clh: Pass the tuntap fds down to Cloud Hypervisor

This is basically a no-op right now, as: * netPair.TapInterface.VMFds is nil * the tap name is still passed to Cloud Hypervisor, which is the Cloud Hypervisor's first choice when opening a tap device. In the very near future we'll stop passing the tap name to Cloud Hypervisor, and start passing the file descriptors of the opened tap instead. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
2025-06-18 19:59:45 +00:00 · 2022-05-19 09:32:27 +02:00 · 2022-05-19 09:32:27 +02:00 · bf3ddc125d
commit bf3ddc125d
parent 55ed32e924
2 changed files with 25 additions and 13 deletions
--- a/src/runtime/virtcontainers/clh.go
+++ b/src/runtime/virtcontainers/clh.go
@ -181,12 +181,18 @@ var vmAddNetPutRequest = func(clh *cloudHypervisor) error {
 			return err
 		}

-		payloadn, err := conn.Write([]byte(payload))
+		files := clh.netDevicesFiles[*netDevice.Mac]
+		var fds []int
+		for _, f := range files {
+			fds = append(fds, int(f.Fd()))
+		}
+		oob := syscall.UnixRights(fds...)
+		payloadn, oobn, err := conn.WriteMsgUnix([]byte(payload), oob, nil)
 		if err != nil {
 			return err
 		}
-		if payloadn != len(payload) {
-			return fmt.Errorf("Failed to send all the request to Cloud Hypervisor. %d bytes expect to send, but only %d sent", len(payload), payloadn)
+		if payloadn != len(payload) || oobn != len(oob) {
+			return fmt.Errorf("Failed to send all the request to Cloud Hypervisor. %d bytes expect to send as payload, %d bytes expect to send as oob date,  but only %d sent as payload, and %d sent as oob", len(payload), len(oob), payloadn, oobn)
 		}

 		reader := bufio.NewReader(conn)
@ -236,6 +242,7 @@ type cloudHypervisor struct {
 	id              string
 	netDevices      *[]chclient.NetConfig
 	devicesIds      map[string]string
+	netDevicesFiles map[string][]*os.File
 	vmconfig        chclient.VmConfig
 	state           CloudHypervisorState
 	config          HypervisorConfig
@ -430,6 +437,7 @@ func (clh *cloudHypervisor) CreateVM(ctx context.Context, id string, network Net
 	clh.id = id
 	clh.state.state = clhNotReady
 	clh.devicesIds = make(map[string]string)
+	clh.netDevicesFiles = make(map[string][]*os.File)

 	clh.Logger().WithField("function", "CreateVM").Info("creating Sandbox")

@ -1456,6 +1464,7 @@ func (clh *cloudHypervisor) addNet(e Endpoint) error {
 	if tapPath == "" {
 		return errors.New("TAP path in network pair is empty")
 	}
+	clh.netDevicesFiles[mac] = netPair.TapInterface.VMFds

 	clh.Logger().WithFields(log.Fields{
 		"mac": mac,
--- a/src/runtime/virtcontainers/clh_test.go
+++ b/src/runtime/virtcontainers/clh_test.go
@ -135,6 +135,7 @@ func TestCloudHypervisorAddNetCheckNetConfigListValues(t *testing.T) {
 	assert := assert.New(t)

 	clh := cloudHypervisor{}
+	clh.netDevicesFiles = make(map[string][]*os.File)

 	e := &VethEndpoint{}
 	e.NetPair.TAPIface.HardAddr = macTest
@ -185,6 +186,7 @@ func TestCloudHypervisorAddNetCheckEnpointTypes(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			clh := &cloudHypervisor{}
+			clh.netDevicesFiles = make(map[string][]*os.File)
 			if err := clh.addNet(tt.args.e); (err != nil) != tt.wantErr {
 				t.Errorf("cloudHypervisor.addNet() error = %v, wantErr %v", err, tt.wantErr)

@ -339,6 +341,7 @@ func TestCloudHypervisorNetRateLimiter(t *testing.T) {
 			clhConfig.NetRateLimiterOpsOneTimeBurst = tt.args.opsOneTimeBurst

 			clh := &cloudHypervisor{}
+			clh.netDevicesFiles = make(map[string][]*os.File)
 			clh.config = clhConfig
 			clh.APIClient = &clhClientMock{}