Message ID | 20240109100753.147890-1-fabio.berton@criticaltechworks.com |
---|---|
State | New |
Headers | show |
Series | [bitbake-devel,kirkstone,2.0] utils: Add enable_loopback_networking() | expand |
Hi! Can this patch be backported to Kirkstone or is it a change that cannot be backported? Thanks On 1/9/2024 10:07 AM, Fabio Berton via lists.openembedded.org wrote: > From: Mattias Jernberg<mattiasj@axis.com> > > It can be used to enable the loopback interface, typically after calling > disable_network(). > > Also correct a typo in a debug message. > > Signed-off-by: Mattias Jernberg<mattias.jernberg@axis.com> > Signed-off-by: Peter Kjellerstedt<peter.kjellerstedt@axis.com> > Signed-off-by: Richard Purdie<richard.purdie@linuxfoundation.org> > (cherry picked from commit 0d317209d4234c5f05a9fcdc13c52f502f104018) > Signed-off-by: Fabio Berton<fabio.berton@criticaltechworks.com> > --- > lib/bb/utils.py | 42 +++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 41 insertions(+), 1 deletion(-) > > diff --git a/lib/bb/utils.py b/lib/bb/utils.py > index 3f7f82d1..d09e1782 100644 > --- a/lib/bb/utils.py > +++ b/lib/bb/utils.py > @@ -30,6 +30,8 @@ import collections > import copy > import ctypes > import random > +import socket > +import struct > import tempfile > from subprocess import getstatusoutput > from contextlib import contextmanager > @@ -1627,6 +1629,44 @@ def set_process_name(name): > except: > pass > > +def enable_loopback_networking(): > + # From bits/ioctls.h > + SIOCGIFFLAGS = 0x8913 > + SIOCSIFFLAGS = 0x8914 > + SIOCSIFADDR = 0x8916 > + SIOCSIFNETMASK = 0x891C > + > + # if.h > + IFF_UP = 0x1 > + IFF_RUNNING = 0x40 > + > + # bits/socket.h > + AF_INET = 2 > + > + # char ifr_name[IFNAMSIZ=16] > + ifr_name = struct.pack("@16s", b"lo") > + def netdev_req(fd, req, data = b""): > + # Pad and add interface name > + data = ifr_name + data + (b'\x00' * (16 - len(data))) > + # Return all data after interface name > + return fcntl.ioctl(fd, req, data)[16:] > + > + with socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_IP) as sock: > + fd = sock.fileno() > + > + # struct sockaddr_in ifr_addr { unsigned short family; uint16_t sin_port ; uint32_t in_addr; } > + req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 127, 0, 0, 1) > + netdev_req(fd, SIOCSIFADDR, req) > + > + # short ifr_flags > + flags = struct.unpack_from('@h', netdev_req(fd, SIOCGIFFLAGS))[0] > + flags |= IFF_UP | IFF_RUNNING > + netdev_req(fd, SIOCSIFFLAGS, struct.pack('@h', flags)) > + > + # struct sockaddr_in ifr_netmask > + req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 255, 0, 0, 0) > + netdev_req(fd, SIOCSIFNETMASK, req) > + > def disable_network(uid=None, gid=None): > """ > Disable networking in the current process if the kernel supports it, else > @@ -1648,7 +1688,7 @@ def disable_network(uid=None, gid=None): > > ret = libc.unshare(CLONE_NEWNET | CLONE_NEWUSER) > if ret != 0: > - logger.debug("System doesn't suport disabling network without admin privs") > + logger.debug("System doesn't support disabling network without admin privs") > return > with open("/proc/self/uid_map", "w") as f: > f.write("%s %s 1" % (uid, uid)) > -- > 2.25.1 > > The information in this communication may contain confidential or legally privileged information. It is intended solely for the use of the individual or entity it addresses and others authorized to receive it. If you are not an intended recipient, you are hereby notified that any disclosure, copying, distribution or action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication by error, please notify us immediately by responding to this e-mail and then delete it from your system. Critical TechWorks is not liable for the proper and complete transmission of the information in this communication nor for any delay in its receipt > > This e-mail is environmentally friendly, just like Critical TechWorks, which lives in a paper-free atmosphere. Therefore, please consider the environment before printing it! > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#15757):https://lists.openembedded.org/g/bitbake-devel/message/15757 > Mute This Topic:https://lists.openembedded.org/mt/103617369/6083838 > Group Owner:bitbake-devel+owner@lists.openembedded.org > Unsubscribe:https://lists.openembedded.org/g/bitbake-devel/unsub [fbberton@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
gentle ping
diff --git a/lib/bb/utils.py b/lib/bb/utils.py index 3f7f82d1..d09e1782 100644 --- a/lib/bb/utils.py +++ b/lib/bb/utils.py @@ -30,6 +30,8 @@ import collections import copy import ctypes import random +import socket +import struct import tempfile from subprocess import getstatusoutput from contextlib import contextmanager @@ -1627,6 +1629,44 @@ def set_process_name(name): except: pass +def enable_loopback_networking(): + # From bits/ioctls.h + SIOCGIFFLAGS = 0x8913 + SIOCSIFFLAGS = 0x8914 + SIOCSIFADDR = 0x8916 + SIOCSIFNETMASK = 0x891C + + # if.h + IFF_UP = 0x1 + IFF_RUNNING = 0x40 + + # bits/socket.h + AF_INET = 2 + + # char ifr_name[IFNAMSIZ=16] + ifr_name = struct.pack("@16s", b"lo") + def netdev_req(fd, req, data = b""): + # Pad and add interface name + data = ifr_name + data + (b'\x00' * (16 - len(data))) + # Return all data after interface name + return fcntl.ioctl(fd, req, data)[16:] + + with socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_IP) as sock: + fd = sock.fileno() + + # struct sockaddr_in ifr_addr { unsigned short family; uint16_t sin_port ; uint32_t in_addr; } + req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 127, 0, 0, 1) + netdev_req(fd, SIOCSIFADDR, req) + + # short ifr_flags + flags = struct.unpack_from('@h', netdev_req(fd, SIOCGIFFLAGS))[0] + flags |= IFF_UP | IFF_RUNNING + netdev_req(fd, SIOCSIFFLAGS, struct.pack('@h', flags)) + + # struct sockaddr_in ifr_netmask + req = struct.pack("@H", AF_INET) + struct.pack("=H4B", 0, 255, 0, 0, 0) + netdev_req(fd, SIOCSIFNETMASK, req) + def disable_network(uid=None, gid=None): """ Disable networking in the current process if the kernel supports it, else @@ -1648,7 +1688,7 @@ def disable_network(uid=None, gid=None): ret = libc.unshare(CLONE_NEWNET | CLONE_NEWUSER) if ret != 0: - logger.debug("System doesn't suport disabling network without admin privs") + logger.debug("System doesn't support disabling network without admin privs") return with open("/proc/self/uid_map", "w") as f: f.write("%s %s 1" % (uid, uid))