[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] Updated James Morris patch to apply to libvirt-0.6.0 version



On Fri, Feb 20, 2009 at 02:38:05PM +0000, Daniel P. Berrange wrote:

> I think we need to move place where we set the exec context to after
> the fork() call, ideally to be the very last call made before the
> actual execve().
> 
> We do not currently have an easy way todo this, but I have the exact
> same problem in my patches to integrate with cgroups - I need to add
> the new PID to the appropriate cgroup immediately before exec'ing.
> So i suggest the following patch whichs a generic callback to the
> virExec() call, so we can implant the neccessary logic after the fork()
> and just before the real execve(), and safely in the child process.
> 
> To use this, we'd make qemudStartVM() pass in a virExecHook callback
> which does the call to  qemudDomainSetSecurityLabel()


I've committed this patch to CVS now.


> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
> @@ -291,6 +291,7 @@ virEnumToString;
>  virEventAddHandle;
>  virEventRemoveHandle;
>  virExec;
> +virExecWithHook;
>  virSetNonBlock;
>  virFormatMacAddr;
>  virGetHostname;
> diff --git a/src/util.c b/src/util.c
> --- a/src/util.c
> +++ b/src/util.c
> @@ -199,7 +199,10 @@ __virExec(virConnectPtr conn,
>            const fd_set *keepfd,
>            pid_t *retpid,
>            int infd, int *outfd, int *errfd,
> -          int flags) {
> +          int flags,
> +          virExecHook hook,
> +          void *data)
> +{
>      pid_t pid;
>      int null, i, openmax;
>      int pipeout[2] = {-1,-1};
> @@ -411,6 +414,9 @@ __virExec(virConnectPtr conn,
>          childerr != childout)
>          close(childerr);
>  
> +    if (hook)
> +        (hook)(data);
> +
>      if (envp)
>          execve(argv[0], (char **) argv, (char**)envp);
>      else
> @@ -445,13 +451,16 @@ __virExec(virConnectPtr conn,
>  }
>  
>  int
> -virExec(virConnectPtr conn,
> -        const char *const*argv,
> -        const char *const*envp,
> -        const fd_set *keepfd,
> -        pid_t *retpid,
> -        int infd, int *outfd, int *errfd,
> -        int flags) {
> +virExecWithHook(virConnectPtr conn,
> +                const char *const*argv,
> +                const char *const*envp,
> +                const fd_set *keepfd,
> +                pid_t *retpid,
> +                int infd, int *outfd, int *errfd,
> +                int flags,
> +                virExecHook hook,
> +                void *data)
> +{
>      char *argv_str;
>  
>      if ((argv_str = virArgvToString(argv)) == NULL) {
> @@ -462,7 +471,21 @@ virExec(virConnectPtr conn,
>      VIR_FREE(argv_str);
>  
>      return __virExec(conn, argv, envp, keepfd, retpid, infd, outfd, errfd,
> -                     flags);
> +                     flags, hook, data);
> +}
> +
> +int
> +virExec(virConnectPtr conn,
> +        const char *const*argv,
> +        const char *const*envp,
> +        const fd_set *keepfd,
> +        pid_t *retpid,
> +        int infd, int *outfd, int *errfd,
> +        int flags)
> +{
> +    return virExecWithHook(conn, argv, envp, keepfd, retpid,
> +                           infd, outfd, errfd,
> +                           flags, NULL, NULL);
>  }
>  
>  static int
> @@ -580,7 +603,7 @@ virRun(virConnectPtr conn,
>  
>      if ((execret = __virExec(conn, argv, NULL, NULL,
>                               &childpid, -1, &outfd, &errfd,
> -                             VIR_EXEC_NONE)) < 0) {
> +                             VIR_EXEC_NONE, NULL, NULL)) < 0) {
>          ret = execret;
>          goto error;
>      }
> diff --git a/src/util.h b/src/util.h
> --- a/src/util.h
> +++ b/src/util.h
> @@ -40,6 +40,21 @@ enum {
>  
>  int virSetNonBlock(int fd);
>  
> +/* This will execute in the context of the first child
> + * immediately after fork() */
> +typedef int (*virExecHook)(void *data);
> +
> +int virExecWithHook(virConnectPtr conn,
> +                    const char *const*argv,
> +                    const char *const*envp,
> +                    const fd_set *keepfd,
> +                    int *retpid,
> +                    int infd,
> +                    int *outfd,
> +                    int *errfd,
> +                    int flags,
> +                    virExecHook hook,
> +                    void *data);
>  int virExec(virConnectPtr conn,
>              const char *const*argv,
>              const char *const*envp,
> 
> 


Daniel
-- 
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]