diff --git a/2552752f-libxl-fix-lock-manager-lock-ordering.patch b/2552752f-libxl-fix-lock-manager-lock-ordering.patch new file mode 100644 index 0000000..f9bc986 --- /dev/null +++ b/2552752f-libxl-fix-lock-manager-lock-ordering.patch @@ -0,0 +1,87 @@ +commit 2552752f0b6504a80f6306e5aae2c7063d24f1ab +Author: Jim Fehlig +Date: Mon Oct 14 14:01:00 2019 -0600 + + libxl: Fix lock manager lock ordering + + The ordering of lock manager locks in the libxl driver has a flaw that was + uncovered by a migration error path. In the perform phase of migration, the + source host calls virDomainLockProcessPause to release the lock before + sending the VM to the destination host. If the send fails an attempt is made + to reacquire the lock with virDomainLockProcessResume, but that too can fail + if the destination host has not finished cleaning up the failed VM and + releasing the lock it acquired when starting to receive the VM. + + This change delays calling virDomainLockProcessResume in libxlDomainStart + until the VM is successfully created, but before it is unpaused. A similar + approach is used by the qemu driver, avoiding the need to release the lock + if VM creation fails. In the migration perform phase, releasing the lock + with virDomainLockProcessPause is delayed until the VM is successfully + sent to the destination, which avoids reacquiring the lock if the send + fails. + + Signed-off-by: Jim Fehlig + Reviewed-by: Cole Robinson + +Index: libvirt-5.9.0/src/libxl/libxl_domain.c +=================================================================== +--- libvirt-5.9.0.orig/src/libxl/libxl_domain.c ++++ libvirt-5.9.0/src/libxl/libxl_domain.c +@@ -1347,13 +1347,6 @@ libxlDomainStart(libxlDriverPrivatePtr d + NULL) < 0) + goto cleanup; + +- if (virDomainLockProcessResume(driver->lockManager, +- "xen:///system", +- vm, +- priv->lockState) < 0) +- goto cleanup; +- VIR_FREE(priv->lockState); +- + if (libxlNetworkPrepareDevices(vm->def) < 0) + goto cleanup_dom; + +@@ -1436,6 +1429,13 @@ libxlDomainStart(libxlDriverPrivatePtr d + + libxlLoggerOpenFile(cfg->logger, domid, vm->def->name, config_json); + ++ if (virDomainLockProcessResume(driver->lockManager, ++ "xen:///system", ++ vm, ++ priv->lockState) < 0) ++ goto destroy_dom; ++ VIR_FREE(priv->lockState); ++ + /* Always enable domain death events */ + if (libxl_evenable_domain_death(cfg->ctx, vm->def->id, 0, &priv->deathW)) + goto destroy_dom; +Index: libvirt-5.9.0/src/libxl/libxl_migration.c +=================================================================== +--- libvirt-5.9.0.orig/src/libxl/libxl_migration.c ++++ libvirt-5.9.0/src/libxl/libxl_migration.c +@@ -1240,20 +1240,16 @@ libxlDomainMigrationSrcPerform(libxlDriv + sockfd = virNetSocketDupFD(sock, true); + virObjectUnref(sock); + +- if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0) +- VIR_WARN("Unable to release lease on %s", vm->def->name); +- VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState)); +- + /* suspend vm and send saved data to dst through socket fd */ + virObjectUnlock(vm); + ret = libxlDoMigrateSrcSend(driver, vm, flags, sockfd); + virObjectLock(vm); + +- if (ret < 0) { +- virDomainLockProcessResume(driver->lockManager, +- "xen:///system", +- vm, +- priv->lockState); ++ if (ret == 0) { ++ if (virDomainLockProcessPause(driver->lockManager, vm, &priv->lockState) < 0) ++ VIR_WARN("Unable to release lease on %s", vm->def->name); ++ VIR_DEBUG("Preserving lock state '%s'", NULLSTR(priv->lockState)); ++ } else { + /* + * Confirm phase will not be executed if perform fails. End the + * job started in begin phase. diff --git a/libvirt.changes b/libvirt.changes index e61b525..c208021 100644 --- a/libvirt.changes +++ b/libvirt.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Thu Nov 14 17:31:35 UTC 2019 - James Fehlig + +- libxl: Fix lock manager lock ordering + 2552752f-libxl-fix-lock-manager-lock-ordering.patch + bsc#1145774 + +------------------------------------------------------------------- +Tue Nov 12 22:51:54 UTC 2019 - James Fehlig + +- spec: Forcibly remove '--listen' option from LIBVIRTD_ARGS in + /etc/sysconfig/libvirtd since it is incompatible with socket + activation. Also add '--timeout' option for consistency with + upstream. + boo#1156161 + +------------------------------------------------------------------- +Mon Nov 11 23:32:43 UTC 2019 - James Fehlig + +- Enable automatic firmware seletction and add the new smm + flavor to the build-time firmware list + jsc#SLE-6997 + ------------------------------------------------------------------- Wed Nov 6 14:55:39 UTC 2019 - James Fehlig diff --git a/libvirt.spec b/libvirt.spec index 3151be3..3de04e6 100644 --- a/libvirt.spec +++ b/libvirt.spec @@ -338,6 +338,7 @@ Source6: libvirtd-relocation-server.xml Source99: baselibs.conf Source100: %{name}-rpmlintrc # Upstream patches +Patch0: 2552752f-libxl-fix-lock-manager-lock-ordering.patch # Patches pending upstream review Patch100: libxl-dom-reset.patch Patch101: network-don-t-use-dhcp-authoritative-on-static-netwo.patch @@ -871,6 +872,7 @@ libvirt plugin for NSS for translating domain names into IP addresses. %prep %setup -q +%patch0 -p1 %patch100 -p1 %patch101 -p1 %patch150 -p1 @@ -1003,20 +1005,25 @@ libvirt plugin for NSS for translating domain names into IP addresses. %define arg_selinux_mount --with-selinux-mount="/selinux" -# x86_64 UEFI firmwares -# To more closely resemble actual hardware, we use the firmwares with -# embedded Microsoft keys -# -# The Windows HCK test requires a bigger variable store, so 4MB firmware -# images have been introduced. They are advertised first and will be -# used by default for new VM installations. The 2MB images are still -# available for existing VMs, and can be selected for new installations -# as well. -LOADERS="/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin" -LOADERS="$LOADERS:/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin" -# aarch64 UEFI firmwares -LOADERS="$LOADERS:/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin" -%define arg_loader_nvram --with-loader-nvram="$LOADERS" +# UEFI firmwares +# For SLE15 SP2 (Leap 15.2) and newer, use firmware descriptor files from the +# firmware packages, otherwise define firmwares via configure option +%if ! (0%{?suse_version} > 1500 || 0%{?sle_version} > 150100) + # x86_64 UEFI firmwares + # To more closely resemble actual hardware, we use the firmwares with + # embedded Microsoft keys + # + # The Windows HCK test requires a bigger variable store, so 4MB firmware + # images have been introduced. They are advertised first and will be + # used by default for new VM installations. The 2MB images are still + # available for existing VMs, and can be selected for new installations + # as well. + LOADERS="/usr/share/qemu/ovmf-x86_64-ms-4m-code.bin:/usr/share/qemu/ovmf-x86_64-ms-4m-vars.bin" + LOADERS="$LOADERS:/usr/share/qemu/ovmf-x86_64-ms-code.bin:/usr/share/qemu/ovmf-x86_64-ms-vars.bin" + # aarch64 UEFI firmwares + LOADERS="$LOADERS:/usr/share/qemu/aavmf-aarch64-code.bin:/usr/share/qemu/aavmf-aarch64-vars.bin" + %define arg_loader_nvram --with-loader-nvram="$LOADERS" +%endif autoreconf -f -i export CFLAGS="%{optflags}" @@ -1252,6 +1259,14 @@ fi %{fillup_only -n libvirtd} %{fillup_only -n virtlockd} %{fillup_only -n virtlogd} +# The '--listen' option is incompatible with socket activation. +# We need to forcibly remove it from /etc/sysconfig/libvirtd. +# Also add the --timeout option to be consistent with upstream. +# See boo#1156161 for details +sed -i -e '/^\s*LIBVIRTD_ARGS=/s/--listen//g' %{_sysconfdir}/sysconfig/libvirtd +if ! grep -q -E '^\s*LIBVIRTD_ARGS=.*--timeout' %{_sysconfdir}/sysconfig/libvirtd ; then + sed -i 's/^\s*LIBVIRTD_ARGS="\(.*\)"/LIBVIRTD_ARGS="\1 --timeout 120"/' %{_sysconfdir}/sysconfig/libvirtd +fi %preun daemon %service_del_preun libvirtd.service libvirtd.socket libvirtd-ro.socket libvirtd-admin.socket libvirtd-tcp.socket libvirtd-tls.socket virtlockd.service virtlockd.socket virtlogd.service virtlogd.socket virtlockd-admin.socket virtlogd-admin.socket @@ -1271,7 +1286,7 @@ fi # All connection drivers should be installed post transaction. # Time to restart libvirtd. With new socket activation we need to be a bit # smarter on update. Old libvirtd owns the sockets and will delete them on -# shutdown. We can't use try-restart as libvirtd will one the sockets again +# shutdown. We can't use try-restart as libvirtd will own the sockets again # after restart. So we must instead shutdown libvirtd, start the sockets, # then start libvirtd. if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_RESTART_ON_UPDATE" != yes ; then diff --git a/libxl-set-migration-constraints.patch b/libxl-set-migration-constraints.patch index 4fa2031..43e5913 100644 --- a/libxl-set-migration-constraints.patch +++ b/libxl-set-migration-constraints.patch @@ -255,7 +255,7 @@ Index: libvirt-5.9.0/src/libxl/libxl_migration.c { libxlDomainObjPrivatePtr priv = vm->privateData; char *hostname = NULL; -@@ -1246,7 +1267,7 @@ libxlDomainMigrationSrcPerform(libxlDriv +@@ -1242,7 +1263,7 @@ libxlDomainMigrationSrcPerform(libxlDriv /* suspend vm and send saved data to dst through socket fd */ virObjectUnlock(vm); @@ -263,7 +263,7 @@ Index: libvirt-5.9.0/src/libxl/libxl_migration.c + ret = libxlDoMigrateSrcSend(driver, vm, props, sockfd); virObjectLock(vm); - if (ret < 0) { + if (ret == 0) { Index: libvirt-5.9.0/src/libxl/libxl_migration.h =================================================================== --- libvirt-5.9.0.orig/src/libxl/libxl_migration.h