Re: qemu couldn't connect the unix domain socket

29 Oct 2021

Hi Stefano,

I got the coredump file, it reports the `fork` syscall is bad:

Program terminated with signal SIGSYS, Bad system call.
#0  __GI__Fork () at ../sysdeps/nptl/_Fork.c:50
50   return pid;
(gdb) bt
#0  __GI__Fork () at ../sysdeps/nptl/_Fork.c:50
#1  0x00007f8c04fdc02a in __libc_fork () at fork.c:73
#2  0x00007f8c05009f8b in daemon (nochdir=0, noclose=0) at daemon.c:48
#3  0x000000000040c1e9 in main (argc=1, argv=0x7ffd10b5cd78) at passt.c:368
quit)

Looks like the seccomp is still badly configured.
I have little knowledge about the seccomp.

I have tried to add the fork like this, but it doesn't work.

--- a/passt.c
+++ b/passt.c
@@ -278,7 +278,7 @@ static void pid_file(struct ctx *c) {
  * #syscalls prlimit64 epoll_ctl epoll_create1 epoll_wait accept4 accept listen
  * #syscalls socket bind connect getsockopt setsockopt recvfrom sendto shutdown
  * #syscalls openat fstat fcntl lseek clone setsid exit_group getpid
- * #syscalls clock_gettime newfstatat
+ * #syscalls clock_gettime newfstatat fork
  * #syscalls:pasta rt_sigreturn
  */
 int main(int argc, char **argv)


Thanks,
Feng Li

On Fri, Oct 29, 2021 at 11:33 AM Li Feng  wrote:
...
Hi Stefano,
The previous test has included the fix.
This is my repo HEAD:
* 2c7431f - (HEAD -> master, origin/master, origin/HEAD) README:
Feature list, links to lists, bugs, chat (6 days ago) <Stefano Brivio>
* a77c5ef - README, perf_report: Markdown and CSS fixes (7 days ago)
<Stefano Brivio>
* 94c7c1d - slirp4netns.sh: Fix up usage, exit 0 on --help (7 days
ago) <Stefano Brivio>
* 1fc6416 - seccomp: Add newfstatat to list of allowed syscalls (7
days ago) <Stefano Brivio>
* d36e429 - netlink: Fix length of address attribute (7 days ago)
<Stefano Brivio>
My OS is Fedora 35, x64 version.
I will try to dig it when I have some time.
Thanks,
Feng Li
On Thu, Oct 28, 2021 at 3:30 PM Stefano Brivio  wrote:
...
Hi Feng Li,
On Thu, 28 Oct 2021 12:25:29 +0800
Li Feng  wrote:
...
Add cc.
Sorry, I missed your email. It looks like on Mailman3, if I'm the owner
of a list, I'm not automatically a member receiving posts from the list
itself -- added myself as member, too.
...
On Tue, Oct 26, 2021 at 1:28 PM Li Feng  wrote:
...
Hi,
I just tested the master code, the passt just exited without any error.
```
$ ./passt
Outbound interface: ens192
ARP:
    address: 00:50:56:be:9d:1f
DHCP:
    assign: 192.168.64.217
    mask: 255.255.240.0
    router: 192.168.64.1
        search:
            .
UNIX domain socket bound at /tmp/passt_1.socket
You can now start qrap:
    ./qrap 5 kvm ... -net socket,fd=5 -net nic,model=virtio
or directly qemu, patched with:
    qemu/0001-net-Allow-also-UNIX-domain-sockets-to-be-used-as-net.patch
as follows:
    kvm ... -net socket,connect=/tmp/passt_1.socket -net nic,model=virtio
21-10-26 13:23:43 root@192.168.64.217:~/passt(master✗)
passt will fork into background as soon as it gets a connection. Can
you retry running it as:
./passt -f -d
so we can see if something strange is going on (-f stands for
--foreground, -d for --debug)? Because:
...
...
```
Another terminal:
```
$ bash x.sh
recv: Connection reset by peer
Probe of /tmp/passt_1.socket failed
connect: No such file or directory
Probe of /tmp/passt_2.socket failed
connect: No such file or directory
Probe of /tmp/passt_3.socket failed
...
```
...well, this shouldn't happen. It's probing /tmp/passt_1.socket and
failing to get an answer.
This just happened to another user, in that case seccomp was
terminating passt because on his system daemon() called a different set
of syscalls compared to my system:
https://passt.top/passt/commit/?id=1fc6416cf9446cbf75818fd61772610e74709065
and I expect some more issues like these at the beginning, I didn't
test it on different distributions yet.
By the way, I'm working on adding tests for a few distributions right
now, so that we can catch those early.
--
Stefano

    