Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: rhel-9.5
Affects Version/s: rhel-9.2.0
Component/s: libvirt / Live Migration
Labels:

Fixed in Build:
libvirt-10.3.0-1.el9

Pool Team:

sst_virtualization
Sub-System Group:

ssg_virtualization

Internal Target Milestone:
16
Story Points:
2
ACKs Check:

Dev ack
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Products:

OpenShift Virtualization
Sprint:
None

Preliminary Testing:
Pass
Test Link:
https://polarion.engineering.redhat.com/polarion/#/project/RHELVIRT/workitem?id=VIRT-293930
Errata Link:
https://errata.engineering.redhat.com/advisory/130953
Test Coverage:

Automated

Release Note Type:
Enhancement
Release Note Text:

Hide
.`/dev/userfaultfd` provides enhancement over the `userfaultfd(2)` system call

The `/dev/userfaultfd` device is an alternative to the `userfaultfd` system call and an entry point for post-copy migration functionality providing access control even for unprivileged processes. Previously, the `vm.unprivileged_userfaultfd` sysctl command controlled system calls that granted access to either all or no unprivileged processes on the host. With this enhancement, in the default configuration, `libvirt` automatically uses the `/dev/userfaultfd` device functionality instead of setting the `vm.unprivileged_userfaultfd` sysctl command.

Show
.`/dev/userfaultfd` provides enhancement over the `userfaultfd(2)` system call The `/dev/userfaultfd` device is an alternative to the `userfaultfd` system call and an entry point for post-copy migration functionality providing access control even for unprivileged processes. Previously, the `vm.unprivileged_userfaultfd` sysctl command controlled system calls that granted access to either all or no unprivileged processes on the host. With this enhancement, in the default configuration, `libvirt` automatically uses the `/dev/userfaultfd` device functionality instead of setting the `vm.unprivileged_userfaultfd` sysctl command.
Release Note Status:
Done

Experience:
Architecture:

All
Target Upstream Version:
10.1.0
Bugzilla Bug:
RHBZ: 2158705

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

+++ This bug was initially created as a clone of Bug #2158704 +++

Description of problem:
So far, for postcopy migration the userfaultfd(2) syscall is used. But this has couple of drawbacks (which are summarized nicely in kernel commit [1]). To resolve these, kernel came up with /dev/userfaultfd device, and this is a request to switch to that.

Please note, some scenarios where QEMU is running might be disallowing the userfaultfd(2) syscall as it is viewed as too powerful. For intsance KubeVirt [2].

1: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d5de004e009add27db76c5cdc9f1f7f7dc087e7

2: https://issues.redhat.com/browse/OCPBUGS-5031

is blocked by

RHEL-29642 Rebase libvirt in RHEL-9.5.0

Release Pending

external trackers

Red Hat Issue Tracker RHELPLAN-144090

links to

Resolved upstream as of commit 66643931e7db08681239c2f74e9ce300d6e291e1 (v10.0.0-226-g66643931e7)

RHSA-2024:130953 libvirt bug fix and enhancement update

Test Requirement (VIRT-301514)

Assignee:: Jiri Denemark

Reporter:: Michal Privoznik

Contributors:: Liping Cheng

Developer:: Jiri Denemark

QA Contact:: Luyao Huang

Doc Contact:: Mayur Patil

Votes:: 0 Vote for this issue

Watchers:: 15 Start watching this issue

Created:: 2023/09/22 1:12 PM

Updated:: 2024/09/26 4:03 PM

Target end:: 2024/06/17

Details

Description

Attachments

Issue Links

Activity

People

Dates