Re: [libvirt PATCH v2] qemu: Enable unprivileged userfaultfd for post-copy migration

On Tue, Dec 07, 2021 at 10:19:42 +0100, Jiri Denemark wrote:

Userfaultfd is by default allowed only for privileged processes. Since libvirt runs QEMU unprivileged, we need to enable unprivileged access to userfaultfd before starting post-copy migration.

Rather than providing a static sysctl configuration file, we set the sysctl knob in runtime once post-copy migration is requested. This way unprivileged_userfaultfd is only enabled once actually used.

https://bugzilla.redhat.com/show_bug.cgi?id=1945420

Signed-off-by: Jiri Denemark <jdenemar@redhat.com> ---

Notes: Version 2: - setting unprivileged_userfaultfd only when it is not already enabled - virReportSystemError replaced with VIR_WARN

src/qemu/qemu_migration_params.c | 42 ++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)

diff --git a/src/qemu/qemu_migration_params.c b/src/qemu/qemu_migration_params.c index dbc3219826..9ba4811242 100644 --- a/src/qemu/qemu_migration_params.c +++ b/src/qemu/qemu_migration_params.c

[...]

@@ -839,6 +874,13 @@ qemuMigrationParamsApply(virQEMUDriver *driver, goto cleanup; } } else { + /* userfaultfd may only be enabled for privileged processes by default, + * we need to make sure QEMU can use it before enabling post-copy + * migration */ + if (virBitmapIsBitSet(priv->migrationCaps, QEMU_MIGRATION_CAP_POSTCOPY) && + virBitmapIsBitSet(migParams->caps, QEMU_MIGRATION_CAP_POSTCOPY)) + qemuMigrationParamsEnableUserfaultfd();

I forgot to be grumpy about doing sysfs writes in a function which is sending stuff to qemu. It feels really misplaced. Since I don't have a better idea and don't feel like digging deeper: Reviewed-by: Peter Krempa <pkrempa@redhat.com>