From 7b77f1ef9072414e1008dfdcebeb1433934d0e02 Mon Sep 17 00:00:00 2001 From: Rob Bradford Date: Fri, 6 Nov 2020 10:14:24 +0000 Subject: [PATCH] vmm: Remove self-spawning functionality for vhost-user-{net,block} This also removes the need to lookup up the "exe" symlink for finding the VMM executable path. Fixes: #1925 Signed-off-by: Rob Bradford --- vmm/src/device_manager.rs | 106 ++------------------------------------ vmm/src/lib.rs | 14 ----- vmm/src/vm.rs | 7 --- 3 files changed, 4 insertions(+), 123 deletions(-) diff --git a/vmm/src/device_manager.rs b/vmm/src/device_manager.rs index 51f5e2652..9c2634458 100644 --- a/vmm/src/device_manager.rs +++ b/vmm/src/device_manager.rs @@ -63,10 +63,8 @@ use std::num::Wrapping; use std::os::unix::fs::OpenOptionsExt; #[cfg(feature = "kvm")] use std::os::unix::io::FromRawFd; -use std::path::PathBuf; use std::result; use std::sync::{Arc, Mutex}; -use tempfile::NamedTempFile; #[cfg(feature = "kvm")] use vfio_ioctls::{VfioContainer, VfioDevice, VfioDmaMapping}; use virtio_devices::transport::VirtioPciDevice; @@ -733,12 +731,6 @@ pub struct DeviceManager { // which prevents cyclic dependencies. bus_devices: Vec>>, - // The path to the VMM for self spawning - vmm_path: PathBuf, - - // Backends that have been spawned - vhost_user_backends: Vec, - // Counter to keep track of the consumed device IDs. device_id_cnt: Wrapping, @@ -799,7 +791,6 @@ impl DeviceManager { memory_manager: Arc>, _exit_evt: &EventFd, reset_evt: &EventFd, - vmm_path: PathBuf, seccomp_action: SeccompAction, #[cfg(feature = "acpi")] numa_nodes: NumaNodes, ) -> DeviceManagerResult>> { @@ -839,8 +830,6 @@ impl DeviceManager { memory_manager, virtio_devices: Vec::new(), bus_devices: Vec::new(), - vmm_path, - vhost_user_backends: Vec::new(), device_id_cnt: Wrapping(0), pci_bus: None, msi_interrupt_manager, @@ -1580,39 +1569,6 @@ impl DeviceManager { Ok(devices) } - /// Launch block backend - fn start_block_backend(&mut self, disk_cfg: &DiskConfig) -> DeviceManagerResult { - let _socket_file = NamedTempFile::new().map_err(DeviceManagerError::CreateSocketFile)?; - let socket = _socket_file.path().to_str().unwrap().to_owned(); - - let child = std::process::Command::new(&self.vmm_path) - .args(&[ - "--block-backend", - &format!( - "path={},socket={},num_queues={},queue_size={}", - disk_cfg - .path - .as_ref() - .ok_or(DeviceManagerError::NoDiskPath)? - .to_str() - .unwrap(), - &socket, - disk_cfg.num_queues, - disk_cfg.queue_size - ), - ]) - .spawn() - .map_err(DeviceManagerError::SpawnBlockBackend)?; - - // The ActivatedBackend::drop() will automatically reap the child - self.vhost_user_backends.push(ActivatedBackend { - child, - _socket_file, - }); - - Ok(socket) - } - fn make_virtio_block_device( &mut self, disk_cfg: &mut DiskConfig, @@ -1626,14 +1582,9 @@ impl DeviceManager { }; if disk_cfg.vhost_user { - let socket = if let Some(socket) = disk_cfg.vhost_socket.clone() { - socket - } else { - warn!("Self-spawning of vhost-user block backend is deprecated and will be removed in a future release."); - self.start_block_backend(disk_cfg)? - }; + let socket = disk_cfg.vhost_socket.as_ref().unwrap().clone(); let vu_cfg = VhostUserConfig { - socket: socket.clone(), + socket, num_queues: disk_cfg.num_queues, queue_size: disk_cfg.queue_size, }; @@ -1645,11 +1596,6 @@ impl DeviceManager { ) { Ok(vub_device) => vub_device, Err(e) => { - for vub in self.vhost_user_backends.iter_mut() { - if vub._socket_file.path().to_str().unwrap() == socket { - let _ = vub.child.kill(); - } - } return Err(DeviceManagerError::CreateVhostUserBlk(e)); } }, @@ -1797,40 +1743,6 @@ impl DeviceManager { Ok(devices) } - /// Launch network backend - fn start_net_backend(&mut self, net_cfg: &NetConfig) -> DeviceManagerResult { - let _socket_file = NamedTempFile::new().map_err(DeviceManagerError::CreateSocketFile)?; - let socket = _socket_file.path().to_str().unwrap().to_owned(); - - let child = std::process::Command::new(&self.vmm_path) - .args(&[ - "--net-backend", - &format!( - "ip={},mask={},socket={},num_queues={},queue_size={}{}", - net_cfg.ip, - net_cfg.mask, - &socket, - net_cfg.num_queues, - net_cfg.queue_size, - if let Some(mac) = net_cfg.host_mac { - format!(",host_mac={:}", mac) - } else { - "".to_owned() - } - ), - ]) - .spawn() - .map_err(DeviceManagerError::SpawnNetBackend)?; - - // The ActivatedBackend::drop() will automatically reap the child - self.vhost_user_backends.push(ActivatedBackend { - child, - _socket_file, - }); - - Ok(socket) - } - fn make_virtio_net_device( &mut self, net_cfg: &mut NetConfig, @@ -1844,14 +1756,9 @@ impl DeviceManager { }; if net_cfg.vhost_user { - let socket = if let Some(socket) = net_cfg.vhost_socket.clone() { - socket - } else { - warn!("Self-spawning of vhost-user net backend is deprecated and will be removed in a future release."); - self.start_net_backend(net_cfg)? - }; + let socket = net_cfg.vhost_socket.as_ref().unwrap().clone(); let vu_cfg = VhostUserConfig { - socket: socket.clone(), + socket, num_queues: net_cfg.num_queues, queue_size: net_cfg.queue_size, }; @@ -1864,11 +1771,6 @@ impl DeviceManager { ) { Ok(vun_device) => vun_device, Err(e) => { - for vun in self.vhost_user_backends.iter_mut() { - if vun._socket_file.path().to_str().unwrap() == socket { - let _ = vun.child.kill(); - } - } return Err(DeviceManagerError::CreateVhostUserNet(e)); } }, diff --git a/vmm/src/lib.rs b/vmm/src/lib.rs index 6399acedf..5e01da9e5 100644 --- a/vmm/src/lib.rs +++ b/vmm/src/lib.rs @@ -35,7 +35,6 @@ use serde::ser::{Serialize, SerializeStruct, Serializer}; use std::fs::File; use std::io; use std::os::unix::io::{AsRawFd, FromRawFd, RawFd}; -use std::path::PathBuf; use std::sync::mpsc::{Receiver, RecvError, SendError, Sender}; use std::sync::{Arc, Mutex}; use std::{result, thread}; @@ -240,12 +239,6 @@ pub fn start_vmm_thread( let vmm_seccomp_filter = get_seccomp_filter(seccomp_action, Thread::Vmm).map_err(Error::CreateSeccompFilter)?; - // Find the path that the "/proc//exe" symlink points to. Must be done before spawning - // a thread as Rust does not put the child threads in the same thread group which prevents the - // link from being followed as per PTRACE_MODE_READ_FSCREDS (see proc(5) and ptrace(2)). The - // alternative is to run always with CAP_SYS_PTRACE but that is not a good idea. - let self_path = format!("/proc/{}/exe", std::process::id()); - let vmm_path = std::fs::read_link(PathBuf::from(self_path)).map_err(Error::ExePathReadLink)?; let vmm_seccomp_action = seccomp_action.clone(); let thread = thread::Builder::new() .name("vmm".to_string()) @@ -256,7 +249,6 @@ pub fn start_vmm_thread( let mut vmm = Vmm::new( vmm_version.to_string(), api_event, - vmm_path, vmm_seccomp_action, hypervisor, )?; @@ -279,7 +271,6 @@ pub struct Vmm { version: String, vm: Option, vm_config: Option>>, - vmm_path: PathBuf, seccomp_action: SeccompAction, hypervisor: Arc, } @@ -288,7 +279,6 @@ impl Vmm { fn new( vmm_version: String, api_evt: EventFd, - vmm_path: PathBuf, seccomp_action: SeccompAction, hypervisor: Arc, ) -> Result { @@ -320,7 +310,6 @@ impl Vmm { version: vmm_version, vm: None, vm_config: None, - vmm_path, seccomp_action, hypervisor, }) @@ -337,7 +326,6 @@ impl Vmm { Arc::clone(vm_config), exit_evt, reset_evt, - self.vmm_path.clone(), &self.seccomp_action, self.hypervisor.clone(), )?; @@ -406,7 +394,6 @@ impl Vmm { &snapshot, exit_evt, reset_evt, - self.vmm_path.clone(), source_url, restore_cfg.prefault, &self.seccomp_action, @@ -459,7 +446,6 @@ impl Vmm { config, exit_evt, reset_evt, - self.vmm_path.clone(), &self.seccomp_action, self.hypervisor.clone(), )?); diff --git a/vmm/src/vm.rs b/vmm/src/vm.rs index 7fa40bb36..8316117f2 100644 --- a/vmm/src/vm.rs +++ b/vmm/src/vm.rs @@ -62,7 +62,6 @@ use std::io::{self, Write}; use std::io::{Seek, SeekFrom}; use std::num::Wrapping; use std::ops::Deref; -use std::path::PathBuf; use std::sync::{Arc, Mutex, RwLock}; use std::{result, str, thread}; use url::Url; @@ -467,7 +466,6 @@ impl Vm { vm: Arc, exit_evt: EventFd, reset_evt: EventFd, - vmm_path: PathBuf, seccomp_action: &SeccompAction, hypervisor: Arc, _saved_clock: Option, @@ -489,7 +487,6 @@ impl Vm { memory_manager.clone(), &exit_evt, &reset_evt, - vmm_path, seccomp_action.clone(), #[cfg(feature = "acpi")] numa_nodes.clone(), @@ -628,7 +625,6 @@ impl Vm { config: Arc>, exit_evt: EventFd, reset_evt: EventFd, - vmm_path: PathBuf, seccomp_action: &SeccompAction, hypervisor: Arc, ) -> Result { @@ -663,7 +659,6 @@ impl Vm { vm, exit_evt, reset_evt, - vmm_path, seccomp_action, hypervisor, None, @@ -685,7 +680,6 @@ impl Vm { snapshot: &Snapshot, exit_evt: EventFd, reset_evt: EventFd, - vmm_path: PathBuf, source_url: &str, prefault: bool, seccomp_action: &SeccompAction, @@ -728,7 +722,6 @@ impl Vm { vm, exit_evt, reset_evt, - vmm_path, seccomp_action, hypervisor, #[cfg(target_arch = "x86_64")]