[libvirt] [PATCH] qemu: don't fill in nicindexes for session mode libvirtd

Kashyap Chamarthy kchamart at redhat.com
Tue Mar 10 10:51:46 UTC 2015


On Tue, Mar 10, 2015 at 02:32:04AM -0400, Laine Stump wrote:
> Commit 4bbe1029f fixed a problem in commit f7afeddc by moving the call
> to virNetDevGetIndex() to a location common to all interface types (so
> that the niceindex array would be filled in for macvtap as well as tap
> interfaces), but the location was *too* common, as the original call
> to virNetDevGetIndex() had been in a section qualified by "if
> (cfg->privileged)". The result was that the "fixed" libvirtd would try
> to call virNetDevGetIndex() even for session mode libvirtd, and end up
> failing with the log message:
> 
>   Unable to open control socket: Operation not permitted
> 
> To remedy that, this patch qualifies the call to virNetDevGetIndex()
> in its new location with cfg->privileged.
> 
> This resolves https://bugzilla.redhat.com/show_bug.cgi?id=1198244
> ---
> 
> If someone (Rich?) needs this pushed before I am awake, please feel
> free to push it. (also push to the 1.2.13-maint branch if you do)
> 
>  src/qemu/qemu_command.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 1510797..3d1483e 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -7861,6 +7861,7 @@ qemuBuildInterfaceCommandLine(virCommandPtr cmd,
>      char **tapfdName = NULL;
>      char **vhostfdName = NULL;
>      int actualType = virDomainNetGetActualType(net);
> +    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
>      virNetDevBandwidthPtr actualBandwidth;
>      size_t i;
>  
> @@ -7936,7 +7937,7 @@ qemuBuildInterfaceCommandLine(virCommandPtr cmd,
>          /* network and bridge use a tap device, and direct uses a
>           * macvtap device
>           */
> -        if (nicindexes && nnicindexes && net->ifname) {
> +        if (cfg->privileged && nicindexes && nnicindexes && net->ifname) {
>              if (virNetDevGetIndex(net->ifname, &nicindex) < 0 ||
>                  VIR_APPEND_ELEMENT(*nicindexes, *nnicindexes, nicindex) < 0)
>                  goto cleanup;

Just tested with this patch locally, using Rich's reproducer. Fixes the
issue.

Before applying this patch, tested with version
libvirt-daemon-kvm-1.2.13-1.fc23.x86_64:

  $ whoami
  kashyapc

  $ guestfish -a /dev/null --network run
  libguestfs: error: could not create appliance through libvirt.
  . . .
  Original error from libvirt: Unable to open control socket: Operation not permitted [code=38 domain=0]


After applying this patch (applied on current git):

    $ git describe
    v1.2.13-100-gb7d027b

    $ guestfish -a /dev/null --network run
    $ echo $?
    0


So, FWIW:

    Tested-By: Kashyap Chamarthy <kchamart at redhat.com>

-- 
/kashyap




More information about the libvir-list mailing list