[libvirt PATCH] util: tell users that memory locking ulimit is too low for BPF

Tuesday, 16 March 2021

If running libvirtd via systemd, it gets a 64 MB memlock limit, but if
running from the shell it will only get 64 KB on a Fedora 33 system.
The latter low limit causes any attempt to use BPF to fail and it is
not obvious why.

This improves the error message thus:

  # virsh -c lxc:/// start sh
error: Failed to start domain 'sh'
error: internal error: guest failed to start: Failure in libvirt_lxc startup: failed to
initialize device BPF map; locked memory limit for libvirtd probably needs to be raised:
Operation not permitted

Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt;
---
 src/util/vircgroupv2devices.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
index 71591be4c4..4bcc1d52fe 100644
--- a/src/util/vircgroupv2devices.c
+++ b/src/util/vircgroupv2devices.c
@@ -443,9 +443,17 @@ virCgroupV2DevicesCreateMap(size_t size)
                                 sizeof(uint32_t), size);
 
     if (mapfd < 0) {
-        virReportSystemError(errno, "%s",
-                             _("failed to initialize device BPF map"));
-        return -1;
+        if (errno == EPERM) {
+            virReportSystemError(errno, "%s",
+                                 _("failed to initialize device BPF map; "
+                                   "locked memory limit for libvirtd probably
"
+                                   "needs to be raised"));
+            return -1;
+        } else {
+            virReportSystemError(errno, "%s",
+                                 _("failed to initialize device BPF map"));
+            return -1;
+        }
     }
 
     return mapfd;
-- 
2.30.2


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt PATCH] util: tell users that memory locking ulimit is too low for BPF