From nobody Sun May 5 18:19:01 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=canonical.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1542709038056897.5759957561494; Tue, 20 Nov 2018 02:17:18 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6267C8535D; Tue, 20 Nov 2018 10:17:16 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2CA7E379D; Tue, 20 Nov 2018 10:17:16 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D0FED3F6E4; Tue, 20 Nov 2018 10:17:15 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id wAKAHEs4016512 for ; Tue, 20 Nov 2018 05:17:14 -0500 Received: by smtp.corp.redhat.com (Postfix) id A17995D979; Tue, 20 Nov 2018 10:17:14 +0000 (UTC) Received: from mx1.redhat.com (ext-mx10.extmail.prod.ext.phx2.redhat.com [10.5.110.39]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 979425D9C7 for ; Tue, 20 Nov 2018 10:17:12 +0000 (UTC) Received: from youngberry.canonical.com (youngberry.canonical.com [91.189.89.112]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C79429E62D for ; Tue, 20 Nov 2018 10:17:10 +0000 (UTC) Received: from 2.general.paelzer.uk.vpn ([10.172.196.173] helo=Keschdeichel.nvidia.com) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1gP35h-0006gg-4K; Tue, 20 Nov 2018 10:17:09 +0000 From: Christian Ehrhardt To: libvir-list@redhat.com Date: Tue, 20 Nov 2018 11:17:07 +0100 Message-Id: <20181120101707.3199-1-christian.ehrhardt@canonical.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 216 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 20 Nov 2018 10:17:10 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.39]); Tue, 20 Nov 2018 10:17:10 +0000 (UTC) for IP:'91.189.89.112' DOMAIN:'youngberry.canonical.com' HELO:'youngberry.canonical.com' FROM:'christian.ehrhardt@canonical.com' RCPT:'' X-RedHat-Spam-Score: -5 (RCVD_IN_DNSWL_HI) 91.189.89.112 youngberry.canonical.com 91.189.89.112 youngberry.canonical.com X-Scanned-By: MIMEDefang 2.78 on 10.5.110.39 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-loop: libvir-list@redhat.com Cc: Christian Ehrhardt Subject: [libvirt] [PATCH] util: netdevbridge: fall back to ioctl from sysfs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 20 Nov 2018 10:17:17 +0000 (UTC) Content-Type: text/plain; charset="utf-8" There are certain cases e.g. containers where the sysfs path might exists, but might fail. Unfortunately the exact restrictions are only known to libvirt when trying to write to it so we need to try it. But in case it fails there is no need to fully abort, in those cases try to fall back to the older ioctl interface which can still work. That makes setting up a bridge in unprivileged LXD containers work. Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1802906 Signed-off-by: Christian Ehrhardt --- src/util/virnetdevbridge.c | 48 +++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index 071ebb7b35..cbba3c9652 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -113,6 +113,8 @@ static int virNetDevBridgeCmd(const char *brname, * or by ioctl on older kernels. Perhaps we could just use * ioctl for every kernel, but its not clear what the long * term lifespan of the ioctl interface is... + * Fall back to ioctl if sysfs interface is not available or + * failing (e.g. due to container isolation). */ static int virNetDevBridgeSet(const char *brname, const char *paramname, /* sysfs param name = */ @@ -128,29 +130,31 @@ static int virNetDevBridgeSet(const char *brname, if (virFileExists(path)) { char valuestr[INT_BUFSIZE_BOUND(value)]; snprintf(valuestr, sizeof(valuestr), "%lu", value); - if (virFileWriteStr(path, valuestr, 0) < 0) { - virReportSystemError(errno, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } + if (virFileWriteStr(path, valuestr, 0) >=3D 0) + return 0; + virReportSystemError(errno, + _("Unable to set bridge %s %s via sysfs"), + brname, paramname); + } + + unsigned long paramid; + if (STREQ(paramname, "stp_state")) { + paramid =3D BRCTL_SET_BRIDGE_STP_STATE; + } else if (STREQ(paramname, "forward_delay")) { + paramid =3D BRCTL_SET_BRIDGE_FORWARD_DELAY; } else { - unsigned long paramid; - if (STREQ(paramname, "stp_state")) { - paramid =3D BRCTL_SET_BRIDGE_STP_STATE; - } else if (STREQ(paramname, "forward_delay")) { - paramid =3D BRCTL_SET_BRIDGE_FORWARD_DELAY; - } else { - virReportSystemError(EINVAL, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } - unsigned long args[] =3D { paramid, value, 0, 0 }; - ifr->ifr_data =3D (char*)&args; - if (ioctl(fd, SIOCDEVPRIVATE, ifr) < 0) { - virReportSystemError(errno, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } + virReportSystemError(EINVAL, + _("Unable to set bridge %s %s via ioctl"), + brname, paramname); + return -1; + } + unsigned long args[] =3D { paramid, value, 0, 0 }; + ifr->ifr_data =3D (char*)&args; + if (ioctl(fd, SIOCDEVPRIVATE, ifr) < 0) { + virReportSystemError(errno, + _("Failed to set bridge %s %s via ioctl"), + brname, paramname); + return -1; } =20 return 0; --=20 2.17.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list