From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <f.ebner@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 98FEE9C060
 for <pve-devel@lists.proxmox.com>; Tue, 30 May 2023 15:53:11 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 6FCC42FA83
 for <pve-devel@lists.proxmox.com>; Tue, 30 May 2023 15:52:12 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS
 for <pve-devel@lists.proxmox.com>; Tue, 30 May 2023 15:52:11 +0200 (CEST)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 3825B47B8B
 for <pve-devel@lists.proxmox.com>; Tue, 30 May 2023 15:52:11 +0200 (CEST)
From: Fiona Ebner <f.ebner@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Tue, 30 May 2023 15:52:07 +0200
Message-Id: <20230530135207.87705-6-f.ebner@proxmox.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20230530135207.87705-1-f.ebner@proxmox.com>
References: <20230530135207.87705-1-f.ebner@proxmox.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL -0.049 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pve-devel] [PATCH container 2/2] api: resize: fork before locking
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Tue, 30 May 2023 13:53:11 -0000

making sure the early checks are done once before the expensive
forking and locking and once after locking, because the state might
have changed.

The size calculation had to be adapted a bit, to ensure the original
size is not added twice when it's a request with a leading '+'.

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
---

Best viewed with -w.

 src/PVE/API2/LXC.pm | 124 +++++++++++++++++++++++---------------------
 1 file changed, 66 insertions(+), 58 deletions(-)

diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
index f69b44b..2d67997 100644
--- a/src/PVE/API2/LXC.pm
+++ b/src/PVE/API2/LXC.pm
@@ -1926,15 +1926,14 @@ __PACKAGE__->register_method({
 
 	my $sizestr = extract_param($param, 'size');
 	my $ext = ($sizestr =~ s/^\+//);
-	my $newsize = PVE::JSONSchema::parse_size($sizestr);
-	die "invalid size string" if !defined($newsize);
+	my $request_size = PVE::JSONSchema::parse_size($sizestr);
+	die "invalid size string" if !defined($request_size);
 
 	die "no options specified\n" if !scalar(keys %$param);
 
 	my $storage_cfg = cfs_read_file("storage.cfg");
 
-	my $code = sub {
-
+	my $load_and_check = sub {
 	    my $conf = PVE::LXC::Config->load_config($vmid);
 	    PVE::LXC::Config->check_lock($conf);
 
@@ -1942,8 +1941,6 @@ __PACKAGE__->register_method({
 
 	    PVE::Tools::assert_if_modified($digest, $conf->{digest});
 
-	    my $running = PVE::LXC::check_running($vmid);
-
 	    my $disk = $param->{disk};
 	    my $mp = PVE::LXC::Config->parse_volume($disk, $conf->{$disk});
 
@@ -1965,66 +1962,77 @@ __PACKAGE__->register_method({
 
 	    die "Could not determine current size of volume '$volid'\n" if !defined($size);
 
-	    $newsize += $size if $ext;
+	    my $newsize = $ext ? $size + $request_size : $request_size;
 	    $newsize = int($newsize);
 
 	    die "unable to shrink disk size\n" if $newsize < $size;
 
 	    die "disk is already at specified size\n" if $size == $newsize;
 
-	    PVE::Cluster::log_msg('info', $authuser, "update CT $vmid: resize --disk $disk --size $sizestr");
-	    my $realcmd = sub {
-		# Note: PVE::Storage::volume_resize doesn't do anything if $running=1, so
-		# we pass 0 here (parameter only makes sense for qemu)
-		PVE::Storage::volume_resize($storage_cfg, $volid, $newsize, 0);
-
-		$mp->{size} = $newsize;
-		$conf->{$disk} = PVE::LXC::Config->print_ct_mountpoint($mp, $disk eq 'rootfs');
-
-		PVE::LXC::Config->write_config($vmid, $conf);
-
-		if ($format eq 'raw') {
-		    # we need to ensure that the volume is mapped, if not needed this is a NOP
-		    my $path = PVE::Storage::map_volume($storage_cfg, $volid);
-		    $path = PVE::Storage::path($storage_cfg, $volid) if !defined($path);
-		    if ($running) {
-
-			$mp->{mp} = '/';
-			my $use_loopdev = (PVE::LXC::mountpoint_mount_path($mp, $storage_cfg))[1];
-			$path = PVE::LXC::query_loopdev($path) if $use_loopdev;
-			die "internal error: CT running but mount point not attached to a loop device"
-			    if !$path;
-			PVE::Tools::run_command(['losetup', '--set-capacity', $path]) if $use_loopdev;
-
-			# In order for resize2fs to know that we need online-resizing a mountpoint needs
-			# to be visible to it in its namespace.
-			# To not interfere with the rest of the system we unshare the current mount namespace,
-			# mount over /tmp and then run resize2fs.
-
-			# interestingly we don't need to e2fsck on mounted systems...
-			my $quoted = PVE::Tools::shellquote($path);
-			my $cmd = "mount --make-rprivate / && mount $quoted /tmp && resize2fs $quoted";
-			eval {
-			    PVE::Tools::run_command(['unshare', '-m', '--', 'sh', '-c', $cmd]);
-			};
-			warn "Failed to update the container's filesystem: $@\n" if $@;
-		    } else {
-			eval {
-			    PVE::Tools::run_command(['e2fsck', '-f', '-y', $path]);
-			    PVE::Tools::run_command(['resize2fs', $path]);
-			};
-			warn "Failed to update the container's filesystem: $@\n" if $@;
-
-			# always un-map if not running, this is a NOP if not needed
-			PVE::Storage::unmap_volume($storage_cfg, $volid);
-		    }
-		}
-	    };
-
-	    return $rpcenv->fork_worker('resize', $vmid, $authuser, $realcmd);
+	    return ($conf, $disk, $mp, $volid, $format, $newsize);
 	};
 
-	return PVE::LXC::Config->lock_config($vmid, $code);;
+	my $code = sub {
+	    my ($conf, $disk, $mp, $volid, $format, $newsize) = $load_and_check->();
+
+	    my $running = PVE::LXC::check_running($vmid);
+
+	    PVE::Cluster::log_msg('info', $authuser, "update CT $vmid: resize --disk $disk --size $sizestr");
+
+	    # Note: PVE::Storage::volume_resize doesn't do anything if $running=1, so
+	    # we pass 0 here (parameter only makes sense for qemu)
+	    PVE::Storage::volume_resize($storage_cfg, $volid, $newsize, 0);
+
+	    $mp->{size} = $newsize;
+	    $conf->{$disk} = PVE::LXC::Config->print_ct_mountpoint($mp, $disk eq 'rootfs');
+
+	    PVE::LXC::Config->write_config($vmid, $conf);
+
+	    if ($format eq 'raw') {
+		# we need to ensure that the volume is mapped, if not needed this is a NOP
+		my $path = PVE::Storage::map_volume($storage_cfg, $volid);
+		$path = PVE::Storage::path($storage_cfg, $volid) if !defined($path);
+		if ($running) {
+
+		    $mp->{mp} = '/';
+		    my $use_loopdev = (PVE::LXC::mountpoint_mount_path($mp, $storage_cfg))[1];
+		    $path = PVE::LXC::query_loopdev($path) if $use_loopdev;
+		    die "internal error: CT running but mount point not attached to a loop device"
+			if !$path;
+		    PVE::Tools::run_command(['losetup', '--set-capacity', $path]) if $use_loopdev;
+
+		    # In order for resize2fs to know that we need online-resizing a mountpoint needs
+		    # to be visible to it in its namespace.
+		    # To not interfere with the rest of the system we unshare the current mount namespace,
+		    # mount over /tmp and then run resize2fs.
+
+		    # interestingly we don't need to e2fsck on mounted systems...
+		    my $quoted = PVE::Tools::shellquote($path);
+		    my $cmd = "mount --make-rprivate / && mount $quoted /tmp && resize2fs $quoted";
+		    eval {
+			PVE::Tools::run_command(['unshare', '-m', '--', 'sh', '-c', $cmd]);
+		    };
+		    warn "Failed to update the container's filesystem: $@\n" if $@;
+		} else {
+		    eval {
+			PVE::Tools::run_command(['e2fsck', '-f', '-y', $path]);
+			PVE::Tools::run_command(['resize2fs', $path]);
+		    };
+		    warn "Failed to update the container's filesystem: $@\n" if $@;
+
+		    # always un-map if not running, this is a NOP if not needed
+		    PVE::Storage::unmap_volume($storage_cfg, $volid);
+		}
+	    }
+	};
+
+	my $worker = sub {
+	    PVE::LXC::Config->lock_config($vmid, $code);;
+	};
+
+	$load_and_check->(); # early checks before forking+locking
+
+	return $rpcenv->fork_worker('resize', $vmid, $authuser, $worker);
     }});
 
 __PACKAGE__->register_method({
-- 
2.39.2