[libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups
by Richard Weinberger
The LXC driver uses virSetUIDGID() to become UID/GID 0.
It passes an empty groups list to virSetUIDGID()
to get rid of all supplementary groups from the host side.
But virSetUIDGID() calls setgroups() only if the supplied list
is larger than 0.
This leads to a container root with unrelated supplementary groups.
In most cases this issue is unoticed as libvirtd runs as UID/GID 0
without any supplementary groups.
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
I've marked that patch as RFC as I'm not sure if all users of virSetUIDGID()
expect this behavior too.
Thanks,
//richard
---
src/util/virutil.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virutil.c b/src/util/virutil.c
index cddc78a..ea697a3 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1103,7 +1103,7 @@ virSetUIDGID(uid_t uid, gid_t gid, gid_t *groups ATTRIBUTE_UNUSED,
}
# if HAVE_SETGROUPS
- if (ngroups && setgroups(ngroups, groups) < 0) {
+ if (setgroups(ngroups, groups) < 0) {
virReportSystemError(errno, "%s",
_("cannot set supplemental groups"));
return -1;
--
2.4.2
9 years, 1 month
[libvirt] [PATCH] lxc: Bind mount container TTYs
by Richard Weinberger
Instead of creating symlinks, bind mount the devices to
/dev/pts/XY.
Using bind mounts it is no longer needed to add pts devices
to files like /dev/securetty.
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
src/lxc/lxc_container.c | 38 +++++++++++++++++++++-----------------
1 file changed, 21 insertions(+), 17 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 7d531e2..ea76370 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1141,6 +1141,20 @@ static int lxcContainerMountFSDevPTS(virDomainDefPtr def,
return ret;
}
+static int lxcContainerBindMountDevice(const char *src, const char *dst)
+{
+ if (virFileTouch(dst, 0666) < 0)
+ return -1;
+
+ if (mount(src, dst, "none", MS_BIND, NULL) < 0) {
+ virReportSystemError(errno, _("Failed to bind %s on to %s"), src,
+ dst);
+ return -1;
+ }
+
+ return 0;
+}
+
static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths)
{
size_t i;
@@ -1164,34 +1178,24 @@ static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths)
}
/* We have private devpts capability, so bind that */
- if (virFileTouch("/dev/ptmx", 0666) < 0)
+ if (lxcContainerBindMountDevice("/dev/pts/ptmx", "/dev/ptmx") < 0)
return -1;
- if (mount("/dev/pts/ptmx", "/dev/ptmx", "ptmx", MS_BIND, NULL) < 0) {
- virReportSystemError(errno, "%s",
- _("Failed to bind /dev/pts/ptmx on to /dev/ptmx"));
- return -1;
- }
-
for (i = 0; i < nttyPaths; i++) {
char *tty;
if (virAsprintf(&tty, "/dev/tty%zu", i+1) < 0)
return -1;
- if (symlink(ttyPaths[i], tty) < 0) {
- virReportSystemError(errno,
- _("Failed to symlink %s to %s"),
- ttyPaths[i], tty);
- VIR_FREE(tty);
+
+ if (lxcContainerBindMountDevice(ttyPaths[i], tty) < 0) {
return -1;
+ VIR_FREE(tty);
}
+
VIR_FREE(tty);
+
if (i == 0 &&
- symlink(ttyPaths[i], "/dev/console") < 0) {
- virReportSystemError(errno,
- _("Failed to symlink %s to /dev/console"),
- ttyPaths[i]);
+ lxcContainerBindMountDevice(ttyPaths[i], "/dev/console") < 0)
return -1;
- }
}
return 0;
}
--
2.4.2
9 years, 1 month
[libvirt] [PATCH] lxc: Don't make container's TTY a controlling TTY
by Richard Weinberger
Userspace does not expect that the initial console
is a controlling TTY. systemd can deal with that, others not.
On sysv init distros getty will fail to spawn a controlling on
/dev/console or /dev/tty1. Which will cause to whole container
to reboot upon ctrl-c.
This patch changes the behavior of libvirt to match the kernel
behavior where the initial TTY is also not controlling.
The only user visible change should be that a container with
bash as PID 1 would complain. But this matches exactly the kernel
be behavior with intit=/bin/bash.
To get a controlling TTY for bash just run "setsid /bin/bash".
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
src/lxc/lxc_container.c | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 11e9514..7d531e2 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -278,18 +278,6 @@ static int lxcContainerSetupFDs(int *ttyfd,
"as the FDs are about to be closed for exec of "
"the container init process");
- if (setsid() < 0) {
- virReportSystemError(errno, "%s",
- _("setsid failed"));
- goto cleanup;
- }
-
- if (ioctl(*ttyfd, TIOCSCTTY, NULL) < 0) {
- virReportSystemError(errno, "%s",
- _("ioctl(TIOCSCTTY) failed"));
- goto cleanup;
- }
-
if (dup2(*ttyfd, STDIN_FILENO) < 0) {
virReportSystemError(errno, "%s",
_("dup2(stdin) failed"));
@@ -2210,7 +2198,7 @@ static int lxcContainerChild(void *data)
VIR_DEBUG("Container TTY path: %s", ttyPath);
- ttyfd = open(ttyPath, O_RDWR|O_NOCTTY);
+ ttyfd = open(ttyPath, O_RDWR);
if (ttyfd < 0) {
virReportSystemError(errno,
_("Failed to open tty %s"),
--
2.4.2
9 years, 1 month
[libvirt] Assert with libvirt + xen hvm
by CloudPatch Staff
We're hitting an assert whenever we try to create an HVM instance under Xen
via libvirtd.
System is running on Gentoo, package information as follows:
app-emulation/xen-4.5.0 USE="api debug flask hvm pam pygrub python qemu
screen"
app-emulation/xen-tools-4.5.0 USE="api debug flask hvm pam pygrub python
qemu screen"
app-emulation/libvirt-1.2.11-r2:0/1.2.11 USE="caps libvirtd lvm macvtap nls
qemu udev vepa virtualbox xen"
The following commands are run in parallel:
vmmachine ~ # libvirtd --listen
2015-01-22 16:33:13.596+0000: 2620: info : libvirt version: 1.2.11
2015-01-22 16:33:13.596+0000: 2620: error : udevGetDMIData:1607 : Failed to
get udev device for syspath '/sys/devices/virtual/dmi/id' or
'/sys/class/dmi/id'
libvirtd: libxl_fork.c:350: sigchld_installhandler_core: Assertion
`((void)"application must negotiate with libxl about SIGCHLD",
!(sigchld_saved_action.sa_flags & 4) &&
(sigchld_saved_action.__sigaction_handler.sa_handler == ((__sighandler_t)
0) || sigchld_saved_action.__sigaction_handler.sa_handler ==
((__sighandler_t) 1)))' failed.
Aborted
vmmachine ~ # VIRSH_DEBUG=0 virsh create xml
create: file(optdata): xml
libvirt: XML-RPC error : End of file while reading data: Input/output error
error: Failed to create domain from xml
error: End of file while reading data: Input/output error
libvirt: Domain Config error : Requested operation is not valid: A
different callback was requested
9 years, 1 month
[libvirt] [PATCH] virsh: fix no error when pass a count <= 0 to setvcpus
by Luyao Huang
https://bugzilla.redhat.com/show_bug.cgi?id=1248277
When count <= 0, the client exit without set an error.
Signed-off-by: Luyao Huang <lhuang(a)redhat.com>
---
tools/virsh-domain.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index f7edeeb..b6da684 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -6744,8 +6744,12 @@ cmdSetvcpus(vshControl *ctl, const vshCmd *cmd)
if (!(dom = vshCommandOptDomain(ctl, cmd, NULL)))
return false;
- if (vshCommandOptInt(ctl, cmd, "count", &count) < 0 || count <= 0)
+ if (vshCommandOptInt(ctl, cmd, "count", &count) < 0)
goto cleanup;
+ if (count <= 0) {
+ vshError(ctl, _("Invalid value '%d' for number of virtual CPUs"), count);
+ goto cleanup;
+ }
/* none of the options were specified */
if (!current && flags == 0) {
--
1.8.3.1
9 years, 2 months
[libvirt] cpu affinity, isolcpus and cgroups
by Henning Schild
Hi,
i am currently looking into realtime VMs using libvirt. My first
starting point was reserving a couple of cores using isolcpus and later
tuning the affinity to place my vcpus on the reserved pcpus.
My first observation was that libvirt ignores isolcpus. Affinity masks
of new qemus will default to all cpus and will not be inherited from
libvirtd. A comment in the code suggests that this is done on purpose.
After that i changed the code to use only the available cpus by
default. But taskset was still showing all 'f's on my qemus. Then i
traced my change down to sched_setaffinity assuming that some other
mechanism might have reverted my hack, but it is still in place.
Libvirt is setting up cgroups and now my suspicion is that cgroups and
taskset might not work well together.
> /sys/fs/cgroup/cpu/machine.slice/machine-qemu\x2dvm1.scope/vcpu0#
> cpuacct.usage_percpu
> 247340587 50851635 89631114 23383025 412639264 1241965 55442753 19923
> 14093629 15863859 27403280 1292195745 82031088 53690508 135826421
> 124915000 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Looks like the last 16 cores are not used.
But if i use taskset to ask for the affinity mask i get all 32 cpus.
> taskset -p `cat tasks`
> pid 12905's current affinity mask: ffffffff
I know that is not strictly libvirt but also a kernel question, still
you guys are probably able to point me to what i am missing here.
> Linux 3.18.11+ #4 SMP PREEMPT RT
regards,
Henning
9 years, 2 months
[libvirt] [PATCH 0/2] tests: Add nodeinfo test data utility scripts
by Andrea Bolognani
Both scripts can be useful when adding new test cases to the
nodeinfo test.
Andrea Bolognani (2):
tests: Add script to display nodeinfo test data
tests: Add script to copy nodeinfo test data from host
tests/nodeinfodata/copy-from-host.sh | 170 +++++++++++++++++++++++++++++++++++
tests/nodeinfodata/display.sh | 101 +++++++++++++++++++++
2 files changed, 271 insertions(+)
create mode 100755 tests/nodeinfodata/copy-from-host.sh
create mode 100755 tests/nodeinfodata/display.sh
--
2.4.3
9 years, 2 months
[libvirt] [PATCH 1/3] cpu_map.xml: add cmt feature to x86
by Qiaowei Ren
Some Intel processor families (e.g. the Intel Xeon processor E5 v3
family) introduced CMT (Cache Monitoring Technology) to measure the
usage of cache by applications running on the platform. This patch
add it into x86 part of cpu_map.xml.
Signed-off-by: Qiaowei Ren <qiaowei.ren(a)intel.com>
---
.gnulib | 2 +-
src/cpu/cpu_map.xml | 3 +++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/.gnulib b/.gnulib
index f39477d..106a386 160000
--- a/.gnulib
+++ b/.gnulib
@@ -1 +1 @@
-Subproject commit f39477dba778e99392948dd3dd19ec0d46aee932
+Subproject commit 106a3866d01f9dd57ab4f10dbeb0d5a8db73a9f7
diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
index b9e95cf..14ccbd8 100644
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -317,6 +317,9 @@
<feature name='rtm'>
<cpuid function='0x00000007' ebx='0x00000800'/>
</feature>
+ <feature name='cmt'>
+ <cpuid function='0x00000007' ebx='0x00001000'/>
+ </feature>
<feature name='rdseed'>
<cpuid function='0x00000007' ebx='0x00040000'/>
</feature>
--
1.9.1
9 years, 2 months
[libvirt] [PATCH] maint: Remove control characters from LGPL license file
by Andrea Bolognani
---
COPYING.LESSER | 18 +++++++++---------
1 file changed, 9 insertions(+), 9 deletions(-)
diff --git a/COPYING.LESSER b/COPYING.LESSER
index 4362b49..e5ab03e 100644
--- a/COPYING.LESSER
+++ b/COPYING.LESSER
@@ -55,7 +55,7 @@ modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
-
+
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
@@ -111,7 +111,7 @@ modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
-
+
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
@@ -158,7 +158,7 @@ Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
-
+
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
@@ -216,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
-
+
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
@@ -267,7 +267,7 @@ Library will still fall under Section 6.)
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
-
+
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
@@ -329,7 +329,7 @@ restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
-
+
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
@@ -370,7 +370,7 @@ subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
-
+
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
@@ -422,7 +422,7 @@ conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
-
+
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
@@ -456,7 +456,7 @@ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
-
+
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
--
2.4.2
9 years, 3 months
[libvirt] [PATCH] conf/qemu: enforce NUMA nodes only for x86 memory hotplug
by Nikunj A Dadhania
libvirt enforces at least one NUMA node for memory hotplug support on
all architectures. While it might be required for some x86 guest,
PowerPC can hotplug memory on non-NUMA system.
The generic checks are replaced with arch specific check and xml
validation too does not enforce "node" for non-x86 arch.
CC: Peter Krempa <pkrempa(a)redhat.com>
Signed-off-by: Nikunj A Dadhania <nikunj(a)linux.vnet.ibm.com>
---
src/conf/domain_conf.c | 9 ++++++---
src/qemu/qemu_command.c | 28 +++++++++++++++++-----------
2 files changed, 23 insertions(+), 14 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index fd0450f..4cb2d4a 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -12430,6 +12430,7 @@ virDomainMemorySourceDefParseXML(xmlNodePtr node,
static int
virDomainMemoryTargetDefParseXML(xmlNodePtr node,
+ const virDomainDef *domDef,
xmlXPathContextPtr ctxt,
virDomainMemoryDefPtr def)
{
@@ -12437,7 +12438,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
xmlNodePtr save = ctxt->node;
ctxt->node = node;
- if (virXPathUInt("string(./node)", ctxt, &def->targetNode) < 0) {
+ if (virXPathUInt("string(./node)", ctxt, &def->targetNode) < 0 && ARCH_IS_X86(domDef->os.arch)) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("invalid or missing value of memory device node"));
goto cleanup;
@@ -12457,6 +12458,7 @@ virDomainMemoryTargetDefParseXML(xmlNodePtr node,
static virDomainMemoryDefPtr
virDomainMemoryDefParseXML(xmlNodePtr memdevNode,
+ const virDomainDef *domDef,
xmlXPathContextPtr ctxt,
unsigned int flags)
{
@@ -12495,7 +12497,7 @@ virDomainMemoryDefParseXML(xmlNodePtr memdevNode,
goto error;
}
- if (virDomainMemoryTargetDefParseXML(node, ctxt, def) < 0)
+ if (virDomainMemoryTargetDefParseXML(node, domDef, ctxt, def) < 0)
goto error;
if (virDomainDeviceInfoParseXML(memdevNode, NULL, &def->info, flags) < 0)
@@ -12647,7 +12649,7 @@ virDomainDeviceDefParse(const char *xmlStr,
goto error;
break;
case VIR_DOMAIN_DEVICE_MEMORY:
- if (!(dev->data.memory = virDomainMemoryDefParseXML(node, ctxt, flags)))
+ if (!(dev->data.memory = virDomainMemoryDefParseXML(node, def, ctxt, flags)))
goto error;
break;
case VIR_DOMAIN_DEVICE_NONE:
@@ -16328,6 +16330,7 @@ virDomainDefParseXML(xmlDocPtr xml,
for (i = 0; i < n; i++) {
virDomainMemoryDefPtr mem = virDomainMemoryDefParseXML(nodes[i],
+ def,
ctxt,
flags);
if (!mem)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index ae03618..51160e7 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4979,8 +4979,12 @@ qemuBuildMemoryBackendStr(unsigned long long size,
*backendProps = NULL;
*backendType = NULL;
- /* memory devices could provide a invalid guest node */
- if (guestNode >= virDomainNumaGetNodeCount(def->numa)) {
+ /* memory devices could provide a invalid guest node. Moreover,
+ * x86 guests needs at least one numa node to support memory
+ * hotplug
+ */
+ if ((virDomainNumaGetNodeCount(def->numa) == 0 && ARCH_IS_X86(def->os.arch)) ||
+ guestNode > virDomainNumaGetNodeCount(def->numa)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("can't add memory backend for guest node '%d' as "
"the guest has only '%zu' NUMA nodes configured"),
@@ -4991,10 +4995,12 @@ qemuBuildMemoryBackendStr(unsigned long long size,
if (!(props = virJSONValueNewObject()))
return -1;
- memAccess = virDomainNumaGetNodeMemoryAccessMode(def->numa, guestNode);
- if (virDomainNumatuneGetMode(def->numa, guestNode, &mode) < 0 &&
- virDomainNumatuneGetMode(def->numa, -1, &mode) < 0)
- mode = VIR_DOMAIN_NUMATUNE_MEM_STRICT;
+ if (virDomainNumaGetNodeCount(def->numa)) {
+ memAccess = virDomainNumaGetNodeMemoryAccessMode(def->numa, guestNode);
+ if (virDomainNumatuneGetMode(def->numa, guestNode, &mode) < 0 &&
+ virDomainNumatuneGetMode(def->numa, -1, &mode) < 0)
+ mode = VIR_DOMAIN_NUMATUNE_MEM_STRICT;
+ }
if (pagesize == 0) {
/* Find the huge page size we want to use */
@@ -9238,11 +9244,11 @@ qemuBuildCommandLine(virConnectPtr conn,
goto error;
}
- /* due to guest support, qemu would silently enable NUMA with one node
- * once the memory hotplug backend is enabled. To avoid possible
- * confusion we will enforce user originated numa configuration along
- * with memory hotplug. */
- if (virDomainNumaGetNodeCount(def->numa) == 0) {
+ /* x86 windows guest needs at least one numa node to be
+ * present. While its not possible to detect what guest os is
+ * running, enforce this limitation only to x86 architecture.
+ */
+ if (ARCH_IS_X86(def->os.arch) && virDomainNumaGetNodeCount(def->numa) == 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("At least one numa node has to be configured when "
"enabling memory hotplug"));
--
2.4.3
9 years, 3 months