External/cloud-hypervisor
1
0
Fork 0
mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-10-18 10:59:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

vmm: fix console IO safety

Browse Source 
Rebooting a VM fails with the following error when debug assertions
are enabled:

	fatal runtime error: IO Safety violation: owned file descriptor already closed

This happens because FromRawFd::from_raw_fd is used on RawFds stored
in ConsoleInfo every time a VM begins to boot, so the second
time (after a reboot, or if the first attempt to boot via the API
failed), the fd will be closed.  Until this assertion is hit, the code
is operating on either closed file descriptors, or new file
descriptors for something completely different.  If debug assertions
are disabled, it will just continue doing this with unpredictable
results.

To fix this, and prevent the problem reocurring, ownership of the
console file descriptors needs to be properly tracked, using Rust's
type system, so this commit refactors the console code to do that.
The file descriptors are now passed around with reference counts, so
they won't be closed prematurely.  The obvious way to do this would be
to just have each member of ConsoleInfo be an Arc<File>, but we need
to accomodate that serial console file descriptors can also be
sockets.  We can't just store an OwnedFd and convert it when it's
used, because we only get a reference from the Arc, so we need to
store the descriptors as their concrete types in an enum.  Since this
basically duplicates the ConsoleOutputMode enum from the config, the
ConsoleOutputMode enum is now not used past constructing the
ConsoleInfo.

So that ownership can be represented consistently, the debug console's
tty mode now uses its own stdout descriptor.

I'm still using .try_clone().unwrap() (i.e. dup()) to clone file
descriptors for Endpoint::FilePair and Endpoint::TtyPair, because I
assume there's a reason for them not just to hold a single file
descriptor.

I've also retained the existing behaviour of having serial manager
ignore the tty file descriptor passed to it (which is stdout), and
instead using stdin.  It looks a lot weirder now, because it has to
explicitly indicate it's ignoring the fd with an underscore binding.

Fixes: 52eebaf6 ("vmm: refactor DeviceManager to use console_info")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
This commit is contained in:
Alyssa Ross 2024-09-20 21:14:02 +02:00 committed by Rob Bradford
parent a5df86698b
commit 287887c99c
4 changed files with 213 additions and 264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
virtio-devices/src/console.rs
View File

@ -108,10 +108,11 @@ struct ConsoleEpollHandler {
file_event_registered: bool, file_event_registered: bool,
} }
#[derive(Clone)]
pub enum Endpoint { pub enum Endpoint {
File(File), File(Arc<File>),
FilePair(File, File), FilePair(Arc<File>, Arc<File>),
PtyPair(File, File), PtyPair(Arc<File>, Arc<File>),
Null, Null,
} }
@ -139,21 +140,6 @@ impl Endpoint {
} }
} }
impl Clone for Endpoint {
fn clone(&self) -> Self {
match self {
Self::File(f) => Self::File(f.try_clone().unwrap()),
Self::FilePair(f_out, f_in) => {
Self::FilePair(f_out.try_clone().unwrap(), f_in.try_clone().unwrap())
}
Self::PtyPair(f_out, f_in) => {
Self::PtyPair(f_out.try_clone().unwrap(), f_in.try_clone().unwrap())
}
Self::Null => Self::Null,
}
}
}
impl ConsoleEpollHandler { impl ConsoleEpollHandler {
#[allow(clippy::too_many_arguments)] #[allow(clippy::too_many_arguments)]
fn new( fn new(

241
vmm/src/console_devices.rs
View File

@ -23,12 +23,9 @@ use std::fs::read_link;
use std::fs::File; use std::fs::File;
use std::fs::OpenOptions; use std::fs::OpenOptions;
use std::io; use std::io;
#[cfg(target_arch = "x86_64")]
use std::io::stdout;
use std::mem::zeroed; use std::mem::zeroed;
use std::os::fd::AsRawFd; use std::os::fd::AsRawFd;
use std::os::fd::FromRawFd; use std::os::fd::FromRawFd;
use std::os::fd::IntoRawFd;
use std::os::fd::RawFd; use std::os::fd::RawFd;
use std::os::unix::fs::OpenOptionsExt; use std::os::unix::fs::OpenOptionsExt;
use std::os::unix::net::UnixListener; use std::os::unix::net::UnixListener;
@ -48,6 +45,10 @@ pub enum ConsoleDeviceError {
#[error("Error creating console device: {0}")] #[error("Error creating console device: {0}")]
CreateConsoleDevice(#[source] io::Error), CreateConsoleDevice(#[source] io::Error),
/// No socket option support for console device
#[error("No socket option support for console device")]
NoSocketOptionSupportForConsoleDevice,
/// Error setting pty raw mode /// Error setting pty raw mode
#[error("Error setting pty raw mode: {0}")] #[error("Error setting pty raw mode: {0}")]
SetPtyRaw(#[source] vmm_sys_util::errno::Error), SetPtyRaw(#[source] vmm_sys_util::errno::Error),
@ -63,14 +64,22 @@ pub enum ConsoleDeviceError {
type ConsoleDeviceResult<T> = result::Result<T, ConsoleDeviceError>; type ConsoleDeviceResult<T> = result::Result<T, ConsoleDeviceError>;
#[derive(Default, Clone)] #[derive(Clone)]
pub enum ConsoleOutput {
File(Arc<File>),
Pty(Arc<File>),
Tty(Arc<File>),
Null,
Socket(Arc<UnixListener>),
Off,
}
#[derive(Clone)]
pub struct ConsoleInfo { pub struct ConsoleInfo {
// For each of File, Pty, Tty and Socket modes, below fields hold the FD pub console_main_fd: ConsoleOutput,
// of console, serial and debug devices. pub serial_main_fd: ConsoleOutput,
pub console_main_fd: Option<RawFd>,
pub serial_main_fd: Option<RawFd>,
#[cfg(target_arch = "x86_64")] #[cfg(target_arch = "x86_64")]
pub debug_main_fd: Option<RawFd>, pub debug_main_fd: ConsoleOutput,
} }
fn modify_mode<F: FnOnce(&mut termios)>( fn modify_mode<F: FnOnce(&mut termios)>(
@ -179,123 +188,133 @@ fn dup_stdout() -> vmm_sys_util::errno::Result<File> {
pub(crate) fn pre_create_console_devices(vmm: &mut Vmm) -> ConsoleDeviceResult<ConsoleInfo> { pub(crate) fn pre_create_console_devices(vmm: &mut Vmm) -> ConsoleDeviceResult<ConsoleInfo> {
let vm_config = vmm.vm_config.as_mut().unwrap().clone(); let vm_config = vmm.vm_config.as_mut().unwrap().clone();
let mut vmconfig = vm_config.lock().unwrap(); let mut vmconfig = vm_config.lock().unwrap();
let mut console_info = ConsoleInfo::default();
match vmconfig.console.mode { let console_info = ConsoleInfo {
ConsoleOutputMode::File => { console_main_fd: match vmconfig.console.mode {
let file = File::create(vmconfig.console.file.as_ref().unwrap()) ConsoleOutputMode::File => {
.map_err(ConsoleDeviceError::CreateConsoleDevice)?; let file = File::create(vmconfig.console.file.as_ref().unwrap())
console_info.console_main_fd = Some(file.into_raw_fd()); .map_err(ConsoleDeviceError::CreateConsoleDevice)?;
} ConsoleOutput::File(Arc::new(file))
ConsoleOutputMode::Pty => { }
let (main_fd, sub_fd, path) = ConsoleOutputMode::Pty => {
create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?; let (main_fd, sub_fd, path) =
console_info.console_main_fd = Some(main_fd.into_raw_fd()); create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?;
set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?; set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?;
vmconfig.console.file = Some(path.clone()); vmconfig.console.file = Some(path.clone());
vmm.console_resize_pipe = Some(Arc::new(
listen_for_sigwinch_on_tty(
sub_fd,
&vmm.seccomp_action,
vmm.hypervisor.hypervisor_type(),
)
.map_err(ConsoleDeviceError::StartSigwinchListener)?,
));
}
ConsoleOutputMode::Tty => {
// Duplicating the file descriptors like this is needed as otherwise
// they will be closed on a reboot and the numbers reused
let stdout = dup_stdout().map_err(ConsoleDeviceError::DupFd)?;
// SAFETY: FFI call. Trivially safe.
if unsafe { libc::isatty(stdout.as_raw_fd()) } == 1 {
vmm.console_resize_pipe = Some(Arc::new( vmm.console_resize_pipe = Some(Arc::new(
listen_for_sigwinch_on_tty( listen_for_sigwinch_on_tty(
stdout.try_clone().unwrap(), sub_fd,
&vmm.seccomp_action, &vmm.seccomp_action,
vmm.hypervisor.hypervisor_type(), vmm.hypervisor.hypervisor_type(),
) )
.map_err(ConsoleDeviceError::StartSigwinchListener)?, .map_err(ConsoleDeviceError::StartSigwinchListener)?,
)); ));
ConsoleOutput::Pty(Arc::new(main_fd))
} }
ConsoleOutputMode::Tty => {
// Duplicating the file descriptors like this is needed as otherwise
// they will be closed on a reboot and the numbers reused
// Make sure stdout is in raw mode, if it's a terminal. let stdout = dup_stdout().map_err(ConsoleDeviceError::DupFd)?;
set_raw_mode(&stdout, vmm.original_termios_opt.clone())?;
console_info.console_main_fd = Some(stdout.into_raw_fd());
}
ConsoleOutputMode::Null | ConsoleOutputMode::Socket | ConsoleOutputMode::Off => {}
}
match vmconfig.serial.mode { // SAFETY: FFI call. Trivially safe.
ConsoleOutputMode::File => { if unsafe { libc::isatty(stdout.as_raw_fd()) } == 1 {
let file = File::create(vmconfig.serial.file.as_ref().unwrap()) vmm.console_resize_pipe = Some(Arc::new(
.map_err(ConsoleDeviceError::CreateConsoleDevice)?; listen_for_sigwinch_on_tty(
console_info.serial_main_fd = Some(file.into_raw_fd()); stdout.try_clone().unwrap(),
} &vmm.seccomp_action,
ConsoleOutputMode::Pty => { vmm.hypervisor.hypervisor_type(),
let (main_fd, sub_fd, path) = )
create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?; .map_err(ConsoleDeviceError::StartSigwinchListener)?,
console_info.serial_main_fd = Some(main_fd.into_raw_fd()); ));
set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?; }
vmconfig.serial.file = Some(path.clone());
}
ConsoleOutputMode::Tty => {
// During vm_shutdown, when serial device is closed, FD#2(STDOUT)
// will be closed and FD#2 could be reused in a future boot of the
// guest by a different file.
//
// To ensure FD#2 always points to STANDARD OUT, a `dup` of STDOUT
// is passed to serial device. Doing so, even if the serial device
// were to be closed, FD#2 will continue to point to STANDARD OUT.
let stdout = dup_stdout().map_err(ConsoleDeviceError::DupFd)?; // Make sure stdout is in raw mode, if it's a terminal.
set_raw_mode(&stdout, vmm.original_termios_opt.clone())?;
// SAFETY: FFI call. Trivially safe. ConsoleOutput::Tty(Arc::new(stdout))
if unsafe { libc::isatty(stdout.as_raw_fd()) } == 1 {
vmm.console_resize_pipe = Some(Arc::new(
listen_for_sigwinch_on_tty(
stdout.try_clone().unwrap(),
&vmm.seccomp_action,
vmm.hypervisor.hypervisor_type(),
)
.map_err(ConsoleDeviceError::StartSigwinchListener)?,
));
} }
ConsoleOutputMode::Socket => {
return Err(ConsoleDeviceError::NoSocketOptionSupportForConsoleDevice)
}
ConsoleOutputMode::Null => ConsoleOutput::Null,
ConsoleOutputMode::Off => ConsoleOutput::Off,
},
serial_main_fd: match vmconfig.serial.mode {
ConsoleOutputMode::File => {
let file = File::create(vmconfig.serial.file.as_ref().unwrap())
.map_err(ConsoleDeviceError::CreateConsoleDevice)?;
ConsoleOutput::File(Arc::new(file))
}
ConsoleOutputMode::Pty => {
let (main_fd, sub_fd, path) =
create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?;
set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?;
vmconfig.serial.file = Some(path.clone());
ConsoleOutput::Pty(Arc::new(main_fd))
}
ConsoleOutputMode::Tty => {
// During vm_shutdown, when serial device is closed, FD#2(STDOUT)
// will be closed and FD#2 could be reused in a future boot of the
// guest by a different file.
//
// To ensure FD#2 always points to STANDARD OUT, a `dup` of STDOUT
// is passed to serial device. Doing so, even if the serial device
// were to be closed, FD#2 will continue to point to STANDARD OUT.
// Make sure stdout is in raw mode, if it's a terminal. let stdout = dup_stdout().map_err(ConsoleDeviceError::DupFd)?;
set_raw_mode(&stdout, vmm.original_termios_opt.clone())?;
console_info.serial_main_fd = Some(stdout.into_raw_fd());
}
ConsoleOutputMode::Socket => {
let listener = UnixListener::bind(vmconfig.serial.socket.as_ref().unwrap())
.map_err(ConsoleDeviceError::CreateConsoleDevice)?;
console_info.serial_main_fd = Some(listener.into_raw_fd());
}
ConsoleOutputMode::Null | ConsoleOutputMode::Off => {}
}
#[cfg(target_arch = "x86_64")] // SAFETY: FFI call. Trivially safe.
match vmconfig.debug_console.mode { if unsafe { libc::isatty(stdout.as_raw_fd()) } == 1 {
ConsoleOutputMode::File => { vmm.console_resize_pipe = Some(Arc::new(
let file = File::create(vmconfig.debug_console.file.as_ref().unwrap()) listen_for_sigwinch_on_tty(
.map_err(ConsoleDeviceError::CreateConsoleDevice)?; stdout.try_clone().unwrap(),
console_info.debug_main_fd = Some(file.into_raw_fd()); &vmm.seccomp_action,
} vmm.hypervisor.hypervisor_type(),
ConsoleOutputMode::Pty => { )
let (main_fd, sub_fd, path) = .map_err(ConsoleDeviceError::StartSigwinchListener)?,
create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?; ));
console_info.debug_main_fd = Some(main_fd.into_raw_fd()); }
set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?;
vmconfig.debug_console.file = Some(path.clone()); // Make sure stdout is in raw mode, if it's a terminal.
} set_raw_mode(&stdout, vmm.original_termios_opt.clone())?;
ConsoleOutputMode::Tty => {
let out = stdout(); ConsoleOutput::Tty(Arc::new(stdout))
console_info.debug_main_fd = Some(out.as_raw_fd()); }
set_raw_mode(&out, vmm.original_termios_opt.clone())?; ConsoleOutputMode::Socket => {
} let listener = UnixListener::bind(vmconfig.serial.socket.as_ref().unwrap())
ConsoleOutputMode::Null | ConsoleOutputMode::Socket | ConsoleOutputMode::Off => {} .map_err(ConsoleDeviceError::CreateConsoleDevice)?;
} ConsoleOutput::Socket(Arc::new(listener))
}
ConsoleOutputMode::Null => ConsoleOutput::Null,
ConsoleOutputMode::Off => ConsoleOutput::Off,
},
#[cfg(target_arch = "x86_64")]
debug_main_fd: match vmconfig.debug_console.mode {
ConsoleOutputMode::File => {
let file = File::create(vmconfig.debug_console.file.as_ref().unwrap())
.map_err(ConsoleDeviceError::CreateConsoleDevice)?;
ConsoleOutput::File(Arc::new(file))
}
ConsoleOutputMode::Pty => {
let (main_fd, sub_fd, path) =
create_pty().map_err(ConsoleDeviceError::CreateConsoleDevice)?;
set_raw_mode(&sub_fd.as_raw_fd(), vmm.original_termios_opt.clone())?;
vmconfig.debug_console.file = Some(path.clone());
ConsoleOutput::Pty(Arc::new(main_fd))
}
ConsoleOutputMode::Tty => {
let out =
dup_stdout().map_err(|e| ConsoleDeviceError::CreateConsoleDevice(e.into()))?;
set_raw_mode(&out, vmm.original_termios_opt.clone())?;
ConsoleOutput::Tty(Arc::new(out))
}
ConsoleOutputMode::Socket => {
return Err(ConsoleDeviceError::NoSocketOptionSupportForConsoleDevice)
}
ConsoleOutputMode::Null => ConsoleOutput::Null,
ConsoleOutputMode::Off => ConsoleOutput::Off,
},
};
Ok(console_info) Ok(console_info)
} }

132
vmm/src/device_manager.rs
View File

@ -13,7 +13,7 @@ use crate::config::{
ConsoleOutputMode, DeviceConfig, DiskConfig, FsConfig, NetConfig, PmemConfig, UserDeviceConfig, ConsoleOutputMode, DeviceConfig, DiskConfig, FsConfig, NetConfig, PmemConfig, UserDeviceConfig,
VdpaConfig, VhostMode, VmConfig, VsockConfig, VdpaConfig, VhostMode, VmConfig, VsockConfig,
}; };
use crate::console_devices::{ConsoleDeviceError, ConsoleInfo}; use crate::console_devices::{ConsoleDeviceError, ConsoleInfo, ConsoleOutput};
use crate::cpu::{CpuManager, CPU_MANAGER_ACPI_SIZE}; use crate::cpu::{CpuManager, CPU_MANAGER_ACPI_SIZE};
use crate::device_tree::{DeviceNode, DeviceTree}; use crate::device_tree::{DeviceNode, DeviceTree};
use crate::interrupt::LegacyUserspaceInterruptManager; use crate::interrupt::LegacyUserspaceInterruptManager;
@ -70,7 +70,6 @@ use std::collections::{BTreeMap, BTreeSet, HashMap};
use std::fs::{File, OpenOptions}; use std::fs::{File, OpenOptions};
use std::io::{self, stdout, IsTerminal, Seek, SeekFrom}; use std::io::{self, stdout, IsTerminal, Seek, SeekFrom};
use std::num::Wrapping; use std::num::Wrapping;
use std::os::fd::RawFd;
use std::os::unix::fs::OpenOptionsExt; use std::os::unix::fs::OpenOptionsExt;
use std::os::unix::io::{AsRawFd, FromRawFd}; use std::os::unix::io::{AsRawFd, FromRawFd};
use std::path::PathBuf; use std::path::PathBuf;
@ -2005,65 +2004,42 @@ impl DeviceManager {
fn add_virtio_console_device( fn add_virtio_console_device(
&mut self, &mut self,
virtio_devices: &mut Vec<MetaVirtioDevice>, virtio_devices: &mut Vec<MetaVirtioDevice>,
console_fd: Option<RawFd>, console_fd: ConsoleOutput,
resize_pipe: Option<Arc<File>>, resize_pipe: Option<Arc<File>>,
) -> DeviceManagerResult<Option<Arc<virtio_devices::ConsoleResizer>>> { ) -> DeviceManagerResult<Option<Arc<virtio_devices::ConsoleResizer>>> {
let console_config = self.config.lock().unwrap().console.clone(); let console_config = self.config.lock().unwrap().console.clone();
let endpoint = match console_config.mode { let endpoint = match console_fd {
ConsoleOutputMode::File => { ConsoleOutput::File(file) => Endpoint::File(file),
if let Some(file_fd) = console_fd { ConsoleOutput::Pty(file) => {
// SAFETY: file_fd is guaranteed to be a valid fd from self.console_resize_pipe = resize_pipe;
// pre_create_console_devices() in vmm/src/console_devices.rs Endpoint::PtyPair(Arc::new(file.try_clone().unwrap()), file)
Endpoint::File(unsafe { File::from_raw_fd(file_fd) })
} else {
return Err(DeviceManagerError::InvalidConsoleFd);
}
} }
ConsoleOutputMode::Pty => { ConsoleOutput::Tty(stdout) => {
if let Some(pty_fd) = console_fd { if stdout.is_terminal() {
// SAFETY: pty_fd is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
let file = unsafe { File::from_raw_fd(pty_fd) };
self.console_resize_pipe = resize_pipe; self.console_resize_pipe = resize_pipe;
Endpoint::PtyPair(file.try_clone().unwrap(), file) }
// If an interactive TTY then we can accept input
// SAFETY: FFI call. Trivially safe.
if unsafe { libc::isatty(libc::STDIN_FILENO) == 1 } {
// SAFETY: FFI call to dup. Trivially safe.
let stdin = unsafe { libc::dup(libc::STDIN_FILENO) };
if stdin == -1 {
return vmm_sys_util::errno::errno_result()
.map_err(DeviceManagerError::DupFd);
}
// SAFETY: stdin is valid and owned solely by us.
let stdin = unsafe { File::from_raw_fd(stdin) };
Endpoint::FilePair(stdout, Arc::new(stdin))
} else { } else {
return Err(DeviceManagerError::InvalidConsoleFd); Endpoint::File(stdout)
} }
} }
ConsoleOutputMode::Tty => { ConsoleOutput::Socket(_) => {
if let Some(tty_fd) = console_fd {
// SAFETY: tty_fd is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
let stdout = unsafe { File::from_raw_fd(tty_fd) };
if stdout.is_terminal() {
self.console_resize_pipe = resize_pipe;
}
// If an interactive TTY then we can accept input
// SAFETY: FFI call. Trivially safe.
if unsafe { libc::isatty(libc::STDIN_FILENO) == 1 } {
// SAFETY: FFI call to dup. Trivially safe.
let stdin = unsafe { libc::dup(libc::STDIN_FILENO) };
if stdin == -1 {
return vmm_sys_util::errno::errno_result()
.map_err(DeviceManagerError::DupFd);
}
// SAFETY: stdin is valid and owned solely by us.
let stdin = unsafe { File::from_raw_fd(stdin) };
Endpoint::FilePair(stdout, stdin)
} else {
Endpoint::File(stdout)
}
} else {
return Err(DeviceManagerError::InvalidConsoleFd);
}
}
ConsoleOutputMode::Socket => {
return Err(DeviceManagerError::NoSocketOptionSupportForConsoleDevice); return Err(DeviceManagerError::NoSocketOptionSupportForConsoleDevice);
} }
ConsoleOutputMode::Null => Endpoint::Null, ConsoleOutput::Null => Endpoint::Null,
ConsoleOutputMode::Off => return Ok(None), ConsoleOutput::Off => return Ok(None),
}; };
let id = String::from(CONSOLE_DEVICE_NAME); let id = String::from(CONSOLE_DEVICE_NAME);
@ -2127,31 +2103,24 @@ impl DeviceManager {
// SAFETY: console_info is Some, so it's safe to unwrap. // SAFETY: console_info is Some, so it's safe to unwrap.
let console_info = console_info.unwrap(); let console_info = console_info.unwrap();
let serial_writer: Option<Box<dyn io::Write + Send>> = match serial_config.mode {
ConsoleOutputMode::File | ConsoleOutputMode::Tty => { let serial_writer: Option<Box<dyn io::Write + Send>> = match console_info.serial_main_fd {
if console_info.serial_main_fd.is_none() { ConsoleOutput::File(ref file) | ConsoleOutput::Tty(ref file) => {
return Err(DeviceManagerError::InvalidConsoleInfo); Some(Box::new(Arc::clone(file)))
}
// SAFETY: serial_main_fd is Some, so it's safe to unwrap.
// SAFETY: serial_main_fd is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
Some(Box::new(unsafe {
File::from_raw_fd(console_info.serial_main_fd.unwrap())
}))
} }
ConsoleOutputMode::Off ConsoleOutput::Off
| ConsoleOutputMode::Null | ConsoleOutput::Null
| ConsoleOutputMode::Pty | ConsoleOutput::Pty(_)
| ConsoleOutputMode::Socket => None, | ConsoleOutput::Socket(_) => None,
}; };
if serial_config.mode != ConsoleOutputMode::Off {
if !matches!(console_info.serial_main_fd, ConsoleOutput::Off) {
let serial = self.add_serial_device(interrupt_manager, serial_writer)?; let serial = self.add_serial_device(interrupt_manager, serial_writer)?;
self.serial_manager = match serial_config.mode { self.serial_manager = match console_info.serial_main_fd {
ConsoleOutputMode::Pty | ConsoleOutputMode::Tty | ConsoleOutputMode::Socket => { ConsoleOutput::Pty(_) | ConsoleOutput::Tty(_) | ConsoleOutput::Socket(_) => {
let serial_manager = SerialManager::new( let serial_manager = SerialManager::new(
serial, serial,
console_info.serial_main_fd, console_info.serial_main_fd,
serial_config.mode,
serial_config.socket, serial_config.socket,
) )
.map_err(DeviceManagerError::CreateSerialManager)?; .map_err(DeviceManagerError::CreateSerialManager)?;
@ -2174,24 +2143,13 @@ impl DeviceManager {
#[cfg(target_arch = "x86_64")] #[cfg(target_arch = "x86_64")]
{ {
let debug_console_config = self.config.lock().unwrap().debug_console.clone();
let debug_console_writer: Option<Box<dyn io::Write + Send>> = let debug_console_writer: Option<Box<dyn io::Write + Send>> =
match debug_console_config.mode { match console_info.debug_main_fd {
ConsoleOutputMode::File | ConsoleOutputMode::Tty => { ConsoleOutput::File(file) | ConsoleOutput::Tty(file) => Some(Box::new(file)),
if console_info.debug_main_fd.is_none() { ConsoleOutput::Off
return Err(DeviceManagerError::InvalidConsoleInfo); | ConsoleOutput::Null
} | ConsoleOutput::Pty(_)
// SAFETY: debug_main_fd is Some, so it's safe to unwrap. | ConsoleOutput::Socket(_) => None,
// SAFETY: debug_main_fd is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
Some(Box::new(unsafe {
File::from_raw_fd(console_info.debug_main_fd.unwrap())
}))
}
ConsoleOutputMode::Off
| ConsoleOutputMode::Null
| ConsoleOutputMode::Pty
| ConsoleOutputMode::Socket => None,
}; };
if let Some(writer) = debug_console_writer { if let Some(writer) = debug_console_writer {
let _ = self.add_debug_console_device(writer)?; let _ = self.add_debug_console_device(writer)?;

82
vmm/src/serial_manager.rs
View File

@ -3,7 +3,7 @@
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
// //
use crate::config::ConsoleOutputMode; use crate::console_devices::ConsoleOutput;
#[cfg(target_arch = "aarch64")] #[cfg(target_arch = "aarch64")]
use devices::legacy::Pl011; use devices::legacy::Pl011;
#[cfg(target_arch = "x86_64")] #[cfg(target_arch = "x86_64")]
@ -13,9 +13,8 @@ use serial_buffer::SerialBuffer;
use std::fs::File; use std::fs::File;
use std::io::Read; use std::io::Read;
use std::net::Shutdown; use std::net::Shutdown;
use std::os::fd::RawFd;
use std::os::unix::io::{AsRawFd, FromRawFd, IntoRawFd}; use std::os::unix::io::{AsRawFd, FromRawFd, IntoRawFd};
use std::os::unix::net::{UnixListener, UnixStream}; use std::os::unix::net::UnixStream;
use std::panic::AssertUnwindSafe; use std::panic::AssertUnwindSafe;
use std::path::PathBuf; use std::path::PathBuf;
use std::sync::atomic::{AtomicBool, Ordering}; use std::sync::atomic::{AtomicBool, Ordering};
@ -112,11 +111,10 @@ pub struct SerialManager {
#[cfg(target_arch = "aarch64")] #[cfg(target_arch = "aarch64")]
serial: Arc<Mutex<Pl011>>, serial: Arc<Mutex<Pl011>>,
epoll_file: File, epoll_file: File,
in_file: File, in_file: ConsoleOutput,
kill_evt: EventFd, kill_evt: EventFd,
handle: Option<thread::JoinHandle<()>>, handle: Option<thread::JoinHandle<()>>,
pty_write_out: Option<Arc<AtomicBool>>, pty_write_out: Option<Arc<AtomicBool>>,
mode: ConsoleOutputMode,
socket_path: Option<PathBuf>, socket_path: Option<PathBuf>,
} }
@ -124,23 +122,14 @@ impl SerialManager {
pub fn new( pub fn new(
#[cfg(target_arch = "x86_64")] serial: Arc<Mutex<Serial>>, #[cfg(target_arch = "x86_64")] serial: Arc<Mutex<Serial>>,
#[cfg(target_arch = "aarch64")] serial: Arc<Mutex<Pl011>>, #[cfg(target_arch = "aarch64")] serial: Arc<Mutex<Pl011>>,
main_fd: Option<RawFd>, mut output: ConsoleOutput,
mode: ConsoleOutputMode,
socket: Option<PathBuf>, socket: Option<PathBuf>,
) -> Result<Option<Self>> { ) -> Result<Option<Self>> {
let mut socket_path: Option<PathBuf> = None; let mut socket_path: Option<PathBuf> = None;
let in_file = match mode { let in_fd = match output {
ConsoleOutputMode::Pty => { ConsoleOutput::Pty(ref fd) => fd.as_raw_fd(),
if let Some(pty_main) = main_fd { ConsoleOutput::Tty(_) => {
// SAFETY: pty_main is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
unsafe { File::from_raw_fd(pty_main) }
} else {
return Ok(None);
}
}
ConsoleOutputMode::Tty => {
// If running on an interactive TTY then accept input // If running on an interactive TTY then accept input
// SAFETY: trivially safe // SAFETY: trivially safe
if unsafe { libc::isatty(libc::STDIN_FILENO) == 1 } { if unsafe { libc::isatty(libc::STDIN_FILENO) == 1 } {
@ -162,22 +151,17 @@ impl SerialManager {
return Err(Error::SetNonBlocking(std::io::Error::last_os_error())); return Err(Error::SetNonBlocking(std::io::Error::last_os_error()));
} }
stdin_clone output = ConsoleOutput::Tty(Arc::new(stdin_clone));
fd
} else { } else {
return Ok(None); return Ok(None);
} }
} }
ConsoleOutputMode::Socket => { ConsoleOutput::Socket(ref fd) => {
if let Some(socket_fd) = main_fd { if let Some(path_in_socket) = socket {
if let Some(path_in_socket) = socket { socket_path = Some(path_in_socket.clone());
socket_path = Some(path_in_socket.clone());
}
// SAFETY: socke_fd is guaranteed to be a valid fd from
// pre_create_console_devices() in vmm/src/console_devices.rs
unsafe { File::from_raw_fd(socket_fd) }
} else {
return Ok(None);
} }
fd.as_raw_fd()
} }
_ => return Ok(None), _ => return Ok(None),
}; };
@ -193,7 +177,7 @@ impl SerialManager {
) )
.map_err(Error::Epoll)?; .map_err(Error::Epoll)?;
let epoll_fd_data = if mode == ConsoleOutputMode::Socket { let epoll_fd_data = if let ConsoleOutput::Socket(_) = output {
EpollDispatch::Socket EpollDispatch::Socket
} else { } else {
EpollDispatch::File EpollDispatch::File
@ -202,16 +186,16 @@ impl SerialManager {
epoll::ctl( epoll::ctl(
epoll_fd, epoll_fd,
epoll::ControlOptions::EPOLL_CTL_ADD, epoll::ControlOptions::EPOLL_CTL_ADD,
in_file.as_raw_fd(), in_fd,
epoll::Event::new(epoll::Events::EPOLLIN, epoll_fd_data as u64), epoll::Event::new(epoll::Events::EPOLLIN, epoll_fd_data as u64),
) )
.map_err(Error::Epoll)?; .map_err(Error::Epoll)?;
let mut pty_write_out = None; let mut pty_write_out = None;
if mode == ConsoleOutputMode::Pty { if let ConsoleOutput::Pty(ref file) = output {
let write_out = Arc::new(AtomicBool::new(false)); let write_out = Arc::new(AtomicBool::new(false));
pty_write_out = Some(write_out.clone()); pty_write_out = Some(write_out.clone());
let writer = in_file.try_clone().map_err(Error::FileClone)?; let writer = file.try_clone().map_err(Error::FileClone)?;
let buffer = SerialBuffer::new(Box::new(writer), write_out); let buffer = SerialBuffer::new(Box::new(writer), write_out);
serial serial
.as_ref() .as_ref()
@ -227,11 +211,10 @@ impl SerialManager {
Ok(Some(SerialManager { Ok(Some(SerialManager {
serial, serial,
epoll_file, epoll_file,
in_file, in_file: output,
kill_evt, kill_evt,
handle: None, handle: None,
pty_write_out, pty_write_out,
mode,
socket_path, socket_path,
})) }))
} }
@ -270,15 +253,10 @@ impl SerialManager {
} }
let epoll_fd = self.epoll_file.as_raw_fd(); let epoll_fd = self.epoll_file.as_raw_fd();
let mut in_file = self.in_file.try_clone().map_err(Error::FileClone)?; let in_file = self.in_file.clone();
let serial = self.serial.clone(); let serial = self.serial.clone();
let pty_write_out = self.pty_write_out.clone(); let pty_write_out = self.pty_write_out.clone();
// SAFETY: from_raw_fd is always called with a valid fd
let listener = unsafe {
UnixListener::from_raw_fd(in_file.try_clone().map_err(Error::FileClone)?.into_raw_fd())
};
let mut reader: Option<UnixStream> = None; let mut reader: Option<UnixStream> = None;
let mode = self.mode.clone();
// In case of PTY, we want to be able to detect a connection on the // In case of PTY, we want to be able to detect a connection on the
// other end of the PTY. This is done by detecting there's no event // other end of the PTY. This is done by detecting there's no event
@ -314,7 +292,7 @@ impl SerialManager {
} }
}; };
if mode != ConsoleOutputMode::Socket && num_events == 0 { if matches!(in_file, ConsoleOutput::Socket(_)) && num_events == 0 {
// This very specific case happens when the serial is connected // This very specific case happens when the serial is connected
// to a PTY. We know EPOLLHUP is always present when there's nothing // to a PTY. We know EPOLLHUP is always present when there's nothing
// connected at the other end of the PTY. That's why getting no event // connected at the other end of the PTY. That's why getting no event
@ -338,6 +316,11 @@ impl SerialManager {
.shutdown(Shutdown::Both) .shutdown(Shutdown::Both)
.map_err(Error::AcceptConnection)?; .map_err(Error::AcceptConnection)?;
} }
let ConsoleOutput::Socket(ref listener) = in_file else {
unreachable!();
};
// Events on the listening socket will be connection requests. // Events on the listening socket will be connection requests.
// Accept them, create a reader and a writer. // Accept them, create a reader and a writer.
let (unix_stream, _) = let (unix_stream, _) =
@ -363,8 +346,8 @@ impl SerialManager {
EpollDispatch::File => { EpollDispatch::File => {
if event.events & libc::EPOLLIN as u32 != 0 { if event.events & libc::EPOLLIN as u32 != 0 {
let mut input = [0u8; 64]; let mut input = [0u8; 64];
let count = match mode { let count = match &in_file {
ConsoleOutputMode::Socket => { ConsoleOutput::Socket(_) => {
if let Some(mut serial_reader) = reader.as_ref() { if let Some(mut serial_reader) = reader.as_ref() {
let count = serial_reader let count = serial_reader
.read(&mut input) .read(&mut input)
@ -386,9 +369,12 @@ impl SerialManager {
0 0
} }
} }
_ => in_file ConsoleOutput::Pty(file) | ConsoleOutput::Tty(file) => {
.read(&mut input) (&**file)
.map_err(Error::ReadInput)?, .read(&mut input)
.map_err(Error::ReadInput)?
}
_ => unreachable!(),
}; };
// Replace "\n" with "\r" to deal with Windows SAC (#1170) // Replace "\n" with "\r" to deal with Windows SAC (#1170)
@ -444,7 +430,7 @@ impl Drop for SerialManager {
if let Some(handle) = self.handle.take() { if let Some(handle) = self.handle.take() {
handle.join().ok(); handle.join().ok();
} }
if self.mode == ConsoleOutputMode::Socket { if let ConsoleOutput::Socket(_) = self.in_file {
if let Some(socket_path) = self.socket_path.as_ref() { if let Some(socket_path) = self.socket_path.as_ref() {
std::fs::remove_file(socket_path.as_os_str()) std::fs::remove_file(socket_path.as_os_str())
.map_err(Error::RemoveUnixSocket) .map_err(Error::RemoveUnixSocket)