Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

virtionet: Fix 'path too long' issues with virtio-net unixgram Support #195

Merged
merged 4 commits into from
Nov 14, 2024

Conversation

cfergeau
Copy link
Collaborator

With unixgram sockets, we need to specify a client endpoint, which is a
path on the filesystem with a maximum length of 104 bytes on macOS. When
using -device virtio-net,unixSocketPath=/tmp/vnet.sock, we need to create a
client endpoint before connecting to /tmp/vnet.sock. It's currently put
into /Users/user/Library/Application Support, which is already fairly
long. Depending on the username, the 104 bytes are easily exceeded, this
has been causing problems to podman machine.

This PR will move the client endpoint to the same dir as the server endpoint to give more control over its location to vfkit users. It will also report a better error when the endpoint path length is more than 104 bytes, and it tries to shorten the client endpoint filename.

This fixes #194

if err != nil {
return err
}
// FIXME: need to remove localSocketPath at process exit
if len(localSocketPath) >= 104 {
return fmt.Errorf("socket path is too long: %d", len(localSocketPath))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe add the max value here ?

Copy link
Collaborator Author

@cfergeau cfergeau Sep 23, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've changed it to

+       if len(localSocketPath) >= maxUnixgramPathLen {
+               return fmt.Errorf("unixgram path '%s' is too long: %d >= %d bytes", localSocketPath, len(localSocketPath), maxUnixgramPathLen)
+       }

@cfergeau cfergeau self-assigned this Sep 23, 2024
@cfergeau cfergeau force-pushed the unixsocket branch 3 times, most recently from dd2d840 to 5e826b5 Compare September 23, 2024 12:57
@cfergeau cfergeau force-pushed the unixsocket branch 3 times, most recently from 1ac61cd to 444dc28 Compare October 28, 2024 17:05
@cfergeau
Copy link
Collaborator Author

I've finally updated the tests introduced in d7b2799

Copy link
Contributor

@lstocchi lstocchi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, tested and works fine

@lstocchi
Copy link
Contributor

The mac15 build fails though

@lstocchi
Copy link
Contributor

lstocchi commented Nov 14, 2024

Maybe we can remove the macOS15 commit and add it in another PR? Or it's just a matter of updating the workflow and update the current if clause if: matrix.os != 'macOS-14'

@cfergeau
Copy link
Collaborator Author

Maybe we can remove the macOS15 commit and add it in another PR? Or it's just a matter of updating the workflow and update the current if clause if: matrix.os != 'macOS-14'

definitely worth adding in a separate commit as I even had forgotten macos 15 was new in this PR :-/

They are going away:
actions/runner-images#10721
macos 12 is unsupported by Apple
https://endoflife.date/macos

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
With unixgram sockets, we need to specify a client endpoint, which is a
path on the filesystem with a maximum length of 104 bytes on macOS.
When using -device virtio-net,unixSocketPath=/tmp/vnet.sock, we
need to create a client endpoint before connecting to /tmp/vnet.sock.
It's currently put into `/Users/user/Library/Application Support`, which
is already fairly long. Depending on the username, the 104 bytes are
easily exceeded, this has been causing problems to podman machine.

This commit will create the client endpoint in the same directory as the
server endpoint, which gives more control to the user of vfkit wrt where
this socket is going.

This fixes crc-org#194

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Path used for unix socket client/server endpoints have to be less than
104. When this is not the case, `bind: invalid argument` is returned.
This commit checks the path length before calling `DialUnix` in order to
provide an easier to understand error message.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
For communication over unixgram, both the server and the client
need an endpoint. They are filesystem paths which must be smaller than
104 bytes. This commit attempts to make them shorter while keeping them
unique and non-guessable.

Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
Copy link
Contributor

@lstocchi lstocchi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@openshift-ci openshift-ci bot added the lgtm label Nov 14, 2024
Copy link

openshift-ci bot commented Nov 14, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: lstocchi
Once this PR has been reviewed and has the lgtm label, please ask for approval from cfergeau. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cfergeau cfergeau merged commit 6c62789 into crc-org:main Nov 14, 2024
4 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

unix socket path length problems
3 participants