July 2022 - Libguestfs - Libguestfs List Archives

[PATCH common 0/4] mltools: Introduce priority for ordering actions

by Richard W.M. Jones

https://bugzilla.redhat.com/show_bug.cgi?id=1953286#c26 This set of changes enhances the common/mltools On_exit module to: - allow actions to be ordered using a priority field - allow waiting for killed subprocesses to exit (with some caveats) Related set of changes to virt-v2v will follow. This will require some changes to libguestfs and guestfs-tools projects which I have not done yet because I want to get feedback on the approach first. Rich.

2 years, 4 months

2
17
0 / 0

[PATCH virt-v2v 0/3] -o rhv: Try to avoid race condition when exiting

by Richard W.M. Jones

Requires: https://listman.redhat.com/archives/libguestfs/2022-July/029453.html This patch series tries to avoid a race condition when using -o rhv mode when virt-v2v exits after a successful conversion. The potential race is described in this bug report: https://bugzilla.redhat.com/show_bug.cgi?id=1953286#c26 Rich.

2 years, 4 months

2
6
0 / 0

[guestfs-tools PATCH 0/2] sysprep: full disk encryption improvements

by Laszlo Ersek

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2106286 The first patch extends our support for LUKS-on-LVM a bit. The second patch explains why the functionality from the first patch should not be relied upon. Laszlo Laszlo Ersek (2): sysprep: make an effort to cope with LUKS-on-LVM sysprep: advise against cloning VMs with internal full disk encryption sysprep/sysprep_operation_lvm_uuids.ml | 42 +++++++++++++++++++- sysprep/virt-sysprep.pod | 7 ++++ 2 files changed, 48 insertions(+), 1 deletion(-) -- 2.19.1.3.g30247aa5d201

2 years, 4 months

2
4
0 / 0

A few Coverity errors in nbdkit

by Richard W.M. Jones

Hi Eric, None of this is important, and may not even be bugs, but here are a few issues raised with the latest run of Coverity on nbdkit 1.30.7. ********************************************************************** *** filters/multi-conn It seems as if "group_vector" is really leaked from this filter. I think it needs an unload handler to free it. Error: GCC_ANALYZER_WARNING (CWE-401): [#def75] nbdkit-1.30.7/filters/multi-conn/multi-conn.c:195:14: warning[-Wanalyzer-malloc-leak]: leak of 'g' nbdkit-1.30.7/common/utils/vector.h:44: included_from: Included from here. nbdkit-1.30.7/filters/multi-conn/multi-conn.c:46: included_from: Included from here. nbdkit-1.30.7/common/utils/cleanup.h:56:3: note: in expansion of macro 'ACQUIRE_LOCK_FOR_CURRENT_SCOPE_1' nbdkit-1.30.7/filters/multi-conn/multi-conn.c:208:3: note: in expansion of macro 'ACQUIRE_LOCK_FOR_CURRENT_SCOPE' nbdkit-1.30.7/filters/multi-conn/multi-conn.c:46: included_from: Included from here. nbdkit-1.30.7/common/utils/vector.h:132:12: note: in definition of macro 'DEFINE_VECTOR_TYPE' nbdkit-1.30.7/common/utils/vector.h:132:12: note: in definition of macro 'DEFINE_VECTOR_TYPE' nbdkit-1.30.7/common/utils/vector.h:116:3: note: in definition of macro 'DEFINE_VECTOR_TYPE' nbdkit-1.30.7/common/utils/vector.h:44: included_from: Included from here. nbdkit-1.30.7/filters/multi-conn/multi-conn.c:46: included_from: Included from here. nbdkit-1.30.7/filters/multi-conn/multi-conn.c:87:1: note: in expansion of macro 'DEFINE_VECTOR_TYPE' nbdkit-1.30.7/filters/multi-conn/multi-conn.c:46: included_from: Included from here. nbdkit-1.30.7/common/utils/vector.h:132:12: note: in definition of macro 'DEFINE_VECTOR_TYPE' nbdkit-1.30.7/filters/multi-conn/multi-conn.c:45: included_from: Included from here. nbdkit-1.30.7/common/utils/cleanup.h:58:41: note: in definition of macro 'ACQUIRE_LOCK_FOR_CURRENT_SCOPE_1' nbdkit-1.30.7/common/include/unique-name.h:40:37: note: in expansion of macro 'XXUNIQUE_NAME' nbdkit-1.30.7/common/include/unique-name.h:41:34: note: in expansion of macro 'XUNIQUE_NAME' nbdkit-1.30.7/common/utils/cleanup.h:56:45: note: in expansion of macro 'NBDKIT_UNIQUE_NAME' nbdkit-1.30.7/filters/multi-conn/multi-conn.c:208:3: note: in expansion of macro 'ACQUIRE_LOCK_FOR_CURRENT_SCOPE' # 193| r = next->can_multi_conn (next); # 194| if (r == -1) # 195|-> return -1; # 196| if (r == 0) # 197| h->mode = EMULATE; Error: CLANG_WARNING: [#def76] nbdkit-1.30.7/filters/multi-conn/multi-conn.c:227:15: warning[unix.Malloc]: Potential leak of memory pointed to by 'g' # 225| } # 226| if (group_vector_append (&groups, g) == -1) # 227|-> return -1; # 228| g->name = h->name; # 229| h->name = NULL; ********************************************************************** *** server/protocol-handshake-newstyle.c I think Coverity has a point here. Certainly there is code before this point which assigns conn->top_context = NULL, and it's not immediately clear to me that the code that Coverity has highlighted is unreachable in that case. Error: CLANG_WARNING: [#def234] nbdkit-1.30.7/server/protocol-handshake-newstyle.c:657:34: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull' # 655| case NBD_INFO_DESCRIPTION: # 656| { # 657|-> const char *desc = backend_export_description (conn->top_context); # 658| # 659| if (!desc) { Error: CLANG_WARNING: [#def235] nbdkit-1.30.7/server/protocol-handshake-newstyle.c:676:19: warning[core.NonNullParamChecker]: Null pointer passed to 1st parameter expecting 'nonnull' # 674| uint32_t minimum, preferred, maximum; # 675| # 676|-> if (backend_block_size (conn->top_context, # 677| &minimum, &preferred, &maximum) == -1) # 678| return -1; ********************************************************************** *** server/public.c Any clue about what this error means? Error: ASSERT_SIDE_EFFECT (CWE-1006): [#def239] nbdkit-1.30.7/server/public.c:728: assert_side_effect: Argument "quit" of assert() has a side effect because the variable is volatile. The containing function might work differently in a non-debug build. # 726| * event, we know the connection should be shutting down. # 727| */ # 728|-> assert (quit || # 729| (conn && conn->nworkers > 0 && connection_get_status () < 1) || # 730| (conn && (fds[2].revents & (POLLRDHUP | POLLHUP | POLLERR | Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-builder quickly builds VMs from scratch http://libguestfs.org/virt-builder.1.html

2 years, 4 months

2
3
0 / 0

Error ret=-1 with EINTR in nbd_connect_systemd_socket_activation()

by Motohiro Kawahito

Hi, I'd like to connect to an encrypted QCOW2 file by nbd_connect_systemd_socket_activation(), but I got ret=-1 with EINTR. In our program, signals are frequently occurred, so I think this is the background of the problem. Could you advise me what should I do next? (such as open issue in https://gitlab.com/nbdkit/libnbd or something). The arg parameter I used is qemu-nbd --object secret,id=sec0,data=abc123 --image-opts driver=qcow2,encrypt.format=luks,encrypt.key-secret=sec0,file.filename=/tmp/empty.qcow2 One more problem is that this qemu-nbd process still remains when error occurred. I also attached a test program below. Is there any problem in my test program? The version of qemu-nbd is $ qemu-nbd -V qemu-nbd 4.2.1 (Debian 1:4.2-3ubuntu6.23) I created this encrypted QCOW2 image by the following command. qemu-img create --object secret,id=sec0,data=abc123 -f qcow2 -o encrypt.format=luks,encrypt.key-secret=sec0 /tmp/empty.qcow2 8539292672 Here is a test program I made. I found that this error occurred even for a normal QCOW2 file (not encrypted one). If you need more information, please let me know. #include <stdio.h> #include <stdlib.h> #include <string.h> #include <signal.h> #include <sys/types.h> #include <unistd.h> #include <libnbd.h> typedef struct _processInfo { char *fname; int64_t filesize; } processInfo; processInfo pinfo[1024]; int pnum; static char ** makeCommandQemuNbd(bool sync, char *key_encrypted_qcow2, char *fileName) { int num = 0; int pos = 0; char **ret; if (key_encrypted_qcow2) { static const char *keyTemplate = "secret,id=sec0,data=%s"; static const char *fileNameTemplate = "driver=qcow2,encrypt.format=luks,encrypt.key-secret=sec0,file.filename=%s"; num = 6 + (sync ? 1 : 0); ret = (char **)malloc(sizeof(*ret) * num); ret[pos++] = (char *)"qemu-nbd"; // 0 ret[pos++] = (char *)"--object"; // 1 ret[pos] = (char *)malloc(strlen(keyTemplate) + strlen(key_encrypted_qcow2)); // 2 sprintf(ret[pos], keyTemplate, key_encrypted_qcow2); pos++; ret[pos++] = (char *)"--image-opts"; // 3 ret[pos] = (char *)malloc(strlen(fileNameTemplate) + strlen(fileName)); // 4 sprintf(ret[pos], fileNameTemplate, fileName); pos++; if (sync) ret[pos++] = (char *)"--cache=writethrough"; // 5 ret[pos++] = NULL; // 5 or 6 } else { num = 5 + (sync ? 1 : 0); ret = (char **)malloc(sizeof(*ret) * num); ret[pos++] = (char *)"qemu-nbd"; // 0 ret[pos++] = (char *)"-f"; // 1 ret[pos++] = (char *)"qcow2"; // 2 ret[pos++] = fileName; // 3 if (sync) ret[pos++] = (char *)"--cache=writethrough"; // 4 ret[pos++] = NULL; // 4 or 5 } return ret; } void sigHandler(int num) { // do nothing } #define TEST_NORMAL 0 struct nbd_handle * openNbd(processInfo *pi, bool isWritethrough) { struct nbd_handle *nbd; fprintf(stderr, "Before nbd_create\n"); nbd = nbd_create (); if (nbd == NULL) { fprintf(stderr, "nbd_create failed. %s\n", nbd_get_error ()); return nbd; } #if TEST_NORMAL // not encrypted file char **args = makeCommandQemuNbd(isWritethrough, (char*)NULL, (char *)"/tmp/my.qcow2"); #else char **args = makeCommandQemuNbd(isWritethrough, (char*)"abc123", pi->fname); #endif fprintf(stderr, "Before nbd_connect_systemd_socket_activation\n"); int ret = nbd_connect_systemd_socket_activation (nbd, args); free(args); if (ret == -1) { fprintf(stderr, "nbd_connect_systemd_socket_activation failed. %s\n", nbd_get_error ()); return nbd; } fprintf(stderr, "After nbd_connect_systemd_socket_activation\n"); pi->filesize = nbd_get_size(nbd); fprintf(stderr, "size=%ld\n", pi->filesize); return nbd; } int main(int argc, char *argv[]) { pnum = 0; pinfo[0].fname = (char*)"/tmp/empty.qcow2"; signal(SIGUSR1, sigHandler); pid_t pid; if ((pid = fork()) == 0) { nbd_close(openNbd(pinfo, false)); } else { uint64_t i; for (i = 0; i < 10000000; i++) { kill(pid, SIGUSR1); } fprintf(stderr, "kill end\n"); } } Debug output is like this. Before nbd_create libnbd: debug: nbd1: nbd_create: opening handle Before nbd_connect_systemd_socket_activation libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: enter: argv=<list> libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: event CmdConnectSA: START -> CONNECT_SA.START libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: transition: CONNECT_SA.START -> CONNECT.START libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: poll start: events=4 libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: poll end: r=1 revents=4 libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: event NotifyWrite: CONNECT.START -> CONNECT.CONNECTING libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: transition: CONNECT.CONNECTING -> MAGIC.START libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: transition: MAGIC.START -> MAGIC.RECV_MAGIC libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: poll start: events=1 libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: poll end: r=-1 revents=0 libnbd: debug: nbd1: nbd_connect_systemd_socket_activation: leave: error="nbd_connect_systemd_socket_activation: poll: Interrupted system call" nbd_connect_systemd_socket_activation failed. nbd_connect_systemd_socket_activation: poll: Interrupted system call libnbd: debug: nbd1: nbd_close: closing handle kill end Many thanks, Motohiro Kawahito

2 years, 4 months

2
3
0 / 0

libnbd | Failed pipeline for master | 94d86f1c

by GitLab

Pipeline #586124112 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: 94d86f1c ( https://gitlab.com/nbdkit/libnbd/-/commit/94d86f1cb29d3357cace4ec47c81c7b... ) Commit Message: lib/uri.c: Don't corrupt memory on error path ... Commit Author: Richard W_M_ Jones ( https://gitlab.com/rwmjones ) Pipeline #586124112 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/586124112 ) triggered by Richard W_M_ Jones ( https://gitlab.com/rwmjones ) had 2 failed jobs. Job #2711300619 ( https://gitlab.com/nbdkit/libnbd/-/jobs/2711300619/raw ) Stage: builds Name: x86_64-freebsd-12 Job #2711300611 ( https://gitlab.com/nbdkit/libnbd/-/jobs/2711300611/raw ) Stage: builds Name: x86_64-opensuse-leap-153 -- You're receiving this email because of your account on gitlab.com.

2 years, 4 months

1
0
0 / 0

[v2v PATCH 0/2] input-xen: SSH authentication documentation improvements

by Laszlo Ersek

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1854275 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2062360 The input-xen documentation currently recommends a system-wide crypto policy downgrade (to LEGACY) for connecting to RHEL5 sshd. Replace the recommendation with the individual ssh options that enable this kind of connection. While investigating this (for RHBZ#2062360), I found that, for RHBZ#1854275, I had missed a call chain in virt-v2v where libvirt launched "ssh", and therefore the "-ip" option would be relevant. Because "-ip" does not work there, first copy the respective caveat from the input-vmware documentation to input-xen. Thanks Laszlo Laszlo Ersek (2): input-xen: sync "-ip" limitations language from input-vmware manual input-xen: replace "enable LEGACY crypto" advice with targeted ssh options docs/virt-v2v-input-xen.pod | 25 ++++++++++++++++---- 1 file changed, 20 insertions(+), 5 deletions(-) -- 2.19.1.3.g30247aa5d201

2 years, 4 months

2
4
0 / 0

EVE-NG - VM - Compression

by Jaime Rodriguez

Hello Team, I am trying to compress a windows 10VM on Eve-ng with the 'virt-sparsify'. Initial Command Run: virt-sparsify --compress virtioa.qcow2 compressedvirtioa.qcow2 Added debugging and ran again with '-v -x' parameters to get output. Please see the attached file. apt list --installed | grep libguest libguestfs-perl/focal,now 1:1.40.2-7ubuntu5 amd64 [installed,automatic] libguestfs-tools/focal,now 1:1.40.2-7ubuntu5 amd64 [installed,automatic] libguestfs0/focal,now 1:1.40.2-7ubuntu5 amd64 [installed,automatic] Thank you, Jaime Rodriguez

2 years, 4 months

2
1
0 / 0

libnbd | Failed pipeline for master | e714b9a7

by GitLab

Pipeline #584352472 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: e714b9a7 ( https://gitlab.com/nbdkit/libnbd/-/commit/e714b9a7403311a1a173a31d8623432... ) Commit Message: Version 1.13.6. Commit Author: Richard W_M_ Jones ( https://gitlab.com/rwmjones ) Pipeline #584352472 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/584352472 ) triggered by Richard W_M_ Jones ( https://gitlab.com/rwmjones ) had 2 failed jobs. Job #2701290204 ( https://gitlab.com/nbdkit/libnbd/-/jobs/2701290204/raw ) Stage: builds Name: x86_64-freebsd-12 Job #2701290198 ( https://gitlab.com/nbdkit/libnbd/-/jobs/2701290198/raw ) Stage: builds Name: x86_64-opensuse-leap-153 -- You're receiving this email because of your account on gitlab.com.

2 years, 4 months

1
0
0 / 0

libnbd | Failed pipeline for master | 2b472fac

by GitLab

Pipeline #584041356 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: 2b472fac ( https://gitlab.com/nbdkit/libnbd/-/commit/2b472fac41c75f9eb1b0c06aece0c62... ) Commit Message: configure: Add status of interop and examples Commit Author: Richard W_M_ Jones ( https://gitlab.com/rwmjones ) Pipeline #584041356 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/584041356 ) triggered by Richard W_M_ Jones ( https://gitlab.com/rwmjones ) had 1 failed job. Job #2699865731 ( https://gitlab.com/nbdkit/libnbd/-/jobs/2699865731/raw ) Stage: builds Name: x86_64-opensuse-leap-153 -- You're receiving this email because of your account on gitlab.com.

2 years, 4 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Libguestfs July 2022