External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-09-14 11:44:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
f743e0bf4b
libvirt/src/qemu/qemu_conf.h

205 lines
5.8 KiB
C
Raw Normal View History

Added QEMU support
2007-02-14 01:40:09 +00:00
/*
QEMU domain XML conversion from QEMU argv
2009-05-21 14:16:55 +00:00
* qemu_conf.h: QEMU configuration management
Added QEMU support
2007-02-14 01:40:09 +00:00
*
qemu: Introduce inactive PCI device list pciTrySecondaryBusReset checks if there is active device on the same bus, however, qemu driver doesn't maintain an effective list for the inactive devices, and it passes meaningless argument for parameter "inactiveDevs". e.g. (qemuPrepareHostdevPCIDevices) if (!(pcidevs = qemuGetPciHostDeviceList(hostdevs, nhostdevs))) return -1; ..skipped... if (pciResetDevice(dev, driver->activePciHostdevs, pcidevs) < 0) goto reattachdevs; NB, the "pcidevs" used above are extracted from domain def, and thus one won't be able to attach a device of which bus has other device even detached from host (nodedev-detach). To see more details of the problem: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=773667 This patch is to resolve the problem by introducing an inactive PCI device list (just like qemu_driver->activePciHostdevs), and the whole logic is: * Add the device to inactive list during nodedev-dettach * Remove the device from inactive list during nodedev-reattach * Remove the device from inactive list during attach-device (for non-managed device) * Add the device to inactive list after detach-device, only if the device is not managed With the above, we have a sufficient inactive PCI device list, and thus we can use it for pciResetDevice. e.g.(qemuPrepareHostdevPCIDevices) if (pciResetDevice(dev, driver->activePciHostdevs, driver->inactivePciHostdevs) < 0) goto reattachdevs;
2012-01-17 20:02:05 +00:00
* Copyright (C) 2006-2007, 2009-2012 Red Hat, Inc.
Added QEMU support
2007-02-14 01:40:09 +00:00
* Copyright (C) 2006 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
Desert the FSF address in copyright Per the FSF address could be changed from time to time, and GNU recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html) You should have received a copy of the GNU General Public License along with Foobar. If not, see <http://www.gnu.org/licenses/>. This patch removes the explicit FSF address, and uses above instead (of course, with inserting 'Lesser' before 'General'). Except a bunch of files for security driver, all others are changed automatically, the copyright for securify files are not complete, that's why to do it manually: src/security/security_selinux.h src/security/security_driver.h src/security/security_selinux.c src/security/security_apparmor.h src/security/security_apparmor.c src/security/security_driver.c
2012-07-21 10:06:23 +00:00
* License along with this library; If not, see
* <http://www.gnu.org/licenses/>.
Added QEMU support
2007-02-14 01:40:09 +00:00
*
* Author: Daniel P. Berrange <berrange@redhat.com>
*/
Tue Feb 14 14:39:18 EST 2007 Mark McLoughlin <markmc@redhat.com * conf.[ch]: rename from config.[ch] so we can use autoconf's config.h * Makefile.am: update * driver.c, qemud.c: upd.
2007-02-14 15:41:03 +00:00
#ifndef __QEMUD_CONF_H
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# define __QEMUD_CONF_H
Added QEMU support
2007-02-14 01:40:09 +00:00
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# include <config.h>
Mon Nov 26 11:49:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com> * src/bridge.c, src/bridge.h, src/qemu_conf.c, src/qemu_conf.h, src/qemu_driver.c, src/qemu_driver.h, src/test.c: Disable more of qemu if configured --without-qemu.
2007-11-26 11:50:16 +00:00
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# include "ebtables.h"
# include "internal.h"
# include "capabilities.h"
# include "network_conf.h"
# include "domain_conf.h"
# include "domain_event.h"
# include "threads.h"
Refactor the security drivers to simplify usage The current security driver usage requires horrible code like if (driver->securityDriver && driver->securityDriver->domainSetSecurityHostdevLabel && driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver, vm, hostdev) < 0) This pair of checks for NULL clutters up the code, making the driver calls 2 lines longer than they really need to be. The goal of the patchset is to change the calling convention to simply if (virSecurityManagerSetHostdevLabel(driver->securityDriver, vm, hostdev) < 0) The first check for 'driver->securityDriver' being NULL is removed by introducing a 'no op' security driver that will always be present if no real driver is enabled. This guarentees driver->securityDriver != NULL. The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel' being non-NULL is hidden in a new abstraction called virSecurityManager. This separates the driver callbacks, from main internal API. The addition of a virSecurityManager object, that is separate from the virSecurityDriver struct also allows for security drivers to carry state / configuration information directly. Thus the DAC/Stack drivers from src/qemu which used to pull config from 'struct qemud_driver' can now be moved into the 'src/security' directory and store their config directly. * src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to use new virSecurityManager APIs * src/qemu/qemu_security_dac.c, src/qemu/qemu_security_dac.h src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h: Move into src/security directory * src/security/security_stack.c, src/security/security_stack.h, src/security/security_dac.c, src/security/security_dac.h: Generic versions of previous QEMU specific drivers * src/security/security_apparmor.c, src/security/security_apparmor.h, src/security/security_driver.c, src/security/security_driver.h, src/security/security_selinux.c, src/security/security_selinux.h: Update to take virSecurityManagerPtr object as the first param in all callbacks * src/security/security_nop.c, src/security/security_nop.h: Stub implementation of all security driver APIs. * src/security/security_manager.h, src/security/security_manager.c: New internal API for invoking security drivers * src/libvirt.c: Add missing debug for security APIs
2010-11-17 20:26:30 +00:00
# include "security/security_manager.h"
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# include "cgroup.h"
# include "pci.h"
qemu: Keep list of USB devices attached to domains In order to avoid situation where a USB device is in use by two domains, we must keep a list of already attached devices like we do for PCI.
2011-12-21 17:58:29 +00:00
# include "hostusb.h"
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# include "cpu_conf.h"
# include "driver.h"
Fix race in finding available vnc port The qemu driver contains a subtle race in the logic to find next available vnc port. Currently it iterates through all available ports and returns the first for which bind(2) succeeds. However it is possible that a previously issued port has not yet been bound by qemu, resulting in the same port used for a subsequent domain. This patch addresses the race by using a simple bitmap to "reserve" the ports allocated by libvirt. V2: - Put port bitmap in struct qemud_driver - Initialize bitmap in qemudStartup V3: - Check for failure of virBitmapGetBit - Additional check for port != -1 before calling virbitmapClearBit V4: - Check for failure of virBitmap{Set,Clear}Bit
2010-05-21 13:52:09 +00:00
# include "bitmap.h"
qemu: convert to virCommand * src/qemu/qemu_conf.c (qemudExtractVersionInfo): Check for file before executing it here, rather than in callers. (qemudBuildCommandLine): Rewrite with virCommand. * src/qemu/qemu_conf.h (qemudBuildCommandLine): Update signature. * src/qemu/qemu_driver.c (qemuAssignPCIAddresses) (qemudStartVMDaemon, qemuDomainXMLToNative): Adjust callers.
2010-11-22 23:09:13 +00:00
# include "command.h"
Add a watchdog action `dump' `dump' watchdog action lets libvirtd to dump the guest when receives a watchdog event (which probably means a guest crash) Currently only qemu is supported.
2010-12-08 06:19:17 +00:00
# include "threadpool.h"
Integrate the QEMU driver with the lock manager infrastructure The QEMU integrates with the lock manager instructure in a number of key places * During startup, a lock is acquired in between the fork & exec * During startup, the libvirtd process acquires a lock before setting file labelling * During shutdown, the libvirtd process acquires a lock before restoring file labelling * During hotplug, unplug & media change the libvirtd process holds a lock while setting/restoring labels The main content lock is only ever held by the QEMU child process, or libvirtd during VM shutdown. The rest of the operations only require libvirtd to hold the metadata locks, relying on the active QEMU still holding the content lock. * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug, src/qemu/test_libvirtd_qemu.aug: Add config parameter for configuring lock managers * src/qemu/qemu_driver.c: Add calls to the lock manager
2010-10-26 14:04:46 +00:00
# include "locking/lock_manager.h"
Move QEMU driver into main libvirt.so and use single daemon for all drivers
2007-06-26 23:48:46 +00:00
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# define QEMUD_CPUMASK_LEN CPU_SETSIZE
Move QEMU driver into main libvirt.so and use single daemon for all drivers
2007-06-26 23:48:46 +00:00
qemu: Add connection close callbacks Add support for registering arbitrary callback to be called for a domain when a connection gets closed.
2012-03-19 13:28:10 +00:00
typedef struct _qemuDriverCloseDef qemuDriverCloseDef;
typedef qemuDriverCloseDef *qemuDriverCloseDefPtr;
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
/* Main driver state */
struct qemud_driver {
Generic internal threads API
2009-01-15 19:56:05 +00:00
virMutex lock;
Add locking for (nearly complete) thread safety to QEMU driver
2008-12-04 21:06:41 +00:00
Add a watchdog action `dump' `dump' watchdog action lets libvirtd to dump the guest when receives a watchdog event (which probably means a guest crash) Currently only qemu is supported.
2010-12-08 06:19:17 +00:00
virThreadPoolPtr workerPool;
Remove use of getuid()==0 for privilege checks
2009-06-12 13:20:13 +00:00
int privileged;
Run QEMU guests as an unprivileged user * configure.in: Add --with-qemu-user and --with-qemu-group args * libvirt.spec.in: use 'qemu' for user/group for Fedora >= 12 * qemud/libvirtd_qemu.arg, qemud/test_libvirtd_qemu.aug, src/qemu.conf: Add 'user' and 'group' args for configuration * src/Makefile.am: Create %localstatedir/cache/libvirt/qemu * src/qemu_conf.c, src/qemu_conf.h: Load user/group from config * src/qemu_driver.c: Change user ID/group ID when launching QEMU guests. Change user/group ownership on disks/usb/pci devs. Put memory dumps in %localstatedir/cache/libvirt/qemu * src/util.c, src/util.h: Add convenient APIs for converting username/groupname to user ID / group ID
2009-07-15 21:25:01 +00:00
uid_t user;
gid_t group;
Introduce a new DAC security driver for QEMU This new security driver is responsible for managing UID/GID changes to the QEMU process, and any files/disks/devices assigned to it. * qemu/qemu_conf.h: Add flag for disabling automatic file permission changes * qemu/qemu_security_dac.h, qemu/qemu_security_dac.c: New DAC driver for QEMU guests * Makefile.am: Add new files
2010-01-13 16:43:29 +00:00
int dynamicOwnership;
Run QEMU guests as an unprivileged user * configure.in: Add --with-qemu-user and --with-qemu-group args * libvirt.spec.in: use 'qemu' for user/group for Fedora >= 12 * qemud/libvirtd_qemu.arg, qemud/test_libvirtd_qemu.aug, src/qemu.conf: Add 'user' and 'group' args for configuration * src/Makefile.am: Create %localstatedir/cache/libvirt/qemu * src/qemu_conf.c, src/qemu_conf.h: Load user/group from config * src/qemu_driver.c: Change user ID/group ID when launching QEMU guests. Change user/group ownership on disks/usb/pci devs. Put memory dumps in %localstatedir/cache/libvirt/qemu * src/util.c, src/util.h: Add convenient APIs for converting username/groupname to user ID / group ID
2009-07-15 21:25:01 +00:00
Switch over fork/exec code to use virExec
2008-08-29 07:11:15 +00:00
unsigned int qemuVersion;
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
int nextvmid;
Switch QEMU driver over to generic network APIs
2008-07-11 17:33:45 +00:00
Place every QEMU guest in a private cgroup * src/qemu_driver.c: Place guest in cgroup upon startup. Remove cgroup upon shutdown
2009-07-09 13:10:59 +00:00
virCgroupPtr cgroup;
Make QEMU cgroups use configurable * qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf: Add 'cgroups_controllers' and 'cgroups_device_acl' parameters * src/qemu_conf.h, src/qemu_conf.c: Load & parse configuration params for cgroups * src/qemu_driver.c: Only use cgroups controllers that are activated, and use configured device whitelist instead of default, if set.
2009-07-22 15:08:04 +00:00
int cgroupControllers;
char **cgroupDeviceACL;
Switch domain objects to array instead of linked list
2008-10-10 14:20:37 +00:00
virDomainObjList domains;
Switch QEMU driver over to generic network APIs
2008-07-11 17:33:45 +00:00
Move QEMU monitor socket in /var/lib/libvirt/qemu Separate the guest created QEMU monitor socket location from the libvirtd create XML / PID data files, to improve security separation when running QEMU non-root * libvirt.spec.in: Leave /var/run/libvirt/qemu as root:root * src/qemu_conf.h: Add libDir and cacheDir directory paths * src/qemu_driver.c: Move QEMU monitor socket from stateDir to libDir to avoid making security critical directory accessible to QEMU guests. * src/util.c: Delay running hook till after damonizing to ensure pidfile is still written before changing UID/GID
2009-08-25 15:49:09 +00:00
/* These four directories are ones libvirtd uses (so must be root:root
* to avoid security risk from QEMU processes */
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
char *configDir;
char *autostartDir;
Switch QEMU driver over to generic domain APIs
2008-07-11 19:34:11 +00:00
char *logDir;
let qemu/kvm instances write a pid file
2008-12-18 15:22:49 +00:00
char *stateDir;
Move QEMU monitor socket in /var/lib/libvirt/qemu Separate the guest created QEMU monitor socket location from the libvirtd create XML / PID data files, to improve security separation when running QEMU non-root * libvirt.spec.in: Leave /var/run/libvirt/qemu as root:root * src/qemu_conf.h: Add libDir and cacheDir directory paths * src/qemu_driver.c: Move QEMU monitor socket from stateDir to libDir to avoid making security critical directory accessible to QEMU guests. * src/util.c: Delay running hook till after damonizing to ensure pidfile is still written before changing UID/GID
2009-08-25 15:49:09 +00:00
/* These two directories are ones QEMU processes use (so must match
* the QEMU user/group */
char *libDir;
char *cacheDir;
Implement managed save operations for qemu driver The images are saved in /var/lib/libvirt/qemu/save/ and named $domainname.save . The directory is created appropriately at daemon startup. When a domain is started while a saved image is available, libvirt will try to load this saved image, and start the domain as usual in case of failure. In any case the saved image is discarded once the domain is created. * src/qemu/qemu_conf.h: adds an extra save path to the driver config * src/qemu/qemu_driver.c: implement the 3 new operations and handling of the image directory
2010-04-01 15:57:32 +00:00
char *saveDir;
Snapshot QEMU driver. Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-02 14:10:37 +00:00
char *snapshotDir;
snapshot: cache qemu-img location As more clients start to want to know this information, doing a PATH stat walk and malloc for every client adds up. We are only caching the location, not the capabilities, so even if qemu-img is updated in the meantime, it will still probably live in the same location. So there is no need to worry about clearing this particular cache. * src/qemu/qemu_conf.h (qemud_driver): Add member. * src/qemu/qemu_driver.c (qemudShutdown): Cleanup. (qemuFindQemuImgBinary): Add an argument, and cache result. (qemuDomainSnapshotForEachQcow2, qemuDomainSnapshotDiscard) (qemuDomainSnapshotCreateInactive, qemuDomainSnapshotRevertInactive) (qemuDomainSnapshotCreateXML, qemuDomainRevertToSnapshot): Update callers.
2011-08-12 16:12:47 +00:00
char *qemuImgBinary;
qemu: Add conf option to auto setup VNC unix sockets If vnc_auto_unix_socket is enabled, any VNC devices without a hardcoded listen or socket value will be setup to serve over a unix socket in /var/lib/libvirt/qemu/$vmname.vnc. We store the generated socket path in the transient VM definition at CLI build time.
2011-01-12 04:44:11 +00:00
unsigned int vncAutoUnixSocket : 1;
* src/stats_linux.c: patch from Jim Paris to fix compilation when Xen isn't installed * src/qemu_conf.h: small cleanup of signedness of bitfields from Jim Paris Daniel
2007-11-15 10:56:24 +00:00
unsigned int vncTLS : 1;
unsigned int vncTLSx509verify : 1;
Support SASL auth for VNC server.
2009-03-16 13:54:26 +00:00
unsigned int vncSASL : 1;
Added QEMU driver config file
2007-10-12 16:05:44 +00:00
char *vncTLSx509certdir;
Switch QEMU driver over to generic domain APIs
2008-07-11 19:34:11 +00:00
char *vncListen;
Support VNC password setting in QEMU driver
2009-01-29 17:50:00 +00:00
char *vncPassword;
Support SASL auth for VNC server.
2009-03-16 13:54:26 +00:00
char *vncSASLdir;
Add SPICE support for QEMU driver configuration file In common with VNC, the QEMU driver configuration file is used specify the host level TLS certificate location and a default password / listen address * src/qemu/qemu.conf: Add spice_listen, spice_tls, spice_tls_x509_cert_dir & spice_password config params * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Parsing of spice config parameters and updating -spice arg generation to use them * tests/qemuxml2argvdata/qemuxml2argv-graphics-spice-rhel6.args, tests/qemuxml2argvtest.c: Expand test case to cover driver level configuration
2010-03-05 20:31:50 +00:00
unsigned int spiceTLS : 1;
char *spiceTLSx509certdir;
char *spiceListen;
char *spicePassword;
qemu: configurable remote display port boundaries The defines QEMU_REMOTE_PORT_MIN and QEMU_REMOTE_PORT_MAX were used to find free port when starting domains. As this was hard-coded to the same ports as default VNC servers, there were races with these other programs. This patch includes the possibility to change the default starting port as well as the maximum port (mostly for completeness) in qemu config file. Support for two new config options in qemu.conf is added: - remote_port_min (defaults to QEMU_REMOTE_PORT_MIN and must be >= than this value) - remote_port_max (defaults to QEMU_REMOTE_PORT_MAX and must be <= than this value)
2012-06-18 08:22:07 +00:00
int remotePortMin;
int remotePortMax;
Support configuration of huge pages in guests Add option to domain XML for <memoryBacking> <hugepages/> </memoryBacking> * configure.in: Add check for mntent.h * qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf Add 'hugetlbfs_mount' config parameter * src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU, and pass it when hugepages are requested. Load hugetlbfs_mount config parameter, search for mount if not given. * src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown. Create directory for QEMU hugepage usage, chowning if required. * docs/formatdomain.html.in: Document memoryBacking/hugepages elements * docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema * src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint helper API * tests/qemuhelptest.c: Add -mem-path constants * tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage handling * tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml, tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for hugepage tests
2009-08-25 14:05:18 +00:00
char *hugetlbfs_mount;
char *hugepage_path;
Add formal internal capabilities API and update drivers to use it
2008-02-27 04:35:08 +00:00
add MAC address based port filtering to qemu * src/qemu/qemu.conf src/qemu/qemu_conf.c src/qemu/qemu_conf.h: there is a new config type option for mac filtering * src/qemu/qemu_bridge_filter.[ch]: new module for the ebtable entry points * src/qemu/qemu_driver.c: plug the MAC filtering at the right places in the domain life cycle * src/Makefile.am po/POTFILES.in: add the new module
2009-11-03 22:41:23 +00:00
unsigned int macFilter : 1;
ebtablesContext *ebtables;
Use pciDeviceIsAssignable in qemu driver Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2009-12-22 17:21:16 +00:00
unsigned int relaxedACS : 1;
qemu: Allow using regular audio backends with VNC Currently all host audio backends are disabled if a VM is using VNC, in favor of the QEMU VNC audio extension. Unfortunately no released VNC client supports this extension, so users have no way of getting audio to work if using VNC. Add a new config option in qemu.conf which allows changing libvirt's behavior, but keep the default intact. v2: Fix doc typos, change name to vnc_allow_host_audio
2010-05-19 20:41:01 +00:00
unsigned int vncAllowHostAudio : 1;
qemu: Add a qemu.conf option for clearing capabilities Currently there is no way to opt out of libvirt dropping POSIX capabilities for qemu. This at least is a useful debugging tool, but is also wanted by users (and distributors): https://bugzilla.redhat.com/show_bug.cgi?id=559154 https://bugzilla.redhat.com/show_bug.cgi?id=573850 v2: Clarify qemu.conf comment, warn about security implications v3: Add .aug changes
2010-05-27 23:17:55 +00:00
unsigned int clearEmulatorCapabilities : 1;
Disable all disk probing in QEMU driver & add config option to re-enable Disk format probing is now disabled by default. A new config option in /etc/qemu/qemu.conf will re-enable it for existing deployments where this causes trouble
2010-06-15 16:58:58 +00:00
unsigned int allowDiskFormatProbing : 1;
Add process= support for 'qemu-kvm -name' This sets the process name to the same value as the Windows title, but since the name is limited to 16 chars only this is kept as a configuration option and turned off by default * src/qemu/qemu.conf src/qemu/qemu_conf.[ch]: hceck for support in the QEmu help output, add the option in qemu conf file and augment qemudBuildCommandLine to add it if switched on * src/qemu/libvirtd_qemu.aug src/qemu/test_libvirtd_qemu.aug: augment the augeas lenses accordingly * tests/qemuhelptest.c: cope with the extra flag being detected now
2010-10-20 08:25:05 +00:00
unsigned int setProcessName : 1;
qemu: Allow using regular audio backends with VNC Currently all host audio backends are disabled if a VM is using VNC, in favor of the QEMU VNC audio extension. Unfortunately no released VNC client supports this extension, so users have no way of getting audio to work if using VNC. Add a new config option in qemu.conf which allows changing libvirt's behavior, but keep the default intact. v2: Fix doc typos, change name to vnc_allow_host_audio
2010-05-19 20:41:01 +00:00
qemu: Support for overriding NPROC limit This patch adds max_processes option to qemu.conf which can be used to override system default limit on number of processes that are allowed to be running for qemu user.
2011-04-05 12:17:28 +00:00
int maxProcesses;
qemu: Support for overriding NOFILE limit This patch adds max_files option to qemu.conf which can be used to override system default limit on number of opened files that are allowed for qemu user.
2011-12-22 11:22:31 +00:00
int maxFiles;
qemu: Support for overriding NPROC limit This patch adds max_processes option to qemu.conf which can be used to override system default limit on number of processes that are allowed to be running for qemu user.
2011-04-05 12:17:28 +00:00
qemu: Introduce job queue size limit This patch creates an optional BeginJob queue size limit. When active, all other attempts above level will fail. To set this feature assign desired value to max_queued variable in qemu.conf. Setting it to 0 turns it off.
2011-08-12 13:29:37 +00:00
int max_queued;
Add formal internal capabilities API and update drivers to use it
2008-02-27 04:35:08 +00:00
virCapsPtr caps;
Massive patch adding event APIs by Ben Guthro * include/libvirt/libvirt.h include/libvirt/libvirt.h.in src/libvirt.c src/libvirt_sym.version: new libvirt event entry points, big patch provided by Ben Guthro * Makefile.am configure.in src/driver.h src/event.c src/event.h src/internal.h src/libvirt.c src/libvirt_sym.version src/lxc_driver.c src/openvz_driver.c src/qemu_conf.h src/qemu_driver.c src/remote_internal.c src/storage_backend_fs.c src/test.c qemud/event.c qemud/event.h qemud/mdns.c qemud/qemud.c qemud/qemud.h qemud/remote.c qemud/remote_dispatch_localvars.h qemud/remote_dispatch_proc_switch.h qemud/remote_dispatch_prototypes.h qemud/remote_protocol.c qemud/remote_protocol.h qemud/remote_protocol.x proxy/Makefile.am python/generator.py: Not much is left untouched by the patch adding the events support * docs/libvirt-api.xml docs/libvirt-refs.xml docs/html/libvirt-libvirt.html: regenerated the docs * examples/domain-events/events-c/Makefile.am examples/domain-events/events-c/event-test.c: a test example * AUTHORS: added Ben Guthro daniel
2008-10-23 13:18:18 +00:00
qemu: Use virDomainEventState helpers v2: Drop libvirt_private.syms changes v3: Adjust for new virDomainEventStateNew argument
2011-05-12 12:54:07 +00:00
virDomainEventStatePtr domainEventState;
QEMU security driver usage for sVirt support (James Morris, Dan Walsh, Daniel Berrange)
2009-03-03 12:03:44 +00:00
Support for multiple default security drivers in QEMU config This patch updates the key "security_driver" in QEMU config to suport both a sigle default driver or a list of default drivers. This ensures that it will remain compatible with older versions of the config file. Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
2012-08-15 22:10:38 +00:00
char **securityDriverNames;
Add two new security label types Curently security labels can be of type 'dynamic' or 'static'. If no security label is given, then 'dynamic' is assumed. The current code takes advantage of this default, and avoids even saving <seclabel> elements with type='dynamic' to disk. This means if you temporarily change security driver, the guests can all still start. With the introduction of sVirt to LXC though, there needs to be a new default of 'none' to allow unconfined LXC containers. This patch introduces two new security label types - default: the host configuration decides whether to run the guest with type 'none' or 'dynamic' at guest start - none: the guest will run unconfined by security policy The 'none' label type will obviously be undesirable for some deployments, so a new qemu.conf option allows a host admin to mandate confined guests. It is also possible to turn off default confinement security_default_confined = 1|0 (default == 1) security_require_confined = 1|0 (default == 0) * src/conf/domain_conf.c, src/conf/domain_conf.h: Add new seclabel types * src/security/security_manager.c, src/security/security_manager.h: Set default sec label types * src/security/security_selinux.c: Handle 'none' seclabel type * src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug: New security config options * src/qemu/qemu_driver.c: Tell security driver about default config
2012-01-25 14:12:52 +00:00
bool securityDefaultConfined;
bool securityRequireConfined;
Refactor the security drivers to simplify usage The current security driver usage requires horrible code like if (driver->securityDriver && driver->securityDriver->domainSetSecurityHostdevLabel && driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver, vm, hostdev) < 0) This pair of checks for NULL clutters up the code, making the driver calls 2 lines longer than they really need to be. The goal of the patchset is to change the calling convention to simply if (virSecurityManagerSetHostdevLabel(driver->securityDriver, vm, hostdev) < 0) The first check for 'driver->securityDriver' being NULL is removed by introducing a 'no op' security driver that will always be present if no real driver is enabled. This guarentees driver->securityDriver != NULL. The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel' being non-NULL is hidden in a new abstraction called virSecurityManager. This separates the driver callbacks, from main internal API. The addition of a virSecurityManager object, that is separate from the virSecurityDriver struct also allows for security drivers to carry state / configuration information directly. Thus the DAC/Stack drivers from src/qemu which used to pull config from 'struct qemud_driver' can now be moved into the 'src/security' directory and store their config directly. * src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to use new virSecurityManager APIs * src/qemu/qemu_security_dac.c, src/qemu/qemu_security_dac.h src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h: Move into src/security directory * src/security/security_stack.c, src/security/security_stack.h, src/security/security_dac.c, src/security/security_dac.h: Generic versions of previous QEMU specific drivers * src/security/security_apparmor.c, src/security/security_apparmor.h, src/security/security_driver.c, src/security/security_driver.h, src/security/security_selinux.c, src/security/security_selinux.h: Update to take virSecurityManagerPtr object as the first param in all callbacks * src/security/security_nop.c, src/security/security_nop.h: Stub implementation of all security driver APIs. * src/security/security_manager.h, src/security/security_manager.c: New internal API for invoking security drivers * src/libvirt.c: Add missing debug for security APIs
2010-11-17 20:26:30 +00:00
virSecurityManagerPtr securityManager;
Compressed save image format for Qemu. Implement a compressed save image format for qemu. While ideally we would have the choice between compressed/non-compressed available to the libvirt API, unfortunately there is no "flags" parameter to the virDomainSave() API. Therefore, implement this as a qemu.conf option. gzip, bzip2, and lzma are implemented, and it should be very easy to implement additional compression methods. One open question is if/how we should detect the compression binaries. One way to do it is to do compile-time setting of the paths (via configure.in), but that doesn't seem like a great thing to do. My preferred solution is not to detect at all; when we go to run the commands that need them, if they aren't available, or aren't available in one of the standard paths, then we'll fail. That's also the solution implemented in this patch. In the future, we'll have a more robust (managed) save/restore API, at which time we can expose this functionality properly in the API. V2: get rid of redundant dd command and just use >> to append data. V3: Add back the missing pieces for the enum and bumping the save version. V4: Make the compressed field in the save_header an int. Implement LZMA compression. Signed-off-by: Chris Lalancette <clalance@redhat.com>
2009-08-07 11:34:05 +00:00
char *saveImageFormat;
add compression support for "virsh dump" Add dump_image_format[] to qemu.conf and support compressed dump at virsh dump. coredump compression is important for saving disk space in an environment where multiple guests run. In general, "disk space for dump" is specially allocated and will be a dead space in the system. It's used only at emergency. So, it's better to have both of save_image_format and dump_image_format. "save" is done in scheduled manner with enough calculated disk space for it. This code reuses some of save_image_format[] and supports the same format. Changelog: - modified libvirtd_qemu.aug - modified test_libvirtd_qemu.aug - fixed error handling of qemudSaveCompressionTypeFromString()
2010-10-28 07:31:46 +00:00
char *dumpImageFormat;
Maintain a list of active PCI hostdevs and use it in pciResetDevice() As we start/shutdown guests, or hotplug/hot-unplug devices, we can add or delete devices as appropriate from a list of active devices. Then, in pciReset(), we can use this to determine whether its safe to reset a device as a side effect of resetting another device. * src/qemu_conf.h: add activePciHostdevs to qemud_driver * src/qemu_driver.c: maintain the activePciHostdevs list, and pass it to pciResetDevice() * src/pci.[ch]: pass the activeDevs list to pciResetDevice() and use it to determine whether a Secondary Bus Reset is safe
2009-08-17 14:05:23 +00:00
Add a watchdog action `dump' `dump' watchdog action lets libvirtd to dump the guest when receives a watchdog event (which probably means a guest crash) Currently only qemu is supported.
2010-12-08 06:19:17 +00:00
char *autoDumpPath;
save: support bypass-cache flag in qemu.conf When auto-dumping a domain on crash events, or autostarting a domain with managed save state, let the user configure whether to imply the bypass cache flag. * src/qemu/qemu.conf (auto_dump_bypass_cache, auto_start_bypass_cache): Document new variables. * src/qemu/libvirtd_qemu.aug (vnc_entry): Let augeas parse them. * src/qemu/qemu_conf.h (qemud_driver): Store new preferences. * src/qemu/qemu_conf.c (qemudLoadDriverConfig): Parse them. * src/qemu/qemu_driver.c (processWatchdogEvent, qemuAutostartDomain): Honor them.
2011-07-19 21:54:48 +00:00
bool autoDumpBypassCache;
bool autoStartBypassCache;
Add a watchdog action `dump' `dump' watchdog action lets libvirtd to dump the guest when receives a watchdog event (which probably means a guest crash) Currently only qemu is supported.
2010-12-08 06:19:17 +00:00
Maintain a list of active PCI hostdevs and use it in pciResetDevice() As we start/shutdown guests, or hotplug/hot-unplug devices, we can add or delete devices as appropriate from a list of active devices. Then, in pciReset(), we can use this to determine whether its safe to reset a device as a side effect of resetting another device. * src/qemu_conf.h: add activePciHostdevs to qemud_driver * src/qemu_driver.c: maintain the activePciHostdevs list, and pass it to pciResetDevice() * src/pci.[ch]: pass the activeDevs list to pciResetDevice() and use it to determine whether a Secondary Bus Reset is safe
2009-08-17 14:05:23 +00:00
pciDeviceList *activePciHostdevs;
qemu: Keep list of USB devices attached to domains In order to avoid situation where a USB device is in use by two domains, we must keep a list of already attached devices like we do for PCI.
2011-12-21 17:58:29 +00:00
usbDeviceList *activeUsbHostdevs;
Fix race in finding available vnc port The qemu driver contains a subtle race in the logic to find next available vnc port. Currently it iterates through all available ports and returns the first for which bind(2) succeeds. However it is possible that a previously issued port has not yet been bound by qemu, resulting in the same port used for a subsequent domain. This patch addresses the race by using a simple bitmap to "reserve" the ports allocated by libvirt. V2: - Put port bitmap in struct qemud_driver - Initialize bitmap in qemudStartup V3: - Check for failure of virBitmapGetBit - Additional check for port != -1 before calling virbitmapClearBit V4: - Check for failure of virBitmap{Set,Clear}Bit
2010-05-21 13:52:09 +00:00
qemu: Introduce inactive PCI device list pciTrySecondaryBusReset checks if there is active device on the same bus, however, qemu driver doesn't maintain an effective list for the inactive devices, and it passes meaningless argument for parameter "inactiveDevs". e.g. (qemuPrepareHostdevPCIDevices) if (!(pcidevs = qemuGetPciHostDeviceList(hostdevs, nhostdevs))) return -1; ..skipped... if (pciResetDevice(dev, driver->activePciHostdevs, pcidevs) < 0) goto reattachdevs; NB, the "pcidevs" used above are extracted from domain def, and thus one won't be able to attach a device of which bus has other device even detached from host (nodedev-detach). To see more details of the problem: RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=773667 This patch is to resolve the problem by introducing an inactive PCI device list (just like qemu_driver->activePciHostdevs), and the whole logic is: * Add the device to inactive list during nodedev-dettach * Remove the device from inactive list during nodedev-reattach * Remove the device from inactive list during attach-device (for non-managed device) * Add the device to inactive list after detach-device, only if the device is not managed With the above, we have a sufficient inactive PCI device list, and thus we can use it for pciResetDevice. e.g.(qemuPrepareHostdevPCIDevices) if (pciResetDevice(dev, driver->activePciHostdevs, driver->inactivePciHostdevs) < 0) goto reattachdevs;
2012-01-17 20:02:05 +00:00
/* The devices which is are not in use by the host or any guest. */
pciDeviceList *inactivePciHostdevs;
qemu: Unify port-wise SPICE and VNC behavior Port allocations for SPICE and VNC behave almost the same (with default ports), but there is some mess in the code. This patch clears these inconsistencies and makes sure the same behavior will be used when ports for remote displays are changed. Changes: - hard-coded number 5900 removed (handled elsewhere like with VNC) - reservedVNCPorts renamed to reservedRemotePorts (it's not just for VNC anymore) - QEMU_VNC_PORT_{MIN,MAX} renamed to QEMU_REMOTE_PORT_{MIN,MAX} - port allocation unified for VNC and SPICE
2012-06-18 07:58:31 +00:00
virBitmapPtr reservedRemotePorts;
Read the host sysinfo for the QEmu driver Read and store the data when initializing the driver.
2010-10-29 12:18:29 +00:00
virSysinfoDefPtr hostsysinfo;
Integrate the QEMU driver with the lock manager infrastructure The QEMU integrates with the lock manager instructure in a number of key places * During startup, a lock is acquired in between the fork & exec * During startup, the libvirtd process acquires a lock before setting file labelling * During shutdown, the libvirtd process acquires a lock before restoring file labelling * During hotplug, unplug & media change the libvirtd process holds a lock while setting/restoring labels The main content lock is only ever held by the QEMU child process, or libvirtd during VM shutdown. The rest of the operations only require libvirtd to hold the metadata locks, relying on the active QEMU still holding the content lock. * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h, src/qemu/libvirtd_qemu.aug, src/qemu/test_libvirtd_qemu.aug: Add config parameter for configuring lock managers * src/qemu/qemu_driver.c: Add calls to the lock manager
2010-10-26 14:04:46 +00:00
virLockManagerPluginPtr lockManager;
Add infrastructure to automatically destroy guests when a connection closes Sometimes it is useful to be able to automatically destroy a guest when a connection is closed. For example, kill an incoming migration if the client managing the migration dies. This introduces a map between guest 'uuid' strings and virConnectPtr objects. When a connection is closed, any associated guests are killed off. * src/qemu/qemu_conf.h: Add autokill hash table to qemu driver * src/qemu/qemu_process.c, src/qemu/qemu_process.h: Add APIs for performing autokill of guests associated with a connection * src/qemu/qemu_driver.c: Initialize autodestroy map
2011-06-23 09:37:57 +00:00
qemu: Add connection close callbacks Add support for registering arbitrary callback to be called for a domain when a connection gets closed.
2012-03-19 13:28:10 +00:00
/* Mapping of 'char *uuidstr' -> qemuDriverCloseDefPtr of domains
* which want a specific cleanup to be done when a connection is
* closed. Such cleanup may be to automatically destroy the
* domain or abort a particular job running on it.
*/
virHashTablePtr closeCallbacks;
qemu: Add support for keepalive messages during p2p migration
2011-09-16 11:50:56 +00:00
int keepAliveInterval;
unsigned int keepAliveCount;
qemu: conf: add seccomp_sandbox option
2012-09-17 07:59:53 +00:00
int seccompSandbox;
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
};
Qemu arbitrary command-line arguments. Implement the qemu hooks for XML namespace data. This allows us to specify a qemu XML namespace, and then specify: <qemu:commandline> <qemu:arg value='arg'/> <qemu:env name='name' value='value'/> </qemu:commandline> In the domain XML. Changes since v1: - Change the <qemu:arg>arg</qemu:arg> XML to <qemu:arg value='arg'/> XML - Fix up some memory leaks in qemuDomainDefNamespaceParse - Rename num_extra and extra to num_args and args, respectively - Fixed up some error messages - Make sure to escape user-provided data in qemuDomainDefNamespaceFormatXML Changes since v2: - Add checking to ensure environment variable names are valid - Invert the logic in qemuDomainDefNamespaceFormatXML to return early Changes since v3: - Change strspn() to c_isalpha() check of first letter of environment variable Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-04-17 01:49:31 +00:00
typedef struct _qemuDomainCmdlineDef qemuDomainCmdlineDef;
typedef qemuDomainCmdlineDef *qemuDomainCmdlineDefPtr;
struct _qemuDomainCmdlineDef {
unsigned int num_args;
char **args;
unsigned int num_env;
char **env_name;
char **env_value;
};
KVM/QEmu migration support * qemud/remote.c qemud/remote_dispatch_localvars.h qemud/remote_dispatch_proc_switch.h qemud/remote_dispatch_prototypes.h qemud/remote_protocol.c qemud/remote_protocol.h qemud/remote_protocol.x src/driver.h src/libvirt.c src/libvirt_internal.h src/libvirt_sym.version src/lxc_driver.c src/openvz_driver.c src/qemu_conf.h src/qemu_driver.c src/remote_internal.c src/test.c src/virsh.c: large patch to add migration support for KVM/QEmu, based on the work of Rich Jones and Chris Lalancette. This introduce a new version of the prepare and finish steps of the migration, so changes the driver API and a lot of code. Daniel
2008-11-14 08:42:47 +00:00
/* Port numbers used for KVM migration. */
build: consistently indent preprocessor directives * global: patch created by running: for f in $(git ls-files '*.[ch]') ; do cppi $f > $f.t && mv $f.t $f done
2010-03-09 18:22:22 +00:00
# define QEMUD_MIGRATION_FIRST_PORT 49152
# define QEMUD_MIGRATION_NUM_PORTS 64
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
Move QEMU driver lock helpers to a separate file To allow their use from other source files, move qemuDriverLock and qemuDriverUnlock to qemu_conf.h and make them non-static * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Add qemuDriverLock qemuDriverUnlock * src/qemu/qemu_driver.c: Remove qemuDriverLock and qemuDriverUnlock
2010-12-16 16:11:48 +00:00
void qemuDriverLock(struct qemud_driver *driver);
void qemuDriverUnlock(struct qemud_driver *driver);
Added QEMU driver config file
2007-10-12 16:05:44 +00:00
int qemudLoadDriverConfig(struct qemud_driver *driver,
const char *filename);
Split up struct qemud_server to move qemu stuff into conf.c
2007-06-26 22:13:21 +00:00
qemu: Check for ejected media during startup and migration If the daemon is restarted so we reconnect to monitor, cdrom media can be ejected. In that case we don't want to show it in domain xml, or require it on migration destination. To check for disk status use 'info block' monitor command.
2011-09-13 13:49:50 +00:00
struct qemuDomainDiskInfo {
bool removable;
bool locked;
bool tray_open;
qemu: Implement virDomainGetDiskErrors
2012-01-19 16:58:58 +00:00
int io_status;
qemu: Check for ejected media during startup and migration If the daemon is restarted so we reconnect to monitor, cdrom media can be ejected. In that case we don't want to show it in domain xml, or require it on migration destination. To check for disk status use 'info block' monitor command.
2011-09-13 13:49:50 +00:00
};
qemu: Add connection close callbacks Add support for registering arbitrary callback to be called for a domain when a connection gets closed.
2012-03-19 13:28:10 +00:00
typedef virDomainObjPtr (*qemuDriverCloseCallback)(struct qemud_driver *driver,
virDomainObjPtr vm,
virConnectPtr conn);
int qemuDriverCloseCallbackInit(struct qemud_driver *driver);
void qemuDriverCloseCallbackShutdown(struct qemud_driver *driver);
int qemuDriverCloseCallbackSet(struct qemud_driver *driver,
virDomainObjPtr vm,
virConnectPtr conn,
qemuDriverCloseCallback cb);
int qemuDriverCloseCallbackUnset(struct qemud_driver *driver,
virDomainObjPtr vm,
qemuDriverCloseCallback cb);
qemuDriverCloseCallback qemuDriverCloseCallbackGet(struct qemud_driver *driver,
virDomainObjPtr vm,
virConnectPtr conn);
void qemuDriverCloseCallbackRunAll(struct qemud_driver *driver,
virConnectPtr conn);
Mon Nov 26 11:49:00 UTC 2007 Richard W.M. Jones <rjones@redhat.com> * src/bridge.c, src/bridge.h, src/qemu_conf.c, src/qemu_conf.h, src/qemu_driver.c, src/qemu_driver.h, src/test.c: Disable more of qemu if configured --without-qemu.
2007-11-26 11:50:16 +00:00
#endif /* __QEMUD_CONF_H */
Reference in New Issue Copy Permalink