1. 23 3月, 2017 3 次提交
    • L
      5a4a0db0
    • L
      util: allow retrieving ethtool features when unprivileged · 549fe5a8
      Laine Stump 提交于
      The only reason that the ethtool features weren't being retrieved in
      an unprivileged libvirtd was because they required ioctl(), and the
      ioctl was using an AF_PACKET socket, which requires root. Now that we
      are using AF_UNIX for ioctl(), this restriction can be removed.
      549fe5a8
    • L
      util: use AF_UNIX family (not AF_PACKET) for ioctl sockets · 1c9a8746
      Laine Stump 提交于
      The exact family of the socket created for the fd used by ioctl(7)
      doesn't matter, it just needs to be a socket and not a file. But for
      some reason when macvtap support was added, it used
      AF_PACKET/SOCK_DGRAM sockets for its ioctls; we later used the same
      AF_PACKET/SOCK_DGRAM socket for new ioctls we added, and eventually
      modified the other pre-existing ioctl sockets (for creating/deleting
      bridges) to also use AF_PACKET/SOCK_DGRAM (that code originally used
      AF_UNIX/SOCK_STREAM).
      
      The problem with using AF_PACKET (intended for sending/receiving "raw"
      packets, i.e. packets that can be some protocol other than TCP or UDP)
      is that it requires root privileges. This meant that none of the
      ioctls in virnetdev.c or virnetdevip.c would work when running
      libvirtd unprivileged.
      
      This packet solves that problem by changing the family to AF_UNIX when
      creating the socket used for any ioctl().
      1c9a8746
  2. 22 3月, 2017 7 次提交
  3. 21 3月, 2017 4 次提交
  4. 20 3月, 2017 1 次提交
  5. 18 3月, 2017 7 次提交
  6. 17 3月, 2017 18 次提交