Re: [RFC PATCH v3] net/memif: change socket listener owner uid/gid

[Ferruh Yigit]

On 11/16/2022 5:14 PM, Junxiao Shi wrote:
> This allows a DPDK application running with root privilege to create a
> memif socket listener with non-root owner uid and gid, which can be
> connected from client applications running without root privilege.
> 

+1 to idea

As Stephen mentioned, how this is tested?
Do you have simple memif client that we can use it to verify the work?

> Signed-off-by: Junxiao Shi <g...@mail1.yoursunny.com>
> ---
>  doc/guides/nics/memif.rst         |  2 ++
>  drivers/net/memif/memif_socket.c  | 13 +++++++--
>  drivers/net/memif/rte_eth_memif.c | 48 +++++++++++++++++++++++++++++--
>  drivers/net/memif/rte_eth_memif.h |  2 ++
>  4 files changed, 60 insertions(+), 5 deletions(-)
> 
> diff --git a/doc/guides/nics/memif.rst b/doc/guides/nics/memif.rst
> index aca843640b..8a8141aa72 100644
> --- a/doc/guides/nics/memif.rst
> +++ b/doc/guides/nics/memif.rst
> @@ -44,6 +44,8 @@ client.
>     "rsize=11", "Log2 of ring size. If rsize is 10, actual ring size is 
> 1024", "10", "1-14"
>     "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string 
> len 108"
>     "socket-abstract=no", "Set usage of abstract socket address", "yes", 
> "yes|no"
> +   "uid=1000", "Set socket listener owner uid. Only relevant to server with 
> socket-abstract=no", "unchanged", "uid_t"
> +   "gid=1000", "Set socket listener owner gid. Only relevant to server with 
> socket-abstract=no", "unchanged", "gid_t"

The options are "owner-uid" & "owner-gid"

>     "mac=01:23:45:ab:cd:ef", "Mac address", "01:ab:23:cd:45:ef", ""
>     "secret=abc123", "Secret is an optional security option, which if 
> specified, must be matched by peer", "", "string len 24"
>     "zero-copy=yes", "Enable/disable zero-copy client mode. Only relevant to 
> client, requires '--single-file-segments' eal argument", "no", "yes|no"
> diff --git a/drivers/net/memif/memif_socket.c 
> b/drivers/net/memif/memif_socket.c
> index 7886644412..c2b038d01a 100644
> --- a/drivers/net/memif/memif_socket.c
> +++ b/drivers/net/memif/memif_socket.c
> @@ -889,7 +889,7 @@ memif_listener_handler(void *arg)
>  }
>  
>  static struct memif_socket *
> -memif_socket_create(char *key, uint8_t listener, bool is_abstract)
> +memif_socket_create(char *key, uint8_t listener, bool is_abstract, uid_t 
> owner_uid, gid_t owner_gid)
>  {
>       struct memif_socket *sock;
>       struct sockaddr_un un = { 0 };
> @@ -941,6 +941,14 @@ memif_socket_create(char *key, uint8_t listener, bool 
> is_abstract)
>  
>               MIF_LOG(DEBUG, "Memif listener socket %s created.", 
> sock->filename);
>  
> +             if (!is_abstract && (owner_uid != (uid_t)-1 || owner_gid != 
> (gid_t)-1)) {
> +                     ret = chown(sock->filename, owner_uid, owner_gid);
> +                     if (ret < 0) {
> +                             MIF_LOG(ERR, "Failed to change listener socket 
> owner %d", errno);

When you see the error message it is not clear what is printed '%d' part is.
I can see rest of the driver structured this as:
"<message> : %s, strerror(errno)"
perhaps same can be used here.


> +                             goto error;

This path also prints a error log and it also prints 'strerror(errno)',
perhaps 'strerror(errno)' part can be droppped from above log.

<...>

> @@ -1855,6 +1887,14 @@ rte_pmd_memif_probe(struct rte_vdev_device *vdev)
>                                        &memif_set_is_socket_abstract, &flags);
>               if (ret < 0)
>                       goto exit;
> +             ret = rte_kvargs_process(kvlist, ETH_MEMIF_OWNER_UID_ARG,
> +                                      &memif_set_owner, &owner_uid);
> +             if (ret < 0)
> +                     goto exit;
> +             ret = rte_kvargs_process(kvlist, ETH_MEMIF_OWNER_GID_ARG,
> +                                      &memif_set_owner, &owner_gid);
> +             if (ret < 0)
> +                     goto exit;
>               ret = rte_kvargs_process(kvlist, ETH_MEMIF_MAC_ARG,
>                                        &memif_set_mac, ether_addr);

Unrelated with this patch, but memif checks for valid args and ignores
all silently when at least of them is invalid [1].
Since you are already there, if you have time, can you add a log for the
case when there is invalid argument provided and arguments are ignored?


Thanks,
ferruh


[1]
kvlist = rte_kvargs_parse(rte_vdev_device_args(vdev), valid_arguments);
if (kvlist != NULL) {
        < parse args>
}