[libvirt] [PATCH v3 04/15] vircgroup: introduce virCgroupV2DevicesDetectProg

Ján Tomko jtomko at redhat.com
Tue Jun 18 14:48:00 UTC 2019 

On Thu, Apr 25, 2019 at 09:44:21AM +0200, Pavel Hrdina wrote:
>This function will be called if libvirtd was restarted while some
>domains were running.  It will try to detect existing programs attached
>to the guest cgroup.
>
>Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
>---
> src/libvirt_private.syms      |   1 +
> src/util/vircgroupv2devices.c | 117 ++++++++++++++++++++++++++++++++++
> src/util/vircgroupv2devices.h |   3 +
> 3 files changed, 121 insertions(+)
>
>diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
>index 24a783840f..4753507c0a 100644
>--- a/src/libvirt_private.syms
>+++ b/src/libvirt_private.syms
>@@ -1655,6 +1655,7 @@ virCgroupV2Register;
> # util/vircgroupv2devices.h
> virCgroupV2DevicesAttachProg;
> virCgroupV2DevicesAvailable;
>+virCgroupV2DevicesDetectProg;
>
> # util/virclosecallbacks.h
> virCloseCallbacksGet;
>diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
>index c8686e8768..e936f0aa0e 100644
>--- a/src/util/vircgroupv2devices.c
>+++ b/src/util/vircgroupv2devices.c
>@@ -328,6 +328,113 @@ virCgroupV2DevicesAttachProg(virCgroupPtr group,
>     VIR_FORCE_CLOSE(mapfd);
>     return ret;
> }
>+
>+
>+static int
>+virCgroupV2DevicesCountMapEntries(int mapfd)
>+{
>+    int ret = 0;
>+    int rc;
>+    uint64_t key = 0;
>+    uint64_t prevKey = 0;
>+
>+    while ((rc = virBPFGetNextElem(mapfd, &prevKey, &key)) == 0) {
>+        ret++;
>+        prevKey = key;
>+    }
>+
>+    if (rc < 0)
>+        return -1;
>+
>+    return ret;
>+}
>+
>+
>+# define MAX_PROG_IDS 10
>+
>+int
>+virCgroupV2DevicesDetectProg(virCgroupPtr group)
>+{
>+    int ret = -1;
>+    int cgroupfd = -1;

With VIR_AUTOCLOSE

>+    unsigned int progcnt = 0;
>+    unsigned int progids[MAX_PROG_IDS] = { 0 };
>+    VIR_AUTOFREE(char *) path = NULL;
>+
>+    if (group->unified.devices.progfd > 0 && group->unified.devices.mapfd > 0)
>+        return 0;
>+
>+    if (virCgroupPathOfController(group, VIR_CGROUP_CONTROLLER_DEVICES,
>+                                  NULL, &path) < 0) {
>+        return -1;
>+    }
>+
>+    cgroupfd = open(path, O_RDONLY);
>+    if (cgroupfd < 0) {
>+        virReportSystemError(errno, _("unable to open '%s'"), path);
>+        goto cleanup;
>+    }
>+
>+    if (virBPFQueryProg(cgroupfd, MAX_PROG_IDS, BPF_CGROUP_DEVICE,
>+                        &progcnt, progids) < 0) {
>+        virReportSystemError(errno, "%s", _("unable to query cgroup BPF progs"));
>+        goto cleanup;
>+    }
>+

and:
    if (progcnt == 0)
        return 0;

you can reduce the indentation level below

>+    if (progcnt > 0) {
>+        /* No need to have alternate code, this function will not be called
>+         * if compiled with old kernel. */
>+        int progfd = virBPFGetProg(progids[0]);
>+        int mapfd = -1;
>+        int nitems = -1;
>+        struct bpf_prog_info progInfo = { 0 };
>+        struct bpf_map_info mapInfo = { 0 };
>+        VIR_AUTOFREE(unsigned int *) mapIDs = NULL;
>+
>+        if (progfd < 0) {
>+            virReportSystemError(errno, "%s", _("failed to get cgroup BPF prog FD"));
>+            goto cleanup;
>+        }
>+
>+        if (virBPFGetProgInfo(progfd, &progInfo, &mapIDs) < 0) {
>+            virReportSystemError(errno, "%s", _("failed to get cgroup BPF prog info"));
>+            goto cleanup;
>+        }
>+
>+        if (progInfo.nr_map_ids == 0) {
>+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
>+                           _("no map for cgroup BPF prog"));
>+            goto cleanup;
>+        }
>+
>+        mapfd = virBPFGetMap(mapIDs[0]);
>+        if (mapfd < 0) {
>+            virReportSystemError(errno, "%s", _("failed to get cgroup BPF map FD"));
>+            goto cleanup;
>+        }
>+
>+        if (virBPFGetMapInfo(mapfd, &mapInfo) < 0) {
>+            virReportSystemError(errno, "%s", _("failed to get cgroup BPF map info"));
>+            goto cleanup;
>+        }
>+
>+        nitems = virCgroupV2DevicesCountMapEntries(mapfd);
>+        if (nitems < 0) {
>+            virReportSystemError(errno, "%s", _("failed to count cgroup BPF map items"));
>+            goto cleanup;
>+        }
>+
>+        group->unified.devices.progfd = progfd;
>+        group->unified.devices.mapfd = mapfd;
>+        group->unified.devices.max = mapInfo.max_entries;
>+        group->unified.devices.count = nitems;
>+    }
>+
>+    ret = 0;
>+ cleanup:
>+    VIR_FORCE_CLOSE(cgroupfd);
>+    return ret;
>+}
> #else /* !HAVE_DECL_BPF_CGROUP_DEVICE */
> bool
> virCgroupV2DevicesAvailable(virCgroupPtr group ATTRIBUTE_UNUSED)
>@@ -346,4 +453,14 @@ virCgroupV2DevicesAttachProg(virCgroupPtr group ATTRIBUTE_UNUSED,
>                            "with this kernel"));
>     return -1;
> }
>+
>+
>+int
>+virCgroupV2DevicesDetectProg(virCgroupPtr group ATTRIBUTE_UNUSED)
>+{
>+    virReportSystemError(ENOSYS, "%s",
>+                         _("cgroups v2 BPF devices not supported "
>+                           "with this kernel"));
>+    return -1;
>+}
> #endif /* !HAVE_DECL_BPF_CGROUP_DEVICE */

Reviewed-by: Ján Tomko <jtomko at redhat.com>

Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190618/23500ea0/attachment-0001.sig>

More information about the libvir-list mailing list