From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108559; cv=none; d=zohomail.com; s=zohoarc; b=AWAYBlJEPP67nHzp9GQptQmNd/bOIN1GjXKw+5jf0dT51XBtPpF6IbeaRopvs1CA58LKACvHSG23zBwHGvhfEFVnik9KLHMPLhmR+h+JkNwvpoZAqGkqAGTZUkN159BOwhuFNaflwS/GllAEu2lsfOmugmp8rX6+Psn4AgbAlXk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108559; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=GWfH+BFKNpF/Sr0fUd0EQqUdoeY3uBYRMOLdZG4p7Xg=; b=VC3MabGZ3MSK0FhVtsGOToumyfIOVEPBIZ5iX0n3XR+Q40PIq+9ARqf0xjGbufZ5aML835Re7bNjGrEu2pCJUzkZ0wP3fIt5GJyvX9SsDp3eDdTYACo+rYDtUFwKja0qYTCVq6gHLnt1IO1AzVQ/ckUEh5D/tcARaZQpHo7Mqus= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1652108559128212.3098967407701; Mon, 9 May 2022 08:02:39 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-417-CoKSaiNsPt29RX7Yc4ZHrQ-1; Mon, 09 May 2022 11:02:34 -0400 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 8315D80CC59; Mon, 9 May 2022 15:02:27 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id E8DF0416141; Mon, 9 May 2022 15:02:26 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 6AAAE1947077; Mon, 9 May 2022 15:02:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3E59A1947040 for ; Mon, 9 May 2022 15:02:23 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 30A371121315; Mon, 9 May 2022 15:02:23 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id CC56A1121330 for ; Mon, 9 May 2022 15:02:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108558; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=GWfH+BFKNpF/Sr0fUd0EQqUdoeY3uBYRMOLdZG4p7Xg=; b=XFe/4A29+ETfWQfG3MJ9sgwBlUEy0+yCc55L2TV6kdzdgYftxMg1VOgZWWUfDApVvJR6T/ O3ldVem1wfLAU55yPj+7JTboglenuX05zqZYakz4YU7caGrlS+SeFfQjdVXVzJ8O3rogY+ GxVSk5URVNeIdxoIQ3WoxcWXInSMd9o= X-MC-Unique: CoKSaiNsPt29RX7Yc4ZHrQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 01/10] qemu_tpm: Make APIs work over a single virDomainTPMDef Date: Mon, 9 May 2022 17:02:08 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108560987100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In qemu_extdevice.c lives code that handles helper daemons that are required for some types of devices (e.g. virtiofsd, vhost-user-gpu, swtpm, etc.). These devices have their own handling code in separate files, with only a very basic functions exposed (e.g. for starting/stopping helper process, placing it into given CGroup, etc.). And these functions all work over a single instance of device (virDomainVideoDef *, virDomainFSDef *, etc.), except for TPM handling code which takes virDomainDef * and iterates over it inside its module. Remove this oddness and make qemuExtTPM*() functions look closer to the rest of the code. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_extdevice.c | 51 ++++++++++++++++------ src/qemu/qemu_tpm.c | 89 +++++++++++---------------------------- src/qemu/qemu_tpm.h | 11 +++-- 3 files changed, 69 insertions(+), 82 deletions(-) diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index 537b130394..234815c075 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -73,8 +73,15 @@ static int qemuExtDevicesInitPaths(virQEMUDriver *driver, virDomainDef *def) { - if (def->ntpms > 0) - return qemuExtTPMInitPaths(driver, def); + size_t i; + + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDef *tpm =3D def->tpms[i]; + + if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && + qemuExtTPMInitPaths(driver, def, tpm) < 0) + return -1; + } =20 return 0; } @@ -135,9 +142,13 @@ qemuExtDevicesPrepareHost(virQEMUDriver *driver, if (qemuExtDevicesInitPaths(driver, def) < 0) return -1; =20 - if (def->ntpms > 0 && - qemuExtTPMPrepareHost(driver, def) < 0) - return -1; + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDef *tpm =3D def->tpms[i]; + + if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && + qemuExtTPMPrepareHost(driver, def, tpm) < 0) + return -1; + } =20 for (i =3D 0; i < def->nnets; i++) { virDomainNetDef *net =3D def->nets[i]; @@ -155,11 +166,14 @@ void qemuExtDevicesCleanupHost(virQEMUDriver *driver, virDomainDef *def) { + size_t i; + if (qemuExtDevicesInitPaths(driver, def) < 0) return; =20 - if (def->ntpms > 0) - qemuExtTPMCleanupHost(def); + for (i =3D 0; i < def->ntpms; i++) { + qemuExtTPMCleanupHost(def->tpms[i]); + } } =20 =20 @@ -180,8 +194,13 @@ qemuExtDevicesStart(virQEMUDriver *driver, } } =20 - if (def->ntpms > 0 && qemuExtTPMStart(driver, vm, incomingMigration) <= 0) - return -1; + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDef *tpm =3D def->tpms[i]; + + if (tpm->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && + qemuExtTPMStart(driver, vm, tpm, incomingMigration) < 0) + return -1; + } =20 for (i =3D 0; i < def->nnets; i++) { virDomainNetDef *net =3D def->nets[i]; @@ -222,8 +241,10 @@ qemuExtDevicesStop(virQEMUDriver *driver, qemuExtVhostUserGPUStop(driver, vm, video); } =20 - if (def->ntpms > 0) - qemuExtTPMStop(driver, vm); + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + qemuExtTPMStop(driver, vm); + } =20 for (i =3D 0; i < def->nnets; i++) { virDomainNetDef *net =3D def->nets[i]; @@ -299,9 +320,11 @@ qemuExtDevicesSetupCgroup(virQEMUDriver *driver, return -1; } =20 - if (def->ntpms > 0 && - qemuExtTPMSetupCgroup(driver, def, cgroup) < 0) - return -1; + for (i =3D 0; i < def->ntpms; i++) { + if (def->tpms[i]->type =3D=3D VIR_DOMAIN_TPM_TYPE_EMULATOR && + qemuExtTPMSetupCgroup(driver, def, cgroup) < 0) + return -1; + } =20 for (i =3D 0; i < def->nfss; i++) { virDomainFSDef *fs =3D def->fss[i]; diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 56bccee128..086780edcd 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -971,86 +971,59 @@ qemuTPMEmulatorStart(virQEMUDriver *driver, =20 int qemuExtTPMInitPaths(virQEMUDriver *driver, - virDomainDef *def) + virDomainDef *def, + virDomainTPMDef *tpm) { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); - size_t i; =20 - for (i =3D 0; i < def->ntpms; i++) { - if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - return qemuTPMEmulatorInitPaths(def->tpms[i], - cfg->swtpmStorageDir, - cfg->swtpmLogDir, - def->name, - def->uuid); - } - - return 0; + return qemuTPMEmulatorInitPaths(tpm, + cfg->swtpmStorageDir, + cfg->swtpmLogDir, + def->name, + def->uuid); } =20 =20 int qemuExtTPMPrepareHost(virQEMUDriver *driver, - virDomainDef *def) + virDomainDef *def, + virDomainTPMDef *tpm) { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D virDomainDefGetShortName(def); - size_t i; =20 if (!shortName) return -1; =20 - for (i =3D 0; i < def->ntpms; i++) { - if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - return qemuTPMEmulatorPrepareHost(def->tpms[i], cfg->swtpmLogDir, - cfg->swtpm_user, - cfg->swtpm_group, - cfg->swtpmStateDir, cfg->user, - shortName); - } - - return 0; + return qemuTPMEmulatorPrepareHost(tpm, + cfg->swtpmLogDir, + cfg->swtpm_user, + cfg->swtpm_group, + cfg->swtpmStateDir, + cfg->user, + shortName); } =20 =20 void -qemuExtTPMCleanupHost(virDomainDef *def) +qemuExtTPMCleanupHost(virDomainTPMDef *tpm) { - size_t i; - - for (i =3D 0; i < def->ntpms; i++) { - if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - qemuTPMEmulatorCleanupHost(def->tpms[i]); - } + qemuTPMEmulatorCleanupHost(tpm); } =20 =20 int qemuExtTPMStart(virQEMUDriver *driver, virDomainObj *vm, + virDomainTPMDef *tpm, bool incomingMigration) { g_autofree char *shortName =3D virDomainDefGetShortName(vm->def); - size_t i; =20 if (!shortName) return -1; =20 - for (i =3D 0; i < vm->def->ntpms; i++) { - if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - return qemuTPMEmulatorStart(driver, vm, shortName, vm->def->tpms[i= ], - incomingMigration); - } - - return 0; + return qemuTPMEmulatorStart(driver, vm, shortName, tpm, incomingMigrat= ion); } =20 =20 @@ -1060,20 +1033,12 @@ qemuExtTPMStop(virQEMUDriver *driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D virDomainDefGetShortName(vm->def); - size_t i; =20 if (!shortName) return; =20 - for (i =3D 0; i < vm->def->ntpms; i++) { - if (vm->def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - qemuTPMEmulatorStop(cfg->swtpmStateDir, shortName); - qemuSecurityCleanupTPMEmulator(driver, vm); - } - - return; + qemuTPMEmulatorStop(cfg->swtpmStateDir, shortName); + qemuSecurityCleanupTPMEmulator(driver, vm); } =20 =20 @@ -1084,18 +1049,12 @@ qemuExtTPMSetupCgroup(virQEMUDriver *driver, { g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); g_autofree char *shortName =3D virDomainDefGetShortName(def); - size_t i; =20 if (!shortName) return -1; =20 - for (i =3D 0; i < def->ntpms; i++) { - if (def->tpms[i]->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) - continue; - - if (qemuExtTPMEmulatorSetupCgroup(cfg->swtpmStateDir, shortName, c= group) < 0) - return -1; - } + if (qemuExtTPMEmulatorSetupCgroup(cfg->swtpmStateDir, shortName, cgrou= p) < 0) + return -1; =20 return 0; } diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index da8ce4c369..9951f025a6 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -23,22 +23,27 @@ #include "vircommand.h" =20 int qemuExtTPMInitPaths(virQEMUDriver *driver, - virDomainDef *def) + virDomainDef *def, + virDomainTPMDef *tpm) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) G_GNUC_WARN_UNUSED_RESULT; =20 int qemuExtTPMPrepareHost(virQEMUDriver *driver, - virDomainDef *def) + virDomainDef *def, + virDomainTPMDef *tpm) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) + ATTRIBUTE_NONNULL(3) G_GNUC_WARN_UNUSED_RESULT; =20 -void qemuExtTPMCleanupHost(virDomainDef *def) +void qemuExtTPMCleanupHost(virDomainTPMDef *tpm) ATTRIBUTE_NONNULL(1); =20 int qemuExtTPMStart(virQEMUDriver *driver, virDomainObj *vm, + virDomainTPMDef *def, bool incomingMigration) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) + ATTRIBUTE_NONNULL(3) G_GNUC_WARN_UNUSED_RESULT; =20 void qemuExtTPMStop(virQEMUDriver *driver, --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108572; cv=none; d=zohomail.com; s=zohoarc; b=N7NqzwDYKt4gLzth173fmDn2q2s8haslvp36aU9+/jtdiS6YFkNg5MFzsfqxmNledr+pHxhqbvyngLmmnANmXgGpQGyi4RlJaedDnpCrcozWMuxySA+vdaqLEjPVom3dDe7P0CHyX7VxcfdatSFoaCbNJ28+S5+0qK8eqzi5Lso= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108572; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=yvx8qhE5GRQeMQ/t4nJgpdJAAFlyPFMO3zlXa922ylc=; b=S1OWP+sErgljQJGhhEe0w5NZmEpXf84y65AlLyaAGWSbDQLElvkgkpP4L6JNiUpScaDY56t1VvwHWyQJnJd4T4exb3QB7s9rftb+f08aMKvqp+WNJZs3bs+XsdVOrY0G5/wbD8n8Xk1RfRnmyA43bTJTsKsCuCFlOYGn1/JycKM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1652108572253712.9545869559354; Mon, 9 May 2022 08:02:52 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-622-2n25rIipO_SiKizCDBQOxg-1; Mon, 09 May 2022 11:02:43 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 80A328041B6; Mon, 9 May 2022 15:02:27 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8C94A14C3018; Mon, 9 May 2022 15:02:26 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id D4F40194706C; Mon, 9 May 2022 15:02:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CD0C11947040 for ; Mon, 9 May 2022 15:02:23 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id C20551121330; Mon, 9 May 2022 15:02:23 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 6975D1121315 for ; Mon, 9 May 2022 15:02:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108571; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=yvx8qhE5GRQeMQ/t4nJgpdJAAFlyPFMO3zlXa922ylc=; b=XP0cJfDXMHX8oE6GikDXNheho7Z4oyhlBVjX9R53K0dArNZY5YistnCikpK1MpsKIlma6T 8qDibQvqx9dLUS7wHn8D3D276ubaIcVsYjhWM7CgB6nEvg1/DIMCNwIw/T7XP1yNWx7Mmy Fi0IrRkE+No+FlmNgiXUURiYcxv2nC0= X-MC-Unique: 2n25rIipO_SiKizCDBQOxg-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 02/10] qemu_dbus: Separate PID read code into qemuDBusGetPID Date: Mon, 9 May 2022 17:02:09 +0200 Message-Id: <2ead1fb5b15156f68108521b5ca6df7b85c7db6b.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.7 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108573445100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In near future it will be necessary to know the PID of DBus daemon started for QEMU. Move the code into a separate function (qemuDBusGetPID()) and export it in the header file. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_dbus.c | 42 +++++++++++++++++++++++++++++------------- src/qemu/qemu_dbus.h | 4 ++++ 2 files changed, 33 insertions(+), 13 deletions(-) diff --git a/src/qemu/qemu_dbus.c b/src/qemu/qemu_dbus.c index 2ed8f8640d..0eae1aa2fe 100644 --- a/src/qemu/qemu_dbus.c +++ b/src/qemu/qemu_dbus.c @@ -146,28 +146,44 @@ qemuDBusStop(virQEMUDriver *driver, } =20 =20 +int +qemuDBusGetPID(virQEMUDriver *driver, + virDomainObj *vm, + pid_t *pid) +{ + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + qemuDomainObjPrivate *priv =3D vm->privateData; + g_autofree char *shortName =3D NULL; + g_autofree char *pidfile =3D NULL; + + if (!priv->dbusDaemonRunning) + return 0; + + if (!(shortName =3D virDomainDefGetShortName(vm->def))) + return -1; + pidfile =3D qemuDBusCreatePidFilename(cfg, shortName); + if (virPidFileReadPath(pidfile, pid) < 0) { + VIR_WARN("Unable to get DBus PID"); + return -1; + } + + return 0; +} + + int qemuDBusSetupCgroup(virQEMUDriver *driver, virDomainObj *vm, virCgroup *cgroup) { - g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); - qemuDomainObjPrivate *priv =3D vm->privateData; - g_autofree char *shortName =3D NULL; - g_autofree char *pidfile =3D NULL; pid_t cpid =3D -1; =20 - if (!priv->dbusDaemonRunning) + if (qemuDBusGetPID(driver, vm, &cpid) < 0) + return -1; + + if (cpid =3D=3D -1) return 0; =20 - if (!(shortName =3D virDomainDefGetShortName(vm->def))) - return -1; - pidfile =3D qemuDBusCreatePidFilename(cfg, shortName); - if (virPidFileReadPath(pidfile, &cpid) < 0) { - VIR_WARN("Unable to get DBus PID"); - return -1; - } - return virCgroupAddProcess(cgroup, cpid); } =20 diff --git a/src/qemu/qemu_dbus.h b/src/qemu/qemu_dbus.h index b27f38a591..a079976aa4 100644 --- a/src/qemu/qemu_dbus.h +++ b/src/qemu/qemu_dbus.h @@ -34,6 +34,10 @@ void qemuDBusVMStateAdd(virDomainObj *vm, const char *id= ); =20 void qemuDBusVMStateRemove(virDomainObj *vm, const char *id); =20 +int qemuDBusGetPID(virQEMUDriver *driver, + virDomainObj *vm, + pid_t *pid); + int qemuDBusSetupCgroup(virQEMUDriver *driver, virDomainObj *vm, virCgroup *cgroup); --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108578; cv=none; d=zohomail.com; s=zohoarc; b=jzh3e3tX9qms8fhGhWDgn03yFRKt91hBLCxYy/YP/ROu6+A4WNA8fNJdLxcYJcBop0keXRJ7RandDMt9e4TFKZLctq12vLBfx7EloWSnyuE49PEWSoVHrPJ7Za+Q5ZVJhoN+lWd4ff3g0WThia3qi9Y7oggQClE47ZP7jBY79I0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108578; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=99R086LxCAnyDoB0gfCSEY7FYLySOzeeZR1O4B7eDlA=; b=OxGSBOZBs0j0Fa8N00txSP+YNH/joKW9s2UjbzqR89g/weQBPWeTxNwn9iLDuiOLN9sODlR3U8RFP6oyalzDgT0ZobjERtyblCpVAhDy+2PWaADpbMHXt9lkKkUOS1sBGxDGhGKAI6R+L1tAAc0cyWVzXQ1WQTdU+j/ibvlOSoQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1652108578201549.3330553413508; Mon, 9 May 2022 08:02:58 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-283-p6gCCB9MOLyrOPQZ4SYnrQ-1; Mon, 09 May 2022 11:02:36 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id DB8F82932490; Mon, 9 May 2022 15:02:29 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id C8CA140D2829; Mon, 9 May 2022 15:02:29 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id AD98A1947051; Mon, 9 May 2022 15:02:29 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id E80941947040 for ; Mon, 9 May 2022 15:02:28 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id CC0A91121330; Mon, 9 May 2022 15:02:28 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7392E111E403 for ; Mon, 9 May 2022 15:02:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108577; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=99R086LxCAnyDoB0gfCSEY7FYLySOzeeZR1O4B7eDlA=; b=GQqbovH7euU5kAebg9Bnz2meHbjRHB4C6vIAme/Hq/TlUUuxVytjTxpz/PACc10R+GKNiX edxVBDFDJK6PMKJoWN6D5zBdDmptVnMH29J6ozcjFpKKsOpUdcOb1yaj8KToq/yl7m7BYN dCgurMEgrWpGXCkA+sXQObdqKppIqSQ= X-MC-Unique: p6gCCB9MOLyrOPQZ4SYnrQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 03/10] qemu_vhost_user_gpu: Export qemuVhostUserGPUGetPid() Date: Mon, 9 May 2022 17:02:10 +0200 Message-Id: <57b647f6a09bc5a0bb1ea20ad26c7d531c0a78fa.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108579098100003 Content-Type: text/plain; charset="utf-8"; x-default="true" In near future it will be necessary to know the PID of vhost-user-gpu process for QEMU. Export the function that does just that (qemuVhostUserGPUGetPid()). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_vhost_user_gpu.c | 2 +- src/qemu/qemu_vhost_user_gpu.h | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_vhost_user_gpu.c b/src/qemu/qemu_vhost_user_gpu.c index 6f601cebde..d108566976 100644 --- a/src/qemu/qemu_vhost_user_gpu.c +++ b/src/qemu/qemu_vhost_user_gpu.c @@ -63,7 +63,7 @@ qemuVhostUserGPUCreatePidFilename(const char *stateDir, * If the PID was not still alive, zero will be returned, and @pid will be * set to -1; */ -static int +int qemuVhostUserGPUGetPid(const char *stateDir, const char *shortName, const char *alias, diff --git a/src/qemu/qemu_vhost_user_gpu.h b/src/qemu/qemu_vhost_user_gpu.h index 0d50dd2464..bde7104af6 100644 --- a/src/qemu/qemu_vhost_user_gpu.h +++ b/src/qemu/qemu_vhost_user_gpu.h @@ -40,6 +40,14 @@ void qemuExtVhostUserGPUStop(virQEMUDriver *driver, virDomainVideoDef *video) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); =20 +int +qemuVhostUserGPUGetPid(const char *stateDir, + const char *shortName, + const char *alias, + pid_t *pid) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3) + G_GNUC_WARN_UNUSED_RESULT; + int qemuExtVhostUserGPUSetupCgroup(virQEMUDriver *driver, virDomainDef *def, --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108601; cv=none; d=zohomail.com; s=zohoarc; b=iKjJCmvbkM+wBxy/IL70IzDMzejoUNYDZf5ehaBcSnL1luXGLYgxkMj64oUupBU98FkHlJxpmvQIGfmwBjXcmeD9kqvTDU7IDsyA8wNXwGuJ0N6dchK6b4o1XFU51TE1IO7HFgyQRQml41sQBMK/TUnd4D3zgaoIrC6+AoY4F5s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108601; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=P4jvCnmnRwHoaQYeEq3sNWJm4UGkzS/wIUWqHrW5IvY=; b=ATvjX8Fsvp1av9i8TLiGXXtlk1BkNzhPS0R8/zwzG0DwjG81MLUrmiq22Cz5rYQb0fHYOtP+eWwvQguAWFnWOmtBtRqFuJNfyVNy7ZXHQrkGuqjKtMcMq4osVYyHjw1PSjS5d8ondP9XHyOLGI73MQxEBPv3yFiXI5om+2aysQg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1652108601799555.6102923134972; Mon, 9 May 2022 08:03:21 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-499-TtVSlcO_NnC453DONHdOQA-1; Mon, 09 May 2022 11:02:42 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2C3E580418D; Mon, 9 May 2022 15:02:33 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1A08614C300D; Mon, 9 May 2022 15:02:33 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 02FE71947051; Mon, 9 May 2022 15:02:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 41E231947040 for ; Mon, 9 May 2022 15:02:32 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 2015D111E3F8; Mon, 9 May 2022 15:02:32 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id BC4E0111E410 for ; Mon, 9 May 2022 15:02:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108600; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=P4jvCnmnRwHoaQYeEq3sNWJm4UGkzS/wIUWqHrW5IvY=; b=QIZ2HUmAcWAAGp1R1ajyl6C3WVn3HZ+DYyp/bTzDdRc2DCHoWMP4ws//Et5aIWnc++LMrV 5gzPa7fkOLkFSt4BboDZzIY1/6fqUige5b8/1obzmDytz3HDB8/+v1nRC66lZV7SRS/1Ql e4JIyDarEOi0ZrkNrZR38wS8HliXdJI= X-MC-Unique: TtVSlcO_NnC453DONHdOQA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 04/10] qemu_tpm: Expose qemuTPMEmulatorGetPid() Date: Mon, 9 May 2022 17:02:11 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.7 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108603291100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In near future it will be necessary to know the PID of swtpm process for QEMU. Export the function that does just that (qemuTPMEmulatorGetPid()). Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_tpm.c | 2 +- src/qemu/qemu_tpm.h | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_tpm.c b/src/qemu/qemu_tpm.c index 086780edcd..bf86f2fe39 100644 --- a/src/qemu/qemu_tpm.c +++ b/src/qemu/qemu_tpm.c @@ -143,7 +143,7 @@ qemuTPMEmulatorPidFileBuildPath(const char *swtpmStateD= ir, * If the PID was not still alive, zero will be returned, and @pid will be * set to -1; */ -static int +int qemuTPMEmulatorGetPid(const char *swtpmStateDir, const char *shortName, pid_t *pid) diff --git a/src/qemu/qemu_tpm.h b/src/qemu/qemu_tpm.h index 9951f025a6..9f4d01f60b 100644 --- a/src/qemu/qemu_tpm.h +++ b/src/qemu/qemu_tpm.h @@ -50,6 +50,13 @@ void qemuExtTPMStop(virQEMUDriver *driver, virDomainObj *vm) ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2); =20 +int qemuTPMEmulatorGetPid(const char *swtpmStateDir, + const char *shortName, + pid_t *pid) + ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) + ATTRIBUTE_NONNULL(3) + G_GNUC_WARN_UNUSED_RESULT; + int qemuExtTPMSetupCgroup(virQEMUDriver *driver, virDomainDef *def, virCgroup *cgroup) --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108576; cv=none; d=zohomail.com; s=zohoarc; b=UCQDH/KZED4yv1YgL/oztR+L+I9sB3L8CLOVLsoLQWD9O5qyWssh7M1H5n7yRPym+oOj2RdnZkC/9PCxMVGsutyVBspTbq202mXmbo4Xrj+m3E8NcbzKnQ7TgDhxcrWA/XgefLfgBTGDGOPxhdy75ucLV6i3ur3Zl2kHMPWsihI= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108576; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FsDAAcSYI7raARBriyHyaeMSkxegAkHPmoE8AnKIAwc=; b=j1boUhRz6cwqM7LIC8TCh6Yibxp+71k8Rp7nqWCJ7C/Rb4H+xAqqQ8cvmX7EiRiAFsdH9USyD4xfAkc7LTbdXRiKQQNI4DHMRI7Gs2hXnVpoJVWLZ4zCQoqJyuLn+ftUUymdJxpXx0wWZjhgM3vHmc3w2iu5zwlJpBtipcH4D6s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 1652108576770362.85032558823286; Mon, 9 May 2022 08:02:56 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-361-I2T-3dX0OZGBlxb-sCntSA-1; Mon, 09 May 2022 11:02:49 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 9405E80B90C; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4D74F2166B2F; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2840F1947051; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 0ECE41947040 for ; Mon, 9 May 2022 15:02:42 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id EDB35111E403; Mon, 9 May 2022 15:02:41 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 95060111E3FB for ; Mon, 9 May 2022 15:02:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108575; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=FsDAAcSYI7raARBriyHyaeMSkxegAkHPmoE8AnKIAwc=; b=K3UDG9ndDnva2RRxNhUQAk/ztO4/yKnnbT8MhcelPxo6MhzzeDZY2e1n9YWiksar3d59/I WNsd6qlxEN+Tp+gsa1JucdajAEdAh5bQD3VErNpXaOoiILpf5d2HIfQF6NIeP+RpE7fANR mD0uloGef6BbMvLKtXCS42vBWp7TXVk= X-MC-Unique: I2T-3dX0OZGBlxb-sCntSA-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 05/10] qemu_virtiofs: Separate PID read code into qemuVirtioFSGetPid Date: Mon, 9 May 2022 17:02:12 +0200 Message-Id: <932de1df94e35fda786e0527831775b926b9fb98.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108577133100001 Content-Type: text/plain; charset="utf-8"; x-default="true" In near future it will be necessary to know the PID of virtiofsd started for QEMU. Move the code into a separate function (qemuVirtioFSGetPid()) and export it in the header file. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/qemu/qemu_virtiofs.c | 38 +++++++++++++++++++++++++------------- src/qemu/qemu_virtiofs.h | 5 +++++ 2 files changed, 30 insertions(+), 13 deletions(-) diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c index 7e3324b017..b3a2d2990a 100644 --- a/src/qemu/qemu_virtiofs.c +++ b/src/qemu/qemu_virtiofs.c @@ -319,26 +319,38 @@ qemuVirtioFSStop(virQEMUDriver *driver G_GNUC_UNUSED, } =20 =20 + +int +qemuVirtioFSGetPid(virDomainObj *vm, + virDomainFSDef *fs, + pid_t *pid) +{ + g_autofree char *pidfile =3D NULL; + int rc; + + if (!(pidfile =3D qemuVirtioFSCreatePidFilename(vm, fs->info.alias))) + return -1; + + rc =3D virPidFileReadPathIfAlive(pidfile, pid, NULL); + if (rc < 0 || *pid =3D=3D (pid_t) -1) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("virtiofsd died unexpectedly")); + return -1; + } + + return 0; +} + + int qemuVirtioFSSetupCgroup(virDomainObj *vm, virDomainFSDef *fs, virCgroup *cgroup) { - g_autofree char *pidfile =3D NULL; pid_t pid =3D -1; - int rc; =20 - if (!(pidfile =3D qemuVirtioFSCreatePidFilename(vm, fs->info.alias))) - return -1; - - rc =3D virPidFileReadPathIfAlive(pidfile, &pid, NULL); - if (rc < 0 || pid =3D=3D (pid_t) -1) { - virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - _("virtiofsd died unexpectedly")); - return -1; - } - - if (virCgroupAddProcess(cgroup, pid) < 0) + if (qemuVirtioFSGetPid(vm, fs, &pid) < 0 || + virCgroupAddProcess(cgroup, pid) < 0) return -1; =20 return 0; diff --git a/src/qemu/qemu_virtiofs.h b/src/qemu/qemu_virtiofs.h index 5463acef98..dd3fbfa555 100644 --- a/src/qemu/qemu_virtiofs.h +++ b/src/qemu/qemu_virtiofs.h @@ -35,6 +35,11 @@ qemuVirtioFSStop(virQEMUDriver *driver, virDomainObj *vm, virDomainFSDef *fs); =20 +int +qemuVirtioFSGetPid(virDomainObj *vm, + virDomainFSDef *fs, + pid_t *pid); + int qemuVirtioFSSetupCgroup(virDomainObj *vm, virDomainFSDef *fs, --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108581; cv=none; d=zohomail.com; s=zohoarc; b=gHlAoikx28wRxGZLcVB2EkxT3HiB1o7BEJMx/HL88Jg7BMfiz/05eIsreRgUK4039d71HAOJRSQ0+1a4asft9Gw2/b3tL+M5L9sliQJ7Z6EhkRSrgqZKu7Z/g4ZhWwBJ01WRdmymN8lje/KzsU91w9uyyM6emSaKBOIpI7rHahs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108581; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=EQgSH0xzGhDRLc18o/tttF6XHasqw8uhvB559Pm7cE0=; b=Z6GxdkWOH9M9HvRd0ZwybluLfFJ6lq0/BCowRuGmpTw/QVQdRlI21b3ogcgtk1hjL1dzW4hRbZjfkogTPAOp7n1jAGLzXCCXfiGWUu5icNTTJ5egNqUj2OcQMJmj4oFqU6IghJauv6g2tCF6djgVRlcG/cD7UUInwzsYwz5y+qg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 16521085812321003.2386001411129; Mon, 9 May 2022 08:03:01 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-352-gxAGMNwjMX-pb3r9ED-ZEw-1; Mon, 09 May 2022 11:02:50 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B0E5D3C1903F; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9AC4A2024CD7; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 538D7194706A; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9ED941947040 for ; Mon, 9 May 2022 15:02:42 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 8A0C6111E403; Mon, 9 May 2022 15:02:42 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 31CAE111E3FB for ; Mon, 9 May 2022 15:02:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108580; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=EQgSH0xzGhDRLc18o/tttF6XHasqw8uhvB559Pm7cE0=; b=DsAiVDyqiYJDMhbRhX6RxGb1k8/GxrvsJIG6jbZ4mVRJCtrZUN8z+XKAwyxn9MaCQnBPdC HHvnOhtJWaOSSeycNXH1FzKnes8GcmhS5tUNoxvTmrq2X5D/75hllFdKlvvFSxVFyn2jlz takGc3Vib7cjE2fDR5dLKu/mFZDBOaQ= X-MC-Unique: gxAGMNwjMX-pb3r9ED-ZEw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 06/10] virprocess: Core Scheduling support Date: Mon, 9 May 2022 17:02:13 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108583210100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Since its 5.14 release the Linux kernel allows userspace to define trusted groups of processes/threads that can run on sibling Hyper Threads (HT) at the same time. This is to mitigate side channel attacks like L1TF or MDS. If there are no tasks to fully utilize all HTs, then a HT will idle instead of running a task from another (un-)trusted group. On low level, this is implemented by cookies (effectively an UL value): processes in the same trusted group share the same cookie and cookie is unique to the group. There are four basic operations: 1) PR_SCHED_CORE_GET -- get cookie of given PID, 2) PR_SCHED_CORE_CREATE -- create a new unique cookie for PID, 3) PR_SCHED_CORE_SHARE_TO -- push cookie of the caller onto another PID, 4) PR_SCHED_CORE_SHARE_FROM -- pull cookie of another PID into the caller. Since a system where the code is built can be different to the one where the code is ran let's provide declaration of some values. It's not unusual for distros to ship older linux-headers than the actual kernel. Signed-off-by: Michal Privoznik Reviewed-by: Daniel P. Berrang=C3=A9 --- src/libvirt_private.syms | 4 ++ src/util/virprocess.c | 124 +++++++++++++++++++++++++++++++++++++++ src/util/virprocess.h | 8 +++ 3 files changed, 136 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 97bfca906b..252d7e029f 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3129,6 +3129,10 @@ virProcessKillPainfullyDelay; virProcessNamespaceAvailable; virProcessRunInFork; virProcessRunInMountNamespace; +virProcessSchedCoreAvailable; +virProcessSchedCoreCreate; +virProcessSchedCoreShareFrom; +virProcessSchedCoreShareTo; virProcessSchedPolicyTypeFromString; virProcessSchedPolicyTypeToString; virProcessSetAffinity; diff --git a/src/util/virprocess.c b/src/util/virprocess.c index 36d7df050a..cd4f3fc7e7 100644 --- a/src/util/virprocess.c +++ b/src/util/virprocess.c @@ -57,6 +57,10 @@ # include #endif =20 +#if WITH_CAPNG +# include +#endif + #include "virprocess.h" #include "virerror.h" #include "viralloc.h" @@ -1906,3 +1910,123 @@ virProcessGetSchedInfo(unsigned long long *cpuWait, return 0; } #endif /* __linux__ */ + +#ifdef __linux__ +# ifndef PR_SCHED_CORE +/* Copied from linux/prctl.h */ +# define PR_SCHED_CORE 62 +# define PR_SCHED_CORE_GET 0 +# define PR_SCHED_CORE_CREATE 1 /* create unique core_sched cookie */ +# define PR_SCHED_CORE_SHARE_TO 2 /* push core_sched cookie to pid */ +# define PR_SCHED_CORE_SHARE_FROM 3 /* pull core_sched cookie to pid */ +# endif + +/* Unfortunately, kernel-headers forgot to export these. */ +# ifndef PR_SCHED_CORE_SCOPE_THREAD +# define PR_SCHED_CORE_SCOPE_THREAD 0 +# define PR_SCHED_CORE_SCOPE_THREAD_GROUP 1 +# define PR_SCHED_CORE_SCOPE_PROCESS_GROUP 2 +# endif + +/** + * virProcessSchedCoreAvailable: + * + * Check whether kernel supports Core Scheduling (CONFIG_SCHED_CORE), i.e.= only + * a defined set of PIDs/TIDs can run on sibling Hyper Threads at the same + * time. + * + * Returns: 1 if Core Scheduling is available, + * 0 if Core Scheduling is NOT available, + * -1 otherwise. + */ +int +virProcessSchedCoreAvailable(void) +{ + unsigned long cookie =3D 0; + int rc; + + /* Let's just see if we can get our own sched cookie, and if yes we can + * safely assume CONFIG_SCHED_CORE kernel is available. */ + rc =3D prctl(PR_SCHED_CORE, PR_SCHED_CORE_GET, 0, + PR_SCHED_CORE_SCOPE_THREAD, &cookie); + + return rc =3D=3D 0 ? 1 : errno =3D=3D EINVAL ? 0 : -1; +} + +/** + * virProcessSchedCoreCreate: + * + * Creates a new trusted group for the caller process. + * + * Returns: 0 on success, + * -1 otherwise, with errno set. + */ +int +virProcessSchedCoreCreate(void) +{ + /* pid =3D 0 (3rd argument) means the calling process. */ + return prctl(PR_SCHED_CORE, PR_SCHED_CORE_CREATE, 0, + PR_SCHED_CORE_SCOPE_THREAD_GROUP, 0); +} + +/** + * virProcessSchedCoreShareFrom: + * @pid: PID to share group with + * + * Places the current caller process into the trusted group of @pid. + * + * Returns: 0 on success, + * -1 otherwise, with errno set. + */ +int +virProcessSchedCoreShareFrom(pid_t pid) +{ + return prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_FROM, pid, + PR_SCHED_CORE_SCOPE_THREAD, 0); +} + +/** + * virProcessSchedCoreShareTo: + * @pid: PID to share group with + * + * Places foreign @pid into the trusted group of the current caller proces= s. + * + * Returns: 0 on success, + * -1 otherwise, with errno set. + */ +int +virProcessSchedCoreShareTo(pid_t pid) +{ + return prctl(PR_SCHED_CORE, PR_SCHED_CORE_SHARE_TO, pid, + PR_SCHED_CORE_SCOPE_THREAD, 0); +} + +#else /* !__linux__ */ + +int +virProcessSchedCoreAvailable(void) +{ + return 0; +} + +int +virProcessSchedCoreCreate(void) +{ + errno =3D ENOSYS; + return -1; +} + +int +virProcessSchedCoreShareFrom(pid_t pid G_GNUC_UNUSED) +{ + errno =3D ENOSYS; + return -1; +} + +int +virProcessSchedCoreShareTo(pid_t pid G_GNUC_UNUSED) +{ + errno =3D ENOSYS; + return -1; +} +#endif /* !__linux__ */ diff --git a/src/util/virprocess.h b/src/util/virprocess.h index 086fbe0e4d..e01f9a24ee 100644 --- a/src/util/virprocess.h +++ b/src/util/virprocess.h @@ -202,3 +202,11 @@ int virProcessGetStatInfo(unsigned long long *cpuTime, int virProcessGetSchedInfo(unsigned long long *cpuWait, pid_t pid, pid_t tid); + +int virProcessSchedCoreAvailable(void); + +int virProcessSchedCoreCreate(void); + +int virProcessSchedCoreShareFrom(pid_t pid); + +int virProcessSchedCoreShareTo(pid_t pid); --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108587; cv=none; d=zohomail.com; s=zohoarc; b=LJokZGYJzZowg1QsZU2UEh2IIdKgmHRUcYWUy8txo7mg7dUp/1+MW+EGI9gvTb681I/AGsWaZAE1skTmB9G4NSvCrinQa9ePC1YQsMt2GXPyo5RGHhOQjnXpW4JDmQX6SgOD2dyRTcB/iuq3x34PHbLjCJJVdjkHuGiTFsVi218= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108587; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=hUtNHZ+LSDRnZQFNQ8cOY7jy3C2iDI7lnXJtAN/NHtM=; b=E1juxuMFskEnvYB5sxmoAULqaKd+tQAUzptR8J+TJQ07UnGSFRzAhBSwAYnR2L5GiZIpxFWEki5ogVKXLJynRcfGxmE5vqvHsSpmxX/zLwFrXKEuYQ8pyuKDvJ2OmBPqU0oIgixgHpaz0XaFIkzybtHnQ1UmBBv0LW3vDpWlRC8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1652108587741481.009284822676; Mon, 9 May 2022 08:03:07 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-502-JDOaws7KNXa8B9lZ8uKOoQ-1; Mon, 09 May 2022 11:02:52 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 68B24382ECD7; Mon, 9 May 2022 15:02:45 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 537FD14C3B46; Mon, 9 May 2022 15:02:45 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id EB3571947070; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 360EC1947040 for ; Mon, 9 May 2022 15:02:43 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 27268111E403; Mon, 9 May 2022 15:02:43 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id C2EEF111E3FB for ; Mon, 9 May 2022 15:02:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108586; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=hUtNHZ+LSDRnZQFNQ8cOY7jy3C2iDI7lnXJtAN/NHtM=; b=GZqLRmZ9yiVbe7b+t9doH2WCSWcyl2Jd1EmjCLDmfMXZKVlBCBg0gfK/+ivQ50M1oa/65D +Y4v3sm1YxhsWhYMykZJXYMo8WiMrdRM19Fy5D0Afaji1Uj533QqnQhSreRZMqh0meLhtk jZpz1w1/PNxf/9YJmEROc2+46Vsk29U= X-MC-Unique: JDOaws7KNXa8B9lZ8uKOoQ-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 07/10] virCommand: Introduce APIs for core scheduling Date: Mon, 9 May 2022 17:02:14 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.7 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108589499100001 Content-Type: text/plain; charset="utf-8"; x-default="true" There are two modes of core scheduling that are handy wrt virCommand: 1) create new trusted group when executing a virCommand 2) place freshly executed virCommand into the trusted group of another process. Therefore, implement these two new operations as new APIs: virCommandSetRunAlone() and virCommandSetRunAmong(), respectively. Signed-off-by: Michal Privoznik --- src/libvirt_private.syms | 2 ++ src/util/vircommand.c | 74 ++++++++++++++++++++++++++++++++++++++++ src/util/vircommand.h | 5 +++ 3 files changed, 81 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 252d7e029f..8f2b789cee 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2079,6 +2079,8 @@ virCommandSetOutputBuffer; virCommandSetOutputFD; virCommandSetPidFile; virCommandSetPreExecHook; +virCommandSetRunAlone; +virCommandSetRunAmong; virCommandSetSELinuxLabel; virCommandSetSendBuffer; virCommandSetUID; diff --git a/src/util/vircommand.c b/src/util/vircommand.c index 41cf552d7b..db20620f7c 100644 --- a/src/util/vircommand.c +++ b/src/util/vircommand.c @@ -148,6 +148,9 @@ struct _virCommand { #endif int mask; =20 + bool schedCore; + pid_t schedCorePID; + virCommandSendBuffer *sendBuffers; size_t numSendBuffers; }; @@ -434,6 +437,22 @@ virCommandHandshakeChild(virCommand *cmd) static int virExecCommon(virCommand *cmd, gid_t *groups, int ngroups) { + /* Do this before dropping capabilities. */ + if (cmd->schedCore && + virProcessSchedCoreCreate() < 0) { + virReportSystemError(errno, "%s", + _("Unable to set SCHED_CORE")); + return -1; + } + + if (cmd->schedCorePID >=3D 0 && + virProcessSchedCoreShareFrom(cmd->schedCorePID) < 0) { + virReportSystemError(errno, + _("Unable to run among %llu"), + (unsigned long long) cmd->schedCorePID); + return -1; + } + if (cmd->uid !=3D (uid_t)-1 || cmd->gid !=3D (gid_t)-1 || cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS)) { VIR_DEBUG("Setting child uid:gid to %d:%d with caps %llx", @@ -964,6 +983,7 @@ virCommandNewArgs(const char *const*args) cmd->pid =3D -1; cmd->uid =3D -1; cmd->gid =3D -1; + cmd->schedCorePID =3D -1; =20 virCommandAddArgSet(cmd, args); =20 @@ -3437,3 +3457,57 @@ virCommandRunNul(virCommand *cmd G_GNUC_UNUSED, return -1; } #endif /* WIN32 */ + +/** + * virCommandSetRunAlone: + * + * Create new trusted group when running the command. In other words, the + * process won't be scheduled to run on a core among with processes from + * another, untrusted group. + */ +void +virCommandSetRunAlone(virCommand *cmd) +{ + if (virCommandHasError(cmd)) + return; + + if (cmd->schedCorePID >=3D 0) { + /* Can't mix these two. */ + cmd->has_error =3D -1; + VIR_DEBUG("cannot mix with virCommandSetRunAmong()"); + return; + } + + cmd->schedCore =3D true; +} + +/** + * virCommandSetRunAmong: + * @pid: pid from a trusted group + * + * When spawning the command place it into the trusted group of @pid so th= at + * these two processes can run on Hyper Threads of a single core at the sa= me + * time. + */ +void +virCommandSetRunAmong(virCommand *cmd, + pid_t pid) +{ + if (virCommandHasError(cmd)) + return; + + if (cmd->schedCore) { + /* Can't mix these two. */ + VIR_DEBUG("cannot mix with virCommandSetRunAlone()"); + cmd->has_error =3D -1; + return; + } + + if (pid < 0) { + VIR_DEBUG("invalid pid value: %lld", (long long) pid); + cmd->has_error =3D -1; + return; + } + + cmd->schedCorePID =3D pid; +} diff --git a/src/util/vircommand.h b/src/util/vircommand.h index 600806a987..0b03ea005c 100644 --- a/src/util/vircommand.h +++ b/src/util/vircommand.h @@ -225,4 +225,9 @@ int virCommandRunNul(virCommand *cmd, virCommandRunNulFunc func, void *data); =20 +void virCommandSetRunAlone(virCommand *cmd); + +void virCommandSetRunAmong(virCommand *cmd, + pid_t pid); + G_DEFINE_AUTOPTR_CLEANUP_FUNC(virCommand, virCommandFree); --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108645; cv=none; d=zohomail.com; s=zohoarc; b=VwC7Wum1v9kqXLrykCB73vDeTsL+uLZYf2XzumeWdsH62+H3MdJ8xSBHXvrW+6VRxGMKotxTVxbDRCLxxkiRPcEzIkWBFRAn5Cd+3jfnaCjjyYBOf0Xrr5rW1masMB6+PjAnbGiBAADETtdx3QC6GIT8rVKQmz+EFpsWg43yVJ8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108645; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=rp+Mo0iVsPzIYCJUn257NaJCzrYcB8ubPzJZs7iuxvQ=; b=HaOFZJWxwj3ZZ1DD2AxplUW05Zgrw55IONl879AhONOD+WOCaJbpKvBagwMR3S5PpmvnODUWAt/eNAF/pQ6VrMyJNq3HZyBpbq9YtT9DmnO91Iio562iEr4Fki0kjh3DZ9qoDpvXDb0/GC5JWOwV/AitJMeHQ3zOVJJ0sBHF0ZU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1652108645353293.5197898978282; Mon, 9 May 2022 08:04:05 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-597-z_FxObPHMtyMFQ-_o3Xduw-1; Mon, 09 May 2022 11:02:54 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 889F118A0167; Mon, 9 May 2022 15:02:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7354E14C3B35; Mon, 9 May 2022 15:02:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 3DECA1947060; Mon, 9 May 2022 15:02:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id CBEC21947055 for ; Mon, 9 May 2022 15:02:43 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id B83BD111E403; Mon, 9 May 2022 15:02:43 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5FE3B111E3FB for ; Mon, 9 May 2022 15:02:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108644; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=rp+Mo0iVsPzIYCJUn257NaJCzrYcB8ubPzJZs7iuxvQ=; b=UAV1ExHFgG/06JrWrY/Ki3LeGzeKT/fJRY2vhmCspuyFNHvQSl39ViWY2+quo41W1AH9+e 3WQ0p1EX3jXsdHVU6SuNoZ3VsSZXNYVjfl+uhJ5/ljsGtiQR1ppk4W86vx/t9KUqS9wARZ KEJb6abJItdtgr/oeJ66LhxCNYm6Ifg= X-MC-Unique: z_FxObPHMtyMFQ-_o3Xduw-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 08/10] qemu_conf: Introduce a knob to turn off SCHED_CORE Date: Mon, 9 May 2022 17:02:15 +0200 Message-Id: <7eb2e4ae55ed6ed4aa430472f9347e433722cdd1.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.85 on 10.11.54.7 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108646565100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Ideally, we would just pick the best default and users wouldn't have to intervene at all. But in some cases it may be handy to not bother with SCHED_CORE at all and thus let users turn the feature off in qemu.conf. Signed-off-by: Michal Privoznik --- src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf.in | 5 +++++ src/qemu/qemu_conf.c | 24 ++++++++++++++++++++++++ src/qemu/qemu_conf.h | 2 ++ src/qemu/test_libvirtd_qemu.aug.in | 1 + 5 files changed, 33 insertions(+) diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index 0f18775121..28a8db2b43 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -110,6 +110,7 @@ module Libvirtd_qemu =3D | bool_entry "dump_guest_core" | str_entry "stdio_handler" | int_entry "max_threads_per_process" + | bool_entry "sched_core" =20 let device_entry =3D bool_entry "mac_filter" | bool_entry "relaxed_acs_check" diff --git a/src/qemu/qemu.conf.in b/src/qemu/qemu.conf.in index 04b7740136..ece822edc3 100644 --- a/src/qemu/qemu.conf.in +++ b/src/qemu/qemu.conf.in @@ -952,3 +952,8 @@ # DO NOT use in production. # #deprecation_behavior =3D "none" + +# If this is set then QEMU and its threads will run with SCHED_CORE set, +# meaning no other foreign process will share Hyper Threads of a single co= re +# with QEMU nor with any of its helper process. +#sched_core =3D 1 diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index c22cf79cbe..03d8da0157 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -286,6 +286,8 @@ virQEMUDriverConfig *virQEMUDriverConfigNew(bool privil= eged, =20 cfg->deprecationBehavior =3D g_strdup("none"); =20 + cfg->schedCore =3D virProcessSchedCoreAvailable() =3D=3D 1; + return g_steal_pointer(&cfg); } =20 @@ -634,6 +636,8 @@ virQEMUDriverConfigLoadProcessEntry(virQEMUDriverConfig= *cfg, g_auto(GStrv) hugetlbfs =3D NULL; g_autofree char *stdioHandler =3D NULL; g_autofree char *corestr =3D NULL; + bool schedCore; + int rc; size_t i; =20 if (virConfGetValueStringList(conf, "hugetlbfs_mount", true, @@ -711,6 +715,26 @@ virQEMUDriverConfigLoadProcessEntry(virQEMUDriverConfi= g *cfg, } } =20 + if ((rc =3D virConfGetValueBool(conf, "sched_core", &schedCore)) < 0) { + return -1; + } else if (rc > 0) { + if (schedCore) { + int rv =3D virProcessSchedCoreAvailable(); + + if (rv < 0) { + virReportSystemError(errno, "%s", + _("Unable to detect SCHED_CORE")); + return -1; + } else if (rv =3D=3D 0) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("SCHED_CORE not supported by kernel")); + return -1; + } + } + + cfg->schedCore =3D schedCore; + } + return 0; } =20 diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index c71a666aea..32899859c0 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -223,6 +223,8 @@ struct _virQEMUDriverConfig { char **capabilityfilters; =20 char *deprecationBehavior; + + bool schedCore; }; =20 G_DEFINE_AUTOPTR_CLEANUP_FUNC(virQEMUDriverConfig, virObjectUnref); diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qe= mu.aug.in index 757d21c33f..9f3f98d524 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -116,3 +116,4 @@ module Test_libvirtd_qemu =3D { "1" =3D "capname" } } { "deprecation_behavior" =3D "none" } +{ "sched_core" =3D "1" } --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) client-ip=170.10.129.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108578; cv=none; d=zohomail.com; s=zohoarc; b=P9nJGtm3kVUEY8VD5XRAW6b5Bg1zlqwQCnyf9cyMaDSdfSaUfgObkFQuFaIh6hNjGDZOb6DhVzPMxtGB/u8KFMyCfuvS3t1visOSeQ1mFEnF1Qosxfa0IMNUnm5QziQusl66LQc5etC+pBy+4lYPIp3DP7uz7EMhRpp5MKYFXfo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108578; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=UOHosGj93EpHVa9tlIgDseQo+PvY9V5c2EBwCFYfCmY=; b=mzhFDYeAlVIE5YgyotjvAti0uYZ203Gr2uGGxtAXLKDK/egVPcVZgoahd8kQGdACChFpeMH8tsDRFHiVim8smO24zE8wghN7SAI92EYesClBW4/Quu/Ny0C/2wmo2EpmcYMIlQ/vw8drCtVMmtBYWDKPcpbkQkQdyBM1oMjEpqI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mx.zohomail.com with SMTPS id 165210857826430.529513608479874; Mon, 9 May 2022 08:02:58 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-501-ZaFat-hzPiiZqhs2geK3-Q-1; Mon, 09 May 2022 11:02:53 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 017F380B716; Mon, 9 May 2022 15:02:47 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id DB13A40D2829; Mon, 9 May 2022 15:02:46 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id AAA581947061; Mon, 9 May 2022 15:02:46 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 76C3D194706E for ; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id 54D8C111E410; Mon, 9 May 2022 15:02:44 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id F0EC7111E3FB for ; Mon, 9 May 2022 15:02:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108577; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=UOHosGj93EpHVa9tlIgDseQo+PvY9V5c2EBwCFYfCmY=; b=SbnyQH9ReeDH2yjBLslUAw+jJyQT2Hn21nFtawiwKOwnf73odc22viBNSzri8B+XPAz8Rv Br8NS+cSPfnfYyOflglFpNO9k9omLg79FrqtWV95fdJ22na15yKEzcmkMtiTU4ZY0UCczo 31ZQW0r4t4ktxe3JQg4Kgciy6KWE2fo= X-MC-Unique: ZaFat-hzPiiZqhs2geK3-Q-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 09/10] qemu: Enable SCHED_CORE for domains and helper processes Date: Mon, 9 May 2022 17:02:16 +0200 Message-Id: <492fbda54566332a34f49813b3ee948a17bd3400.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108579129100004 Content-Type: text/plain; charset="utf-8"; x-default="true" Despite all mitigations, side channel attacks when two processes run at two Hyper Threads of the same core are still possible. Fortunately, the Linux kernel came up with a solution: userspace can create so called trusted groups, which are sets of processes and only processes of the same group can run on sibling Hyper Threads. Of course, two processes of different groups can run on different cores, because there's no known side channel attack. It's only Hyper Threads that are affected. Having said that, it's a clear security win for users when enabled for QEMU. Signed-off-by: Michal Privoznik --- src/qemu/qemu_process.c | 5 +++++ src/qemu/qemu_security.c | 4 ++++ src/qemu/qemu_virtiofs.c | 3 +++ 3 files changed, 12 insertions(+) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index b0b00eb0a2..0a49008124 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -2923,6 +2923,9 @@ qemuProcessStartManagedPRDaemon(virDomainObj *vm) * qemu (so that it shares the same view of the system). */ virCommandSetPreExecHook(cmd, qemuProcessStartPRDaemonHook, vm); =20 + if (cfg->schedCore && vm->pid !=3D -1) + virCommandRunAmong(cmd, vm->pid); + if (virCommandRun(cmd, NULL) < 0) goto cleanup; =20 @@ -7472,6 +7475,8 @@ qemuProcessLaunch(virConnectPtr conn, virCommandSetMaxProcesses(cmd, cfg->maxProcesses); if (cfg->maxFiles > 0) virCommandSetMaxFiles(cmd, cfg->maxFiles); + if (cfg->schedCore) + virCommandRunAlone(cmd); =20 /* In this case, however, zero means that core dumps should be * disabled, and so we always need to set the limit explicitly */ diff --git a/src/qemu/qemu_security.c b/src/qemu/qemu_security.c index 3be1766764..0fe1555406 100644 --- a/src/qemu/qemu_security.c +++ b/src/qemu/qemu_security.c @@ -683,6 +683,8 @@ qemuSecurityCommandRun(virQEMUDriver *driver, int *exitstatus, int *cmdret) { + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + if (virSecurityManagerSetChildProcessLabel(driver->securityManager, vm->def, cmd) < 0) return -1; @@ -691,6 +693,8 @@ qemuSecurityCommandRun(virQEMUDriver *driver, virCommandSetUID(cmd, uid); if (gid !=3D (gid_t) -1) virCommandSetGID(cmd, gid); + if (cfg->schedCore && vm->pid !=3D -1) + virCommandRunAmong(cmd, vm->pid); =20 if (virSecurityManagerPreFork(driver->securityManager) < 0) return -1; diff --git a/src/qemu/qemu_virtiofs.c b/src/qemu/qemu_virtiofs.c index b3a2d2990a..0a3548065f 100644 --- a/src/qemu/qemu_virtiofs.c +++ b/src/qemu/qemu_virtiofs.c @@ -248,6 +248,9 @@ qemuVirtioFSStart(virQEMUDriver *driver, virCommandNonblockingFDs(cmd); virCommandDaemonize(cmd); =20 + if (cfg->schedCore && vm->pid !=3D -1) + virCommandRunAmong(cmd, vm->pid); + if (qemuExtDeviceLogCommand(driver, vm, cmd, "virtiofsd") < 0) goto error; =20 --=20 2.35.1 From nobody Sat Apr 20 13:38:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) client-ip=170.10.133.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1652108610; cv=none; d=zohomail.com; s=zohoarc; b=FSQ2PXMNRgiKPq9p3fjRpc8w6M8mg9fYqxFRfQlQ7rkaT8yfBG9fNlXLjpOXuI+wTbZ+dB42zkJBslBa8IAZLMcKO/0axzJ6naxA9eb7etR+yX8xgoqPNVvdcQC6/J74qkHgU9fhSCij4uv8X6Ol5M9VVzkQjPGuf2TDbOjMlKE= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1652108610; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Q7LMtISRPhCS7QnJShTzFAPHlOpQNoRvprintn0udtU=; b=Vjce2VbJWZGtmvZhBdMsPG7ICPm7XK0nEuZheH8keSmkiK6vTSOrzcQ0+7ZKEoBZ/lnXP7TryFXPuBUmtP/At0ptyz421FuPO9ArBm40Wy8I6+Dr1wODpUkXRv3gMvsIcODMkrFRmCV4f8w45rvlsYw+zdaPMYwagckwsAoY1PM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com with SMTPS id 1652108610102619.2531533775896; Mon, 9 May 2022 08:03:30 -0700 (PDT) Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-386-H74YFhYLNduVfabTHxnZ9g-1; Mon, 09 May 2022 11:03:24 -0400 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 5C95F382ECD8; Mon, 9 May 2022 15:03:14 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100]) by smtp.corp.redhat.com (Postfix) with ESMTP id 495284010E4D; Mon, 9 May 2022 15:03:14 +0000 (UTC) Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 2393F1947051; Mon, 9 May 2022 15:03:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.rdu2.redhat.com [10.11.54.3]) by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id B93231947051 for ; Mon, 9 May 2022 15:03:12 +0000 (UTC) Received: by smtp.corp.redhat.com (Postfix) id A618A1121330; Mon, 9 May 2022 15:03:12 +0000 (UTC) Received: from maggie.redhat.com (unknown [10.43.2.180]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4E03F1121315 for ; Mon, 9 May 2022 15:02:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1652108608; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Q7LMtISRPhCS7QnJShTzFAPHlOpQNoRvprintn0udtU=; b=QmMbcx29E27GyTtN+TZPKaZ8mjXdapLOw+OMhl9GoEPuPILr+o0dluM1rcD49vBarlBAk8 IuST7kdHsO1yeVAp1xqzvwmhYM8r+Jb0KIAODReNyL4/N21NAQWB5Atbmg81SW/+zEsNQs 2tZSgZ5PzOylCR/soT4Y02amL+z19g8= X-MC-Unique: H74YFhYLNduVfabTHxnZ9g-1 X-Original-To: libvir-list@listman.corp.redhat.com From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH RFC 10/10] qemu: Place helper processes into the same trusted group Date: Mon, 9 May 2022 17:02:17 +0200 Message-Id: <80ff94b8f1031279106078b915234715da299bff.1652106787.git.mprivozn@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.78 on 10.11.54.3 X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libvir-list-bounces@redhat.com Sender: "libvir-list" X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) X-ZM-MESSAGEID: 1652108611384100001 Content-Type: text/plain; charset="utf-8"; x-default="true" Since the level of trust that QEMU has is the same level of trust that helper processes have there's no harm in placing all of them into the same group. Unfortunately, since these processes are started before QEMU we can't use brand new virCommand*() APIs (those are used on hotplug though) and have to use the low level virProcess*() APIs. Moreover, because there no (kernel) API that would copy cookie from one process to another WITHOUT modifying the cookie of the process that's doing the copy, we have to fork() and use available copy APIs. Signed-off-by: Michal Privoznik --- src/qemu/qemu_extdevice.c | 120 ++++++++++++++++++++++++++++++++++++++ src/qemu/qemu_extdevice.h | 3 + src/qemu/qemu_process.c | 4 ++ 3 files changed, 127 insertions(+) diff --git a/src/qemu/qemu_extdevice.c b/src/qemu/qemu_extdevice.c index 234815c075..611ea8d640 100644 --- a/src/qemu/qemu_extdevice.c +++ b/src/qemu/qemu_extdevice.c @@ -337,3 +337,123 @@ qemuExtDevicesSetupCgroup(virQEMUDriver *driver, =20 return 0; } + + +static int +qemuExtDevicesSetupSchedHelper(pid_t ppid G_GNUC_UNUSED, + void *opaque) +{ + GSList *pids =3D opaque; + GSList *next; + pid_t vmPid; + + /* The first item on the list is special: it's the PID of the + * QEMU that has the cookie we want to copy to the rest. */ + vmPid =3D GPOINTER_TO_INT(pids->data); + if (virProcessSchedCoreShareFrom(vmPid) < 0) { + virReportSystemError(errno, + _("Unable to get core group of: %lld"), + (long long) vmPid); + return -1; + } + + VIR_DEBUG("SCHED_CORE: vmPid =3D %lld", (long long) vmPid); + + for (next =3D pids->next; next; next =3D next->next) { + pid_t pid =3D GPOINTER_TO_INT(next->data); + + VIR_DEBUG("SCHED_CORE: share to %lld", (long long) pid); + if (virProcessSchedCoreShareTo(pid) < 0) { + virReportSystemError(errno, + _("Unable to share core group to: %lld"), + (long long) pid); + return -1; + } + } + + return 0; +} + + +int +qemuExtDevicesSetupSched(virQEMUDriver *driver, + virDomainObj *vm) +{ + g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(driver); + virDomainDef *def =3D vm->def; + g_autofree char *shortname =3D NULL; + g_autoptr(GSList) pids =3D NULL; + size_t i; + pid_t cpid =3D -1; + + if (cfg->schedCore =3D=3D false) + return 0; + + shortname =3D virDomainDefGetShortName(def); + if (!shortname) + return -1; + + if (qemuDBusGetPID(driver, vm, &cpid) < 0) + return -1; + + if (cpid !=3D -1) + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(cpid)); + + for (i =3D 0; i < def->nvideos; i++) { + virDomainVideoDef *video =3D def->videos[i]; + + if (video->backend !=3D VIR_DOMAIN_VIDEO_BACKEND_TYPE_VHOSTUSER) + continue; + + if (qemuVhostUserGPUGetPid(cfg->stateDir, shortname, video->info.a= lias, &cpid) < 0) + return -1; + + if (cpid !=3D -1) + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(cpid)); + } + + for (i =3D 0; i < def->nnets; i++) { + virDomainNetDef *net =3D def->nets[i]; + qemuSlirp *slirp =3D QEMU_DOMAIN_NETWORK_PRIVATE(net)->slirp; + + if (slirp && slirp->pid !=3D -1) + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(slirp->pid)); + } + + for (i =3D 0; i < def->ntpms; i++) { + virDomainTPMDef *tpm =3D def->tpms[i]; + + if (tpm->type !=3D VIR_DOMAIN_TPM_TYPE_EMULATOR) + continue; + + if (qemuTPMEmulatorGetPid(cfg->swtpmStateDir, shortname, &cpid) < = 0) + return -1; + + if (cpid !=3D -1) + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(cpid)); + } + + for (i =3D 0; i < def->nfss; i++) { + virDomainFSDef *fs =3D def->fss[i]; + + if (fs->sock || + fs->fsdriver !=3D VIR_DOMAIN_FS_DRIVER_TYPE_VIRTIOFS) + continue; + + if (qemuVirtioFSGetPid(vm, fs, &cpid) < 0) + return -1; + + if (cpid !=3D -1) + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(cpid)); + } + + /* Exit early if there's nothing to do, to avoid needless fork. */ + if (!pids) + return 0; + + pids =3D g_slist_prepend(pids, GINT_TO_POINTER(vm->pid)); + + /* Unfortunately, there's no better way of copying scheduling + * cookies than fork(). */ + return virProcessRunInFork(qemuExtDevicesSetupSchedHelper, pids); +} diff --git a/src/qemu/qemu_extdevice.h b/src/qemu/qemu_extdevice.h index 43d2a4dfff..02397adc6c 100644 --- a/src/qemu/qemu_extdevice.h +++ b/src/qemu/qemu_extdevice.h @@ -59,3 +59,6 @@ bool qemuExtDevicesHasDevice(virDomainDef *def); int qemuExtDevicesSetupCgroup(virQEMUDriver *driver, virDomainObj *vm, virCgroup *cgroup); + +int qemuExtDevicesSetupSched(virQEMUDriver *driver, + virDomainObj *vm); diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 0a49008124..515f12fb41 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -7552,6 +7552,10 @@ qemuProcessLaunch(virConnectPtr conn, if (qemuSetupCgroupForExtDevices(vm, driver) < 0) goto cleanup; =20 + VIR_DEBUG("Setting SCHED_CORE for external devices (if required)"); + if (qemuExtDevicesSetupSched(driver, vm) < 0) + goto cleanup; + VIR_DEBUG("Setting up resctrl"); if (qemuProcessResctrlCreate(driver, vm) < 0) goto cleanup; --=20 2.35.1