From deb6f16d821b962188782e32aa146cef5044d60d Mon Sep 17 00:00:00 2001 From: Alice Frosi Date: Fri, 30 Nov 2018 13:54:45 +0000 Subject: [PATCH] virtcontainers: update context id of vsock to uint64 The CID of VSock needs to be change to uint64. Otherwise that leads to an endianess issue. For more details see https://github.com/kata-containers/runtime/issues/947 Remove the uint64 introduced by #984 Fixes: #958 Signed-off-by: Alice Frosi --- virtcontainers/kata_agent.go | 2 +- virtcontainers/qemu_arch_base.go | 2 +- virtcontainers/qemu_test.go | 4 ++-- virtcontainers/utils/utils_linux.go | 15 +++++++++------ virtcontainers/utils/utils_linux_test.go | 2 +- 5 files changed, 14 insertions(+), 11 deletions(-) diff --git a/virtcontainers/kata_agent.go b/virtcontainers/kata_agent.go index 2cfa365736..e96ec088a2 100644 --- a/virtcontainers/kata_agent.go +++ b/virtcontainers/kata_agent.go @@ -73,7 +73,7 @@ type KataAgentConfig struct { } type kataVSOCK struct { - contextID uint32 + contextID uint64 port uint32 vhostFd *os.File } diff --git a/virtcontainers/qemu_arch_base.go b/virtcontainers/qemu_arch_base.go index 03e9251b51..7bbcf090b6 100644 --- a/virtcontainers/qemu_arch_base.go +++ b/virtcontainers/qemu_arch_base.go @@ -422,7 +422,7 @@ func (q *qemuArchBase) appendVSockPCI(devices []govmmQemu.Device, vsock kataVSOC devices = append(devices, govmmQemu.VSOCKDevice{ ID: fmt.Sprintf("vsock-%d", vsock.contextID), - ContextID: uint64(vsock.contextID), + ContextID: vsock.contextID, VHostFD: vsock.vhostFd, DisableModern: q.nestedRun, }, diff --git a/virtcontainers/qemu_test.go b/virtcontainers/qemu_test.go index 9ac81823dd..001a38218c 100644 --- a/virtcontainers/qemu_test.go +++ b/virtcontainers/qemu_test.go @@ -249,14 +249,14 @@ func TestQemuAddDeviceSerialPortDev(t *testing.T) { } func TestQemuAddDeviceKataVSOCK(t *testing.T) { - contextID := uint32(3) + contextID := uint64(3) port := uint32(1024) vHostFD := os.NewFile(1, "vsock") expectedOut := []govmmQemu.Device{ govmmQemu.VSOCKDevice{ ID: fmt.Sprintf("vsock-%d", contextID), - ContextID: uint64(contextID), + ContextID: contextID, VHostFD: vHostFD, }, } diff --git a/virtcontainers/utils/utils_linux.go b/virtcontainers/utils/utils_linux.go index 31cb7d1b82..da0b02c6c9 100644 --- a/virtcontainers/utils/utils_linux.go +++ b/virtcontainers/utils/utils_linux.go @@ -22,7 +22,10 @@ const ioctlVhostVsockSetGuestCid = 0x4008AF60 var ioctlFunc = ioctl -var maxUInt uint32 = 1<<32 - 1 +// maxUInt represents the maximum valid value for the context ID. +// The upper 32 bits of the CID are reserved and zeroed. +// See http://stefanha.github.io/virtio/ +var maxUInt uint64 = 1<<32 - 1 func ioctl(fd uintptr, request int, arg1 uint64) error { if _, _, errno := unix.Syscall( @@ -51,15 +54,15 @@ func ioctl(fd uintptr, request int, arg1 uint64) error { // - Reduce the probability of a *DoS attack*, since other processes don't know whatis the initial context ID // used by findContextID to find a context ID available // -func FindContextID() (*os.File, uint32, error) { +func FindContextID() (*os.File, uint64, error) { // context IDs 0x0, 0x1 and 0x2 are reserved, 0x3 is the first context ID usable. - var firstContextID uint32 = 0x3 + var firstContextID uint64 = 0x3 var contextID = firstContextID // Generate a random number n, err := rand.Int(rand.Reader, big.NewInt(int64(maxUInt))) if err == nil && n.Int64() >= int64(firstContextID) { - contextID = uint32(n.Int64()) + contextID = uint64(n.Int64()) } // Open vhost-vsock device to check what context ID is available. @@ -72,14 +75,14 @@ func FindContextID() (*os.File, uint32, error) { // Looking for the first available context ID. for cid := contextID; cid <= maxUInt; cid++ { - if err := ioctlFunc(vsockFd.Fd(), ioctlVhostVsockSetGuestCid, uint64(cid)); err == nil { + if err := ioctlFunc(vsockFd.Fd(), ioctlVhostVsockSetGuestCid, cid); err == nil { return vsockFd, cid, nil } } // Last chance to get a free context ID. for cid := contextID - 1; cid >= firstContextID; cid-- { - if err := ioctlFunc(vsockFd.Fd(), ioctlVhostVsockSetGuestCid, uint64(cid)); err == nil { + if err := ioctlFunc(vsockFd.Fd(), ioctlVhostVsockSetGuestCid, cid); err == nil { return vsockFd, cid, nil } } diff --git a/virtcontainers/utils/utils_linux_test.go b/virtcontainers/utils/utils_linux_test.go index 4f23e19ab8..99920423ee 100644 --- a/virtcontainers/utils/utils_linux_test.go +++ b/virtcontainers/utils/utils_linux_test.go @@ -26,7 +26,7 @@ func TestFindContextID(t *testing.T) { maxUInt = orgMaxUInt }() VHostVSockDevicePath = "/dev/null" - maxUInt = uint32(1000000) + maxUInt = uint64(1000000) f, cid, err := FindContextID() assert.Nil(f)