/* Same as guestfs___recv, but it discards the reply message. */
int
guestfs___recv_discard (guestfs_h *g, const char *fn)
{
void *buf;
uint32_t size;
int r;
again:
r = guestfs___recv_from_daemon (g, &size, &buf);
free (buf);
if (r == -1)
return -1;
/* This can happen if a cancellation happens right at the end
* of us sending a FileIn parameter to the daemon. Discard. The
* daemon should send us an error message next.
*/
if (size == GUESTFS_CANCEL_FLAG)
goto again;
if (size == GUESTFS_LAUNCH_FLAG) {
error (g, "%s: received unexpected launch flag from daemon when expecting reply", fn);
return -1;
}
return 0;
}
/* Receive a reply. */
int
guestfs___recv (guestfs_h *g, const char *fn,
guestfs_message_header *hdr,
guestfs_message_error *err,
xdrproc_t xdrp, char *ret)
{
XDR xdr;
void *buf;
uint32_t size;
int r;
again:
r = guestfs___recv_from_daemon (g, &size, &buf);
if (r == -1)
return -1;
/* This can happen if a cancellation happens right at the end
* of us sending a FileIn parameter to the daemon. Discard. The
* daemon should send us an error message next.
*/
if (size == GUESTFS_CANCEL_FLAG)
goto again;
if (size == GUESTFS_LAUNCH_FLAG) {
error (g, "%s: received unexpected launch flag from daemon when expecting reply", fn);
return -1;
}
xdrmem_create (&xdr, buf, size, XDR_DECODE);
if (!xdr_guestfs_message_header (&xdr, hdr)) {
error (g, "%s: failed to parse reply header", fn);
xdr_destroy (&xdr);
free (buf);
return -1;
}
if (hdr->status == GUESTFS_STATUS_ERROR) {
if (!xdr_guestfs_message_error (&xdr, err)) {
error (g, "%s: failed to parse reply error", fn);
xdr_destroy (&xdr);
free (buf);
return -1;
}
} else {
if (xdrp && ret && !xdrp (&xdr, ret)) {
error (g, "%s: failed to parse reply", fn);
xdr_destroy (&xdr);
free (buf);
return -1;
}
}
xdr_destroy (&xdr);
free (buf);
return 0;
}
/* Returns -1 = error, 0 = EOF, > 0 = more data */
static ssize_t
receive_file_data (guestfs_h *g, void **buf_r)
{
int r;
void *buf;
uint32_t len;
XDR xdr;
guestfs_chunk chunk;
r = guestfs___recv_from_daemon (g, &len, &buf);
if (r == -1) {
error (g, _("receive_file_data: parse error in reply callback"));
return -1;
}
if (len == GUESTFS_LAUNCH_FLAG || len == GUESTFS_CANCEL_FLAG) {
error (g, _("receive_file_data: unexpected flag received when reading file chunks"));
return -1;
}
memset (&chunk, 0, sizeof chunk);
xdrmem_create (&xdr, buf, len, XDR_DECODE);
if (!xdr_guestfs_chunk (&xdr, &chunk)) {
error (g, _("failed to parse file chunk"));
free (buf);
return -1;
}
xdr_destroy (&xdr);
/* After decoding, the original buffer is no longer used. */
free (buf);
if (chunk.cancel) {
if (g->user_cancel) {
error (g, _("operation cancelled by user"));
g->last_errnum = EINTR;
}
else
error (g, _("file receive cancelled by daemon"));
free (chunk.data.data_val);
return -1;
}
if (chunk.data.data_len == 0) { /* end of transfer */
free (chunk.data.data_val);
return 0;
}
if (buf_r) *buf_r = chunk.data.data_val;
else free (chunk.data.data_val); /* else caller frees */
return chunk.data.data_len;
}
static int
launch_uml (guestfs_h *g, void *datav, const char *arg)
{
struct backend_uml_data *data = datav;
CLEANUP_FREE_STRINGSBUF DECLARE_STRINGSBUF (cmdline);
int console_sock = -1, daemon_sock = -1;
int r;
int csv[2], dsv[2];
CLEANUP_FREE char *kernel = NULL, *dtb = NULL,
*initrd = NULL, *appliance = NULL;
int has_appliance_drive;
CLEANUP_FREE char *appliance_cow = NULL;
uint32_t size;
CLEANUP_FREE void *buf = NULL;
struct drive *drv;
size_t i;
struct hv_param *hp;
char *term = getenv ("TERM");
if (!uml_supported (g))
return -1;
if (!g->nr_drives) {
error (g, _("you must call guestfs_add_drive before guestfs_launch"));
return -1;
}
/* Assign a random unique ID to this run. */
if (guestfs___random_string (data->umid, UML_UMID_LEN) == -1) {
perrorf (g, "guestfs___random_string");
return -1;
}
/* Locate and/or build the appliance. */
if (guestfs___build_appliance (g, &kernel, &dtb, &initrd, &appliance) == -1)
return -1;
has_appliance_drive = appliance != NULL;
/* Create COW overlays for the appliance. Note that the documented
* syntax ubd0=cow,orig does not work since kernel 3.3. See:
* http://thread.gmane.org/gmane.linux.uml.devel/13556
*/
if (has_appliance_drive) {
appliance_cow = make_cow_overlay (g, appliance);
if (!appliance_cow)
goto cleanup0;
}
/* The socket that the daemon will talk to us on.
*/
if (socketpair (AF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC, 0, dsv) == -1) {
perrorf (g, "socketpair");
goto cleanup0;
}
/* The console socket. */
if (!g->direct_mode) {
if (socketpair (AF_LOCAL, SOCK_STREAM|SOCK_CLOEXEC, 0, csv) == -1) {
perrorf (g, "socketpair");
close (dsv[0]);
close (dsv[1]);
goto cleanup0;
}
}
/* Construct the vmlinux command line. We have to do this before
* forking, because after fork we are not allowed to use
* non-signal-safe functions such as malloc.
*/
#define ADD_CMDLINE(str) \
guestfs___add_string (g, &cmdline, (str))
#define ADD_CMDLINE_PRINTF(fs,...) \
guestfs___add_sprintf (g, &cmdline, (fs), ##__VA_ARGS__)
ADD_CMDLINE (g->hv);
/* Give this instance a unique random ID. */
ADD_CMDLINE_PRINTF ("umid=%s", data->umid);
/* Set memory size. */
ADD_CMDLINE_PRINTF ("mem=%dM", g->memsize);
/* vmlinux appears to ignore this, but let's add it anyway. */
ADD_CMDLINE_PRINTF ("initrd=%s", initrd);
/* Make sure our appliance init script runs first. */
ADD_CMDLINE ("init=/init");
/* This tells the /init script not to reboot at the end. */
ADD_CMDLINE ("guestfs_noreboot=1");
/* Root filesystem should be mounted read-write (default seems to
* be "ro").
*/
ADD_CMDLINE ("rw");
/* See also guestfs___appliance_command_line. */
if (g->verbose)
ADD_CMDLINE ("guestfs_verbose=1");
ADD_CMDLINE ("panic=1");
ADD_CMDLINE_PRINTF ("TERM=%s", term ? term : "linux");
if (g->selinux)
ADD_CMDLINE ("selinux=1 enforcing=0");
else
ADD_CMDLINE ("selinux=0");
/* XXX This isn't quite right. Multiple append args won't work. */
if (g->append)
ADD_CMDLINE (g->append);
/* Add the drives. */
ITER_DRIVES (g, i, drv) {
if (!drv->overlay)
ADD_CMDLINE_PRINTF ("ubd%zu=%s", i, drv->src.u.path);
else
ADD_CMDLINE_PRINTF ("ubd%zu=%s", i, drv->overlay);
}
/* Add the ext2 appliance drive (after all the drives). */
if (has_appliance_drive) {
char drv_name[64] = "ubd";
guestfs___drive_name (g->nr_drives, &drv_name[3]);
ADD_CMDLINE_PRINTF ("ubd%zu=%s", g->nr_drives, appliance_cow);
ADD_CMDLINE_PRINTF ("root=/dev/%s", drv_name);
}
/* Create the daemon socket. */
ADD_CMDLINE_PRINTF ("ssl3=fd:%d", dsv[1]);
ADD_CMDLINE ("guestfs_channel=/dev/ttyS3");
#if 0 /* XXX This could be made to work. */
#ifdef VALGRIND_DAEMON
/* Set up virtio-serial channel for valgrind messages. */
ADD_CMDLINE ("-chardev");
ADD_CMDLINE_PRINTF ("file,path=%s/valgrind.log.%d,id=valgrind",
VALGRIND_LOG_PATH, getpid ());
ADD_CMDLINE ("-device");
ADD_CMDLINE ("virtserialport,chardev=valgrind,name=org.libguestfs.valgrind");
#endif
#endif
/* Add any vmlinux parameters. */
for (hp = g->hv_params; hp; hp = hp->next) {
ADD_CMDLINE (hp->hv_param);
if (hp->hv_value)
ADD_CMDLINE (hp->hv_value);
}
/* Finish off the command line. */
guestfs___end_stringsbuf (g, &cmdline);
r = fork ();
if (r == -1) {
perrorf (g, "fork");
if (!g->direct_mode) {
close (csv[0]);
close (csv[1]);
}
close (dsv[0]);
close (dsv[1]);
goto cleanup0;
}
if (r == 0) { /* Child (vmlinux). */
/* Set up the daemon socket for the child. */
close (dsv[0]);
set_cloexec_flag (dsv[1], 0); /* so it doesn't close across exec */
if (!g->direct_mode) {
/* Set up stdin, stdout, stderr. */
close (0);
close (1);
close (csv[0]);
/* We set the FD_CLOEXEC flag on the socket above, but now (in
* the child) it's safe to unset this flag so vmlinux can use the
* socket.
*/
set_cloexec_flag (csv[1], 0);
/* Stdin. */
if (dup (csv[1]) == -1) {
dup_failed:
perror ("dup failed");
_exit (EXIT_FAILURE);
}
/* Stdout. */
if (dup (csv[1]) == -1)
goto dup_failed;
/* Send stderr to the pipe as well. */
close (2);
if (dup (csv[1]) == -1)
goto dup_failed;
close (csv[1]);
}
/* Dump the command line (after setting up stderr above). */
if (g->verbose)
print_vmlinux_command_line (g, cmdline.argv);
/* Put vmlinux in a new process group. */
if (g->pgroup)
setpgid (0, 0);
setenv ("LC_ALL", "C", 1);
execv (g->hv, cmdline.argv); /* Run vmlinux. */
perror (g->hv);
_exit (EXIT_FAILURE);
}
/* Parent (library). */
data->pid = r;
/* Fork the recovery process off which will kill vmlinux if the
* parent process fails to do so (eg. if the parent segfaults).
*/
data->recoverypid = -1;
if (g->recovery_proc) {
r = fork ();
if (r == 0) {
int i, fd, max_fd;
struct sigaction sa;
pid_t vmlinux_pid = data->pid;
pid_t parent_pid = getppid ();
/* Remove all signal handlers. See the justification here:
* https://www.redhat.com/archives/libvir-list/2008-August/msg00303.html
* We don't mask signal handlers yet, so this isn't completely
* race-free, but better than not doing it at all.
*/
memset (&sa, 0, sizeof sa);
sa.sa_handler = SIG_DFL;
sa.sa_flags = 0;
sigemptyset (&sa.sa_mask);
for (i = 1; i < NSIG; ++i)
sigaction (i, &sa, NULL);
/* Close all other file descriptors. This ensures that we don't
* hold open (eg) pipes from the parent process.
*/
max_fd = sysconf (_SC_OPEN_MAX);
if (max_fd == -1)
max_fd = 1024;
if (max_fd > 65536)
max_fd = 65536; /* bound the amount of work we do here */
for (fd = 0; fd < max_fd; ++fd)
close (fd);
/* It would be nice to be able to put this in the same process
* group as vmlinux (ie. setpgid (0, vmlinux_pid)). However
* this is not possible because we don't have any guarantee here
* that the vmlinux process has started yet.
*/
if (g->pgroup)
setpgid (0, 0);
/* Writing to argv is hideously complicated and error prone. See:
* http://git.postgresql.org/gitweb/?p=postgresql.git;a=blob;f=src/backend/utils/misc/ps_status.c;hb=HEAD
*/
/* Loop around waiting for one or both of the other processes to
* disappear. It's fair to say this is very hairy. The PIDs that
* we are looking at might be reused by another process. We are
* effectively polling. Is the cure worse than the disease?
*/
for (;;) {
if (kill (vmlinux_pid, 0) == -1)
/* vmlinux's gone away, we aren't needed */
_exit (EXIT_SUCCESS);
if (kill (parent_pid, 0) == -1) {
/* Parent's gone away, vmlinux still around, so kill vmlinux. */
kill (data->pid, SIGKILL);
_exit (EXIT_SUCCESS);
}
sleep (2);
}
}
/* Don't worry, if the fork failed, this will be -1. The recovery
* process isn't essential.
*/
data->recoverypid = r;
}
if (!g->direct_mode) {
/* Close the other end of the console socketpair. */
close (csv[1]);
console_sock = csv[0]; /* stdin of child */
csv[0] = -1;
}
daemon_sock = dsv[0];
close (dsv[1]);
dsv[0] = -1;
g->state = LAUNCHING;
/* Wait for vmlinux to start and to connect back to us via
* virtio-serial and send the GUESTFS_LAUNCH_FLAG message.
*/
g->conn =
guestfs___new_conn_socket_connected (g, daemon_sock, console_sock);
if (!g->conn)
goto cleanup1;
/* g->conn now owns these sockets. */
daemon_sock = console_sock = -1;
/* We now have to wait for vmlinux to start up, the daemon to start
* running, and for it to send the GUESTFS_LAUNCH_FLAG to us.
*/
r = guestfs___recv_from_daemon (g, &size, &buf);
if (r == -1) {
guestfs___launch_failed_error (g);
goto cleanup1;
}
if (size != GUESTFS_LAUNCH_FLAG) {
guestfs___launch_failed_error (g);
goto cleanup1;
}
if (g->verbose)
guestfs___print_timestamped_message (g, "appliance is up");
/* This is possible in some really strange situations, such as
* guestfsd starts up OK but then vmlinux immediately exits. Check
* for it because the caller is probably expecting to be able to
* send commands after this function returns.
*/
if (g->state != READY) {
error (g, _("vmlinux launched and contacted daemon, but state != READY"));
goto cleanup1;
}
if (has_appliance_drive)
guestfs___add_dummy_appliance_drive (g);
return 0;
cleanup1:
if (!g->direct_mode && csv[0] >= 0)
close (csv[0]);
if (dsv[0] >= 0)
close (dsv[0]);
if (data->pid > 0) kill (data->pid, SIGKILL);
if (data->recoverypid > 0) kill (data->recoverypid, SIGKILL);
if (data->pid > 0) waitpid (data->pid, NULL, 0);
if (data->recoverypid > 0) waitpid (data->recoverypid, NULL, 0);
data->pid = 0;
data->recoverypid = 0;
memset (&g->launch_t, 0, sizeof g->launch_t);
cleanup0:
if (daemon_sock >= 0)
close (daemon_sock);
if (console_sock >= 0)
close (console_sock);
if (g->conn) {
g->conn->ops->free_connection (g, g->conn);
g->conn = NULL;
}
g->state = CONFIG;
return -1;
}
int
guestfs___recv_from_daemon (guestfs_h *g, uint32_t *size_rtn, void **buf_rtn)
{
char summary[MAX_MESSAGE_SUMMARY];
fd_set rset, rset2;
FD_ZERO (&rset);
if (g->fd[1] >= 0) /* Read qemu stdout for log messages & EOF. */
FD_SET (g->fd[1], &rset);
FD_SET (g->sock, &rset); /* Read socket for data & EOF. */
int max_fd = MAX (g->sock, g->fd[1]);
*size_rtn = 0;
*buf_rtn = NULL;
char lenbuf[4];
/* nr is the size of the message, but we prime it as -4 because we
* have to read the message length word first.
*/
ssize_t nr = -4;
for (;;) {
ssize_t message_size =
*size_rtn != GUESTFS_PROGRESS_FLAG ?
*size_rtn : PROGRESS_MESSAGE_SIZE;
if (nr >= message_size)
break;
rset2 = rset;
int r = select (max_fd+1, &rset2, NULL, NULL, NULL);
if (r == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
perrorf (g, "select");
free (*buf_rtn);
*buf_rtn = NULL;
return -1;
}
if (g->fd[1] >= 0 && FD_ISSET (g->fd[1], &rset2)) {
if (read_log_message_or_eof (g, g->fd[1], 0) == -1) {
free (*buf_rtn);
*buf_rtn = NULL;
return -1;
}
}
if (FD_ISSET (g->sock, &rset2)) {
if (nr < 0) { /* Have we read the message length word yet? */
r = read (g->sock, lenbuf+nr+4, -nr);
if (r == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
int err = errno;
perrorf (g, "read");
/* Under some circumstances we see "Connection reset by peer"
* here when the child dies suddenly. Catch this and call
* the cleanup function, same as for EOF.
*/
if (err == ECONNRESET)
child_cleanup (g);
return -1;
}
if (r == 0) {
unexpected_end_of_file_from_daemon_error (g);
child_cleanup (g);
return -1;
}
nr += r;
if (nr < 0) /* Still not got the whole length word. */
continue;
XDR xdr;
xdrmem_create (&xdr, lenbuf, 4, XDR_DECODE);
xdr_uint32_t (&xdr, size_rtn);
xdr_destroy (&xdr);
/* *size_rtn changed, recalculate message_size */
message_size =
*size_rtn != GUESTFS_PROGRESS_FLAG ?
*size_rtn : PROGRESS_MESSAGE_SIZE;
if (*size_rtn == GUESTFS_LAUNCH_FLAG) {
if (g->state != LAUNCHING)
error (g, _("received magic signature from guestfsd, but in state %d"),
g->state);
else {
g->state = READY;
guestfs___call_callbacks_void (g, GUESTFS_EVENT_LAUNCH_DONE);
}
debug (g, "recv_from_daemon: received GUESTFS_LAUNCH_FLAG");
return 0;
}
else if (*size_rtn == GUESTFS_CANCEL_FLAG) {
debug (g, "recv_from_daemon: received GUESTFS_CANCEL_FLAG");
return 0;
}
else if (*size_rtn == GUESTFS_PROGRESS_FLAG)
/*FALLTHROUGH*/;
/* If this happens, it's pretty bad and we've probably lost
* synchronization.
*/
else if (*size_rtn > GUESTFS_MESSAGE_MAX) {
error (g, _("message length (%u) > maximum possible size (%d)"),
(unsigned) *size_rtn, GUESTFS_MESSAGE_MAX);
return -1;
}
/* Allocate the complete buffer, size now known. */
*buf_rtn = safe_malloc (g, message_size);
/*FALLTHROUGH*/
}
size_t sizetoread = message_size - nr;
if (sizetoread > BUFSIZ) sizetoread = BUFSIZ;
r = read (g->sock, (char *) (*buf_rtn) + nr, sizetoread);
if (r == -1) {
if (errno == EINTR || errno == EAGAIN)
continue;
perrorf (g, "read");
free (*buf_rtn);
*buf_rtn = NULL;
return -1;
}
if (r == 0) {
unexpected_end_of_file_from_daemon_error (g);
child_cleanup (g);
free (*buf_rtn);
*buf_rtn = NULL;
return -1;
}
nr += r;
}
}
/* Got the full message, caller can start processing it. */
#ifdef ENABLE_PACKET_DUMP
if (g->verbose) {
ssize_t i, j;
for (i = 0; i < nr; i += 16) {
printf ("%04zx: ", i);
for (j = i; j < MIN (i+16, nr); ++j)
printf ("%02x ", (*(unsigned char **)buf_rtn)[j]);
for (; j < i+16; ++j)
printf (" ");
printf ("|");
for (j = i; j < MIN (i+16, nr); ++j)
if (c_isprint ((*(char **)buf_rtn)[j]))
printf ("%c", (*(char **)buf_rtn)[j]);
else
printf (".");
for (; j < i+16; ++j)
printf (" ");
printf ("|\n");
}
}
#endif
if (*size_rtn == GUESTFS_PROGRESS_FLAG) {
guestfs_progress message;
XDR xdr;
xdrmem_create (&xdr, *buf_rtn, PROGRESS_MESSAGE_SIZE, XDR_DECODE);
xdr_guestfs_progress (&xdr, &message);
xdr_destroy (&xdr);
guestfs___progress_message_callback (g, &message);
free (*buf_rtn);
*buf_rtn = NULL;
/* Process next message. */
return guestfs___recv_from_daemon (g, size_rtn, buf_rtn);
}
debug (g, "recv_from_daemon: %" PRIu32 " bytes: %s", *size_rtn,
message_summary (*buf_rtn, *size_rtn, summary));
return 0;
}
