From: Daniel P. Berrangé Date: Tue, 16 Mar 2021 17:04:24 +0000 (+0000) Subject: util: tell users that memory locking ulimit is too low for BPF X-Git-Tag: v7.2.0-rc1~101 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa56310e1868b3f2e2976824bd7bb0386af7234f;p=thirdparty%2Flibvirt.git util: tell users that memory locking ulimit is too low for BPF If running libvirtd via systemd, it gets a 64 MB memlock limit, but if running from the shell it will only get 64 KB on a Fedora 33 system. The latter low limit causes any attempt to use BPF to fail and it is not obvious why. This improves the error message thus: # virsh -c lxc:/// start sh error: Failed to start domain 'sh' error: internal error: guest failed to start: Failure in libvirt_lxc startup: failed to initialize device BPF map; locked memory limit for libvirtd probably needs to be raised: Operation not permitted Reviewed-by: Pavel Hrdina Signed-off-by: Daniel P. Berrangé --- diff --git a/src/util/vircgroupv2devices.c b/src/util/vircgroupv2devices.c index 71591be4c4..4bcc1d52fe 100644 --- a/src/util/vircgroupv2devices.c +++ b/src/util/vircgroupv2devices.c @@ -443,9 +443,17 @@ virCgroupV2DevicesCreateMap(size_t size) sizeof(uint32_t), size); if (mapfd < 0) { - virReportSystemError(errno, "%s", - _("failed to initialize device BPF map")); - return -1; + if (errno == EPERM) { + virReportSystemError(errno, "%s", + _("failed to initialize device BPF map; " + "locked memory limit for libvirtd probably " + "needs to be raised")); + return -1; + } else { + virReportSystemError(errno, "%s", + _("failed to initialize device BPF map")); + return -1; + } } return mapfd;