Commit Graph

22864 Commits

Author SHA1 Message Date
Simon Arlott
ab9569e546 virt-aa-helper: disallow VNC socket read permissions
The VM does not need read permission for its own VNC socket to create(),
bind(), accept() connections or to receive(), send(), etc. on connections.

https://bugzilla.redhat.com/show_bug.cgi?id=1312573
2016-04-20 09:58:47 -04:00
Cole Robinson
272c622475 storage: drop the plumbing needed for kvm-img/qcow-create
Remove all the plumbing needed for the different qcow-create/kvm-img
non-raw file creation.

We can drop the error messages because CreateQemuImg will thrown an
error for us but with slightly less fidelity (unable to find qemu-img),
which I think is acceptable given the unlikeliness of that error in
practice.
2016-04-20 08:59:57 -04:00
Cole Robinson
487d211d20 storage: remove support for /usr/bin/kvm-img
This an ubuntu/debian packaging convention. At one point it may have
been an actually different binary, but at least as of ubuntu precise
(the oldest supported ubuntu distro, released april 2012) kvm-img is
just a symlink to qemu-img for back compat.

I think it's safe to drop support for it
2016-04-20 08:55:36 -04:00
Cole Robinson
1196fed2e3 storage: remove support for /usr/bin/qcow-create
qcow-create was a crippled qemu-img impl that shipped with xen. I
think supporting this was only relevant for really old distros
that didn't have a proper qemu package, like early RHEL5. I think
it's fair to drop support
2016-04-20 08:55:36 -04:00
Cole Robinson
2f1dc3de46 man: Clarify virsh vol-clone works within a single pool
virsh vol-clone is expected to clone a volume within a single
pool; it doesn't work for cloning across pools. Clarify the docs

https://bugzilla.redhat.com/show_bug.cgi?id=1103714
2016-04-20 08:55:31 -04:00
Cole Robinson
cdb4caac81 network: Don't use ERR_NO_SUPPORT for invalid net-update requests
VIR_ERR_NO_SUPPORT maps to the error string

    this function is not supported by the connection driver

and is largely only used for when a driver doesn't have any
implementation for a public API. So its usage with invalid
net-update requests is a bit out of place. Instead use
VIR_ERR_OPERATION_UNSUPPORTED which maps to:

    Operation not supported

And is what qemu's hotplug routines use in similar scenarios
2016-04-20 08:55:09 -04:00
Cole Robinson
0496063f14 libvirt: Use conventional function names
do_open and winsock_init don't follow the naming pattern of other
functions in this file. Rename them to match
2016-04-20 08:55:09 -04:00
Cole Robinson
3b9100a4d2 Revert "daemon: use socket activation with systemd"
This reverts commit 1e9808d3a1.

We shouldn't advertise libvirtd.socket activation, since currently
it means VM/network/... autostart won't work as expected.

We tried to find a middle ground by installing the config file without
an [Install] section, since systemd won't allow .socket to be enabled
without one... or at least it did do that; presently on f24 it allows
activating the socket quite happily. This also caused user confusion[1]

Just remove the socket file. I've filed a new RFE to track coming up
with a solution to the autostart problem[2], we can point users at that
if there's more confusion:

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1279348
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1326136
2016-04-20 08:53:38 -04:00
Andrea Bolognani
bf01999e9f tests: Fix enumeration value
Commit 3a773c43c8 introduced the testCompareNetXML2XMLResult
enumeration; however, in one instance the result variable was
assigned a value from the very similar testCompareDocXML2XMLResult
enumeration, leading to a build error.

  networkxml2xmltest.c:33:42: error:
    implicit conversion from enumeration type 'testCompareDomXML2XMLResult'
    to different enumeration type 'testCompareNetXML2XMLResult'
    [-Werror,-Wenum-conversion]

  testCompareNetXML2XMLResult result = TEST_COMPARE_DOM_XML2XML_RESULT_SUCCESS;
                              ~~~~~~   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use the proper value (TEST_COMPARE_NET_XML2XML_RESULT_SUCCESS) instead.
2016-04-20 14:36:37 +02:00
Andrea Bolognani
eab0fda2ec docs: Document the new XML elements 2016-04-20 12:58:02 +02:00
Andrea Bolognani
c9458b6583 qemu: Cache GIC capabilities
Implement support for saving GIC capabilities in the cache and
read them back.
2016-04-20 12:56:47 +02:00
Andrea Bolognani
e087aa7545 qemu: Fill in GIC capabilities
Take the GIC capabilities stored in a virQEMUCaps instance and
update a virDomainCaps instance appropriately.
2016-04-20 12:55:28 +02:00
Andrea Bolognani
4e2d82f72b conf: Expose GIC capabilities
Add information about GIC capabilities to virDomainCaps and update
the formatter to include them in the XML output.
2016-04-20 12:52:41 +02:00
Andrea Bolognani
24f17f557a schema: Validate GIC capabilities
We need to expose GIC capabilities in the domain capabilities
XML: update the schema to validate documents that contain the
new information.
2016-04-20 12:51:39 +02:00
Andrea Bolognani
12209ba5bd qemu: Probe GIC capabilities
QEMU introduced the query-gic-capabilities QMP command
with commit 4468d4e0f383: use the command, if available,
to probe available GIC capabilities.

The information obtained is stored in a virQEMUCaps
instance, and will be later used to fill in a
virDomainCaps instance.
2016-04-20 12:46:48 +02:00
Andrea Bolognani
29980231db conf: Get rid of virDomainCapsDevice
The struct contains a single boolean field, 'supported':
the meaning of this field is too generic to be limited to
devices only, and in fact it's already being used for
other things like loaders and OSs.

Instead of trying to come up with a more generic name just
get rid of the struct altogether.
2016-04-20 12:41:54 +02:00
Cole Robinson
0d1579572a Explicitly error on uri=qemu://system
It's a fairly common error that a user tries to connect to a URI
like qemu://system or qemu://session (missing a slash). This errors
like:

$ virsh --connect qemu://session
error: failed to connect to the hypervisor
error: Unable to resolve address 'session' service '16514': No address associated with hostname

If you already know that the standard qemu URI has 3 slashes, that
error will make it obvious enough. But new user's may not get it.
There's even a RHEL support page explicitly mentioning it!:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/sect-Troubleshooting-Common_libvirt_errors_and_troubleshooting.html

Catch this error early in libvirt.c virConnectOpen for qemu (and vbox
which has similar rules

https://bugzilla.redhat.com/show_bug.cgi?id=1038304
2016-04-19 17:48:49 -04:00
Mikhail Feoktistov
baad90fb1c vz: handle sourceless cdroms
libvirt handles empty source as NULL, while vz sdk as
"" thus we need a bit of conversion.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-04-19 19:52:38 +03:00
Nikolay Shirokovskiy
88c6c4ab96 vz: cleanup: remove trivial function 2016-04-19 19:52:37 +03:00
Nikolay Shirokovskiy
29439964a2 vz: fix boot check to use new disk id
Current implementation does not detect all incompatible configurations.
For example if we have in vzsdk bootorder "cdrom1, cdrom0" (that is
"hdb, hda" in case of ide cdroms) and cdroms do not have disk
images inserted. In this case boot order check code fails to
distiguish them at all as for both PrlVmDev_GetFriendlyName gives "".
Well the consequences are only missing warnings but as
we just have introduced all the necessary tools to face the problem -
let's fix it.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-04-19 19:52:37 +03:00
Nikolay Shirokovskiy
c7ba62009d vz: fix detach disk to use new disk id
Actually using disk PrlVmDev_GetFriendlyName as id on
detaching volumes is not a problem. We can only detach
hard disks and these can not have empty friendly names.
But upcoming update device functionality for cdroms
can not use disk source as id at all as update operation
typically change this same source value. Thus we will need
to use cdrom bus and cdrom target name as cdrom id. So in attempt
to use same id scheme for all purpuses lets fix hard disk
detach function to use new id.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-04-19 19:52:37 +03:00
Nikolay Shirokovskiy
bc5f2aab6d vz: introduce vzsdk disk id function
Our intention is to use disk bus and disk target name pair
as disk id instead of name returned by PrlVmDev_GetFriendlyName.
We already have the code that extracts this pair from vzsdk
data. Let's factor it out into a function.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-04-19 19:52:36 +03:00
Laine Stump
3583e75d7e network: prevent duplicate entries in network device pools
Prior to this patch we didn't make any attempt to prevent two entries
in the array of interfaces/PCI devices from pointing to the same
device.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1002423
2016-04-19 12:39:13 -04:00
Laine Stump
3a773c43c8 test: enable testing for expected parse errors in network XML
This is patterned after similar functionality for domain XML tests,
but tries harder to avoid reading non-existent networkxml2xmlout data
file when parse fails.
2016-04-19 12:35:22 -04:00
Cole Robinson
153903ec53 qemu: command: drop redundant min_guarantee check
We already reject a VM with min_guarantee early in the VM startup
in qemuProcessStartValidate
2016-04-19 11:53:28 -04:00
Cole Robinson
b0a2ba2462 qemu: Remove redundant DomainObjIsActive calls
The common idiom in the driver API implementations is roughly:

- ACL check
- BeginJob (if needed)
- AgentAvailable (if needed)
- !IsActive

A few calls had an extra !IsActive before BeginJob, which doesn't
seem to serve much use. Drop them
2016-04-19 11:53:28 -04:00
Cole Robinson
27f2b74782 lxc: explicitly error on interface type=ethernet
It isn't implemented and does not work:

error: internal error: guest failed to start: /usr/lib/libvirt/libvirt_lxc: option '--veth' requires an argument
syntax: /usr/lib/libvirt/libvirt_lxc [OPTIONS] ...

We previously threw an explicit error, but this changed in
22cff52a2b , which I suspect was
untested for LXC
2016-04-18 17:49:45 -04:00
Martin Kletzander
aca4d72b2a Include sysmacros.h where needed
So in glibc-2.23 sys/sysmacros.h is no longer included from sys/types.h
and we don't build because of the usage of major/minor/makedev macros.
Autoconf already has AC_HEADER_MAJOR macro that check where exactly
these functions/macros are defined, so let's use that.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-18 20:36:57 +02:00
Martin Kletzander
32f3f0835e security: Rename DomainSetDirLabel to DomainSetPathLabel
It already labels abritrary paths, so it's just the naming that was
wrong.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-18 20:34:30 +02:00
John Ferlan
dd1400280e tests: Fix syntax in iSCSI auth/secret tests
While working on the tests for the secret initialization vector, I found
that the existing iSCSI tests were lacking in how they defined the IQN.
Many had IQN's of just 'iqn.1992-01.com.example' for one disk while using
'iqn.1992-01.com.example/1' for the second disk (same for hostdevs - guess
how they were copied/generated).

Typically (and documented this way), IQN's would include be of the form
'iqn.1992-01.com.example:storage/1' indicating an IQN using "storage" for
naming authority specific string and "/1" for the iSCSI LUN.

So modify the input XML's to use the more proper format - this of course
has a ripple effect on the output XML and the args.

Also note that the "%3A" is generated by the virURIFormat/xmlSaveUri
to represent the colon.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-04-18 12:31:50 -04:00
Michal Privoznik
905d1846cb virDomain{Get,Set}PerfEvents: Tweak documentation
These API already support VIR_DOMAIN_AFFECT_* flags. But the
documentation does not mention it. Eww.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-04-18 18:04:00 +02:00
Erik Skultety
510991b65a virt-admin: Introduce srv-threadpool-info and srv-threadpool-set commands
Wire up the server threadpool tunable APIs to virt-admin client. Also, provide
a man page for both commands.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:08:11 +02:00
Erik Skultety
93ab4da5f4 admin: Introduce virAdmServerSetThreadPoolParameters
Since threadpool increments the current number of threads according to current
load, i.e. how many jobs are waiting in the queue. The count however, is
constrained by max and min limits of workers. The logic of this new API works
like this:
    1) setting the minimum
        a) When the limit is increased, depending on the current number of
           threads, new threads are possibly spawned if the current number of
           threads is less than the new minimum limit
        b) Decreasing the minimum limit has no possible effect on the current
           number of threads
    2) setting the maximum
        a) Icreasing the maximum limit has no immediate effect on the current
           number of threads, it only allows the threadpool to spawn more
           threads when new jobs, that would otherwise end up queued, arrive.
        b) Decreasing the maximum limit may affect the current number of
           threads, if the current number of threads is less than the new
           maximum limit. Since there may be some ongoing time-consuming jobs
           that would effectively block this API from killing any threads.
           Therefore, this API is asynchronous with best-effort execution,
           i.e. the necessary number of workers will be terminated once they
           finish their previous job, unless other workers had already
           terminated, decreasing the limit to the requested value.
    3) setting priority workers
        - both increase and decrease in count of these workers have an
          immediate impact on the current number of workers, new ones will be
          spawned or some of them get terminated respectively.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:46 +02:00
Erik Skultety
caa16d3168 admin: Introduce virAdmServerGethreadPoolParameters
New API to retrieve current server workerpool specs. Since it uses typed
parameters, more specs to retrieve can be further included in the pool of
supported ones.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:36 +02:00
Erik Skultety
c618d48a38 admin: Prepare admin protocol for future worker related procedures
Before any getter or setter methods can be introduced, first specify a set of
public attributes/flags that these methods will be compatible with.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:27 +02:00
Erik Skultety
c516e7d31a util: Add more getters to threadpool parameters
In order for the client to see all thread counts and limits, current total
and free worker count getters need to be introduced. Client might also be
interested in the job queue length, so provide a getter for that too. As with
the other getters, preparing for the admin interface, mutual exclusion is used
within all getters.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:18 +02:00
Erik Skultety
e981607e4a util: Use a mutex when retrieving threadpool data
So far, the values the affected getters retrieve are static, i.e. there's no
way of changing them during runtime. But admin interface will later enable
not only getting but changing them as well. So to prevent phenomenons like
torn reads or concurrent reads and writes of unaligned values, use mutual
exclusion when getting these values (writes do, understandably, use them
already).

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:07:09 +02:00
Erik Skultety
7968517593 util: Report system error when virThreadCreateFull fails
Otherwise 'Unknown' error will be returned to client.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:06:54 +02:00
Erik Skultety
396f80519e util: Refactor thread creation by introducing virThreadPoolExpand
When either creating a threadpool, or creating a new thread to accomplish a job
that had been placed into the jobqueue, every time thread-specific data need to
be allocated, threadpool needs to be (re)-allocated and thread count indicators
updated. Make the code clearer to read by compressing these operations into a
more complex one.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:06:40 +02:00
Erik Skultety
84d21591a8 admin: Enable usage of typed parameters
Make all relevant changes to admin protocol, in order to achieve $(subj)

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:06:19 +02:00
Erik Skultety
f5d9c5d00c libvirt-host: Move virTypedParam* to libvirt-common
Commits 0472cef6, 9afc115f, 8cd1d546 exported typed params handlers internally,
but a commit which would move the public definition from libvirt-host to
libvirt-common was missing.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
2016-04-18 17:05:48 +02:00
Peter Krempa
dc7aeeade1 event-test: Enforce domain event sync
Use verify to force adding new events by means of static assertions.
2016-04-18 16:31:30 +02:00
Peter Krempa
09b28782de event-test: Add VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON
When adding the static check I've noticed that one other event is
missing.
2016-04-18 16:31:29 +02:00
Peter Krempa
cecbb0642e event-test: Add VIR_DOMAIN_EVENT_ID_DEVICE_REMOVAL_FAILED 2016-04-18 16:31:29 +02:00
Peter Krempa
9e9a5cf0f4 event-test: Add VIR_DOMAIN_EVENT_ID_JOB_COMPLETED 2016-04-18 16:31:29 +02:00
Peter Krempa
bb25001a5b event-test: Add VIR_DOMAIN_EVENT_ID_MIGRATION_ITERATION callback 2016-04-18 16:31:29 +02:00
Peter Krempa
9da32b368e event-test: Add VIR_DOMAIN_EVENT_ID_BLOCK_JOB and VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2 2016-04-18 16:31:29 +02:00
Peter Krempa
e55b149169 event-test: make domain event registration declarative
Rather than copying loads of ugly code, let's help out by a few C
tricks.
2016-04-18 16:31:29 +02:00
Peter Krempa
16dfe015f9 event-test: warn on unhandled enum values
Avoid forgetting to add the correct fields to the switches in
event-test.
2016-04-18 16:31:29 +02:00
Peter Krempa
ab48005f10 event-test: make few switch statements future proof
Make them return "uknown" for invalid values without breaking compiler
checks to add new values.
2016-04-18 16:31:28 +02:00