From nobody Sat May 18 12:29:59 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1692711312; cv=none; d=zohomail.com; s=zohoarc; b=YBYcCEbyBK4Hj7ee2m4M1UJvunFR31cyw9oHN6FVsZQTdtDJ38Yy/JKqBGcBwv8MQf2qJ/UywJtjAoF6fpoX5JLuE7YmdBcjhUcKMAn01CGzQKAF/GJ2jzzrQ3j6Xhrtr3/JaJlIbf19JLE+OPW1145jCTAnzxOXc+KsiIiBgEs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692711312; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZZf67xDzFxXCHcKvPRIbkTRqKMv+4U8bYBXX5esrr+Q=; b=SVPFjmxVgyPqwaAzvbvysRk6jphntzLpJEOf/wGFfJyTVH/vgcRG2E9NRJOalpSbiu3wkrrXtTIjfR6JrcT6vIACc1qq1v0arAm3hWxF1BFJ+VAS81YPIuw8hD+CHL395aTxwdc4K2GEywjwhZV694p3fjcXYxmHOESfDs+biaY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1692711312397184.83997649962885; Tue, 22 Aug 2023 06:35:12 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-557-rukU1nHcPK-_3ZlTlCFGGg-1; Tue, 22 Aug 2023 09:35:08 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 053B0823DE3; Tue, 22 Aug 2023 13:34:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5A181140E922; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 369031946587; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 880E51946586 for ; Tue, 22 Aug 2023 13:34:44 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 7393A2026D33; Tue, 22 Aug 2023 13:34:44 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1B8852026D38 for ; Tue, 22 Aug 2023 13:34:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1692711311; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ZZf67xDzFxXCHcKvPRIbkTRqKMv+4U8bYBXX5esrr+Q=; b=KRm+I3pxs1D5/btFO+Fp4cg19AUTAxSyBDPxlWC6d26TXdhbZrevcl1o5xqABhYaCWMyqx 2mQ1oh39UEaUNaOUcsl1/T+DE3ho6ofXryaVfMgPwjSgmgPx6kP5E2iDRak+Ty67EqaavP UohtsQXFSaGoZQugDJO+90i/qN1DdMY= X-MC-Unique: rukU1nHcPK-_3ZlTlCFGGg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/5] virfile: Introduce virCloseRange() Date: Tue, 22 Aug 2023 15:34:37 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1692711313443100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Linux gained new close_range() syscall (in v5.9) that allows closing a range of FDs in a single syscall. Ideally, we would use it to close FDs when spawning a process (e.g. via virCommand module). Glibc has close_range() wrapper over the syscall, which falls back to iterative closing of all FDs inside the range if running under older kernel. We don't wan that as in that case we might just close opened FDs (see Linux version of virCommandMassClose()). And musl doesn't have close_range() at all. Therefore, call syscall directly. Now, mass close of FDs happen in a fork()-ed off child. While it could detect whether the kernel does support close_range(), it has no way of passing this info back to the parent and thus each child would need to query it again and again. Since this can't change while we are running we can cache the information - hence virCloseRangeInit(). Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Reviewed-by: Kristina Hanicova --- src/libvirt_private.syms | 3 ++ src/util/virfile.c | 89 ++++++++++++++++++++++++++++++++++++++++ src/util/virfile.h | 4 ++ 3 files changed, 96 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index da60c965dd..3782f7f3c7 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2269,6 +2269,9 @@ saferead; safewrite; safezero; virBuildPathInternal; +virCloseRange; +virCloseRangeInit; +virCloseRangeIsSupported; virDirClose; virDirCreate; virDirIsEmpty; diff --git a/src/util/virfile.c b/src/util/virfile.c index fe456596ae..7696910e00 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -87,6 +87,7 @@ #include "virlog.h" #include "virprocess.h" #include "virstring.h" +#include "virthread.h" #include "virutil.h" #include "virsocket.h" =20 @@ -109,6 +110,9 @@ VIR_LOG_INIT("util.file"); # define O_DIRECT 0 #endif =20 +static virOnceControl virCloseRangeOnce =3D VIR_ONCE_CONTROL_INITIALIZER; +static bool virCloseRangeSupported; + int virFileClose(int *fdptr, virFileCloseFlags flags) { int saved_errno =3D 0; @@ -176,6 +180,91 @@ FILE *virFileFdopen(int *fdptr, const char *mode) } =20 =20 +static int +virCloseRangeImpl(unsigned int first G_GNUC_UNUSED, + unsigned int last G_GNUC_UNUSED) +{ +#if defined(WITH_SYS_SYSCALL_H) && defined(__NR_close_range) + return syscall(__NR_close_range, first, last, 0); +#endif + + errno =3D ENOSYS; + return -1; +} + + +static void +virCloseRangeOnceInit(void) +{ + int fd[2] =3D { -1, -1}; + + if (virPipeQuiet(fd) < 0) + return; + + VIR_FORCE_CLOSE(fd[1]); + if (virCloseRangeImpl(fd[0], fd[0]) < 0) { + VIR_FORCE_CLOSE(fd[0]); + return; + } + + virCloseRangeSupported =3D true; +} + + +/** + * virCloseRange: + * + * Closes all open file descriptors from @first to @last (included). + * + * Returns: 0 on success, + * -1 on failure (with errno set). + */ +int +virCloseRange(unsigned int first, + unsigned int last) +{ + if (virCloseRangeInit() < 0) + return -1; + + if (!virCloseRangeSupported) { + errno =3D ENOSYS; + return -1; + } + + return virCloseRangeImpl(first, last); +} + + +/** + * virCloseRangeInit: + * + * Detects whether close_range() is available and cache the result. + */ +int +virCloseRangeInit(void) +{ + if (virOnce(&virCloseRangeOnce, virCloseRangeOnceInit) < 0) + return -1; + + return 0; +} + + +/** + * virCloseRangeIsSupported: + * + * Returns whether close_range() is supported or not. + */ +bool +virCloseRangeIsSupported(void) +{ + if (virCloseRangeInit() < 0) + return false; + + return virCloseRangeSupported; +} + + /** * virFileDirectFdFlag: * diff --git a/src/util/virfile.h b/src/util/virfile.h index 60bb1d64e7..be0b02fdf0 100644 --- a/src/util/virfile.h +++ b/src/util/virfile.h @@ -61,6 +61,10 @@ static inline void virForceCloseHelper(int *fd) ignore_value(virFileClose(fd, VIR_FILE_CLOSE_PRESERVE_ERRNO)); } =20 +int virCloseRange(unsigned int from, unsigned int to); +int virCloseRangeInit(void); +bool virCloseRangeIsSupported(void); + /* For use on normal paths; caller must check return value, and failure sets errno per close. */ #define VIR_CLOSE(FD) virFileClose(&(FD), 0) --=20 2.41.0 From nobody Sat May 18 12:29:59 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1692711321; cv=none; d=zohomail.com; s=zohoarc; b=JBqZHe5aHuHGDobKRViKxTCabxjxLIzm0aSY5PGcQ0SIqQeSs1SqjEzxFw0rAe36UqsibNA97Bg7ecBW3d0LcYq9hZ5p7cOtvQL4gWSwNfB9dD9y6gHNuka0MRroqcAxRvfVxkRZZWkoX4BwhfoOIqXxIfbejlq1LghnHrVWUX4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692711321; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Wbva7UTENEkervmI5plIUJak4O4cAS1bje3sJt5o904=; b=nBR1fhpB19vGonD+AP01Apc18EFiNvwLNpo2594dO63j2xIUD2TbmaTEtxfMLfEMYLHREjBq/qGeO7fbcjX060+eCr8rJq5RjXHs62CipOpwizZ8nJxxF9KW5JpofhI4sIYzdMsMqZjxO9kPiaJ99UHu/jhG/19uBj4Wsc9U/o8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1692711321658108.38041138053495; Tue, 22 Aug 2023 06:35:21 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-646-Mg4SHNdRPEOIw6fWIW8GwA-1; Tue, 22 Aug 2023 09:35:09 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 203A7855716; Tue, 22 Aug 2023 13:34:55 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0C71464687; Tue, 22 Aug 2023 13:34:55 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 44ADD1946A45; Tue, 22 Aug 2023 13:34:52 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2DA641946586 for ; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 0E19D2026FFF; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id AA0862026D2C for ; Tue, 22 Aug 2023 13:34:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1692711320; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Wbva7UTENEkervmI5plIUJak4O4cAS1bje3sJt5o904=; b=KT4Su9QalTyy5+N/gHY8tU5qVeXXr2jEKKMMm8ppzp14DXyhPuyJvbt0it0ZTshrmIdl7M ZT0xBJuUmbHNSoEYUzw7pY5cttFPHj7G113w3P4lkDOS9BWGHibgjZ1t3zqbOVqpMg6XEX IW0B4W6IOSIBtdtv0apdcTVzrOOOR30= X-MC-Unique: Mg4SHNdRPEOIw6fWIW8GwA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/5] virfile: Introduce virCloseFrom() Date: Tue, 22 Aug 2023 15:34:38 +0200 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1692711322695100005 Content-Type: text/plain; charset="utf-8"; x-default="true" It is handy to close all FDs from given FD to infinity. On FreeBSD the libc even has a function for that: closefrom(). It was ported to glibc too, but not musl. At least glibc implementation falls back to calling: close_range(from, ~0U, 0); Now that we have a wrapper for close_range() we implement closefrom() trivially. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Reviewed-by: Kristina Hanicova --- src/libvirt_private.syms | 1 + src/util/virfile.c | 21 +++++++++++++++++++++ src/util/virfile.h | 1 + 3 files changed, 23 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 3782f7f3c7..9477a07834 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2269,6 +2269,7 @@ saferead; safewrite; safezero; virBuildPathInternal; +virCloseFrom; virCloseRange; virCloseRangeInit; virCloseRangeIsSupported; diff --git a/src/util/virfile.c b/src/util/virfile.c index 7696910e00..c74bdd1264 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -265,6 +265,27 @@ virCloseRangeIsSupported(void) } =20 =20 +/** + * virCloseFrom: + * + * Closes all open file descriptors greater than or equal to @fromfd. + * + * Returns: 0 on success, + * -1 on error (with errno set). + */ +int +virCloseFrom(int fromfd) +{ +#ifdef __FreeBSD__ + /* FreeBSD has closefrom() since FreeBSD-8.0, i.e. since 2009. */ + closefrom(fromfd); + return 0; +#else /* !__FreeBSD__ */ + return virCloseRange(fromfd, ~0U); +#endif /* !__FreeBSD__ */ +} + + /** * virFileDirectFdFlag: * diff --git a/src/util/virfile.h b/src/util/virfile.h index be0b02fdf0..adc032ba33 100644 --- a/src/util/virfile.h +++ b/src/util/virfile.h @@ -64,6 +64,7 @@ static inline void virForceCloseHelper(int *fd) int virCloseRange(unsigned int from, unsigned int to); int virCloseRangeInit(void); bool virCloseRangeIsSupported(void); +int virCloseFrom(int fromfd); =20 /* For use on normal paths; caller must check return value, and failure sets errno per close. */ --=20 2.41.0 From nobody Sat May 18 12:29:59 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1692711319; cv=none; d=zohomail.com; s=zohoarc; b=a1/qTPlCSlU5Vu8eE1uUDrfGLPBzs6dl/tKcJc5ZlpHiuPmYbAO2wbkkBI8CREqkIzLCGbWLPDYhJDNjvR1LLGpZHVAoglUMHli//na4Av9eXAOujX7YHf0RHndMLqhCVDAyaOWlalgWoSybwGTQ7n2lRxHxcj7zxHbJtw/iF+Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692711319; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xKKhNCNgsqE2VNL2RaHFpNwq+5+89ppEByLZOB/JuZU=; b=dDNP9CALVEfWIwTEwSIu9o2UbRNU5OR5FiqUVyCeFhmcXQ6/jx4ZrnJY2diTEFnWyp30PFeMS+TX3myS54cMTuGMDtTnIZ+HjxaEA+Y8GUY5bu/aibnXYt4ZClv6p8LUjY0GiIZFC7SJfLBv3cxaZNI2/Ikbn38Yf+edcNX5xAU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1692711319902985.8253944980926; Tue, 22 Aug 2023 06:35:19 -0700 (PDT) Received: from mimecast-mx02.redhat.com (66.187.233.73 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-41-y2-7YA8fOlyCg4slY9hhgw-1; Tue, 22 Aug 2023 09:35:11 -0400 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 675A63815F8D; Tue, 22 Aug 2023 13:34:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 533B9492C13; Tue, 22 Aug 2023 13:34:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 7371319465A4; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id A1ECB1946586 for ; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 9D1A42026D33; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id 44C3E2026D2B for ; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1692711318; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=xKKhNCNgsqE2VNL2RaHFpNwq+5+89ppEByLZOB/JuZU=; b=gfxQRFrz2SLp07IRtM83kKLe+TiYtk3RLH+ooLlV2sViCO88T47cX6m+u/urmJwypQa5Fs +OYQvGMSmUVTJpqNnO5XG+i58eB8z1zhRJT1rEzcxxPoHuJESidenbeEEi2aJV94M/s8Tc hMZ4k14lzt8GQymUBXcylPip9zpkTTE= X-MC-Unique: y2-7YA8fOlyCg4slY9hhgw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 3/5] vircommand: Unify mass FD closing Date: Tue, 22 Aug 2023 15:34:39 +0200 Message-ID: <897e79b0557b62d3b609311e6163fa5487f2899c.1692710969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1692711321885100003 Content-Type: text/plain; charset="utf-8"; x-default="true" We have two version of mass FD closing: one for FreeBSD (because it has closefrom()) and the other for everything else. But now that we have closefrom() wrapper even for Linux, we can unify these two. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Reviewed-by: Kristina Hanicova --- src/util/vircommand.c | 85 +++++++++++++------------------------------ 1 file changed, 25 insertions(+), 60 deletions(-) diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 49abb53c28..867f45b57b 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -526,60 +526,6 @@ virCommandMassCloseGetFDsGeneric(virCommand *cmd G_GNU= C_UNUSED, } # endif /* !__linux__ */ =20 -# ifdef __FreeBSD__ - -static int -virCommandMassClose(virCommand *cmd, - int childin, - int childout, - int childerr) -{ - int lastfd =3D -1; - int fd =3D -1; - size_t i; - - /* - * Two phases of closing. - * - * The first (inefficient) phase iterates over FDs, - * preserving certain FDs we need to pass down, and - * closing others. The number of iterations is bounded - * to the number of the biggest FD we need to preserve. - * - * The second (speedy) phase uses closefrom() to cull - * all remaining FDs in the process. - * - * Usually the first phase will be fairly quick only - * processing a handful of low FD numbers, and thus using - * closefrom() is a massive win for high ulimit() NFILES - * values. - */ - lastfd =3D MAX(lastfd, childin); - lastfd =3D MAX(lastfd, childout); - lastfd =3D MAX(lastfd, childerr); - - for (i =3D 0; i < cmd->npassfd; i++) - lastfd =3D MAX(lastfd, cmd->passfd[i].fd); - - for (fd =3D 0; fd <=3D lastfd; fd++) { - if (fd =3D=3D childin || fd =3D=3D childout || fd =3D=3D childerr) - continue; - if (!virCommandFDIsSet(cmd, fd)) { - int tmpfd =3D fd; - VIR_MASS_CLOSE(tmpfd); - } else if (virSetInherit(fd, true) < 0) { - virReportSystemError(errno, _("failed to preserve fd %1$d"), f= d); - return -1; - } - } - - closefrom(lastfd + 1); - - return 0; -} - -# else /* ! __FreeBSD__ */ - static int virCommandMassClose(virCommand *cmd, int childin, @@ -588,7 +534,9 @@ virCommandMassClose(virCommand *cmd, { g_autoptr(virBitmap) fds =3D NULL; int openmax =3D sysconf(_SC_OPEN_MAX); + int lastfd =3D -1; int fd =3D -1; + size_t i; =20 /* In general, it is not safe to call malloc() between fork() and exec= () * because the child might have forked at the worst possible time, i.e. @@ -605,16 +553,23 @@ virCommandMassClose(virCommand *cmd, =20 fds =3D virBitmapNew(openmax); =20 -# ifdef __linux__ +# ifdef __linux__ if (virCommandMassCloseGetFDsLinux(cmd, fds) < 0) return -1; -# else +# else if (virCommandMassCloseGetFDsGeneric(cmd, fds) < 0) return -1; -# endif +# endif + + lastfd =3D MAX(lastfd, childin); + lastfd =3D MAX(lastfd, childout); + lastfd =3D MAX(lastfd, childerr); + + for (i =3D 0; i < cmd->npassfd; i++) + lastfd =3D MAX(lastfd, cmd->passfd[i].fd); =20 fd =3D virBitmapNextSetBit(fds, 2); - for (; fd >=3D 0; fd =3D virBitmapNextSetBit(fds, fd)) { + for (; fd >=3D 0 && fd <=3D lastfd; fd =3D virBitmapNextSetBit(fds, fd= )) { if (fd =3D=3D childin || fd =3D=3D childout || fd =3D=3D childerr) continue; if (!virCommandFDIsSet(cmd, fd)) { @@ -626,11 +581,21 @@ virCommandMassClose(virCommand *cmd, } } =20 + if (virCloseFrom(lastfd + 1) < 0) { + if (errno !=3D ENOSYS) + return -1; + + if (fd > 0) { + for (; fd >=3D 0; fd =3D virBitmapNextSetBit(fds, fd)) { + int tmpfd =3D fd; + VIR_MASS_CLOSE(tmpfd); + } + } + } + return 0; } =20 -# endif /* ! __FreeBSD__ */ - =20 /* * virExec: --=20 2.41.0 From nobody Sat May 18 12:29:59 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1692711321; cv=none; d=zohomail.com; s=zohoarc; b=BeClTbpcf2fZsqqcbk6IJAj2nnwWizHe6rjx2S0VuixjmiZQO865WXRdasHgDNThPQec0wyaGZY3VPYhN2MQwA0oNyaCB0fxytiBG60DgHqX+QAGElHK/dBptgN17eQq7x9maWKUWLFsRXoBkI9dPtQ65l5aU5j7yN7bqqDhE5I= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692711321; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=YJh14Pr388QKKHCFEWMNCEZmsegv5/9WVVm8yQxIJ2g=; b=GD7ruJHwR8FTGbxmHiKzo39z/1TCHmMOsZZZLeJcBjPaHignYAlXczH+S1dC+SuVr9cLKuLkoexueQ15Yrpc+ijBcm9Vp1rclOjeZj7g9/yXbrSwPwKRLSfEw8iRC8jrCNI8JmcxUOMs7UluLMO4E0WhWsXvffJrdJSWJ3br5Uc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 169271132112119.11874848773118; Tue, 22 Aug 2023 06:35:21 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-663-5GgRFWagNHOkAO0Xmot_1Q-1; Tue, 22 Aug 2023 09:35:16 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CCD1D185A7AF; Tue, 22 Aug 2023 13:34:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id B1C6E2026DEF; Tue, 22 Aug 2023 13:34:52 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id ACA1D1946588; Tue, 22 Aug 2023 13:34:47 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3DAF1194658C for ; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 3875C2026D37; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id D48812026D2C for ; Tue, 22 Aug 2023 13:34:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1692711320; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=YJh14Pr388QKKHCFEWMNCEZmsegv5/9WVVm8yQxIJ2g=; b=Tg1KzDYnz5nr9AJ3YNYOnYEICegRsKbp3NnAy1Brmyl9cqciBgl+2p/5XZlbZpk++8ZAHW S9x8k4mEJJshp0zxndoWDxMd/ok3ZQyOrucz7n6JgkiyjApPpHfgBXQAyVgwQnUFi+nfdS OUyvxo9mnQvgrSqCTe2r3zYPtN46I7Q= X-MC-Unique: 5GgRFWagNHOkAO0Xmot_1Q-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 4/5] vircommand: Introduce virCommandMassCloseRange() Date: Tue, 22 Aug 2023 15:34:40 +0200 Message-ID: <471e08754b2932ac090bf7f13211d9ee846c0eba.1692710969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1692711321468100001 Content-Type: text/plain; charset="utf-8"; x-default="true" This is brand new way of closing FDs before exec(). We need to close all FDs except those we want to explicitly pass to avoid leaking FDs into the child. Historically, we've done this by either iterating over all opened FDs and closing them one by one (or preserving them), or by iterating over an FD interval [2 ... N] and closing them one by one followed by calling closefrom(N + 1). This is a lot of syscalls. That's why Linux kernel developers introduced new close_from syscall. It closes all FDs within given range, in a single syscall. Since we keep list of FDs we want to preserve and pass to the child process, we can use this syscall to close all FDs in between. We don't even need to care about opened FDs. Of course, we have to check whether the syscall is available and fall back to the old implementation if it isn't. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Reviewed-by: Kristina Hanicova --- src/util/vircommand.c | 77 ++++++++++++++++++++++++++++++++++++++++--- tests/commandtest.c | 2 ++ 2 files changed, 75 insertions(+), 4 deletions(-) diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 867f45b57b..5f094c625a 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -527,10 +527,10 @@ virCommandMassCloseGetFDsGeneric(virCommand *cmd G_GN= UC_UNUSED, # endif /* !__linux__ */ =20 static int -virCommandMassClose(virCommand *cmd, - int childin, - int childout, - int childerr) +virCommandMassCloseFrom(virCommand *cmd, + int childin, + int childout, + int childerr) { g_autoptr(virBitmap) fds =3D NULL; int openmax =3D sysconf(_SC_OPEN_MAX); @@ -597,6 +597,75 @@ virCommandMassClose(virCommand *cmd, } =20 =20 +static int +virCommandMassCloseRange(virCommand *cmd, + int childin, + int childout, + int childerr) +{ + g_autoptr(virBitmap) fds =3D virBitmapNew(0); + ssize_t first; + ssize_t last; + size_t i; + + virBitmapSetBitExpand(fds, childin); + virBitmapSetBitExpand(fds, childout); + virBitmapSetBitExpand(fds, childerr); + + for (i =3D 0; i < cmd->npassfd; i++) { + int fd =3D cmd->passfd[i].fd; + + virBitmapSetBitExpand(fds, fd); + + if (virSetInherit(fd, true) < 0) { + virReportSystemError(errno, _("failed to preserve fd %1$d"), f= d); + return -1; + } + } + + first =3D 2; + while ((last =3D virBitmapNextSetBit(fds, first)) >=3D 0) { + if (first + 1 =3D=3D last) { + first =3D last; + continue; + } + + /* Preserve @first and @last and close everything in between. */ + if (virCloseRange(first + 1, last - 1) < 0) { + virReportSystemError(errno, + _("Unable to mass close FDs (first=3D%1$z= d, last=3D%2$zd)"), + first + 1, last - 1); + return -1; + } + + first =3D last; + } + + if (virCloseRange(first + 1, ~0U) < 0) { + virReportSystemError(errno, + _("Unable to mass close FDs (first=3D%1$zd, l= ast=3D%2$d"), + first + 1, ~0U); + return -1; + } + + return 0; +} + + + +static int +virCommandMassClose(virCommand *cmd, + int childin, + int childout, + int childerr) +{ + if (virCloseRangeIsSupported()) + return virCommandMassCloseRange(cmd, childin, childout, childerr); + + return virCommandMassCloseFrom(cmd, childin, childout, childerr); +} + + /* * virExec: * @cmd virCommand * containing all information about the program to diff --git a/tests/commandtest.c b/tests/commandtest.c index 688cf59160..aa108ce583 100644 --- a/tests/commandtest.c +++ b/tests/commandtest.c @@ -1247,6 +1247,8 @@ mymain(void) setpgid(0, 0); ignore_value(setsid()); =20 + virCloseRangeInit(); + /* Our test expects particular fd values; to get that, we must not * leak fds that we inherited from a lazy parent. At the same * time, virInitialize may open some fds (perhaps via third-party --=20 2.41.0 From nobody Sat May 18 12:29:59 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1692711326; cv=none; d=zohomail.com; s=zohoarc; b=isI0hvBaekUi8VDtuuaHnuk1rW+iVfsPsrECrgKSJseuPa1pHN3uX9BjLtIlkShM+t3sknPX8chG+fMck2upLudKo5/HMkHjGhXPBocnXz6o69QUx7IvYqQJCRQexYHjJ5TJXJ7o6fP4kb4CCAsw5yh4ZLNpsfAK2D68EckSqX8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1692711326; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7W3Az3e1z1WG9H6mfF6dfAL+e1hJk/75/QyLQXp/AAI=; b=hIV+LRRq+iMnMO1ZC04rUoAVsqhsnt21rrfel6S3AqQHUXL0/R6dpo0KeZsOndjfUNoHxgmIBy/goQC7uwiJMhnR7079CYXL5Gp8rSA0rB8vLDBpz0BLidYE0RC4OCzkjAS1ie8RpqqDcyDiUzqe+ve0rPixsAYDoI7Rxr9OlxQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1692711326657432.6520721879408; Tue, 22 Aug 2023 06:35:26 -0700 (PDT) Received: from mimecast-mx02.redhat.com (66.187.233.73 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-694-m719tXvmMpyYq8BOUVKoQw-1; Tue, 22 Aug 2023 09:35:21 -0400 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8970F2823814; Tue, 22 Aug 2023 13:35:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 776E46468B; Tue, 22 Aug 2023 13:35:13 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0A9F91946587; Tue, 22 Aug 2023 13:34:58 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CC2AA1946588 for ; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id C70B72026D37; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) Received: from localhost.localdomain (unknown [10.43.2.56]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6F3562026D2B for ; Tue, 22 Aug 2023 13:34:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1692711325; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7W3Az3e1z1WG9H6mfF6dfAL+e1hJk/75/QyLQXp/AAI=; b=VSU75k3IXne1m90RqezXdwB8L2o0ry0bpZqRtUOVovn74L82V1v7aD9fDyKvRAolT9gQzT 1cVTKvTAN89b0PXpQDPE9g5izu5xieLK4YoeXvybLamz42ugnAtqOxSP0CSbLM84R2YRpp /lhQIiONQQ+eeYFflw/1ZpnvJTY3cC8= X-MC-Unique: m719tXvmMpyYq8BOUVKoQw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 5/5] src: Detect close_range syscall during virGlobalInit() Date: Tue, 22 Aug 2023 15:34:41 +0200 Message-ID: <8d881d42792dd1da958e3eb8e00ec6234c601a23.1692710969.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1692711327504100001 Content-Type: text/plain; charset="utf-8"; x-default="true" The whole purpose of virCloseRangeInit() is to be called somewhere during initialization (ideally before first virExec() or virCommandRun()), so that the rest of the code already knows kernel capabilities. While I can put the call somewhere into remote_daemon.c (when a daemon initializes), we might call virCommand*() even from client library (i.e. no daemon). Therefore, put it into virGlobalInit() with the rest of initialization code. Signed-off-by: Michal Privoznik Reviewed-by: J=C3=A1n Tomko Reviewed-by: Kristina Hanicova --- src/libvirt.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/libvirt.c b/src/libvirt.c index 69d5b13bff..26c3fe454f 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -231,6 +231,10 @@ virGlobalInit(void) goto error; } =20 + /* Do this upfront rather than every time a child is spawned. */ + if (virCloseRangeInit() < 0) + goto error; + if (virLogSetFromEnv() < 0) goto error; =20 --=20 2.41.0