From nobody Fri May 3 14:27:52 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=fail(p=none dis=none) header.from=canonical.com Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 1542716763277449.79172326467756; Tue, 20 Nov 2018 04:26:03 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 4FF60307D85B; Tue, 20 Nov 2018 12:26:00 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6205F66D42; Tue, 20 Nov 2018 12:25:58 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E8859181AAB1; Tue, 20 Nov 2018 12:25:56 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id wAKCPtf5002571 for ; Tue, 20 Nov 2018 07:25:55 -0500 Received: by smtp.corp.redhat.com (Postfix) id 0B4545D760; Tue, 20 Nov 2018 12:25:55 +0000 (UTC) Received: from mx1.redhat.com (ext-mx01.extmail.prod.ext.phx2.redhat.com [10.5.110.25]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 07E185D75E; Tue, 20 Nov 2018 12:25:52 +0000 (UTC) Received: from youngberry.canonical.com (youngberry.canonical.com [91.189.89.112]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 32BA77F6B0; Tue, 20 Nov 2018 12:25:50 +0000 (UTC) Received: from 2.general.paelzer.uk.vpn ([10.172.196.173] helo=Keschdeichel.nvidia.com) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1gP56B-00063K-UP; Tue, 20 Nov 2018 12:25:47 +0000 From: Christian Ehrhardt To: libvir-list@redhat.com Date: Tue, 20 Nov 2018 13:25:46 +0100 Message-Id: <20181120122546.6262-1-christian.ehrhardt@canonical.com> In-Reply-To: <20181120121131.GL25047@redhat.com> References: <20181120121131.GL25047@redhat.com> X-Greylist: Sender passed SPF test, Sender IP whitelisted by DNSRBL, ACL 216 matched, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 20 Nov 2018 12:25:50 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 20 Nov 2018 12:25:50 +0000 (UTC) for IP:'91.189.89.112' DOMAIN:'youngberry.canonical.com' HELO:'youngberry.canonical.com' FROM:'christian.ehrhardt@canonical.com' RCPT:'' X-RedHat-Spam-Score: -5 (RCVD_IN_DNSWL_HI) 91.189.89.112 youngberry.canonical.com 91.189.89.112 youngberry.canonical.com X-Scanned-By: MIMEDefang 2.83 on 10.5.110.25 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-loop: libvir-list@redhat.com Cc: Christian Ehrhardt , Brian Candler Subject: [libvirt] [PATCH v2] util: netdevbridge: fall back to ioctl from sysfs X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Tue, 20 Nov 2018 12:26:01 +0000 (UTC) Content-Type: text/plain; charset="utf-8" There are certain cases e.g. containers where the sysfs path might exists, but might fail. Unfortunately the exact restrictions are only known to libvirt when trying to write to it so we need to try it. But in case it fails there is no need to fully abort, in those cases try to fall back to the older ioctl interface which can still work. That makes setting up a bridge in unprivileged LXD containers work. Fixes: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1802906 Signed-off-by: Christian Ehrhardt Reported-by: Brian Candler Reviewed-by: (unless we are in freeze). Reviewed-by: Daniel P. Berrang=C3=A9 --- src/util/virnetdevbridge.c | 48 +++++++++++++++++++++----------------- 1 file changed, 26 insertions(+), 22 deletions(-) diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index 071ebb7b35..fc6389d0c7 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -28,6 +28,7 @@ #include "virutil.h" #include "virfile.h" #include "viralloc.h" +#include "virlog.h" #include "intprops.h" #include "virstring.h" =20 @@ -74,6 +75,7 @@ =20 #define VIR_FROM_THIS VIR_FROM_NONE =20 +VIR_LOG_INIT("util.netdevbridge"); =20 #if defined(HAVE_BSD_BRIDGE_MGMT) static int virNetDevBridgeCmd(const char *brname, @@ -113,6 +115,8 @@ static int virNetDevBridgeCmd(const char *brname, * or by ioctl on older kernels. Perhaps we could just use * ioctl for every kernel, but its not clear what the long * term lifespan of the ioctl interface is... + * Fall back to ioctl if sysfs interface is not available or + * failing (e.g. due to container isolation). */ static int virNetDevBridgeSet(const char *brname, const char *paramname, /* sysfs param name = */ @@ -128,29 +132,29 @@ static int virNetDevBridgeSet(const char *brname, if (virFileExists(path)) { char valuestr[INT_BUFSIZE_BOUND(value)]; snprintf(valuestr, sizeof(valuestr), "%lu", value); - if (virFileWriteStr(path, valuestr, 0) < 0) { - virReportSystemError(errno, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } + if (virFileWriteStr(path, valuestr, 0) >=3D 0) + return 0; + VIR_DEBUG("Unable to set bridge %s %s via sysfs", brname, paramnam= e); + } + + unsigned long paramid; + if (STREQ(paramname, "stp_state")) { + paramid =3D BRCTL_SET_BRIDGE_STP_STATE; + } else if (STREQ(paramname, "forward_delay")) { + paramid =3D BRCTL_SET_BRIDGE_FORWARD_DELAY; } else { - unsigned long paramid; - if (STREQ(paramname, "stp_state")) { - paramid =3D BRCTL_SET_BRIDGE_STP_STATE; - } else if (STREQ(paramname, "forward_delay")) { - paramid =3D BRCTL_SET_BRIDGE_FORWARD_DELAY; - } else { - virReportSystemError(EINVAL, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } - unsigned long args[] =3D { paramid, value, 0, 0 }; - ifr->ifr_data =3D (char*)&args; - if (ioctl(fd, SIOCDEVPRIVATE, ifr) < 0) { - virReportSystemError(errno, - _("Unable to set bridge %s %s"), brname, = paramname); - return -1; - } + virReportSystemError(EINVAL, + _("Unable to set bridge %s %s via ioctl"), + brname, paramname); + return -1; + } + unsigned long args[] =3D { paramid, value, 0, 0 }; + ifr->ifr_data =3D (char*)&args; + if (ioctl(fd, SIOCDEVPRIVATE, ifr) < 0) { + virReportSystemError(errno, + _("Failed to set bridge %s %s via ioctl"), + brname, paramname); + return -1; } =20 return 0; --=20 2.17.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list