Create a vhost-user-backend object that holds a connection to a vhost-user backend and can be referenced from virtio devices that support it. See later patches for input & gpu usage.
A chardev can be specified to communicate with the vhost-user backend, ex: -chardev socket,id=char0,path=/tmp/foo.sock -object vhost-user-backend,id=vuid,chardev=char0. Alternatively, an executable with its arguments may be given as 'cmd' property, ex: -object vhost-user-backend,id=vui,cmd="./vhost-user-input /dev/input..". The executable is then spawn and, by convention, the vhost-user socket is passed as fd=3. It may be considered a security breach to allow creating processes that may execute arbitrary executables, so this may be restricted to some known executables (via signature etc) or directory. Signed-off-by: Marc-André Lureau <marcandre.lur...@redhat.com> --- include/sysemu/vhost-user-backend.h | 58 +++++ backends/vhost-user.c | 330 ++++++++++++++++++++++++++++ vl.c | 3 +- backends/Makefile.objs | 4 + 4 files changed, 394 insertions(+), 1 deletion(-) create mode 100644 include/sysemu/vhost-user-backend.h create mode 100644 backends/vhost-user.c diff --git a/include/sysemu/vhost-user-backend.h b/include/sysemu/vhost-user-backend.h new file mode 100644 index 0000000000..890db176fd --- /dev/null +++ b/include/sysemu/vhost-user-backend.h @@ -0,0 +1,58 @@ +/* + * QEMU vhost-user backend + * + * Copyright (C) 2018 Red Hat Inc + * + * Authors: + * Marc-André Lureau <marcandre.lur...@redhat.com> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ +#ifndef QEMU_VHOST_USER_BACKEND_H +#define QEMU_VHOST_USER_BACKEND_H + +#include "qom/object.h" +#include "exec/memory.h" +#include "qemu/option.h" +#include "qemu/bitmap.h" +#include "hw/virtio/vhost.h" +#include "chardev/char-fe.h" +#include "io/channel.h" + +#define TYPE_VHOST_USER_BACKEND "vhost-user-backend" +#define VHOST_USER_BACKEND(obj) \ + OBJECT_CHECK(VhostUserBackend, (obj), TYPE_VHOST_USER_BACKEND) +#define VHOST_USER_BACKEND_GET_CLASS(obj) \ + OBJECT_GET_CLASS(VhostUserBackendClass, (obj), TYPE_VHOST_USER_BACKEND) +#define VHOST_USER_BACKEND_CLASS(klass) \ + OBJECT_CLASS_CHECK(VhostUserBackendClass, (klass), TYPE_VHOST_USER_BACKEND) + +typedef struct VhostUserBackend VhostUserBackend; +typedef struct VhostUserBackendClass VhostUserBackendClass; + +struct VhostUserBackendClass { + ObjectClass parent_class; +}; + +struct VhostUserBackend { + /* private */ + Object parent; + + char *cmd; + char *chr_name; + + CharBackend chr; + struct vhost_dev dev; + QIOChannel *child; + VirtIODevice *vdev; + bool started; + bool completed; +}; + +int vhost_user_backend_dev_init(VhostUserBackend *b, VirtIODevice *vdev, + unsigned nvqs, Error **errp); +void vhost_user_backend_start(VhostUserBackend *b); +void vhost_user_backend_stop(VhostUserBackend *b); + +#endif diff --git a/backends/vhost-user.c b/backends/vhost-user.c new file mode 100644 index 0000000000..ae40dee373 --- /dev/null +++ b/backends/vhost-user.c @@ -0,0 +1,330 @@ +/* + * QEMU vhost-user backend + * + * Copyright (C) 2018 Red Hat Inc + * + * Authors: + * Marc-André Lureau <marcandre.lur...@redhat.com> + * + * This work is licensed under the terms of the GNU GPL, version 2 or later. + * See the COPYING file in the top-level directory. + */ + + +#include "qemu/osdep.h" +#include "hw/qdev.h" +#include "qapi/error.h" +#include "qapi/qmp/qerror.h" +#include "qemu/error-report.h" +#include "qom/object_interfaces.h" +#include "sysemu/vhost-user-backend.h" +#include "sysemu/kvm.h" +#include "io/channel-command.h" +#include "hw/virtio/virtio-bus.h" + +static bool +ioeventfd_enabled(void) +{ + return kvm_enabled() && kvm_eventfds_enabled(); +} + +int +vhost_user_backend_dev_init(VhostUserBackend *b, VirtIODevice *vdev, + unsigned nvqs, Error **errp) +{ + int ret; + + assert(!b->vdev && vdev); + + if (!ioeventfd_enabled()) { + error_setg(errp, "vhost initialization failed: requires kvm"); + return -1; + } + + b->vdev = vdev; + b->dev.nvqs = nvqs; + b->dev.vqs = g_new(struct vhost_virtqueue, nvqs); + + ret = vhost_dev_init(&b->dev, &b->chr, VHOST_BACKEND_TYPE_USER, 0); + if (ret < 0) { + error_setg_errno(errp, -ret, "vhost initialization failed"); + return -1; + } + + return 0; +} + +void +vhost_user_backend_start(VhostUserBackend *b) +{ + BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(b->vdev))); + VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus); + int ret, i ; + + if (b->started) { + return; + } + + if (!k->set_guest_notifiers) { + error_report("binding does not support guest notifiers"); + return; + } + + ret = vhost_dev_enable_notifiers(&b->dev, b->vdev); + if (ret < 0) { + return; + } + + ret = k->set_guest_notifiers(qbus->parent, b->dev.nvqs, true); + if (ret < 0) { + error_report("Error binding guest notifier"); + goto err_host_notifiers; + } + + b->dev.acked_features = b->vdev->guest_features; + ret = vhost_dev_start(&b->dev, b->vdev); + if (ret < 0) { + error_report("Error start vhost dev"); + goto err_guest_notifiers; + } + + /* guest_notifier_mask/pending not used yet, so just unmask + * everything here. virtio-pci will do the right thing by + * enabling/disabling irqfd. + */ + for (i = 0; i < b->dev.nvqs; i++) { + vhost_virtqueue_mask(&b->dev, b->vdev, + b->dev.vq_index + i, false); + } + + b->started = true; + return; + +err_guest_notifiers: + k->set_guest_notifiers(qbus->parent, b->dev.nvqs, false); +err_host_notifiers: + vhost_dev_disable_notifiers(&b->dev, b->vdev); +} + +void +vhost_user_backend_stop(VhostUserBackend *b) +{ + BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(b->vdev))); + VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(qbus); + int ret = 0; + + if (!b->started) { + return; + } + + vhost_dev_stop(&b->dev, b->vdev); + + if (k->set_guest_notifiers) { + ret = k->set_guest_notifiers(qbus->parent, + b->dev.nvqs, false); + if (ret < 0) { + error_report("vhost guest notifier cleanup failed: %d", ret); + } + } + assert(ret >= 0); + + vhost_dev_disable_notifiers(&b->dev, b->vdev); + b->started = false; +} + +static int +vhost_user_backend_spawn_cmd(VhostUserBackend *b, int vhostfd, Error **errp) +{ + int devnull = open("/dev/null", O_RDWR); + pid_t pid; + + assert(!b->child); + + if (!b->cmd) { + error_setg_errno(errp, errno, "Missing cmd property"); + return -1; + } + if (devnull < 0) { + error_setg_errno(errp, errno, "Unable to open /dev/null"); + return -1; + } + + pid = qemu_fork(errp); + if (pid < 0) { + close(devnull); + return -1; + } + + if (pid == 0) { /* child */ + int fd, maxfd = sysconf(_SC_OPEN_MAX); + + dup2(devnull, STDIN_FILENO); + dup2(devnull, STDOUT_FILENO); + dup2(vhostfd, 3); + + signal(SIGINT, SIG_IGN); + + for (fd = 4; fd < maxfd; fd++) { + close(fd); + } + + execlp("/bin/sh", "sh", "-c", b->cmd, NULL); + _exit(1); + } + + b->child = QIO_CHANNEL(qio_channel_command_new_pid(devnull, devnull, pid)); + + return 0; +} + +static void +vhost_user_backend_complete(UserCreatable *uc, Error **errp) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(uc); + Chardev *chr; + + if (!!b->chr_name + !!b->cmd != 1) { + error_setg(errp, "You may specificy only one of 'chardev' or 'cmd'."); + return; + } + + if (b->chr_name) { + chr = qemu_chr_find(b->chr_name); + if (chr == NULL) { + error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND, + "Chardev '%s' not found", b->chr_name); + return; + } + + if (!qemu_chr_fe_init(&b->chr, chr, errp)) { + return; + } + } else { + int sv[2]; + + if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) == -1) { + error_setg_errno(errp, errno, "socketpair() failed"); + return; + } + + chr = CHARDEV(object_new(TYPE_CHARDEV_SOCKET)); + if (!chr || qemu_chr_add_client(chr, sv[0]) == -1) { + error_setg(errp, "Failed to make socket chardev"); + object_unref(OBJECT(chr)); + return; + } + + if (!qemu_chr_fe_init(&b->chr, chr, errp)) { + return; + } + + vhost_user_backend_spawn_cmd(b, sv[1], errp); + + close(sv[1]); + } + + b->completed = true; + /* could vhost_dev_init() happen here, so early vhost-user message + * can be exchanged */ +} + +static char *get_cmd(Object *obj, Error **errp) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(obj); + + return g_strdup(b->cmd); +} + +static void set_cmd(Object *obj, const char *str, Error **errp) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(obj); + + if (b->child) { + error_setg(errp, "cannot change property value"); + return; + } + + g_free(b->cmd); + b->cmd = g_strdup(str); +} + +static void set_chardev(Object *obj, const char *value, Error **errp) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(obj); + + if (b->completed) { + error_setg(errp, QERR_PERMISSION_DENIED); + } else { + g_free(b->chr_name); + b->chr_name = g_strdup(value); + } +} + +static char *get_chardev(Object *obj, Error **errp) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(obj); + Chardev *chr = qemu_chr_fe_get_driver(&b->chr); + + if (chr && chr->label) { + return g_strdup(chr->label); + } + + return NULL; +} + +static void vhost_user_backend_init(Object *obj) +{ + object_property_add_str(obj, "cmd", get_cmd, set_cmd, NULL); + object_property_add_str(obj, "chardev", get_chardev, set_chardev, NULL); +} + +static void vhost_user_backend_finalize(Object *obj) +{ + VhostUserBackend *b = VHOST_USER_BACKEND(obj); + + g_free(b->dev.vqs); + g_free(b->cmd); + g_free(b->chr_name); + + qemu_chr_fe_deinit(&b->chr, true); + + if (b->child) { + object_unref(OBJECT(b->child)); + } +} + +static bool +vhost_user_backend_can_be_deleted(UserCreatable *uc) +{ + return true; +} + +static void +vhost_user_backend_class_init(ObjectClass *oc, void *data) +{ + UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc); + + ucc->complete = vhost_user_backend_complete; + ucc->can_be_deleted = vhost_user_backend_can_be_deleted; +} + +static const TypeInfo vhost_user_backend_info = { + .name = TYPE_VHOST_USER_BACKEND, + .parent = TYPE_OBJECT, + .instance_size = sizeof(VhostUserBackend), + .instance_init = vhost_user_backend_init, + .instance_finalize = vhost_user_backend_finalize, + .class_size = sizeof(VhostUserBackendClass), + .class_init = vhost_user_backend_class_init, + .interfaces = (InterfaceInfo[]) { + { TYPE_USER_CREATABLE }, + { } + } +}; + +static void register_types(void) +{ + type_register_static(&vhost_user_backend_info); +} + +type_init(register_types); diff --git a/vl.c b/vl.c index c4fe25560c..4ed094dd71 100644 --- a/vl.c +++ b/vl.c @@ -2833,7 +2833,8 @@ static bool object_create_initial(const char *type) } #if defined(CONFIG_VHOST_USER) && defined(CONFIG_LINUX) - if (g_str_equal(type, "cryptodev-vhost-user")) { + if (g_str_equal(type, "cryptodev-vhost-user") || + g_str_equal(type, "vhost-user-backend")) { return false; } #endif diff --git a/backends/Makefile.objs b/backends/Makefile.objs index ad7c0325ed..bac27de11b 100644 --- a/backends/Makefile.objs +++ b/backends/Makefile.objs @@ -16,3 +16,7 @@ common-obj-$(call land,$(CONFIG_VHOST_USER),$(CONFIG_LINUX)) += \ endif common-obj-$(CONFIG_LINUX) += hostmem-memfd.o + +ifdef CONFIG_LINUX +common-obj-$(CONFIG_VIRTIO) += vhost-user.o +endif -- 2.17.1.906.g10fd178552