diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2023-08-11 15:12:22 +1000 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2023-08-13 17:29:53 +0200 |
commit | 6a6735ece442298e000de43f5325842a442c263d (patch) | |
tree | a810b909c527ddea425d6887fc598c5740efd27c /tap.c | |
parent | 34016444534120f2fa5a049675815843d041bc16 (diff) | |
download | passt-6a6735ece442298e000de43f5325842a442c263d.tar passt-6a6735ece442298e000de43f5325842a442c263d.tar.gz passt-6a6735ece442298e000de43f5325842a442c263d.tar.bz2 passt-6a6735ece442298e000de43f5325842a442c263d.tar.lz passt-6a6735ece442298e000de43f5325842a442c263d.tar.xz passt-6a6735ece442298e000de43f5325842a442c263d.tar.zst passt-6a6735ece442298e000de43f5325842a442c263d.zip |
epoll: Always use epoll_ref for the epoll data variable
epoll_ref contains a variety of information useful when handling epoll
events on our sockets, and we place it in the epoll_event data field
returned by epoll. However, for a few other things we use the 'fd' field
in the standard union of types for that data field.
This actually introduces a bug which is vanishingly unlikely to hit in
practice, but very nasty if it ever did: theoretically if we had a very
large file descriptor number for fd_tap or fd_tap_listen it could overflow
into bits that overlap with the 'proto' field in epoll_ref. With some
very bad luck this could mean that we mistakenly think an event on a
regular socket is an event on fd_tap or fd_tap_listen.
More practically, using different (but overlapping) fields of the
epoll_data means we can't unify dispatch for the various different objects
in the epoll. Therefore use the same epoll_ref as the data for the tap
fds and the netns quit fd, adding new fd type values to describe them.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'tap.c')
-rw-r--r-- | tap.c | 16 |
1 files changed, 12 insertions, 4 deletions
@@ -1071,6 +1071,7 @@ restart: static void tap_sock_unix_init(struct ctx *c) { int fd = socket(AF_UNIX, SOCK_STREAM, 0); + union epoll_ref ref = { .type = EPOLL_TYPE_TAP }; struct epoll_event ev = { 0 }; struct sockaddr_un addr = { .sun_family = AF_UNIX, @@ -1123,8 +1124,9 @@ static void tap_sock_unix_init(struct ctx *c) listen(fd, 0); - ev.data.fd = c->fd_tap_listen = fd; + ref.fd = c->fd_tap_listen = fd; ev.events = EPOLLIN | EPOLLET; + ev.data.u64 = ref.u64; epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap_listen, &ev); info("You can now start qemu (>= 7.2, with commit 13c6be96618c):"); @@ -1141,6 +1143,7 @@ static void tap_sock_unix_init(struct ctx *c) */ static void tap_sock_unix_new(struct ctx *c, uint32_t events) { + union epoll_ref ref = { .type = EPOLL_TYPE_TAP }; struct epoll_event ev = { 0 }; int v = INT_MAX / 2; struct ucred ucred; @@ -1180,8 +1183,9 @@ static void tap_sock_unix_new(struct ctx *c, uint32_t events) setsockopt(c->fd_tap, SOL_SOCKET, SO_SNDBUF, &v, sizeof(v))) trace("tap: failed to set SO_SNDBUF to %i", v); - ev.data.fd = c->fd_tap; + ref.fd = c->fd_tap; ev.events = EPOLLIN | EPOLLET | EPOLLRDHUP; + ev.data.u64 = ref.u64; epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap, &ev); } @@ -1226,6 +1230,7 @@ static int tap_ns_tun(void *arg) */ static void tap_sock_tun_init(struct ctx *c) { + union epoll_ref ref = { .type = EPOLL_TYPE_TAP }; struct epoll_event ev = { 0 }; NS_CALL(tap_ns_tun, c); @@ -1234,8 +1239,9 @@ static void tap_sock_tun_init(struct ctx *c) pasta_ns_conf(c); - ev.data.fd = c->fd_tap; + ref.fd = c->fd_tap; ev.events = EPOLLIN | EPOLLRDHUP; + ev.data.u64 = ref.u64; epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap, &ev); } @@ -1257,11 +1263,13 @@ void tap_sock_init(struct ctx *c) } if (c->fd_tap != -1) { /* Passed as --fd */ + union epoll_ref ref = { .type = EPOLL_TYPE_TAP }; struct epoll_event ev = { 0 }; ASSERT(c->one_off); - ev.data.fd = c->fd_tap; + ref.fd = c->fd_tap; ev.events = EPOLLIN | EPOLLET | EPOLLRDHUP; + ev.data.u64 = ref.u64; epoll_ctl(c->epollfd, EPOLL_CTL_ADD, c->fd_tap, &ev); return; } |