March 2023 - Libguestfs - Libguestfs List Archives

[V2V PATCH v3 0/6] Bring support for virtio-scsi back to Windows

by Andrey Drobyshev

Discussion on v2: https://listman.redhat.com/archives/libguestfs/2023-March/030987.html v2 -> v3: * Patch 2/6 ("convert_windows: add Inject_virtio_win.Virtio_SCSI as a possible block type"): omit "Inject_virtio_win." prefix in favor of type inference. Add a short commit message body; * Add tests/test-v2v-block-driver.sh testing the new "--block-driver" option. Discussion on v1: https://listman.redhat.com/archives/libguestfs/2023-February/030849.html https://listman.redhat.com/archives/libguestfs/2023-March/030917.html v1 -> v2: * Adapt the patch suggested by Richard, splitting it up into 3: https://listman.redhat.com/archives/libguestfs/2023-March/030975.html Now we have "--block-driver" command line option which regulates the order in which block drivers are being searched for (and, as a consequence, the default driver). Andrey Drobyshev (3): Revert "Remove guestcaps_block_type Virtio_SCSI" convert_windows: add Inject_virtio_win.Virtio_SCSI as a possible block type tests: add --block-driver option test Richard W.M. Jones (3): convert: introduce "block_driver" convert option convert_windows: set block driver priority according to block_driver option v2v, in-place: introduce --block-driver command line option convert/convert.ml | 11 ++- convert/convert.mli | 1 + convert/convert_linux.ml | 11 ++- convert/convert_linux.mli | 3 +- convert/convert_windows.ml | 11 ++- convert/convert_windows.mli | 3 +- convert/target_bus_assignment.ml | 1 + docs/virt-v2v-in-place.pod | 10 ++ docs/virt-v2v.pod | 10 ++ in-place/in_place.ml | 12 ++- inspector/inspector.ml | 3 +- lib/create_ovf.ml | 1 + lib/types.ml | 3 +- lib/types.mli | 2 +- output/openstack_image_properties.ml | 7 ++ tests/Makefile.am | 2 + tests/test-v2v-block-driver.sh | 143 +++++++++++++++++++++++++++ v2v/v2v.ml | 12 ++- 18 files changed, 231 insertions(+), 15 deletions(-) create mode 100755 tests/test-v2v-block-driver.sh -- 2.31.1

1 year, 7 months

3
23
0 / 0

[libguestfs-common PATCH 0/2] detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split

by Laszlo Ersek

https://bugzilla.redhat.com/show_bug.cgi?id=2175703 Vera Wu's testing covered a backport of this series to the virt-v2v project's rhel-9.2 branch (on top of commit 86517b17be98), where the "detect_kernels" function is still unique/internal to the virt-v2v project. The backport / cherry-pick from libguestfs-common to virt-v2v cannot be automated, but it's not difficult; only file names in the patch files change. The first patch is split out only in order not to muddy the second patch; the second patch requires some eyeballing anyway, so keeping it focused is good. Laszlo Laszlo Ersek (2): detect_kernels: tighten "try" scope detect_kernels: deal with RHEL's kernel-core / kernel-modules-core split mldrivers/linux_kernels.ml | 26 ++++++++++++++------ 1 file changed, 19 insertions(+), 7 deletions(-) base-commit: 402f7600d7077cc0c60b75cfc72413af93dc4e6e

1 year, 7 months

2
5
0 / 0

[nbdkit PATCH 0/2] various

by Laszlo Ersek

I originally meant to post only the "vector.h" patch, but then (independently) nbdkit wouldn't build. Hence the other (rust plugin) patch. Laszlo Laszlo Ersek (2): common/utils: document empty_vector compound literal assignment plugins/rust: restrict predicates-{tree,core} to {1.0.7,1.0.5} common/utils/vector.h | 8 +++++++- plugins/rust/Cargo.toml | 2 ++ 2 files changed, 9 insertions(+), 1 deletion(-) base-commit: 45b72f5bd8fc1b475fa130d06c86cd877bf595d5

1 year, 7 months

2
5
0 / 0

libnbd | Failed pipeline for master | 2db30279

by GitLab

Pipeline #819889104 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: 2db30279 ( https://gitlab.com/nbdkit/libnbd/-/commit/2db30279bad4f9923baa541008f5da1... ) Commit Message: socket activation: set LISTEN_FDNAMES Add LIST... Commit Author: Laszlo Ersek ( https://gitlab.com/lersek ) Pipeline #819889104 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/819889104 ) triggered by Laszlo Ersek ( https://gitlab.com/lersek ) had 1 failed job. Job #4013077739 ( https://gitlab.com/nbdkit/libnbd/-/jobs/4013077739/raw ) Stage: builds Name: x86_64-almalinux-8-clang-prebuilt-env -- You're receiving this email because of your account on gitlab.com.

1 year, 7 months

3
2
0 / 0

[libnbd PATCH v5 0/4] pass LISTEN_FDNAMES with systemd socket activation

by Laszlo Ersek

V4 was here (incorrectly versioned on the mailing list as v3): <http://mid.mail-archive.com/20230323121016.1442655-1-lersek@redhat.com>. See the Notes section on each patch for the v5 updates. Laszlo Ersek (2): socket activation: generalize environment construction socket activation: set LISTEN_FDNAMES Richard W.M. Jones (2): common/include: Copy ascii-ctype functions from nbdkit generator: Add APIs to get/set the socket activation socket name .gitignore | 1 + common/include/Makefile.am | 6 + common/include/ascii-ctype.h | 75 +++++++++ common/include/test-ascii-ctype.c | 88 ++++++++++ generator/API.ml | 50 ++++++ generator/states-connect-socket-activation.c | 170 ++++++++++++++++---- lib/handle.c | 56 +++++++ lib/internal.h | 1 + 8 files changed, 412 insertions(+), 35 deletions(-) create mode 100644 common/include/ascii-ctype.h create mode 100644 common/include/test-ascii-ctype.c base-commit: a48a1142bc54b09dbd9ed45cc9f9f4945f8174ef

1 year, 7 months

2
7
0 / 0

[libnbd PATCH v3 00/19] pass LISTEN_FDNAMES with systemd socket activation

by Laszlo Ersek

V3 was here: <http://mid.mail-archive.com/20230215141158.2426855-1-lersek@redhat.com>. See the Notes section on each patch for the v4 updates. The series is nearly ready for merging: every patch has at least one R-b tag, except "socket activation: avoid manipulating the sign bit". The series builds, and passes "make check" and "make check-valgrind", at every stage. Thanks for reviewing! Laszlo Laszlo Ersek (17): socket activation: fix error message upon asprintf() failure socket activation: clean up responsibilities of prep.sock.act.env.() socket activation: avoid manipulating the sign bit socket activation: check syscalls for errors in the child process socket activation: centralize resource release socket activation: plug AF_UNIX socket address (filesystem) leak on error socket activation: replace execvp() call with fork-safe variant CONNECT_COMMAND.START: fix small comment thinko about socket pair usage CONNECT_COMMAND.START: set the NBD error when fcntl() fails CONNECT_COMMAND.START: use symbolic constants for fd#0 and fd#1 CONNECT_COMMAND.START: sanitize close() calls in the child process CONNECT_COMMAND.START: check syscalls for errors in the child process CONNECT_COMMAND.START: centralize resource release CONNECT_COMMAND.START: plug child process leak on error CONNECT_COMMAND.START: replace execvp() call with fork-safe variant socket activation: generalize environment construction socket activation: set LISTEN_FDNAMES Richard W.M. Jones (2): common/include: Copy ascii-ctype functions from nbdkit generator: Add APIs to get/set the socket activation socket name lib/internal.h | 1 + common/include/ascii-ctype.h | 75 +++++ generator/API.ml | 49 ++++ generator/states-connect-socket-activation.c | 287 ++++++++++++++------ generator/states-connect.c | 123 ++++++--- lib/handle.c | 56 ++++ common/include/Makefile.am | 6 + common/include/test-ascii-ctype.c | 88 ++++++ .gitignore | 1 + 9 files changed, 570 insertions(+), 116 deletions(-) create mode 100644 common/include/ascii-ctype.h create mode 100644 common/include/test-ascii-ctype.c base-commit: 9075f68ffc8bed320d0d1d46f1f0456d10626878

1 year, 8 months

2
39
0 / 0

Re: [Libguestfs] [PATCH 1/1] nbd/server: push pending frames after sending reply

by Eric Blake

On Fri, Mar 24, 2023 at 11:47:20AM +0100, Florian Westphal wrote: > qemu-nbd doesn't set TCP_NODELAY on the tcp socket. > > Kernel waits for more data and avoids transmission of small packets. > Without TLS this is barely noticeable, but with TLS this really shows. > > Booting a VM via qemu-nbd on localhost (with tls) takes more than > 2 minutes on my system. tcpdump shows frequent wait periods, where no > packets get sent for a 40ms period. Thank you for this analysis. > > Add explicit (un)corking when processing (and responding to) requests. > "TCP_CORK, &zero" after earlier "CORK, &one" will flush pending data. > > VM Boot time: > main: no tls: 23s, with tls: 2m45s > patched: no tls: 14s, with tls: 15s > > VM Boot time, qemu-nbd via network (same lan): > main: no tls: 18s, with tls: 1m50s > patched: no tls: 17s, with tls: 18s And the timings bear proof that it matters. > > Future optimization: if we could detect if there is another pending > request we could defer the uncork operation because more data would be > appended. nbdkit and libnbd do this with the MSG_MORE flag (plaintext) and TLS corking (tls); when building up a message to the other side, a flag is set any time we know we are likely to send more data very shortly. nbdkit wraps it under a flag SEND_MORE, which applies to both plaintext: https://gitlab.com/nbdkit/nbdkit/-/blob/master/server/connections.c#L415 and to TLS connections: https://gitlab.com/nbdkit/nbdkit/-/blob/master/server/crypto.c#L396 while libnbd uses MSG_MORE a bit more directly for the same purpose for plaintext, but isn't (yet) doing TLS corking: https://gitlab.com/nbdkit/libnbd/-/blob/master/generator/states-issue-com... https://gitlab.com/nbdkit/libnbd/-/blob/master/lib/internal.h#L57 I would love to see a future patch to qio_channel code to support MSG_MORE in the same way as nbdkit is using its SEND_MORE flag, as the caller often has more info on whether it is sending a short prefix or is done with a conceptual message and ready to uncork, and where the use of a flag can be more efficient than separate passes through cork/uncork calls. But even your initial work at properly corking is a good step in the right direction. And surprisingly, qemu IS using corking on the client side: https://gitlab.com/qemu-project/qemu/-/blob/master/block/nbd.c#L525 just not on the server side, before your patch. > > Signed-off-by: Florian Westphal <fw(a)strlen.de> > --- > nbd/server.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/nbd/server.c b/nbd/server.c > index a4750e41880a..848836d41405 100644 > --- a/nbd/server.c > +++ b/nbd/server.c > @@ -2667,6 +2667,8 @@ static coroutine_fn void nbd_trip(void *opaque) > goto disconnect; > } > > + qio_channel_set_cork(client->ioc, true); > + > if (ret < 0) { > /* It wasn't -EIO, so, according to nbd_co_receive_request() > * semantics, we should return the error to the client. */ > @@ -2692,6 +2694,7 @@ static coroutine_fn void nbd_trip(void *opaque) > goto disconnect; > } > > + qio_channel_set_cork(client->ioc, false); Reviewed-by: Eric Blake <eblake(a)redhat.com> > done: > nbd_request_put(req); > nbd_client_put(client); > -- > 2.39.2 > -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org

1 year, 8 months

2
2
0 / 0

[libnbd PATCH v4 0/2] lib/utils: introduce async-signal-safe execvpe()

by Laszlo Ersek

This is version 4 of the following sub-series: [libnbd PATCH v3 09/29] lib/utils: introduce async-signal-safe execvpe() [libnbd PATCH v3 10/29] lib/utils: add unit tests for async-signal-safe execvpe() http://mid.mail-archive.com/20230215141158.2426855-10-lersek@redhat.com http://mid.mail-archive.com/20230215141158.2426855-11-lersek@redhat.com The Notes section on each patch records the updates for that patch. For assisting with incremental review, here's a range-diff: > 1: c5f89eaa0aaf ! 1: 2a3c95d0701f lib/utils: introduce async-signal-safe execvpe() > @@ Commit message > not to pass it, per APPLICATION USAGE [09], but on Linux/glibc, O_EXEC > does not seem supported, only O_PATH does [10]. > > - Thus the chosen approach -- pre-generate filenames -- contains a small > + Thus the chosen approach -- pre-generate filenames -- contains a small > TOCTTOU race (highlighted by Eric) after all, but it should be harmless. > > Implementation-defined details: > @@ Commit message > > If PATH is set but empty ("set to null") [02], or PATH is unset and > confstr(_CS_PATH) fails or returns no information or returns the empty > - string, we fail the initial scanning (!) with ENOENT. This is consistent > - with bash's behavior on Linux/glibc: > - > - $ PATH= ls > - bash: ls: No such file or directory > + string, we fail the initial scanning (!) with ENOENT. > > Details chosen for unspecified behavior: > > @@ Commit message > > Suggested-by: Eric Blake <eblake(a)redhat.com> > Signed-off-by: Laszlo Ersek <lersek(a)redhat.com> > + Reviewed-by: Eric Blake <eblake(a)redhat.com> > + Reviewed-by: Richard W.M. Jones <rjones(a)redhat.com> > + > + > + ## Notes ## > + v4: > + > + - remove double space typo from commit message [Eric] > + > + - remove the allusion to bash compatibility in the > + "Implementation-defined details" part of the commit message, where the > + latter discusses PATH being "set to null" [Eric] > + > + - pick up R-b's from Eric and Rich > + > + - keep the #include "..." list sorted -- #include "checked-overflow.h" > + above "minmax.h", not below it > + > + - in get_path(), replace the FIXME comments with notes that explain why > + we don't lock the environment [Eric] > > ## lib/internal.h ## > @@ lib/internal.h: struct command { > @@ lib/internal.h: extern void nbd_internal_fork_safe_assert (int result, const cha > > ## lib/utils.c ## > @@ > - #include <limits.h> > + #include <sys/uio.h> > > - #include "minmax.h" > + #include "array-size.h" > +#include "checked-overflow.h" > + #include "minmax.h" > > #include "internal.h" > - > @@ lib/utils.c: nbd_internal_fork_safe_assert (int result, const char *file, long line, > - xwrite (STDERR_FILENO, "' failed.\n", 10); > + assertion, "' failed.\n", (char *)NULL); > abort (); > } > + > @@ lib/utils.c: nbd_internal_fork_safe_assert (int result, const char *file, long l > + bool env_path_found; > + size_t path_size, path_size2; > + > -+ /* FIXME: lock the environment. */ > ++ /* Note: per POSIX, here we should lock the environment, even just for > ++ * getenv(). However, glibc and any other high-quality libc will not be > ++ * modifying "environ" during getenv(), and no sane application should modify > ++ * the environment after launching threads. > ++ */ > + path = getenv ("PATH"); > + if ((env_path_found = (path != NULL))) > + path = strdup (path); > -+ /* FIXME: unlock the environment. */ > ++ /* This is where we'd unlock the environment. */ > + > + if (env_path_found) { > + /* This handles out-of-memory as well. */ > 2: e8fba75ecf93 ! 2: 647a46b965c4 lib/utils: add unit tests for async-signal-safe execvpe() > @@ Commit message > nbd_internal_fork_safe_execvpe(). > > Signed-off-by: Laszlo Ersek <lersek(a)redhat.com> > + Reviewed-by: Richard W.M. Jones <rjones(a)redhat.com> > + Reviewed-by: Eric Blake <eblake(a)redhat.com> > + > + > + ## Notes ## > + v4: > + > + - pick up R-b's from Rich and Eric > + > + - "errors.c" makes the test case dependent on pthread_getspecific(), so > + reflect Eric's commit 742cbd8c7adc ("lib: Use PTHREAD_LIBS where > + needed", 2023-03-17), that is, "xxx_LDADD = $(PTHREAD_LIBS)", to this > + test case [thanks to Eric for that fixup BTW] > + > + - replace EXIT trap handler with cleanup_fn [Eric] > + > + - Create "subdir/f" as a directory, and extend two test scenarios to > + show that "subdir/f", even though "f" has search (execute) permission, > + results in EACCES (directly), and does not stop advancement through > + PATH="...:subdir:..." (indirectly) [Eric]. Use "mkdir + mkdir" for > + creating the "f" directory, rather than "mkdir -p", for symmetry with > + "mkdir + mkfifo" before, and "mkdir + touch" after. > + > + - replace "<imperative>, such that <subjunctive>" with "<imperative>, > + such that <indicative>" (= s/lead/leads/) [Eric] > > ## lib/test-fork-safe-execvpe.c (new) ## > @@ > @@ lib/Makefile.am: pkgconfig_DATA = libnbd.pc > > test_fork_safe_assert_SOURCES = \ > @@ lib/Makefile.am: test_fork_safe_assert_SOURCES = \ > - test-fork-safe-assert.c \ > utils.c \ > $(NULL) > + test_fork_safe_assert_LDADD = $(PTHREAD_LIBS) > + > +test_fork_safe_execvpe_SOURCES = \ > + $(top_srcdir)/common/utils/vector.c \ > @@ lib/Makefile.am: test_fork_safe_assert_SOURCES = \ > + test-fork-safe-execvpe.c \ > + utils.c \ > + $(NULL) > ++test_fork_safe_execvpe_LDADD = $(PTHREAD_LIBS) > > ## lib/test-fork-safe-execvpe.sh (new) ## > @@ > @@ lib/test-fork-safe-execvpe.sh (new) > +# License along with this library; if not, write to the Free Software > +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA > + > ++. ../tests/functions.sh > ++ > +set -e > + > +# Determine the absolute pathname of the execvpe helper binary. The "realpath" > @@ lib/test-fork-safe-execvpe.sh (new) > + > +# Create a temporary directory and change the working directory to it. > +tmpd=$(mktemp -d) > -+trap 'rm -r -- "$tmpd"' EXIT > ++cleanup_fn rm -r -- "$tmpd" > +cd "$tmpd" > + > +# If the "file" parameter of execvpe() is an empty string, then we must fail -- > @@ lib/test-fork-safe-execvpe.sh (new) > +mkdir fifo > +mkfifo fifo/f > + > ++# Create a directory with a directory in it. > ++mkdir subdir > ++mkdir subdir/f > ++ > +# Create a directory with a non-executable file in it. > +mkdir nxregf > +touch nxregf/f > @@ lib/test-fork-safe-execvpe.sh (new) > +# the "file" parameter didn't contain a <slash>.) > +run "" empty/f; execve_fail empty/f ENOENT > +run "" fifo/f; execve_fail fifo/f EACCES > ++run "" subdir/f; execve_fail subdir/f EACCES > +run "" nxregf/f; execve_fail nxregf/f EACCES > +run "" nxregf/f/; execve_fail nxregf/f/ ENOTDIR > +run "" symlink/f; execve_fail symlink/f ELOOP > @@ lib/test-fork-safe-execvpe.sh (new) > +# > +# Show that, if the last candidate fails execve() with an error number that > +# would not be fatal otherwise, we do get that error number. > -+run empty:fifo:nxregf:symlink f > -+execve_fail empty/f,fifo/f,nxregf/f,symlink/f ELOOP > ++run empty:fifo:subdir:nxregf:symlink f > ++execve_fail empty/f,fifo/f,subdir/f,nxregf/f,symlink/f ELOOP > + > -+# Put a single prefix in PATH, such that it lead to a successful execution. This > -+# exercises two things at the same time: (a) that nbd_internal_execvpe_init() > -+# produces *one* candidate (i.e., that no <colon> is seen), and (b) that > -+# nbd_internal_fork_safe_execvpe() succeeds for the *last* candidate. Repeat the > -+# test with "expr" (called "f" under "bin") and the shell script (called "f" > -+# under "sh", triggering the ENOEXEC branch). > ++# Put a single prefix in PATH, such that it leads to a successful execution. > ++# This exercises two things at the same time: (a) that > ++# nbd_internal_execvpe_init() produces *one* candidate (i.e., that no <colon> is > ++# seen), and (b) that nbd_internal_fork_safe_execvpe() succeeds for the *last* > ++# candidate. Repeat the test with "expr" (called "f" under "bin") and the shell > ++# script (called "f" under "sh", triggering the ENOEXEC branch). > +run bin f 1 + 1; success bin/f,2 > +run sh f arg1; success sh/f,"sh/f arg1" > + Thanks for reviewing, Laszlo Laszlo Ersek (2): lib/utils: introduce async-signal-safe execvpe() lib/utils: add unit tests for async-signal-safe execvpe() .gitignore | 1 + lib/Makefile.am | 11 + lib/internal.h | 22 ++ lib/test-fork-safe-execvpe.c | 117 +++++++ lib/test-fork-safe-execvpe.sh | 277 +++++++++++++++ lib/utils.c | 355 ++++++++++++++++++++ 6 files changed, 783 insertions(+) create mode 100644 lib/test-fork-safe-execvpe.c create mode 100755 lib/test-fork-safe-execvpe.sh base-commit: 742cbd8c7adce91eb61b74524df3eb0180799653

1 year, 8 months

3
25
0 / 0

[libnbd PATCH 0/3] reenable execvpe unit testing in Alpine Linux containers

by Laszlo Ersek

These patches have been pushed (f5a065aa3a9c..9075f68ffc8b); I'm posting them for visibility. Laszlo Laszlo Ersek (3): lib/test-fork-safe-execvpe.sh: generalize "run" to "run0" lib/test-fork-safe-execvpe.sh: cope with Alpine Linux / BusyBox limitations Revert "ci: skip "lib/test-fork-safe-execvpe.sh" on Alpine Linux" ci/skipped_tests | 10 ---- lib/test-fork-safe-execvpe.sh | 63 +++++++++++++------- 2 files changed, 42 insertions(+), 31 deletions(-)

1 year, 8 months

1
3
0 / 0

libnbd | Failed pipeline for master | 65631e5d

by GitLab

Pipeline #813094663 has failed! Project: libnbd ( https://gitlab.com/nbdkit/libnbd ) Branch: master ( https://gitlab.com/nbdkit/libnbd/-/commits/master ) Commit: 65631e5d ( https://gitlab.com/nbdkit/libnbd/-/commit/65631e5dfff5d0b8f691aba1e838c83... ) Commit Message: lib/utils: try to placate attribute placement r... Commit Author: Laszlo Ersek ( https://gitlab.com/lersek ) Pipeline #813094663 ( https://gitlab.com/nbdkit/libnbd/-/pipelines/813094663 ) triggered by Laszlo Ersek ( https://gitlab.com/lersek ) had 2 failed jobs. Job #3973002663 ( https://gitlab.com/nbdkit/libnbd/-/jobs/3973002663/raw ) Stage: builds Name: x86_64-alpine-315-prebuilt-env Job #3973002673 ( https://gitlab.com/nbdkit/libnbd/-/jobs/3973002673/raw ) Stage: builds Name: x86_64-alpine-edge-prebuilt-env -- You're receiving this email because of your account on gitlab.com.

1 year, 8 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Libguestfs March 2023