mesh_remote: add external connection support for Unix socket meshes#3124
Open
jstarks wants to merge 4 commits intomicrosoft:mainfrom
Open
mesh_remote: add external connection support for Unix socket meshes#3124jstarks wants to merge 4 commits intomicrosoft:mainfrom
jstarks wants to merge 4 commits intomicrosoft:mainfrom
Conversation
Enable external processes to connect to a running mesh over a well-known Unix socket path. This is the transport foundation for allowing a CLI process needs to join an already-running VM's mesh at runtime. Windows/ALPC support will come in a separate change.
|
This PR modifies files containing For more on why we check whole files, instead of just diffs, check out the Rustonomicon |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds Unix-domain socket support to mesh_remote so external processes (e.g., a CLI) can connect to a running mesh via a well-known socket path, establishing a foundation for runtime “join an existing VM mesh” workflows (with Windows/ALPC planned separately).
Changes:
- Introduces a generic
MeshPayload-over-Unix-stream transport with SCM_RIGHTS fd passing (unix_payload). - Adds a Unix mesh listener/handshake layer to accept connections by path and hand out invitations (
unix_listener). - Refactors SCM_RIGHTS send/recv helpers into a shared Unix module and tweaks
UnixNode::inviteerror typing.
Reviewed changes
Copilot reviewed 6 out of 7 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| support/mesh/mesh_remote/src/unix_payload.rs | New payload framing + fd transfer over Unix stream sockets; listener/connect helpers + tests |
| support/mesh/mesh_remote/src/unix_node.rs | Extracts inviter handle and changes invite() error type; reuses shared SCM_RIGHTS helpers |
| support/mesh/mesh_remote/src/unix_listener.rs | New Unix socket listener + handshake + join_by_path() API and end-to-end test |
| support/mesh/mesh_remote/src/unix_common.rs | New shared unsafe SCM_RIGHTS send/recv implementation + tests |
| support/mesh/mesh_remote/src/lib.rs | Wires new Unix modules and re-exports new Unix listener/join error types |
| support/mesh/mesh_remote/Cargo.toml | Adds tempfile dev-dependency for new Unix tests |
| Cargo.lock | Records tempfile dependency for mesh_remote dev builds |
size_of_val(fds) measured OsResource elements (8 bytes each on 64-bit) but the cmsg payload contains RawFd values (4 bytes each). This over- reported cmsg_len, potentially causing the kernel to read extra zero- valued fd entries from the buffer.
jstarks
changed the title
chris-oo
reviewed
Mar 26, 2026
| // that was populated by recvmsg. | ||
| let raw_fds = unsafe { std::slice::from_raw_parts(data_ptr.cast::<RawFd>(), fd_count) }; | ||
| fds.extend(raw_fds.iter().map(|&raw_fd| { | ||
| // SAFETY: per the kernel contract, this fd is now owned by the process. |
Member
There was a problem hiding this comment.
i'm trying to find the docs on this ownership change, where is it?
| "control message truncated: sender sent too many file descriptors", | ||
| )); | ||
| } | ||
| if hdr.msg_flags & libc::MSG_TRUNC != 0 { |
Member
There was a problem hiding this comment.
what error case is this one, that sendmsg the payload was too large?
| } | ||
|
|
||
| #[cfg(test)] | ||
| mod tests { |
Member
There was a problem hiding this comment.
did you run these tests thru miri? does that give anything useful?
Member
Author
There was a problem hiding this comment.
miri can't handle scm_rights
- Merge unix_payload into unix_listener (single consumer, no need for a separate module) - Replace manual header parsing with zerocopy PayloadHeader struct - Replace PortResourceNotSupported error with unreachable!() (internal invariant, not a public API boundary) - Tighten recv limits: 4 KiB data / 4 fds (only Invitation is sent, ~100 bytes + 1 fd) - Improve comments: SCM_RIGHTS ownership docs, MSG_TRUNC explanation, module-level docs for unix_common and unix_listener - Remove redundant test_send_recv_payload_with_fd (covered by test_end_to_end)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Enable external processes to connect to a running mesh over a well-known Unix socket path. This is the transport foundation for allowing a CLI process needs to join an already-running VM's mesh at runtime.
Windows/ALPC support will come in a separate change.