On Thu, Aug 31, 2017 at 06:56:45AM +0100, Raf Czlonka wrote:
> Hi Carlos,
>
> Doesn't this mean that, even though it might not be possible to do
> this today (is it?), you're effectively disabling the usage of
> physical disks for VMs, i.e. equivalent of a raw disk device used
> in other hypervisors?
>
> Regards,
>
> Raf
>
Use of raw block or character devices is not supported today and is not
easily achievable in the near term. Using a block device is blocked
in the kernel UIPC layer and using a character device doesn't work because
of some limitations in the seeking capability of such devices.
Today if you try to use such devices you are presented with a confusing
and misleading error message. Carlos' diff is a step in the right direction.
Should someone come along later and make raw devices work, this diff can
be easily removed.
-ml
> On Thu, Aug 31, 2017 at 12:56:20AM BST, Carlos Cardenas wrote:
> > Add check(s) in vmd/vmctl to ensure a VM's disk are regular files.
> >
> > Tested with the following:
> > vmctl start "test1" -d /dev/sd3c #block device
> > vmctl start "test2" -d /dev/rsd3c #char device
> > vmctl start "test3" -d fifo #named pipe
> >
> > Comments? Ok?
> >
> > diff --git usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.c
> > index f694f61e48c..e3db6a78c5b 100644
> > --- usr.sbin/vmctl/vmctl.c
> > +++ usr.sbin/vmctl/vmctl.c
> > @@ -204,6 +204,11 @@ vm_start_complete(struct imsg *imsg, int *ret, int
> > autoconnect)
> > warnx("could not find specified disk image(s)");
> > *ret = ENOENT;
> > break;
> > + case VMD_DISK_INVALID:
> > + warnx("specified disk image(s) are "
> > + "not regular files");
> > + *ret = ENOENT;
> > + break;
> > default:
> > errno = res;
> > warn("start vm command failed");
> > diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
> > index 1e1166f8263..ced7ab666b4 100644
> > --- usr.sbin/vmd/config.c
> > +++ usr.sbin/vmd/config.c
> > @@ -20,6 +20,7 @@
> > #include <sys/queue.h>
> > #include <sys/time.h>
> > #include <sys/uio.h>
> > +#include <sys/stat.h>
> > #include <sys/socket.h>
> >
> > #include <net/if.h>
> > @@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> > uint32_t peerid, uid_t uid)
> > struct vmd_if *vif;
> > struct vmop_create_params *vmc = &vm->vm_params;
> > struct vm_create_params *vcp = &vmc->vmc_params;
> > + struct stat stat_buf;
> > unsigned int i;
> > int fd = -1, vmboot = 0;
> > int kernfd = -1, *diskfds = NULL, *tapfds = NULL;
> > @@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> > uint32_t peerid, uid_t uid)
> >
> > /* Open disk images for child */
> > for (i = 0 ; i < vcp->vcp_ndisks; i++) {
> > + /* Stat disk[i] to ensure it is a regular file */
> > + if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
> > + log_warn("%s: can't open disk %s", __func__,
> > + vcp->vcp_disks[i]);
> > + errno = VMD_DISK_MISSING;
> > + goto fail;
> > + }
> > + if (S_ISREG(stat_buf.st_mode) == 0) {
> > + log_warn("%s: disk %s is not a regular file", __func__,
> > + vcp->vcp_disks[i]);
> > + errno = VMD_DISK_INVALID;
> > + goto fail;
> > + }
> > if ((diskfds[i] =
> > open(vcp->vcp_disks[i], O_RDWR)) == -1) {
> > log_warn("%s: can't open disk %s", __func__,
> > diff --git usr.sbin/vmd/vmd.h usr.sbin/vmd/vmd.h
> > index 57bdb71cd5f..daeffa7c80e 100644
> > --- usr.sbin/vmd/vmd.h
> > +++ usr.sbin/vmd/vmd.h
> > @@ -53,6 +53,7 @@
> > /* vmd -> vmctl error codes */
> > #define VMD_BIOS_MISSING 1001
> > #define VMD_DISK_MISSING 1002
> > +#define VMD_DISK_INVALID 1003
> >
> > /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
> > #define VMD_DHCP_PREFIX "100.64.0.0/10"
> > --
> > 2.14.1
> >
>
> --
> Raf Czlonka
> Support Systems Analyst
> Clinical School Computing Service, School of Clinical Medicine
> University of Cambridge, Box 111 Cambridge Biomedical Campus
> Cambridge, CB2 0SP, Tel. 01223 (7)46728
>
