[libvirt] [PATCH v3 04/15] vircgroup: introduce virCgroupV2DevicesDetectProg
Ján Tomko
jtomko at redhat.com
Tue Jun 18 14:48:00 UTC 2019
On Thu, Apr 25, 2019 at 09:44:21AM +0200, Pavel Hrdina wrote:
>This function will be called if libvirtd was restarted while some
>domains were running. It will try to detect existing programs attached
>to the guest cgroup.
>
>Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
>---
> src/libvirt_private.syms | 1 +
> src/util/vircgroupv2devices.c | 117 ++++++++++++++++++++++++++++++++++
> src/util/vircgroupv2devices.h | 3 +
> 3 files changed, 121 insertions(+)
>
>diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
>index 24a783840f..4753507c0a 100644
>--- a/src/libvirt_private.syms
>+++ b/src/libvirt_private.syms
>@@ -1655,6 +1655,7 @@ virCgroupV2Register;
> # util/vircgroupv2devices.h
> virCgroupV2DevicesAttachProg;
> virCgroupV2DevicesAvailable;
>+virCgroupV2DevicesDetectProg;
>
> # util/virclosecallbacks.h
> virCloseCallbacksGet;
>diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
>index c8686e8768..e936f0aa0e 100644
>--- a/src/util/vircgroupv2devices.c
>+++ b/src/util/vircgroupv2devices.c
>@@ -328,6 +328,113 @@ virCgroupV2DevicesAttachProg(virCgroupPtr group,
> VIR_FORCE_CLOSE(mapfd);
> return ret;
> }
>+
>+
>+static int
>+virCgroupV2DevicesCountMapEntries(int mapfd)
>+{
>+ int ret = 0;
>+ int rc;
>+ uint64_t key = 0;
>+ uint64_t prevKey = 0;
>+
>+ while ((rc = virBPFGetNextElem(mapfd, &prevKey, &key)) == 0) {
>+ ret++;
>+ prevKey = key;
>+ }
>+
>+ if (rc < 0)
>+ return -1;
>+
>+ return ret;
>+}
>+
>+
>+# define MAX_PROG_IDS 10
>+
>+int
>+virCgroupV2DevicesDetectProg(virCgroupPtr group)
>+{
>+ int ret = -1;
>+ int cgroupfd = -1;
With VIR_AUTOCLOSE
>+ unsigned int progcnt = 0;
>+ unsigned int progids[MAX_PROG_IDS] = { 0 };
>+ VIR_AUTOFREE(char *) path = NULL;
>+
>+ if (group->unified.devices.progfd > 0 && group->unified.devices.mapfd > 0)
>+ return 0;
>+
>+ if (virCgroupPathOfController(group, VIR_CGROUP_CONTROLLER_DEVICES,
>+ NULL, &path) < 0) {
>+ return -1;
>+ }
>+
>+ cgroupfd = open(path, O_RDONLY);
>+ if (cgroupfd < 0) {
>+ virReportSystemError(errno, _("unable to open '%s'"), path);
>+ goto cleanup;
>+ }
>+
>+ if (virBPFQueryProg(cgroupfd, MAX_PROG_IDS, BPF_CGROUP_DEVICE,
>+ &progcnt, progids) < 0) {
>+ virReportSystemError(errno, "%s", _("unable to query cgroup BPF progs"));
>+ goto cleanup;
>+ }
>+
and:
if (progcnt == 0)
return 0;
you can reduce the indentation level below
>+ if (progcnt > 0) {
>+ /* No need to have alternate code, this function will not be called
>+ * if compiled with old kernel. */
>+ int progfd = virBPFGetProg(progids[0]);
>+ int mapfd = -1;
>+ int nitems = -1;
>+ struct bpf_prog_info progInfo = { 0 };
>+ struct bpf_map_info mapInfo = { 0 };
>+ VIR_AUTOFREE(unsigned int *) mapIDs = NULL;
>+
>+ if (progfd < 0) {
>+ virReportSystemError(errno, "%s", _("failed to get cgroup BPF prog FD"));
>+ goto cleanup;
>+ }
>+
>+ if (virBPFGetProgInfo(progfd, &progInfo, &mapIDs) < 0) {
>+ virReportSystemError(errno, "%s", _("failed to get cgroup BPF prog info"));
>+ goto cleanup;
>+ }
>+
>+ if (progInfo.nr_map_ids == 0) {
>+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>+ _("no map for cgroup BPF prog"));
>+ goto cleanup;
>+ }
>+
>+ mapfd = virBPFGetMap(mapIDs[0]);
>+ if (mapfd < 0) {
>+ virReportSystemError(errno, "%s", _("failed to get cgroup BPF map FD"));
>+ goto cleanup;
>+ }
>+
>+ if (virBPFGetMapInfo(mapfd, &mapInfo) < 0) {
>+ virReportSystemError(errno, "%s", _("failed to get cgroup BPF map info"));
>+ goto cleanup;
>+ }
>+
>+ nitems = virCgroupV2DevicesCountMapEntries(mapfd);
>+ if (nitems < 0) {
>+ virReportSystemError(errno, "%s", _("failed to count cgroup BPF map items"));
>+ goto cleanup;
>+ }
>+
>+ group->unified.devices.progfd = progfd;
>+ group->unified.devices.mapfd = mapfd;
>+ group->unified.devices.max = mapInfo.max_entries;
>+ group->unified.devices.count = nitems;
>+ }
>+
>+ ret = 0;
>+ cleanup:
>+ VIR_FORCE_CLOSE(cgroupfd);
>+ return ret;
>+}
> #else /* !HAVE_DECL_BPF_CGROUP_DEVICE */
> bool
> virCgroupV2DevicesAvailable(virCgroupPtr group ATTRIBUTE_UNUSED)
>@@ -346,4 +453,14 @@ virCgroupV2DevicesAttachProg(virCgroupPtr group ATTRIBUTE_UNUSED,
> "with this kernel"));
> return -1;
> }
>+
>+
>+int
>+virCgroupV2DevicesDetectProg(virCgroupPtr group ATTRIBUTE_UNUSED)
>+{
>+ virReportSystemError(ENOSYS, "%s",
>+ _("cgroups v2 BPF devices not supported "
>+ "with this kernel"));
>+ return -1;
>+}
> #endif /* !HAVE_DECL_BPF_CGROUP_DEVICE */
Reviewed-by: Ján Tomko <jtomko at redhat.com>
Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190618/23500ea0/attachment-0001.sig>
More information about the libvir-list
mailing list