
Date: Mon, 27 Jan 2020 19:01:33 +0000
Subject: [PATCH] virtiofsd: Drop CAP_FSETID if client asked for it
If client requested killing setuid/setgid bits on file being written, drop
CAP_FSETID capability so that setuid/setgid bits are cleared upon write
automatically.
pjdfstest chown/12.t needs this.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
dgilbert: reworked for libcap-ng
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Reviewed-by: Sergio Lopez <slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit ee88465224b3aed2596049caa28f86cbe0d5a3d0)
---
tools/virtiofsd/passthrough_ll.c | 105 +++++++++++++++++++++++++++++++
1 file changed, 105 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 97e7c75667..d53cb1e005 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -201,6 +201,91 @@ static int load_capng(void)
return 0;
}
+/*
+ * Helpers for dropping and regaining effective capabilities. Returns 0
+ * on success, error otherwise
+ */
+static int drop_effective_cap(const char *cap_name, bool *cap_dropped)
+{
+ int cap, ret;
+
+ cap = capng_name_to_capability(cap_name);
+ if (cap < 0) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "capng_name_to_capability(%s) failed:%s\n",
+ cap_name, strerror(errno));
+ goto out;
+ }
+
+ if (load_capng()) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "load_capng() failed\n");
+ goto out;
+ }
+
+ /* We dont have this capability in effective set already. */
+ if (!capng_have_capability(CAPNG_EFFECTIVE, cap)) {
+ ret = 0;
+ goto out;
+ }
+
+ if (capng_update(CAPNG_DROP, CAPNG_EFFECTIVE, cap)) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "capng_update(DROP,) failed\n");
+ goto out;
+ }
+
+ if (capng_apply(CAPNG_SELECT_CAPS)) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "drop:capng_apply() failed\n");
+ goto out;
+ }
+
+ ret = 0;
+ if (cap_dropped) {
+ *cap_dropped = true;
+ }
+
+out:
+ return ret;
+}
+
+static int gain_effective_cap(const char *cap_name)
+{
+ int cap;
+ int ret = 0;
+
+ cap = capng_name_to_capability(cap_name);
+ if (cap < 0) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "capng_name_to_capability(%s) failed:%s\n",
+ cap_name, strerror(errno));
+ goto out;
+ }
+
+ if (load_capng()) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "load_capng() failed\n");
+ goto out;
+ }
+
+ if (capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, cap)) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "capng_update(ADD,) failed\n");
+ goto out;
+ }
+
+ if (capng_apply(CAPNG_SELECT_CAPS)) {
+ ret = errno;
+ fuse_log(FUSE_LOG_ERR, "gain:capng_apply() failed\n");
+ goto out;
+ }
+ ret = 0;
+
+out:
+ return ret;
+}
+
static void lo_map_init(struct lo_map *map)
{
map->elems = NULL;
@@ -1577,6 +1662,7 @@ static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
(void)ino;
ssize_t res;
struct fuse_bufvec out_buf = FUSE_BUFVEC_INIT(fuse_buf_size(in_buf));
+ bool cap_fsetid_dropped = false;
out_buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK;
out_buf.buf[0].fd = lo_fi_fd(req, fi);
@@ -1588,12 +1674,31 @@ static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
out_buf.buf[0].size, (unsigned long)off);
}
+ /*
+ * If kill_priv is set, drop CAP_FSETID which should lead to kernel
+ * clearing setuid/setgid on file.
+ */
+ if (fi->kill_priv) {
+ res = drop_effective_cap("FSETID", &cap_fsetid_dropped);
+ if (res != 0) {
+ fuse_reply_err(req, res);
+ return;
+ }
+ }
+
res = fuse_buf_copy(&out_buf, in_buf);
if (res < 0) {
fuse_reply_err(req, -res);
} else {
fuse_reply_write(req, (size_t)res);
}
+
+ if (cap_fsetid_dropped) {
+ res = gain_effective_cap("FSETID");
+ if (res) {
+ fuse_log(FUSE_LOG_ERR, "Failed to gain CAP_FSETID\n");
+ }
+ }
}
static void lo_statfs(fuse_req_t req, fuse_ino_t ino)

77
0065-virtiofsd-set-maximum-RLIMIT_NOFILE-limit.patch Normal file
View File

@ -0,0 +1,77 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:34 +0000
Subject: [PATCH] virtiofsd: set maximum RLIMIT_NOFILE limit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd can exceed the default open file descriptor limit easily on
most systems. Take advantage of the fact that it runs as root to raise
the limit.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 01a6dc95ec7f71eeff9963fe3cb03d85225fba3e)
---
tools/virtiofsd/passthrough_ll.c | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index d53cb1e005..c281d817af 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -53,6 +53,7 @@
#include <sys/file.h>
#include <sys/mount.h>
#include <sys/prctl.h>
+#include <sys/resource.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <sys/wait.h>
@@ -2268,6 +2269,35 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
setup_seccomp();
}
+/* Raise the maximum number of open file descriptors */
+static void setup_nofile_rlimit(void)
+{
+ const rlim_t max_fds = 1000000;
+ struct rlimit rlim;
+
+ if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
+ fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
+ exit(1);
+ }
+
+ if (rlim.rlim_cur >= max_fds) {
+ return; /* nothing to do */
+ }
+
+ rlim.rlim_cur = max_fds;
+ rlim.rlim_max = max_fds;
+
+ if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) {
+ /* Ignore SELinux denials */
+ if (errno == EPERM) {
+ return;
+ }
+
+ fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n");
+ exit(1);
+ }
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2389,6 +2419,8 @@ int main(int argc, char *argv[])
fuse_daemonize(opts.foreground);
+ setup_nofile_rlimit();
+
/* Must be before sandbox since it wants /proc */
setup_capng();

306
0066-virtiofsd-fix-libfuse-information-leaks.patch Normal file
View File

@ -0,0 +1,306 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:35 +0000
Subject: [PATCH] virtiofsd: fix libfuse information leaks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Some FUSE message replies contain padding fields that are not
initialized by libfuse. This is fine in traditional FUSE applications
because the kernel is trusted. virtiofsd does not trust the guest and
must not expose uninitialized memory.
Use C struct initializers to automatically zero out memory. Not all of
these code changes are strictly necessary but they will prevent future
information leaks if the structs are extended.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 3db2876a0153ac7103c077c53090e020faffb3ea)
---
tools/virtiofsd/fuse_lowlevel.c | 150 ++++++++++++++++----------------
1 file changed, 76 insertions(+), 74 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 2d6dc5a680..6ceb33d913 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -44,21 +44,23 @@ static __attribute__((constructor)) void fuse_ll_init_pagesize(void)
static void convert_stat(const struct stat *stbuf, struct fuse_attr *attr)
{
- attr->ino = stbuf->st_ino;
- attr->mode = stbuf->st_mode;
- attr->nlink = stbuf->st_nlink;
- attr->uid = stbuf->st_uid;
- attr->gid = stbuf->st_gid;
- attr->rdev = stbuf->st_rdev;
- attr->size = stbuf->st_size;
- attr->blksize = stbuf->st_blksize;
- attr->blocks = stbuf->st_blocks;
- attr->atime = stbuf->st_atime;
- attr->mtime = stbuf->st_mtime;
- attr->ctime = stbuf->st_ctime;
- attr->atimensec = ST_ATIM_NSEC(stbuf);
- attr->mtimensec = ST_MTIM_NSEC(stbuf);
- attr->ctimensec = ST_CTIM_NSEC(stbuf);
+ *attr = (struct fuse_attr){
+ .ino = stbuf->st_ino,
+ .mode = stbuf->st_mode,
+ .nlink = stbuf->st_nlink,
+ .uid = stbuf->st_uid,
+ .gid = stbuf->st_gid,
+ .rdev = stbuf->st_rdev,
+ .size = stbuf->st_size,
+ .blksize = stbuf->st_blksize,
+ .blocks = stbuf->st_blocks,
+ .atime = stbuf->st_atime,
+ .mtime = stbuf->st_mtime,
+ .ctime = stbuf->st_ctime,
+ .atimensec = ST_ATIM_NSEC(stbuf),
+ .mtimensec = ST_MTIM_NSEC(stbuf),
+ .ctimensec = ST_CTIM_NSEC(stbuf),
+ };
}
static void convert_attr(const struct fuse_setattr_in *attr, struct stat *stbuf)
@@ -183,16 +185,16 @@ static int fuse_send_msg(struct fuse_session *se, struct fuse_chan *ch,
int fuse_send_reply_iov_nofree(fuse_req_t req, int error, struct iovec *iov,
int count)
{
- struct fuse_out_header out;
+ struct fuse_out_header out = {
+ .unique = req->unique,
+ .error = error,
+ };
if (error <= -1000 || error > 0) {
fuse_log(FUSE_LOG_ERR, "fuse: bad error value: %i\n", error);
error = -ERANGE;
}
- out.unique = req->unique;
- out.error = error;
-
iov[0].iov_base = &out;
iov[0].iov_len = sizeof(struct fuse_out_header);
@@ -277,14 +279,16 @@ size_t fuse_add_direntry(fuse_req_t req, char *buf, size_t bufsize,
static void convert_statfs(const struct statvfs *stbuf,
struct fuse_kstatfs *kstatfs)
{
- kstatfs->bsize = stbuf->f_bsize;
- kstatfs->frsize = stbuf->f_frsize;
- kstatfs->blocks = stbuf->f_blocks;
- kstatfs->bfree = stbuf->f_bfree;
- kstatfs->bavail = stbuf->f_bavail;
- kstatfs->files = stbuf->f_files;
- kstatfs->ffree = stbuf->f_ffree;
- kstatfs->namelen = stbuf->f_namemax;
+ *kstatfs = (struct fuse_kstatfs){
+ .bsize = stbuf->f_bsize,
+ .frsize = stbuf->f_frsize,
+ .blocks = stbuf->f_blocks,
+ .bfree = stbuf->f_bfree,
+ .bavail = stbuf->f_bavail,
+ .files = stbuf->f_files,
+ .ffree = stbuf->f_ffree,
+ .namelen = stbuf->f_namemax,
+ };
}
static int send_reply_ok(fuse_req_t req, const void *arg, size_t argsize)
@@ -328,12 +332,14 @@ static unsigned int calc_timeout_nsec(double t)
static void fill_entry(struct fuse_entry_out *arg,
const struct fuse_entry_param *e)
{
- arg->nodeid = e->ino;
- arg->generation = e->generation;
- arg->entry_valid = calc_timeout_sec(e->entry_timeout);
- arg->entry_valid_nsec = calc_timeout_nsec(e->entry_timeout);
- arg->attr_valid = calc_timeout_sec(e->attr_timeout);
- arg->attr_valid_nsec = calc_timeout_nsec(e->attr_timeout);
+ *arg = (struct fuse_entry_out){
+ .nodeid = e->ino,
+ .generation = e->generation,
+ .entry_valid = calc_timeout_sec(e->entry_timeout),
+ .entry_valid_nsec = calc_timeout_nsec(e->entry_timeout),
+ .attr_valid = calc_timeout_sec(e->attr_timeout),
+ .attr_valid_nsec = calc_timeout_nsec(e->attr_timeout),
+ };
convert_stat(&e->attr, &arg->attr);
}
@@ -362,10 +368,12 @@ size_t fuse_add_direntry_plus(fuse_req_t req, char *buf, size_t bufsize,
fill_entry(&dp->entry_out, e);
struct fuse_dirent *dirent = &dp->dirent;
- dirent->ino = e->attr.st_ino;
- dirent->off = off;
- dirent->namelen = namelen;
- dirent->type = (e->attr.st_mode & S_IFMT) >> 12;
+ *dirent = (struct fuse_dirent){
+ .ino = e->attr.st_ino,
+ .off = off,
+ .namelen = namelen,
+ .type = (e->attr.st_mode & S_IFMT) >> 12,
+ };
memcpy(dirent->name, name, namelen);
memset(dirent->name + namelen, 0, entlen_padded - entlen);
@@ -496,15 +504,14 @@ static int fuse_send_data_iov(struct fuse_session *se, struct fuse_chan *ch,
int fuse_reply_data(fuse_req_t req, struct fuse_bufvec *bufv)
{
struct iovec iov[2];
- struct fuse_out_header out;
+ struct fuse_out_header out = {
+ .unique = req->unique,
+ };
int res;
iov[0].iov_base = &out;
iov[0].iov_len = sizeof(struct fuse_out_header);
- out.unique = req->unique;
- out.error = 0;
-
res = fuse_send_data_iov(req->se, req->ch, iov, 1, bufv);
if (res <= 0) {
fuse_free_req(req);
@@ -2145,14 +2152,14 @@ static void do_destroy(fuse_req_t req, fuse_ino_t nodeid,
static int send_notify_iov(struct fuse_session *se, int notify_code,
struct iovec *iov, int count)
{
- struct fuse_out_header out;
+ struct fuse_out_header out = {
+ .error = notify_code,
+ };
if (!se->got_init) {
return -ENOTCONN;
}
- out.unique = 0;
- out.error = notify_code;
iov[0].iov_base = &out;
iov[0].iov_len = sizeof(struct fuse_out_header);
@@ -2162,11 +2169,11 @@ static int send_notify_iov(struct fuse_session *se, int notify_code,
int fuse_lowlevel_notify_poll(struct fuse_pollhandle *ph)
{
if (ph != NULL) {
- struct fuse_notify_poll_wakeup_out outarg;
+ struct fuse_notify_poll_wakeup_out outarg = {
+ .kh = ph->kh,
+ };
struct iovec iov[2];
- outarg.kh = ph->kh;
-
iov[1].iov_base = &outarg;
iov[1].iov_len = sizeof(outarg);
@@ -2179,17 +2186,17 @@ int fuse_lowlevel_notify_poll(struct fuse_pollhandle *ph)
int fuse_lowlevel_notify_inval_inode(struct fuse_session *se, fuse_ino_t ino,
off_t off, off_t len)
{
- struct fuse_notify_inval_inode_out outarg;
+ struct fuse_notify_inval_inode_out outarg = {
+ .ino = ino,
+ .off = off,
+ .len = len,
+ };
struct iovec iov[2];
if (!se) {
return -EINVAL;
}
- outarg.ino = ino;
- outarg.off = off;
- outarg.len = len;
-
iov[1].iov_base = &outarg;
iov[1].iov_len = sizeof(outarg);
@@ -2199,17 +2206,16 @@ int fuse_lowlevel_notify_inval_inode(struct fuse_session *se, fuse_ino_t ino,
int fuse_lowlevel_notify_inval_entry(struct fuse_session *se, fuse_ino_t parent,
const char *name, size_t namelen)
{
- struct fuse_notify_inval_entry_out outarg;
+ struct fuse_notify_inval_entry_out outarg = {
+ .parent = parent,
+ .namelen = namelen,
+ };
struct iovec iov[3];
if (!se) {
return -EINVAL;
}
- outarg.parent = parent;
- outarg.namelen = namelen;
- outarg.padding = 0;
-
iov[1].iov_base = &outarg;
iov[1].iov_len = sizeof(outarg);
iov[2].iov_base = (void *)name;
@@ -2222,18 +2228,17 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
fuse_ino_t child, const char *name,
size_t namelen)
{
- struct fuse_notify_delete_out outarg;
+ struct fuse_notify_delete_out outarg = {
+ .parent = parent,
+ .child = child,
+ .namelen = namelen,
+ };
struct iovec iov[3];
if (!se) {
return -EINVAL;
}
- outarg.parent = parent;
- outarg.child = child;
- outarg.namelen = namelen;
- outarg.padding = 0;
-
iov[1].iov_base = &outarg;
iov[1].iov_len = sizeof(outarg);
iov[2].iov_base = (void *)name;
@@ -2245,24 +2250,21 @@ int fuse_lowlevel_notify_delete(struct fuse_session *se, fuse_ino_t parent,
int fuse_lowlevel_notify_store(struct fuse_session *se, fuse_ino_t ino,
off_t offset, struct fuse_bufvec *bufv)
{
- struct fuse_out_header out;
- struct fuse_notify_store_out outarg;
+ struct fuse_out_header out = {
+ .error = FUSE_NOTIFY_STORE,
+ };
+ struct fuse_notify_store_out outarg = {
+ .nodeid = ino,
+ .offset = offset,
+ .size = fuse_buf_size(bufv),
+ };
struct iovec iov[3];
- size_t size = fuse_buf_size(bufv);
int res;
if (!se) {
return -EINVAL;
}
- out.unique = 0;
- out.error = FUSE_NOTIFY_STORE;
-
- outarg.nodeid = ino;
- outarg.offset = offset;
- outarg.size = size;
- outarg.padding = 0;
-
iov[0].iov_base = &out;
iov[0].iov_len = sizeof(out);
iov[1].iov_base = &outarg;

223
0067-virtiofsd-add-syslog-command-line-option.patch Normal file
View File

@ -0,0 +1,223 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:01:36 +0000
Subject: [PATCH] virtiofsd: add --syslog command-line option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sometimes collecting output from stderr is inconvenient or does not fit
within the overall logging architecture. Add syslog(3) support for
cases where stderr cannot be used.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
dgilbert: Reworked as a logging function
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit f185621d41f03a23b55795b89e6584253fa23505)
---
tools/virtiofsd/fuse_lowlevel.h | 1 +
tools/virtiofsd/helper.c | 2 ++
tools/virtiofsd/passthrough_ll.c | 50 ++++++++++++++++++++++++++++++--
tools/virtiofsd/seccomp.c | 32 ++++++++++++++------
tools/virtiofsd/seccomp.h | 4 ++-
5 files changed, 76 insertions(+), 13 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index 0d61df8110..f2750bc189 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1795,6 +1795,7 @@ struct fuse_cmdline_opts {
int show_version;
int show_help;
int print_capabilities;
+ int syslog;
unsigned int max_idle_threads;
};
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 5531425223..9692ef9f1f 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -54,6 +54,7 @@ static const struct fuse_opt fuse_helper_opts[] = {
FUSE_HELPER_OPT("subtype=", nodefault_subtype),
FUSE_OPT_KEY("subtype=", FUSE_OPT_KEY_KEEP),
FUSE_HELPER_OPT("max_idle_threads=%u", max_idle_threads),
+ FUSE_HELPER_OPT("--syslog", syslog),
FUSE_OPT_END
};
@@ -138,6 +139,7 @@ void fuse_cmdline_help(void)
" -V --version print version\n"
" --print-capabilities print vhost-user.json\n"
" -d -o debug enable debug output (implies -f)\n"
+ " --syslog log to syslog (default stderr)\n"
" -f foreground operation\n"
" --daemonize run in background\n"
" -o max_idle_threads the maximum number of idle worker "
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index c281d817af..0372aca143 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -58,6 +58,7 @@
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/xattr.h>
+#include <syslog.h>
#include <unistd.h>
#include "passthrough_helpers.h"
@@ -138,6 +139,7 @@ static const struct fuse_opt lo_opts[] = {
{ "norace", offsetof(struct lo_data, norace), 1 },
FUSE_OPT_END
};
+static bool use_syslog = false;
static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
@@ -2262,11 +2264,12 @@ static void setup_mounts(const char *source)
* Lock down this process to prevent access to other processes or files outside
* source directory. This reduces the impact of arbitrary code execution bugs.
*/
-static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
+static void setup_sandbox(struct lo_data *lo, struct fuse_session *se,
+ bool enable_syslog)
{
setup_namespaces(lo, se);
setup_mounts(lo->source);
- setup_seccomp();
+ setup_seccomp(enable_syslog);
}
/* Raise the maximum number of open file descriptors */
@@ -2298,6 +2301,42 @@ static void setup_nofile_rlimit(void)
}
}
+static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
+{
+ if (use_syslog) {
+ int priority = LOG_ERR;
+ switch (level) {
+ case FUSE_LOG_EMERG:
+ priority = LOG_EMERG;
+ break;
+ case FUSE_LOG_ALERT:
+ priority = LOG_ALERT;
+ break;
+ case FUSE_LOG_CRIT:
+ priority = LOG_CRIT;
+ break;
+ case FUSE_LOG_ERR:
+ priority = LOG_ERR;
+ break;
+ case FUSE_LOG_WARNING:
+ priority = LOG_WARNING;
+ break;
+ case FUSE_LOG_NOTICE:
+ priority = LOG_NOTICE;
+ break;
+ case FUSE_LOG_INFO:
+ priority = LOG_INFO;
+ break;
+ case FUSE_LOG_DEBUG:
+ priority = LOG_DEBUG;
+ break;
+ }
+ vsyslog(priority, fmt, ap);
+ } else {
+ vfprintf(stderr, fmt, ap);
+ }
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2336,6 +2375,11 @@ int main(int argc, char *argv[])
if (fuse_parse_cmdline(&args, &opts) != 0) {
return 1;
}
+ fuse_set_log_func(log_func);
+ use_syslog = opts.syslog;
+ if (use_syslog) {
+ openlog("virtiofsd", LOG_PID, LOG_DAEMON);
+ }
if (opts.show_help) {
printf("usage: %s [options]\n\n", argv[0]);
fuse_cmdline_help();
@@ -2424,7 +2468,7 @@ int main(int argc, char *argv[])
/* Must be before sandbox since it wants /proc */
setup_capng();
- setup_sandbox(&lo, se);
+ setup_sandbox(&lo, se, opts.syslog);
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);
diff --git a/tools/virtiofsd/seccomp.c b/tools/virtiofsd/seccomp.c
index 691fb63dea..2d9d4a7ec0 100644
--- a/tools/virtiofsd/seccomp.c
+++ b/tools/virtiofsd/seccomp.c
@@ -107,11 +107,28 @@ static const int syscall_whitelist[] = {
SCMP_SYS(writev),
};
-void setup_seccomp(void)
+/* Syscalls used when --syslog is enabled */
+static const int syscall_whitelist_syslog[] = {
+ SCMP_SYS(sendto),
+};
+
+static void add_whitelist(scmp_filter_ctx ctx, const int syscalls[], size_t len)
{
- scmp_filter_ctx ctx;
size_t i;
+ for (i = 0; i < len; i++) {
+ if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, syscalls[i], 0) != 0) {
+ fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d failed\n",
+ syscalls[i]);
+ exit(1);
+ }
+ }
+}
+
+void setup_seccomp(bool enable_syslog)
+{
+ scmp_filter_ctx ctx;
+
#ifdef SCMP_ACT_KILL_PROCESS
ctx = seccomp_init(SCMP_ACT_KILL_PROCESS);
/* Handle a newer libseccomp but an older kernel */
@@ -126,13 +143,10 @@ void setup_seccomp(void)
exit(1);
}
- for (i = 0; i < G_N_ELEMENTS(syscall_whitelist); i++) {
- if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW,
- syscall_whitelist[i], 0) != 0) {
- fuse_log(FUSE_LOG_ERR, "seccomp_rule_add syscall %d",
- syscall_whitelist[i]);
- exit(1);
- }
+ add_whitelist(ctx, syscall_whitelist, G_N_ELEMENTS(syscall_whitelist));
+ if (enable_syslog) {
+ add_whitelist(ctx, syscall_whitelist_syslog,
+ G_N_ELEMENTS(syscall_whitelist_syslog));
}
/* libvhost-user calls this for post-copy migration, we don't need it */
diff --git a/tools/virtiofsd/seccomp.h b/tools/virtiofsd/seccomp.h
index 86bce72652..d47c8eade6 100644
--- a/tools/virtiofsd/seccomp.h
+++ b/tools/virtiofsd/seccomp.h
@@ -9,6 +9,8 @@
#ifndef VIRTIOFSD_SECCOMP_H
#define VIRTIOFSD_SECCOMP_H
-void setup_seccomp(void);
+#include <stdbool.h>
+
+void setup_seccomp(bool enable_syslog);
#endif /* VIRTIOFSD_SECCOMP_H */

451
0068-virtiofsd-print-log-only-when-priority-is-high-enoug.patch Normal file
View File

@ -0,0 +1,451 @@
From: Eryu Guan <eguan@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:37 +0000
Subject: [PATCH] virtiofsd: print log only when priority is high enough
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Introduce "-o log_level=" command line option to specify current log
level (priority), valid values are "debug info warn err", e.g.
./virtiofsd -o log_level=debug ...
So only log priority higher than "debug" will be printed to
stderr/syslog. And the default level is info.
The "-o debug"/"-d" options are kept, and imply debug log level.
Signed-off-by: Eryu Guan <eguan@linux.alibaba.com>
dgilbert: Reworked for libfuse's log_func
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
with fix by:
Signed-off-by: Xiao Yang <yangx.jy@cn.fujitsu.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit d240314a1a18a1d914af1b5763fe8c9a572e6409)
---
tools/virtiofsd/fuse_lowlevel.c | 75 ++++++++------------
tools/virtiofsd/fuse_lowlevel.h | 1 +
tools/virtiofsd/helper.c | 8 ++-
tools/virtiofsd/passthrough_ll.c | 118 +++++++++++++------------------
4 files changed, 87 insertions(+), 115 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 6ceb33d913..a7a19685b5 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -158,19 +158,17 @@ static int fuse_send_msg(struct fuse_session *se, struct fuse_chan *ch,
struct fuse_out_header *out = iov[0].iov_base;
out->len = iov_length(iov, count);
- if (se->debug) {
- if (out->unique == 0) {
- fuse_log(FUSE_LOG_DEBUG, "NOTIFY: code=%d length=%u\n", out->error,
- out->len);
- } else if (out->error) {
- fuse_log(FUSE_LOG_DEBUG,
- " unique: %llu, error: %i (%s), outsize: %i\n",
- (unsigned long long)out->unique, out->error,
- strerror(-out->error), out->len);
- } else {
- fuse_log(FUSE_LOG_DEBUG, " unique: %llu, success, outsize: %i\n",
- (unsigned long long)out->unique, out->len);
- }
+ if (out->unique == 0) {
+ fuse_log(FUSE_LOG_DEBUG, "NOTIFY: code=%d length=%u\n", out->error,
+ out->len);
+ } else if (out->error) {
+ fuse_log(FUSE_LOG_DEBUG,
+ " unique: %llu, error: %i (%s), outsize: %i\n",
+ (unsigned long long)out->unique, out->error,
+ strerror(-out->error), out->len);
+ } else {
+ fuse_log(FUSE_LOG_DEBUG, " unique: %llu, success, outsize: %i\n",
+ (unsigned long long)out->unique, out->len);
}
if (fuse_lowlevel_is_virtio(se)) {
@@ -1662,10 +1660,8 @@ static void do_interrupt(fuse_req_t req, fuse_ino_t nodeid,
return;
}
- if (se->debug) {
- fuse_log(FUSE_LOG_DEBUG, "INTERRUPT: %llu\n",
- (unsigned long long)arg->unique);
- }
+ fuse_log(FUSE_LOG_DEBUG, "INTERRUPT: %llu\n",
+ (unsigned long long)arg->unique);
req->u.i.unique = arg->unique;
@@ -1901,13 +1897,10 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid,
}
}
- if (se->debug) {
- fuse_log(FUSE_LOG_DEBUG, "INIT: %u.%u\n", arg->major, arg->minor);
- if (arg->major == 7 && arg->minor >= 6) {
- fuse_log(FUSE_LOG_DEBUG, "flags=0x%08x\n", arg->flags);
- fuse_log(FUSE_LOG_DEBUG, "max_readahead=0x%08x\n",
- arg->max_readahead);
- }
+ fuse_log(FUSE_LOG_DEBUG, "INIT: %u.%u\n", arg->major, arg->minor);
+ if (arg->major == 7 && arg->minor >= 6) {
+ fuse_log(FUSE_LOG_DEBUG, "flags=0x%08x\n", arg->flags);
+ fuse_log(FUSE_LOG_DEBUG, "max_readahead=0x%08x\n", arg->max_readahead);
}
se->conn.proto_major = arg->major;
se->conn.proto_minor = arg->minor;
@@ -2116,19 +2109,14 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid,
outarg.congestion_threshold = se->conn.congestion_threshold;
outarg.time_gran = se->conn.time_gran;
- if (se->debug) {
- fuse_log(FUSE_LOG_DEBUG, " INIT: %u.%u\n", outarg.major,
- outarg.minor);
- fuse_log(FUSE_LOG_DEBUG, " flags=0x%08x\n", outarg.flags);
- fuse_log(FUSE_LOG_DEBUG, " max_readahead=0x%08x\n",
- outarg.max_readahead);
- fuse_log(FUSE_LOG_DEBUG, " max_write=0x%08x\n", outarg.max_write);
- fuse_log(FUSE_LOG_DEBUG, " max_background=%i\n",
- outarg.max_background);
- fuse_log(FUSE_LOG_DEBUG, " congestion_threshold=%i\n",
- outarg.congestion_threshold);
- fuse_log(FUSE_LOG_DEBUG, " time_gran=%u\n", outarg.time_gran);
- }
+ fuse_log(FUSE_LOG_DEBUG, " INIT: %u.%u\n", outarg.major, outarg.minor);
+ fuse_log(FUSE_LOG_DEBUG, " flags=0x%08x\n", outarg.flags);
+ fuse_log(FUSE_LOG_DEBUG, " max_readahead=0x%08x\n", outarg.max_readahead);
+ fuse_log(FUSE_LOG_DEBUG, " max_write=0x%08x\n", outarg.max_write);
+ fuse_log(FUSE_LOG_DEBUG, " max_background=%i\n", outarg.max_background);
+ fuse_log(FUSE_LOG_DEBUG, " congestion_threshold=%i\n",
+ outarg.congestion_threshold);
+ fuse_log(FUSE_LOG_DEBUG, " time_gran=%u\n", outarg.time_gran);
send_reply_ok(req, &outarg, outargsize);
}
@@ -2407,14 +2395,11 @@ void fuse_session_process_buf_int(struct fuse_session *se,
in = fuse_mbuf_iter_advance(&iter, sizeof(*in));
assert(in); /* caller guarantees the input buffer is large enough */
- if (se->debug) {
- fuse_log(FUSE_LOG_DEBUG,
- "unique: %llu, opcode: %s (%i), nodeid: %llu, insize: %zu, "
- "pid: %u\n",
- (unsigned long long)in->unique,
- opname((enum fuse_opcode)in->opcode), in->opcode,
- (unsigned long long)in->nodeid, buf->size, in->pid);
- }
+ fuse_log(
+ FUSE_LOG_DEBUG,
+ "unique: %llu, opcode: %s (%i), nodeid: %llu, insize: %zu, pid: %u\n",
+ (unsigned long long)in->unique, opname((enum fuse_opcode)in->opcode),
+ in->opcode, (unsigned long long)in->nodeid, buf->size, in->pid);
req = fuse_ll_alloc_req(se);
if (req == NULL) {
diff --git a/tools/virtiofsd/fuse_lowlevel.h b/tools/virtiofsd/fuse_lowlevel.h
index f2750bc189..138041e5f1 100644
--- a/tools/virtiofsd/fuse_lowlevel.h
+++ b/tools/virtiofsd/fuse_lowlevel.h
@@ -1796,6 +1796,7 @@ struct fuse_cmdline_opts {
int show_help;
int print_capabilities;
int syslog;
+ int log_level;
unsigned int max_idle_threads;
};
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 9692ef9f1f..6d50a46a7e 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -34,7 +34,6 @@
t, offsetof(struct fuse_cmdline_opts, p), v \
}
-
static const struct fuse_opt fuse_helper_opts[] = {
FUSE_HELPER_OPT("-h", show_help),
FUSE_HELPER_OPT("--help", show_help),
@@ -55,6 +54,10 @@ static const struct fuse_opt fuse_helper_opts[] = {
FUSE_OPT_KEY("subtype=", FUSE_OPT_KEY_KEEP),
FUSE_HELPER_OPT("max_idle_threads=%u", max_idle_threads),
FUSE_HELPER_OPT("--syslog", syslog),
+ FUSE_HELPER_OPT_VALUE("log_level=debug", log_level, FUSE_LOG_DEBUG),
+ FUSE_HELPER_OPT_VALUE("log_level=info", log_level, FUSE_LOG_INFO),
+ FUSE_HELPER_OPT_VALUE("log_level=warn", log_level, FUSE_LOG_WARNING),
+ FUSE_HELPER_OPT_VALUE("log_level=err", log_level, FUSE_LOG_ERR),
FUSE_OPT_END
};
@@ -142,6 +145,9 @@ void fuse_cmdline_help(void)
" --syslog log to syslog (default stderr)\n"
" -f foreground operation\n"
" --daemonize run in background\n"
+ " -o log_level=<level> log level, default to \"info\"\n"
+ " level could be one of \"debug, "
+ "info, warn, err\"\n"
" -o max_idle_threads the maximum number of idle worker "
"threads\n"
" allowed (default: 10)\n"
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 0372aca143..ff6910fd73 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -37,6 +37,7 @@
#include "qemu/osdep.h"
#include "fuse_virtio.h"
+#include "fuse_log.h"
#include "fuse_lowlevel.h"
#include <assert.h>
#include <cap-ng.h>
@@ -140,6 +141,7 @@ static const struct fuse_opt lo_opts[] = {
FUSE_OPT_END
};
static bool use_syslog = false;
+static int current_log_level;
static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
@@ -458,11 +460,6 @@ static int lo_fd(fuse_req_t req, fuse_ino_t ino)
return inode ? inode->fd : -1;
}
-static bool lo_debug(fuse_req_t req)
-{
- return lo_data(req)->debug != 0;
-}
-
static void lo_init(void *userdata, struct fuse_conn_info *conn)
{
struct lo_data *lo = (struct lo_data *)userdata;
@@ -472,15 +469,11 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
}
if (lo->writeback && conn->capable & FUSE_CAP_WRITEBACK_CACHE) {
- if (lo->debug) {
- fuse_log(FUSE_LOG_DEBUG, "lo_init: activating writeback\n");
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_init: activating writeback\n");
conn->want |= FUSE_CAP_WRITEBACK_CACHE;
}
if (lo->flock && conn->capable & FUSE_CAP_FLOCK_LOCKS) {
- if (lo->debug) {
- fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
conn->want |= FUSE_CAP_FLOCK_LOCKS;
}
}
@@ -823,10 +816,8 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
}
e->ino = inode->fuse_ino;
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n",
- (unsigned long long)parent, name, (unsigned long long)e->ino);
- }
+ fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent,
+ name, (unsigned long long)e->ino);
return 0;
@@ -843,10 +834,8 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
struct fuse_entry_param e;
int err;
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, "lo_lookup(parent=%" PRIu64 ", name=%s)\n",
- parent, name);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_lookup(parent=%" PRIu64 ", name=%s)\n", parent,
+ name);
/*
* Don't use is_safe_path_component(), allow "." and ".." for NFS export
@@ -971,10 +960,8 @@ static void lo_mknod_symlink(fuse_req_t req, fuse_ino_t parent,
goto out;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n",
- (unsigned long long)parent, name, (unsigned long long)e.ino);
- }
+ fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent,
+ name, (unsigned long long)e.ino);
fuse_reply_entry(req, &e);
return;
@@ -1074,10 +1061,8 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
pthread_mutex_unlock(&lo->mutex);
e.ino = inode->fuse_ino;
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n",
- (unsigned long long)parent, name, (unsigned long long)e.ino);
- }
+ fuse_log(FUSE_LOG_DEBUG, " %lli/%s -> %lli\n", (unsigned long long)parent,
+ name, (unsigned long long)e.ino);
fuse_reply_entry(req, &e);
return;
@@ -1171,11 +1156,9 @@ static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
return;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n",
- (unsigned long long)ino, (unsigned long long)inode->refcount,
- (unsigned long long)nlookup);
- }
+ fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n",
+ (unsigned long long)ino, (unsigned long long)inode->refcount,
+ (unsigned long long)nlookup);
unref_inode(lo, inode, nlookup);
}
@@ -1445,10 +1428,8 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name,
int err;
struct lo_cred old = {};
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, "lo_create(parent=%" PRIu64 ", name=%s)\n",
- parent, name);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_create(parent=%" PRIu64 ", name=%s)\n", parent,
+ name);
if (!is_safe_path_component(name)) {
fuse_reply_err(req, EINVAL);
@@ -1525,10 +1506,8 @@ static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
char buf[64];
struct lo_data *lo = lo_data(req);
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, "lo_open(ino=%" PRIu64 ", flags=%d)\n", ino,
- fi->flags);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_open(ino=%" PRIu64 ", flags=%d)\n", ino,
+ fi->flags);
/*
* With writeback cache, kernel may send read requests even
@@ -1644,12 +1623,10 @@ static void lo_read(fuse_req_t req, fuse_ino_t ino, size_t size, off_t offset,
{
struct fuse_bufvec buf = FUSE_BUFVEC_INIT(size);
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG,
- "lo_read(ino=%" PRIu64 ", size=%zd, "
- "off=%lu)\n",
- ino, size, (unsigned long)offset);
- }
+ fuse_log(FUSE_LOG_DEBUG,
+ "lo_read(ino=%" PRIu64 ", size=%zd, "
+ "off=%lu)\n",
+ ino, size, (unsigned long)offset);
buf.buf[0].flags = FUSE_BUF_IS_FD | FUSE_BUF_FD_SEEK;
buf.buf[0].fd = lo_fi_fd(req, fi);
@@ -1671,11 +1648,9 @@ static void lo_write_buf(fuse_req_t req, fuse_ino_t ino,
out_buf.buf[0].fd = lo_fi_fd(req, fi);
out_buf.buf[0].pos = off;
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG,
- "lo_write(ino=%" PRIu64 ", size=%zd, off=%lu)\n", ino,
- out_buf.buf[0].size, (unsigned long)off);
- }
+ fuse_log(FUSE_LOG_DEBUG,
+ "lo_write_buf(ino=%" PRIu64 ", size=%zd, off=%lu)\n", ino,
+ out_buf.buf[0].size, (unsigned long)off);
/*
* If kill_priv is set, drop CAP_FSETID which should lead to kernel
@@ -1774,11 +1749,8 @@ static void lo_getxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
goto out;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG,
- "lo_getxattr(ino=%" PRIu64 ", name=%s size=%zd)\n", ino, name,
- size);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_getxattr(ino=%" PRIu64 ", name=%s size=%zd)\n",
+ ino, name, size);
if (inode->is_symlink) {
/* Sorry, no race free way to getxattr on symlink. */
@@ -1852,10 +1824,8 @@ static void lo_listxattr(fuse_req_t req, fuse_ino_t ino, size_t size)
goto out;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, "lo_listxattr(ino=%" PRIu64 ", size=%zd)\n",
- ino, size);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_listxattr(ino=%" PRIu64 ", size=%zd)\n", ino,
+ size);
if (inode->is_symlink) {
/* Sorry, no race free way to listxattr on symlink. */
@@ -1929,11 +1899,8 @@ static void lo_setxattr(fuse_req_t req, fuse_ino_t ino, const char *name,
goto out;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG,
- "lo_setxattr(ino=%" PRIu64 ", name=%s value=%s size=%zd)\n",
- ino, name, value, size);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_setxattr(ino=%" PRIu64
+ ", name=%s value=%s size=%zd)\n", ino, name, value, size);
if (inode->is_symlink) {
/* Sorry, no race free way to setxattr on symlink. */
@@ -1978,10 +1945,8 @@ static void lo_removexattr(fuse_req_t req, fuse_ino_t ino, const char *name)
goto out;
}
- if (lo_debug(req)) {
- fuse_log(FUSE_LOG_DEBUG, "lo_removexattr(ino=%" PRIu64 ", name=%s)\n",
- ino, name);
- }
+ fuse_log(FUSE_LOG_DEBUG, "lo_removexattr(ino=%" PRIu64 ", name=%s)\n", ino,
+ name);
if (inode->is_symlink) {
/* Sorry, no race free way to setxattr on symlink. */
@@ -2303,6 +2268,10 @@ static void setup_nofile_rlimit(void)
static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
{
+ if (current_log_level < level) {
+ return;
+ }
+
if (use_syslog) {
int priority = LOG_ERR;
switch (level) {
@@ -2401,8 +2370,19 @@ int main(int argc, char *argv[])
return 1;
}
+ /*
+ * log_level is 0 if not configured via cmd options (0 is LOG_EMERG,
+ * and we don't use this log level).
+ */
+ if (opts.log_level != 0) {
+ current_log_level = opts.log_level;
+ }
lo.debug = opts.debug;
+ if (lo.debug) {
+ current_log_level = FUSE_LOG_DEBUG;
+ }
lo.root.refcount = 2;
+
if (lo.source) {
struct stat stat;
int res;

68
0069-virtiofsd-Add-ID-to-the-log-with-FUSE_LOG_DEBUG-leve.patch Normal file
View File

@ -0,0 +1,68 @@
From: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Date: Mon, 27 Jan 2020 19:01:38 +0000
Subject: [PATCH] virtiofsd: Add ID to the log with FUSE_LOG_DEBUG level
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd has some threads, so we see a lot of logs with debug option.
It would be useful for debugging if we can identify the specific thread
from the log.
Add ID, which is got by gettid(), to the log with FUSE_LOG_DEBUG level
so that we can grep the specific thread.
The log is like as:
]# ./virtiofsd -d -o vhost_user_socket=/tmp/vhostqemu0 -o source=/tmp/share0 -o cache=auto
...
[ID: 00000097] unique: 12696, success, outsize: 120
[ID: 00000097] virtio_send_msg: elem 18: with 2 in desc of length 120
[ID: 00000003] fv_queue_thread: Got queue event on Queue 1
[ID: 00000003] fv_queue_thread: Queue 1 gave evalue: 1 available: in: 65552 out: 80
[ID: 00000003] fv_queue_thread: Waiting for Queue 1 event
[ID: 00000071] fv_queue_worker: elem 33: with 2 out desc of length 80 bad_in_num=0 bad_out_num=0
[ID: 00000071] unique: 12694, opcode: READ (15), nodeid: 2, insize: 80, pid: 2014
[ID: 00000071] lo_read(ino=2, size=65536, off=131072)
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
added rework as suggested by Daniel P. Berrangé during review
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 36f3846902bd41413f6c0bf797dee509028c29f4)
---
tools/virtiofsd/passthrough_ll.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index ff6910fd73..f08324f000 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -43,6 +43,7 @@
#include <cap-ng.h>
#include <dirent.h>
#include <errno.h>
+#include <glib.h>
#include <inttypes.h>
#include <limits.h>
#include <pthread.h>
@@ -2268,10 +2269,17 @@ static void setup_nofile_rlimit(void)
static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
{
+ g_autofree char *localfmt = NULL;
+
if (current_log_level < level) {
return;
}
+ if (current_log_level == FUSE_LOG_DEBUG) {
+ localfmt = g_strdup_printf("[ID: %08ld] %s", syscall(__NR_gettid), fmt);
+ fmt = localfmt;
+ }
+
if (use_syslog) {
int priority = LOG_ERR;
switch (level) {

56
0070-virtiofsd-Add-timestamp-to-the-log-with-FUSE_LOG_DEB.patch Normal file
View File

@ -0,0 +1,56 @@
From: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Date: Mon, 27 Jan 2020 19:01:39 +0000
Subject: [PATCH] virtiofsd: Add timestamp to the log with FUSE_LOG_DEBUG level
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd has some threads, so we see a lot of logs with debug option.
It would be useful for debugging if we can see the timestamp.
Add nano second timestamp, which got by get_clock(), to the log with
FUSE_LOG_DEBUG level if the syslog option isn't set.
The log is like as:
# ./virtiofsd -d -o vhost_user_socket=/tmp/vhostqemu0 -o source=/tmp/share0 -o cache=auto
...
[5365943125463727] [ID: 00000002] fv_queue_thread: Start for queue 0 kick_fd 9
[5365943125568644] [ID: 00000002] fv_queue_thread: Waiting for Queue 0 event
[5365943125573561] [ID: 00000002] fv_queue_thread: Got queue event on Queue 0
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 50fb955aa0e6ede929422146936cf68bf1ca876f)
---
tools/virtiofsd/passthrough_ll.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index f08324f000..98114a3f4a 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -36,6 +36,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/timer.h"
#include "fuse_virtio.h"
#include "fuse_log.h"
#include "fuse_lowlevel.h"
@@ -2276,7 +2277,13 @@ static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
}
if (current_log_level == FUSE_LOG_DEBUG) {
- localfmt = g_strdup_printf("[ID: %08ld] %s", syscall(__NR_gettid), fmt);
+ if (!use_syslog) {
+ localfmt = g_strdup_printf("[%" PRId64 "] [ID: %08ld] %s",
+ get_clock(), syscall(__NR_gettid), fmt);
+ } else {
+ localfmt = g_strdup_printf("[ID: %08ld] %s", syscall(__NR_gettid),
+ fmt);
+ }
fmt = localfmt;
}

37
0071-virtiofsd-Handle-reinit.patch Normal file
View File

@ -0,0 +1,37 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:40 +0000
Subject: [PATCH] virtiofsd: Handle reinit
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Allow init->destroy->init for mount->umount->mount
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit c806d6435fe95fd54b379920aca2f4e3ea1f3258)
---
tools/virtiofsd/fuse_lowlevel.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index a7a19685b5..7d742b5a72 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2028,6 +2028,7 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid,
}
se->got_init = 1;
+ se->got_destroy = 0;
if (se->op.init) {
se->op.init(se->userdata, &se->conn);
}
@@ -2130,6 +2131,7 @@ static void do_destroy(fuse_req_t req, fuse_ino_t nodeid,
(void)iter;
se->got_destroy = 1;
+ se->got_init = 0;
if (se->op.destroy) {
se->op.destroy(se->userdata);
}

49
0072-virtiofsd-Handle-hard-reboot.patch Normal file
View File

@ -0,0 +1,49 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:41 +0000
Subject: [PATCH] virtiofsd: Handle hard reboot
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Handle a
mount
hard reboot (without unmount)
mount
we get another 'init' which FUSE doesn't normally expect.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit e8556f49098b5d95634e592d79a97f761b76c96e)
---
tools/virtiofsd/fuse_lowlevel.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 7d742b5a72..65f91dabae 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2433,7 +2433,21 @@ void fuse_session_process_buf_int(struct fuse_session *se,
goto reply_err;
}
} else if (in->opcode == FUSE_INIT || in->opcode == CUSE_INIT) {
- goto reply_err;
+ if (fuse_lowlevel_is_virtio(se)) {
+ /*
+ * TODO: This is after a hard reboot typically, we need to do
+ * a destroy, but we can't reply to this request yet so
+ * we can't use do_destroy
+ */
+ fuse_log(FUSE_LOG_DEBUG, "%s: reinit\n", __func__);
+ se->got_destroy = 1;
+ se->got_init = 0;
+ if (se->op.destroy) {
+ se->op.destroy(se->userdata);
+ }
+ } else {
+ goto reply_err;
+ }
}
err = EACCES;

126
0073-virtiofsd-Kill-threads-when-queues-are-stopped.patch Normal file
View File

@ -0,0 +1,126 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:42 +0000
Subject: [PATCH] virtiofsd: Kill threads when queues are stopped
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Kill the threads we've started when the queues get stopped.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
With improvements by:
Signed-off-by: Eryu Guan <eguan@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 10477ac47fc57d00a84802ff97c15450cd8021c1)
---
tools/virtiofsd/fuse_virtio.c | 51 ++++++++++++++++++++++++++++++-----
1 file changed, 44 insertions(+), 7 deletions(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 872968f2c8..7a8774a3ee 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -41,6 +41,7 @@ struct fv_QueueInfo {
/* Our queue index, corresponds to array position */
int qidx;
int kick_fd;
+ int kill_fd; /* For killing the thread */
/* The element for the command currently being processed */
VuVirtqElement *qe;
@@ -412,14 +413,17 @@ static void *fv_queue_thread(void *opaque)
fuse_log(FUSE_LOG_INFO, "%s: Start for queue %d kick_fd %d\n", __func__,
qi->qidx, qi->kick_fd);
while (1) {
- struct pollfd pf[1];
+ struct pollfd pf[2];
pf[0].fd = qi->kick_fd;
pf[0].events = POLLIN;
pf[0].revents = 0;
+ pf[1].fd = qi->kill_fd;
+ pf[1].events = POLLIN;
+ pf[1].revents = 0;
fuse_log(FUSE_LOG_DEBUG, "%s: Waiting for Queue %d event\n", __func__,
qi->qidx);
- int poll_res = ppoll(pf, 1, NULL, NULL);
+ int poll_res = ppoll(pf, 2, NULL, NULL);
if (poll_res == -1) {
if (errno == EINTR) {
@@ -430,12 +434,23 @@ static void *fv_queue_thread(void *opaque)
fuse_log(FUSE_LOG_ERR, "fv_queue_thread ppoll: %m\n");
break;
}
- assert(poll_res == 1);
+ assert(poll_res >= 1);
if (pf[0].revents & (POLLERR | POLLHUP | POLLNVAL)) {
fuse_log(FUSE_LOG_ERR, "%s: Unexpected poll revents %x Queue %d\n",
__func__, pf[0].revents, qi->qidx);
break;
}
+ if (pf[1].revents & (POLLERR | POLLHUP | POLLNVAL)) {
+ fuse_log(FUSE_LOG_ERR,
+ "%s: Unexpected poll revents %x Queue %d killfd\n",
+ __func__, pf[1].revents, qi->qidx);
+ break;
+ }
+ if (pf[1].revents) {
+ fuse_log(FUSE_LOG_INFO, "%s: kill event on queue %d - quitting\n",
+ __func__, qi->qidx);
+ break;
+ }
assert(pf[0].revents & POLLIN);
fuse_log(FUSE_LOG_DEBUG, "%s: Got queue event on Queue %d\n", __func__,
qi->qidx);
@@ -589,6 +604,28 @@ out:
return NULL;
}
+static void fv_queue_cleanup_thread(struct fv_VuDev *vud, int qidx)
+{
+ int ret;
+ struct fv_QueueInfo *ourqi;
+
+ assert(qidx < vud->nqueues);
+ ourqi = vud->qi[qidx];
+
+ /* Kill the thread */
+ if (eventfd_write(ourqi->kill_fd, 1)) {
+ fuse_log(FUSE_LOG_ERR, "Eventfd_write for queue %d: %s\n",
+ qidx, strerror(errno));
+ }
+ ret = pthread_join(ourqi->thread, NULL);
+ if (ret) {
+ fuse_log(FUSE_LOG_ERR, "%s: Failed to join thread idx %d err %d\n",
+ __func__, qidx, ret);
+ }
+ close(ourqi->kill_fd);
+ ourqi->kick_fd = -1;
+}
+
/* Callback from libvhost-user on start or stop of a queue */
static void fv_queue_set_started(VuDev *dev, int qidx, bool started)
{
@@ -633,16 +670,16 @@ static void fv_queue_set_started(VuDev *dev, int qidx, bool started)
}
ourqi = vud->qi[qidx];
ourqi->kick_fd = dev->vq[qidx].kick_fd;
+
+ ourqi->kill_fd = eventfd(0, EFD_CLOEXEC | EFD_SEMAPHORE);
+ assert(ourqi->kill_fd != -1);
if (pthread_create(&ourqi->thread, NULL, fv_queue_thread, ourqi)) {
fuse_log(FUSE_LOG_ERR, "%s: Failed to create thread for queue %d\n",
__func__, qidx);
assert(0);
}
} else {
- /* TODO: Kill the thread */
- assert(qidx < vud->nqueues);
- ourqi = vud->qi[qidx];
- ourqi->kick_fd = -1;
+ fv_queue_cleanup_thread(vud, qidx);
}
}

32
0074-vhost-user-Print-unexpected-slave-message-types.patch Normal file
View File

@ -0,0 +1,32 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:43 +0000
Subject: [PATCH] vhost-user: Print unexpected slave message types
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When we receive an unexpected message type on the slave fd, print
the type.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 0fdc465d7d5aafeae127eba488f247ac6f58df4c)
---
hw/virtio/vhost-user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/virtio/vhost-user.c b/hw/virtio/vhost-user.c
index 02a9b25199..e4f46ecf88 100644
--- a/hw/virtio/vhost-user.c
+++ b/hw/virtio/vhost-user.c
@@ -1055,7 +1055,7 @@ static void slave_read(void *opaque)
fd[0]);
break;
default:
- error_report("Received unexpected msg type.");
+ error_report("Received unexpected msg type: %d.", hdr.request);
ret = -EINVAL;
}

118
0075-contrib-libvhost-user-Protect-slave-fd-with-mutex.patch Normal file
View File

@ -0,0 +1,118 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:44 +0000
Subject: [PATCH] contrib/libvhost-user: Protect slave fd with mutex
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In future patches we'll be performing commands on the slave-fd driven
by commands on queues, since those queues will be driven by individual
threads we need to make sure they don't attempt to use the slave-fd
for multiple commands in parallel.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit c25c02b9e6a196be87a818f459c426556b24770d)
---
contrib/libvhost-user/libvhost-user.c | 24 ++++++++++++++++++++----
contrib/libvhost-user/libvhost-user.h | 3 +++
2 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/contrib/libvhost-user/libvhost-user.c b/contrib/libvhost-user/libvhost-user.c
index ec27b78ff1..63e41062a4 100644
--- a/contrib/libvhost-user/libvhost-user.c
+++ b/contrib/libvhost-user/libvhost-user.c
@@ -392,26 +392,37 @@ vu_send_reply(VuDev *dev, int conn_fd, VhostUserMsg *vmsg)
return vu_message_write(dev, conn_fd, vmsg);
}
+/*
+ * Processes a reply on the slave channel.
+ * Entered with slave_mutex held and releases it before exit.
+ * Returns true on success.
+ */
static bool
vu_process_message_reply(VuDev *dev, const VhostUserMsg *vmsg)
{
VhostUserMsg msg_reply;
+ bool result = false;
if ((vmsg->flags & VHOST_USER_NEED_REPLY_MASK) == 0) {
- return true;
+ result = true;
+ goto out;
}
if (!vu_message_read(dev, dev->slave_fd, &msg_reply)) {
- return false;
+ goto out;
}
if (msg_reply.request != vmsg->request) {
DPRINT("Received unexpected msg type. Expected %d received %d",
vmsg->request, msg_reply.request);
- return false;
+ goto out;
}
- return msg_reply.payload.u64 == 0;
+ result = msg_reply.payload.u64 == 0;
+
+out:
+ pthread_mutex_unlock(&dev->slave_mutex);
+ return result;
}
/* Kick the log_call_fd if required. */
@@ -1105,10 +1116,13 @@ bool vu_set_queue_host_notifier(VuDev *dev, VuVirtq *vq, int fd,
return false;
}
+ pthread_mutex_lock(&dev->slave_mutex);
if (!vu_message_write(dev, dev->slave_fd, &vmsg)) {
+ pthread_mutex_unlock(&dev->slave_mutex);
return false;
}
+ /* Also unlocks the slave_mutex */
return vu_process_message_reply(dev, &vmsg);
}
@@ -1628,6 +1642,7 @@ vu_deinit(VuDev *dev)
close(dev->slave_fd);
dev->slave_fd = -1;
}
+ pthread_mutex_destroy(&dev->slave_mutex);
if (dev->sock != -1) {
close(dev->sock);
@@ -1663,6 +1678,7 @@ vu_init(VuDev *dev,
dev->remove_watch = remove_watch;
dev->iface = iface;
dev->log_call_fd = -1;
+ pthread_mutex_init(&dev->slave_mutex, NULL);
dev->slave_fd = -1;
dev->max_queues = max_queues;
diff --git a/contrib/libvhost-user/libvhost-user.h b/contrib/libvhost-user/libvhost-user.h
index 46b600799b..1844b6f8d4 100644
--- a/contrib/libvhost-user/libvhost-user.h
+++ b/contrib/libvhost-user/libvhost-user.h
@@ -19,6 +19,7 @@
#include <stddef.h>
#include <sys/poll.h>
#include <linux/vhost.h>
+#include <pthread.h>
#include "standard-headers/linux/virtio_ring.h"
/* Based on qemu/hw/virtio/vhost-user.c */
@@ -355,6 +356,8 @@ struct VuDev {
VuVirtq *vq;
VuDevInflightInfo inflight_info;
int log_call_fd;
+ /* Must be held while using slave_fd */
+ pthread_mutex_t slave_mutex;
int slave_fd;
uint64_t log_size;
uint8_t *log_table;

33
0076-virtiofsd-passthrough_ll-add-renameat2-support.patch Normal file
View File

@ -0,0 +1,33 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:45 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: add renameat2 support
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit f0ab7d6f78a7d3c1c19fd81a91c9b1199f56c4f6)
---
tools/virtiofsd/passthrough_ll.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 98114a3f4a..18d69abcbc 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1099,7 +1099,17 @@ static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name,
}
if (flags) {
+#ifndef SYS_renameat2
fuse_reply_err(req, EINVAL);
+#else
+ res = syscall(SYS_renameat2, lo_fd(req, parent), name,
+ lo_fd(req, newparent), newname, flags);
+ if (res == -1 && errno == ENOSYS) {
+ fuse_reply_err(req, EINVAL);
+ } else {
+ fuse_reply_err(req, res == -1 ? errno : 0);
+ }
+#endif
return;
}

33
0077-virtiofsd-passthrough_ll-disable-readdirplus-on-cach.patch Normal file
View File

@ -0,0 +1,33 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:46 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: disable readdirplus on cache=never
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
...because the attributes sent in the READDIRPLUS reply would be discarded
anyway.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit ddcbabcb0ea177be3ec3500726b699c7c26ffd93)
---
tools/virtiofsd/passthrough_ll.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 18d69abcbc..6480c517dc 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -478,6 +478,10 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
conn->want |= FUSE_CAP_FLOCK_LOCKS;
}
+ if (lo->cache == CACHE_NEVER) {
+ fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling readdirplus\n");
+ conn->want &= ~FUSE_CAP_READDIRPLUS;
+ }
}
static void lo_getattr(fuse_req_t req, fuse_ino_t ino,

60
0078-virtiofsd-passthrough_ll-control-readdirplus.patch Normal file
View File

@ -0,0 +1,60 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:47 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: control readdirplus
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 59aef494be2d8d91055ff3f3a8eb13d9f32873d8)
---
tools/virtiofsd/helper.c | 4 ++++
tools/virtiofsd/passthrough_ll.c | 7 ++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 6d50a46a7e..14f5d70c10 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -153,6 +153,10 @@ void fuse_cmdline_help(void)
" allowed (default: 10)\n"
" -o norace disable racy fallback\n"
" default: false\n"
+ " -o readdirplus|no_readdirplus\n"
+ " enable/disable readirplus\n"
+ " default: readdirplus except with "
+ "cache=never\n"
);
}
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 6480c517dc..8b1784ff7b 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -117,6 +117,8 @@ struct lo_data {
double timeout;
int cache;
int timeout_set;
+ int readdirplus_set;
+ int readdirplus_clear;
struct lo_inode root; /* protected by lo->mutex */
struct lo_map ino_map; /* protected by lo->mutex */
struct lo_map dirp_map; /* protected by lo->mutex */
@@ -140,6 +142,8 @@ static const struct fuse_opt lo_opts[] = {
{ "cache=auto", offsetof(struct lo_data, cache), CACHE_NORMAL },
{ "cache=always", offsetof(struct lo_data, cache), CACHE_ALWAYS },
{ "norace", offsetof(struct lo_data, norace), 1 },
+ { "readdirplus", offsetof(struct lo_data, readdirplus_set), 1 },
+ { "no_readdirplus", offsetof(struct lo_data, readdirplus_clear), 1 },
FUSE_OPT_END
};
static bool use_syslog = false;
@@ -478,7 +482,8 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
conn->want |= FUSE_CAP_FLOCK_LOCKS;
}
- if (lo->cache == CACHE_NEVER) {
+ if ((lo->cache == CACHE_NEVER && !lo->readdirplus_set) ||
+ lo->readdirplus_clear) {
fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling readdirplus\n");
conn->want &= ~FUSE_CAP_READDIRPLUS;
}

77
0079-virtiofsd-rename-unref_inode-to-unref_inode_lolocked.patch Normal file
View File

@ -0,0 +1,77 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:48 +0000
Subject: [PATCH] virtiofsd: rename unref_inode() to unref_inode_lolocked()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 95d2715791c60b5dc2d22e4eb7b83217273296fa)
---
tools/virtiofsd/passthrough_ll.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 8b1784ff7b..de12e75a9e 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -148,8 +148,8 @@ static const struct fuse_opt lo_opts[] = {
};
static bool use_syslog = false;
static int current_log_level;
-
-static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n);
+static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
+ uint64_t n);
static struct {
pthread_mutex_t mutex;
@@ -586,7 +586,7 @@ retry:
return 0;
fail_unref:
- unref_inode(lo, p, 1);
+ unref_inode_lolocked(lo, p, 1);
fail:
if (retries) {
retries--;
@@ -624,7 +624,7 @@ fallback:
res = lo_parent_and_name(lo, inode, path, &parent);
if (res != -1) {
res = utimensat(parent->fd, path, tv, AT_SYMLINK_NOFOLLOW);
- unref_inode(lo, parent, 1);
+ unref_inode_lolocked(lo, parent, 1);
}
return res;
@@ -1027,7 +1027,7 @@ fallback:
res = lo_parent_and_name(lo, inode, path, &parent);
if (res != -1) {
res = linkat(parent->fd, path, dfd, name, 0);
- unref_inode(lo, parent, 1);
+ unref_inode_lolocked(lo, parent, 1);
}
return res;
@@ -1141,7 +1141,8 @@ static void lo_unlink(fuse_req_t req, fuse_ino_t parent, const char *name)
fuse_reply_err(req, res == -1 ? errno : 0);
}
-static void unref_inode(struct lo_data *lo, struct lo_inode *inode, uint64_t n)
+static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
+ uint64_t n)
{
if (!inode) {
return;
@@ -1181,7 +1182,7 @@ static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
(unsigned long long)ino, (unsigned long long)inode->refcount,
(unsigned long long)nlookup);
- unref_inode(lo, inode, nlookup);
+ unref_inode_lolocked(lo, inode, nlookup);
}
static void lo_forget(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)

66
0080-virtiofsd-fail-when-parent-inode-isn-t-known-in-lo_d.patch Normal file
View File

@ -0,0 +1,66 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:49 +0000
Subject: [PATCH] virtiofsd: fail when parent inode isn't known in
lo_do_lookup()
The Linux file handle APIs (struct export_operations) can access inodes
that are not attached to parents because path name traversal is not
performed. Refuse if there is no parent in lo_do_lookup().
Also clean up lo_do_lookup() while we're here.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 9de4fab5995d115f8ebfb41d8d94a866d80a1708)
---
tools/virtiofsd/passthrough_ll.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index de12e75a9e..33bfb4d1f4 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -777,6 +777,15 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
struct lo_data *lo = lo_data(req);
struct lo_inode *inode, *dir = lo_inode(req, parent);
+ /*
+ * name_to_handle_at() and open_by_handle_at() can reach here with fuse
+ * mount point in guest, but we don't have its inode info in the
+ * ino_map.
+ */
+ if (!dir) {
+ return ENOENT;
+ }
+
memset(e, 0, sizeof(*e));
e->attr_timeout = lo->timeout;
e->entry_timeout = lo->timeout;
@@ -786,7 +795,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
name = ".";
}
- newfd = openat(lo_fd(req, parent), name, O_PATH | O_NOFOLLOW);
+ newfd = openat(dir->fd, name, O_PATH | O_NOFOLLOW);
if (newfd == -1) {
goto out_err;
}
@@ -796,7 +805,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
goto out_err;
}
- inode = lo_find(lo_data(req), &e->attr);
+ inode = lo_find(lo, &e->attr);
if (inode) {
close(newfd);
newfd = -1;
@@ -812,6 +821,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
inode->is_symlink = S_ISLNK(e->attr.st_mode);
inode->refcount = 1;
inode->fd = newfd;
+ newfd = -1;
inode->ino = e->attr.st_ino;
inode->dev = e->attr.st_dev;

91
0081-virtiofsd-extract-root-inode-init-into-setup_root.patch Normal file
View File

@ -0,0 +1,91 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:50 +0000
Subject: [PATCH] virtiofsd: extract root inode init into setup_root()
Inititialize the root inode in a single place.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
dgilbert:
with fix suggested by Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 3ca8a2b1c83eb185c232a4e87abbb65495263756)
---
tools/virtiofsd/passthrough_ll.c | 35 +++++++++++++++++++++++---------
1 file changed, 25 insertions(+), 10 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 33bfb4d1f4..9e7191eb75 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -2351,6 +2351,30 @@ static void log_func(enum fuse_log_level level, const char *fmt, va_list ap)
}
}
+static void setup_root(struct lo_data *lo, struct lo_inode *root)
+{
+ int fd, res;
+ struct stat stat;
+
+ fd = open("/", O_PATH);
+ if (fd == -1) {
+ fuse_log(FUSE_LOG_ERR, "open(%s, O_PATH): %m\n", lo->source);
+ exit(1);
+ }
+
+ res = fstatat(fd, "", &stat, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW);
+ if (res == -1) {
+ fuse_log(FUSE_LOG_ERR, "fstatat(%s): %m\n", lo->source);
+ exit(1);
+ }
+
+ root->is_symlink = false;
+ root->fd = fd;
+ root->ino = stat.st_ino;
+ root->dev = stat.st_dev;
+ root->refcount = 2;
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2426,8 +2450,6 @@ int main(int argc, char *argv[])
if (lo.debug) {
current_log_level = FUSE_LOG_DEBUG;
}
- lo.root.refcount = 2;
-
if (lo.source) {
struct stat stat;
int res;
@@ -2446,7 +2468,6 @@ int main(int argc, char *argv[])
} else {
lo.source = "/";
}
- lo.root.is_symlink = false;
if (!lo.timeout_set) {
switch (lo.cache) {
case CACHE_NEVER:
@@ -2466,13 +2487,6 @@ int main(int argc, char *argv[])
exit(1);
}
- lo.root.fd = open(lo.source, O_PATH);
-
- if (lo.root.fd == -1) {
- fuse_log(FUSE_LOG_ERR, "open(\"%s\", O_PATH): %m\n", lo.source);
- exit(1);
- }
-
se = fuse_session_new(&args, &lo_oper, sizeof(lo_oper), &lo);
if (se == NULL) {
goto err_out1;
@@ -2495,6 +2509,7 @@ int main(int argc, char *argv[])
setup_sandbox(&lo, se, opts.syslog);
+ setup_root(&lo, &lo.root);
/* Block until ctrl+c or fusermount -u */
ret = virtio_loop(se);

121
0082-virtiofsd-passthrough_ll-clean-up-cache-related-opti.patch Normal file
View File

@ -0,0 +1,121 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:51 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: clean up cache related options
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- Rename "cache=never" to "cache=none" to match 9p's similar option.
- Rename CACHE_NORMAL constant to CACHE_AUTO to match the "cache=auto"
option.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 230e777b5e250759ee0480fcc0e9ccfa2b082fba)
---
tools/virtiofsd/helper.c | 5 ++++-
tools/virtiofsd/passthrough_ll.c | 20 ++++++++++----------
2 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 14f5d70c10..567202444a 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -145,6 +145,9 @@ void fuse_cmdline_help(void)
" --syslog log to syslog (default stderr)\n"
" -f foreground operation\n"
" --daemonize run in background\n"
+ " -o cache=<mode> cache mode. could be one of \"auto, "
+ "always, none\"\n"
+ " default: auto\n"
" -o log_level=<level> log level, default to \"info\"\n"
" level could be one of \"debug, "
"info, warn, err\"\n"
@@ -156,7 +159,7 @@ void fuse_cmdline_help(void)
" -o readdirplus|no_readdirplus\n"
" enable/disable readirplus\n"
" default: readdirplus except with "
- "cache=never\n"
+ "cache=none\n"
);
}
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 9e7191eb75..b40f2874a7 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -101,8 +101,8 @@ struct lo_cred {
};
enum {
- CACHE_NEVER,
- CACHE_NORMAL,
+ CACHE_NONE,
+ CACHE_AUTO,
CACHE_ALWAYS,
};
@@ -138,8 +138,8 @@ static const struct fuse_opt lo_opts[] = {
{ "no_xattr", offsetof(struct lo_data, xattr), 0 },
{ "timeout=%lf", offsetof(struct lo_data, timeout), 0 },
{ "timeout=", offsetof(struct lo_data, timeout_set), 1 },
- { "cache=never", offsetof(struct lo_data, cache), CACHE_NEVER },
- { "cache=auto", offsetof(struct lo_data, cache), CACHE_NORMAL },
+ { "cache=none", offsetof(struct lo_data, cache), CACHE_NONE },
+ { "cache=auto", offsetof(struct lo_data, cache), CACHE_AUTO },
{ "cache=always", offsetof(struct lo_data, cache), CACHE_ALWAYS },
{ "norace", offsetof(struct lo_data, norace), 1 },
{ "readdirplus", offsetof(struct lo_data, readdirplus_set), 1 },
@@ -482,7 +482,7 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
conn->want |= FUSE_CAP_FLOCK_LOCKS;
}
- if ((lo->cache == CACHE_NEVER && !lo->readdirplus_set) ||
+ if ((lo->cache == CACHE_NONE && !lo->readdirplus_set) ||
lo->readdirplus_clear) {
fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling readdirplus\n");
conn->want &= ~FUSE_CAP_READDIRPLUS;
@@ -1493,7 +1493,7 @@ static void lo_create(fuse_req_t req, fuse_ino_t parent, const char *name,
fi->fh = fh;
err = lo_do_lookup(req, parent, name, &e);
}
- if (lo->cache == CACHE_NEVER) {
+ if (lo->cache == CACHE_NONE) {
fi->direct_io = 1;
} else if (lo->cache == CACHE_ALWAYS) {
fi->keep_cache = 1;
@@ -1578,7 +1578,7 @@ static void lo_open(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
}
fi->fh = fh;
- if (lo->cache == CACHE_NEVER) {
+ if (lo->cache == CACHE_NONE) {
fi->direct_io = 1;
} else if (lo->cache == CACHE_ALWAYS) {
fi->keep_cache = 1;
@@ -2395,7 +2395,7 @@ int main(int argc, char *argv[])
lo.root.next = lo.root.prev = &lo.root;
lo.root.fd = -1;
lo.root.fuse_ino = FUSE_ROOT_ID;
- lo.cache = CACHE_NORMAL;
+ lo.cache = CACHE_AUTO;
/*
* Set up the ino map like this:
@@ -2470,11 +2470,11 @@ int main(int argc, char *argv[])
}
if (!lo.timeout_set) {
switch (lo.cache) {
- case CACHE_NEVER:
+ case CACHE_NONE:
lo.timeout = 0.0;
break;
- case CACHE_NORMAL:
+ case CACHE_AUTO:
lo.timeout = 1.0;
break;

195
0083-virtiofsd-passthrough_ll-use-hashtable.patch Normal file
View File

@ -0,0 +1,195 @@
From: Miklos Szeredi <mszeredi@redhat.com>
Date: Mon, 27 Jan 2020 19:01:52 +0000
Subject: [PATCH] virtiofsd: passthrough_ll: use hashtable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Improve performance of inode lookup by using a hash table.
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit bfc50a6e06b10b2f9dbaf6c1a89dd523322e016f)
---
tools/virtiofsd/passthrough_ll.c | 81 ++++++++++++++++++--------------
1 file changed, 45 insertions(+), 36 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index b40f2874a7..b176a314d6 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -84,13 +84,15 @@ struct lo_map {
ssize_t freelist;
};
+struct lo_key {
+ ino_t ino;
+ dev_t dev;
+};
+
struct lo_inode {
- struct lo_inode *next; /* protected by lo->mutex */
- struct lo_inode *prev; /* protected by lo->mutex */
int fd;
bool is_symlink;
- ino_t ino;
- dev_t dev;
+ struct lo_key key;
uint64_t refcount; /* protected by lo->mutex */
fuse_ino_t fuse_ino;
};
@@ -119,7 +121,8 @@ struct lo_data {
int timeout_set;
int readdirplus_set;
int readdirplus_clear;
- struct lo_inode root; /* protected by lo->mutex */
+ struct lo_inode root;
+ GHashTable *inodes; /* protected by lo->mutex */
struct lo_map ino_map; /* protected by lo->mutex */
struct lo_map dirp_map; /* protected by lo->mutex */
struct lo_map fd_map; /* protected by lo->mutex */
@@ -573,7 +576,7 @@ retry:
}
goto fail_unref;
}
- if (stat.st_dev != inode->dev || stat.st_ino != inode->ino) {
+ if (stat.st_dev != inode->key.dev || stat.st_ino != inode->key.ino) {
if (!retries) {
fuse_log(FUSE_LOG_WARNING,
"%s: failed to match last\n", __func__);
@@ -753,19 +756,20 @@ out_err:
static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st)
{
struct lo_inode *p;
- struct lo_inode *ret = NULL;
+ struct lo_key key = {
+ .ino = st->st_ino,
+ .dev = st->st_dev,
+ };
pthread_mutex_lock(&lo->mutex);
- for (p = lo->root.next; p != &lo->root; p = p->next) {
- if (p->ino == st->st_ino && p->dev == st->st_dev) {
- assert(p->refcount > 0);
- ret = p;
- ret->refcount++;
- break;
- }
+ p = g_hash_table_lookup(lo->inodes, &key);
+ if (p) {
+ assert(p->refcount > 0);
+ p->refcount++;
}
pthread_mutex_unlock(&lo->mutex);
- return ret;
+
+ return p;
}
static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
@@ -810,8 +814,6 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
close(newfd);
newfd = -1;
} else {
- struct lo_inode *prev, *next;
-
saverr = ENOMEM;
inode = calloc(1, sizeof(struct lo_inode));
if (!inode) {
@@ -822,17 +824,12 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
inode->refcount = 1;
inode->fd = newfd;
newfd = -1;
- inode->ino = e->attr.st_ino;
- inode->dev = e->attr.st_dev;
+ inode->key.ino = e->attr.st_ino;
+ inode->key.dev = e->attr.st_dev;
pthread_mutex_lock(&lo->mutex);
inode->fuse_ino = lo_add_inode_mapping(req, inode);
- prev = &lo->root;
- next = prev->next;
- next->prev = inode;
- inode->next = next;
- inode->prev = prev;
- prev->next = inode;
+ g_hash_table_insert(lo->inodes, &inode->key, inode);
pthread_mutex_unlock(&lo->mutex);
}
e->ino = inode->fuse_ino;
@@ -1162,14 +1159,8 @@ static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
assert(inode->refcount >= n);
inode->refcount -= n;
if (!inode->refcount) {
- struct lo_inode *prev, *next;
-
- prev = inode->prev;
- next = inode->next;
- next->prev = prev;
- prev->next = next;
-
lo_map_remove(&lo->ino_map, inode->fuse_ino);
+ g_hash_table_remove(lo->inodes, &inode->key);
pthread_mutex_unlock(&lo->mutex);
close(inode->fd);
free(inode);
@@ -1369,7 +1360,7 @@ static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
/* Hide root's parent directory */
if (dinode == &lo->root && strcmp(name, "..") == 0) {
- e.attr.st_ino = lo->root.ino;
+ e.attr.st_ino = lo->root.key.ino;
e.attr.st_mode = DT_DIR << 12;
}
@@ -2370,11 +2361,26 @@ static void setup_root(struct lo_data *lo, struct lo_inode *root)
root->is_symlink = false;
root->fd = fd;
- root->ino = stat.st_ino;
- root->dev = stat.st_dev;
+ root->key.ino = stat.st_ino;
+ root->key.dev = stat.st_dev;
root->refcount = 2;
}
+static guint lo_key_hash(gconstpointer key)
+{
+ const struct lo_key *lkey = key;
+
+ return (guint)lkey->ino + (guint)lkey->dev;
+}
+
+static gboolean lo_key_equal(gconstpointer a, gconstpointer b)
+{
+ const struct lo_key *la = a;
+ const struct lo_key *lb = b;
+
+ return la->ino == lb->ino && la->dev == lb->dev;
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2392,7 +2398,7 @@ int main(int argc, char *argv[])
umask(0);
pthread_mutex_init(&lo.mutex, NULL);
- lo.root.next = lo.root.prev = &lo.root;
+ lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal);
lo.root.fd = -1;
lo.root.fuse_ino = FUSE_ROOT_ID;
lo.cache = CACHE_AUTO;
@@ -2522,6 +2528,9 @@ err_out2:
err_out1:
fuse_opt_free_args(&args);
+ if (lo.inodes) {
+ g_hash_table_destroy(lo.inodes);
+ }
lo_map_destroy(&lo.fd_map);
lo_map_destroy(&lo.dirp_map);
lo_map_destroy(&lo.ino_map);

69
0084-virtiofsd-Clean-up-inodes-on-destroy.patch Normal file
View File

@ -0,0 +1,69 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:01:53 +0000
Subject: [PATCH] virtiofsd: Clean up inodes on destroy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Clear out our inodes and fd's on a 'destroy' - so we get rid
of them if we reboot the guest.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 771b01eb76ff480fee984bd1d21727147cc3e702)
---
tools/virtiofsd/passthrough_ll.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index b176a314d6..9ed77a17fd 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1169,6 +1169,25 @@ static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
}
}
+static int unref_all_inodes_cb(gpointer key, gpointer value, gpointer user_data)
+{
+ struct lo_inode *inode = value;
+ struct lo_data *lo = user_data;
+
+ inode->refcount = 0;
+ lo_map_remove(&lo->ino_map, inode->fuse_ino);
+ close(inode->fd);
+
+ return TRUE;
+}
+
+static void unref_all_inodes(struct lo_data *lo)
+{
+ pthread_mutex_lock(&lo->mutex);
+ g_hash_table_foreach_remove(lo->inodes, unref_all_inodes_cb, lo);
+ pthread_mutex_unlock(&lo->mutex);
+}
+
static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
{
struct lo_data *lo = lo_data(req);
@@ -2035,6 +2054,12 @@ static void lo_lseek(fuse_req_t req, fuse_ino_t ino, off_t off, int whence,
}
}
+static void lo_destroy(void *userdata)
+{
+ struct lo_data *lo = (struct lo_data *)userdata;
+ unref_all_inodes(lo);
+}
+
static struct fuse_lowlevel_ops lo_oper = {
.init = lo_init,
.lookup = lo_lookup,
@@ -2073,6 +2098,7 @@ static struct fuse_lowlevel_ops lo_oper = {
.copy_file_range = lo_copy_file_range,
#endif
.lseek = lo_lseek,
+ .destroy = lo_destroy,
};
/* Print vhost-user.json backend program capabilities */

66
0085-virtiofsd-support-nanosecond-resolution-for-file-tim.patch Normal file
View File

@ -0,0 +1,66 @@
From: Jiufei Xue <jiufei.xue@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:54 +0000
Subject: [PATCH] virtiofsd: support nanosecond resolution for file timestamp
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Define HAVE_STRUCT_STAT_ST_ATIM to 1 if `st_atim' is member of `struct
stat' which means support nanosecond resolution for the file timestamp
fields.
Signed-off-by: Jiufei Xue <jiufei.xue@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 8a792b034d4b315251fd842bb4c73a133aa1368f)
---
configure | 16 ++++++++++++++++
tools/virtiofsd/fuse_misc.h | 1 +
2 files changed, 17 insertions(+)
diff --git a/configure b/configure
index afe9393f04..dd50b03b01 100755
--- a/configure
+++ b/configure
@@ -5217,6 +5217,19 @@ if compile_prog "" "" ; then
strchrnul=yes
fi
+#########################################
+# check if we have st_atim
+
+st_atim=no
+cat > $TMPC << EOF
+#include <sys/stat.h>
+#include <stddef.h>
+int main(void) { return offsetof(struct stat, st_atim); }
+EOF
+if compile_prog "" "" ; then
+ st_atim=yes
+fi
+
##########################################
# check if trace backend exists
@@ -6918,6 +6931,9 @@ fi
if test "$strchrnul" = "yes" ; then
echo "HAVE_STRCHRNUL=y" >> $config_host_mak
fi
+if test "$st_atim" = "yes" ; then
+ echo "HAVE_STRUCT_STAT_ST_ATIM=y" >> $config_host_mak
+fi
if test "$byteswap_h" = "yes" ; then
echo "CONFIG_BYTESWAP_H=y" >> $config_host_mak
fi
diff --git a/tools/virtiofsd/fuse_misc.h b/tools/virtiofsd/fuse_misc.h
index f252baa752..5c618ce21f 100644
--- a/tools/virtiofsd/fuse_misc.h
+++ b/tools/virtiofsd/fuse_misc.h
@@ -7,6 +7,7 @@
*/
#include <pthread.h>
+#include "config-host.h"
/*
* Versioned symbols cannot be used in some cases because it

47
0086-virtiofsd-fix-error-handling-in-main.patch Normal file
View File

@ -0,0 +1,47 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:55 +0000
Subject: [PATCH] virtiofsd: fix error handling in main()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Neither fuse_parse_cmdline() nor fuse_opt_parse() goes to the right place
to do cleanup.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit c6de804670f2255ce776263124c37f3370dc5ac1)
---
tools/virtiofsd/passthrough_ll.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 9ed77a17fd..af050c6d97 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -2443,13 +2443,14 @@ int main(int argc, char *argv[])
lo_map_init(&lo.fd_map);
if (fuse_parse_cmdline(&args, &opts) != 0) {
- return 1;
+ goto err_out1;
}
fuse_set_log_func(log_func);
use_syslog = opts.syslog;
if (use_syslog) {
openlog("virtiofsd", LOG_PID, LOG_DAEMON);
}
+
if (opts.show_help) {
printf("usage: %s [options]\n\n", argv[0]);
fuse_cmdline_help();
@@ -2468,7 +2469,7 @@ int main(int argc, char *argv[])
}
if (fuse_opt_parse(&args, &lo, lo_opts, NULL) == -1) {
- return 1;
+ goto err_out1;
}
/*

66
0087-virtiofsd-cleanup-allocated-resource-in-se.patch Normal file
View File

@ -0,0 +1,66 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:56 +0000
Subject: [PATCH] virtiofsd: cleanup allocated resource in se
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This cleans up unfreed resources in se on quiting, including
se->virtio_dev, se->vu_socket_path, se->vu_socketfd.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 61cfc44982e566c33b9d5df17858e4d5ae373873)
---
tools/virtiofsd/fuse_lowlevel.c | 7 +++++++
tools/virtiofsd/fuse_virtio.c | 7 +++++++
tools/virtiofsd/fuse_virtio.h | 2 +-
3 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 65f91dabae..440508a6ec 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2532,6 +2532,13 @@ void fuse_session_destroy(struct fuse_session *se)
if (se->fd != -1) {
close(se->fd);
}
+
+ if (se->vu_socket_path) {
+ virtio_session_close(se);
+ free(se->vu_socket_path);
+ se->vu_socket_path = NULL;
+ }
+
free(se);
}
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index 7a8774a3ee..e7bd772805 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -833,3 +833,10 @@ int virtio_session_mount(struct fuse_session *se)
return 0;
}
+
+void virtio_session_close(struct fuse_session *se)
+{
+ close(se->vu_socketfd);
+ free(se->virtio_dev);
+ se->virtio_dev = NULL;
+}
diff --git a/tools/virtiofsd/fuse_virtio.h b/tools/virtiofsd/fuse_virtio.h
index cc676b9193..111684032c 100644
--- a/tools/virtiofsd/fuse_virtio.h
+++ b/tools/virtiofsd/fuse_virtio.h
@@ -19,7 +19,7 @@
struct fuse_session;
int virtio_session_mount(struct fuse_session *se);
-
+void virtio_session_close(struct fuse_session *se);
int virtio_loop(struct fuse_session *se);

47
0088-virtiofsd-fix-memory-leak-on-lo.source.patch Normal file
View File

@ -0,0 +1,47 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:57 +0000
Subject: [PATCH] virtiofsd: fix memory leak on lo.source
valgrind reported that lo.source is leaked on quiting, but it was defined
as (const char*) as it may point to a const string "/".
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit eb68a33b5fc5dde87bd9b99b94e7c33a5d8ea82e)
---
tools/virtiofsd/passthrough_ll.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index af050c6d97..056ebe8556 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -115,7 +115,7 @@ struct lo_data {
int writeback;
int flock;
int xattr;
- const char *source;
+ char *source;
double timeout;
int cache;
int timeout_set;
@@ -2497,9 +2497,8 @@ int main(int argc, char *argv[])
fuse_log(FUSE_LOG_ERR, "source is not a directory\n");
exit(1);
}
-
} else {
- lo.source = "/";
+ lo.source = strdup("/");
}
if (!lo.timeout_set) {
switch (lo.cache) {
@@ -2570,5 +2569,7 @@ err_out1:
close(lo.root.fd);
}
+ free(lo.source);
+
return ret ? 1 : 0;
}

72
0089-virtiofsd-add-helper-for-lo_data-cleanup.patch Normal file
View File

@ -0,0 +1,72 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:01:58 +0000
Subject: [PATCH] virtiofsd: add helper for lo_data cleanup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This offers an helper function for lo_data's cleanup.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 18a69cbbb6a4caa7c2040c6db4a33b044a32be7e)
---
tools/virtiofsd/passthrough_ll.c | 37 ++++++++++++++++++--------------
1 file changed, 21 insertions(+), 16 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 056ebe8556..e8dc5c7320 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -2407,6 +2407,26 @@ static gboolean lo_key_equal(gconstpointer a, gconstpointer b)
return la->ino == lb->ino && la->dev == lb->dev;
}
+static void fuse_lo_data_cleanup(struct lo_data *lo)
+{
+ if (lo->inodes) {
+ g_hash_table_destroy(lo->inodes);
+ }
+ lo_map_destroy(&lo->fd_map);
+ lo_map_destroy(&lo->dirp_map);
+ lo_map_destroy(&lo->ino_map);
+
+ if (lo->proc_self_fd >= 0) {
+ close(lo->proc_self_fd);
+ }
+
+ if (lo->root.fd >= 0) {
+ close(lo->root.fd);
+ }
+
+ free(lo->source);
+}
+
int main(int argc, char *argv[])
{
struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@@ -2554,22 +2574,7 @@ err_out2:
err_out1:
fuse_opt_free_args(&args);
- if (lo.inodes) {
- g_hash_table_destroy(lo.inodes);
- }
- lo_map_destroy(&lo.fd_map);
- lo_map_destroy(&lo.dirp_map);
- lo_map_destroy(&lo.ino_map);
-
- if (lo.proc_self_fd >= 0) {
- close(lo.proc_self_fd);
- }
-
- if (lo.root.fd >= 0) {
- close(lo.root.fd);
- }
-
- free(lo.source);
+ fuse_lo_data_cleanup(&lo);
return ret ? 1 : 0;
}

127
0090-virtiofsd-Prevent-multiply-running-with-same-vhost_u.patch Normal file
View File

@ -0,0 +1,127 @@
From: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Date: Mon, 27 Jan 2020 19:01:59 +0000
Subject: [PATCH] virtiofsd: Prevent multiply running with same
vhost_user_socket
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
virtiofsd can run multiply even if the vhost_user_socket is same path.
]# ./virtiofsd -o vhost_user_socket=/tmp/vhostqemu -o source=/tmp/share &
[1] 244965
virtio_session_mount: Waiting for vhost-user socket connection...
]# ./virtiofsd -o vhost_user_socket=/tmp/vhostqemu -o source=/tmp/share &
[2] 244966
virtio_session_mount: Waiting for vhost-user socket connection...
]#
The user will get confused about the situation and maybe the cause of the
unexpected problem. So it's better to prevent the multiple running.
Create a regular file under localstatedir directory to exclude the
vhost_user_socket. To create and lock the file, use qemu_write_pidfile()
because the API has some sanity checks and file lock.
Signed-off-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Applied fixes from Stefan's review and moved osdep include
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 96814800d2b49d18737c36e021c387697ec40c62)
---
tools/virtiofsd/fuse_lowlevel.c | 1 +
tools/virtiofsd/fuse_virtio.c | 49 ++++++++++++++++++++++++++++++++-
2 files changed, 49 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 440508a6ec..aac282f278 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -18,6 +18,7 @@
#include <assert.h>
#include <errno.h>
+#include <glib.h>
#include <limits.h>
#include <stdbool.h>
#include <stddef.h>
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index e7bd772805..b7948def27 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -13,11 +13,12 @@
#include "qemu/osdep.h"
#include "qemu/iov.h"
-#include "fuse_virtio.h"
+#include "qapi/error.h"
#include "fuse_i.h"
#include "standard-headers/linux/fuse.h"
#include "fuse_misc.h"
#include "fuse_opt.h"
+#include "fuse_virtio.h"
#include <assert.h>
#include <errno.h>
@@ -743,6 +744,42 @@ int virtio_loop(struct fuse_session *se)
return 0;
}
+static void strreplace(char *s, char old, char new)
+{
+ for (; *s; ++s) {
+ if (*s == old) {
+ *s = new;
+ }
+ }
+}
+
+static bool fv_socket_lock(struct fuse_session *se)
+{
+ g_autofree gchar *sk_name = NULL;
+ g_autofree gchar *pidfile = NULL;
+ g_autofree gchar *dir = NULL;
+ Error *local_err = NULL;
+
+ dir = qemu_get_local_state_pathname("run/virtiofsd");
+
+ if (g_mkdir_with_parents(dir, S_IRWXU) < 0) {
+ fuse_log(FUSE_LOG_ERR, "%s: Failed to create directory %s: %s",
+ __func__, dir, strerror(errno));
+ return false;
+ }
+
+ sk_name = g_strdup(se->vu_socket_path);
+ strreplace(sk_name, '/', '.');
+ pidfile = g_strdup_printf("%s/%s.pid", dir, sk_name);
+
+ if (!qemu_write_pidfile(pidfile, &local_err)) {
+ error_report_err(local_err);
+ return false;
+ }
+
+ return true;
+}
+
static int fv_create_listen_socket(struct fuse_session *se)
{
struct sockaddr_un un;
@@ -758,6 +795,16 @@ static int fv_create_listen_socket(struct fuse_session *se)
return -1;
}
+ if (!strlen(se->vu_socket_path)) {
+ fuse_log(FUSE_LOG_ERR, "Socket path is empty\n");
+ return -1;
+ }
+
+ /* Check the vu_socket_path is already used */
+ if (!fv_socket_lock(se)) {
+ return -1;
+ }
+
/*
* Create the Unix socket to communicate with qemu
* based on QEMU's vhost-user-bridge

31
0091-virtiofsd-enable-PARALLEL_DIROPS-during-INIT.patch Normal file
View File

@ -0,0 +1,31 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:02:00 +0000
Subject: [PATCH] virtiofsd: enable PARALLEL_DIROPS during INIT
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
lookup is a RO operations, PARALLEL_DIROPS can be enabled.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit b7ed733a3841c4d489d3bd6ca7ed23c84db119c2)
---
tools/virtiofsd/fuse_lowlevel.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index aac282f278..70568d22a4 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2062,6 +2062,9 @@ static void do_init(fuse_req_t req, fuse_ino_t nodeid,
if (se->conn.want & FUSE_CAP_ASYNC_READ) {
outarg.flags |= FUSE_ASYNC_READ;
}
+ if (se->conn.want & FUSE_CAP_PARALLEL_DIROPS) {
+ outarg.flags |= FUSE_PARALLEL_DIROPS;
+ }
if (se->conn.want & FUSE_CAP_POSIX_LOCKS) {
outarg.flags |= FUSE_POSIX_LOCKS;
}

27
0092-virtiofsd-fix-incorrect-error-handling-in-lo_do_look.patch Normal file
View File

@ -0,0 +1,27 @@
From: Eric Ren <renzhen@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:02:01 +0000
Subject: [PATCH] virtiofsd: fix incorrect error handling in lo_do_lookup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit fc3f0041b43b6c64aa97b3558a6abe1a10028354)
---
tools/virtiofsd/passthrough_ll.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index e8dc5c7320..05b5f898db 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -814,7 +814,6 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
close(newfd);
newfd = -1;
} else {
- saverr = ENOMEM;
inode = calloc(1, sizeof(struct lo_inode));
if (!inode) {
goto out_err;

44
0093-Virtiofsd-fix-memory-leak-on-fuse-queueinfo.patch Normal file
View File

@ -0,0 +1,44 @@
From: Liu Bo <bo.liu@linux.alibaba.com>
Date: Mon, 27 Jan 2020 19:02:02 +0000
Subject: [PATCH] Virtiofsd: fix memory leak on fuse queueinfo
For fuse's queueinfo, both queueinfo array and queueinfos are allocated in
fv_queue_set_started() but not cleaned up when the daemon process quits.
This fixes the leak in proper places.
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Signed-off-by: Eric Ren <renzhen@linux.alibaba.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 740b0b700a6338a1cf60c26229651ac5f6724944)
---
tools/virtiofsd/fuse_virtio.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index b7948def27..fb8d6d1379 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -625,6 +625,8 @@ static void fv_queue_cleanup_thread(struct fv_VuDev *vud, int qidx)
}
close(ourqi->kill_fd);
ourqi->kick_fd = -1;
+ free(vud->qi[qidx]);
+ vud->qi[qidx] = NULL;
}
/* Callback from libvhost-user on start or stop of a queue */
@@ -884,6 +886,12 @@ int virtio_session_mount(struct fuse_session *se)
void virtio_session_close(struct fuse_session *se)
{
close(se->vu_socketfd);
+
+ if (!se->virtio_dev) {
+ return;
+ }
+
+ free(se->virtio_dev->qi);
free(se->virtio_dev);
se->virtio_dev = NULL;
}

336
0094-virtiofsd-Support-remote-posix-locks.patch Normal file
View File

@ -0,0 +1,336 @@
From: Vivek Goyal <vgoyal@redhat.com>
Date: Mon, 27 Jan 2020 19:02:03 +0000
Subject: [PATCH] virtiofsd: Support remote posix locks
Doing posix locks with-in guest kernel are not sufficient if a file/dir
is being shared by multiple guests. So we need the notion of daemon doing
the locks which are visible to rest of the guests.
Given posix locks are per process, one can not call posix lock API on host,
otherwise bunch of basic posix locks properties are broken. For example,
If two processes (A and B) in guest open the file and take locks on different
sections of file, if one of the processes closes the fd, it will close
fd on virtiofsd and all posix locks on file will go away. This means if
process A closes the fd, then locks of process B will go away too.
Similar other problems exist too.
This patch set tries to emulate posix locks while using open file
description locks provided on Linux.
Daemon provides two options (-o posix_lock, -o no_posix_lock) to enable
or disable posix locking in daemon. By default it is enabled.
There are few issues though.
- GETLK() returns pid of process holding lock. As we are emulating locks
using OFD, and these locks are not per process and don't return pid
of process, so GETLK() in guest does not reuturn process pid.
- As of now only F_SETLK is supported and not F_SETLKW. We can't block
the thread in virtiofsd for arbitrary long duration as there is only
one thread serving the queue. That means unlock request will not make
it to daemon and F_SETLKW will block infinitely and bring virtio-fs
to a halt. This is a solvable problem though and will require significant
changes in virtiofsd and kernel. Left as a TODO item for now.
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Masayoshi Mizuma <m.mizuma@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 0e81414c54161296212f6bc8a1c70526c4a9755a)
---
tools/virtiofsd/helper.c | 3 +
tools/virtiofsd/passthrough_ll.c | 189 +++++++++++++++++++++++++++++++
2 files changed, 192 insertions(+)
diff --git a/tools/virtiofsd/helper.c b/tools/virtiofsd/helper.c
index 567202444a..33749bfcb7 100644
--- a/tools/virtiofsd/helper.c
+++ b/tools/virtiofsd/helper.c
@@ -156,6 +156,9 @@ void fuse_cmdline_help(void)
" allowed (default: 10)\n"
" -o norace disable racy fallback\n"
" default: false\n"
+ " -o posix_lock|no_posix_lock\n"
+ " enable/disable remote posix lock\n"
+ " default: posix_lock\n"
" -o readdirplus|no_readdirplus\n"
" enable/disable readirplus\n"
" default: readdirplus except with "
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 05b5f898db..9414935b52 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -67,6 +67,12 @@
#include "passthrough_helpers.h"
#include "seccomp.h"
+/* Keep track of inode posix locks for each owner. */
+struct lo_inode_plock {
+ uint64_t lock_owner;
+ int fd; /* fd for OFD locks */
+};
+
struct lo_map_elem {
union {
struct lo_inode *inode;
@@ -95,6 +101,8 @@ struct lo_inode {
struct lo_key key;
uint64_t refcount; /* protected by lo->mutex */
fuse_ino_t fuse_ino;
+ pthread_mutex_t plock_mutex;
+ GHashTable *posix_locks; /* protected by lo_inode->plock_mutex */
};
struct lo_cred {
@@ -114,6 +122,7 @@ struct lo_data {
int norace;
int writeback;
int flock;
+ int posix_lock;
int xattr;
char *source;
double timeout;
@@ -137,6 +146,8 @@ static const struct fuse_opt lo_opts[] = {
{ "source=%s", offsetof(struct lo_data, source), 0 },
{ "flock", offsetof(struct lo_data, flock), 1 },
{ "no_flock", offsetof(struct lo_data, flock), 0 },
+ { "posix_lock", offsetof(struct lo_data, posix_lock), 1 },
+ { "no_posix_lock", offsetof(struct lo_data, posix_lock), 0 },
{ "xattr", offsetof(struct lo_data, xattr), 1 },
{ "no_xattr", offsetof(struct lo_data, xattr), 0 },
{ "timeout=%lf", offsetof(struct lo_data, timeout), 0 },
@@ -485,6 +496,17 @@ static void lo_init(void *userdata, struct fuse_conn_info *conn)
fuse_log(FUSE_LOG_DEBUG, "lo_init: activating flock locks\n");
conn->want |= FUSE_CAP_FLOCK_LOCKS;
}
+
+ if (conn->capable & FUSE_CAP_POSIX_LOCKS) {
+ if (lo->posix_lock) {
+ fuse_log(FUSE_LOG_DEBUG, "lo_init: activating posix locks\n");
+ conn->want |= FUSE_CAP_POSIX_LOCKS;
+ } else {
+ fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling posix locks\n");
+ conn->want &= ~FUSE_CAP_POSIX_LOCKS;
+ }
+ }
+
if ((lo->cache == CACHE_NONE && !lo->readdirplus_set) ||
lo->readdirplus_clear) {
fuse_log(FUSE_LOG_DEBUG, "lo_init: disabling readdirplus\n");
@@ -772,6 +794,19 @@ static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st)
return p;
}
+/* value_destroy_func for posix_locks GHashTable */
+static void posix_locks_value_destroy(gpointer data)
+{
+ struct lo_inode_plock *plock = data;
+
+ /*
+ * We had used open() for locks and had only one fd. So
+ * closing this fd should release all OFD locks.
+ */
+ close(plock->fd);
+ free(plock);
+}
+
static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
struct fuse_entry_param *e)
{
@@ -825,6 +860,9 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
newfd = -1;
inode->key.ino = e->attr.st_ino;
inode->key.dev = e->attr.st_dev;
+ pthread_mutex_init(&inode->plock_mutex, NULL);
+ inode->posix_locks = g_hash_table_new_full(
+ g_direct_hash, g_direct_equal, NULL, posix_locks_value_destroy);
pthread_mutex_lock(&lo->mutex);
inode->fuse_ino = lo_add_inode_mapping(req, inode);
@@ -1160,6 +1198,11 @@ static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
if (!inode->refcount) {
lo_map_remove(&lo->ino_map, inode->fuse_ino);
g_hash_table_remove(lo->inodes, &inode->key);
+ if (g_hash_table_size(inode->posix_locks)) {
+ fuse_log(FUSE_LOG_WARNING, "Hash table is not empty\n");
+ }
+ g_hash_table_destroy(inode->posix_locks);
+ pthread_mutex_destroy(&inode->plock_mutex);
pthread_mutex_unlock(&lo->mutex);
close(inode->fd);
free(inode);
@@ -1516,6 +1559,136 @@ out:
}
}
+/* Should be called with inode->plock_mutex held */
+static struct lo_inode_plock *lookup_create_plock_ctx(struct lo_data *lo,
+ struct lo_inode *inode,
+ uint64_t lock_owner,
+ pid_t pid, int *err)
+{
+ struct lo_inode_plock *plock;
+ char procname[64];
+ int fd;
+
+ plock =
+ g_hash_table_lookup(inode->posix_locks, GUINT_TO_POINTER(lock_owner));
+
+ if (plock) {
+ return plock;
+ }
+
+ plock = malloc(sizeof(struct lo_inode_plock));
+ if (!plock) {
+ *err = ENOMEM;
+ return NULL;
+ }
+
+ /* Open another instance of file which can be used for ofd locks. */
+ sprintf(procname, "%i", inode->fd);
+
+ /* TODO: What if file is not writable? */
+ fd = openat(lo->proc_self_fd, procname, O_RDWR);
+ if (fd == -1) {
+ *err = errno;
+ free(plock);
+ return NULL;
+ }
+
+ plock->lock_owner = lock_owner;
+ plock->fd = fd;
+ g_hash_table_insert(inode->posix_locks, GUINT_TO_POINTER(plock->lock_owner),
+ plock);
+ return plock;
+}
+
+static void lo_getlk(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
+ struct flock *lock)
+{
+ struct lo_data *lo = lo_data(req);
+ struct lo_inode *inode;
+ struct lo_inode_plock *plock;
+ int ret, saverr = 0;
+
+ fuse_log(FUSE_LOG_DEBUG,
+ "lo_getlk(ino=%" PRIu64 ", flags=%d)"
+ " owner=0x%lx, l_type=%d l_start=0x%lx"
+ " l_len=0x%lx\n",
+ ino, fi->flags, fi->lock_owner, lock->l_type, lock->l_start,
+ lock->l_len);
+
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ pthread_mutex_lock(&inode->plock_mutex);
+ plock =
+ lookup_create_plock_ctx(lo, inode, fi->lock_owner, lock->l_pid, &ret);
+ if (!plock) {
+ pthread_mutex_unlock(&inode->plock_mutex);
+ fuse_reply_err(req, ret);
+ return;
+ }
+
+ ret = fcntl(plock->fd, F_OFD_GETLK, lock);
+ if (ret == -1) {
+ saverr = errno;
+ }
+ pthread_mutex_unlock(&inode->plock_mutex);
+
+ if (saverr) {
+ fuse_reply_err(req, saverr);
+ } else {
+ fuse_reply_lock(req, lock);
+ }
+}
+
+static void lo_setlk(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
+ struct flock *lock, int sleep)
+{
+ struct lo_data *lo = lo_data(req);
+ struct lo_inode *inode;
+ struct lo_inode_plock *plock;
+ int ret, saverr = 0;
+
+ fuse_log(FUSE_LOG_DEBUG,
+ "lo_setlk(ino=%" PRIu64 ", flags=%d)"
+ " cmd=%d pid=%d owner=0x%lx sleep=%d l_whence=%d"
+ " l_start=0x%lx l_len=0x%lx\n",
+ ino, fi->flags, lock->l_type, lock->l_pid, fi->lock_owner, sleep,
+ lock->l_whence, lock->l_start, lock->l_len);
+
+ if (sleep) {
+ fuse_reply_err(req, EOPNOTSUPP);
+ return;
+ }
+
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ pthread_mutex_lock(&inode->plock_mutex);
+ plock =
+ lookup_create_plock_ctx(lo, inode, fi->lock_owner, lock->l_pid, &ret);
+
+ if (!plock) {
+ pthread_mutex_unlock(&inode->plock_mutex);
+ fuse_reply_err(req, ret);
+ return;
+ }
+
+ /* TODO: Is it alright to modify flock? */
+ lock->l_pid = 0;
+ ret = fcntl(plock->fd, F_OFD_SETLK, lock);
+ if (ret == -1) {
+ saverr = errno;
+ }
+ pthread_mutex_unlock(&inode->plock_mutex);
+ fuse_reply_err(req, saverr);
+}
+
static void lo_fsyncdir(fuse_req_t req, fuse_ino_t ino, int datasync,
struct fuse_file_info *fi)
{
@@ -1617,6 +1790,19 @@ static void lo_flush(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi)
{
int res;
(void)ino;
+ struct lo_inode *inode;
+
+ inode = lo_inode(req, ino);
+ if (!inode) {
+ fuse_reply_err(req, EBADF);
+ return;
+ }
+
+ /* An fd is going away. Cleanup associated posix locks */
+ pthread_mutex_lock(&inode->plock_mutex);
+ g_hash_table_remove(inode->posix_locks, GUINT_TO_POINTER(fi->lock_owner));
+ pthread_mutex_unlock(&inode->plock_mutex);
+
res = close(dup(lo_fi_fd(req, fi)));
fuse_reply_err(req, res == -1 ? errno : 0);
}
@@ -2080,6 +2266,8 @@ static struct fuse_lowlevel_ops lo_oper = {
.releasedir = lo_releasedir,
.fsyncdir = lo_fsyncdir,
.create = lo_create,
+ .getlk = lo_getlk,
+ .setlk = lo_setlk,
.open = lo_open,
.release = lo_release,
.flush = lo_flush,
@@ -2434,6 +2622,7 @@ int main(int argc, char *argv[])
struct lo_data lo = {
.debug = 0,
.writeback = 0,
+ .posix_lock = 1,
.proc_self_fd = -1,
};
struct lo_map_elem *root_elem;

40
0095-virtiofsd-use-fuse_lowlevel_is_virtio-in-fuse_sessio.patch Normal file
View File

@ -0,0 +1,40 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:04 +0000
Subject: [PATCH] virtiofsd: use fuse_lowlevel_is_virtio() in
fuse_session_destroy()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
vu_socket_path is NULL when --fd=FDNUM was used. Use
fuse_lowlevel_is_virtio() instead.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 620e9d8d9cee6df7fe71168dea950dba0cc21a4a)
---
tools/virtiofsd/fuse_lowlevel.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/tools/virtiofsd/fuse_lowlevel.c b/tools/virtiofsd/fuse_lowlevel.c
index 70568d22a4..dab6a31e08 100644
--- a/tools/virtiofsd/fuse_lowlevel.c
+++ b/tools/virtiofsd/fuse_lowlevel.c
@@ -2537,12 +2537,13 @@ void fuse_session_destroy(struct fuse_session *se)
close(se->fd);
}
- if (se->vu_socket_path) {
+ if (fuse_lowlevel_is_virtio(se)) {
virtio_session_close(se);
- free(se->vu_socket_path);
- se->vu_socket_path = NULL;
}
+ free(se->vu_socket_path);
+ se->vu_socket_path = NULL;
+
free(se);
}

132
0096-virtiofsd-prevent-fv_queue_thread-vs-virtio_loop-rac.patch Normal file
View File

@ -0,0 +1,132 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:05 +0000
Subject: [PATCH] virtiofsd: prevent fv_queue_thread() vs virtio_loop() races
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
We call into libvhost-user from the virtqueue handler thread and the
vhost-user message processing thread without a lock. There is nothing
protecting the virtqueue handler thread if the vhost-user message
processing thread changes the virtqueue or memory table while it is
running.
This patch introduces a read-write lock. Virtqueue handler threads are
readers. The vhost-user message processing thread is a writer. This
will allow concurrency for multiqueue in the future while protecting
against fv_queue_thread() vs virtio_loop() races.
Note that the critical sections could be made smaller but it would be
more invasive and require libvhost-user changes. Let's start simple and
improve performance later, if necessary. Another option would be an
RCU-style approach with lighter-weight primitives.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit e7b337326d594b71b07cd6dbb332c49c122c80a4)
---
tools/virtiofsd/fuse_virtio.c | 34 +++++++++++++++++++++++++++++++++-
1 file changed, 33 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/fuse_virtio.c b/tools/virtiofsd/fuse_virtio.c
index fb8d6d1379..f6242f9338 100644
--- a/tools/virtiofsd/fuse_virtio.c
+++ b/tools/virtiofsd/fuse_virtio.c
@@ -58,6 +58,18 @@ struct fv_VuDev {
VuDev dev;
struct fuse_session *se;
+ /*
+ * Either handle virtqueues or vhost-user protocol messages. Don't do
+ * both at the same time since that could lead to race conditions if
+ * virtqueues or memory tables change while another thread is accessing
+ * them.
+ *
+ * The assumptions are:
+ * 1. fv_queue_thread() reads/writes to virtqueues and only reads VuDev.
+ * 2. virtio_loop() reads/writes virtqueues and VuDev.
+ */
+ pthread_rwlock_t vu_dispatch_rwlock;
+
/*
* The following pair of fields are only accessed in the main
* virtio_loop
@@ -415,6 +427,8 @@ static void *fv_queue_thread(void *opaque)
qi->qidx, qi->kick_fd);
while (1) {
struct pollfd pf[2];
+ int ret;
+
pf[0].fd = qi->kick_fd;
pf[0].events = POLLIN;
pf[0].revents = 0;
@@ -461,6 +475,9 @@ static void *fv_queue_thread(void *opaque)
fuse_log(FUSE_LOG_ERR, "Eventfd_read for queue: %m\n");
break;
}
+ /* Mutual exclusion with virtio_loop() */
+ ret = pthread_rwlock_rdlock(&qi->virtio_dev->vu_dispatch_rwlock);
+ assert(ret == 0); /* there is no possible error case */
/* out is from guest, in is too guest */
unsigned int in_bytes, out_bytes;
vu_queue_get_avail_bytes(dev, q, &in_bytes, &out_bytes, ~0, ~0);
@@ -469,6 +486,7 @@ static void *fv_queue_thread(void *opaque)
"%s: Queue %d gave evalue: %zx available: in: %u out: %u\n",
__func__, qi->qidx, (size_t)evalue, in_bytes, out_bytes);
+
while (1) {
bool allocated_bufv = false;
struct fuse_bufvec bufv;
@@ -597,6 +615,8 @@ static void *fv_queue_thread(void *opaque)
free(elem);
elem = NULL;
}
+
+ pthread_rwlock_unlock(&qi->virtio_dev->vu_dispatch_rwlock);
}
out:
pthread_mutex_destroy(&ch.lock);
@@ -711,6 +731,8 @@ int virtio_loop(struct fuse_session *se)
while (!fuse_session_exited(se)) {
struct pollfd pf[1];
+ bool ok;
+ int ret;
pf[0].fd = se->vu_socketfd;
pf[0].events = POLLIN;
pf[0].revents = 0;
@@ -735,7 +757,15 @@ int virtio_loop(struct fuse_session *se)
}
assert(pf[0].revents & POLLIN);
fuse_log(FUSE_LOG_DEBUG, "%s: Got VU event\n", __func__);
- if (!vu_dispatch(&se->virtio_dev->dev)) {
+ /* Mutual exclusion with fv_queue_thread() */
+ ret = pthread_rwlock_wrlock(&se->virtio_dev->vu_dispatch_rwlock);
+ assert(ret == 0); /* there is no possible error case */
+
+ ok = vu_dispatch(&se->virtio_dev->dev);
+
+ pthread_rwlock_unlock(&se->virtio_dev->vu_dispatch_rwlock);
+
+ if (!ok) {
fuse_log(FUSE_LOG_ERR, "%s: vu_dispatch failed\n", __func__);
break;
}
@@ -877,6 +907,7 @@ int virtio_session_mount(struct fuse_session *se)
se->vu_socketfd = data_sock;
se->virtio_dev->se = se;
+ pthread_rwlock_init(&se->virtio_dev->vu_dispatch_rwlock, NULL);
vu_init(&se->virtio_dev->dev, 2, se->vu_socketfd, fv_panic, fv_set_watch,
fv_remove_watch, &fv_iface);
@@ -892,6 +923,7 @@ void virtio_session_close(struct fuse_session *se)
}
free(se->virtio_dev->qi);
+ pthread_rwlock_destroy(&se->virtio_dev->vu_dispatch_rwlock);
free(se->virtio_dev);
se->virtio_dev = NULL;
}

46
0097-virtiofsd-make-lo_release-atomic.patch Normal file
View File

@ -0,0 +1,46 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:06 +0000
Subject: [PATCH] virtiofsd: make lo_release() atomic
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Hold the lock across both lo_map_get() and lo_map_remove() to prevent
races between two FUSE_RELEASE requests. In this case I don't see a
serious bug but it's safer to do things atomically.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit baed65c060c0e524530bc243eec427fb408bd477)
---
tools/virtiofsd/passthrough_ll.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 9414935b52..690edbc4c5 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1772,14 +1772,18 @@ static void lo_release(fuse_req_t req, fuse_ino_t ino,
struct fuse_file_info *fi)
{
struct lo_data *lo = lo_data(req);
- int fd;
+ struct lo_map_elem *elem;
+ int fd = -1;
(void)ino;
- fd = lo_fi_fd(req, fi);
-
pthread_mutex_lock(&lo->mutex);
- lo_map_remove(&lo->fd_map, fi->fh);
+ elem = lo_map_get(&lo->fd_map, fi->fh);
+ if (elem) {
+ fd = elem->fd;
+ elem = NULL;
+ lo_map_remove(&lo->fd_map, fi->fh);
+ }
pthread_mutex_unlock(&lo->mutex);
close(fd);

131
0098-virtiofsd-prevent-races-with-lo_dirp_put.patch Normal file
View File

@ -0,0 +1,131 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:07 +0000
Subject: [PATCH] virtiofsd: prevent races with lo_dirp_put()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Introduce lo_dirp_put() so that FUSE_RELEASEDIR does not cause
use-after-free races with other threads that are accessing lo_dirp.
Also make lo_releasedir() atomic to prevent FUSE_RELEASEDIR racing with
itself. This prevents double-frees.
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit acefdde73b403576a241ebd8dbe8431ddc0d9442)
---
tools/virtiofsd/passthrough_ll.c | 41 +++++++++++++++++++++++++++-----
1 file changed, 35 insertions(+), 6 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 690edbc4c5..2d703b57e5 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1284,11 +1284,28 @@ static void lo_readlink(fuse_req_t req, fuse_ino_t ino)
}
struct lo_dirp {
+ gint refcount;
DIR *dp;
struct dirent *entry;
off_t offset;
};
+static void lo_dirp_put(struct lo_dirp **dp)
+{
+ struct lo_dirp *d = *dp;
+
+ if (!d) {
+ return;
+ }
+ *dp = NULL;
+
+ if (g_atomic_int_dec_and_test(&d->refcount)) {
+ closedir(d->dp);
+ free(d);
+ }
+}
+
+/* Call lo_dirp_put() on the return value when no longer needed */
static struct lo_dirp *lo_dirp(fuse_req_t req, struct fuse_file_info *fi)
{
struct lo_data *lo = lo_data(req);
@@ -1296,6 +1313,9 @@ static struct lo_dirp *lo_dirp(fuse_req_t req, struct fuse_file_info *fi)
pthread_mutex_lock(&lo->mutex);
elem = lo_map_get(&lo->dirp_map, fi->fh);
+ if (elem) {
+ g_atomic_int_inc(&elem->dirp->refcount);
+ }
pthread_mutex_unlock(&lo->mutex);
if (!elem) {
return NULL;
@@ -1331,6 +1351,7 @@ static void lo_opendir(fuse_req_t req, fuse_ino_t ino,
d->offset = 0;
d->entry = NULL;
+ g_atomic_int_set(&d->refcount, 1); /* paired with lo_releasedir() */
pthread_mutex_lock(&lo->mutex);
fh = lo_add_dirp_mapping(req, d);
pthread_mutex_unlock(&lo->mutex);
@@ -1364,7 +1385,7 @@ static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
off_t offset, struct fuse_file_info *fi, int plus)
{
struct lo_data *lo = lo_data(req);
- struct lo_dirp *d;
+ struct lo_dirp *d = NULL;
struct lo_inode *dinode;
char *buf = NULL;
char *p;
@@ -1454,6 +1475,8 @@ static void lo_do_readdir(fuse_req_t req, fuse_ino_t ino, size_t size,
err = 0;
error:
+ lo_dirp_put(&d);
+
/*
* If there's an error, we can only signal it if we haven't stored
* any entries yet - otherwise we'd end up with wrong lookup
@@ -1484,22 +1507,25 @@ static void lo_releasedir(fuse_req_t req, fuse_ino_t ino,
struct fuse_file_info *fi)
{
struct lo_data *lo = lo_data(req);
+ struct lo_map_elem *elem;
struct lo_dirp *d;
(void)ino;
- d = lo_dirp(req, fi);
- if (!d) {
+ pthread_mutex_lock(&lo->mutex);
+ elem = lo_map_get(&lo->dirp_map, fi->fh);
+ if (!elem) {
+ pthread_mutex_unlock(&lo->mutex);
fuse_reply_err(req, EBADF);
return;
}
- pthread_mutex_lock(&lo->mutex);
+ d = elem->dirp;
lo_map_remove(&lo->dirp_map, fi->fh);
pthread_mutex_unlock(&lo->mutex);
- closedir(d->dp);
- free(d);
+ lo_dirp_put(&d); /* paired with lo_opendir() */
+
fuse_reply_err(req, 0);
}
@@ -1710,6 +1736,9 @@ static void lo_fsyncdir(fuse_req_t req, fuse_ino_t ino, int datasync,
} else {
res = fsync(fd);
}
+
+ lo_dirp_put(&d);
+
fuse_reply_err(req, res == -1 ? errno : 0);
}

123
0099-virtiofsd-rename-inode-refcount-to-inode-nlookup.patch Normal file
View File

@ -0,0 +1,123 @@
From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:08 +0000
Subject: [PATCH] virtiofsd: rename inode->refcount to inode->nlookup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This reference counter plays a specific role in the FUSE protocol. It's
not a generic object reference counter and the FUSE kernel code calls it
"nlookup".
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 1222f015558fc34cea02aa3a5a92de608c82cec8)
---
tools/virtiofsd/passthrough_ll.c | 37 +++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 12 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 2d703b57e5..c819b5f782 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -99,7 +99,20 @@ struct lo_inode {
int fd;
bool is_symlink;
struct lo_key key;
- uint64_t refcount; /* protected by lo->mutex */
+
+ /*
+ * This counter keeps the inode alive during the FUSE session.
+ * Incremented when the FUSE inode number is sent in a reply
+ * (FUSE_LOOKUP, FUSE_READDIRPLUS, etc). Decremented when an inode is
+ * released by requests like FUSE_FORGET, FUSE_RMDIR, FUSE_RENAME, etc.
+ *
+ * Note that this value is untrusted because the client can manipulate
+ * it arbitrarily using FUSE_FORGET requests.
+ *
+ * Protected by lo->mutex.
+ */
+ uint64_t nlookup;
+
fuse_ino_t fuse_ino;
pthread_mutex_t plock_mutex;
GHashTable *posix_locks; /* protected by lo_inode->plock_mutex */
@@ -568,7 +581,7 @@ retry:
if (last == path) {
p = &lo->root;
pthread_mutex_lock(&lo->mutex);
- p->refcount++;
+ p->nlookup++;
pthread_mutex_unlock(&lo->mutex);
} else {
*last = '\0';
@@ -786,8 +799,8 @@ static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st)
pthread_mutex_lock(&lo->mutex);
p = g_hash_table_lookup(lo->inodes, &key);
if (p) {
- assert(p->refcount > 0);
- p->refcount++;
+ assert(p->nlookup > 0);
+ p->nlookup++;
}
pthread_mutex_unlock(&lo->mutex);
@@ -855,7 +868,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
}
inode->is_symlink = S_ISLNK(e->attr.st_mode);
- inode->refcount = 1;
+ inode->nlookup = 1;
inode->fd = newfd;
newfd = -1;
inode->key.ino = e->attr.st_ino;
@@ -1112,7 +1125,7 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
}
pthread_mutex_lock(&lo->mutex);
- inode->refcount++;
+ inode->nlookup++;
pthread_mutex_unlock(&lo->mutex);
e.ino = inode->fuse_ino;
@@ -1193,9 +1206,9 @@ static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
}
pthread_mutex_lock(&lo->mutex);
- assert(inode->refcount >= n);
- inode->refcount -= n;
- if (!inode->refcount) {
+ assert(inode->nlookup >= n);
+ inode->nlookup -= n;
+ if (!inode->nlookup) {
lo_map_remove(&lo->ino_map, inode->fuse_ino);
g_hash_table_remove(lo->inodes, &inode->key);
if (g_hash_table_size(inode->posix_locks)) {
@@ -1216,7 +1229,7 @@ static int unref_all_inodes_cb(gpointer key, gpointer value, gpointer user_data)
struct lo_inode *inode = value;
struct lo_data *lo = user_data;
- inode->refcount = 0;
+ inode->nlookup = 0;
lo_map_remove(&lo->ino_map, inode->fuse_ino);
close(inode->fd);
@@ -1241,7 +1254,7 @@ static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
}
fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n",
- (unsigned long long)ino, (unsigned long long)inode->refcount,
+ (unsigned long long)ino, (unsigned long long)inode->nlookup,
(unsigned long long)nlookup);
unref_inode_lolocked(lo, inode, nlookup);
@@ -2609,7 +2622,7 @@ static void setup_root(struct lo_data *lo, struct lo_inode *root)
root->fd = fd;
root->key.ino = stat.st_ino;
root->key.dev = stat.st_dev;
- root->refcount = 2;
+ root->nlookup = 2;
}
static guint lo_key_hash(gconstpointer key)

98
0100-libvhost-user-Fix-some-memtable-remap-cases.patch Normal file
View File

@ -0,0 +1,98 @@
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Date: Mon, 27 Jan 2020 19:02:09 +0000
Subject: [PATCH] libvhost-user: Fix some memtable remap cases
If a new setmemtable command comes in once the vhost threads are
running, it will remap the guests address space and the threads
will now be looking in the wrong place.
Fortunately we're running this command under lock, so we can
update the queue mappings so that threads will look in the new-right
place.
Note: This doesn't fix things that the threads might be doing
without a lock (e.g. a readv/writev!) That's for another time.
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 49e9ec749d4db62ae51f76354143cee183912a1d)
---
contrib/libvhost-user/libvhost-user.c | 33 ++++++++++++++++++++-------
contrib/libvhost-user/libvhost-user.h | 3 +++
2 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/contrib/libvhost-user/libvhost-user.c b/contrib/libvhost-user/libvhost-user.c
index 63e41062a4..b89bf18501 100644
--- a/contrib/libvhost-user/libvhost-user.c
+++ b/contrib/libvhost-user/libvhost-user.c
@@ -564,6 +564,21 @@ vu_reset_device_exec(VuDev *dev, VhostUserMsg *vmsg)
return false;
}
+static bool
+map_ring(VuDev *dev, VuVirtq *vq)
+{
+ vq->vring.desc = qva_to_va(dev, vq->vra.desc_user_addr);
+ vq->vring.used = qva_to_va(dev, vq->vra.used_user_addr);
+ vq->vring.avail = qva_to_va(dev, vq->vra.avail_user_addr);
+
+ DPRINT("Setting virtq addresses:\n");
+ DPRINT(" vring_desc at %p\n", vq->vring.desc);
+ DPRINT(" vring_used at %p\n", vq->vring.used);
+ DPRINT(" vring_avail at %p\n", vq->vring.avail);
+
+ return !(vq->vring.desc && vq->vring.used && vq->vring.avail);
+}
+
static bool
vu_set_mem_table_exec_postcopy(VuDev *dev, VhostUserMsg *vmsg)
{
@@ -767,6 +782,14 @@ vu_set_mem_table_exec(VuDev *dev, VhostUserMsg *vmsg)
close(vmsg->fds[i]);
}
+ for (i = 0; i < dev->max_queues; i++) {
+ if (dev->vq[i].vring.desc) {
+ if (map_ring(dev, &dev->vq[i])) {
+ vu_panic(dev, "remaping queue %d during setmemtable", i);
+ }
+ }
+ }
+
return false;
}
@@ -853,18 +876,12 @@ vu_set_vring_addr_exec(VuDev *dev, VhostUserMsg *vmsg)
DPRINT(" avail_user_addr: 0x%016" PRIx64 "\n", vra->avail_user_addr);
DPRINT(" log_guest_addr: 0x%016" PRIx64 "\n", vra->log_guest_addr);
+ vq->vra = *vra;
vq->vring.flags = vra->flags;
- vq->vring.desc = qva_to_va(dev, vra->desc_user_addr);
- vq->vring.used = qva_to_va(dev, vra->used_user_addr);
- vq->vring.avail = qva_to_va(dev, vra->avail_user_addr);
vq->vring.log_guest_addr = vra->log_guest_addr;
- DPRINT("Setting virtq addresses:\n");
- DPRINT(" vring_desc at %p\n", vq->vring.desc);
- DPRINT(" vring_used at %p\n", vq->vring.used);
- DPRINT(" vring_avail at %p\n", vq->vring.avail);
- if (!(vq->vring.desc && vq->vring.used && vq->vring.avail)) {
+ if (map_ring(dev, vq)) {
vu_panic(dev, "Invalid vring_addr message");
return false;
}
diff --git a/contrib/libvhost-user/libvhost-user.h b/contrib/libvhost-user/libvhost-user.h
index 1844b6f8d4..5cb7708559 100644
--- a/contrib/libvhost-user/libvhost-user.h
+++ b/contrib/libvhost-user/libvhost-user.h
@@ -327,6 +327,9 @@ typedef struct VuVirtq {
int err_fd;
unsigned int enable;
bool started;
+
+ /* Guest addresses of our ring */
+ struct vhost_vring_addr vra;
} VuVirtq;
enum VuWatchCondtion {

Some files were not shown because too many files have changed in this diff Show More