rpms/linux-sgx
7
0
Fork 0
Code Issues Pull Requests Releases Activity
bc5efa9502
linux-sgx/0117-qgs-add-m-MODE-parameter-for-UNIX-socket-mode.patch
Daniel P. Berrangé bc5efa9502 Update to SGX 2.26 / DCAP 1.23, adding PCCS service 
Resolves: https://issues.redhat.com/browse/RHEL-121612
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2025-11-18 18:29:56 +00:00

104 lines
4.7 KiB
Diff
Raw Blame History

From 22171373ad5c818b5a57339ba607ff9876e34939 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Fri, 2 May 2025 14:48:24 +0100
Subject: [PATCH 117/120] qgs: add -m=MODE parameter for UNIX socket mode
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The UNIX socket mode default is controlled by the process umask, but it
can be desirable to override this to open up the socket mode, while
keeping the umask restrictive.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
.../quote_wrapper/qgs/server_main.cpp | 35 +++++++++++++++++--
1 file changed, 32 insertions(+), 3 deletions(-)
diff --git a/QuoteGeneration/quote_wrapper/qgs/server_main.cpp b/QuoteGeneration/quote_wrapper/qgs/server_main.cpp
index 47f6c26..4628b18 100644
--- a/QuoteGeneration/quote_wrapper/qgs/server_main.cpp
+++ b/QuoteGeneration/quote_wrapper/qgs/server_main.cpp
@@ -73,9 +73,10 @@ int main(int argc, const char* argv[])
bool no_daemon = false;
unsigned long int port = 0;
unsigned long int num_threads = 0;
+ unsigned long int mode = 0;
char *endptr = NULL;
if (argc > 4) {
- cout << "Usage: " << argv[0] << " [--no-daemon] [-p=port_number] [-n=number_threads] [--verbose] [--debug]"
+ cout << "Usage: " << argv[0] << " [--no-daemon] [-p=port_number] [-m=unix_socket_mode] [-n=number_threads] [--verbose] [--debug]"
<< endl;
exit(1);
}
@@ -106,6 +107,19 @@ int main(int argc, const char* argv[])
}
cout << "port number [" << port << "] found in cmdline" << endl;
continue;
+ } else if (strncmp(argv[i], "-m=", 3 ) == 0) {
+ if (strspn(argv[i] + 3, "0123456789") != strlen(argv[i] + 3)) {
+ cout << "Please input valid socket mode" << endl;
+ exit(1);
+ }
+ errno = 0;
+ mode = strtoul(argv[i] + 3, &endptr, 8);
+ if (errno || strlen(endptr) || (mode > UINT_MAX) ) {
+ cout << "Please input valid socket mode" << endl;
+ exit(1);
+ }
+ cout << "socket mode [" << oct << mode << dec << "] found in cmdline" << endl;
+ continue;
} else if (strncmp(argv[i], "-n=", 3) == 0) {
if (strspn(argv[i] + 3, "0123456789") != strlen(argv[i] + 3)) {
cout << "Please input valid thread number" << endl;
@@ -120,7 +134,7 @@ int main(int argc, const char* argv[])
cout << "thread number [" << num_threads << "] found in cmdline" << endl;
continue;
} else {
- cout << "Usage: " << argv[0] << " [--no-daemon] [-p=port_number] [-n=number_threads] [--verbose] [--debug]"
+ cout << "Usage: " << argv[0] << " [--no-daemon] [-p=port_number] [-m=unix_socket_mode] [-n=number_threads] [--verbose] [--debug]"
<< endl;
exit(1);
}
@@ -129,7 +143,7 @@ int main(int argc, const char* argv[])
// Use the port number in QGS_CONFIG_FILE if no valid port number on
// command line
- if (port == 0 || num_threads == 0) {
+ if (port == 0 || num_threads == 0 || mode == 0) {
ifstream config_file(QGS_CONFIG_FILE);
if (config_file.is_open()) {
string line;
@@ -161,6 +175,15 @@ int main(int argc, const char* argv[])
<< QGS_CONFIG_FILE << endl;
exit(1);
}
+ } else if (!mode && name.compare("socket_mode") == 0) {
+ errno = 0;
+ endptr = NULL;
+ mode = strtoul(value, &endptr, 8);
+ if (errno || strlen(endptr) || (mode > UINT_MAX)) {
+ cout << "Please input valid socket mode in "
+ << QGS_CONFIG_FILE << endl;
+ exit(1);
+ }
} else if (!num_threads && name.compare("number_threads") == 0) {
errno = 0;
endptr = NULL;
@@ -212,6 +235,12 @@ int main(int argc, const char* argv[])
}
QGS_LOG_INFO("About to create QgsServer with num_thread = %d\n", (uint8_t)num_threads);
server = new QgsServer(io_service, ep, (uint8_t)num_threads);
+ /* Allow mode to be determined by umask by default,
+ * overriding only if an explicit mode is requested
+ */
+ if (!port && mode != 0) {
+ chmod(QGS_UNIX_SOCKET_FILE, mode);
+ }
QGS_LOG_INFO("About to start main loop\n");
io_service.run();
QGS_LOG_INFO("Quit main loop\n");
--
2.49.0
Reference in New Issue View Git Blame Copy Permalink