From nobody Sun Feb 8 12:18:57 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1565277274; cv=none; d=zoho.com; s=zohoarc; b=m17ZudcASDsfIrVBaPnjaTVS5jhcyiRYRu9veenxgG9OZJKODJsoAiEvlz7NRF9cdCtIu5UZHi0oghK/gm0gu/4HEc6QnyDPr23toQQi3U94Iqm6ThwfF8HxJb7MJPHowcuU6UJWud8pgNqgyL8/9CpEFdWPaUNbYw3E2ZifUFc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1565277274; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To:ARC-Authentication-Results; bh=UtTrr4BBNcpdbPC6lvC3fPfULhd69zA/qt85CySK4bc=; b=CToJiOCSWh4uiho/sWV5NoHzsVTpS4t/o9DmsmH1ghP0pfRjrHHB6P9qod805i36ja1qCeLKyLTeui6uq9sm8+lLLlBSNisUVkozpo5qOtFJ3IIlbOhYyMpEBHEjlTYriZpL/IyNBDzCRxWrqrhbm6a0OuL+XCjQIhtalppAGFQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx.zohomail.com with SMTPS id 15652772746131016.4614964802175; Thu, 8 Aug 2019 08:14:34 -0700 (PDT) Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id D22B1C03BC00; Thu, 8 Aug 2019 15:14:32 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A48606012A; Thu, 8 Aug 2019 15:14:32 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 616811802218; Thu, 8 Aug 2019 15:14:32 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id x78FCB4i028011 for ; Thu, 8 Aug 2019 11:12:11 -0400 Received: by smtp.corp.redhat.com (Postfix) id AEB0D1001948; Thu, 8 Aug 2019 15:12:11 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-28.ams2.redhat.com [10.36.112.28]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5283710016F3; Thu, 8 Aug 2019 15:12:10 +0000 (UTC) From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Date: Thu, 8 Aug 2019 16:10:40 +0100 Message-Id: <20190808151044.11385-39-berrange@redhat.com> In-Reply-To: <20190808151044.11385-1-berrange@redhat.com> References: <20190808151044.11385-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-loop: libvir-list@redhat.com Cc: Andrea Bolognani Subject: [libvirt] [PATCH v4 38/42] remote: open secondary drivers via remote driver if needed X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Thu, 08 Aug 2019 15:14:34 +0000 (UTC) When the client has a connection to one of the hypervisor specific daemons (eg virtqemud), the app may still expect to use the secondary driver APIs (storage, network, etc). None of these will be registered in the hypervisor daemon, so we must explicitly open a connection to each of the daemons for the secondary drivers we need. We don't want to open these secondary driver connections at the same time as the primary connection is opened though. That would mean that establishing a connection to virtqemud would immediately trigger activation of virtnetworkd, virnwfilterd, etc despite that that these drivers may never be used by the app. Thus we only open the secondary driver connections at time of first use by an API call. Reviewed-by: Andrea Bolognani Signed-off-by: Daniel P. Berrang=C3=A9 --- src/remote/remote_daemon.h | 13 +++ src/remote/remote_daemon_dispatch.c | 160 +++++++++++++++++++++++----- 2 files changed, 148 insertions(+), 25 deletions(-) diff --git a/src/remote/remote_daemon.h b/src/remote/remote_daemon.h index a403d2593a..a2d9af4036 100644 --- a/src/remote/remote_daemon.h +++ b/src/remote/remote_daemon.h @@ -70,12 +70,25 @@ struct daemonClientPrivate { * called, it will be set back to NULL if that succeeds. */ virConnectPtr conn; + + /* These secondary drivers may point back to 'conn' + * in the monolithic daemon setups. Otherwise they + * can be NULL and opened on first use, pointing + * to remote driver use of an external daemon + */ virConnectPtr interfaceConn; + const char *interfaceURI; virConnectPtr networkConn; + const char *networkURI; virConnectPtr nodedevConn; + const char *nodedevURI; virConnectPtr nwfilterConn; + const char *nwfilterURI; virConnectPtr secretConn; + const char *secretURI; virConnectPtr storageConn; + const char *storageURI; + bool readonly; =20 daemonClientStreamPtr streams; }; diff --git a/src/remote/remote_daemon_dispatch.c b/src/remote/remote_daemon= _dispatch.c index 5609eb4caf..7a66629d5b 100644 --- a/src/remote/remote_daemon_dispatch.c +++ b/src/remote/remote_daemon_dispatch.c @@ -1941,6 +1941,34 @@ static void remoteClientCloseFunc(virNetServerClient= Ptr client) } =20 =20 +static int +remoteOpenConn(const char *uri, + bool readonly, + virConnectPtr *conn) +{ + VIR_DEBUG("Getting secondary uri=3D%s readonly=3D%d conn=3D%p", + NULLSTR(uri), readonly, conn); + if (*conn) + return 0; + + if (!uri) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("connection not ope= n")); + return -1; + } + + VIR_DEBUG("Opening driver %s", uri); + if (readonly) + *conn =3D virConnectOpenReadOnly(uri); + else + *conn =3D virConnectOpen(uri); + if (!*conn) + return -1; + VIR_DEBUG("Opened driver %p", *conn); + + return 0; +} + + static virConnectPtr remoteGetHypervisorConn(virNetServerClientPtr client) { @@ -1962,10 +1990,10 @@ remoteGetInterfaceConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->interfaceConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->interfaceURI, + priv->readonly, + &priv->interfaceConn) < 0) return NULL; - } =20 return priv->interfaceConn; } @@ -1977,10 +2005,10 @@ remoteGetNetworkConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->networkConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->networkURI, + priv->readonly, + &priv->networkConn) < 0) return NULL; - } =20 return priv->networkConn; } @@ -1992,10 +2020,10 @@ remoteGetNodeDevConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->nodedevConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->nodedevURI, + priv->readonly, + &priv->nodedevConn) < 0) return NULL; - } =20 return priv->nodedevConn; } @@ -2007,10 +2035,10 @@ remoteGetNWFilterConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->nwfilterConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->nwfilterURI, + priv->readonly, + &priv->nwfilterConn) < 0) return NULL; - } =20 return priv->nwfilterConn; } @@ -2022,10 +2050,10 @@ remoteGetSecretConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->secretConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->secretURI, + priv->readonly, + &priv->secretConn) < 0) return NULL; - } =20 return priv->secretConn; } @@ -2037,10 +2065,10 @@ remoteGetStorageConn(virNetServerClientPtr client) struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(client); =20 - if (!priv->storageConn) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("hypervisor connect= ion not open")); + if (remoteOpenConn(priv->storageURI, + priv->readonly, + &priv->storageConn) < 0) return NULL; - } =20 return priv->storageConn; } @@ -2077,6 +2105,9 @@ remoteDispatchConnectOpen(virNetServerPtr server ATTR= IBUTE_UNUSED, unsigned int flags; struct daemonClientPrivate *priv =3D virNetServerClientGetPrivateData(= client); int rv =3D -1; +#ifdef MODULE_NAME + const char *type =3D NULL; +#endif /* !MODULE_NAME */ =20 VIR_DEBUG("priv=3D%p conn=3D%p", priv, priv->conn); virMutexLock(&priv->lock); @@ -2095,20 +2126,94 @@ remoteDispatchConnectOpen(virNetServerPtr server AT= TRIBUTE_UNUSED, if (virNetServerClientGetReadonly(client)) flags |=3D VIR_CONNECT_RO; =20 - priv->conn =3D - flags & VIR_CONNECT_RO - ? virConnectOpenReadOnly(name) - : virConnectOpen(name); + priv->readonly =3D flags & VIR_CONNECT_RO; =20 - if (priv->conn =3D=3D NULL) - goto cleanup; + VIR_DEBUG("Opening driver %s", name); + if (priv->readonly) { + if (!(priv->conn =3D virConnectOpenReadOnly(name))) + goto cleanup; + } else { + if (!(priv->conn =3D virConnectOpen(name))) + goto cleanup; + } + VIR_DEBUG("Opened %p", priv->conn); =20 +#ifdef MODULE_NAME + /* + * For per-driver daemons, we must setup connection URIs + * for sub-drivers. + */ + if (!(type =3D virConnectGetType(priv->conn))) + goto cleanup; + + VIR_DEBUG("Primary driver type is '%s'", type); + if (STREQ(type, "QEMU") || + STREQ(type, "LIBXL") || + STREQ(type, "LXC") || + STREQ(type, "VBOX") || + STREQ(type, "bhyve") || + STREQ(type, "vz") || + STREQ(type, "Parallels")) { + VIR_DEBUG("Hypervisor driver found, setting URIs for secondary dri= vers"); + if (getuid() =3D=3D 0) { + priv->interfaceURI =3D "interface:///system"; + priv->networkURI =3D "network:///system"; + priv->nodedevURI =3D "nodedev:///system"; + priv->nwfilterURI =3D "nwfilter:///system"; + priv->secretURI =3D "secret:///system"; + priv->storageURI =3D "storage:///system"; + } else { + priv->interfaceURI =3D "interface:///session"; + priv->networkURI =3D "network:///session"; + priv->nodedevURI =3D "nodedev:///session"; + /* No nwfilterURI as this is a root-only driver */ + priv->secretURI =3D "secret:///session"; + priv->storageURI =3D "storage:///session"; + } + } else if (STREQ(type, "interface")) { + VIR_DEBUG("Interface driver found"); + priv->interfaceConn =3D virObjectRef(priv->conn); + } else if (STREQ(type, "network")) { + VIR_DEBUG("Network driver found"); + priv->networkConn =3D virObjectRef(priv->conn); + } else if (STREQ(type, "nodedev")) { + VIR_DEBUG("Nodedev driver found"); + priv->nodedevConn =3D virObjectRef(priv->conn); + } else if (STREQ(type, "nwfilter")) { + VIR_DEBUG("NWFilter driver found"); + priv->nwfilterConn =3D virObjectRef(priv->conn); + } else if (STREQ(type, "secret")) { + VIR_DEBUG("Secret driver found"); + priv->secretConn =3D virObjectRef(priv->conn); + } else if (STREQ(type, "storage")) { + VIR_DEBUG("Storage driver found"); + priv->storageConn =3D virObjectRef(priv->conn); + + /* Co-open the secret driver, as apps using the storage driver may= well + * need access to secrets for storage auth + */ + if (getuid() =3D=3D 0) + priv->secretURI =3D "secret:///system"; + else + priv->secretURI =3D "secret:///session"; + } else { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("Unexpected driver type '%s' opened"), type); + goto cleanup; + } +#else /* !MODULE_NAME */ + /* + * For libvirtd/virtproxyd one connection handles + * all drivers + */ + VIR_DEBUG("Pointing secondary drivers to primary"); priv->interfaceConn =3D virObjectRef(priv->conn); priv->networkConn =3D virObjectRef(priv->conn); priv->nodedevConn =3D virObjectRef(priv->conn); priv->nwfilterConn =3D virObjectRef(priv->conn); priv->secretConn =3D virObjectRef(priv->conn); priv->storageConn =3D virObjectRef(priv->conn); +#endif /* !MODULE_NAME */ =20 /* force update the @readonly attribute which was inherited from the * virNetServerService object - this is important for sockets that are= RW @@ -2118,8 +2223,13 @@ remoteDispatchConnectOpen(virNetServerPtr server ATT= RIBUTE_UNUSED, rv =3D 0; =20 cleanup: - if (rv < 0) + if (rv < 0) { virNetMessageSaveError(rerr); + if (priv->conn) { + virObjectUnref(priv->conn); + priv->conn =3D NULL; + } + } virMutexUnlock(&priv->lock); return rv; } --=20 2.21.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list