From nobody Fri May 17 10:44:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1618928137; cv=none; d=zohomail.com; s=zohoarc; b=RhYNGSOru8WI3gN9ZsEXbxVABX1K49sTiiDrWaYiOpiLXhs8fm00cHpaqH7zyBlluKCVqJJ2z4MIxNgrTJmFDLAYCkDu4yLVH3PzxQgV7I/lSOSHigIbPtD68WLxRkFBrmlWtkMSaI0UiVgQc7yT4tDHSNw5U6481yG43FdH3pw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1618928137; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=tBlR8TTVuz4xm8ELjtVViwxduZaiWkx5O5CtHJzNfq8=; b=f3FQDjCXzSKhVANyumDy34igD3EYaOuH0H7XMdXih9FYWhWtT2mLwGJ8ZEekIXdet903+Tusb+oyT2uOZyTj8ouTz5tEe+rjSsLiu/x1mNffQSRkfirVhcW7rcw3o/uXMzHEAe5j1zsAsCza0Ia3RdEoqqjnjN9UpYyf7b2CNcU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1618928137824205.4285431618888; Tue, 20 Apr 2021 07:15:37 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-406-drNn5SSMOrWu-IRxbPYkPg-1; Tue, 20 Apr 2021 10:15:32 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 43FF018397A7; Tue, 20 Apr 2021 14:15:27 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 51D5C10016FE; Tue, 20 Apr 2021 14:15:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B84624E58D; Tue, 20 Apr 2021 14:15:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 13KEFNi6005657 for ; Tue, 20 Apr 2021 10:15:23 -0400 Received: by smtp.corp.redhat.com (Postfix) id E78265C1B4; Tue, 20 Apr 2021 14:15:23 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.241]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6A2745C1C4 for ; Tue, 20 Apr 2021 14:15:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1618928135; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=tBlR8TTVuz4xm8ELjtVViwxduZaiWkx5O5CtHJzNfq8=; b=HIZCcjCCE3GnnKKZ0Zu0wRG7wjxvAm/eeUCfQvYiacYYCcMytSnCZlE2v0KxUhlw51W9nA 8Q1bFko7ZAHUle31ruYju8JOzEBbtWx7yK+xIif7wDTsAGRFWjdIgQkm0Ave+4zIuG5A7U BSGRfgOtj3PfC+7p+3NJ3BGXz5pSfs4= X-MC-Unique: drNn5SSMOrWu-IRxbPYkPg-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 1/4] lxc_controller: Initialize ctrl->handshakeFd properly Date: Tue, 20 Apr 2021 16:15:15 +0200 Message-Id: <114ca033e86b255ee2e4f8978b6493c2a3100d18.1618928033.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The lxc_controller has a structure that's keeping its internal state, including so called handshakeFd which is the write end of a pipe that's used to signal to the LXC driver that the container is set up and ready to run. However, the struct member is not initialized to -1, so if anything fails before it is set then the virLXCControllerFree() function tries to close FD 0 (stdin). Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/lxc/lxc_controller.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index ab5fc8b88f..50b2987d9a 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -193,8 +193,8 @@ static virLXCController *virLXCControllerNew(const char= *name) =20 ctrl->timerShutdown =3D -1; ctrl->firstClient =3D true; - ctrl->name =3D g_strdup(name); + ctrl->handshakeFd =3D -1; =20 if (!(driver =3D virLXCControllerDriverNew())) goto error; --=20 2.26.3 From nobody Fri May 17 10:44:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1618928148; cv=none; d=zohomail.com; s=zohoarc; b=j0BV0oRCBWgq3SNNAbzNh0FuSpCL9de8NWs8oXXyeJ8tU3FIH8CJ9l/VYy9+PUTKi254Rt3hStwU6kY1dH681AOELFI4ySEWw5d3Zg5tx8ZVOalxaUtcL/36nr9Q7+pHrBi/3p6yTjG5gS72n8y9tjQmRdth9sYTvFgX/CblV3w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1618928148; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7LgCYSzgpeFTht/Raj3Fo41hjCjJiuK4ebp4uzoDwZc=; b=lXNQInCZtDYmIAvslQiaDyOpL1Bk/DUltly661GushK2ckNgeetuIMcLYm/oa0Y2NOltMQnOk0AgJk2u32m0OYTYfNfhmvtOIEaz09HL2C3iD5xvgfXh8zhibdc/azfLVy6qFt9yWfX0+izhla5x4nWnqr0PPl+HCoCZcshDTYw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1618928148352482.607330602513; Tue, 20 Apr 2021 07:15:48 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-224-QMYIyZkmO4OI5X3VNAMJLQ-1; Tue, 20 Apr 2021 10:15:40 -0400 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D266E81431F; Tue, 20 Apr 2021 14:15:35 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id B2FF52C01F; Tue, 20 Apr 2021 14:15:35 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 7AADC44A5C; Tue, 20 Apr 2021 14:15:35 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 13KEFOh7005664 for ; Tue, 20 Apr 2021 10:15:24 -0400 Received: by smtp.corp.redhat.com (Postfix) id C0C175C1C4; Tue, 20 Apr 2021 14:15:24 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.241]) by smtp.corp.redhat.com (Postfix) with ESMTP id 43B8F5C1B4 for ; Tue, 20 Apr 2021 14:15:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1618928144; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=7LgCYSzgpeFTht/Raj3Fo41hjCjJiuK4ebp4uzoDwZc=; b=DdiKaVWqkR0NlR7eEGJMpvIdKb3U0cGwCzxuGqduFu4J4eM+IaF9p6leX0DxCsz9AkLGM1 FFfwzk7Wp7ljwg1UL+271bAegdG8He/n5keRXALPJJ/SHXA3UlkiFWgNawuzSDBSuc7Ynx 73TfsGJKMhYpgUosLX405gK9B0KoPfU= X-MC-Unique: QMYIyZkmO4OI5X3VNAMJLQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 2/4] lxc_controller: Move closing of handshakeFd out of virLXCControllerDaemonHandshake() Date: Tue, 20 Apr 2021 16:15:16 +0200 Message-Id: <1235e10e2001cb9baa3bf0559ce009e3117d9f45.1618928033.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Future commits will want to reuse the handshakeFd and thus it mustn't be closed in virLXCControllerDaemonHandshake(). Do the closing explicitly afterwards. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/lxc/lxc_controller.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 50b2987d9a..797547b05c 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -353,7 +353,6 @@ static int virLXCControllerDaemonHandshake(virLXCContro= ller *ctrl) _("error sending continue signal to daemon")); return -1; } - VIR_FORCE_CLOSE(ctrl->handshakeFd); return 0; } =20 @@ -2403,6 +2402,9 @@ virLXCControllerRun(virLXCController *ctrl) if (virLXCControllerDaemonHandshake(ctrl) < 0) goto cleanup; =20 + /* and preemptively close handshakeFd */ + VIR_FORCE_CLOSE(ctrl->handshakeFd); + /* We must not hold open a dbus connection for life * of LXC instance, since dbus-daemon is limited to * only a few 100 connections by default --=20 2.26.3 From nobody Fri May 17 10:44:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1618928169; cv=none; d=zohomail.com; s=zohoarc; b=n3lG+KofIfqzwiHq8/Fyk04qsRtg7Qy7M/UZytrAfw6JLtb4KlqywVq8jkN+rOncuiVc0My8cVC0aVhP8GYAwjS1y7NZW/3xHPxjTGoKXVXRiOfc+iTblJnDhrs1Aqpj1notMtzIdZwwRNdEcKHxu+OBM81xyqgO42xJ72I3L4o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1618928169; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=U5Pq+pYvV9VWSxKiKr3zkMvaTAo3/AE1eJ2KGXlSrSw=; b=mOoekQ9M9l1YyvSfsu1opfwZbthvf+yrehlkzSOdsdoh5BaKF628HgL9E04Bt3iSJHp/fUIQ3ppazy1m8wOV2YOjT3jfDRX5EGC5XkLzbu9yS6TlNbCwHxAfcTR3jX9QkzyDHucKQrsEqf524OCHFwMwfz+8txQhyoJMS31m94Y= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1618928169326155.85783658099456; Tue, 20 Apr 2021 07:16:09 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-526-eoSnkFGsP8y9J7xXc66fug-1; Tue, 20 Apr 2021 10:15:44 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 05F5C83DD20; Tue, 20 Apr 2021 14:15:39 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id DB4946A042; Tue, 20 Apr 2021 14:15:38 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id A1C581806D18; Tue, 20 Apr 2021 14:15:38 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 13KEFPkv005672 for ; Tue, 20 Apr 2021 10:15:25 -0400 Received: by smtp.corp.redhat.com (Postfix) id 99F805C1B4; Tue, 20 Apr 2021 14:15:25 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.241]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1CFD25C1A1 for ; Tue, 20 Apr 2021 14:15:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1618928166; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=U5Pq+pYvV9VWSxKiKr3zkMvaTAo3/AE1eJ2KGXlSrSw=; b=QoSRp5DlriNXuX959ClOvtg/XNdlsmfZg0Y/n2DeINQxYuqCLjuNeLRakvzAfxBiaKrtuC La46/KNP4goBX7z13isrF4sxiK6jLz5YMXnJ9rUzftQMcY1DIsQtmEh6ZmH65MYRxnPvYR HbREG3LZxaKk2Uz/J4D/YkZ+Vwn8e0Q= X-MC-Unique: eoSnkFGsP8y9J7xXc66fug-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 3/4] lxc: Pass another pipe to lxc_controller Date: Tue, 20 Apr 2021 16:15:17 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Currently, there is only a single pipe passed to lxc_controller and it is used by lxc_controller to signal to the LXC driver that the container is set up and ready to run. However, in the next commit we will need to signal that the LXC driver has done its part of startup process and thus the controller can proceed. Unfortunately, virCommand handshake can't be used for this, because it's already used to read controller's PID. Signed-off-by: Michal Privoznik Reviewed-by: Martin Kletzander --- src/lxc/lxc_controller.c | 46 ++++++++++++++++++++++++++++------------ src/lxc/lxc_process.c | 21 +++++++++++------- 2 files changed, 46 insertions(+), 21 deletions(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 797547b05c..1c0a370d4b 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -100,7 +100,7 @@ struct _virLXCController { virDomainObj *vm; virDomainDef *def; =20 - int handshakeFd; + int handshakeFds[2]; /* { read FD, write FD } */ =20 pid_t initpid; =20 @@ -194,7 +194,8 @@ static virLXCController *virLXCControllerNew(const char= *name) ctrl->timerShutdown =3D -1; ctrl->firstClient =3D true; ctrl->name =3D g_strdup(name); - ctrl->handshakeFd =3D -1; + ctrl->handshakeFds[0] =3D -1; + ctrl->handshakeFds[1] =3D -1; =20 if (!(driver =3D virLXCControllerDriverNew())) goto error; @@ -311,7 +312,8 @@ static void virLXCControllerFree(virLXCController *ctrl) virCgroupFree(ctrl->cgroup); =20 /* This must always be the last thing to be closed */ - VIR_FORCE_CLOSE(ctrl->handshakeFd); + for (i =3D 0; i < G_N_ELEMENTS(ctrl->handshakeFds); i++) + VIR_FORCE_CLOSE(ctrl->handshakeFds[i]); g_free(ctrl); } =20 @@ -348,7 +350,7 @@ static int virLXCControllerConsoleSetNonblocking(virLXC= ControllerConsole *consol =20 static int virLXCControllerDaemonHandshake(virLXCController *ctrl) { - if (lxcContainerSendContinue(ctrl->handshakeFd) < 0) { + if (lxcContainerSendContinue(ctrl->handshakeFds[1]) < 0) { virReportSystemError(errno, "%s", _("error sending continue signal to daemon")); return -1; @@ -2402,8 +2404,9 @@ virLXCControllerRun(virLXCController *ctrl) if (virLXCControllerDaemonHandshake(ctrl) < 0) goto cleanup; =20 - /* and preemptively close handshakeFd */ - VIR_FORCE_CLOSE(ctrl->handshakeFd); + /* and preemptively close handshakeFds */ + for (i =3D 0; i < G_N_ELEMENTS(ctrl->handshakeFds); i++) + VIR_FORCE_CLOSE(ctrl->handshakeFds[i]); =20 /* We must not hold open a dbus connection for life * of LXC instance, since dbus-daemon is limited to @@ -2431,6 +2434,26 @@ virLXCControllerRun(virLXCController *ctrl) } =20 =20 +static int +parseFDPair(const char *arg, + int (*fd)[2]) +{ + g_auto(GStrv) fds =3D NULL; + + fds =3D g_strsplit(arg, ":", 0); + + if (fds[0] =3D=3D NULL || fds[1] =3D=3D NULL || fds[2] !=3D NULL || + virStrToLong_i(fds[0], NULL, 10, &(*fd)[0]) < 0 || + virStrToLong_i(fds[1], NULL, 10, &(*fd)[1]) < 0) { + fprintf(stderr, "malformed --handshakefd argument '%s'", + optarg); + return -1; + } + + return 0; +} + + int main(int argc, char *argv[]) { pid_t pid; @@ -2439,7 +2462,7 @@ int main(int argc, char *argv[]) size_t nveths =3D 0; char **veths =3D NULL; int ns_fd[VIR_LXC_DOMAIN_NAMESPACE_LAST]; - int handshakeFd =3D -1; + int handshakeFds[2] =3D { -1, -1 }; bool bg =3D false; const struct option options[] =3D { { "background", 0, NULL, 'b' }, @@ -2515,11 +2538,8 @@ int main(int argc, char *argv[]) break; =20 case 's': - if (virStrToLong_i(optarg, NULL, 10, &handshakeFd) < 0) { - fprintf(stderr, "malformed --handshakefd argument '%s'", - optarg); + if (parseFDPair(optarg, &handshakeFds) < 0) goto cleanup; - } break; =20 case 'N': @@ -2578,7 +2598,7 @@ int main(int argc, char *argv[]) goto cleanup; } =20 - if (handshakeFd < 0) { + if (handshakeFds[0] < 0 || handshakeFds[1] < 0) { fprintf(stderr, "%s: missing --handshakefd argument for container = PTY\n", argv[0]); goto cleanup; @@ -2596,7 +2616,7 @@ int main(int argc, char *argv[]) if (!(ctrl =3D virLXCControllerNew(name))) goto cleanup; =20 - ctrl->handshakeFd =3D handshakeFd; + memcpy(&ctrl->handshakeFds, &handshakeFds, sizeof(handshakeFds)); =20 if (!(ctrl->securityManager =3D virSecurityManagerNew(securityDriver, LXC_DRIVER_NAME, 0= ))) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index ac635efe7a..493e19f03d 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -939,7 +939,8 @@ virLXCProcessBuildControllerCmd(virLXCDriver *driver, int *nsInheritFDs, int *files, size_t nfiles, - int handshakefd, + int handshakefdW, + int handshakefdR, int * const logfd, const char *pidfile) { @@ -1003,12 +1004,13 @@ virLXCProcessBuildControllerCmd(virLXCDriver *drive= r, virSecurityManagerGetModel(driver->securityManage= r)); =20 virCommandAddArg(cmd, "--handshakefd"); - virCommandAddArgFormat(cmd, "%d", handshakefd); + virCommandAddArgFormat(cmd, "%d:%d", handshakefdR, handshakefdW); =20 for (i =3D 0; veths && veths[i]; i++) virCommandAddArgList(cmd, "--veth", veths[i], NULL); =20 - virCommandPassFD(cmd, handshakefd, 0); + virCommandPassFD(cmd, handshakefdW, 0); + virCommandPassFD(cmd, handshakefdR, 0); virCommandDaemonize(cmd); virCommandSetPidFile(cmd, pidfile); virCommandSetOutputFD(cmd, logfd); @@ -1198,7 +1200,7 @@ int virLXCProcessStart(virConnectPtr conn, g_autofree char *logfile =3D NULL; int logfd =3D -1; g_auto(GStrv) veths =3D NULL; - int handshakefds[2] =3D { -1, -1 }; + int handshakefds[4] =3D { -1, -1, -1, -1 }; /* two pipes */ off_t pos =3D -1; char ebuf[1024]; g_autofree char *timestamp =3D NULL; @@ -1369,7 +1371,8 @@ int virLXCProcessStart(virConnectPtr conn, goto cleanup; } =20 - if (virPipe(handshakefds) < 0) + if (virPipe(&handshakefds[0]) < 0 || + virPipe(&handshakefds[2]) < 0) goto cleanup; =20 if (!(cmd =3D virLXCProcessBuildControllerCmd(driver, @@ -1379,6 +1382,7 @@ int virLXCProcessStart(virConnectPtr conn, nsInheritFDs, files, nfiles, handshakefds[1], + handshakefds[2], &logfd, pidfile))) goto cleanup; @@ -1448,7 +1452,8 @@ int virLXCProcessStart(virConnectPtr conn, virDomainObjSetState(vm, VIR_DOMAIN_RUNNING, reason); priv->doneStopEvent =3D false; =20 - if (VIR_CLOSE(handshakefds[1]) < 0) { + if (VIR_CLOSE(handshakefds[1]) < 0 || + VIR_CLOSE(handshakefds[2]) < 0) { virReportSystemError(errno, "%s", _("could not close handshake fd"= )); goto cleanup; } @@ -1553,8 +1558,8 @@ int virLXCProcessStart(virConnectPtr conn, virCommandFree(cmd); for (i =3D 0; i < nttyFDs; i++) VIR_FORCE_CLOSE(ttyFDs[i]); - VIR_FORCE_CLOSE(handshakefds[0]); - VIR_FORCE_CLOSE(handshakefds[1]); + for (i =3D 0; i < G_N_ELEMENTS(handshakefds); i++) + VIR_FORCE_CLOSE(handshakefds[i]); virObjectUnref(cfg); virObjectUnref(caps); =20 --=20 2.26.3 From nobody Fri May 17 10:44:31 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1618928385; cv=none; d=zohomail.com; s=zohoarc; b=hykxiiY7R6T4FU3yd8NtVlhaqnE9PKFzCZJad8/z1TX7LMbIU+vY7jlzK+HWLHcOq2i6e3buWz04UsDqBIgUtZ5zk3/UQ0g64jOKtIqdb1LntYR0eDkDU4WnsrfEFGpgjoLnUU4mVvsFsCZKiagQ2pGRS/JoQc/jn241i/yjfXI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1618928385; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=IIAGzxw/EMbAV0ZBPFM6qmaR5jltKMXZfrPBgJmzXSE=; b=ME7R+DqMMI10R0XazjdGpF7mCLyGvpV7Uxr65ka0DQacM/SfFD4+gv/ZIXmTkm7TeUhQ1NrQzHMGeAcWPOdYzjI1ocm2DWGdzqArajfby+BzIjMzGI07eo6qLv4w0T8tQgkYV95+bb+nvJTcfoktQswwy9aSeIm88clFnT65cuc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1618928385463141.7772078222314; Tue, 20 Apr 2021 07:19:45 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-187-Nixy98HrMpOwME5aue1ezQ-1; Tue, 20 Apr 2021 10:15:40 -0400 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7FA1579EC9; Tue, 20 Apr 2021 14:15:33 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5335019D80; Tue, 20 Apr 2021 14:15:33 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 1700844A58; Tue, 20 Apr 2021 14:15:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 13KEFQf1005680 for ; Tue, 20 Apr 2021 10:15:26 -0400 Received: by smtp.corp.redhat.com (Postfix) id 7265D5C1C4; Tue, 20 Apr 2021 14:15:26 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.195.241]) by smtp.corp.redhat.com (Postfix) with ESMTP id E9D415C1A1 for ; Tue, 20 Apr 2021 14:15:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1618928143; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IIAGzxw/EMbAV0ZBPFM6qmaR5jltKMXZfrPBgJmzXSE=; b=MxhfNJsqTKywSTInzQMwp4ENQFy4C2di25Ej3kqco7jz2yaBL20ffVTMyVhzm0JIVMFNMr OnMP4olzpUJb+jZ6gBxyuZuZQJ2qX4IQdafK+hX6U0H9ZHk/9nqnCfyltsK4h+5ZhLCpQg N4RywMCo34uqvmZKFIKXLM9x1WZ1KPc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1618928384; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=IIAGzxw/EMbAV0ZBPFM6qmaR5jltKMXZfrPBgJmzXSE=; b=BgzacrpBgA3qXaIT2vB1usvmQznJsKWHb1Re3teiWzCGuYLvCNNv54De4apDom8rDkvx3y MKW18C1yo/WPFO/xy7+8RIEo0pYFj+8c4To0NXBlUzKcRm9HY9nQEjQ0j4Rh5m8fUerJbm xulbkjvAlEvzDHsQI9vShuil1Y4V2vs= X-MC-Unique: Nixy98HrMpOwME5aue1ezQ-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH 4/4] lxc: Let the driver detect CGroups earlier Date: Tue, 20 Apr 2021 16:15:18 +0200 Message-Id: <24c665dd86a922310bfd6482fde8b411d0655284.1618928033.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) (identity @redhat.com) Content-Type: text/plain; charset="utf-8" This is the bug I'm facing. I deliberately configured a container so that the source of a to passthrough doesn't exist. The start fails with: lxcContainerPivotRoot:669 : Failed to create /non-existent/path/.oldroot:= Permission denied which is expected. But what is NOT expected is that CGroup hierarchy is left behind. This is because the controller sets up the CGroup hierarchy, user namespace, moves interfaces, etc. and finally checks whether container setup (done in a separate process) succeeded. Only after all this the error is propagated to the LXC driver. The driver aborts the startup and tries to perform the cleanup, but this is missing CGroups because those weren't detected yet. Ideally, whenever a function fails, it tries to unroll back so that is has no artifacts left behind (look at all those frees/FD closes/etc. at end of functions). But with CGroups it is different - the controller process can't clean up after itself, because it is still running inside that CGroup. Therefore, what we have to do is to let the driver detect CGroups as soon as they are created, and proceed with controller execution only after that. Signed-off-by: Michal Privoznik --- src/lxc/lxc_controller.c | 19 +++++++++++++++++-- src/lxc/lxc_process.c | 20 ++++++++++++++++++++ 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 1c0a370d4b..33f397c11d 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -348,7 +348,7 @@ static int virLXCControllerConsoleSetNonblocking(virLXC= ControllerConsole *consol } =20 =20 -static int virLXCControllerDaemonHandshake(virLXCController *ctrl) +static int virLXCControllerDaemonHandshakeCont(virLXCController *ctrl) { if (lxcContainerSendContinue(ctrl->handshakeFds[1]) < 0) { virReportSystemError(errno, "%s", @@ -358,6 +358,15 @@ static int virLXCControllerDaemonHandshake(virLXCContr= oller *ctrl) return 0; } =20 +static int virLXCControllerDaemonHandshakeWait(virLXCController *ctrl) +{ + if (lxcContainerWaitForContinue(ctrl->handshakeFds[0]) < 0) { + virReportSystemError(errno, "%s", + _("error waiting for continue signal from dae= mon")); + return -1; + } + return 0; +} =20 static int virLXCControllerValidateNICs(virLXCController *ctrl) { @@ -2372,6 +2381,11 @@ virLXCControllerRun(virLXCController *ctrl) if (virLXCControllerSetupCgroupLimits(ctrl) < 0) goto cleanup; =20 + /* Allow daemon to detect CGroups. */ + if (virLXCControllerDaemonHandshakeCont(ctrl) < 0 || + virLXCControllerDaemonHandshakeWait(ctrl) < 0) + goto cleanup; + if (virLXCControllerSetupUserns(ctrl) < 0) goto cleanup; =20 @@ -2401,7 +2415,8 @@ virLXCControllerRun(virLXCController *ctrl) if (virLXCControllerConsoleSetNonblocking(&(ctrl->consoles[i])) < = 0) goto cleanup; =20 - if (virLXCControllerDaemonHandshake(ctrl) < 0) + /* Allow daemon to connect to the monitor. */ + if (virLXCControllerDaemonHandshakeCont(ctrl) < 0) goto cleanup; =20 /* and preemptively close handshakeFds */ diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index 493e19f03d..55e74e913b 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -1473,6 +1473,7 @@ int virLXCProcessStart(virConnectPtr conn, if (g_atomic_int_add(&driver->nactive, 1) =3D=3D 0 && driver->inhibitC= allback) driver->inhibitCallback(true, driver->inhibitOpaque); =20 + /* The first synchronization point is when the controller creates CGro= ups. */ if (lxcContainerWaitForContinue(handshakefds[0]) < 0) { char out[1024]; =20 @@ -1504,6 +1505,25 @@ int virLXCProcessStart(virConnectPtr conn, goto cleanup; } =20 + if (lxcContainerSendContinue(handshakefds[3]) < 0) { + virReportSystemError(errno, "%s", + _("Failed to send continue signal to controll= er")); + goto cleanup; + } + + /* The second synchronization point is when the controller finished + * creating the container. */ + if (lxcContainerWaitForContinue(handshakefds[0]) < 0) { + char out[1024]; + + if (!(virLXCProcessReadLogOutput(vm, logfile, pos, out, 1024) < 0)= ) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("guest failed to start: %s"), out); + } + + goto cleanup; + } + /* And we can get the first monitor connection now too */ if (!(priv->monitor =3D virLXCProcessConnectMonitor(driver, vm))) { /* Intentionally overwrite the real monitor error message, --=20 2.26.3