New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
xen: update to 4.14.2. #30599
xen: update to 4.14.2. #30599
Conversation
@void-linux/pkg-committers could someone help with review here? |
1 similar comment
@void-linux/pkg-committers could someone help with review here? |
srcpkgs/xen/files/xen/run
Outdated
sv check xenconsoled >/dev/null || exit 1 | ||
xenstore-write "/local/domain/0/domid" 0 || exit 1 | ||
xenstore-write "/local/domain/0/name" "Domain-0" || exit 1 | ||
if ! pgrep -f '^shim-xenconsoled' ; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When running a supervisor you shouldn't need to scrape the process table to find out a process id. A better solution is to ask runsv directly. Something like if [ $(realpath /proc/$(head -n1 /var/service/xenconsoled/supervise/pid)/exe = /usr/bin/pause ]; then
will get you the same result without needing a magic name and risking collisions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems unnecessary if the dummy domU support is dropped from the services. Just do the write unconditionally as it is now.
srcpkgs/xen/files/xen/run
Outdated
@@ -1,5 +1,8 @@ | |||
#!/bin/sh |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You may want to change this to #!/bin/sh -e
or add set -e
, which will let you remove all of the || exit 1
markers.
srcpkgs/xen/files/xenconsoled/check
Outdated
# The best I can come up with is to look at the open FDs, and if | ||
# hypervisor.log is open, then xenconsoled is almost certainly started | ||
# and ready to use. | ||
PID="$(pidof xenconsoled)" || exit 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should use the process ID that runsv maintains at /var/service/$SERVICE/supervise/pid
instead of banging away with pidof.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there are a few run scripts that exit early if dbus is not up which you could use for inspiration
srcpkgs/xen/files/xenconsoled/check
Outdated
# and ready to use. | ||
PID="$(pidof xenconsoled)" || exit 1 | ||
expr "x${PID}" ':' 'x[0-9]\+$' > /dev/null || exit 1 | ||
ls -l "/proc/${PID}/fd" 2>/dev/null |grep -q hypervisor.log |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Consider changing this to lsof -p ${PID:-0} | grep -q hypervisor.log
or rolling this and the PID= line into a single command. It still isn't perfect but should be less fiddly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this check really matters, and there's no reliable way to actually determine whether the service is running, might as well just use chpst -L
in the run script to acquire a lock on some file like /run/xen/xenconsoled.lock
. Then the check script can just try to acquire that lock and, if it succeeds, you know the service is not running.
Yes, this would be a hack. It would also be much less hacky than trying to scrape the process tree.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, a lock works too. I don't particularly like them in shell scripts but chpst -L lockfile ...
in the run script and flock -n lockfile
in the check script works as well.
srcpkgs/xen/files/xen/run
Outdated
@@ -1,5 +1,8 @@ | |||
#!/bin/sh | |||
sv start xenconsoled > /dev/null || exit 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sv start
wraps sv check
so you can probably remove the check line.
srcpkgs/xen/files/xenconsoled/run
Outdated
@@ -1,4 +1,12 @@ | |||
#!/bin/sh | |||
exec 2>&1 | |||
sv start xenstored >/dev/null || exit 1 | |||
sv check xenstored >/dev/null || exit 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same commentary wrt removing check as xen/run
srcpkgs/xen/files/xenconsoled/run
Outdated
sv check xenstored >/dev/null || exit 1 | ||
|
||
if pgrep -f '^shim-xenstored' ; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same commentary as xen/run
wrt pgrep vs looking in `supervise/pid.
srcpkgs/xen/files/xenstored/check
Outdated
|
||
# Check for faux xenstored first. If it is, we aren't running under | ||
# a Xen dom0. Consider xenstored started. | ||
pgrep -f '^shim-xenstored' && exit 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto
srcpkgs/xen/files/xenstored/run
Outdated
grep -q control_d /proc/xen/capabilities || exit 1 | ||
exec xenstored --verbose --no-fork | ||
|
||
# shellcheck disable=SC1091 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Style preference: don't leak shellcheck comments into run scripts (arguably, shellcheck complaining about a guarded file is a bug).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I second, don't pollute the run scripts with spellcheck noise.
Fix build with recent argp-standalone. | ||
I'll try and get this upstreamed so we don't have to carry it. | ||
|
||
diff -Nur xen-4.14.1.orig/tools/configure.ac xen-4.14.1/tools/configure.ac |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Change directory name to xen-4.14.2?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I didn't exhaustively comment on the service files, but left a few points. In addition, consider these broad points:
- Never do no-op services. If the service only works in dom0, the user must be responsible enough to only enable it in dom0. Just fail in domU.
- If your no-op services aren't really no-op but actually do some upfront, one-shot work even in domU, either leave this to the user to put in
rc.local
or, if there is a really compelling reason, split into a "one-shot" that can be used in both domains. (Often there is no truly compelling reason for these one-shots.) - Like heliocat says, don't do pgrep or other process hacks. Unlike heliocat, I think using
/proc
is just as ugly. Don't do it. - Don't
sv start
from another service. Runit isn't good about dependencies, and these kind of hacky workarounds make the situation worse, not better. You cansv check
if you really need to, but only if the service you check has a propercheck
script to meaningfully determine whether the service is sufficiently up. In that case, just fail if the dependency fails its check.
Rework the scripts in light of these and more specific comments and let's see where we stand.
srcpkgs/xen/files/xenstored/run
Outdated
grep -q control_d /proc/xen/capabilities || exit 1 | ||
exec xenstored --verbose --no-fork | ||
|
||
# shellcheck disable=SC1091 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I second, don't pollute the run scripts with spellcheck noise.
srcpkgs/xen/files/xenstored/run
Outdated
;; | ||
esac | ||
|
||
# shellcheck disable=SC2086 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Again, no shell check noise
esac | ||
|
||
# shellcheck disable=SC2086 | ||
exec "${XENSTORED}" ${XENSTORED_ARGS} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add --no-fork
here rather than to the variable, because it will always be required and we don't want to make people who customize the args have to remember to include it.
srcpkgs/xen/files/xenstored/run
Outdated
# shellcheck disable=SC1091 | ||
[ -r conf ] && . ./conf | ||
XENSTORED="${XENSTORED:-xenstored}" | ||
case "$(basename "${XENSTORED}")" in |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid the sub shell, ${XENSTORED##*/}
works in place of base name.
Better yet, why does this case exist? Just drop the whole test, you already provide a mechanism for people to add --verbose
In $XENSTORED_ARGS
if they care.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I had to look it up, it's picking between two different xenstored binaries, both of which are shipped with the package and I believe take different slightly different options.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, but the only difference in the two cases is a default --verbose
in one. Unless that is a required argument for oxenstored
(which would shock me), it seems the case as used is superfluous.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I made it as far as reading the documentation that noted that there were different binaries but didn't manage to find the option reference. I can't say I looked particularly hard so it could be that it's as minor a difference as that.
srcpkgs/xen/files/xenstored/run
Outdated
# and we can't start a real xenstored. | ||
grep -q control_d /proc/xen/capabilities || \ | ||
exec chpst -b \ | ||
'shim-xenstored; see /etc/sv/xenstored/run to find out what this is' \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Don't make no-op services. If this isn't dom0, people shouldn't enable the service. Just fail here.
- Don't pollute the process name with documentation like this.
srcpkgs/xen/files/xen/run
Outdated
sv check xenconsoled >/dev/null || exit 1 | ||
xenstore-write "/local/domain/0/domid" 0 || exit 1 | ||
xenstore-write "/local/domain/0/name" "Domain-0" || exit 1 | ||
if ! pgrep -f '^shim-xenconsoled' ; then |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems unnecessary if the dummy domU support is dropped from the services. Just do the write unconditionally as it is now.
srcpkgs/xen/files/xenconsoled/check
Outdated
# and ready to use. | ||
PID="$(pidof xenconsoled)" || exit 1 | ||
expr "x${PID}" ':' 'x[0-9]\+$' > /dev/null || exit 1 | ||
ls -l "/proc/${PID}/fd" 2>/dev/null |grep -q hypervisor.log |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this check really matters, and there's no reliable way to actually determine whether the service is running, might as well just use chpst -L
in the run script to acquire a lock on some file like /run/xen/xenconsoled.lock
. Then the check script can just try to acquire that lock and, if it succeeds, you know the service is not running.
Yes, this would be a hack. It would also be much less hacky than trying to scrape the process tree.
I didn't say I thought |
"[J]ust as ugly" is too strong; I agree using All of these are racy because no solutions guarantee that the daemon is in a usable state when the check is applied. I suppose a key question is what happens with |
This should fix issue 18676 (xen services spamming the user when not booted into Xen. Make the xenstored implementation selectable. There are two implementations shipped by Xen and in our Xen package: the original one written in C (binary is just called xenstored) and a newer one in ocaml (oxenstored). oxenstored is -- IME -- more reliable. Make it configurable in ./conf, but leave the default as-is. Add a patch to fix failing to build from source on musl with newer argp-standalone.
And apply patches for XSAs. Also orphaning, since I haven't been a responsible maintainer and I do not have a compelling reason to use this.
Also orphaning. I do like the Xen tooling, but I want to get rid of another |
Pull Requests become stale 90 days after last activity and are closed 14 days after that. If this pull request is still relevant bump it or assign it. |
General
Have the results of the proposed changes been tested?