[libvirt] [PATCH] Revert "utils: Remove the logging of errors from virNetDevSendEthtoolIoctl"
Daniel P. Berrange
berrange at redhat.com
Tue Nov 3 16:15:04 UTC 2015
On Tue, Nov 03, 2015 at 10:58:58AM -0500, John Ferlan wrote:
>
>
> On 11/03/2015 09:17 AM, Daniel P. Berrange wrote:
> > This reverts commit 6f2a0198e913c91a2ef8b99db79b7d3cc5396957.
> >
> > This commit removed error reporting from virNetDevSendEthtoolIoctl
> > pushing responsibility onto the callers. This is wrong, however,
> > since virNetDevSendEthtoolIoctl calls virNetDevSetupControl
> > which can still report errors. So as a result virNetDevSendEthtoolIoctl
> > may or may not report errors depending on which bit of it fails, and as
> > a result callers now overwrite some errors.
> >
> > It also introduced a regression causing unprivileged libvirtd to
> > spew error messages to the console due to inability to query the
> > NIC features, an error which was previously ignored.
> >
> > virNetDevSetupControlFull:148 : Cannot open network interface control socket: Operation not permitted
> > virNetDevFeatureAvailable:3062 : Cannot get device wlp3s0 flags: Operation not permitted
> > virNetDevSetupControlFull:148 : Cannot open network interface control socket: Operation not permitted
> > virNetDevFeatureAvailable:3062 : Cannot get device wlp3s0 flags: Operation not permitted
> > virNetDevSetupControlFull:148 : Cannot open network interface control socket: Operation not permitted
> > virNetDevFeatureAvailable:3062 : Cannot get device wlp3s0 flags: Operation not permitted
> > virNetDevSetupControlFull:148 : Cannot open network interface control socket: Operation not permitted
> > virNetDevFeatureAvailable:3062 : Cannot get device wlp3s0 flags: Operation not permitted
> >
> > Looking back at the original posting I see no explanation of why
> > thsi refactoring was needed, so reverting the clearly broken
> > error reporting logic looks like the best option.
>
> A bit of history...
>
> Going back through the timeline... Moshe Levi proposes patches to add
> support for new feature/bits:
>
> http://www.redhat.com/archives/libvir-list/2015-June/msg00921.html
>
> reviewed and posted v2 in July:
>
> http://www.redhat.com/archives/libvir-list/2015-July/msg00548.html
>
> Changes get pushed; however, they lead to an issue:
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00162.html
>
> Moshe provided a patch to resolve that:
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00263.html
>
> Laine has a different proposal:
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00382.html
>
> which after review gets shortened a bit:
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00471.html
>
> and pushed
>
> Moshe as an update to his v1 msg00263
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00567.html
>
> Comments from there lead to posting changes just for the ioctl errors:
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00625.html
>
> Which leads to the v2 of that series (which you're proposing to revert):
>
> http://www.redhat.com/archives/libvir-list/2015-August/msg00720.html
>
>
> I suppose when I reviewed I just saw using virNetDevSetupControl as way
> to use existing functions as opposed to calling socket() directly. It
> was something different between v2 and v1 of that change, but other than
> the additional virSetInherit call - it was essentially the same.
>
> Even with the revert, in the unpriv'd libvirt, wouldn't the error:
>
> virReportSystemError(errno, "%s", _("Cannot open control socket"));
>
> still still be spewed? Since virNetDevSetupControlFull:148 is the socket
> call failure and not the ioctl failure. Sure the caller wouldn't spew a
> second one, but why would the first one not be spewed?
Empirically I don't see any errors after reverting it. It appears the
reason for this is that the original code uses AF_LOCAL while the
virNetDevSetupControllFull uses AF_PACKET, and the latter is restricted
to only privileged users. If I change the original code to use AF_PACKET
then it shows errors too. The reason for using AF_PACKET was that it
was substaintially faster than AF_LOCAL
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list