[libvirt PATCH v2] qemu: don't continue loading caps if outdated

Daniel P. Berrangé posted 1 patch 2 weeks ago
Test syntax-check failed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/libvirt tags/patchew/20200622180701.2769430-1-berrange@redhat.com
src/qemu/qemu_capabilities.c | 63 +++++++++++++++++++++++-------------
src/qemu/qemu_capspriv.h     |  6 ++--
src/util/virfilecache.c      | 11 ++++---
src/util/virfilecache.h      | 11 +++++--
tests/testutilsqemu.c        |  3 +-
tests/virfilecachetest.c     |  3 +-
6 files changed, 61 insertions(+), 36 deletions(-)

[libvirt PATCH v2] qemu: don't continue loading caps if outdated

Posted by Daniel P. Berrangé 2 weeks ago
The XML format used for QEMU capabilities is not required to be
stable across releases, as we invalidate the cache whenever the
libvirt binary changes.

We none the less always try to parse te entire XML file before
we do any validity checks. Thus if we change the format of any
part of the data, or change permitted values for enums, then
libvirtd logs will be spammed with errors.

These are not in fact errors, but an expected scenario.

This change makes the loading code validate the cache timestamp
against the libvirtd timestamp immediately. If they don't match
then we stop loading the rest of the XML file.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 src/qemu/qemu_capabilities.c | 63 +++++++++++++++++++++++-------------
 src/qemu/qemu_capspriv.h     |  6 ++--
 src/util/virfilecache.c      | 11 ++++---
 src/util/virfilecache.h      | 11 +++++--
 tests/testutilsqemu.c        |  3 +-
 tests/virfilecachetest.c     |  3 +-
 6 files changed, 61 insertions(+), 36 deletions(-)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 484fff99e5..3053aa31f9 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -1807,14 +1807,6 @@ virQEMUCapsNewBinary(const char *binary)
 }
 
 
-void
-virQEMUCapsSetInvalidation(virQEMUCapsPtr qemuCaps,
-                           bool enabled)
-{
-    qemuCaps->invalidation = enabled;
-}
-
-
 static int
 virQEMUCapsHostCPUDataCopy(virQEMUCapsHostCPUDataPtr dst,
                            virQEMUCapsHostCPUDataPtr src)
@@ -4205,11 +4197,14 @@ virQEMUCapsParseSEVInfo(virQEMUCapsPtr qemuCaps, xmlXPathContextPtr ctxt)
  *   <machine name='pc-1.0' alias='pc' hotplugCpus='yes' maxCpus='4' default='yes' numaMemSupported='yes'/>
  *   ...
  * </qemuCaps>
+ *
+ * Returns 0 on success, 1 if outdated, -1 on error
  */
 int
 virQEMUCapsLoadCache(virArch hostArch,
                      virQEMUCapsPtr qemuCaps,
-                     const char *filename)
+                     const char *filename,
+                     bool skipInvalidation)
 {
     xmlDocPtr doc = NULL;
     int ret = -1;
@@ -4237,6 +4232,31 @@ virQEMUCapsLoadCache(virArch hostArch,
         goto cleanup;
     }
 
+    if (virXPathLongLong("string(./selfctime)", ctxt, &l) < 0) {
+        virReportError(VIR_ERR_XML_ERROR, "%s",
+                       _("missing selfctime in QEMU capabilities XML"));
+        goto cleanup;
+    }
+    qemuCaps->libvirtCtime = (time_t)l;
+
+    qemuCaps->libvirtVersion = 0;
+    if (virXPathULong("string(./selfvers)", ctxt, &lu) == 0)
+        qemuCaps->libvirtVersion = lu;
+
+    if (!skipInvalidation &&
+        (qemuCaps->libvirtCtime != virGetSelfLastChanged() ||
+         qemuCaps->libvirtVersion != LIBVIR_VERSION_NUMBER)) {
+        VIR_DEBUG("Outdated capabilities in %s: libvirt changed "
+                  "(%lld vs %lld, %lu vs %lu), stopping load",
+                  qemuCaps->binary,
+                  (long long)qemuCaps->libvirtCtime,
+                  (long long)virGetSelfLastChanged(),
+                  (unsigned long)qemuCaps->libvirtVersion,
+                  (unsigned long)LIBVIR_VERSION_NUMBER);
+        ret = 1;
+        goto cleanup;
+    }
+
     if (!(str = virXPathString("string(./emulator)", ctxt))) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("missing emulator in QEMU capabilities cache"));
@@ -4256,17 +4276,6 @@ virQEMUCapsLoadCache(virArch hostArch,
     }
     qemuCaps->ctime = (time_t)l;
 
-    if (virXPathLongLong("string(./selfctime)", ctxt, &l) < 0) {
-        virReportError(VIR_ERR_XML_ERROR, "%s",
-                       _("missing selfctime in QEMU capabilities XML"));
-        goto cleanup;
-    }
-    qemuCaps->libvirtCtime = (time_t)l;
-
-    qemuCaps->libvirtVersion = 0;
-    if (virXPathULong("string(./selfvers)", ctxt, &lu) == 0)
-        qemuCaps->libvirtVersion = lu;
-
     if ((n = virXPathNodeSet("./flag", ctxt, &nodes)) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
                        _("failed to parse qemu capabilities flags"));
@@ -4418,6 +4427,9 @@ virQEMUCapsLoadCache(virArch hostArch,
     if (virXPathBoolean("boolean(./kvmSupportsSecureGuest)", ctxt) > 0)
         qemuCaps->kvmSupportsSecureGuest = true;
 
+    if (skipInvalidation)
+        qemuCaps->invalidation = false;
+
     ret = 0;
  cleanup:
     VIR_FREE(str);
@@ -5489,16 +5501,23 @@ virQEMUCapsNewData(const char *binary,
 static void *
 virQEMUCapsLoadFile(const char *filename,
                     const char *binary,
-                    void *privData)
+                    void *privData,
+                    bool *outdated)
 {
     virQEMUCapsPtr qemuCaps = virQEMUCapsNewBinary(binary);
     virQEMUCapsCachePrivPtr priv = privData;
+    int ret;
 
     if (!qemuCaps)
         return NULL;
 
-    if (virQEMUCapsLoadCache(priv->hostArch, qemuCaps, filename) < 0)
+    ret = virQEMUCapsLoadCache(priv->hostArch, qemuCaps, filename, false);
+    if (ret < 0)
         goto error;
+    if (ret == 1) {
+        *outdated = true;
+        goto error;
+    }
 
     return qemuCaps;
 
diff --git a/src/qemu/qemu_capspriv.h b/src/qemu/qemu_capspriv.h
index 5d2f448e41..f6c06ea008 100644
--- a/src/qemu/qemu_capspriv.h
+++ b/src/qemu/qemu_capspriv.h
@@ -37,12 +37,10 @@ virQEMUCapsNewForBinaryInternal(virArch hostArch,
                                 unsigned int microcodeVersion,
                                 const char *kernelVersion);
 
-void virQEMUCapsSetInvalidation(virQEMUCapsPtr qemuCaps,
-                                bool enabled);
-
 int virQEMUCapsLoadCache(virArch hostArch,
                          virQEMUCapsPtr qemuCaps,
-                         const char *filename);
+                         const char *filename,
+                         bool skipInvalidation);
 char *virQEMUCapsFormatCache(virQEMUCapsPtr qemuCaps);
 
 int
diff --git a/src/util/virfilecache.c b/src/util/virfilecache.c
index aecabf173d..2162917b11 100644
--- a/src/util/virfilecache.c
+++ b/src/util/virfilecache.c
@@ -130,6 +130,7 @@ virFileCacheLoad(virFileCachePtr cache,
     g_autofree char *file = NULL;
     int ret = -1;
     void *loadData = NULL;
+    bool outdated = false;
 
     *data = NULL;
 
@@ -148,10 +149,12 @@ virFileCacheLoad(virFileCachePtr cache,
         goto cleanup;
     }
 
-    if (!(loadData = cache->handlers.loadFile(file, name, cache->priv))) {
-        VIR_WARN("Failed to load cached data from '%s' for '%s': %s",
-                 file, name, virGetLastErrorMessage());
-        virResetLastError();
+    if (!(loadData = cache->handlers.loadFile(file, name, cache->priv, &outdated))) {
+        if (!outdated) {
+            VIR_WARN("Failed to load cached data from '%s' for '%s': %s",
+                     file, name, virGetLastErrorMessage());
+            virResetLastError();
+        }
         ret = 0;
         goto cleanup;
     }
diff --git a/src/util/virfilecache.h b/src/util/virfilecache.h
index 006a9717cb..9a7edf07e6 100644
--- a/src/util/virfilecache.h
+++ b/src/util/virfilecache.h
@@ -62,15 +62,20 @@ typedef void *
  * @filename: name of a file with cached data
  * @name: name of the cached data
  * @priv: private data created together with cache
+ * @outdated: set to true if data was outdated
  *
- * Loads the cached data from a file @filename.
+ * Loads the cached data from a file @filename. If
+ * NULL is returned, then @oudated indicates whether
+ * this was due to the data being outdated, or an
+ * error loading the cache.
  *
- * Returns cached data object or NULL on error.
+ * Returns cached data object or NULL on outdated data or error.
  */
 typedef void *
 (*virFileCacheLoadFilePtr)(const char *filename,
                            const char *name,
-                           void *priv);
+                           void *priv,
+                           bool *outdated);
 
 /**
  * virFileCacheSaveFilePtr:
diff --git a/tests/testutilsqemu.c b/tests/testutilsqemu.c
index 4dcc3089dd..e3b1e2813b 100644
--- a/tests/testutilsqemu.c
+++ b/tests/testutilsqemu.c
@@ -293,10 +293,9 @@ qemuTestParseCapabilitiesArch(virArch arch,
                                               virArchToString(arch));
 
     if (!(qemuCaps = virQEMUCapsNewBinary(binary)) ||
-        virQEMUCapsLoadCache(arch, qemuCaps, capsFile) < 0)
+        virQEMUCapsLoadCache(arch, qemuCaps, capsFile, true) < 0)
         goto error;
 
-    virQEMUCapsSetInvalidation(qemuCaps, false);
     return qemuCaps;
 
  error:
diff --git a/tests/virfilecachetest.c b/tests/virfilecachetest.c
index 6d280b3bec..34e0d0ab2f 100644
--- a/tests/virfilecachetest.c
+++ b/tests/virfilecachetest.c
@@ -110,7 +110,8 @@ testFileCacheNewData(const char *name G_GNUC_UNUSED,
 static void *
 testFileCacheLoadFile(const char *filename,
                       const char *name G_GNUC_UNUSED,
-                      void *priv G_GNUC_UNUSED)
+                      void *priv G_GNUC_UNUSED,
+                      bool *outdated G_GNUC_UNUSED)
 {
     testFileCacheObjPtr obj;
     char *data;
-- 
2.24.1

Re: [libvirt PATCH v2] qemu: don't continue loading caps if outdated

Posted by Michal Privoznik 2 weeks ago
On 6/22/20 8:07 PM, Daniel P. Berrangé wrote:
> The XML format used for QEMU capabilities is not required to be
> stable across releases, as we invalidate the cache whenever the
> libvirt binary changes.
> 
> We none the less always try to parse te entire XML file before
> we do any validity checks. Thus if we change the format of any
> part of the data, or change permitted values for enums, then
> libvirtd logs will be spammed with errors.
> 
> These are not in fact errors, but an expected scenario.
> 
> This change makes the loading code validate the cache timestamp
> against the libvirtd timestamp immediately. If they don't match
> then we stop loading the rest of the XML file.
> 
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>   src/qemu/qemu_capabilities.c | 63 +++++++++++++++++++++++-------------
>   src/qemu/qemu_capspriv.h     |  6 ++--
>   src/util/virfilecache.c      | 11 ++++---
>   src/util/virfilecache.h      | 11 +++++--
>   tests/testutilsqemu.c        |  3 +-
>   tests/virfilecachetest.c     |  3 +-
>   6 files changed, 61 insertions(+), 36 deletions(-)

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

Michal