Merge pull request crc-org#195 from cfergeau/unixsocket

cfergeau · web-flow · commit 6c627896fcd0 · 2024-11-14T16:46:38.000+01:00
virtionet: Fix 'path too long' issues with virtio-net unixgram Support
diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml
@@ -23,7 +23,6 @@ jobs:
       fail-fast: false
       matrix:
         os:
-        - macOS-12
         - macOS-13
         - macOS-14
     steps:
diff --git a/pkg/vf/virtionet.go b/pkg/vf/virtionet.go
@@ -2,6 +2,7 @@ package vf
 
 import (
 	"fmt"
+	"math/rand"
 	"net"
 	"os"
 	"os/signal"
@@ -19,36 +20,46 @@ type VirtioNet struct {
 	localAddr *net.UnixAddr
 }
 
-func localUnixSocketPath() (string, error) {
-	homeDir, err := os.UserHomeDir()
+func localUnixSocketPath(dir string) (string, error) {
+	// unix socket endpoints are filesystem paths, but their max length is
+	// quite small (a bit over 100 bytes).
+	// In this function we try to build a filename which is relatively
+	// unique, not easily guessable (to prevent hostile collisions), and
+	// short (`os.CreateTemp` filenames are a bit too long)
+	//
+	// os.Getpid() is unique but guessable. We append a short 16 bit random
+	// number to it. We only use hex values to make the representation more
+	// compact
+	filename := filepath.Join(dir, fmt.Sprintf("vfkit-%x-%x.sock", os.Getpid(), rand.Int31n(0xffff))) //#nosec G404 -- no need for crypto/rand here
+
+	tmpFile, err := os.OpenFile(filename, os.O_CREATE|os.O_EXCL, 0600)
 	if err != nil {
 		return "", err
 	}
-	dir := filepath.Join(homeDir, "Library", "Application Support", "vfkit")
-	if err := os.MkdirAll(dir, 0755); err != nil {
-		return "", err
-	}
-	tmpFile, err := os.CreateTemp(dir, fmt.Sprintf("net-%d-*.sock", os.Getpid()))
-	if err != nil {
-		return "", err
-	}
-	// slightly racy, but this is in a directory only user-writable
+	// slightly racy, but hopefully this is in a directory only user-writable
 	defer tmpFile.Close()
 	defer os.Remove(tmpFile.Name())
 
 	return tmpFile.Name(), nil
 }
 
+// path for unixgram sockets must be less than 104 bytes on macOS
+const maxUnixgramPathLen = 104
+
 func (dev *VirtioNet) connectUnixPath() error {
+
 	remoteAddr := net.UnixAddr{
 		Name: dev.UnixSocketPath,
 		Net:  "unixgram",
 	}
-	localSocketPath, err := localUnixSocketPath()
+	localSocketPath, err := localUnixSocketPath(filepath.Dir(dev.UnixSocketPath))
 	if err != nil {
 		return err
 	}
-	// FIXME: need to remove localSocketPath at process  exit
+	if len(localSocketPath) >= maxUnixgramPathLen {
+		return fmt.Errorf("unixgram path '%s' is too long: %d >= %d bytes", localSocketPath, len(localSocketPath), maxUnixgramPathLen)
+	}
+	// FIXME: need to remove localSocketPath at process exit
 	localAddr := net.UnixAddr{
 		Name: localSocketPath,
 		Net:  "unixgram",
diff --git a/pkg/vf/virtionet_test.go b/pkg/vf/virtionet_test.go
@@ -1,9 +1,6 @@
 package vf
 
 import (
-	"bytes"
-	"fmt"
-	"math/rand"
 	"net"
 	"os"
 	"path/filepath"
@@ -14,16 +11,33 @@ import (
 	"github.com/stretchr/testify/require"
 )
 
-func testConnectUnixgram(t *testing.T) error {
-	unixSocketPath := filepath.Join("/tmp", fmt.Sprintf("vnet-test-%x.sock", rand.Int31n(0xffff))) //#nosec G404 -- no need for crypto/rand here
+func sourceSocketPath(t *testing.T, sourcePathLen int) (string, func()) {
+	// the 't.sock' name is chosen to be shorter than what
+	// localUnixSocketPath will generate so that the source socket path
+	// will not exceed the 104 byte limit while the destination socket path
+	// will, and will trigger an error
+	const sourceSocketName = "t.sock"
+	tmpDir := "/tmp"
+	subDirLen := sourcePathLen - len(tmpDir) - 2*len("/") - len(sourceSocketName) - 1
+	subDir := filepath.Join(tmpDir, strings.Repeat("a", subDirLen))
+	err := os.Mkdir(subDir, 0700)
+	require.NoError(t, err)
+	unixSocketPath := filepath.Join(subDir, sourceSocketName)
+	require.Equal(t, len(unixSocketPath), sourcePathLen-1)
+	return unixSocketPath, func() { os.RemoveAll(subDir) }
+
+}
+func testConnectUnixgram(t *testing.T, sourcePathLen int) error {
+	unixSocketPath, closer := sourceSocketPath(t, sourcePathLen)
+	defer closer()
+
 	addr, err := net.ResolveUnixAddr("unixgram", unixSocketPath)
 	require.NoError(t, err)
 
 	l, err := net.ListenUnixgram("unixgram", addr)
 	require.NoError(t, err)
 
 	defer l.Close()
-	defer os.Remove(unixSocketPath)
 
 	dev := &VirtioNet{
 		&config.VirtioNet{
@@ -37,46 +51,31 @@ func testConnectUnixgram(t *testing.T) error {
 
 func TestConnectUnixPath(t *testing.T) {
 	t.Run("Successful connection - no error", func(t *testing.T) {
-		err := testConnectUnixgram(t)
+		// 50 is an arbitrary number, small enough for the 104 bytes limit not to be exceeded
+		err := testConnectUnixgram(t, 50)
 		require.NoError(t, err)
 	})
 
 	t.Run("Failed connection - End socket longer than 104 bytes", func(t *testing.T) {
-		// Retrieve HOME env variable (used by the os.UserHomeDir)
-		origUserHome := os.Getenv("HOME")
-		defer func() {
-			os.Setenv("HOME", origUserHome)
-		}()
-
-		// Create a string of 100 bytes to update the user home to be sure to create a socket path > 104 bytes
-		b := bytes.Repeat([]byte("a"), 100)
-		subDir := string(b)
-
-		// Update HOME env so os.UserHomeDir returns the update path with subfolder
-		updatedUserHome := filepath.Join(origUserHome, subDir)
-		os.Setenv("HOME", updatedUserHome)
-		defer os.RemoveAll(updatedUserHome)
-
-		err := testConnectUnixgram(t)
+		err := testConnectUnixgram(t, maxUnixgramPathLen)
 		// It should return an error
 		require.Error(t, err)
-		require.ErrorContains(t, err, "invalid argument")
+		require.ErrorContains(t, err, "is too long")
 	})
 }
 
 func TestLocalUnixSocketPath(t *testing.T) {
 	t.Run("Success case - Creates temporary socket path", func(t *testing.T) {
 		// Retrieve HOME env variable (used by the os.UserHomeDir)
-		userHome := os.Getenv("HOME")
+		socketDir := t.TempDir()
 
-		path, err := localUnixSocketPath()
+		path, err := localUnixSocketPath(socketDir)
 
 		// Assert successful execution
 		require.NoError(t, err)
 
 		// Check if path starts with the expected prefix
-		expectedPrefix := filepath.Join(userHome, "Library", "Application Support", "vfkit")
-		require.Truef(t, strings.HasPrefix(path, expectedPrefix), "Path doesn't start with expected prefix: %v", path)
+		require.Truef(t, strings.HasPrefix(path, socketDir), "Path doesn't start with expected prefix: %v", path)
 
 		// Check if path ends with a socket extension
 		require.Equalf(t, ".sock", filepath.Ext(path), "Path doesn't end with .sock extension: %v, ext is %v", path, filepath.Ext(path))
