[Qemu-commits] [qemu/qemu] d658f6: migration: unify the framework of soc

qemu-commits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] d658f6: migration: unify the framework of soc

From:	Peter Maydell
Subject:	[Qemu-commits] [qemu/qemu] d658f6: migration: unify the framework of socket-type channel
Date:	Fri, 28 Aug 2020 14:30:30 -0700
  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: d658f65c16901afd58a7ce88dcebfdefb3594924
      
https://github.com/qemu/qemu/commit/d658f65c16901afd58a7ce88dcebfdefb3594924
  Author: Longpeng(Mike) <longpeng2@huawei.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M migration/migration.c
    M migration/socket.c
    M migration/socket.h

  Log Message:
  -----------
  migration: unify the framework of socket-type channel

Currently, the only difference of tcp channel and unix channel in
migration/socket.c is the way to build SocketAddress, but socket_parse()
can handle these two types, so use it to instead of tcp_build_address()
and unix_build_address().

The socket-type channel can be further unified based on the up, this
would be helpful for us to add other socket-type channels.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Message-Id: <20200806074030.174-2-longpeng2@huawei.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: 9ba3b2baa1f06e772c84f0ab77146428a2b19db1
      
https://github.com/qemu/qemu/commit/9ba3b2baa1f06e772c84f0ab77146428a2b19db1
  Author: Longpeng(Mike) <longpeng2@huawei.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M migration/migration.c

  Log Message:
  -----------
  migration: add vsock as data channel support

The vsock channel is more widely use in some new features, for example,
the Nitro/Enclave. It can also be used as the migration channel.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Message-Id: <20200806074030.174-3-longpeng2@huawei.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: aa8a926d3c0af81a31f50f8d1d9688c6f2d67aa6
      
https://github.com/qemu/qemu/commit/aa8a926d3c0af81a31f50f8d1d9688c6f2d67aa6
  Author: Daniel P. Berrangé <berrange@redhat.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M migration/savevm.c
    M tests/qemu-iotests/267.out

  Log Message:
  -----------
  migration: improve error reporting of block driver state name

With blockdev, a BlockDriverState may not have a device name,
so using a node name is required as an alternative.

Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200827111606.1408275-2-berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: a9e80a5f0cdd8e51c266ea0f943f8aafdd0afd13
      
https://github.com/qemu/qemu/commit/a9e80a5f0cdd8e51c266ea0f943f8aafdd0afd13
  Author: Zhenyu Ye <yezhenyu2@huawei.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M migration/tls.c

  Log Message:
  -----------
  migration: tls: fix memory leak in migration_tls_get_creds

Currently migration_tls_get_creds() adds the reference of creds
but there was no place to unref it.  So the OBJECT(creds) will
never be freed and result in memory leak.

The leak stack:
Direct leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0xffffa88bd20b in __interceptor_malloc (/usr/lib64/libasan.so.4+0xd320b)
    #1 0xffffa7f0cb1b in g_malloc (/usr/lib64/libglib-2.0.so.0+0x58b1b)
    #2 0x14b58cb in object_new_with_type qom/object.c:634
    #3 0x14b597b in object_new qom/object.c:645
    #4 0x14c0e4f in user_creatable_add_type qom/object_interfaces.c:59
    #5 0x141c78b in qmp_object_add qom/qom-qmp-cmds.c:312
    #6 0x140e513 in qmp_marshal_object_add qapi/qapi-commands-qom.c:279
    #7 0x176ba97 in do_qmp_dispatch qapi/qmp-dispatch.c:165
    #8 0x176bee7 in qmp_dispatch qapi/qmp-dispatch.c:208
    #9 0x136e337 in monitor_qmp_dispatch monitor/qmp.c:150
    #10 0x136eae3 in monitor_qmp_bh_dispatcher monitor/qmp.c:239
    #11 0x1852e93 in aio_bh_call util/async.c:89
    #12 0x18531b7 in aio_bh_poll util/async.c:117
    #13 0x18616bf in aio_dispatch util/aio-posix.c:459
    #14 0x1853f37 in aio_ctx_dispatch util/async.c:268
    #15 0xffffa7f06a7b in g_main_context_dispatch 
(/usr/lib64/libglib-2.0.so.0+0x52a7b)

Since we're fine to use the borrowed reference when using the creds,
so just remove the object_ref() in migration_tls_get_creds().

Signed-off-by: Zhenyu Ye <yezhenyu2@huawei.com>
Message-Id: <20200722033228.71-1-yezhenyu2@huawei.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: 88fc107956a5812649e5918e0c092d3f78bb28ad
      
https://github.com/qemu/qemu/commit/88fc107956a5812649e5918e0c092d3f78bb28ad
  Author: Vivek Goyal <vgoyal@redhat.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M docs/tools/virtiofsd.rst
    M tools/virtiofsd/passthrough_ll.c

  Log Message:
  -----------
  virtiofsd: Disable remote posix locks by default

Right now we enable remote posix locks by default. That means when guest
does a posix lock it sends request to server (virtiofsd). But currently
we only support non-blocking posix lock and return -EOPNOTSUPP for
blocking version.

This means that existing applications which are doing blocking posix
locks get -EOPNOTSUPP and fail. To avoid this, people have been
running virtiosd with option "-o no_posix_lock". For new users it
is still a surprise and trial and error takes them to this option.

Given posix lock implementation is not complete in virtiofsd, disable
it by default. This means that posix locks will work with-in applications
in a guest but not across guests. Anyway we don't support sharing
filesystem among different guests yet in virtiofs so this should
not lead to any kind of surprise or regression and will make life
little easier for virtiofs users.

Reported-by: Aa Aa <jimbothom@yandex.com>
Suggested-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: e9a78564a12c5cb670c4cbd5398a1ea8cd9ae642
      
https://github.com/qemu/qemu/commit/e9a78564a12c5cb670c4cbd5398a1ea8cd9ae642
  Author: Sergio Lopez <slp@redhat.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M docs/tools/virtiofsd.rst
    M tools/virtiofsd/helper.c

  Log Message:
  -----------
  virtiofsd: Remove "norace" from cmdline help and docs

Commit 93bb3d8d4cda ("virtiofsd: remove symlink fallbacks") removed
the implementation of the "norace" option, so remove it from the
cmdline help and the documentation too.

Signed-off-by: Sergio Lopez <slp@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Message-Id: <20200717121110.50580-1-slp@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: 1c7cb1f52e2577e190c09c9a14e6b6f56f4a3ec3
      
https://github.com/qemu/qemu/commit/1c7cb1f52e2577e190c09c9a14e6b6f56f4a3ec3
  Author: Stefan Hajnoczi <stefanha@redhat.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M tools/virtiofsd/passthrough_ll.c

  Log Message:
  -----------
  virtiofsd: drop CAP_DAC_READ_SEARCH

virtiofsd does not need CAP_DAC_READ_SEARCH because it already has
the more powerful CAP_DAC_OVERRIDE. Drop it from the list of
capabilities.

This is important because container runtimes may not include
CAP_DAC_READ_SEARCH by default. This patch allows virtiofsd to reduce
its capabilities when running inside a Docker container.

Note that CAP_DAC_READ_SEARCH may be necessary again in the future if
virtiofsd starts using open_by_handle_at(2).

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Message-Id: <20200727190223.422280-2-stefanha@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: fd9279ec9985d9c8a0b533eff24839f93695b0f4
      
https://github.com/qemu/qemu/commit/fd9279ec9985d9c8a0b533eff24839f93695b0f4
  Author: Stefan Hajnoczi <stefanha@redhat.com>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M tools/virtiofsd/fuse_virtio.c

  Log Message:
  -----------
  virtiofsd: probe unshare(CLONE_FS) and print an error

An assertion failure is raised during request processing if
unshare(CLONE_FS) fails. Implement a probe at startup so the problem can
be detected right away.

Unfortunately Docker/Moby does not include unshare in the seccomp.json
list unless CAP_SYS_ADMIN is given. Other seccomp.json lists always
include unshare (e.g. podman is unaffected):
https://raw.githubusercontent.com/seccomp/containers-golang/master/seccomp.json

Use "docker run --security-opt seccomp=path/to/seccomp.json ..." if the
default seccomp.json is missing unshare.

Cc: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-Id: <20200727190223.422280-4-stefanha@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>


  Commit: a4e236b7d4badcd7383ed3cb86655e9bba0583cf
      
https://github.com/qemu/qemu/commit/a4e236b7d4badcd7383ed3cb86655e9bba0583cf
  Author: Peter Maydell <peter.maydell@linaro.org>
  Date:   2020-08-28 (Fri, 28 Aug 2020)

  Changed paths:
    M docs/tools/virtiofsd.rst
    M migration/migration.c
    M migration/savevm.c
    M migration/socket.c
    M migration/socket.h
    M migration/tls.c
    M tests/qemu-iotests/267.out
    M tools/virtiofsd/fuse_virtio.c
    M tools/virtiofsd/helper.c
    M tools/virtiofsd/passthrough_ll.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20200828a' 
into staging

Migration and virtiofsd pull 2020-08-28

Migration:
   vsock support for migration
   minor fixes

virtiofsd:
   Disable remote posix locks by default - because we
     never supported blocking variants and this breaks things
   Some prep work for un/less priviliged modes

Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>

# gpg: Signature made Fri 28 Aug 2020 13:43:18 BST
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" 
[full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20200828a:
  virtiofsd: probe unshare(CLONE_FS) and print an error
  virtiofsd: drop CAP_DAC_READ_SEARCH
  virtiofsd: Remove "norace" from cmdline help and docs
  virtiofsd: Disable remote posix locks by default
  migration: tls: fix memory leak in migration_tls_get_creds
  migration: improve error reporting of block driver state name
  migration: add vsock as data channel support
  migration: unify the framework of socket-type channel

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>


Compare: https://github.com/qemu/qemu/compare/ea1bb830cb02...a4e236b7d4ba
[Prev in Thread]
Current Thread
[Next in Thread]
[Qemu-commits] [qemu/qemu] d658f6: migration: unify the framework of socket-type channel, Peter Maydell <=
Prev by Date: [Qemu-commits] [qemu/qemu] 870f00: hw/arm/sbsa-ref: fix typo breaking PCIe IRQs
Next by Date: [Qemu-commits] [qemu/qemu] 0a7ec8: linux-user: Fix 'semop()' and 'semtimedop()' imple...
Previous by thread: [Qemu-commits] [qemu/qemu] 870f00: hw/arm/sbsa-ref: fix typo breaking PCIe IRQs
Next by thread: [Qemu-commits] [qemu/qemu] 0a7ec8: linux-user: Fix 'semop()' and 'semtimedop()' imple...
Index(es):
- Date
- Thread