2 * Copyright (C) 2013-2019 Red Hat Inc.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * * Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * * Neither the name of Red Hat nor the names of its contributors may be
16 * used to endorse or promote products derived from this software without
17 * specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
24 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
25 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
26 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
27 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
28 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
29 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
43 #include <sys/types.h>
44 #include <sys/socket.h>
46 #include <netinet/in.h>
47 #include <netinet/tcp.h>
50 #ifdef HAVE_LIBSELINUX
51 #include <selinux/selinux.h>
60 set_selinux_label (void)
63 #ifdef HAVE_LIBSELINUX
64 if (setsockcreatecon_raw (selinux_label
) == -1) {
65 perror ("selinux-label: setsockcreatecon_raw");
70 "%s: --selinux-label option used, but "
71 "this binary was compiled without SELinux support\n",
79 clear_selinux_label (void)
81 #ifdef HAVE_LIBSELINUX
83 if (setsockcreatecon_raw (NULL
) == -1) {
84 perror ("selinux-label: setsockcreatecon_raw(NULL)");
92 bind_unix_socket (size_t *nr_socks
)
96 struct sockaddr_un addr
;
100 assert (unixsocket
[0] == '/');
102 len
= strlen (unixsocket
);
103 if (len
>= UNIX_PATH_MAX
) {
104 fprintf (stderr
, "%s: -U: path too long: length %zu > max %d bytes\n",
105 program_name
, len
, UNIX_PATH_MAX
-1);
109 set_selinux_label ();
112 sock
= socket (AF_UNIX
, SOCK_STREAM
|SOCK_CLOEXEC
, 0);
114 /* Fortunately, this code is only run at startup, so there is no
115 * risk of the fd leaking to a plugin's fork()
117 sock
= set_cloexec (socket (AF_UNIX
, SOCK_STREAM
, 0));
120 perror ("bind_unix_socket: socket");
124 addr
.sun_family
= AF_UNIX
;
125 memcpy (addr
.sun_path
, unixsocket
, len
+1 /* trailing \0 */);
127 if (bind (sock
, (struct sockaddr
*) &addr
, sizeof addr
) == -1) {
132 if (listen (sock
, SOMAXCONN
) == -1) {
137 clear_selinux_label ();
139 ret
= malloc (sizeof (int));
147 debug ("bound to unix socket %s", unixsocket
);
153 bind_tcpip_socket (size_t *nr_socks
)
155 struct addrinfo
*ai
= NULL
;
156 struct addrinfo hints
;
160 bool addr_in_use
= false;
165 memset (&hints
, 0, sizeof hints
);
166 hints
.ai_flags
= AI_PASSIVE
| AI_ADDRCONFIG
;
167 hints
.ai_socktype
= SOCK_STREAM
;
169 err
= getaddrinfo (ipaddr
, port
, &hints
, &ai
);
171 fprintf (stderr
, "%s: getaddrinfo: %s: %s: %s",
173 ipaddr
? ipaddr
: "<any>",
181 for (a
= ai
; a
!= NULL
; a
= a
->ai_next
) {
184 set_selinux_label ();
187 sock
= socket (a
->ai_family
, a
->ai_socktype
| SOCK_CLOEXEC
, a
->ai_protocol
);
189 /* Fortunately, this code is only run at startup, so there is no
190 * risk of the fd leaking to a plugin's fork()
192 sock
= set_cloexec (socket (a
->ai_family
, a
->ai_socktype
, a
->ai_protocol
));
195 perror ("bind_tcpip_socket: socket");
200 if (setsockopt (sock
, SOL_SOCKET
, SO_REUSEADDR
, &opt
, sizeof opt
) == -1)
201 perror ("setsockopt: SO_REUSEADDR");
204 if (a
->ai_family
== PF_INET6
) {
205 if (setsockopt (sock
, IPPROTO_IPV6
, IPV6_V6ONLY
, &opt
, sizeof opt
) == -1)
206 perror ("setsockopt: IPv6 only");
210 if (bind (sock
, a
->ai_addr
, a
->ai_addrlen
) == -1) {
211 if (errno
== EADDRINUSE
) {
220 if (listen (sock
, SOMAXCONN
) == -1) {
225 clear_selinux_label ();
228 socks
= realloc (socks
, sizeof (int) * (*nr_socks
));
233 socks
[*nr_socks
- 1] = sock
;
238 if (*nr_socks
== 0 && addr_in_use
) {
239 fprintf (stderr
, "%s: unable to bind to any sockets: %s\n",
240 program_name
, strerror (EADDRINUSE
));
244 debug ("bound to IP address %s:%s (%zu socket(s))",
245 ipaddr
? ipaddr
: "<any>", port
, *nr_socks
);
251 free_listening_sockets (int *socks
, size_t nr_socks
)
255 for (i
= 0; i
< nr_socks
; ++i
)
263 struct sockaddr addr
;
268 start_thread (void *datav
)
270 struct thread_data
*data
= datav
;
272 debug ("accepted connection");
274 /* Set thread-local data. */
275 threadlocal_new_server_thread ();
276 threadlocal_set_instance_num (data
->instance_num
);
277 threadlocal_set_sockaddr (&data
->addr
, data
->addrlen
);
279 handle_single_connection (data
->sock
, data
->sock
);
286 accept_connection (int listen_sock
)
289 pthread_attr_t attrs
;
291 struct thread_data
*thread_data
;
292 static size_t instance_num
= 1;
295 thread_data
= malloc (sizeof *thread_data
);
301 thread_data
->instance_num
= instance_num
++;
302 thread_data
->addrlen
= sizeof thread_data
->addr
;
305 thread_data
->sock
= accept4 (listen_sock
,
306 &thread_data
->addr
, &thread_data
->addrlen
,
309 /* If we were fully parallel, then this function could be accepting
310 * connections in one thread while another thread could be in a
311 * plugin trying to fork. But plugins.c forced thread_model to
312 * serialize_all_requests when it detects a lack of atomic CLOEXEC,
313 * at which point, we can use a mutex to ensure we aren't accepting
314 * until the plugin is not running, making non-atomicity okay.
316 assert (backend
->thread_model (backend
) <=
317 NBDKIT_THREAD_MODEL_SERIALIZE_ALL_REQUESTS
);
319 thread_data
->sock
= set_cloexec (accept (listen_sock
,
321 &thread_data
->addrlen
));
322 unlock_request (NULL
);
324 if (thread_data
->sock
== -1) {
325 if (errno
== EINTR
|| errno
== EAGAIN
)
332 /* Disable Nagle's algorithm on this socket. However we don't want
333 * to fail if this doesn't work.
335 setsockopt (thread_data
->sock
, IPPROTO_TCP
, TCP_NODELAY
, &flag
, sizeof flag
);
337 /* Start a thread to handle this connection. Note we always do this
338 * even for non-threaded plugins. There are mutexes in plugins.c
339 * which ensure that non-threaded plugins are handled correctly.
341 pthread_attr_init (&attrs
);
342 pthread_attr_setdetachstate (&attrs
, PTHREAD_CREATE_DETACHED
);
343 err
= pthread_create (&thread
, &attrs
, start_thread
, thread_data
);
344 pthread_attr_destroy (&attrs
);
346 fprintf (stderr
, "%s: pthread_create: %s\n", program_name
, strerror (err
));
347 close (thread_data
->sock
);
352 /* If the thread starts successfully, then it is responsible for
353 * closing the socket and freeing thread_data.
357 /* Check the list of sockets plus quit_fd until a POLLIN event occurs
360 * If POLLIN occurs on quit_fd do nothing except returning early
361 * (don't call accept_connection in this case).
363 * If POLLIN occurs on one of the sockets, call
364 * accept_connection (socks[i]) on each of them.
367 check_sockets_and_quit_fd (int *socks
, size_t nr_socks
)
372 CLEANUP_FREE
struct pollfd
*fds
=
373 malloc (sizeof (struct pollfd
) * (nr_socks
+1));
379 for (i
= 0; i
< nr_socks
; ++i
) {
380 fds
[i
].fd
= socks
[i
];
381 fds
[i
].events
= POLLIN
;
384 fds
[nr_socks
].fd
= quit_fd
;
385 fds
[nr_socks
].events
= POLLIN
;
386 fds
[nr_socks
].revents
= 0;
388 r
= poll (fds
, nr_socks
+ 1, -1);
390 if (errno
== EINTR
|| errno
== EAGAIN
)
396 /* We don't even have to read quit_fd - just knowing that it has
397 * data means the signal handler ran, so we are ready to quit the
400 if (fds
[nr_socks
].revents
& POLLIN
)
403 for (i
= 0; i
< nr_socks
; ++i
) {
404 if (fds
[i
].revents
& POLLIN
)
405 accept_connection (socks
[i
]);
410 accept_incoming_connections (int *socks
, size_t nr_socks
)
413 check_sockets_and_quit_fd (socks
, nr_socks
);