August 2014 - Devel - libvirt List Archives

[libvirt] [PATCH] Fix python error reporting for some storage operations
by Cole Robinson 07 Mar '25

07 Mar '25

In the python bindings, all vir* classes expect to be passed a virConnect object when instantiated. Before the storage stuff, these classes were only instantiated in virConnect methods, so the generator is hardcoded to pass 'self' as the connection instance to these classes. Problem is there are some methods that return pool or vol instances which aren't called from virConnect: you can lookup a storage volume's associated pool, and can lookup volumes from a pool. In these cases passing 'self' doesn't give the vir* instance a connection, so when it comes time to raise an exception crap hits the fan. Rather than rework the generator to accomodate this edge case, I just fixed the init functions for virStorage* to pull the associated connection out of the passed value if it's not a virConnect instance. Thanks, Cole diff --git a/python/generator.py b/python/generator.py index 01a17da..c706b19 100755 --- a/python/generator.py +++ b/python/generator.py @@ -962,8 +962,12 @@ def buildWrappers(): list = reference_keepers[classname] for ref in list: classes.write(" self.%s = None\n" % ref[1]) - if classname in [ "virDomain", "virNetwork", "virStoragePool", "virStorageVol" ]: + if classname in [ "virDomain", "virNetwork" ]: classes.write(" self._conn = conn\n") + elif classname in [ "virStorageVol", "virStoragePool" ]: + classes.write(" self._conn = conn\n" + \ + " if not isinstance(conn, virConnect):\n" + \ + " self._conn = conn._conn\n") classes.write(" if _obj != None:self._o = _obj;return\n") classes.write(" self._o = None\n\n"); destruct=None

4 3

[libvirt] [PATCH] web docs -- macvtap mode explanation
by Stefan Berger 27 Oct '23

27 Oct '23

This adds more information about the different macvtap device modes. Regards, Stefan

3 2

[libvirt] Supporting vhost-net and macvtap in libvirt for QEMU
by Anthony Liguori 27 Oct '23

27 Oct '23

Disclaimer: I am neither an SR-IOV nor a vhost-net expert, but I've CC'd people that are who can throw tomatoes at me for getting bits wrong :-) I wanted to start a discussion about supporting vhost-net in libvirt. vhost-net has not yet been merged into qemu but I expect it will be soon so it's a good time to start this discussion. There are two modes worth supporting for vhost-net in libvirt. The first mode is where vhost-net backs to a tun/tap device. This is behaves in very much the same way that -net tap behaves in qemu today. Basically, the difference is that the virtio backend is in the kernel instead of in qemu so there should be some performance improvement. Current, libvirt invokes qemu with -net tap,fd=X where X is an already open fd to a tun/tap device. I suspect that after we merge vhost-net, libvirt could support vhost-net in this mode by just doing -net vhost,fd=X. I think the only real question for libvirt is whether to provide a user visible switch to use vhost or to just always use vhost when it's available and it makes sense. Personally, I think the later makes sense. The more interesting invocation of vhost-net though is one where the vhost-net device backs directly to a physical network card. In this mode, vhost should get considerably better performance than the current implementation. I don't know the syntax yet, but I think it's reasonable to assume that it will look something like -net tap,dev=eth0. The effect will be that eth0 is dedicated to the guest. On most modern systems, there is a small number of network devices so this model is not all that useful except when dealing with SR-IOV adapters. In that case, each physical device can be exposed as many virtual devices (VFs). There are a few restrictions here though. The biggest is that currently, you can only change the number of VFs by reloading a kernel module so it's really a parameter that must be set at startup time. I think there are a few ways libvirt could support vhost-net in this second mode. The simplest would be to introduce a new tag similar to <source network='br0'>. In fact, if you probed the device type for the network parameter, you could probably do something like <source network='eth0'> and have it Just Work. Another model would be to have libvirt see an SR-IOV adapter as a network pool whereas it handled all of the VF management. Considering how inflexible SR-IOV is today, I'm not sure whether this is the best model. Has anyone put any more thought into this problem or how this should be modeled in libvirt? Michael, could you share your current thinking for -net syntax? -- Regards, Anthony Liguori

8 26

[libvirt] Libvirt multi queue support
by Naor Shlomo 14 Jun '16

14 Jun '16

Hello experts, Could anyone please tell me if Multi Queue it fully supported in Libvirt and if so what version contains it? Thanks, Naor

3 9

[libvirt] securityselinuxlabeltest test fails on v1.2.5
by Scott Sullivan 09 Apr '15

09 Apr '15

I am trying to build v1.2.5-maint, however I have one test failing causing the build to fail: TEST: securityselinuxlabeltest !!!. 4 FAIL PASS: virsh-undefine ======================================= 1 of 112 tests failed Please report to libvir-list(a)redhat.com ======================================= make[2]: *** [check-TESTS] Error 1 make[2]: Leaving directory `/home/rpmbuild/packages/libvirt/tests' make[1]: *** [check-am] Error 2 make[1]: Leaving directory `/home/rpmbuild/packages/libvirt/tests' make: *** [check-recursive] Error 1 error: Bad exit status from /var/tmp/rpm-tmp.UGNUaq (%build) Is anyone else having this problem? Im building on CentOS 6.5. Im happy to provide any further information as needed.

7 12

[libvirt] [PATCH] LXC: create a bind mount for sysfs when enable userns but disable netns
by Chen Hanxiao 20 Mar '15

20 Mar '15

kernel commit 7dc5dbc879bd0779924b5132a48b731a0bc04a1e forbid us doing a fresh mount for sysfs when enable userns but disable netns. This patch will create a bind mount in this senario. Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com> --- src/lxc/lxc_container.c | 44 +++++++++++++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 4d89677..8a27215 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -815,10 +815,13 @@ static int lxcContainerSetReadOnly(void) } -static int lxcContainerMountBasicFS(bool userns_enabled) +static int lxcContainerMountBasicFS(bool userns_enabled, + bool netns_disabled) { size_t i; int rc = -1; + char* mnt_src = NULL; + int mnt_mflags; VIR_DEBUG("Mounting basic filesystems"); @@ -826,8 +829,25 @@ static int lxcContainerMountBasicFS(bool userns_enabled) bool bindOverReadonly; virLXCBasicMountInfo const *mnt = &lxcBasicMounts[i]; + /* When enable userns but disable netns, kernel will + * forbid us doing a new fresh mount for sysfs. + * So we had to do a bind mount for sysfs instead. + */ + if (userns_enabled && netns_disabled && + STREQ(mnt->src, "sysfs")) { + if (VIR_STRDUP(mnt_src, "/sys") < 0) { + goto cleanup; + } + mnt_mflags = MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_RDONLY|MS_BIND; + } else { + if (VIR_STRDUP(mnt_src, mnt->src) < 0) { + goto cleanup; + } + mnt_mflags = mnt->mflags; + } + VIR_DEBUG("Processing %s -> %s", - mnt->src, mnt->dst); + mnt_src, mnt->dst); if (mnt->skipUnmounted) { char *hostdir; @@ -856,7 +876,7 @@ static int lxcContainerMountBasicFS(bool userns_enabled) if (virFileMakePath(mnt->dst) < 0) { virReportSystemError(errno, _("Failed to mkdir %s"), - mnt->src); + mnt_src); goto cleanup; } @@ -867,24 +887,24 @@ static int lxcContainerMountBasicFS(bool userns_enabled) * we mount the filesystem in read-write mode initially, and then do a * separate read-only bind mount on top of that. */ - bindOverReadonly = !!(mnt->mflags & MS_RDONLY); + bindOverReadonly = !!(mnt_mflags & MS_RDONLY); VIR_DEBUG("Mount %s on %s type=%s flags=%x", - mnt->src, mnt->dst, mnt->type, mnt->mflags & ~MS_RDONLY); - if (mount(mnt->src, mnt->dst, mnt->type, mnt->mflags & ~MS_RDONLY, NULL) < 0) { + mnt_src, mnt->dst, mnt->type, mnt_mflags & ~MS_RDONLY); + if (mount(mnt_src, mnt->dst, mnt->type, mnt_mflags & ~MS_RDONLY, NULL) < 0) { virReportSystemError(errno, _("Failed to mount %s on %s type %s flags=%x"), - mnt->src, mnt->dst, NULLSTR(mnt->type), - mnt->mflags & ~MS_RDONLY); + mnt_src, mnt->dst, NULLSTR(mnt->type), + mnt_mflags & ~MS_RDONLY); goto cleanup; } if (bindOverReadonly && - mount(mnt->src, mnt->dst, NULL, + mount(mnt_src, mnt->dst, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY, NULL) < 0) { virReportSystemError(errno, _("Failed to re-mount %s on %s flags=%x"), - mnt->src, mnt->dst, + mnt_src, mnt->dst, MS_BIND|MS_REMOUNT|MS_RDONLY); goto cleanup; } @@ -893,6 +913,7 @@ static int lxcContainerMountBasicFS(bool userns_enabled) rc = 0; cleanup: + VIR_FREE(mnt_src); VIR_DEBUG("rc=%d", rc); return rc; } @@ -1643,7 +1664,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, goto cleanup; /* Mounts the core /proc, /sys, etc filesystems */ - if (lxcContainerMountBasicFS(vmDef->idmap.nuidmap) < 0) + if (lxcContainerMountBasicFS(vmDef->idmap.nuidmap, + !vmDef->nnets) < 0) goto cleanup; /* Ensure entire root filesystem (except /.oldroot) is readonly */ -- 1.9.0

7 13

[libvirt] [PATCH] Fix reporting of i/o errors by iohelper process
by Jason J. Herne 18 Feb '15

18 Feb '15

From: "Jason J. Herne" <jjherne(a)us.ibm.com> libvirt_iohelper is a helper process that is exec'ed and used to handle I/O during a Qemu managed save operation. Due to a missing call to virFileWrapperFdClose, all I/O error messages reported by iohelper are lost. This patch adds a call to virFileWrapperFdClose to the cleanup phase of qemuDomainSaveMemory. This patch also modifies virFileWrapperFdClose such that errors are only reported when the length of the err_msg buffer is > 0. Before now, the existence of the buffer would trigger error reporting in virFileWrapperFdClose. Signed-off-by: Jason J. Herne <jjherne(a)us.ibm.com> --- src/qemu/qemu_driver.c | 1 + src/util/virfile.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index ecccf6c..8d78805 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -3015,6 +3015,7 @@ qemuDomainSaveMemory(virQEMUDriverPtr driver, cleanup: VIR_FORCE_CLOSE(fd); + virFileWrapperFdClose(wrapperFd); virFileWrapperFdFree(wrapperFd); VIR_FREE(xml); diff --git a/src/util/virfile.c b/src/util/virfile.c index 463064c..813b4f5 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -322,7 +322,7 @@ virFileWrapperFdClose(virFileWrapperFdPtr wfd) return 0; ret = virCommandWait(wfd->cmd, NULL); - if (wfd->err_msg) + if (wfd->err_msg && strlen(wfd->err_msg)) VIR_WARN("iohelper reports: %s", wfd->err_msg); return ret; -- 1.8.3.2

4 8

[libvirt] [libvirt-test-API][PATCH V4 0/4] Add test case for virconnect V4
by Jincheng Miao 18 Dec '14

18 Dec '14

V3->V4: Remove getSysinfo() check for lxc connection. Fix minor problems. V2->V3: Refactor connection_nodeinfo. Change the way of getting version number. V1->V2: Seperate check functions in each test case. Improve log message. V1: Add test case for virconnect Add test case for nodeinfo of virconnect Add connection_version test case Add conf file of virconnect test jmiao (4): Add test case for virConnect Add connection_nodeinfo test case Add connection_version test case Add test_connection.conf cases/test_connection.conf | 31 +++++++ repos/virconn/__init__.py | 0 repos/virconn/connection_attributes.py | 92 +++++++++++++++++++++ repos/virconn/connection_nodeinfo.py | 146 +++++++++++++++++++++++++++++++++ repos/virconn/connection_version.py | 119 +++++++++++++++++++++++++++ 5 files changed, 388 insertions(+) create mode 100644 cases/test_connection.conf create mode 100644 repos/virconn/__init__.py create mode 100644 repos/virconn/connection_attributes.py create mode 100644 repos/virconn/connection_nodeinfo.py create mode 100644 repos/virconn/connection_version.py -- 1.8.3.1

2 5

[libvirt] ANNOUNCE: libguestfs 1.26 released
by Richard W.M. Jones 09 Dec '14

09 Dec '14

I'm pleased to announce libguestfs 1.26, a library and set of tools for accessing and modifying virtual machine disk images. This release took more than 6 months of work by a considerable number of people, and has many new features (see release notes below). You can get libguestfs 1.26 here: Main website: http://libguestfs.org/ Source: http://libguestfs.org/download/1.26-stable/ You will also need latest supermin from here: http://libguestfs.org/download/supermin/ Fedora 20/21: http://koji.fedoraproject.org/koji/packageinfo?packageID=8391 It will appear as an update for F20 in about a week. Debian/experimental coming soon, see: https://packages.debian.org/experimental/libguestfs0 The Fedora and Debian packages have split dependencies so you can download just the features you need. >From http://libguestfs.org/guestfs-release-notes.1.html : RELEASE NOTES FOR LIBGUESTFS 1.26 New features Tools virt-customize(1) is a new tool for customizing virtual machine disk images. It lets you install packages, edit configuration files, run scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1) use virt-customize, and command line options across all these tools are now identical. virt-diff(1) is a new tool for showing the differences between the filesystems of two virtual machines. It is mainly useful when showing what files have been changed between snapshots. virt-builder(1) has been greatly enhanced. There are many more ways to customize the virtual machine. It can pull templates from multiple repositories. A parallelized internal xzcat implementation speeds up template decompression. Virt-builder uses an optimizing planner to choose the fastest way to build the VM. It is now easier to use virt-builder from other programs. Internationalization support has been added to metadata. More efficient SELinux relabelling of files. Can build guests for multiple architectures. Error messages have been improved. (Pino Toscano) virt-sparsify(1) has a new --in-place option. This sparsifies an image in place (without copying it) and is also much faster. (Lots of help provided by Paolo Bonzini) virt-sysprep(1) can delete and scrub files under user control. You can lock user accounts or set random passwords on accounts. Can remove more log files. Can unsubscribe a guest from Red Hat Subscription Manager. New flexible way to enable and disable operations. (Wanlong Gao, Pino Toscano) virt-win-reg(1) allows you to use URIs to specify remote disk images. virt-format(1) can now pass the extra space that it recovers back to the host. guestfish(1) has additional environment variables to give fine control over the ><fs> prompt. Guestfish reads its (rarely used) configuration file in a different order now so that local settings override global settings. (Pino Toscano) virt-make-fs(1) was rewritten in C, but is unchanged in terms of functionality and command line usage. Language bindings The OCaml bindings have a new Guestfs.Errno module, used to check the error number returned by Guestfs.last_errno. PHP tests now work. (Pino Toscano) Inspection Inspection can recognize Debian live images. Architectures ARMv7 (32 bit) now supports KVM acceleration. Aarch64 (ARM 64 bit) is supported, but the appliance part does not work yet. PPC64 support has been fixed and enhanced. Security Denial of service when inspecting disk images with corrupt btrfs volumes It was possible to crash libguestfs (and programs that use libguestfs as a library) by presenting a disk image containing a corrupt btrfs volume. This was caused by a NULL pointer dereference causing a denial of service, and is not thought to be exploitable any further. See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are not vulnerable. Better generation of random root passwords and random seeds When generating random root passwords and random seeds, two bugs were fixed which are possibly security related. Firstly we no longer read excessive bytes from /dev/urandom (most of which were just thrown away). Secondly we changed the code to avoid modulo bias. These issues were not thought to be exploitable. (Both changes suggested by Edwin Török) API GUID parameters are now validated when they are passed to API calls, whereas previously you could have passed any string. (Pino Toscano) New APIs guestfs_add_drive_opts: new discard parameter The new discard parameter allows fine-grained control over discard/trim support for a particular disk. This allows the host file to become more sparse (or thin-provisioned) when you delete files or issue the guestfs_fstrim API call. guestfs_add_domain: new parameters: cachemode, discard These parameters are passed through when adding the domain's disks. guestfs_blkdiscard Discard all blocks on a guestfs device. Combined with the discard parameter above, this makes the host file sparse. guestfs_blkdiscardzeroes Test if discarded blocks read back as zeroes. guestfs_compare_* guestfs_copy_* For each struct returned through the API, libguestfs now generates guestfs_compare_* and guestfs_copy_* functions to allow you to compare and copy structs. guestfs_copy_attributes Copy attributes (like permissions, xattrs, ownership) from one file to another. (Pino Toscano) guestfs_disk_create A flexible API for creating empty disk images from scratch. This avoids the need to call out to external programs like qemu-img(1). guestfs_get_backend_settings guestfs_set_backend_settings Per-backend settings (can also be set via the environment variable LIBGUESTFS_BACKEND_SETTINGS). The main use for this is forcing TCG mode in the qemu-based backends, for example: export LIBGUESTFS_BACKEND=direct export LIBGUESTFS_BACKEND_SETTINGS=force_tcg guestfs_part_get_name Get the label or name of a partition (for GPT disk images). Build changes The following extra packages are required to build libguestfs 1.26: supermin ≥ 5 Supermin version 5 is required to build this version of libguestfs. flex, bison Virt-builder now uses a real parser to parse its metadata file, so these tools are required. xz This is now a required build dependency, where previously it was (in theory) optional. Internals PO message extraction rewritten to be more robust. (Pino Toscano) podwrapper gives an error if the --insert or --verbatim argument pattern is not found. Libguestfs now passes the qemu -enable-fips option to enable FIPS, if qemu supports it. ./configure --without-qemu can be used if you don't want to specify a default hypervisor. Copy-on-write [COW] overlays, used for example for read-only drives, are now created through an internal backend API (.create_cow_overlay). Libvirt backend uses some funky C macros to generate XML. These are simpler and safer. The ChangeLog file format has changed. It is now just the same as git log, instead of using a custom format. Appliance start-up has changed: * The libguestfs appliance now initializes LVM the same way as it is done on physical machines. * The libguestfs appliance does not write an empty string to /proc/sys/kernel/hotplug when starting up. Note that you must configure your kernel to have CONFIG_UEVENT_HELPER_PATH="" otherwise you will get strange LVM errors (this applies as much to any Linux machine, not just libguestfs). (Peter Rajnoha) Libguestfs can now be built on arches that have ocamlc(1) but not ocamlopt(1). (Hilko Bengen, Olaf Hering) You cannot use ./configure --disable-daemon --enable-appliance. It made no sense anyway. Now it is expressly forbidden by the configure script. The packagelist file uses m4 for macro expansion instead of cpp. Bugs fixed https://bugzilla.redhat.com/1073906 java bindings inspect_list_applications2 throws java.lang.ArrayIndexOutOfBoundsException: https://bugzilla.redhat.com/1063374 [RFE] enable subscription manager clean or unregister operation to sysprep https://bugzilla.redhat.com/1060404 virt-resize does not preserve GPT partition names https://bugzilla.redhat.com/1057504 mount-local should give a clearer error if root is not mounted https://bugzilla.redhat.com/1056290 virt-sparsify overwrites block devices if used as output files https://bugzilla.redhat.com/1055452 libguestfs: error: invalid backend: appliance https://bugzilla.redhat.com/1054761 guestfs_pvs prints "unknown device" if a physical volume is missing https://bugzilla.redhat.com/1053847 Recommended default clock/timer settings https://bugzilla.redhat.com/1046509 ruby-libguestfs throws "expecting 0 or 1 arguments" on Guestfs::Guestfs.new https://bugzilla.redhat.com/1045450 Cannot inspect cirros 0.3.1 disk image fully https://bugzilla.redhat.com/1045033 LIBVIRT_DEFAULT_URI=qemu:///system breaks libguestfs https://bugzilla.redhat.com/1044585 virt-builder network (eg. --install) doesn't work if resolv.conf sets nameserver 127.0.0.1 https://bugzilla.redhat.com/1044014 When SSSD is installed, libvirt configuration requires authentication, but not clear to user https://bugzilla.redhat.com/1039995 virt-make-fs fails making fat/vfat whole disk: Device partition expected, not making filesystem on entire device '/dev/sda' (use -I to override) https://bugzilla.redhat.com/1039540 virt-sysprep to delete more logfiles https://bugzilla.redhat.com/1033207 RFE: libguestfs inspection does not recognize Free4NAS live CD https://bugzilla.redhat.com/1028660 RFE: virt-sysprep/virt-builder should have an option to lock a user account https://bugzilla.redhat.com/1026688 libguestfs fails examining libvirt guest with ceph drives: rbd: image name must begin with a '/' https://bugzilla.redhat.com/1022431 virt-builder fails if $HOME/.cache doesn't exist https://bugzilla.redhat.com/1022184 libguestfs: do not use versioned jar file https://bugzilla.redhat.com/1020806 All libguestfs LVM operations fail on Debian/Ubuntu https://bugzilla.redhat.com/1008417 Need update helpout of part-set-gpt-type https://bugzilla.redhat.com/953907 virt-sysprep does not correctly set the hostname on Debian/Ubuntu https://bugzilla.redhat.com/923355 guestfish prints literal "\n" in error messages https://bugzilla.redhat.com/660687 guestmount: "touch" command fails: touch: setting times of `timestamp': Invalid argument https://bugzilla.redhat.com/593511 [RFE] function to get partition name https://bugzilla.redhat.com/563450 list-devices returns devices of different types out of order --- Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v

2 5

Re: [libvirt] [GIT PULL] namespace updates for v3.17-rc1
by Richard Weinberger 29 Nov '14

29 Nov '14

On Wed, Aug 6, 2014 at 2:57 AM, Eric W. Biederman <ebiederm(a)xmission.com> wrote: > > Linus, > > Please pull the for-linus branch from the git tree: > > git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace.git for-linus > > HEAD: 344470cac42e887e68cfb5bdfa6171baf27f1eb5 proc: Point /proc/mounts at /proc/thread-self/mounts instead of /proc/self/mounts > > This is a bunch of small changes built against 3.16-rc6. The most > significant change for users is the first patch which makes setns > drmatically faster by removing unneded rcu handling. > > The next chunk of changes are so that "mount -o remount,.." will not > allow the user namespace root to drop flags on a mount set by the system > wide root. Aks this forces read-only mounts to stay read-only, no-dev > mounts to stay no-dev, no-suid mounts to stay no-suid, no-exec mounts to > stay no exec and it prevents unprivileged users from messing with a > mounts atime settings. I have included my test case as the last patch > in this series so people performing backports can verify this change > works correctly. > > The next change fixes a bug in NFS that was discovered while auditing > nsproxy users for the first optimization. Today you can oops the kernel > by reading /proc/fs/nfsfs/{servers,volumes} if you are clever with pid > namespaces. I rebased and fixed the build of the !CONFIG_NFS_FS case > yesterday when a build bot caught my typo. Given that no one to my > knowledge bases anything on my tree fixing the typo in place seems more > responsible that requiring a typo-fix to be backported as well. > > The last change is a small semantic cleanup introducing > /proc/thread-self and pointing /proc/mounts and /proc/net at it. This > prevents several kinds of problemantic corner cases. It is a > user-visible change so it has a minute chance of causing regressions so > the change to /proc/mounts and /proc/net are individual one line commits > that can be trivially reverted. Unfortunately I lost and could not find > the email of the original reporter so he is not credited. From at least > one perspective this change to /proc/net is a refgression fix to allow > pthread /proc/net uses that were broken by the introduction of the network > namespace. > > Eric > > Eric W. Biederman (11): > namespaces: Use task_lock and not rcu to protect nsproxy > mnt: Only change user settable mount flags in remount > mnt: Move the test for MNT_LOCK_READONLY from change_mount_flags into do_remount > mnt: Correct permission checks in do_remount This commit breaks libvirt-lxc. libvirt does in lxcContainerMountBasicFS(): /* * We can't immediately set the MS_RDONLY flag when mounting filesystems * because (in at least some kernel versions) this will propagate back * to the original mount in the host OS, turning it readonly too. Thus * we mount the filesystem in read-write mode initially, and then do a * separate read-only bind mount on top of that. */ bindOverReadonly = !!(mnt_mflags & MS_RDONLY); VIR_DEBUG("Mount %s on %s type=%s flags=%x", mnt_src, mnt->dst, mnt->type, mnt_mflags & ~MS_RDONLY); if (mount(mnt_src, mnt->dst, mnt->type, mnt_mflags & ~MS_RDONLY, NULL) < 0) { ^^^^ Here it fails for sysfs because with user namespaces we bind the existing /sys into the container and would have to read out all existing mount flags from the current /sys mount. Otherwise mount() fails with EPERM. On my test system /sys is mounted with "rw,nosuid,nodev,noexec,relatime" and libvirt misses the realtime... virReportSystemError(errno, _("Failed to mount %s on %s type %s flags=%x"), mnt_src, mnt->dst, NULLSTR(mnt->type), mnt_mflags & ~MS_RDONLY); goto cleanup; } if (bindOverReadonly && mount(mnt_src, mnt->dst, NULL, MS_BIND|MS_REMOUNT|MS_RDONLY, NULL) < 0) { ^^^ Here it fails because now we'd have to specify all flags as used for the first mount. For the procfs case MS_NOSUID|MS_NOEXEC|MS_NODEV. See lxcBasicMounts[]. In this case the fix is easy, add mnt_mflags to the mount flags. virReportSystemError(errno, _("Failed to re-mount %s on %s flags=%x"), mnt_src, mnt->dst, MS_BIND|MS_REMOUNT|MS_RDONLY); goto cleanup; } -- Thanks, //richard

5 12