* src/remote_internal.c: Split remoteAuthPolkit into separate
impls for v0 and v1 to avoid compile warnings due to unused
variables/params
* qemud/remote.c: Remove accidental tabs
* configure.in: Check for pkcheck which indicates new policykit
* qemud/Makefile.am: Install different versions of policy
* qemud/libvirtd.policy: Rename to libvirtd.policy-0
* qemud/libvirtd.policy-1: new style policy
* qemud/qemud.c, qemud/qemud.h, qemud/remote.c: Support new
policykit API via external pkcheck helper
* src/remote_internal.c: Don't prompt for polkit auth with new
policykit API
* libvirt.spec.in: deal with new policy install locations & deps
Matthias correctly points out that escape_specialcharaters() takes a
length, and since we are now malloc()'ing string in phypOpen instead of
making it a static array, we can't use sizeof(string) anymore. Calculate
the proper strlen and then use that both to allocate the string and also
pass it to escape_specialcharacters().
Signed-off-by: Chris Lalancette <clalance@redhat.com>
I came across this line in the phypOpen function:
char string[strlen(conn->uri->path)];
Here the path part of the given URI is used without checking it for
NULL, this can cause a segfault as strlen expects a string != NULL.
Beside that uuid_db and connection_data leak in case of an error.
In this line
conn->uri->path = string;
the original path of the URI leaks. The patch adds a VIR_FREE call
before setting the new path.
The attached patch is compile-tested but I don't have a Power
Hypervisor installation at hand to test it for real.
Matthias
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Fix up a small memory leak pointed out by DanB; I was forgetting
to release memory allocated to driver->saveImageFormat.
Also add the "save_image_format" and "security" entries to
the augeas lens.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
https://bugzilla.redhat.com/517371
Matt Booth points out that if you use a non-existent bridge name when
start a guest you get a weird error message:
Failed to add tap interface 'vnet%d' to bridge 'virbr0'
and dev='vnet%d' appears in the dumpxml output.
Fix that by not including 'vnet%d' in the error message and freeing the
'vnet%d' string if adding the tap device to the bridge fails.
* src/qemu_conf.c, src/uml_conf.c: fix qemudNetworkIfaceConnect()
and umlConnectTapDevice() to not expose 'vnet%d' to the user
As we start/shutdown guests, or hotplug/hot-unplug devices, we can add
or delete devices as appropriate from a list of active devices.
Then, in pciReset(), we can use this to determine whether its safe to
reset a device as a side effect of resetting another device.
* src/qemu_conf.h: add activePciHostdevs to qemud_driver
* src/qemu_driver.c: maintain the activePciHostdevs list, and pass it
to pciResetDevice()
* src/pci.[ch]: pass the activeDevs list to pciResetDevice() and use
it to determine whether a Secondary Bus Reset is safe
The qemuPrepareHostDevices() and qemuDomainReAttachHostDevices()
functions are clutter with a bunch of calls to pciGetDevice() and
pciFreeDevice() obscuring the basic logic.
Add a pciDeviceList type and add a qemuGetPciHostDeviceList() function
to build a list from a domain definition. Use this in prepare/re-attach
fto simplify things and eliminate the multiple pciGetDevice calls.
This is especially useful because in the next patch we need to iterate
the hostdevs list a third time and we also need a list type for keeping
track of active devices.
* src/pci.[ch]: add pciDeviceList type and also a per-device 'managed'
property
* src/libvirt_private.syms: export the new functions
* src/qemu_driver.c: add qemuGetPciHostDeviceList() and re-write
qemuPrepareHostDevices() and qemuDomainReAttachHostDevices() to use it
Newer versions of QEMU accept 'pci_add auto', but older versions require
'pci_add pci_addr=auto'
* src/qemu_driver.c: use pci_addr= in qemudDomainAttachHostPciDevice()
for older versions of QEMU
When we hot-unplug a PCI host device from a guest, we should reset it.
Both managed and unmanaged devices should be reset, but only managed
devices should be re-attached.
* src/qemu_driver.c: reset devices in qemudDomainDetachHostPciDevice()
Right now we're only resetting managed devices before hotplug, but we
should reset them irrespective of whether they are managed.
* src/qemu_driver.c: reset all PCI hostdevs before hotplug
It turns out that the previous attempt at this doesn't work well
in the case of hotplug. We need qemuCheckPciHostDevice() to
disallow the reset affecting devices already attach to the guest,
but we still need to avoid double locking the virDomainObjPtr.
This is all getting messy, I've a better idea.
This reverts commit 6318808270 and
c106c8a18c.
* src/qemu_driver.c, src/pci.[ch], src/xen_unified.c,
src/libvirt_private.syms: revert a bunch of stuff.
The current code makes a poor effort at updating the device arrays after
hot-unplug. Fix that and combine the two code paths into one.
* src/qemu_driver.c: fix list updating in qemudDomainDetachNetDevice(),
qemudDomainDetachPciDiskDevice() and qemudDomainDetachHostPciDevice()
Maybe it's just me, but I try to select an item from the tree using
double-click and get annoyed when "+-" gets included in the selection.
* src/virsh.c: add a space between "+-" and the node device name
in 'virsh nodedev-list --tree'
Currently the reference counting for connections is busted. I
first noticed it while trying to use virConnectRef; it would
eventually cause a crash in the remote_internal driver, although
that was really just a victim. Really, we should only call the
close callbacks on the methods when the references drop to 0. To
accomplish this, move all of the close callbacks into
virUnrefConnect (since there are lots of internal users of that
function), and arrange for virConnectClose to call that.
V2: Make sure to drop the connection lock before we call the close
callbacks, otherwise we could deadlock the daemon
V3: Fix up a crash when we got an error from one of the drivers
Signed-off-by: Chris Lalancette <clalance@redhat.com>
* src/domain_conf.c: Make virDomainObjListFree a no-op if list
is NULL
* src/domain_event.c: make virDomainEventCallbackListFree a no-op
if event list is NULL
* src/lxc_driver.c: Log a message if LXC driver does not startup
due to lacking kernel support
Implement a compressed save image format for qemu. While ideally
we would have the choice between compressed/non-compressed
available to the libvirt API, unfortunately there is no "flags"
parameter to the virDomainSave() API. Therefore, implement this
as a qemu.conf option. gzip, bzip2, and lzma are implemented, and
it should be very easy to implement additional compression
methods.
One open question is if/how we should detect the compression
binaries. One way to do it is to do compile-time setting of the
paths (via configure.in), but that doesn't seem like a great thing
to do. My preferred solution is not to detect at all;
when we go to run the commands that need them, if they
aren't available, or aren't available in one of the standard paths,
then we'll fail. That's also the solution implemented in this patch.
In the future, we'll have a more robust (managed) save/restore API,
at which time we can expose this functionality properly in the API.
V2: get rid of redundant dd command and just use >> to append data.
V3: Add back the missing pieces for the enum and bumping the save version.
V4: Make the compressed field in the save_header an int.
Implement LZMA compression.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
If a PCI device reset causes other devices to be reset, allow it so long
as those other devices are note assigned to another active domain.
Note, we need to take the driver lock qemudNodeDeviceReset() because the
check function will iterate over the domain list.
* src/qemu_conf.c: add qemuCheckPciHostDevice() to iterate over active
domains checking whether the affected device is assigned
* src/pci.[ch]: add pciDeviceEquals() helper
When using a Secondary Bus Reset, all devices on the bus are reset.
Extend the pciResetDevice() API so that a 'check' callback can be
supplied which will verify that it is safe to reset the other devices
on the bus.
The virDomainObjPtr parameter is needed so that when the check function
iterates over the domain list, it can avoid double locking.
* src/pci.[ch]: add a 'check' callback to pciResetDevice(), re-work
pciIterDevices() to pass the check function to the iter functions,
use the check function in the bus iterator, return the first unsafe
device from pciBusCheckOtherDevices() and include its details in
the bus reset error message.
* src/qemu_driver.c, src/xen_uninified.c: just pass NULL as the
check function for now
Currently, if we are unable to reset a PCI device we return a fairly
generic 'No PCI reset capability available' error message.
Fix that by returning an error from the individual reset messages and
using that error to construct the higher level error mesage.
* src/pci.c: set errors in pciTryPowerManagementReset() and
pciTrySecondaryBusReset() on failure; use those error messages
in pciResetDevice(), or explain that no reset support is available
When the guest shuts down, we should attempt to restore all PCI host
devices to a sane state.
In the case of managed hostdevs, we should reset and re-attach the
devices. In the case of unmanaged hostdevs, we should just reset them.
Note, KVM will already reset assigned devices when the guest shuts
down using whatever means it can, so we are only doing it to cover the
cases the kernel can't handle.
* src/qemu_driver.c: add qemuDomainReAttachHostDevices() and call
it from qemudShutdownVMDaemon()
It turns out that a PCI Power Management reset only affects individual
functions, and not the whole device.
The PCI Power Management spec talks about resetting the 'device' rather
than the 'function', but Intel's Dexuan Cui informs me that it is
actually a per-function reset.
Also, Yu Zhao has added pci_pm_reset() to the kernel, and it doesn't
reject multi-function devices, so it must be true! :-)
(A side issue is that we could defer the PM reset to the kernel if we
could detect that the kernel has PM reset support, but barring version
number checks we don't have a way to detect that support)
* src/pci.c: remove the pciDeviceContainsOtherFunctions() check from
pciTryPowerManagementReset() and prefer PM reset over bus reset
where both are available
Cc: Cui, Dexuan <dexuan.cui@intel.com>
Cc: Yu Zhao <yu.zhao@intel.com>
PCI device assignment is only supported in KVM's fork of qemu, so we
should really detect its availability and give a nice error if its
not supported.
* src/qemu_conf.[ch]: introduce QEMUD_CMD_FLAG_PCIDEVICE indicating
that the -pcidevice command line option is available
* tests/*: update the tests
Attaching a host PCI device to a qemu guest is done with a
straightforward 'pci_add auto host host=XX:XX.X' command.
Like with NIC and disk hotplug, we need to retain the guest PCI address
assigned by qemu so that we can use it for hot-unplug.
Identifying a device for detach is done using the host PCI address.
Managed mode is handled by detaching/resetting the device before
attaching it to the guest and re-attaching it after detaching it from
the guest.
* src/qemu_driver.c: add qemudDomainAttachHostPciDevice() and
qemudDomainDetachHostPciDevice()
* src/domain_conf.h: add somewhere to store the guest PCI address
* src/domain_conf.c: handle formatting and parsing the guest PCI
address
Re-factor the hostdev hotplug code so that we can easily add PCI
hostdev hotplug to qemudDomainAttachHostDevice().
* src/qemu_driver.c: rename qemudDomainAttachHostDevice() to
qemudDomainAttachHostUsbDevice(); make qemudDomainAttachHostDevice()
handle all hostdev types
* src/libvirt_private.syms: export a couple of hostdev related
ToString() functions
Some kernel versions expose broken NUMA topology for some machines.
This causes the LXC/UML drivers to fail to start. QEMU driver was
already fixed for this problem
* src/lxc_conf.c: Log and ignore failure to populate NUMA info
* src/uml_conf.c: Log and ignore failure to populate NUMA info
* src/capabilities.c: Reset nnumaCell to 0 after freeing
A couple of minor fixes to phyp escape_specialcharacters. Make it
a static function (since it's only used in phyp/phyp_driver.c), and
make it take a dstlen parameter. This paves the way for removing
strncpy in the future.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Minor fix to openvzGetVPSUUID to make it take a length parameter.
This ensures that it doesn't make assumptions about the length
of the UUID buffer, and paves the way for removal of strncpy in
the future.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
As of qemu 0.10.6, qemu now honors the -S flag on incoming migration.
That means that when the migration completes, we have to issue a
'cont' command to get the VM running again. We do it unconditionally
since it won't hurt on older qemu.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Re-factor virDomainMigrate to split out the version 1 and version 2
protocols into their own functions. In reality, the two versions share
very little in common, so forcing them together in the same function was
just confusing. This will also make adding tunnelled migration easier.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
When doing a restore, we were forgetting to update the state file
for the VM. That means that if you do a save/restore, then shut
down libvirtd, then start it back up, you'll see the state of the
guest as "paused", even though it is really running. We were
just forgetting a "virDomainSaveStatus" call in the restor path.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
If the ipv6 kernel module is not loaded, then we get this when starting
a virtual network:
libvir: Network Config error :
cannot enable /proc/sys/net/ipv6/conf/virbr0/disable_ipv6:
No such file or directory
If disable_ipv6 is not present, we should just merrily continue on our
way.
* src/network_driver.c: make networkDisableIPV6() not fail if the kernel
has no ipv6 support
If we're running qemu unprivileged, we need to chown any supplied kernel
or initrd before spawning it.
* src/qemu_driver.c: rename qemuDomainSetDiskOwnership() to
qemuDomainSetFileOwnership(), pass it a path string instead of a disk
definition and use it for chowning the kernel/initrd in
qemuDomainSetAllDeviceOwnership()
While trying to remove uses of unsafe strncpy in the tree, I came
across a couple of usages in the ESX driver. To my eyes, the snprintf
replacements do the same thing in less code, and are also safer.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Tested-by: Mattias Bolte <matthias.bolte@googlemail.com>
* src/logging.c src/logging.h src/libvirt_private.syms:
define new functions virLogSetFromEnv and virLogParseDefaultPriority
* qemud/qemud.c src/libvirt.c tests/eventtest.c: cleanup to use the
unified functions
* qemud/qemud.c src/logging.[ch]: Similar as for general libvirt, don't
convert high priority levels to debug level. Ignore LIBVIRT_LOG_FILTERS
and LIBVIRT_LOG_OUTPUTS when they're set to the empty string, otherwise
they can override a valid setting from the config file. Send all
settings through the parser functions for validation, so that the
existence of a bad setting doesn't nullify a good setting that should
have applied -- particularly the default output. Keep the order of
precedence consistent for all variables between the environment and
the config file. Warn when an invalid log level, filter, or output
is ignored.
* src/libvirt_private.syms: export internally a few convenience functions
* src/libvirt.c src/logging.c: Don't convert high priority levels to the
debug level. Don't parse LIBVIRT_LOG_FILTERS and LIBVIRT_LOG_OUTPUTS
when they're set to the empty string. Warn when the user specifies an
invalid value (empty string remains a noop).
* po/POTFILES.in: src/logging.c now include translatable strings
* src/xm_internal.c: in case of multiple connections to the xen driver
and some clients were not using domain events, the whole /etc/xen
monitoring would break leading to disapearing domains.
* src/esx/esx_driver.c src/esx/esx_vi.[ch] src/esx/esx_vmx.[ch]:
adds version checking for GSX 2.0, allows to pass a specific port
for the connection and also add a new specific gsx scheme for
easier connections to GSX hosts
Fix up qemudDomainMigratePrepare2 to use virGetHostname instead of
gethostname. Besides the fact that virGetHostname is far more clever,
there was a latent bug in the handling that could cause a buffer overflow
on a very long hostname.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
* autobuild.sh, mingw32-libvirt.spec.in: Enable esx on mingw32
* src/esx/esx_driver.c: Define AI_ADDRCONFIG if not set
* src/esx/esx_util.c, src/esx/esx_vi_types.c: Always use
%lld & friends, since gnulib guarentees we have these
and not the target's own variants
If the bridge device is configured to have IPv6 address and
accept router advertisments, then a malicious guest can send
out bogus advertisments and hijack/DOS host IPv6 connectivity
* src/network_driver.c: Set accept_ra=0, disable_ipv6=1, autoconf=0
for IPv6 sysctl on virual network bridge devices
PCIe DevCap register is actually 32 bits, not 16 bits. Since FLR is
bit 28, we clearly are failing to detect FLR support.
Known to fix device reset with some SR-IOV devices.
* src/pci.c: fix pciDetectFunctionLevelReset()
* src/util.c: Don't drop capabilities until after the PID file has
been written. Kill off child if writing the PID file fails
* src/qemu_driver.c: Remove bogus trailing '/' in state dir
* esx/esx_driver.c: add some documentation about the CPU scheduler
parameters and remove some old, unnecessary compensation code, since
virsh uses the proposed parameter types now.
* src/qemu_driver.c: fix qemudOpenMonitorUnix() to retry on ENOENT
instead of EACCES which is the error one receive when the socket
error hasn't shown up yet
In order to hotplug a network/bridge backed NIC, we need to first create
the tap file descriptor, add the tap interface to the bridge and then
pass the file descriptor to the qemu process using the 'getfd' monitor
command.
Once the tapfd has been accepted, we create the network backend using
host_net_add, supplying the name assigned to the tapfd. If this fails,
we need to close the tapfd in qemu using the 'closefd' monitor command.
If the version of qemu does not support the getfd/closefd monitor
commands we detect "unknown command" in the getfd reply and fail the
attach operation.
* src/qemu_driver.c: add support for tapfd based hotplug in
qemudDomainAttachNetDevice()
Add qemudMonitorCommandWithFd() which allows a file descriptor to be
sent to qemu over a unix monitor socket using SCM_RIGHTS. See the
unix(7) and cmsg(3) man pages.
* src/qemu_conf.c: add a scm_fd param to qemudMonitorCommandExtra(),
add qemudMonitorCommandWithFd(), implement SCM_RIGHTS support in
qemudMonitorSendUnix()
Switch from using write() to using sendmsg() on QEMU's monitor socket
so that we can add support for SCM_RIGHTS.
* src/qemu_driver.c: add sendmsg() based qemudMonitorSendUnix() and use
it when the monitor fd is a unix socket
Add a little helper function to write the monitor command followed by
carriage return in a single write.
This doesn't make any real difference, but allows us to more easily
switch to using sendmsg() when using the monitor over a unix socket.
* src/qemu_conf.c: split qemudMonitorSend() out
In subsequent patches we're going to have a file descriptor to close
too, so centralize the error handling cleanups to make things easier.
* src/qemu_conf.c: in qemudDomainAttachNetDevice() consolidate the
error handling cleanups together
With hotplug, we're going to want to pass a tapfd name rather than an
actual file descriptor, so prepare the way by passing a string tapfd to
qemuBuildHostNetStr().
* src/qemu_conf.h: qemuBuildHostNetStr() takes a string tapfd now
* src/qemu_conf.c: pass qemuBuildHostNetStr() a string rather than an
actual file descriptor
* src/qemu_driver.c: update qemudDomainAttachNetDevice() for change
* src/qemu_conf.h: export qemudNetworkIfaceConnect()
* src/qemu_conf.c: move vnet_hdr logic into qemudNetworkIfaceConnect()
since we need it for hotplug too
By probing for qemu machine types, we increased the time of a
GetCapabilities call from 100us to a whopping 60ms.
This patch takes the approach of only probing for machine types
when the mtime of the emulator binary changed since the last time
the capabilities were generated.
* src/capabilities.h: cache the emulator binary mtime
* src/qemu_conf.c: add qemudGetOldMachines() to copy the machine
types from the old caps struct if the mtime for the binary hasn't
changed
* src/qemu_conf.h, src/qemu_driver.c: pass the old caps pointer to
qemudCapsInit()
e.g. <machine canonical='pc'>pc-0.11</machine>
* src/capabilities.c: output the canonical machine names in the
capabilities output, if available
* docs/schemas/capabilities.rng: add the new attribute