* [Qemu-devel] [PATCH for-2.10 12/19] socket: add af_alg family support
@ 2017-04-10 9:00 Longpeng(Mike)
2017-04-10 10:11 ` Daniel P. Berrange
0 siblings, 1 reply; 2+ messages in thread
From: Longpeng(Mike) @ 2017-04-10 9:00 UTC (permalink / raw)
To: berrange, kraxel, pbonzini, eblake, armbru
Cc: xuquan8, arei.gonglei, qemu-devel, Longpeng(Mike)
The AF_ALG socket family is the userspace interface for linux
crypto API, this patch adds af_alg family support. It'll be used
by afalg-backend crypto later.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
configure | 21 ++++++++++++
include/qemu/sockets.h | 6 ++++
qapi-schema.json | 21 +++++++++++-
util/qemu-sockets.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 138 insertions(+), 1 deletion(-)
diff --git a/configure b/configure
index 4b3b5cd..970c9bc 100755
--- a/configure
+++ b/configure
@@ -4737,6 +4737,23 @@ if compile_prog "" "" ; then
have_af_vsock=yes
fi
+##########################################
+# check for usable AF_ALG environment
+hava_af_alg=no
+cat > $TMPC << EOF
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+int main(void) {
+ int sock;
+ sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ return sock;
+}
+EOF
+if compile_prog "" "" ; then
+ have_af_alg=yes
+fi
+
#################################################
# Sparc implicitly links with --relax, which is
# incompatible with -r, so --no-relax should be
@@ -5767,6 +5784,10 @@ if test "$have_af_vsock" = "yes" ; then
echo "CONFIG_AF_VSOCK=y" >> $config_host_mak
fi
+if test "$have_af_alg" = "yes" ; then
+ echo "CONFIG_AF_ALG=y" >> $config_host_mak
+fi
+
if test "$have_sysmacros" = "yes" ; then
echo "CONFIG_SYSMACROS=y" >> $config_host_mak
fi
diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
index 7842f6d..0a4a003 100644
--- a/include/qemu/sockets.h
+++ b/include/qemu/sockets.h
@@ -51,6 +51,12 @@ int socket_listen(SocketAddress *addr, Error **errp);
void socket_listen_cleanup(int fd, Error **errp);
int socket_dgram(SocketAddress *remote, SocketAddress *local, Error **errp);
+#ifdef CONFIG_AF_ALG
+#define SALG_TYPE_LEN_MAX 14
+#define SALG_NAME_LEN_MAX 64
+int socket_bind(SocketAddress *addr, Error **errp);
+#endif
+
/* Old, ipv4 only bits. Don't use for new code. */
int parse_host_port(struct sockaddr_in *saddr, const char *str);
int socket_init(void);
diff --git a/qapi-schema.json b/qapi-schema.json
index 250e4dc..0cb06d3 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -1516,12 +1516,14 @@
#
# @vsock: vsock family (since 2.8)
#
+# @afalg: af_alg family (since 2.10)
+#
# @unknown: otherwise
#
# Since: 2.1
##
{ 'enum': 'NetworkAddressFamily',
- 'data': [ 'ipv4', 'ipv6', 'unix', 'vsock', 'unknown' ] }
+ 'data': [ 'ipv4', 'ipv6', 'unix', 'vsock', 'afalg', 'unknown' ] }
##
# @VncBasicInfo:
@@ -4119,6 +4121,22 @@
'port': 'str' } }
##
+# @AfalgSocketAddress:
+#
+# Captures a socket address in the af_alg namespace.
+#
+# @type: type of the crypto algogrithms
+#
+# @name: name of the crypto algogrithms
+#
+# Since: 2.10
+##
+{ 'struct': 'AfalgSocketAddress',
+ 'data': {
+ 'type': 'str',
+ 'name': 'str' }}
+
+##
# @SocketAddress:
#
# Captures the address of a socket, which could also be a named file descriptor
@@ -4130,6 +4148,7 @@
'inet': 'InetSocketAddress',
'unix': 'UnixSocketAddress',
'vsock': 'VsockSocketAddress',
+ 'afalg': 'AfalgSocketAddress',
'fd': 'String' } }
##
diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
index 21442c3..258e419 100644
--- a/util/qemu-sockets.c
+++ b/util/qemu-sockets.c
@@ -1151,6 +1151,97 @@ void socket_listen_cleanup(int fd, Error **errp)
qapi_free_SocketAddress(addr);
}
+#ifdef CONFIG_AF_ALG
+
+#include <linux/if_alg.h>
+
+static bool afalg_parse_bind_saddr(const AfalgSocketAddress *saddr,
+ struct sockaddr_alg *alg,
+ Error **errp)
+{
+ memset(alg, 0, sizeof(*alg));
+ alg->salg_family = AF_ALG;
+
+ if (qemu_strnlen(saddr->type, SALG_TYPE_LEN_MAX) == SALG_TYPE_LEN_MAX) {
+ error_setg(errp, "Afalg type(%s) is larger than 14 bytes",
+ saddr->type);
+ return false;
+ }
+
+ if (qemu_strnlen(saddr->name, SALG_NAME_LEN_MAX) == SALG_NAME_LEN_MAX) {
+ error_setg(errp, "Afalg name(%s) is larger than 64 bytes",
+ saddr->name);
+ return false;
+ }
+
+ pstrcpy((char *)alg->salg_type, SALG_TYPE_LEN_MAX, saddr->type);
+ pstrcpy((char *)alg->salg_name, SALG_NAME_LEN_MAX, saddr->name);
+
+ return true;
+}
+
+static int afalg_bind_saddr(const AfalgSocketAddress *saddr,
+ Error **errp)
+{
+ struct sockaddr_alg alg;
+ int sbind;
+
+ if (!afalg_parse_bind_saddr(saddr, &alg, errp)) {
+ return -1;
+ }
+
+ sbind = qemu_socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (sbind < 0) {
+ error_setg_errno(errp, errno, "Failed to create socket");
+ return -1;
+ }
+
+ if (bind(sbind, (const struct sockaddr *)&alg, sizeof(alg)) != 0) {
+ error_setg_errno(errp, errno, "Failed to bind socket");
+ closesocket(sbind);
+ return -1;
+ }
+
+ return sbind;
+}
+
+/*
+ * Due to af_alg family doesn't support listen(), so we should
+ * use socket_bind() instead of socket_listen(). However, for
+ * other families, we should always use socket_listen().
+ */
+int socket_bind(SocketAddress *addr, Error **errp)
+{
+ int fd;
+
+ switch (addr->type) {
+ case SOCKET_ADDRESS_KIND_AFALG:
+ fd = afalg_bind_saddr(addr->u.afalg.data, errp);
+ break;
+
+ default:
+ abort();
+ }
+
+ return fd;
+}
+
+#else
+
+static void afalg_unsupported(Error **errp)
+{
+ error_setg(errp, "socket family AF_ALG unsupported");
+}
+
+static int afalg_bind_saddr(AfalgSocketAddress *vaddr,
+ Error **errp)
+{
+ afalg_unsupported(errp);
+ return -1;
+}
+
+#endif
+
int socket_dgram(SocketAddress *remote, SocketAddress *local, Error **errp)
{
int fd;
--
1.8.3.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [Qemu-devel] [PATCH for-2.10 12/19] socket: add af_alg family support
2017-04-10 9:00 [Qemu-devel] [PATCH for-2.10 12/19] socket: add af_alg family support Longpeng(Mike)
@ 2017-04-10 10:11 ` Daniel P. Berrange
0 siblings, 0 replies; 2+ messages in thread
From: Daniel P. Berrange @ 2017-04-10 10:11 UTC (permalink / raw)
To: Longpeng(Mike)
Cc: kraxel, pbonzini, eblake, armbru, xuquan8, arei.gonglei, qemu-devel
On Mon, Apr 10, 2017 at 05:00:40PM +0800, Longpeng(Mike) wrote:
> The AF_ALG socket family is the userspace interface for linux
> crypto API, this patch adds af_alg family support. It'll be used
> by afalg-backend crypto later.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> configure | 21 ++++++++++++
> include/qemu/sockets.h | 6 ++++
> qapi-schema.json | 21 +++++++++++-
> util/qemu-sockets.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 4 files changed, 138 insertions(+), 1 deletion(-)
>
> diff --git a/configure b/configure
> index 4b3b5cd..970c9bc 100755
> --- a/configure
> +++ b/configure
> @@ -4737,6 +4737,23 @@ if compile_prog "" "" ; then
> have_af_vsock=yes
> fi
>
> +##########################################
> +# check for usable AF_ALG environment
> +hava_af_alg=no
> +cat > $TMPC << EOF
> +#include <errno.h>
> +#include <sys/types.h>
> +#include <sys/socket.h>
> +int main(void) {
> + int sock;
> + sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
> + return sock;
> +}
> +EOF
> +if compile_prog "" "" ; then
> + have_af_alg=yes
> +fi
> +
> #################################################
> # Sparc implicitly links with --relax, which is
> # incompatible with -r, so --no-relax should be
> @@ -5767,6 +5784,10 @@ if test "$have_af_vsock" = "yes" ; then
> echo "CONFIG_AF_VSOCK=y" >> $config_host_mak
> fi
>
> +if test "$have_af_alg" = "yes" ; then
> + echo "CONFIG_AF_ALG=y" >> $config_host_mak
> +fi
> +
> if test "$have_sysmacros" = "yes" ; then
> echo "CONFIG_SYSMACROS=y" >> $config_host_mak
> fi
> diff --git a/include/qemu/sockets.h b/include/qemu/sockets.h
> index 7842f6d..0a4a003 100644
> --- a/include/qemu/sockets.h
> +++ b/include/qemu/sockets.h
> @@ -51,6 +51,12 @@ int socket_listen(SocketAddress *addr, Error **errp);
> void socket_listen_cleanup(int fd, Error **errp);
> int socket_dgram(SocketAddress *remote, SocketAddress *local, Error **errp);
>
> +#ifdef CONFIG_AF_ALG
> +#define SALG_TYPE_LEN_MAX 14
> +#define SALG_NAME_LEN_MAX 64
> +int socket_bind(SocketAddress *addr, Error **errp);
> +#endif
> +
> /* Old, ipv4 only bits. Don't use for new code. */
> int parse_host_port(struct sockaddr_in *saddr, const char *str);
> int socket_init(void);
> diff --git a/qapi-schema.json b/qapi-schema.json
> index 250e4dc..0cb06d3 100644
> --- a/qapi-schema.json
> +++ b/qapi-schema.json
> @@ -1516,12 +1516,14 @@
> #
> # @vsock: vsock family (since 2.8)
> #
> +# @afalg: af_alg family (since 2.10)
> +#
> # @unknown: otherwise
> #
> # Since: 2.1
> ##
> { 'enum': 'NetworkAddressFamily',
> - 'data': [ 'ipv4', 'ipv6', 'unix', 'vsock', 'unknown' ] }
> + 'data': [ 'ipv4', 'ipv6', 'unix', 'vsock', 'afalg', 'unknown' ] }
>
> ##
> # @VncBasicInfo:
> @@ -4119,6 +4121,22 @@
> 'port': 'str' } }
>
> ##
> +# @AfalgSocketAddress:
> +#
> +# Captures a socket address in the af_alg namespace.
> +#
> +# @type: type of the crypto algogrithms
> +#
> +# @name: name of the crypto algogrithms
> +#
> +# Since: 2.10
> +##
> +{ 'struct': 'AfalgSocketAddress',
> + 'data': {
> + 'type': 'str',
> + 'name': 'str' }}
> +
> +##
> # @SocketAddress:
> #
> # Captures the address of a socket, which could also be a named file descriptor
> @@ -4130,6 +4148,7 @@
> 'inet': 'InetSocketAddress',
> 'unix': 'UnixSocketAddress',
> 'vsock': 'VsockSocketAddress',
> + 'afalg': 'AfalgSocketAddress',
> 'fd': 'String' } }
>
> ##
I really don't think we want to expose any of this in the qapi-schema. It is
a Linux specific internal implementation detail that is not relevant to users
of QAPI.
> diff --git a/util/qemu-sockets.c b/util/qemu-sockets.c
> index 21442c3..258e419 100644
> --- a/util/qemu-sockets.c
> +++ b/util/qemu-sockets.c
> @@ -1151,6 +1151,97 @@ void socket_listen_cleanup(int fd, Error **errp)
> qapi_free_SocketAddress(addr);
> }
>
> +#ifdef CONFIG_AF_ALG
> +
> +#include <linux/if_alg.h>
> +
> +static bool afalg_parse_bind_saddr(const AfalgSocketAddress *saddr,
> + struct sockaddr_alg *alg,
> + Error **errp)
> +{
> + memset(alg, 0, sizeof(*alg));
> + alg->salg_family = AF_ALG;
> +
> + if (qemu_strnlen(saddr->type, SALG_TYPE_LEN_MAX) == SALG_TYPE_LEN_MAX) {
> + error_setg(errp, "Afalg type(%s) is larger than 14 bytes",
> + saddr->type);
> + return false;
> + }
> +
> + if (qemu_strnlen(saddr->name, SALG_NAME_LEN_MAX) == SALG_NAME_LEN_MAX) {
> + error_setg(errp, "Afalg name(%s) is larger than 64 bytes",
> + saddr->name);
> + return false;
> + }
> +
> + pstrcpy((char *)alg->salg_type, SALG_TYPE_LEN_MAX, saddr->type);
> + pstrcpy((char *)alg->salg_name, SALG_NAME_LEN_MAX, saddr->name);
> +
> + return true;
> +}
> +
> +static int afalg_bind_saddr(const AfalgSocketAddress *saddr,
> + Error **errp)
> +{
> + struct sockaddr_alg alg;
> + int sbind;
> +
> + if (!afalg_parse_bind_saddr(saddr, &alg, errp)) {
> + return -1;
> + }
> +
> + sbind = qemu_socket(AF_ALG, SOCK_SEQPACKET, 0);
> + if (sbind < 0) {
> + error_setg_errno(errp, errno, "Failed to create socket");
> + return -1;
> + }
> +
> + if (bind(sbind, (const struct sockaddr *)&alg, sizeof(alg)) != 0) {
> + error_setg_errno(errp, errno, "Failed to bind socket");
> + closesocket(sbind);
> + return -1;
> + }
> +
> + return sbind;
> +}
Just put this code in the crypto afalg codebase directly
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-04-10 10:12 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-10 9:00 [Qemu-devel] [PATCH for-2.10 12/19] socket: add af_alg family support Longpeng(Mike)
2017-04-10 10:11 ` Daniel P. Berrange
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.