Page MenuHomeFreeBSD
Differential D38860

bhyve: Enable Capsicum for snapshots
ClosedPublic
Actions

Authored by gusev.vitaliy_gmail.com on Mar 2 2023, 6:23 PM.
Tags
Referenced Files
Unknown Object (File)
Feb 21 2024, 2:34 PM
Unknown Object (File)
Feb 21 2024, 2:34 PM
Unknown Object (File)
Feb 21 2024, 2:34 PM
Unknown Object (File)
Dec 23 2023, 3:28 AM
Unknown Object (File)
Dec 22 2023, 9:27 PM
Unknown Object (File)
Dec 22 2023, 9:27 PM
Unknown Object (File)
Dec 22 2023, 9:27 PM
Unknown Object (File)
Dec 10 2023, 7:21 PM
View All 25 Files
Subscribers
bcran
bdrewery
elenamihailescu22_gmail.com
emaste
imp
jonathan
rew
View All 9 Subscribers

Details

Reviewers
markj
corvink
jhb
Group Reviewers
bhyve
Commits
rG8371bbdadb9b: bhyve: enable capsicum for snapshot code
Summary

Sponsored by: vStack

Test Plan

Compile, verify that capsicum is not disabled during compilation. Run VM, Suspend, Resume.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

gusev.vitaliy_gmail.com created this revision.Mar 2 2023, 6:23 PM
Herald added a reviewer: bhyve. · View Herald TranscriptMar 2 2023, 6:23 PM
Herald added subscribers: bcran, jonathan, rgrimes, imp. · View Herald Transcript
gusev.vitaliy_gmail.com requested review of this revision.Mar 2 2023, 6:23 PM
gusev.vitaliy_gmail.com mentioned this in D35454: bhyve: snapshot capsicum support.Mar 2 2023, 6:53 PM
gusev.vitaliy_gmail.com added a parent revision: D38858: bhyve: Use directory `fd` with checkpoint.Mar 2 2023, 8:28 PM
elenamihailescu22_gmail.com added a subscriber: elenamihailescu22_gmail.com.Mar 3 2023, 2:36 PM
markj added inline comments.Mar 3 2023, 3:09 PM
usr.sbin/bhyve/Makefile
94–95

How are these casper libraries used? I can't find references to them anywhere in the bhyve code.

gusev.vitaliy_gmail.com added inline comments.Mar 3 2023, 3:22 PM
usr.sbin/bhyve/Makefile
94–95

I am not expert in casper library, but when I removed linking those libraries, I got:

ld: error: /usr/lib/lib9p.so: undefined reference to cap_getpwuid_r [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_getgrgid_r [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_init [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_service_open [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_setpassent [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_setgroupent [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_close [--no-allow-shlib-undefined]
ld: error: /usr/lib/lib9p.so: undefined reference to cap_getpwnam [--no-allow-shlib-undefined]

So I assume, it is used in lib9p.

gusev.vitaliy_gmail.com added inline comments.Mar 3 2023, 3:33 PM
usr.sbin/bhyve/Makefile
94–95

As idea, just revert this commit 966026246e62769f3bcd8247a47fe0f4f0433aba

Diff would be:

--- b/usr.sbin/bhyve/Makefile
+++ a/usr.sbin/bhyve/Makefile
@@ -83,16 +83,7 @@ CFLAGS.kernemu_dev.c+=       -I${SRCTOP}/sys/amd64
 .PATH:  ${BHYVE_SYSDIR}/sys/amd64/vmm
 SRCS+= vmm_instruction_emul.c
 
-LIBADD=        vmmapi md pthread z util sbuf cam 9p
-
-if ${MK_CASPER} != "no"
-LIBADD+=       casper
-LIBADD+=       cap_pwd
-LIBADD+=       cap_grp
-# Temporary disable capsicum, until we integrate checkpoint code with it.
-#CFLAGS+=-DWITH_CASPER
-.endif
-
+LIBADD=        vmmapi md pthread z util sbuf cam 9p casper cap_pwd cap_grp
 .if ${MK_BHYVE_SNAPSHOT} != "no"
 LIBADD+= ucl xo
 .endif
gusev.vitaliy_gmail.com updated this revision to Diff 118260.Mar 3 2023, 3:41 PM

Added revert commit 966026246e62769f3bcd8247a47fe0f4f0433aba

markj added inline comments.Mar 3 2023, 3:47 PM
usr.sbin/bhyve/Makefile
94–95

The problem is that lib9p does not declare its dependency on casper/cap_grp/cap_pwd. Its makefile, lib/lib9p/Makefile, should include them in its LIBADD definition instead.

gusev.vitaliy_gmail.com updated this revision to Diff 118275.Mar 3 2023, 5:11 PM

Moved casper dependency to lib9p.

Check 1:

lib/lib9p $ env MK_CASPER=no make

$ ldd /usr/obj/usr/home/vetal/work/freebsd/amd64.amd64/lib/lib9p/lib9p.so
/usr/obj/usr/home/vetal/work/freebsd/amd64.amd64/lib/lib9p/lib9p.so:

libsbuf.so.6 => /lib/libsbuf.so.6 (0x18d87218a000)
libc.so.7 => /lib/libc.so.7 (0x18d86e296000)

Check 2:
lib/lib9p $ env MK_CASPER=no make

$ ldd /usr/obj/usr/home/vetal/work/freebsd/amd64.amd64/lib/lib9p/lib9p.so
/usr/obj/usr/home/vetal/work/freebsd/amd64.amd64/lib/lib9p/lib9p.so:

libsbuf.so.6 => /lib/libsbuf.so.6 (0x155cf2448000)
libcasper.so.1 => /lib/libcasper.so.1 (0x155cf335d000)
libcap_pwd.so.1 => /lib/casper/libcap_pwd.so.1 (0x155cf4f99000)
libcap_grp.so.1 => /lib/casper/libcap_grp.so.1 (0x155cf3fea000)
libc.so.7 => /lib/libc.so.7 (0x155cef392000)
libnv.so.1 => /lib/libnv.so.1 (0x155cf5a18000)
Herald added subscribers: emaste, bdrewery. · View Herald TranscriptMar 3 2023, 5:11 PM
gusev.vitaliy_gmail.com marked an inline comment as done.Mar 3 2023, 5:12 PM
gusev.vitaliy_gmail.com added inline comments.
usr.sbin/bhyve/Makefile
94–95

Done.

gusev.vitaliy_gmail.com marked an inline comment as done.Mar 3 2023, 5:19 PM
rew mentioned this in D38858: bhyve: Use directory `fd` with checkpoint.Mar 3 2023, 10:21 PM
markj added a comment.Mar 8 2023, 3:22 PM

Looks like this patch needs to be rebased.

rew added a subscriber: rew.Mar 8 2023, 4:37 PM
In D38860#887339, @markj wrote:

Looks like this patch needs to be rebased.

https://reviews.freebsd.org/D38858 also needs to be addressed before this patch is committed.

rew added a comment.Mar 8 2023, 8:16 PM
In D38860#887381, @rew wrote:

https://reviews.freebsd.org/D38858 also needs to be addressed before this patch is committed.

I've dropped my request for changes in D38858 - there's nothing blocking this review from being landed.

gusev.vitaliy_gmail.com added a comment.Mar 9 2023, 2:51 PM
In D38860#887537, @rew wrote:
In D38860#887381, @rew wrote:

https://reviews.freebsd.org/D38858 also needs to be addressed before this patch is committed.

I've dropped my request for changes in D38858 - there's nothing blocking this review from being landed.

Good. Thanks!

gusev.vitaliy_gmail.com updated this revision to Diff 118573.Mar 9 2023, 2:52 PM

Rebased

corvink accepted this revision.Mar 27 2023, 11:13 AM
This revision is now accepted and ready to land.Mar 27 2023, 11:13 AM
Closed by commit rG8371bbdadb9b: bhyve: enable capsicum for snapshot code (authored by gusev.vitaliy_gmail.com, committed by corvink). · Explain WhyApr 28 2023, 7:07 AM
This revision was automatically updated to reflect the committed changes.
corvink added a commit: rG8371bbdadb9b: bhyve: enable capsicum for snapshot code.

Revision Contents
Changeset List

PathSize
usr.sbin/
bhyve/
4 lines

Diff 121181

View Options

usr.sbin/bhyve/Makefile

Loading...