xen: update to 4.14.2. #30599
xen: update to 4.14.2. #30599
Conversation
|
@void-linux/pkg-committers could someone help with review here? |
1 similar comment
|
@void-linux/pkg-committers could someone help with review here? |
srcpkgs/xen/files/xen/run
Outdated
| sv check xenconsoled >/dev/null || exit 1 | ||
| xenstore-write "/local/domain/0/domid" 0 || exit 1 | ||
| xenstore-write "/local/domain/0/name" "Domain-0" || exit 1 | ||
| if ! pgrep -f '^shim-xenconsoled' ; then |
There was a problem hiding this comment.
When running a supervisor you shouldn't need to scrape the process table to find out a process id. A better solution is to ask runsv directly. Something like if [ $(realpath /proc/$(head -n1 /var/service/xenconsoled/supervise/pid)/exe = /usr/bin/pause ]; then will get you the same result without needing a magic name and risking collisions.
There was a problem hiding this comment.
This seems unnecessary if the dummy domU support is dropped from the services. Just do the write unconditionally as it is now.
srcpkgs/xen/files/xen/run
Outdated
| @@ -1,5 +1,8 @@ | |||
| #!/bin/sh | |||
There was a problem hiding this comment.
You may want to change this to #!/bin/sh -e or add set -e, which will let you remove all of the || exit 1 markers.
srcpkgs/xen/files/xenconsoled/check
Outdated
| # The best I can come up with is to look at the open FDs, and if | ||
| # hypervisor.log is open, then xenconsoled is almost certainly started | ||
| # and ready to use. | ||
| PID="$(pidof xenconsoled)" || exit 1 |
There was a problem hiding this comment.
You should use the process ID that runsv maintains at /var/service/$SERVICE/supervise/pid instead of banging away with pidof.
There was a problem hiding this comment.
there are a few run scripts that exit early if dbus is not up which you could use for inspiration
srcpkgs/xen/files/xenconsoled/check
Outdated
| # and ready to use. | ||
| PID="$(pidof xenconsoled)" || exit 1 | ||
| expr "x${PID}" ':' 'x[0-9]\+$' > /dev/null || exit 1 | ||
| ls -l "/proc/${PID}/fd" 2>/dev/null |grep -q hypervisor.log |
There was a problem hiding this comment.
Consider changing this to lsof -p ${PID:-0} | grep -q hypervisor.log or rolling this and the PID= line into a single command. It still isn't perfect but should be less fiddly.
There was a problem hiding this comment.
If this check really matters, and there's no reliable way to actually determine whether the service is running, might as well just use chpst -L in the run script to acquire a lock on some file like /run/xen/xenconsoled.lock. Then the check script can just try to acquire that lock and, if it succeeds, you know the service is not running.
Yes, this would be a hack. It would also be much less hacky than trying to scrape the process tree.
There was a problem hiding this comment.
Yeah, a lock works too. I don't particularly like them in shell scripts but chpst -L lockfile ... in the run script and flock -n lockfile in the check script works as well.
srcpkgs/xen/files/xen/run
Outdated
| @@ -1,5 +1,8 @@ | |||
| #!/bin/sh | |||
| sv start xenconsoled > /dev/null || exit 1 | |||
There was a problem hiding this comment.
sv start wraps sv check so you can probably remove the check line.
srcpkgs/xen/files/xenconsoled/run
Outdated
| @@ -1,4 +1,12 @@ | |||
| #!/bin/sh | |||
| exec 2>&1 | |||
| sv start xenstored >/dev/null || exit 1 | |||
| sv check xenstored >/dev/null || exit 1 | |||
There was a problem hiding this comment.
Same commentary wrt removing check as xen/run
srcpkgs/xen/files/xenconsoled/run
Outdated
| sv check xenstored >/dev/null || exit 1 | ||
|
|
||
| if pgrep -f '^shim-xenstored' ; then |
There was a problem hiding this comment.
Same commentary as xen/run wrt pgrep vs looking in `supervise/pid.
srcpkgs/xen/files/xenstored/check
Outdated
|
|
||
| # Check for faux xenstored first. If it is, we aren't running under | ||
| # a Xen dom0. Consider xenstored started. | ||
| pgrep -f '^shim-xenstored' && exit 0 |
srcpkgs/xen/files/xenstored/run
Outdated
| grep -q control_d /proc/xen/capabilities || exit 1 | ||
| exec xenstored --verbose --no-fork | ||
|
|
||
| # shellcheck disable=SC1091 |
There was a problem hiding this comment.
Style preference: don't leak shellcheck comments into run scripts (arguably, shellcheck complaining about a guarded file is a bug).
There was a problem hiding this comment.
I second, don't pollute the run scripts with spellcheck noise.
| Fix build with recent argp-standalone. | ||
| I'll try and get this upstreamed so we don't have to carry it. | ||
|
|
||
| diff -Nur xen-4.14.1.orig/tools/configure.ac xen-4.14.1/tools/configure.ac |
There was a problem hiding this comment.
Change directory name to xen-4.14.2?
There was a problem hiding this comment.
I didn't exhaustively comment on the service files, but left a few points. In addition, consider these broad points:
- Never do no-op services. If the service only works in dom0, the user must be responsible enough to only enable it in dom0. Just fail in domU.
- If your no-op services aren't really no-op but actually do some upfront, one-shot work even in domU, either leave this to the user to put in
rc.localor, if there is a really compelling reason, split into a "one-shot" that can be used in both domains. (Often there is no truly compelling reason for these one-shots.) - Like heliocat says, don't do pgrep or other process hacks. Unlike heliocat, I think using
/procis just as ugly. Don't do it. - Don't
sv startfrom another service. Runit isn't good about dependencies, and these kind of hacky workarounds make the situation worse, not better. You cansv checkif you really need to, but only if the service you check has a propercheckscript to meaningfully determine whether the service is sufficiently up. In that case, just fail if the dependency fails its check.
Rework the scripts in light of these and more specific comments and let's see where we stand.
srcpkgs/xen/files/xenstored/run
Outdated
| grep -q control_d /proc/xen/capabilities || exit 1 | ||
| exec xenstored --verbose --no-fork | ||
|
|
||
| # shellcheck disable=SC1091 |
There was a problem hiding this comment.
I second, don't pollute the run scripts with spellcheck noise.
srcpkgs/xen/files/xenstored/run
Outdated
| ;; | ||
| esac | ||
|
|
||
| # shellcheck disable=SC2086 |
| esac | ||
|
|
||
| # shellcheck disable=SC2086 | ||
| exec "${XENSTORED}" ${XENSTORED_ARGS} |
There was a problem hiding this comment.
Add --no-fork here rather than to the variable, because it will always be required and we don't want to make people who customize the args have to remember to include it.
srcpkgs/xen/files/xenstored/run
Outdated
| # shellcheck disable=SC1091 | ||
| [ -r conf ] && . ./conf | ||
| XENSTORED="${XENSTORED:-xenstored}" | ||
| case "$(basename "${XENSTORED}")" in |
There was a problem hiding this comment.
Avoid the sub shell, ${XENSTORED##*/} works in place of base name.
Better yet, why does this case exist? Just drop the whole test, you already provide a mechanism for people to add --verbose In $XENSTORED_ARGS if they care.
There was a problem hiding this comment.
I had to look it up, it's picking between two different xenstored binaries, both of which are shipped with the package and I believe take different slightly different options.
There was a problem hiding this comment.
Yes, but the only difference in the two cases is a default --verbose in one. Unless that is a required argument for oxenstored (which would shock me), it seems the case as used is superfluous.
There was a problem hiding this comment.
Good point. I made it as far as reading the documentation that noted that there were different binaries but didn't manage to find the option reference. I can't say I looked particularly hard so it could be that it's as minor a difference as that.
srcpkgs/xen/files/xenstored/run
Outdated
| # and we can't start a real xenstored. | ||
| grep -q control_d /proc/xen/capabilities || \ | ||
| exec chpst -b \ | ||
| 'shim-xenstored; see /etc/sv/xenstored/run to find out what this is' \ |
There was a problem hiding this comment.
- Don't make no-op services. If this isn't dom0, people shouldn't enable the service. Just fail here.
- Don't pollute the process name with documentation like this.
srcpkgs/xen/files/xen/run
Outdated
| sv check xenconsoled >/dev/null || exit 1 | ||
| xenstore-write "/local/domain/0/domid" 0 || exit 1 | ||
| xenstore-write "/local/domain/0/name" "Domain-0" || exit 1 | ||
| if ! pgrep -f '^shim-xenconsoled' ; then |
There was a problem hiding this comment.
This seems unnecessary if the dummy domU support is dropped from the services. Just do the write unconditionally as it is now.
srcpkgs/xen/files/xenconsoled/check
Outdated
| # and ready to use. | ||
| PID="$(pidof xenconsoled)" || exit 1 | ||
| expr "x${PID}" ':' 'x[0-9]\+$' > /dev/null || exit 1 | ||
| ls -l "/proc/${PID}/fd" 2>/dev/null |grep -q hypervisor.log |
There was a problem hiding this comment.
If this check really matters, and there's no reliable way to actually determine whether the service is running, might as well just use chpst -L in the run script to acquire a lock on some file like /run/xen/xenconsoled.lock. Then the check script can just try to acquire that lock and, if it succeeds, you know the service is not running.
Yes, this would be a hack. It would also be much less hacky than trying to scrape the process tree.
I didn't say I thought |
"[J]ust as ugly" is too strong; I agree using All of these are racy because no solutions guarantee that the daemon is in a usable state when the check is applied. I suppose a key question is what happens with |
This should fix issue 18676 (xen services spamming the user when not booted into Xen. Make the xenstored implementation selectable. There are two implementations shipped by Xen and in our Xen package: the original one written in C (binary is just called xenstored) and a newer one in ocaml (oxenstored). oxenstored is -- IME -- more reliable. Make it configurable in ./conf, but leave the default as-is. Add a patch to fix failing to build from source on musl with newer argp-standalone.
And apply patches for XSAs. Also orphaning, since I haven't been a responsible maintainer and I do not have a compelling reason to use this.
|
Also orphaning. I do like the Xen tooling, but I want to get rid of another |
|
Pull Requests become stale 90 days after last activity and are closed 14 days after that. If this pull request is still relevant bump it or assign it. |
General
Have the results of the proposed changes been tested?