[PATCH v2 0/4] daemon: Translate device names if Linux device is unstable (RHBZ#1804207).
by Richard W.M. Jones
v1 was here:
https://www.redhat.com/archives/libguestfs/2020-February/msg00220.html
This patch series is a little bit better. It's still a bit of a hack.
The _real_ fix for this is outlined in the TODO file (see patch 1) but
that requires a lot more work than we could do before 1.42 is
released, unless we delay 1.42 for a lot longer. I'm hoping with this
to have something which works for 1.42, and then fix it properly in
1.43.
Patch 2 is a debugging patch. It's separated out because we might
consider reverting it in future once we are confident that the
approach is working.
Patch 3 is the second change necessary to how we launch the supermin
appliance. This actually stands alone so could be reviewed
separately. It requires a modest update to our baseline supermin
version.
Patch 4 should be ignored, it's just for my (additional) debugging.
Rich.
4 years, 9 months
[PATCH nbdkit v2] New filter: limit: Limit number of clients that can connect.
by Richard W.M. Jones
This is a second version of the limit filter. v1 was posted here:
https://www.redhat.com/archives/libguestfs/2020-March/msg00015.html
I didn't bother to repost the other three patches because they are the
same.
The difference is this version of the filter takes security more
seriously. It shouldn't be possible for malicious clients to connect
more than limit=N times to the plugin now, which should be the main
"threat" that this filter protects against.
However malicious clients could still play tricks at the TCP level
(eg. half-opened connections), connect as many times as they want to
the server, and have as many NBD negotiations going on (albeit
slowly). It would be possible to mitigate this further in the filter
by counting "preconnected" clients separately, but the filter does not
do this at present. Most likely if you were serious about this you'd
want some other kind of protection outside the server.
I'll note here that nbdkit has no time limit on NBD protocol
negotiation. Possibly it should.
$ nbdkit null
$ telnet localhost 10809
Trying ::1...
Connected to localhost.
Escape character is '^]'.
NBDMAGICIHAVEOPT <--- sits forever
Rich.
4 years, 9 months
[PATCH nbdkit 0/4] server: Add nbdkit_shutdown() call and two new filters.
by Richard W.M. Jones
This adds a new nbdkit_shutdown() API whereby plugins and filters can
request that the server shuts down (asynchronously) during the serving
phase.
Two new filters are added, one of which depends on this feature and
the other not needing it but being somewhat related.
Rich.
4 years, 9 months
Having integration tests "test the future" with QEMU
by Markus Armbruster
I understand libguestfs comes with integration tests. You might be
interested in something I'm developing for QEMU 5.0 to permit "testing
the future". I'd like to ensure it is actually useful before I
continue. Let me know what you think.
= Motivation =
When layers above QEMU somehow miss feature deprecation, things continue
to work until the deprecated interface goes away, at which point we have
an entirely avoidable regression.
We've been trying to get better at communicating feature deprecation to
the layers above QEMU. An obvious first step was systematic
documentation.
However, documentation is all too easy to miss. Even if you don't miss
it, you may need to continue using the deprecated feature with old
versions of QEMU, and that logic needs to be tested.
I'm working on a way to run QEMU with the deprecated features disabled.
This permits "testing the future".
>From my cover letter:
This series extends QMP introspection to cover deprecation.
Additionally, new option -compat lets you configure what to do when
deprecated interfaces get used. This is intended for testing users of
the management interfaces. It is experimental.
-compat deprecated-input=<in-policy> configures what to do when
deprecated input is received. Available policies:
* accept: Accept deprecated commands and arguments (default)
* reject: Reject them
* crash: Crash
-compat deprecated-output=<out-policy> configures what to do when
deprecated output is sent. Available output policies:
* accept: Emit deprecated command results and events (default)
* hide: Suppress them
For now, -compat covers only deprecated syntactic aspects of QMP. We
may want to extend it to cover semantic aspects, CLI, and experimental
features.
If you want to learn more, check out the last three commit messages in
the series.
= Patches =
[PATCH v2 00/30] Configurable policy for handling deprecated interfaces
Message-Id: <20200303163505.32041-1-armbru(a)redhat.com>
https://lists.nongnu.org/archive/html/qemu-devel/2020-03/msg00645.html
= Git =
Tag patchew/20200303163505.32041-1-armbru(a)redhat.com in repository
https://github.com/patchew-project/qemu.git
4 years, 9 months
[PATCH v3] windows: delay installation of qemu-ga MSI
by Tomáš Golembiovský
Instead of running firstboot script during early boot schedule a task
delayed for 2 minutes.
During the first boot, after virt-v2v conversion, Windows installs the
drivers injected by virt-v2v. When this installation is finished
Windows enforces some kind of internal reboot. This unfortunately
terminates any running firstboot scripts thus killing the installation
of qemu-ga MSI.
This is just a best-effort mitigation. It can still happen (e.g. with
slow disk drives) that the drivers are not yet installed when the
delayed installation starts. On the other hand we cannot delay it too
much otherwise we risk that the users logs in and will be doing some
work when the MSI installation starts. After MSI installation finishes
the VM needs to be rebooted which would be annoying if that would happen
under users hands. Although this is not a best fix (that may come later
as it is more complex, e.g. introducing waiting mechanism), the delay as
it is defined works in most cases. And it dramaticaly improves the
situations -- originaly I experienced more than 90% failure rate.
Signed-off-by: Tomáš Golembiovský <tgolembi(a)redhat.com>
---
common | 2 +-
v2v/convert_windows.ml | 12 ++++--------
2 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/common b/common
index ea10827b..5371257c 160000
--- a/common
+++ b/common
@@ -1 +1 @@
-Subproject commit ea10827b4cfb3cfe5f782421c01d2902e5f73f90
+Subproject commit 5371257c3cf27fb09d5f2e31ba378b0e6ccf5df6
diff --git a/v2v/convert_windows.ml b/v2v/convert_windows.ml
index 0fda1d4e..bed5989a 100644
--- a/v2v/convert_windows.ml
+++ b/v2v/convert_windows.ml
@@ -429,14 +429,10 @@ popd
List.iter (
fun msi_path ->
let fb_script = "\
-echo Installing qemu-ga from " ^ msi_path ^ "
-\"\\" ^ msi_path ^ "\" /norestart /qn /l+*vx \"%~dpn0.log\"
-set elvl=!errorlevel!
-echo Done installing qemu-ga error_level=!elvl!
-if !elvl! == 0 (
- echo Restarting Windows...
- shutdown /r /f /c \"rebooted by firstboot script\"
-)
+echo Removing any previously scheduled qemu-ga installation
+schtasks.exe /Delete /TN Firstboot-qemu-ga /F
+echo Scheduling delayed installation of qemu-ga from " ^ msi_path ^ "
+powershell.exe -command \"$d = (get-date).AddSeconds(120); schtasks.exe /Create /SC ONCE /ST $d.ToString('HH:mm') /SD $d.ToString('MM/dd/yyyy') /RU SYSTEM /TN Firstboot-qemu-ga /TR \\\"C:\\" ^ msi_path ^ " /forcerestart /qn /l+*vx C:\\" ^ msi_path ^ ".log\\\"\"
" in
Firstboot.add_firstboot_script g inspect.i_root
("install " ^ msi_path) fb_script;
--
2.25.0
4 years, 9 months
[PATCH nbdkit] server: Only display "close: " debug message if callback is called.
by Richard W.M. Jones
For example if .preconnect fails, it printed the debug messages:
debug: preconnect: ...
debug: close: ...
This confused me into thinking that the close callback was actually
being called without a corresponding open. In fact it is not called
in this case. Suppress the debug message unless the callback is
actually being called.
---
server/backend.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/server/backend.c b/server/backend.c
index 51b56a48..108f4a25 100644
--- a/server/backend.c
+++ b/server/backend.c
@@ -241,10 +241,10 @@ backend_close (struct backend *b)
struct handle *h = get_handle (conn, b->i);
/* outer-to-inner order, opposite .open */
- controlpath_debug ("%s: close", b->name);
if (h->handle) {
assert (h->state & HANDLE_OPEN);
+ controlpath_debug ("%s: close", b->name);
b->close (b, h->handle);
}
else
--
2.25.0
4 years, 9 months
[PATCH 0/1] Delay installation of QEMU-GA
by Tomáš Golembiovský
This is a replacement for previously posted patch "Delay firstboot scripts to
some later time":
https://www.redhat.com/archives/libguestfs/2019-November/msg00134.html
Instead of delaying all the firstboot scripts we just delay the QEMU-GA
installation that we know is problematic. I will possibly send a similar patch
for RHEV-APT installation later.
Tomáš Golembiovský (1):
windows: delay installation of qemu-ga MSI
v2v/convert_windows.ml | 12 ++++--------
1 file changed, 4 insertions(+), 8 deletions(-)
--
2.25.0
4 years, 9 months
[PATCH v2] windows: delay installation of qemu-ga MSI
by Tomáš Golembiovský
Instead of running firstboot script during early boot schedule a task
delayed for 2 minutes.
During the first boot, after virt-v2v conversion, Windows installs the
drivers injected by virt-v2v. When this installation is finished
Windows enforces some kind of internal reboot. This unfortunately
terminates any running firstboot scripts thus killing the installation
of qemu-ga MSI.
Signed-off-by: Tomáš Golembiovský <tgolembi(a)redhat.com>
---
common | 2 +-
v2v/convert_windows.ml | 12 ++++--------
2 files changed, 5 insertions(+), 9 deletions(-)
diff --git a/common b/common
index ea10827b..5371257c 160000
--- a/common
+++ b/common
@@ -1 +1 @@
-Subproject commit ea10827b4cfb3cfe5f782421c01d2902e5f73f90
+Subproject commit 5371257c3cf27fb09d5f2e31ba378b0e6ccf5df6
diff --git a/v2v/convert_windows.ml b/v2v/convert_windows.ml
index 0fda1d4e..bed5989a 100644
--- a/v2v/convert_windows.ml
+++ b/v2v/convert_windows.ml
@@ -429,14 +429,10 @@ popd
List.iter (
fun msi_path ->
let fb_script = "\
-echo Installing qemu-ga from " ^ msi_path ^ "
-\"\\" ^ msi_path ^ "\" /norestart /qn /l+*vx \"%~dpn0.log\"
-set elvl=!errorlevel!
-echo Done installing qemu-ga error_level=!elvl!
-if !elvl! == 0 (
- echo Restarting Windows...
- shutdown /r /f /c \"rebooted by firstboot script\"
-)
+echo Removing any previously scheduled qemu-ga installation
+schtasks.exe /Delete /TN Firstboot-qemu-ga /F
+echo Scheduling delayed installation of qemu-ga from " ^ msi_path ^ "
+powershell.exe -command \"$d = (get-date).AddSeconds(120); schtasks.exe /Create /SC ONCE /ST $d.ToString('HH:mm') /SD $d.ToString('MM/dd/yyyy') /RU SYSTEM /TN Firstboot-qemu-ga /TR \\\"C:\\" ^ msi_path ^ " /forcerestart /qn /l+*vx C:\\" ^ msi_path ^ ".log\\\"\"
" in
Firstboot.add_firstboot_script g inspect.i_root
("install " ^ msi_path) fb_script;
--
2.25.0
4 years, 9 months