In commit
5d7ca8309d0a ("ubusd/libubus-io: fix variable sized struct
position warning") the position of cmsghdr struct has been changed in
order to fix clang-9 compiler warning, but it has introduced regression
in at least `logread` which hanged indefinitely.
So this patch reworks the socket descriptor passing in a way recommended
in the `cmsg(3)` manual page.
Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020840.html
Fixes: 5d7ca8309d0a ("ubusd/libubus-io: fix variable sized struct position warning")
Reported-by: Hannu Nyman <hannu.nyman@welho.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
{
static int writev_retry(int fd, struct iovec *iov, int iov_len, int sock_fd)
{
- static struct {
- int fd;
- struct cmsghdr h;
- } fd_buf = {
- .h = {
- .cmsg_len = sizeof(fd_buf),
- .cmsg_level = SOL_SOCKET,
- .cmsg_type = SCM_RIGHTS,
- }
- };
- struct msghdr msghdr = {
- .msg_iov = iov,
- .msg_iovlen = iov_len,
- .msg_control = &fd_buf,
- .msg_controllen = sizeof(fd_buf),
- };
+ uint8_t fd_buf[CMSG_SPACE(sizeof(int))] = { 0 };
+ struct msghdr msghdr = { 0 };
+ struct cmsghdr *cmsg;
+ int *pfd;
+
+ msghdr.msg_iov = iov,
+ msghdr.msg_iovlen = iov_len,
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = sizeof(fd_buf);
+
+ cmsg = CMSG_FIRSTHDR(&msghdr);
+ cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+
+ pfd = (int *) CMSG_DATA(cmsg);
+ msghdr.msg_controllen = cmsg->cmsg_len;
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
} else {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
} else {
}
cur_len = sendmsg(fd, &msghdr, 0);
}
cur_len = sendmsg(fd, &msghdr, 0);
static int recv_retry(struct ubus_context *ctx, struct iovec *iov, bool wait, int *recv_fd)
{
static int recv_retry(struct ubus_context *ctx, struct iovec *iov, bool wait, int *recv_fd)
{
- int bytes, total = 0;
- int fd = ctx->sock.fd;
- static struct {
- int fd;
- struct cmsghdr h;
- } fd_buf = {
- .h = {
- .cmsg_type = SCM_RIGHTS,
- .cmsg_level = SOL_SOCKET,
- .cmsg_len = sizeof(fd_buf),
- },
- };
- struct msghdr msghdr = {
- .msg_iov = iov,
- .msg_iovlen = 1,
- };
+ uint8_t fd_buf[CMSG_SPACE(sizeof(int))] = { 0 };
+ struct msghdr msghdr = { 0 };
+ struct cmsghdr *cmsg;
+ int total = 0;
+ int bytes;
+ int *pfd;
+ int fd;
+
+ fd = ctx->sock.fd;
+
+ msghdr.msg_iov = iov,
+ msghdr.msg_iovlen = 1,
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = sizeof(fd_buf);
+
+ cmsg = CMSG_FIRSTHDR(&msghdr);
+ cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+
+ pfd = (int *) CMSG_DATA(cmsg);
while (iov->iov_len > 0) {
if (recv_fd) {
while (iov->iov_len > 0) {
if (recv_fd) {
- msghdr.msg_control = &fd_buf;
- msghdr.msg_controllen = sizeof(fd_buf);
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = cmsg->cmsg_len;
} else {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
}
} else {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
}
bytes = recvmsg(fd, &msghdr, 0);
if (!bytes)
return -1;
bytes = recvmsg(fd, &msghdr, 0);
if (!bytes)
return -1;
ssize_t ubus_msg_writev(int fd, struct ubus_msg_buf *ub, size_t offset)
{
ssize_t ubus_msg_writev(int fd, struct ubus_msg_buf *ub, size_t offset)
{
+ uint8_t fd_buf[CMSG_SPACE(sizeof(int))] = { 0 };
static struct iovec iov[2];
static struct iovec iov[2];
- static struct {
- int fd;
- struct cmsghdr h;
- } fd_buf = {
- .h = {
- .cmsg_len = sizeof(fd_buf),
- .cmsg_level = SOL_SOCKET,
- .cmsg_type = SCM_RIGHTS,
- },
- };
- struct msghdr msghdr = {
- .msg_iov = iov,
- .msg_iovlen = ARRAY_SIZE(iov),
- .msg_control = &fd_buf,
- .msg_controllen = sizeof(fd_buf),
- };
+ struct msghdr msghdr = { 0 };
+ msghdr.msg_iov = iov;
+ msghdr.msg_iovlen = ARRAY_SIZE(iov);
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = sizeof(fd_buf);
+
+ cmsg = CMSG_FIRSTHDR(&msghdr);
+ cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+
+ pfd = (int *) CMSG_DATA(cmsg);
+ msghdr.msg_controllen = cmsg->cmsg_len;
+
+ *pfd = ub->fd;
if (ub->fd < 0 || offset) {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
if (ub->fd < 0 || offset) {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
static void client_cb(struct uloop_fd *sock, unsigned int events)
{
struct ubus_client *cl = container_of(sock, struct ubus_client, sock);
static void client_cb(struct uloop_fd *sock, unsigned int events)
{
struct ubus_client *cl = container_of(sock, struct ubus_client, sock);
+ uint8_t fd_buf[CMSG_SPACE(sizeof(int))] = { 0 };
+ struct msghdr msghdr = { 0 };
struct ubus_msg_buf *ub;
static struct iovec iov;
struct ubus_msg_buf *ub;
static struct iovec iov;
- static struct {
- int fd;
- struct cmsghdr h;
- } fd_buf = {
- .h = {
- .cmsg_type = SCM_RIGHTS,
- .cmsg_level = SOL_SOCKET,
- .cmsg_len = sizeof(fd_buf),
- }
- };
- struct msghdr msghdr = {
- .msg_iov = &iov,
- .msg_iovlen = 1,
- };
+ struct cmsghdr *cmsg;
+ int *pfd;
+
+ msghdr.msg_iov = &iov,
+ msghdr.msg_iovlen = 1,
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = sizeof(fd_buf);
+
+ cmsg = CMSG_FIRSTHDR(&msghdr);
+ cmsg->cmsg_type = SCM_RIGHTS;
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_len = CMSG_LEN(sizeof(int));
+
+ pfd = (int *) CMSG_DATA(cmsg);
+ msghdr.msg_controllen = cmsg->cmsg_len;
/* first try to tx more pending data */
while ((ub = ubus_msg_head(cl))) {
/* first try to tx more pending data */
while ((ub = ubus_msg_head(cl))) {
int offset = cl->pending_msg_offset;
int bytes;
int offset = cl->pending_msg_offset;
int bytes;
iov.iov_base = ((char *) &cl->hdrbuf) + offset;
iov.iov_len = sizeof(cl->hdrbuf) - offset;
if (cl->pending_msg_fd < 0) {
iov.iov_base = ((char *) &cl->hdrbuf) + offset;
iov.iov_len = sizeof(cl->hdrbuf) - offset;
if (cl->pending_msg_fd < 0) {
- msghdr.msg_control = &fd_buf;
- msghdr.msg_controllen = sizeof(fd_buf);
+ msghdr.msg_control = fd_buf;
+ msghdr.msg_controllen = cmsg->cmsg_len;
} else {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
} else {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
- if (fd_buf.fd >= 0)
- cl->pending_msg_fd = fd_buf.fd;
+ if (*pfd >= 0)
+ cl->pending_msg_fd = *pfd;
cl->pending_msg_offset += bytes;
if (cl->pending_msg_offset < (int) sizeof(cl->hdrbuf))
cl->pending_msg_offset += bytes;
if (cl->pending_msg_offset < (int) sizeof(cl->hdrbuf))