|
 |
ab7a78 |
From 347606bc80f40c22712d0ffe61a149c3266bf131 Mon Sep 17 00:00:00 2001
|
|
|
ab7a78 |
Message-Id: <347606bc80f40c22712d0ffe61a149c3266bf131@dist-git>
|
|
|
ab7a78 |
From: Michal Privoznik <mprivozn@redhat.com>
|
|
|
ab7a78 |
Date: Tue, 6 Sep 2022 13:45:51 +0200
|
|
|
ab7a78 |
Subject: [PATCH] qemu_process.c: Propagate hugetlbfs mounts on reconnect
|
|
|
ab7a78 |
|
|
|
ab7a78 |
When reconnecting to a running QEMU process, we construct the
|
|
|
ab7a78 |
per-domain path in all hugetlbfs mounts. This is a relict from
|
|
|
ab7a78 |
the past (v3.4.0-100-g5b24d25062) where we switched to a
|
|
|
ab7a78 |
per-domain path and we want to create those paths when libvirtd
|
|
|
ab7a78 |
restarts on upgrade.
|
|
|
ab7a78 |
|
|
|
ab7a78 |
And with namespaces enabled there is one corner case where the
|
|
|
ab7a78 |
path is not created. In fact an error is reported and the
|
|
|
ab7a78 |
reconnect fails. Ideally, all mount events are propagated into
|
|
|
ab7a78 |
the QEMU's namespace. And they probably are, except when the
|
|
|
ab7a78 |
target path does not exist inside the namespace. Now, it's pretty
|
|
|
ab7a78 |
common for users to mount hugetlbfs under /dev (e.g.
|
|
|
ab7a78 |
/dev/hugepages), but if domain is started without hugepages (or
|
|
|
ab7a78 |
more specifically - private hugetlbfs path wasn't created on
|
|
|
ab7a78 |
domain startup), then the reconnect code tries to create it.
|
|
|
ab7a78 |
But it fails to do so, well, it fails to set seclabels on the
|
|
|
ab7a78 |
path because, because the path does not exist in the private
|
|
|
ab7a78 |
namespace. And it doesn't exist because we specifically create
|
|
|
ab7a78 |
only a subset of all possible /dev nodes. Therefore, the mount
|
|
|
ab7a78 |
event, whilst propagated, is not successful and hence the
|
|
|
ab7a78 |
filesystem is not mounted. We have to do it ourselves.
|
|
|
ab7a78 |
|
|
|
ab7a78 |
If hugetlbfs is mount anywhere else there's no problem and this
|
|
|
ab7a78 |
is effectively a dead code.
|
|
|
ab7a78 |
|
|
|
ab7a78 |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2123196
|
|
|
ab7a78 |
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
|
ab7a78 |
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>
|
|
|
ab7a78 |
(cherry picked from commit 0377177c7856bb87a9d8aa1324b54f5fbe9f1e5b)
|
|
|
ab7a78 |
|
|
|
ab7a78 |
Conflicts:
|
|
|
ab7a78 |
- docs/kbase/qemu-passthrough-security.rst: Well, v8.8.0-rc1~32
|
|
|
ab7a78 |
isn't backported, thus we can't remove a paragraph that the
|
|
|
ab7a78 |
backported commit did. It's a documentation after all, so no
|
|
|
ab7a78 |
harm.
|
|
|
ab7a78 |
|
|
|
ab7a78 |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2132177
|
|
|
ab7a78 |
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
|
ab7a78 |
---
|
|
|
ab7a78 |
src/qemu/qemu_process.c | 3 +++
|
|
|
ab7a78 |
1 file changed, 3 insertions(+)
|
|
|
ab7a78 |
|
|
|
ab7a78 |
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
|
|
|
ab7a78 |
index 540eee9ff0..1164340aa9 100644
|
|
|
ab7a78 |
--- a/src/qemu/qemu_process.c
|
|
|
ab7a78 |
+++ b/src/qemu/qemu_process.c
|
|
|
ab7a78 |
@@ -3906,6 +3906,9 @@ qemuProcessBuildDestroyMemoryPathsImpl(virQEMUDriver *driver,
|
|
|
ab7a78 |
return -1;
|
|
|
ab7a78 |
}
|
|
|
ab7a78 |
|
|
|
ab7a78 |
+ if (qemuDomainNamespaceSetupPath(vm, path, NULL) < 0)
|
|
|
ab7a78 |
+ return -1;
|
|
|
ab7a78 |
+
|
|
|
ab7a78 |
if (qemuSecurityDomainSetPathLabel(driver, vm, path, true) < 0)
|
|
|
ab7a78 |
return -1;
|
|
|
ab7a78 |
} else {
|
|
|
ab7a78 |
--
|
|
|
ab7a78 |
2.37.2
|
|
|
ab7a78 |
|