diff mbox series

[bitbake-devel,kirkstone,2.0] utils: Add enable_loopback_networking()

Message ID 20240109100753.147890-1-fabio.berton@criticaltechworks.com
State New
Headers show
Series [bitbake-devel,kirkstone,2.0] utils: Add enable_loopback_networking() | expand

Commit Message

Fabio Berton Jan. 9, 2024, 10:07 a.m. UTC 
From: Mattias Jernberg <mattiasj@axis.com>

It can be used to enable the loopback interface, typically after calling
disable_network().

Also correct a typo in a debug message.

Signed-off-by: Mattias Jernberg <mattias.jernberg@axis.com>
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0d317209d4234c5f05a9fcdc13c52f502f104018)
Signed-off-by: Fabio Berton <fabio.berton@criticaltechworks.com>
---
 lib/bb/utils.py | 42 +++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 41 insertions(+), 1 deletion(-)

--
2.25.1

The information in this communication may contain confidential or legally privileged information. It is intended solely for the use of the individual or entity it addresses and others authorized to receive it. If you are not an intended recipient, you are hereby notified that any disclosure, copying, distribution or action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication by error, please notify us immediately by responding to this e-mail and then delete it from your system. Critical TechWorks is not liable for the proper and complete transmission of the information in this communication nor for any delay in its receipt

This e-mail is environmentally friendly, just like Critical TechWorks, which lives in a paper-free atmosphere. Therefore, please consider the environment before printing it!

Comments

Fabio Berton Jan. 31, 2024, 8:49 a.m. UTC | #1 
Hi!
Can this patch be backported to Kirkstone or is it a change that cannot 
be backported?

Thanks

On 1/9/2024 10:07 AM, Fabio Berton via lists.openembedded.org wrote:
> From: Mattias Jernberg<mattiasj@axis.com>
>
> It can be used to enable the loopback interface, typically after calling
> disable_network().
>
> Also correct a typo in a debug message.
>
> Signed-off-by: Mattias Jernberg<mattias.jernberg@axis.com>
> Signed-off-by: Peter Kjellerstedt<peter.kjellerstedt@axis.com>
> Signed-off-by: Richard Purdie<richard.purdie@linuxfoundation.org>
> (cherry picked from commit 0d317209d4234c5f05a9fcdc13c52f502f104018)
> Signed-off-by: Fabio Berton<fabio.berton@criticaltechworks.com>
> ---
>   lib/bb/utils.py | 42 +++++++++++++++++++++++++++++++++++++++++-
>   1 file changed, 41 insertions(+), 1 deletion(-)
>
> diff --git a/lib/bb/utils.py b/lib/bb/utils.py
> index 3f7f82d1..d09e1782 100644
> --- a/lib/bb/utils.py
> +++ b/lib/bb/utils.py
> @@ -30,6 +30,8 @@ import collections
>   import copy
>   import ctypes
>   import random
> +import socket
> +import struct
>   import tempfile
>   from subprocess import getstatusoutput
>   from contextlib import contextmanager
> @@ -1627,6 +1629,44 @@ def set_process_name(name):
>       except:
>           pass
>
> +def enable_loopback_networking():
> +    # From bits/ioctls.h
> +    SIOCGIFFLAGS = 0x8913
> +    SIOCSIFFLAGS = 0x8914
> +    SIOCSIFADDR = 0x8916
> +    SIOCSIFNETMASK = 0x891C
> +
> +    # if.h
> +    IFF_UP = 0x1
> +    IFF_RUNNING = 0x40
> +
> +    # bits/socket.h
> +    AF_INET = 2
> +
> +    # char ifr_name[IFNAMSIZ=16]
> +    ifr_name = struct.pack("@16s", b"lo")
> +    def netdev_req(fd, req, data = b""):
> +        # Pad and add interface name
> +        data = ifr_name + data + (b'\x00' * (16 - len(data)))
> +        # Return all data after interface name
> +        return fcntl.ioctl(fd, req, data)[16:]
> +
> +    with socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_IP) as sock:
> +        fd = sock.fileno()
> +
> +        # struct sockaddr_in ifr_addr { unsigned short family; uint16_t sin_port ; uint32_t in_addr; }
> +        req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 127, 0, 0, 1)
> +        netdev_req(fd, SIOCSIFADDR, req)
> +
> +        # short ifr_flags
> +        flags = struct.unpack_from('@h', netdev_req(fd, SIOCGIFFLAGS))[0]
> +        flags |= IFF_UP | IFF_RUNNING
> +        netdev_req(fd, SIOCSIFFLAGS, struct.pack('@h', flags))
> +
> +        # struct sockaddr_in ifr_netmask
> +        req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 255, 0, 0, 0)
> +        netdev_req(fd, SIOCSIFNETMASK, req)
> +
>   def disable_network(uid=None, gid=None):
>       """
>       Disable networking in the current process if the kernel supports it, else
> @@ -1648,7 +1688,7 @@ def disable_network(uid=None, gid=None):
>
>       ret = libc.unshare(CLONE_NEWNET | CLONE_NEWUSER)
>       if ret != 0:
> -        logger.debug("System doesn't suport disabling network without admin privs")
> +        logger.debug("System doesn't support disabling network without admin privs")
>           return
>       with open("/proc/self/uid_map", "w") as f:
>           f.write("%s %s 1" % (uid, uid))
> --
> 2.25.1
>
> The information in this communication may contain confidential or legally privileged information. It is intended solely for the use of the individual or entity it addresses and others authorized to receive it. If you are not an intended recipient, you are hereby notified that any disclosure, copying, distribution or action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication by error, please notify us immediately by responding to this e-mail and then delete it from your system. Critical TechWorks is not liable for the proper and complete transmission of the information in this communication nor for any delay in its receipt
>
> This e-mail is environmentally friendly, just like Critical TechWorks, which lives in a paper-free atmosphere. Therefore, please consider the environment before printing it!
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#15757):https://lists.openembedded.org/g/bitbake-devel/message/15757
> Mute This Topic:https://lists.openembedded.org/mt/103617369/6083838
> Group Owner:bitbake-devel+owner@lists.openembedded.org
> Unsubscribe:https://lists.openembedded.org/g/bitbake-devel/unsub  [fbberton@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Fabio Berton Feb. 14, 2024, 9:18 a.m. UTC | #2 
gentle ping
diff mbox series

Patch

diff --git a/lib/bb/utils.py b/lib/bb/utils.py
index 3f7f82d1..d09e1782 100644
--- a/lib/bb/utils.py
+++ b/lib/bb/utils.py
@@ -30,6 +30,8 @@  import collections
 import copy
 import ctypes
 import random
+import socket
+import struct
 import tempfile
 from subprocess import getstatusoutput
 from contextlib import contextmanager
@@ -1627,6 +1629,44 @@  def set_process_name(name):
     except:
         pass

+def enable_loopback_networking():
+    # From bits/ioctls.h
+    SIOCGIFFLAGS = 0x8913
+    SIOCSIFFLAGS = 0x8914
+    SIOCSIFADDR = 0x8916
+    SIOCSIFNETMASK = 0x891C
+
+    # if.h
+    IFF_UP = 0x1
+    IFF_RUNNING = 0x40
+
+    # bits/socket.h
+    AF_INET = 2
+
+    # char ifr_name[IFNAMSIZ=16]
+    ifr_name = struct.pack("@16s", b"lo")
+    def netdev_req(fd, req, data = b""):
+        # Pad and add interface name
+        data = ifr_name + data + (b'\x00' * (16 - len(data)))
+        # Return all data after interface name
+        return fcntl.ioctl(fd, req, data)[16:]
+
+    with socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_IP) as sock:
+        fd = sock.fileno()
+
+        # struct sockaddr_in ifr_addr { unsigned short family; uint16_t sin_port ; uint32_t in_addr; }
+        req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 127, 0, 0, 1)
+        netdev_req(fd, SIOCSIFADDR, req)
+
+        # short ifr_flags
+        flags = struct.unpack_from('@h', netdev_req(fd, SIOCGIFFLAGS))[0]
+        flags |= IFF_UP | IFF_RUNNING
+        netdev_req(fd, SIOCSIFFLAGS, struct.pack('@h', flags))
+
+        # struct sockaddr_in ifr_netmask
+        req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 255, 0, 0, 0)
+        netdev_req(fd, SIOCSIFNETMASK, req)
+
 def disable_network(uid=None, gid=None):
     """
     Disable networking in the current process if the kernel supports it, else
@@ -1648,7 +1688,7 @@  def disable_network(uid=None, gid=None):

     ret = libc.unshare(CLONE_NEWNET | CLONE_NEWUSER)
     if ret != 0:
-        logger.debug("System doesn't suport disabling network without admin privs")
+        logger.debug("System doesn't support disabling network without admin privs")
         return
     with open("/proc/self/uid_map", "w") as f:
         f.write("%s %s 1" % (uid, uid))