[libvirt PATCH] util: tell users that memory locking ulimit is too low for BPF

Daniel P. Berrangé berrange at redhat.com
Tue Mar 16 17:06:33 UTC 2021


If running libvirtd via systemd, it gets a 64 MB memlock limit, but if
running from the shell it will only get 64 KB on a Fedora 33 system.
The latter low limit causes any attempt to use BPF to fail and it is
not obvious why.

This improves the error message thus:

  # virsh -c lxc:/// start sh
error: Failed to start domain 'sh'
error: internal error: guest failed to start: Failure in libvirt_lxc startup: failed to initialize device BPF map; locked memory limit for libvirtd probably needs to be raised: Operation not permitted

Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
 src/util/vircgroupv2devices.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c
index 71591be4c4..4bcc1d52fe 100644
--- a/src/util/vircgroupv2devices.c
+++ b/src/util/vircgroupv2devices.c
@@ -443,9 +443,17 @@ virCgroupV2DevicesCreateMap(size_t size)
                                 sizeof(uint32_t), size);
 
     if (mapfd < 0) {
-        virReportSystemError(errno, "%s",
-                             _("failed to initialize device BPF map"));
-        return -1;
+        if (errno == EPERM) {
+            virReportSystemError(errno, "%s",
+                                 _("failed to initialize device BPF map; "
+                                   "locked memory limit for libvirtd probably "
+                                   "needs to be raised"));
+            return -1;
+        } else {
+            virReportSystemError(errno, "%s",
+                                 _("failed to initialize device BPF map"));
+            return -1;
+        }
     }
 
     return mapfd;
-- 
2.30.2




More information about the libvir-list mailing list