From nobody Mon Feb 9 13:01:16 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1600356280; cv=none; d=zohomail.com; s=zohoarc; b=TBxEmVQZOcikctmuMlxvWjAd9+eZPp12lviWaBODqmVXKrKk0F/erhh9R0JCW8JISp6RwIH5xRBbUUit6R4rtrVDann6TblmsqykVhlZOGa4y1N31vIH97gr+KVKP8tOOALa9AJWs0PzLytWvQfjgfpuSfGwsTXpUU6TupCUVaw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600356280; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=11n/G3Z9E88d5xfqbqPYIDXg+9oiNi0WBlN26VXKdoU=; b=cGM3LCA9j+/1FRf/9LVPMivmqnBNwBbExaiTs2eqG3rYyYQCfWl92IYMnVExATSvKC/wIlC73RfrmXg6cZLlrIzX70jltLZUTCiJt7Q4XKCmwpLbPmyTzrlPojfy3oYUgnugswL5UEmQqoX8menO8YRz9hlA+4/3woTDSTKicGA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 160035628004429.00879640242556; Thu, 17 Sep 2020 08:24:40 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-224-W3x2ZbI5N3ij50AZT8aqUg-1; Thu, 17 Sep 2020 11:24:34 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A19AF80EF8A; Thu, 17 Sep 2020 15:24:29 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7F29873662; Thu, 17 Sep 2020 15:24:29 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4F2D0183D050; Thu, 17 Sep 2020 15:24:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 08HFOQRm017881 for ; Thu, 17 Sep 2020 11:24:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 01EC11F2; Thu, 17 Sep 2020 15:24:26 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-114-29.ams2.redhat.com [10.36.114.29]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3B1EB60CC0; Thu, 17 Sep 2020 15:24:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1600356278; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=11n/G3Z9E88d5xfqbqPYIDXg+9oiNi0WBlN26VXKdoU=; b=QIkq11pgOLXGhJQqS1SB6ZVv2qkjFYOx9QWPtPHNMwayrfg7V7RZjEvkYVct8i7Xu1YYGs 71WOW+HenPAEehmAaGivi5BXB/XgURIfOxDxVhjK7cugxkXLrEe93qtrqmGIjN4KFR9FAX dbV8iyPYmGbnGhkdf0d7VvOzZF13WIE= X-MC-Unique: W3x2ZbI5N3ij50AZT8aqUg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: libvir-list@redhat.com Subject: [libvirt PATCH 8/9] Jailhouse driver: Fixes for creation of cells, fetching cell info, disabling jailhouse hypervisor Date: Thu, 17 Sep 2020 16:23:58 +0100 Message-Id: <20200917152359.1621763-9-berrange@redhat.com> In-Reply-To: <20200917152359.1621763-1-berrange@redhat.com> References: <20200917152359.1621763-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com Cc: Prakhar Bansal X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" From: Prakhar Bansal - Added xmlopt to the Jailhouse driver - Added ACL check in ConnectOpen --- src/jailhouse/jailhouse_api.c | 48 +++++++++++++------------- src/jailhouse/jailhouse_driver.c | 58 ++++++++++++++++++++------------ 2 files changed, 61 insertions(+), 45 deletions(-) diff --git a/src/jailhouse/jailhouse_api.c b/src/jailhouse/jailhouse_api.c index 510e2f5f66..bb82b5a31e 100644 --- a/src/jailhouse/jailhouse_api.c +++ b/src/jailhouse/jailhouse_api.c @@ -69,15 +69,9 @@ char *readSysfsCellString(const unsigned int id, const c= har *entry); =20 int cell_match(const struct dirent *dirent); =20 -int createCell(const char *conf_file); - -int loadImagesInCell(virJailhouseCellId cell_id, char *images, int num_ima= ges); - -int shutdownCell(virJailhouseCellId cell_id); +int cell_match_info(const struct dirent *dirent); =20 -int startCell(virJailhouseCellId cell_id); - -int destroyCell(virJailhouseCellId cell_id); +int createCell(const char *conf_file); =20 int getCellInfo(const unsigned int id, virJailhouseCellInfoPtr * cell_info); @@ -121,25 +115,31 @@ jailhouseDisable(void) fd =3D openDev(); =20 err =3D ioctl(fd, JAILHOUSE_DISABLE); - if (err) + if (err) { virReportSystemError(errno, "%s", _("Failed to disable jailhouse: %s")); + return -1; + } =20 VIR_DEBUG("Jailhouse hypervisor is disabled"); =20 - return err; + return 0; } =20 int cell_match(const struct dirent *dirent) { char *ext =3D strrchr(dirent->d_name, '.'); - return dirent->d_name[0] !=3D '.' - && (STREQ(ext, JAILHOUSE_CELL_FILE_EXTENSION) =3D=3D 0); + && STREQ(ext, JAILHOUSE_CELL_FILE_EXTENSION); } =20 +int +cell_match_info(const struct dirent *dirent) +{ + return dirent->d_name[0] !=3D '.'; +} int createJailhouseCells(const char *dir_path) { @@ -150,7 +150,6 @@ createJailhouseCells(const char *dir_path) =20 if (strlen(dir_path) =3D=3D 0) return ret; - num_entries =3D scandir(dir_path, &namelist, cell_match, alphasort); if (num_entries =3D=3D -1) { if (errno =3D=3D ENOENT) { @@ -170,7 +169,8 @@ createJailhouseCells(const char *dir_path) for (i =3D 0; i < num_entries; i++) { g_autofree char *file_path =3D g_strdup_printf("%s/%s", dir_path, = namelist[i]->d_name); =20 - if (createCell(file_path) !=3D 0) { + + if (createCell(file_path) < 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Cell creation failed with conf found in %s.= "), namelist[i]->d_name); @@ -208,13 +208,13 @@ createCell(const char *conf_file) VIR_AUTOCLOSE fd =3D -1; =20 if (strlen(conf_file) =3D=3D 0) - return err; + return -1; =20 len =3D virFileReadAll(conf_file, MAX_JAILHOUSE_CELL_CONFIG_FILE_SIZE,= &buffer); if (len < 0 || !buffer) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Failed to read the system configuration fil= e")); - return err; + return -1; } =20 cell_create.config_address =3D (unsigned long) buffer; @@ -223,12 +223,14 @@ createCell(const char *conf_file) fd =3D openDev(); =20 err =3D ioctl(fd, JAILHOUSE_CELL_CREATE, &cell_create); - if (err) + if (err) { virReportSystemError(errno, "%s", _("Cell creation failed: %s")); + return -1; + } =20 - return err; + return 0; } =20 void @@ -243,11 +245,11 @@ cellInfoFree(virJailhouseCellInfoPtr cell_info) char * readSysfsCellString(const unsigned int id, const char *entry) { - g_autofree char *buffer =3D NULL; + char *buffer =3D NULL; g_autofree char *file_path =3D NULL; int len =3D -1; =20 - file_path =3D g_strdup_printf(JAILHOUSE_CELLS "%u/%s", id, entry); + file_path =3D g_strdup_printf(JAILHOUSE_CELLS "/%u/%s", id, entry); =20 len =3D virFileReadAll(file_path, 1024, &buffer); if (len < 0 || !buffer) { @@ -277,13 +279,12 @@ getCellInfo(const unsigned int id, virJailhouseCellIn= foPtr *cell_info_ptr) =20 /* get cell name */ tmp =3D readSysfsCellString(id, "name"); - if (virStrncpy(cell_info->id.name, tmp, JAILHOUSE_CELL_ID_NAMELEN, JAI= LHOUSE_CELL_ID_NAMELEN) < 0) { + if (virStrcpy(cell_info->id.name, tmp, JAILHOUSE_CELL_ID_NAMELEN) < 0)= { virReportError(VIR_ERR_INTERNAL_ERROR, _("Cell ID %s too long to be copied to the cell inf= o"), tmp); return -1; } - cell_info->id.name[JAILHOUSE_CELL_ID_NAMELEN] =3D 0; VIR_FREE(tmp); =20 @@ -310,8 +311,7 @@ getJailhouseCellsInfo(void) int num_entries; size_t i; =20 - num_entries =3D - scandir(JAILHOUSE_CELLS, &namelist, cell_match, alphasort); + num_entries =3D scandir(JAILHOUSE_CELLS, &namelist, cell_match_info, a= lphasort); if (num_entries =3D=3D -1) { if (errno =3D=3D ENOENT) { virReportError(VIR_ERR_INTERNAL_ERROR, diff --git a/src/jailhouse/jailhouse_driver.c b/src/jailhouse/jailhouse_dri= ver.c index 46c7759cb8..45b1f35896 100644 --- a/src/jailhouse/jailhouse_driver.c +++ b/src/jailhouse/jailhouse_driver.c @@ -122,7 +122,6 @@ jailhouseCreateAndLoadCells(virJailhouseDriverPtr drive= r) // Create all cells in the hypervisor. if (createJailhouseCells(driver->config->cell_config_dir) < 0) return -1; - // Get all cells created above. driver->cell_info_list =3D getJailhouseCellsInfo(); =20 @@ -136,6 +135,7 @@ jailhouseFreeDriver(virJailhouseDriverPtr driver) return; =20 virMutexDestroy(&driver->lock); + virObjectUnref(driver->xmlopt); virObjectUnref(driver->domains); virObjectUnref(driver->config); VIR_FREE(driver); @@ -147,7 +147,6 @@ jailhouseConnectOpen(virConnectPtr conn, virConfPtr conf G_GNUC_UNUSED, unsigned int flags) { uid_t uid =3D geteuid(); - virCheckFlags(VIR_CONNECT_RO, VIR_DRV_OPEN_ERROR); =20 if (!virConnectValidateURIPath(conn->uri->path, "jailhouse", uid =3D= =3D 0)) @@ -159,8 +158,10 @@ jailhouseConnectOpen(virConnectPtr conn, return VIR_DRV_OPEN_ERROR; } =20 - conn->privateData =3D jailhouse_driver; + if (virConnectOpenEnsureACL(conn) < 0) + return VIR_DRV_OPEN_ERROR; =20 + conn->privateData =3D jailhouse_driver; return VIR_DRV_OPEN_SUCCESS; } =20 @@ -169,16 +170,19 @@ jailhouseConnectOpen(virConnectPtr conn, static int jailhouseConnectClose(virConnectPtr conn) { - conn->privateData =3D NULL; + conn->privateData =3D NULL; =20 - return 0; + return 0; } =20 static int jailhouseStateCleanup(void) { if (!jailhouse_driver) - return -1; + return -1; + + if (jailhouseDisable() < 0) + return -1; =20 if (jailhouse_driver->lockFD !=3D -1) virPidFileRelease(jailhouse_driver->config->stateDir, @@ -187,6 +191,9 @@ jailhouseStateCleanup(void) virMutexDestroy(&jailhouse_driver->lock); =20 jailhouseFreeDriver(jailhouse_driver); + + jailhouse_driver =3D NULL; + return 0; } =20 @@ -199,6 +206,9 @@ jailhouseStateInitialize(bool privileged G_GNUC_UNUSED, virJailhouseDriverConfigPtr cfg =3D NULL; int rc; =20 + if (jailhouse_driver) + return VIR_DRV_STATE_INIT_COMPLETE; + jailhouse_driver =3D g_new0(virJailhouseDriver, 1); jailhouse_driver->lockFD =3D -1; =20 @@ -220,6 +230,10 @@ jailhouseStateInitialize(bool privileged G_GNUC_UNUSED, if (jailhouseLoadConf(cfg) < 0) goto error; =20 + if (!(jailhouse_driver->xmlopt =3D virDomainXMLOptionNew(NULL, NULL, + NULL, NULL, NUL= L))) + goto error; + if (virFileMakePath(cfg->stateDir) < 0) { virReportSystemError(errno, _("Failed to create state dir %s"), cfg->stateDir); @@ -292,7 +306,7 @@ jailhouseConnectListAllDomains(virConnectPtr conn, static virDomainPtr jailhouseDomainLookupByID(virConnectPtr conn, int id) { -virJailhouseDriverPtr driver =3D conn->privateData; + virJailhouseDriverPtr driver =3D conn->privateData; virDomainObjPtr cell; virDomainPtr dom =3D NULL; =20 @@ -409,7 +423,6 @@ jailhouseDomainCreateWithFlags(virDomainPtr domain, virJailhouseCellInfoPtr cell_info; virDomainObjPtr cell; int ret =3D -1; - virCheckFlags(VIR_DOMAIN_NONE, -1); =20 if (!domain->name) { @@ -462,23 +475,23 @@ jailhouseDomainCreateXML(virConnectPtr conn, virDomainPtr dom =3D NULL; virDomainDefPtr def =3D NULL; virDomainObjPtr cell =3D NULL; - virDomainDiskDefPtr disk =3D NULL; virJailhouseCellId cell_id; char **images =3D NULL; int num_images =3D 0, i =3D 0; unsigned int parse_flags =3D VIR_DOMAIN_DEF_PARSE_INACTIVE; + bool removeInactive =3D false; =20 if (flags & VIR_DOMAIN_START_VALIDATE) parse_flags |=3D VIR_DOMAIN_DEF_PARSE_VALIDATE_SCHEMA; =20 - if ((def =3D virDomainDefParseString(xml, NULL, - NULL, parse_flags)) =3D=3D NULL) + if (!(def =3D virDomainDefParseString(xml, driver->xmlopt, + NULL, parse_flags))) goto cleanup; =20 - if ((cell =3D virDomainObjListFindByUUID(driver->domains, def->uuid))) + if (virDomainCreateXMLEnsureACL(conn, def) < 0) goto cleanup; =20 - if (virDomainCreateXMLEnsureACL(conn, def) < 0) + if ((cell =3D virDomainObjListFindByUUID(driver->domains, def->uuid))) goto cleanup; =20 if (!(cell_info =3D virJailhouseFindCellByName(driver, def->name))) { @@ -492,13 +505,13 @@ jailhouseDomainCreateXML(virConnectPtr conn, def->id =3D cell_info->id.id; =20 if (!(cell =3D virDomainObjListAdd(driver->domains, def, - NULL, - VIR_DOMAIN_OBJ_LIST_ADD_LIVE | - VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE, NUL= L))) + driver->xmlopt, 0, NULL))) goto cleanup; =20 def =3D NULL; =20 + removeInactive =3D true; + if (cell->def->ndisks < 1) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", _("Domain XML doesn't contain any disk images")); @@ -513,7 +526,7 @@ jailhouseDomainCreateXML(virConnectPtr conn, =20 if (cell->def->disks[i]->device =3D=3D VIR_DOMAIN_DISK_DEVICE_DISK= && virDomainDiskGetType(cell->def->disks[i]) =3D=3D VIR_STORAGE_T= YPE_FILE) { - disk =3D cell->def->disks[i]; + virDomainDiskDefPtr disk =3D cell->def->disks[i]; const char *src =3D virDomainDiskGetSource(disk); if (!src) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", @@ -525,7 +538,7 @@ jailhouseDomainCreateXML(virConnectPtr conn, num_images++; } else { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("A Jailhouse doamin(cell) can ONLY have FILE = type disks")); + _("A Jailhouse domain(cell) can ONLY have FILE = type disks")); goto cleanup; } } @@ -533,7 +546,7 @@ jailhouseDomainCreateXML(virConnectPtr conn, // Initialize the cell_id. cell_id.id =3D cell->def->id; cell_id.padding =3D 0; - if (virStrncpy(cell_id.name, cell->def->name, JAILHOUSE_CELL_ID_NAMELE= N, JAILHOUSE_CELL_ID_NAMELEN) < 0) { + if (virStrcpy(cell_id.name, cell->def->name, JAILHOUSE_CELL_ID_NAMELEN= ) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Cell name %s length exceeded the limit"), cell->def->name); @@ -561,6 +574,9 @@ jailhouseDomainCreateXML(virConnectPtr conn, dom =3D virGetDomain(conn, cell->def->name, cell->def->uuid, cell->def= ->id); =20 cleanup: + if (!dom && removeInactive && !cell->persistent) + virDomainObjListRemove(driver->domains, cell); + virDomainDefFree(def); virDomainObjEndAPI(&cell); return dom; @@ -671,7 +687,7 @@ jailhouseDomainDestroy(virDomainPtr domain) =20 static int virjailhouseGetDomainTotalCpuStats(virDomainObjPtr cell, - unsigned long long *cpustats) + unsigned long long *cpustats) { // TODO(Prakhar): Not implemented yet. UNUSED(cell); @@ -721,7 +737,7 @@ jailhouseDomainGetState(virDomainPtr domain, goto cleanup; =20 if (virDomainGetStateEnsureACL(domain->conn, cell->def) < 0) - goto cleanup; + goto cleanup; =20 *state =3D virDomainObjGetState(cell, reason); ret =3D 0; --=20 2.26.2