Commit Graph

3962 Commits

Author SHA1 Message Date
Matthias Bolte
f4a8542dd5 vbox: Stop hardcoding a single path for VBoxXPCOMC.so
This partly reverts df90ca7661.

Don't disable the VirtualBox driver when configure can't find
VBoxXPCOMC.so, rely on detection at runtime again instead.

Keep --with-vbox=/path/to/virtualbox intact, added to for:
https://bugzilla.redhat.com/show_bug.cgi?id=609185

Detection order for VBoxXPCOMC.so:

1. VBOX_APP_HOME environment variable
2. configure provided location
3. hardcoded list of known locations
4. dynamic linker search path

Also cleanup the glue code and improve error reporting.
2010-10-29 15:50:38 +02:00
KAMEZAWA Hiroyuki
5546034210 audit: printf warning fix
fix warning
  CC     libvirt_util_la-virtaudit.lo
cc1: warnings being treated as errors
util/virtaudit.c: In function 'virAuditEncode':
util/virtaudit.c:146: error: implicit declaration of function 'virAsprintf' [-Wimplicit-function-declaration]
util/virtaudit.c:146: error: nested extern declaration of 'virAsprintf' [-Wnested-externs]
2010-10-28 11:23:42 -06:00
Stefan Berger
e92848ebfd eliminate possibility of a double-closed file descriptor
The 2nd and 3rd hunk show the only double-closed file descriptor code part that I found while trying to clean up close(). The first hunk seems a harmless cleanup in that same file.
2010-10-28 11:43:16 -04:00
Eric Blake
054d43f570 qemu: check for vm after starting a job
https://bugzilla.redhat.com/show_bug.cgi?id=638285 - when migrating
a guest, it was very easy to provoke a race where an application
could query block information on a VM that had just been migrated
away.  Any time qemu code obtains a job lock, it must also check
that the VM was not taken down in the time where it was waiting
for the lock.

* src/qemu/qemu_driver.c (qemudDomainSetMemory)
(qemudDomainGetInfo, qemuDomainGetBlockInfo): Check that vm still
exists after obtaining job lock, before starting monitor action.
2010-10-28 08:56:03 -06:00
Laine Stump
0111cebb5a Only attempt removal of the rule allowing tftp if it was added
During virtual network startup, the iptables rule that allows tftp
traffic is only added if network->def->tftproot is non-empty, but when
the virtual network is destroyed, we had been unconditionally trying
to delete the rule. This was harmless, except that it created a bogus
error message.

This patch conditionalizes the delete command in the same manner that
the insert command is already conditionalized.
2010-10-28 09:54:47 -04:00
Matthias Bolte
8578df6a49 mingw: Add body for virFork and remove double virDriverLoadModule export
Commit 9bd3cce0d2 added virFork and
virDriverLoadModule to libvirt_private.syms, but virFork didn't have
a body on Win32 and virDriverLoadModule was already correctly
exported conditional via libvirt_driver_modules.syms.
2010-10-27 21:27:19 +02:00
Daniel P. Berrange
8dc136b5fc Add disk/net resource auditing to QEMU driver
Add auditing of all initial disk/net assignments to QEMU guests
at startup. Add auditing for all hotplug & unplug events and
disk media changes.

* src/qemu/qemu_driver.c: Add disk/net resource auditing
2010-10-27 17:03:22 +01:00
Daniel P. Berrange
160b5479f2 Add auditing of security label in QEMU driver
Add auditing of the allocated security label in the QEMU driver
VM startup code

* src/qemu/qemu_driver.c: Audit security label
2010-10-27 17:03:22 +01:00
Daniel P. Berrange
62622f841a Add auditing of start/stop events to the QEMU driver
Add audit hooks to report all start and stop events on QEMU
guest domains.

* src/qemu/qemu_driver.c: Audit start/stop events
2010-10-27 17:03:21 +01:00
Daniel P. Berrange
55a9938333 Add printf format attribute annotation to virAuditSend method
* src/util/virtaudit.h: Add printf format attribute annotation
2010-10-27 17:03:21 +01:00
Daniel P. Berrange
6a75a3fa3d Add audit helper for escaping log message strings
Add a helper API for ecscaping the value in audit log
messages

* src/util/virtaudit.h, src/util/virtaudit.c,
  src/libvirt_private.syms: Add virAuditEncode
2010-10-27 17:03:21 +01:00
Daniel P. Berrange
e06772f006 Remove audit hooks from the selinux security driver code
This reverts commit b8e2de8899
The hooks will be re-added in the QEMU driver itself.

* src/security/security_selinux.c: Remove audit hooks
2010-10-27 17:03:21 +01:00
Daniel P. Berrange
43e7e8f614 Remove all auditing hooks from libvirtd dispatch code
Revert most of commit a8b5f9bd27.
The audit hooks will be re-added directly in the QEMU driver code
in a future commit

* daemon/remote.c: Remove all audit logging hooks
* src/qemu/qemu_driver.c: Remove all audit logging hooks
2010-10-27 17:03:21 +01:00
Philipp Hahn
8da08b9fde Fix xen API documentation
*src/xen/xend_internal.c: fix a couple of comments in function descriptions
2010-10-27 15:25:39 +02:00
Diego Elio Pettenò
8efebd1761 qemu: don't use %.3d format for bus/addr of USB devices
When using 0-prefixed numbers, QEmu will interpret them as octal numbers
(as C convention says); this means that if you attach a device that has
addr > 10 (decimal) you're going to attach a different device.
2010-10-26 10:19:07 -06:00
Eric Blake
f22e670b4a qemu: work around dash 0.5.5 bug in managed save
Older dash mistakenly truncates regular files when using <> redirection;
this kills our use of double dd to reduce storage overhead when
saving qemu images.  But qemu insists on running a command through
/bin/sh, so we work around it by having qemu run $sh -c 'real command'
when we have a replacement $sh in mind.

* configure.ac (VIR_WRAPPER_SHELL): Define to a replacement shell,
if /bin/sh is broken on <> redirection.
* src/qemu/qemu_monitor.h (VIR_WRAPPER_SHELL_PREFIX)
(VIR_WRAPPER_SHELL_SUFFIX): New macros.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextMigrateToFile): Use
them.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMigrateToFile):
Likewise.
2010-10-26 09:31:42 -06:00
Daniel P. Berrange
d68bb70a2d Avoid squashing errors during network startup cleanup path
When failing to start a virtual network, we have to cleanup,
tearing down any iptables rules. If the iptables rules were
not present yet though, this raises an error, which squashes
the original error we were handling.

* src/network/bridge_driver.c: When failing to start a virtual
  network, don't squash the original error in cleanup
2010-10-26 16:05:09 +01:00
Jiri Denemark
608554f237 xen: Fix domain dump
Remove redundant 'live' parameter which caused an error from xend:

    "xend.err 'Too many values for live'"
2010-10-26 13:06:47 +02:00
Daniel P. Berrange
eff1735e42 Fix formatting of network address in iptables helpers
The network address was being set to 192.168.122.0 instead
of 192.168.122.0/24. Fix this by removing the unneccessary
'network' field from virNetworkDef and just pass the
network address and netmask into the iptables APIs directly.

* src/conf/network_conf.h, src/conf/network_conf.c: Remove
  the 'network' field from virNEtworkDef.
* src/network/bridge_driver.c: Update for iptables API changes
* src/util/iptables.c, src/util/iptables.h: Require the
  network address + netmask pair to be passed in
2010-10-26 11:19:13 +01:00
Jiri Denemark
69b7552154 qemu: Fix detection of drive readonly option
So far, readonly=on option is used when qemu supports -device. However,
there are qemu versions which support readonly option with -drive
although they don't have support for -device.
2010-10-26 10:31:50 +02:00
Philipp Hahn
f3f7a87d03 Fix documentation for virEventAddTimeout()
* src/util/event.h: Fix copy&paste error from virEventAddHandle()
2010-10-26 10:23:03 +02:00
Eric Blake
24a2663f70 dnsmasq: avoid potential crash
* src/util/dnsmasq.c (hostsfileAdd): Don't free uninitialized
memory on allocation failure.
2010-10-22 10:22:20 -06:00
Matthias Bolte
05725e9bca vbox: Fix compile errors due to the virSocketAddr series 2010-10-22 14:49:37 +02:00
Daniel P. Berrange
4af718297a Don't try to parse a NULL ip address for boot server
The boot server IP address is optional, so it needs to be
checked before attempting to parse it.

* src/conf/network_conf.c: Don't parse NULL ip address for
  boot server
2010-10-22 13:28:04 +01:00
Daniel P. Berrange
090404acfe Convert virNetwork to use virSocketAddr everywhere
Instead of storing the IP address string in virNetwork related
structs, store the parsed virSocketAddr. This will make it
easier to add IPv6 support in the future, by letting driver
code directly check what address family is present

* src/conf/network_conf.c, src/conf/network_conf.h,
  src/network/bridge_driver.c: Convert to use virSocketAddr
  in virNetwork, instead of char *.
* src/util/bridge.c, src/util/bridge.h,
  src/util/dnsmasq.c, src/util/dnsmasq.h,
  src/util/iptables.c, src/util/iptables.h: Convert to
  take a virSocketAddr instead of char * for any IP
  address parameters
* src/util/network.h: Add macros to determine if an address
  is set, and what address family is set.
2010-10-22 12:07:02 +01:00
Daniel P. Berrange
4b16b9c77f Include socket address in client probe data
It is useful to know where the client is connecting from,
so include the socket address in probe data.

* daemon/libvirtd.h: Use virSocketAddr for storing client
  address and keep printable address handy for logging
* daemon/libvirtd.c: Include socket address in client
  connect/disconnect probes
* daemon/probes.d: Add socket address to probes
* examples/systemtap/client.stp: Print socket address
* src/util/network.h: Add sockaddr_un to virSocketAddr union
2010-10-22 12:00:45 +01:00
Daniel P. Berrange
a8ae7d19f4 Remove all use of inet_pton and inet_ntop
The  inet_pton and inet_ntop functions are obsolete, replaced
by getaddrinfo+getnameinfo with the AI_NUMERICHOST flag set.
These can be accessed via the virSocket APIs.

The bridge.c code had methods for fetching the IP address of
a bridge which used inet_ntop. Aside from the use of inet_ntop
these methods are broken, because a NIC can have multiple
addresses and this only returns one address. Since the methods
are never used, just remove them.

* src/conf/network_conf.c, src/nwfilter/nwfilter_learnipaddr.c:
  Replace inet_pton and inet_ntop with virSocket APIs
* src/util/bridge.c, src/util/bridge.h: Remove unused methods
  which called inet_ntop.
2010-10-22 11:59:18 +01:00
Daniel P. Berrange
640c5f1984 Remove both addrToString methods
The addrToString functionality is now available via the
virSocketFormatAddrFull method.

* daemon/remote.c, src/remote/remote_driver.c: Remove
  addrToString methods
2010-10-22 11:27:29 +01:00
Daniel P. Berrange
179c4be0e1 Fix error reporting for virSocketParse
The virSocketParse method was not doing any error reporting
which meant the true cause of the problem was lost. Remove
all error reporting from callers, and push it into virSocketParse

* src/util/network.c: Add error reporting to virSocketParse
* src/conf/domain_conf.c, src/conf/network_conf.c,
  src/network/bridge_driver.c: Remove error reporting in
  callers of virSocketParse
2010-10-22 11:26:29 +01:00
Daniel P. Berrange
497adba2d4 Expand virSocketFormat to be more flexible
The getnameinfo() function is more flexible than inet_ntop()
avoiding the need to if/else the code based on socket family.
Also make it support UNIX socket addrs and allow inclusion
of a port (service) address. Finally do proper error reporting
via normal APIs.

* src/conf/domain_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c,
  src/qemu/qemu_conf.c: Fix error handling with virSocketFormat
* src/util/network.c: Rewrite virSocketFormat to use getnameinfo
  and cope with UNIX socket addrs.
2010-10-22 11:24:12 +01:00
Daniel P. Berrange
7ab7d17bfb Remove pointless nwIPAddress struct & void *casts
The nwIPAddress was simply a wrapper about virSocketAddr.
Just use the latter directly, removing all the extra field
de-references from code & helper APIs for parsing/formatting.

Also remove all the redundant casts from strong types to
void * and then immediately back to strong types.

* src/conf/nwfilter_conf.h: Remove nwIPAddress
* src/conf/nwfilter_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c:
  Update to use virSocketAddr and remove void * casts.
2010-10-22 11:21:27 +01:00
Daniel P. Berrange
f4b54aa027 Fix netmask checks for IPv6 in virSocketCheckNetmask
There was a typo in the IPv6 path of virSocketCheckNetmask which
caused it to never execute.

* src/util/network.c: s/AF_INET/AF_INET6/ in virSocketCheckNetmask
2010-10-22 11:16:42 +01:00
Daniel P. Berrange
746c336495 Fix passing of address family to virSocketParseAddr
The virSocketParseAddr function was accepting any AF_* constant
and using that to set the ai_flags field in struct addrinfo.
This is invalid, since address families must go in the ai_family
field of the struct.

* src/util/network.c: Fix handling of address family
* src/conf/network_conf.c, src/network/bridge_driver.c: Pass
  AF_UNSPEC instead of relying on it being 0.
2010-10-22 11:16:37 +01:00
Daniel P. Berrange
af3d4eec0d Include length with virSocketAddr data
Some operations on socket addresses need to know the length of
the sockaddr struct for the particular address family. This
info was being discarded when passing around virSocketAddr
instances. Turn it from a union into a struct containing
union+socklen_t fields, so length is always kept around.

* src/util/network.h: Add socklen_t field to virSocketAddr
* src/util/network.c, src/network/bridge_driver.c,
  src/conf/domain_conf.c: Update to take account of new
  struct definition.
2010-10-22 11:15:36 +01:00
Daniel P. Berrange
9e42b40a95 Remove useless code in error path of getnameinfo()
If getnameinfo() with NI_NUMERICHOST set fails, there are no
grounds to expect inet_ntop to succeed, since these calls
are functionally equivalent. Remove useless inet_ntop code
in the getnameinfo() error path.

* daemon/remote.c, src/remote/remote_driver.c: Remove
  calls to inet_ntop
2010-10-22 11:15:14 +01:00
Eric Blake
134bcb62db maint: sort private sym lists
* src/libvirt_private.syms: Sort by header name, then within
header, and drop duplicate virNetworkDefParseNode,
virFileLinkPointsTo and virXPathBoolean.
2010-10-21 08:28:01 -06:00
Daniel P. Berrange
aa1e3f6706 Enable JSON and netdev features in QEMU >= 0.13
The QEMU 0.13 release is finally out and from testing in RHEL-6
we know that its JSON and netdev features are now good enough
for us to use by default.

* src/qemu/qemu_conf.c: Enable JSON + netdev for QEMU >= 0.13
2010-10-21 11:16:22 +01:00
Eric Blake
f1eb9ed954 audit: simplify declaration
* src/util/virtaudit.c (virAuditSend): one less ifdef, since gcc
does not care if an ATTRIBUTE_UNUSED var gets used in some paths.
2010-10-20 12:21:52 -06:00
Matthias Bolte
a1109a7c7c qemu: Exit on first error in qemuDomainGetMemoryParameters
There is no point in trying to fill params beyond the first error,
because when qemuDomainGetMemoryParameters returns -1 then the caller
cannot detect which values in params are valid.
2010-10-20 19:33:11 +02:00
Matthias Bolte
916f95b7aa Rename VIR_DOMAIN_SWAP_HARD_LIMIT to VIR_DOMAIN_MEMORY_SWAP_HARD_LIMIT
To get them under the common VIR_DOMAIN_MEMORY_* prefix.
2010-10-20 19:33:11 +02:00
Matthias Bolte
e05cdac855 Fix formatting of the memtune XML element
Also output the min_guarantee element when set.
2010-10-20 19:33:11 +02:00
John Morrissey
c08c7b0143 Add process= support for 'qemu-kvm -name'
This sets the process name to the same value as the Windows title,
but since the name is limited to 16 chars only this is kept as a
configuration option and turned off by default
* src/qemu/qemu.conf src/qemu/qemu_conf.[ch]: hceck for support in the
  QEmu help output, add the option in qemu conf file and augment
  qemudBuildCommandLine to add it if switched on
* src/qemu/libvirtd_qemu.aug src/qemu/test_libvirtd_qemu.aug: augment
  the augeas lenses accordingly
* tests/qemuhelptest.c: cope with the extra flag being detected now
2010-10-20 10:30:30 +02:00
Stefan Berger
c2fbdf1088 nwfilter: avoid dir. enforcement for certain types of rules
Avoid the enforcement of direction if
- icmp rules specify the type/code information
- the 'skipMatch' variable is set to 'true'
2010-10-19 19:25:37 -04:00
Guido Günther
679b464bd4 Don't fail lxc domain start when memory controller support is missing
Debian stock kernel has CONFIG_CGROUP_MEM_RES_CTLR disabled due to the
overhead [1]. Allow to start containers if the corresponding files in
the cgroup filesystem are missing. This fixes Debian bug #566180 [2].

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534964
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566180
2010-10-19 21:29:12 +02:00
Matthias Bolte
83e5711418 Fix compile errors in remote.c and newly added audit code 2010-10-19 19:01:26 +02:00
Daniel P. Berrange
9bd3cce0d2 Fix symbol exports & remove duplicated libvirt_util.la linkage
The libvirt_util.la library was mistakenly linked into libvirtd
directly. Since libvirt_util.la is already linked to libvirt.so,
this resulted in libvirtd getting two copies of the code and
more critically 2 copies of static global variables.

Testing in turn exposed a issue with loadable modules. The
gnulib replacement functions are not exported to loadable
modules. Rather than trying to figure out the name sof all
gnulib functions & export them, just linkage all loadable
modules against libgnu.la statically.

* daemon/Makefile.am: Remove linkage of libvirt_util.la
  and libvirt_driver.la
* src/Makefile.am: Link driver modules against libgnu.la
* src/libvirt.c: Don't try to load modules which were
  compiled out
* src/libvirt_private.syms: Export all other internal
  symbols that are required  by drivers
2010-10-19 17:31:31 +01:00
Miloslav Trmač
b8e2de8899 Audit SELinux label assignment.
A more natural auditing point would perhaps be
SELinuxSetSecurityProcessLabel, but this happens in the child after root
permissions are dropped, so the kernel would refuse the audit record.
2010-10-19 17:31:31 +01:00
Miloslav Trmač
a8b5f9bd27 Audit VM start/stop/suspend/resume
Most operations are audited at the libvirtd level; auditing in
src/libvirt.c would result in two audit entries per operation (one in
the client, one in libvirtd).

The only exception is a domain stopping of its own will (e.g. because
the user clicks on "shutdown" inside the interface).  There can often be
no client connected at the time the domain stops, so libvirtd does not
have any virConnectPtr object on which to attach an event watch.  This
patch therefore adds auditing directly inside the qemu driver (other
drivers are not supported).
2010-10-19 17:31:31 +01:00
Daniel P. Berrange
8f680ad3b8 Basic framework for auditing integration
Integrate with libaudit.so for auditing of important operations.
libvirtd gains a couple of config entries for auditing. By
default it will enable auditing, if its enabled on the host.
It can be configured to force exit if auditing is disabled
on the host. It will can also send audit messages via libvirt
internal logging API

Places requiring audit reporting can use the VIR_AUDIT
macro to report data. This is a no-op unless auditing is
enabled

* autobuild.sh, mingw32-libvirt.spec.in: Disable audit
  on mingw
* configure.ac: Add check for libaudit
* daemon/libvirtd.aug, daemon/libvirtd.conf,
  daemon/test_libvirtd.aug, daemon/libvirtd.c: Add config
  options to enable auditing
* include/libvirt/virterror.h, src/util/virterror.c: Add
  VIR_FROM_AUDIT source
* libvirt.spec.in: Enable audit
* src/util/virtaudit.h, src/util/virtaudit.c: Simple internal
  API for auditing messages
2010-10-19 17:31:31 +01:00
Eric Blake
b013788742 vcpu: remove dead xen code
* src/xen/xen_driver.h (xenUnifiedDriver): Remove now-unused
domainGetMaxVcpus, domainSetVcpus.
* src/xen/proxy_internal.c (xenProxyDriver): Likewise.
* src/xen/xen_hypervisor.c (xenHypervisorDriver): Likewise.
* src/xen/xen_inotify.c (xenInotifyDriver): Likewise.
* src/xen/xend_internal.c (xenDaemonDriver)
(xenDaemonDomainSetVcpus): Likewise.
* src/xen/xm_internal.c (xenXMDriver, xenXMDomainSetVcpus):
Likewise.
* src/xen/xs_internal.c (xenStoreDriver): Likewise.
2010-10-19 10:07:10 -06:00
Eric Blake
e443a00312 vcpu: improve support for setting xen vcpu counts
Tested with RHEL 5.6 (xendConfigVersion 2, where xend_internal
controls live domains and xm_internal controls inactive domains).
Hopefully this works with xendConfigVersion 3 (where xend_internal
controls everything).

* src/xen/xen_driver.c (xenUnifiedDomainSetVcpusFlags): Support
more flags.
(xenUnifiedGetMaxVcpus): Export.
* src/xen/xm_internal.h (xenXMDomainSetVcpusFlags): New prototype.
* src/xen/xend_internal.h (xenDaemonDomainSetVcpusFlags): Likewise.
* src/xen/xen_driver.h (xenUnifiedGetMaxVcpus): Likewise.
* src/xen/xm_internal.c (xenXMDomainSetVcpusFlags): New function.
* src/xen/xend_internal.c (xenDaemonDomainSetVcpusFlags): Likewise.
2010-10-19 10:07:02 -06:00
Eric Blake
290ea33111 vcpu: improve support for getting xen vcpu counts
* src/xen/xen_driver.c (xenUnifiedDomainGetVcpusFlags): Support
more flags.
* src/xen/xend_internal.h (xenDaemonDomainGetVcpusFlags): New
prototype.
* src/xen/xm_internal.h (xenXMDomainGetVcpusFlags): Likewise.
* src/xen/xend_internal.c (virDomainGetVcpusFlags): New function.
* src/xen/xm_internal.c (xenXMDomainGetVcpusFlags): Likewise.
2010-10-19 10:06:55 -06:00
Eric Blake
0fab10e5ed vcpu: improve vcpu support in xen command line
This patch series focuses on xendConfigVersion 2 (xm_internal) and 3
(xend_internal), but leaves out changes for xenapi drivers.

See this link for more details about vcpu_avail for xm usage.
http://lists.xensource.com/archives/html/xen-devel/2009-11/msg01061.html

This relies on the fact that def->maxvcpus can be at most 32 with xen.

* src/xen/xend_internal.c (xenDaemonParseSxpr)
(sexpr_to_xend_domain_info, xenDaemonFormatSxpr): Use vcpu_avail
when current vcpus is less than maximum.
* src/xen/xm_internal.c (xenXMDomainConfigParse)
(xenXMDomainConfigFormat): Likewise.
* tests/xml2sexprdata/xml2sexpr-pv-vcpus.sexpr: New file.
* tests/sexpr2xmldata/sexpr2xml-pv-vcpus.sexpr: Likewise.
* tests/sexpr2xmldata/sexpr2xml-pv-vcpus.xml: Likewise.
* tests/xmconfigdata/test-paravirt-vcpu.cfg: Likewise.
* tests/xmconfigdata/test-paravirt-vcpu.xml: Likewise.
* tests/xml2sexprtest.c (mymain): New test.
* tests/sexpr2xmltest.c (mymain): Likewise.
* tests/xmconfigtest.c (mymain): Likewise.
2010-10-19 10:06:45 -06:00
Eric Blake
28a3605906 vcpu: complete vcpu support in qemu driver
* src/qemu/qemu_driver.c (qemudDomainSetVcpusFlags)
(qemudDomainGetVcpusFlags): Support all feasible flag
combinations.
2010-10-19 10:06:38 -06:00
Eric Blake
d67c189e80 vcpu: improve vcpu support in qemu command line
* src/qemu/qemu_conf.c (qemuParseCommandLineSmp): Distinguish
between vcpus and maxvcpus, for new enough qemu.
* tests/qemuargv2xmltest.c (mymain): Add new test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2xmltest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-smp.args: New file.
2010-10-19 10:06:33 -06:00
Eric Blake
6c9e6b9564 vcpu: support all flags in test driver
* src/test/test_driver.c (testDomainGetVcpusFlags)
(testDomainSetVcpusFlags): Support all flags.
(testDomainUpdateVCPUs): Update cpu count here.
2010-10-19 10:06:25 -06:00
Eric Blake
4617eedfae vcpu: support maxvcpu in domain_conf
Although this patch adds a distinction between maximum vcpus and
current vcpus in the XML, the values should be identical for all
drivers at this point.  Only in subsequent per-driver patches will
a distinction be made.

In general, virDomainGetInfo should prefer the current vcpus.

* src/conf/domain_conf.h (_virDomainDef): Adjust vcpus to unsigned
short, to match virDomainGetInfo limit.  Add maxvcpus member.
* src/conf/domain_conf.c (virDomainDefParseXML)
(virDomainDefFormat): parse and print out vcpu details.
* src/xen/xend_internal.c (xenDaemonParseSxpr)
(xenDaemonFormatSxpr): Manage both vcpu numbers, and require them
to be equal for now.
* src/xen/xm_internal.c (xenXMDomainConfigParse)
(xenXMDomainConfigFormat): Likewise.
* src/phyp/phyp_driver.c (phypDomainDumpXML): Likewise.
* src/openvz/openvz_conf.c (openvzLoadDomains): Likewise.
* src/openvz/openvz_driver.c (openvzDomainDefineXML)
(openvzDomainCreateXML, openvzDomainSetVcpusInternal): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainDumpXML, vboxDomainDefineXML):
Likewise.
* src/xenapi/xenapi_driver.c (xenapiDomainDumpXML): Likewise.
* src/xenapi/xenapi_utils.c (createVMRecordFromXml): Likewise.
* src/esx/esx_vmx.c (esxVMX_ParseConfig, esxVMX_FormatConfig):
Likewise.
* src/qemu/qemu_conf.c (qemuBuildSmpArgStr)
(qemuParseCommandLineSmp, qemuParseCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemudDomainHotplugVcpus): Likewise.
* src/opennebula/one_conf.c (xmlOneTemplate): Likewise.
2010-10-19 10:05:51 -06:00
Eric Blake
50c51f13e2 vcpu: make old API trivially wrap to new API
Note - this wrapping is completely mechanical; the old API will
function identically, since the new API validates that the exact
same flags are provided by the old API.  On a per-driver basis,
it may make sense to have the old API pass a different set of flags,
but that should be done in the per-driver patch that implements
the full range of flag support in the new API.

* src/esx/esx_driver.c (esxDomainSetVcpus, escDomainGetMaxVpcus):
Move guts...
(esxDomainSetVcpusFlags, esxDomainGetVcpusFlags): ...to new
functions.
(esxDriver): Trivially support the new API.
* src/openvz/openvz_driver.c (openvzDomainSetVcpus)
(openvzDomainSetVcpusFlags, openvzDomainGetMaxVcpus)
(openvzDomainGetVcpusFlags, openvzDriver): Likewise.
* src/phyp/phyp_driver.c (phypDomainSetCPU)
(phypDomainSetVcpusFlags, phypGetLparCPUMAX)
(phypDomainGetVcpusFlags, phypDriver): Likewise.
* src/qemu/qemu_driver.c (qemudDomainSetVcpus)
(qemudDomainSetVcpusFlags, qemudDomainGetMaxVcpus)
(qemudDomainGetVcpusFlags, qemuDriver): Likewise.
* src/test/test_driver.c (testSetVcpus, testDomainSetVcpusFlags)
(testDomainGetMaxVcpus, testDomainGetVcpusFlags, testDriver):
Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainSetVcpus)
(vboxDomainSetVcpusFlags, virDomainGetMaxVcpus)
(virDomainGetVcpusFlags, virDriver): Likewise.
* src/xen/xen_driver.c (xenUnifiedDomainSetVcpus)
(xenUnifiedDomainSetVcpusFlags, xenUnifiedDomainGetMaxVcpus)
(xenUnifiedDomainGetVcpusFlags, xenUnifiedDriver): Likewise.
* src/xenapi/xenapi_driver.c (xenapiDomainSetVcpus)
(xenapiDomainSetVcpusFlags, xenapiDomainGetMaxVcpus)
(xenapiDomainGetVcpusFlags, xenapiDriver): Likewise.
(xenapiError): New helper macro.
2010-10-19 10:03:33 -06:00
Eric Blake
eb826444f9 vcpu: implement the remote protocol
Done by editing the first three files, then running
'make -C src rpcgen', then editing src/remote_protocol-structs
to match.

* daemon/remote.c (remoteDispatchDomainSetVcpusFlags)
(remoteDispatchDomainGetVcpusFlags): New functions.
* src/remote/remote_driver.c (remoteDomainSetVcpusFlags)
(remoteDomainGetVcpusFlags, remote_driver): Client side
serialization.
* src/remote/remote_protocol.x
(remote_domain_set_vcpus_flags_args)
(remote_domain_get_vcpus_flags_args)
(remote_domain_get_vcpus_flags_ret)
(REMOTE_PROC_DOMAIN_SET_VCPUS_FLAGS)
(REMOTE_PROC_DOMAIN_GET_VCPUS_FLAGS): Define wire format.
* daemon/remote_dispatch_args.h: Regenerate.
* daemon/remote_dispatch_prototypes.h: Likewise.
* daemon/remote_dispatch_table.h: Likewise.
* src/remote/remote_protocol.c: Likewise.
* src/remote/remote_protocol.h: Likewise.
* src/remote_protocol-structs: Likewise.
2010-10-19 10:02:33 -06:00
Eric Blake
9d2c607992 vcpu: implement the public APIs
Factors common checks (such as nonzero vcpu count) up front, but
drivers will still need to do additional flag checks.

* src/libvirt.c (virDomainSetVcpusFlags, virDomainGetVcpusFlags):
New functions.
(virDomainSetVcpus, virDomainGetMaxVcpus): Refer to new API.
2010-10-19 10:02:06 -06:00
Eric Blake
dd255d6405 vcpu: define internal driver API
* src/driver.h (virDrvDomainSetVcpusFlags)
(virDrvDomainGetVcpusFlags): New typedefs.
(_virDriver): New callback members.
* src/esx/esx_driver.c (esxDriver): Add stub for driver.
* src/lxc/lxc_driver.c (lxcDriver): Likewise.
* src/opennebula/one_driver.c (oneDriver): Likewise.
* src/openvz/openvz_driver.c (openvzDriver): Likewise.
* src/phyp/phyp_driver.c (phypDriver): Likewise.
* src/qemu/qemu_driver.c (qemuDriver): Likewise.
* src/remote/remote_driver.c (remote_driver): Likewise.
* src/test/test_driver.c (testDriver): Likewise.
* src/uml/uml_driver.c (umlDriver): Likewise.
* src/vbox/vbox_tmpl.c (Driver): Likewise.
* src/xen/xen_driver.c (xenUnifiedDriver): Likewise.
* src/xenapi/xenapi_driver.c (xenapiDriver): Likewise.
2010-10-19 10:00:47 -06:00
Eric Blake
ea3f5c6809 vcpu: add new public API
API agreed on in
https://www.redhat.com/archives/libvir-list/2010-September/msg00456.html,
but modified for enum names to be consistent with virDomainDeviceModifyFlags.

* include/libvirt/libvirt.h.in (virDomainVcpuFlags)
(virDomainSetVcpusFlags, virDomainGetVcpusFlags): New
declarations.
* src/libvirt_public.syms: Export new symbols.
2010-10-19 10:00:17 -06:00
Stefan Berger
7d79da247a nwfilter: changes to rules in VM->host table
In the table built for traffic coming from the VM going to the host make the following changes:

- don't ACCEPT the packets but do a 'RETURN' and let the host-specific firewall rules in subsequent rules evaluate whether the traffic is allowed to enter

- use the '-m state' in the rules as everywhere else
2010-10-19 11:35:58 -04:00
Matthias Bolte
1c61648961 esx: Handle non-UTF-8 encoded VMX files
ESX(i) uses UTF-8, but a Windows based GSX server writes
Windows-1252 encoded VMX files.

Add a test case to ensure that libxml2 provides Windows-1252
to UTF-8 conversion.
2010-10-19 16:29:12 +02:00
Stefan Berger
f04de501bc Introduce VIR_CLOSE to be used rather than close()
Since bugs due to double-closed file descriptors are difficult to track down in a multi-threaded system, I am introducing the VIR_CLOSE(fd) macro to help avoid mistakes here.

There are lots of places where close() is being used. In this patch I am only cleaning up usage of close() in src/conf where the problems were.

I also dare to declare close() as being deprecated in libvirt code base (HACKING).
2010-10-19 10:23:51 -04:00
Dan Kenigsberg
b2c9a87940 root_squash: virFileOperation may fail with EPERM too
Over root-squashing nfs, when virFileOperation() is called as uid==0,
it may fail with EACCES, but also with EPERM, due to
virFileOperationNoFork()'s failed attemp to chown a writable file.

qemudDomainSaveFlag() should expect this case, too.
2010-10-19 15:26:32 +02:00
Dan Kenigsberg
b7bd75c4c0 Run initgroups() in qemudOpenAsUID()
qemudOpenAsUID is intended to open a file with the credentials of a
specified uid. Current implementation fails if the file is accessible to
one of uid's groups but not owned by uid.

This patch replaces the supplementary group list that the child process
inherited from libvirtd with the default group list of uid.
2010-10-19 15:22:57 +02:00
Nikunj A. Dadhania
61dfbf8c3a Update docs for memory parameters and memtune command
* docs/formatdomain.html.in: Add memtune element details, added min_guarantee
* src/libvirt.c: Update virDomainGetMemoryParameters api description, make
  it more clear that the user first needs to call the api to get the number
  of parameters supported and then call again to get the values.
* tools/virsh.pod: Add usage of new command memtune in virsh manpage
2010-10-19 14:27:12 +02:00
Matthias Bolte
6c4b04142b esx: Fix check in esxDomainGetInfo's perf metric handling 2010-10-16 11:39:36 +02:00
Matthias Bolte
b1933e9e6a esx: Explictly declare VMX file content as UTF-8 2010-10-15 17:51:28 +02:00
Laine Stump
d3fec47f81 Fix warning about a non-literal format string in qemu_driver.c 2010-10-15 11:34:38 -04:00
Matthias Bolte
2dd86bbe5a esx: Handle name escaping properly
VMware uses a mix of percent-, pipe- and base64-encoding in
different combinations in different places.

Add a testcase for this.
2010-10-14 22:43:16 +02:00
Stefan Berger
4cfcde2d83 nwfilter: prevent filters with different name but same UUID
Patch to prevent multiple nwfilters with different name but same UUID.
2010-10-14 11:53:08 -04:00
Harsh Prateek Bora
75a6a9a8e0 new attribute accessmode to filesystem element
This introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.

Usage:
        <filesystem type='mount' accessmode='passthrough'>
          <source dir='/export/to/guest'/>
          <target dir='mount_tag'/>
        </filesystem>

passthrough is the default model if not specified, that's
also the current behaviour.
2010-10-14 15:08:24 +02:00
Stefan Berger
2b3df906f3 nwfilter: cut off connections after changing filters
The following filter transition from a filter allowing incoming TCP connections

  <rule action='accept' direction='in' priority='401'>
    <tcp/>
  </rule>
  <rule action='accept' direction='out' priority='500'>
    <tcp/>
  </rule>

to one that does not allow them

  <rule action='drop' direction='in' priority='401'>
    <tcp/>
  </rule>
  <rule action='accept' direction='out' priority='500'>
    <tcp/>
  </rule>

did previously not cut off existing (ssh) connections but only prevented newly initiated ones. The attached patch allows to cut off existing connections as well, thus enforcing what the filter is showing.

I had only tested with a configuration where the physical interface is connected to the bridge where the filters are applied. This patch now also solves a filtering problem where the physical interface is not connected to the bridge, but the bridge is given an IP address and the host routes between bridge and physical interface. Here the filters drop non-allowed traffic on the outgoing side on the host.
2010-10-14 08:54:03 -04:00
Jiri Denemark
f93924f465 qemu: Prohibit migration of guests with host devices
Explicitly raising a nice error in the case user tries to migrate a
guest with assigned host devices is much better than waiting for a
mysterious error with no clue for the reason.
2010-10-14 09:36:54 +02:00
Jiri Denemark
b2de33e2a7 cpu: Use vendor in baseline CPU only if all hosts use it
When only some host CPUs given to cpuBaseline contain <vendor> element,
baseline CPU should not contain it. Otherwise the result would not be
compatible with the host CPUs without vendor. CPU vendors are still
taken into account when computing baseline CPU, it's just removed from
the result.
2010-10-14 09:36:54 +02:00
Jiri Denemark
ac7afbeb9e cpu: Fix vendor for recent CPU models
Recent CPU models were specified using invalid vendor element
<vendor>NAME</vendor>, which was silently ignored due to a bug in the
code which was parsing it.
2010-10-14 09:36:54 +02:00
Eric Blake
450cbebe1c memory: fix remote protocol compilation
'make -C src rpcgen' is supposed to be idempotent.  But commit
f928f43b7b mistakently manually edited a generated file rather
than fixing the upstream file.

* src/remote/remote_protocol.x (remote_memory_param_value): Use
correct spelling of enum values.
* src/remote/remote_protocol.c: Regenerate.
2010-10-13 11:09:40 -06:00
Daniel P. Berrange
f98a6cd6ae Enable support for nested SVM
This enables support for nested SVM using the regular CPU
model/features block. If the CPU model or features include
'svm', then the '-enable-nesting' flag will be added to the
QEMU command line. Latest out of tree patches for nested
'vmx', no longer require the '-enable-nesting' flag. They
instead just look at the cpu features. Several of the models
already include svm support, but QEMU was just masking out
the svm bit silently. So this will enable SVM on such
models

* src/qemu/qemu_conf.h: flag for -enable-nesting
* src/qemu/qemu_conf.c: Use -enable-nesting if VMX or SVM are in
  the CPUID
* src/cpu/cpu.h, src/cpu/cpu.c: API to check for a named feature
* src/cpu/cpu_x86.c: x86 impl of feature check
* src/libvirt_private.syms: Add cpuHasFeature
* src/qemuhelptest.c: Add nesting flag where required
2010-10-13 16:45:31 +01:00
Daniel P. Berrange
3a092f3899 Fix Xen SEXPR generation to properly quote strings containing ()
* src/xen/sexpr.c: Ensure () are escaped in sexpr2string
* tests/sexpr2xmldata/sexpr2xml-boot-grub.sexpr,
  tests/sexpr2xmldata/sexpr2xml-boot-grub.xml,
  tests/xml2sexprdata/xml2sexpr-boot-grub.sexpr,
  tests/xml2sexprdata/xml2sexpr-boot-grub.xml: Data files to
  check escaping
* tests/sexpr2xmltest.c, tests/xml2sexprtest.c: Add boot-grub
  escaping test case
2010-10-13 16:42:48 +01:00
Stefan Berger
4435f3c477 nwfilter: resolve deadlock between VM ops and filter update
This is from a bug report and conversation on IRC where Soren reported that while a filter update is occurring on one or more VMs (due to a rule having been edited for example), a deadlock can occur when a VM referencing a filter is started.

The problem is caused by the two locking sequences of

qemu driver, qemu domain, filter             # for the VM start operation
filter, qemu_driver, qemu_domain            # for the filter update operation

that obviously don't lock in the same order. The problem is the 2nd lock sequence. Here the qemu_driver lock is being grabbed in qemu_driver:qemudVMFilterRebuild()

The following solution is based on the idea of trying to re-arrange the 2nd sequence of locks as follows:

qemu_driver, filter, qemu_driver, qemu_domain

and making the qemu driver recursively lockable so that a second lock can occur, this would then lead to the following net-locking sequence

qemu_driver, filter, qemu_domain

where the 2nd qemu_driver lock has been ( logically ) eliminated.

The 2nd part of the idea is that the sequence of locks (filter, qemu_domain) and (qemu_domain, filter) becomes interchangeable if all code paths where filter AND qemu_domain are locked have a preceding qemu_domain lock that basically blocks their concurrent execution

So, the following code paths exist towards qemu_driver:qemudVMFilterRebuild where we now want to put a qemu_driver lock in front of the filter lock.

-> nwfilterUndefine()   [ locks the filter ]
    -> virNWFilterTestUnassignDef()
        -> virNWFilterTriggerVMFilterRebuild()
            -> qemudVMFilterRebuild()

-> nwfilterDefine()
    -> virNWFilterPoolAssignDef() [ locks the filter ]
        -> virNWFilterTriggerVMFilterRebuild()
            -> qemudVMFilterRebuild()

-> nwfilterDriverReload()
    -> virNWFilterPoolLoadAllConfigs()
        ->virNWFilterPoolObjLoad()
            -> virNWFilterPoolAssignDef() [ locks the filter ]
                -> virNWFilterTriggerVMFilterRebuild()
                    -> qemudVMFilterRebuild()

-> nwfilterDriverStartup()
    -> virNWFilterPoolLoadAllConfigs()
        ->virNWFilterPoolObjLoad()
            -> virNWFilterPoolAssignDef() [ locks the filter ]
                -> virNWFilterTriggerVMFilterRebuild()
                    -> qemudVMFilterRebuild()

Qemu is not the only driver using the nwfilter driver, but also the UML driver calls into it. Therefore qemuVMFilterRebuild() can be exchanged with umlVMFilterRebuild() along with the driver lock of qemu_driver that can now be a uml_driver. Further, since UML and Qemu domains can be running on the same machine, the triggering of a rebuild of the filter can touch both types of drivers and their domains.

In the patch below I am now extending each nwfilter callback driver with functions for locking and unlocking the (VM) driver (UML, QEMU) and introduce new functions for locking all registered callback drivers and unlocking them. Then I am distributing the lock-all-cbdrivers/unlock-all-cbdrivers call into the above call paths. The last shown callpath starting with nwfilterDriverStart() is problematic since it is initialize before the Qemu and UML drives are and thus a lock in the path would result in a NULL pointer attempted to be locked -- the call to virNWFilterTriggerVMFilterRebuild() is never called, so we never lock either the qemu_driver or the uml_driver in that path. Therefore, only the first 3 paths now receive calls to lock and unlock all callback drivers. Now that the locks are distributed where it matters I can remove the qemu_driver and uml_driver lock from qemudVMFilterRebuild() and umlVMFilterRebuild() and not requiring the recursive locks.

For now I want to put this out as an RFC patch. I have tested it by 'stretching' the critical section after the define/undefine functions each lock the filter so I can (easily) concurrently execute another VM operation (suspend,start). That code is in this patch and if you want you can de-activate it. It seems to work ok and operations are being blocked while the update is being done.
I still also want to verify the other assumption above that locking filter and qemu_domain always has a preceding qemu_driver lock.
2010-10-13 10:33:26 -04:00
Guido Günther
94f232bb9b Don't fail on missing D-Bus
We don't fail when we can't contact HAL so we shouldn't fail if we can't
contact D-Bus either.
2010-10-13 14:47:19 +02:00
Daniel Veillard
0df671513d Fixes for documentation extraction
* include/libvirt/libvirt.h.in: some of the function type description
  were broken so they could not be automatically documented
* src/util/event.c docs/apibuild.py: event.c exports one public API
  so it needs to be scanned too, avoid a few warnings
2010-10-13 13:50:07 +02:00
Daniel P. Berrange
a5c646a770 Implement support for virtio plan9fs filesystem passthrough in QEMU
Make use of the existing <filesystem> element to support plan9fs
filesystem passthrough in the QEMU driver

    <filesystem type='mount'>
      <source dir='/export/to/guest'/>
      <target dir='/import/from/host'/>
    </filesystem>

NB, the target is not actually a directory, it is merely a arbitrary
string tag that is exported to the guest as a hint for where to mount
it.
2010-10-13 12:04:50 +01:00
Matthias Bolte
43c2c61f68 Fix several minor problems introduced by the memtune series
Add proper documentation to the new VIR_DOMAIN_MEMORY_* macros in
libvirt.h.in to placate apibuild.py.

Mark args as unused in for libvirt_virDomain{Get,Set}MemoryParameters
in the Python bindings and add both to the libvirtMethods array.

Update remote_protocol-structs to placate make syntax-check.

Undo unintended modifications in vboxDomainGetInfo.

Update the function table of the VirtualBox and XenAPI drivers.
2010-10-12 21:24:11 +02:00
Nikunj A. Dadhania
f928f43b7b Remote protocol implementation of virDomainSet/GetMemoryParameters 2010-10-12 19:26:10 +02:00
Nikunj A. Dadhania
fe3ee289b2 Implement domainGetMemoryParamters for LXC
Driver interface for getting memory parameters, eg. hard_limit,
soft_limit and swap_hard_limit.
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
0cdd1ed91b Implement domainSetMemoryParamters for LXC
Add support in the lxc driver for various memory controllable parameters
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
809e143004 Adding memtunables to libvirt-lxc command
libvirt-lxc now configures the hardlimit, softlimit and swaplimit, if
specified in the domain xml file or picks up the defaults.
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
261ad74e52 Adding memtunables to qemuSetupCgroup
QEmu startup will pick up the memory tunables specified in the domain
configuration file
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
013fe4b848 Implement domainGetMemoryParamters for QEmu
Driver interface for getting memory parameters, eg. hard_limit,
soft_limit and swap_hard_limit based on cgroup support
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
71d0b4275d Implement domainSetMemoryParamters for QEmu
Driver interface for setting memory hard_limit, soft_limit and swap
hard_limit based on cgroup support
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
5f481e4df1 Implement cgroup memory controller tunables
Provides interfaces for setting/getting memory tunables like hard_limit,
soft_limit and swap_hard_limit
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
d390fce413 XML parsing for memory tunables
Adding parsing code for memory tunables in the domain xml file
also change the internal define structures used for domain memory
informations
Adds a new specific test
2010-10-12 19:26:09 +02:00
Nikunj A. Dadhania
0cd7823271 Adding virDomainSetMemoryParameters and virDomainGetMemoryParameters API
Public api to set/get memory tunables supported by the hypervisors.

dv:
* some cleanups in libvirt.c
* adding extra checks in libvirt.c new entry points

v4:
* Move exporting public API to this patch
* Add unsigned int flags to the public api for future extensions

v3:
* Add domainGetMemoryParamters and NULL in all the driver interface

v2:
* Initialize domainSetMemoryParameters to NULL in all the driver
  interface structure.
2010-10-12 19:26:09 +02:00
Jiri Denemark
a4deed4a07 cpu: Remove redundant features
Some features provided by the recently added CPU models were mentioned
twice for each model. This was a result of automatic generation of the
XML from qemu's CPU configuration file without noticing this redundancy.
2010-10-12 17:56:21 +02:00
Eric Blake
412b62d2a3 util: add missing export
Commit 1fe2927a3 forgot to export a symbol.

* src/libvirt_private.syms (virHexToBin): Add.
* src/.gitignore: Ignore temporary file.
2010-10-12 09:42:18 -06:00
Daniel P. Berrange
95ff6b18ec Set sensible defaults for cpu match and feature policy
To enable the CPU XML from the capabilities to be pasted directly
into the guest XML with no editing, pick a sensible default for
match and feature policy. The CPU match will be exact and the
feature policy will be require. This should ensure safety for
migration and give DWIM semantics for users

* src/conf/cpu_conf.c: Default to exact match and require policy
* docs/formatdomain.html.in: Document new defaults
2010-10-12 11:27:58 +01:00
Jiri Denemark
093973aabe xen: Fix virDomain{At,De}tachDevice
According to API documentation virDomain{At,De}tachDevice calls are
supposed to only work on active guests for device hotplug. For anything
beyond that, their *Flags variants have to be used.

Despite the variant which was acked on libvirt mailing list
(https://www.redhat.com/archives/libvir-list/2010-January/msg00385.html)
commit ed9c14a7ef (by Jim Fehlig)
introduced automagic behavior of these API calls for xen driver. Since
January, these calls always change persistent configuration of a guest
and if the guest is currently active, they also hot(un)plug the device.

That change didn't follow API documentation and also broke device
hot(un)plug for older xend implementations which do not support changing
persistent configuration of a guest and hot(un)plugging in one step.

This patch should not break anything for active guests. On the other
hand, changing inactive guests is not supported any more.
2010-10-12 12:16:12 +02:00
Jiri Denemark
e2856d36a5 xen: xenXMDomain*DeviceFlags should obey all flags
xenXMDomain*DeviceFlags() silently ignores requests to modify live
configuration of an active guest while still touching its persistent
configuration.
2010-10-12 12:16:12 +02:00
Jiri Denemark
6ab99b8a43 xen: Fix logic bug in xenDaemon*DeviceFlags 2010-10-12 12:16:12 +02:00
Jiri Denemark
28160e2264 xen: Make xenDaemon*DeviceFlags errors less confusing
When a user calls to virDomain{Attach,Detach,Update}DeviceFlags() with
flags == VIR_DOMAIN_DEVICE_MODIFY_LIVE on an inactive guest running on
an old Xen hypervisor (such as RHEL-5) xend_internal driver reports:

    Xend version does not support modifying persistent config

which is pretty confusing since no-one requested to modify persistent
config.
2010-10-12 12:16:12 +02:00
Guido Günther
2ae5086c97 Return a suitable error message if we can't find a matching emulator 2010-10-12 09:07:53 +02:00
Guido Günther
b2d7cedeb9 Pass -n to ip(6)tables
to avoid long timeouts waiting for DNS servers
2010-10-08 23:54:03 +02:00
Stefan Berger
5b0c71ee07 nwfilter: Instantiate state match in ip(6)tables rules
In this patch I am extending the rule instantiator to create the state
match according to the state attribute in the XML. Only one iptables
rule in the incoming or outgoing direction will be created for a rule
in direction 'in' or 'out' respectively. A rule in direction 'inout' does
get iptables rules in both directions.
2010-10-07 06:41:37 -04:00
Stefan Berger
1be31f5479 nwfilter: Extend XML parser and gen. to support state attr.
The patch below extends the XML parser and generator so that every l3 protocol
now can have a state attribute.
2010-10-07 06:37:31 -04:00
Jiri Denemark
ad4cb9056a xen: Fix bogus error when attaching a device
The xm internal xen driver only supports disk and network devices to be
added to a guest. On an attempt to attach any other device the xm driver
used VIR_ERR_XML_ERROR which resulted in a completely bogus error
message:

error: Failed to attach device from pci.xml
error: XML description for unknown device is not well formed or invalid
2010-10-05 19:08:46 +02:00
Stefan Berger
2e224f197c nwfilter: fix memory leaks
Fixing memory leak shown by valgrind and freeing buffer in two more places.
2010-10-04 06:34:05 -04:00
Matthias Bolte
02e11b8353 esx: Add support for virtual serial device network backing
Since version 4.1 ESX(i) can expose virtual serial devices over TCP.

Add support in the VMX handling code for this, add test cases to cover
it and add links to some documentation.

ESX supports two additional protocols: TELNETS and TLS. Add them to
the list of serial-over-TCP protocols.
2010-10-01 23:38:23 +02:00
Eric Blake
62a50a0b80 vcpu: improve cpuset attribute
The <vcpu cpuset=...> attribute has been available since commit
e193b5dd, but without documentation or RNG validation.

* docs/schemas/domain.rng (vcpu): Further validate cpuset.
* docs/formatdomain.html.in: Document it.
* src/conf/domain_conf.c: Fix typos.
2010-10-01 12:08:34 -06:00
Matthias Bolte
53a2f725ad phyp: Verify that domain XML contains at least one disk element
phypBuildLpar expects that at least one disk element is provided.
2010-10-01 10:34:44 +02:00
Jamie Strandboge
593e0072eb implement usb and pci hot attach in AppArmor driver
Description: Implement AppArmorSetSecurityHostdevLabel() and
AppArmorRestoreSecurityHostdevLabel() for hostdev and pcidev attach.

virt-aa-helper also has to be adjusted because *FileIterate() is used for pci
and usb devices and the corresponding XML for hot attached hostdev and pcidev
is not in the XML passed to virt-aa-helper. The new '-F filename' option is
added to append a rule to the profile as opposed to the existing '-f
filename', which rewrites the libvirt-<uuid>.files file anew. This new '-F'
option will append a rule to an existing libvirt-<uuid>.files if it exists,
otherwise it acts the same as '-f'.

load_profile() and reload_profile() have been adjusted to add an 'append'
argument, which when true will use '-F' instead of '-f' when executing
virt-aa-helper.

All existing calls to load_profile() and reload_profile() have been adjusted
to use the old behavior (ie append==false) except AppArmorSetSavedStateLabel()
where it made sense to use the new behavior.

This patch also adds tests for '-F'.

Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/640993
2010-09-30 14:54:56 -06:00
Stefan Berger
b00f41a1d2 nwfilter: Instantiate comments in ip(6)tables rules
In this patch I am extending the rule instantiator to create the comment
node where supported, which is the case for iptables and ip6tables.

Since commands are written in the format

cmd='iptables ...-m comment --comment \"\" '

certain characters ('`) in the comment need to be escaped to
prevent comments from becoming commands themselves or cause other
forms of (bash) substitutions. I have tested this with various input and in
my tests the input made it straight into the comment. A test case for TCK
will be provided separately that tests this.
2010-09-30 15:56:09 -04:00
Stefan Berger
ec3d03db88 nwfilter: Extend XML parser and generator w/ comment attribute
The patch below extends the XML parser and generator so that every protocol
now can have a comment node. Comments are limited to 256 characters.
2010-09-30 15:46:10 -04:00
Eduardo Otubo
ee2cb9835f phyp: Checking for NULL values when building new guest
When creating a new gust, the function phypBuildLpar() was not
checking for NULL values

src/phyp/phyp_driver.c: check the definition arguments to avoid a segmentation
  fault in phypBuildLpar()
2010-09-29 16:54:39 +02:00
Justin Clift
48005255b0 nwfilter: remove recently added workaround define for macos x
This reverses commit 04c3704, which added a define to nwfilter to
allow libvirtd compilation on Mac OS X.  Stefan Bergers commit, 2e7294d,
is the proper solution, removing the requirement for nwfilter on non-Linux.
2010-09-28 22:41:11 +10:00
Justin Clift
04c3704e70 nwfilter: add a missing define, so libvirtd builds on macos x
The nwfilter code uses ETH_ALEN, which isn't defined on MacOS X.
This is a simple workaround, to add it when missing.
2010-09-28 01:31:52 +10:00
Stefan Berger
570d040435 nwfilter: report if ip(6)tables rules would not be active
The patch below reports a warning in the log if the generated ip(6)tables rules would not be effective due to the proc filesystem entries

    /proc/sys/net/bridge/bridge-nf-call-iptables
    /proc/sys/net/bridge/bridge-nf-call-ip6tables

containing a '0'. The warning tells the user what to do. I am rate-limiting the warning message to appear only every 10 seconds.
2010-09-24 12:06:17 -04:00
Jamie Strandboge
2e5e614e6b app-armor: add 'rw' for appropriate devices
Description: Check for VIR_DOMAIN_CHR_TYPE in serial ports and add 'rw' for
defined serial ports, parallel ports and channels

Bug-Ubuntu: LP: #578527, LP: #609055
2010-09-23 11:22:44 -06:00
Philipp Hahn
4dfde8cd6f Fix spelling of Xen in comments 2010-09-23 17:22:03 +02:00
Eric Blake
76d87a5959 maint: update to latest gnulib
* .gnulib: Update to latest.
* bootstrap.conf (gnulib_modules): Add new termios module.
(gnulib_tool_option_extras): Make libtool usage explicit.
* src/util/util.c (includes): Gnulib now guarantees termios.h.
* bootstrap: Resync from gnulib.
2010-09-23 08:15:16 -06:00
Matthias Bolte
0f9c246028 esx: Allow '-' in VMX entry names
Add a test for this.

Reported by Frank Dirks.
2010-09-23 10:37:10 +02:00
Chris Wright
12172d18ce pciFindStubDriver should return NULL on error
pciFindStubDriver currently returns 0 in one of the error cases.
While it's correct...NULL is more readable.

Signed-off-by: Chris Wright <chrisw@redhat.com>
2010-09-22 17:22:09 -06:00
Daniel P. Berrange
3a73eaeb61 Make SASL work over UNIX domain sockets
The addrToString methods were not coping with UNIX domain sockets
which have no normal host+port address. Hardcode special handling
for these so that SASL routines can work over UNIX sockets. Also
fix up SSF logic in remote client so that it presumes that a UNIX
socket is secure

* daemon/remote.c: Fix addrToString for UNIX sockets.
* src/remote/remote_driver.c: Fix addrToString for UNIX sockets
  and fix SSF logic to work for TLS + UNIX sockets in the same
  manner
2010-09-22 17:52:25 +01:00
Eric Blake
be026480f9 nodeinfo: work when hot-plugging is disabled
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=635857.

* src/nodeinfo.c (cpu_online): Allow missing directory for all
CPUs, not just cpu0.

Signed-off-by: Eric Blake <eblake@redhat.com>
2010-09-22 07:46:10 -06:00
Stefan Berger
6eddbb0d3b This patch fixes a bug appearing on big endian machines where the returned XML is not the one that is expected (see test/nwfilterxml2xmltest). The problem is due to for example the casting of pointers to unsigned integers to void * and then back to 16 bit integers. 2010-09-22 06:24:19 -04:00
Eric Blake
8ae354f41b build: avoid non-portable IPv6 struct member, for MacOS X
* src/util/network.c (getIPv6Addr): Manually join s6_addr bytes,
instead of assuming s6_addr16 shorts.
Reported by Justin Clifton; solution suggested by Bruno Haible.
2010-09-15 14:50:51 -06:00
Soren Hansen
38ba6e16ea Rebuild network filter for UML guests on updates
When nwfilter support was added to UML, I didn't realise the UML driver
needed instrumentation to make updating nwfilters on the fly work. This
patch adds this bit of glue.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-09-14 09:17:41 -06:00
Eric Blake
249a5b35f2 build: use portable sed expressions
* src/Makefile.am (libvirt.def, libvirt_qemu.def): '\}' and '\t'
are not required by POSIX.  Use '}' and literal tab instead.
(install-data-local): Avoid sed -i.
* tests/read-bufsiz: Likewise.
Reported by Mitchell Hashimoto.
2010-09-14 08:42:10 -06:00
Cole Robinson
18af6f4e64 buf: Fix possible infinite loop in EscapeString, VSnprintf
The current code will go into an infinite loop if the printf generated
string is >= 1000, AND exactly 1 character smaller than the amount of free
space in the buffer. When this happens, we are dropped into the loop body,
but nothing will actually change, because count == (buf->size - buf->use - 1),
and virBufferGrow returns unchanged if count < (buf->size - buf->use)

Fix this by removing the '- 1' bit from 'size'. The *nprintf functions handle
the NULL byte for us anyways, so we shouldn't need to manually accommodate
for it.

Here's a bug where we are actually hitting this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=602772

v2: Eric's improvements: while -> if (), remove extra va_list variable,
    make sure we report buffer error if snprintf fails

v3: Add tests/virbuftest which reproduces the infinite loop before this
    patch, works correctly after
2010-09-10 10:05:43 -04:00
Guido Günther
8a70113a99 Fix block statistics with newer versions of Xen
Apparently the xen block device statistics moved from
"/sys/devices/xen-backend/vbd-%d-%d/statistics/%s"
to
"/sys/bus/xen-backend/devices/vbd-%d-%d/statistics/%s"

* src/xen/block_stats.c: try the extra path in case of failure to
  find the statistics in /sys
2010-09-10 15:57:35 +02:00
Daniel P. Berrange
48ab20999f Fix off-by-1 in QEMU boot arg array handling
A QEMU guest can have upto VIR_DOMAIN_BOOT_LAST boot entries
defined. When building the QEMU arg, each entry takes a
single byte. This means the array must be declared to be
VIR_DOMAIN_BOOT_LAST+1 bytes in length to allow for the
trailing null

* src/qemu/qemu_conf.c: Fix off-by-1 boot arg array size
2010-09-10 11:14:01 +01:00
Jiri Denemark
df990b445b bridge: Fix static-only DHCP configuration
For static-only DHCP, i.e. with no <range> but at least one <host>
element within <dhcp> element, we have to add "--dhcp-range IP,static"
option to dnsmasq to actually enable the service. Without this option,
dnsmasq will not respond to DHCP requests.
2010-09-10 09:34:18 +02:00
Luiz Capitulino
e70880c51b qemu: qemuMonitorJSONEjectMedia(): Fix arguments' type
QMP in QEMU 0.13 has been fixed to enforce type correctness,
this means that boolean types must be true or false, not
integers.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2010-09-09 16:29:40 -06:00
Luiz Capitulino
ffefe5fb86 qemu: qemuMonitorJSONMigrate(): Fix arguments' type
QMP in QEMU 0.13 has been fixed to enforce type correctness,
this means that boolean types must be true or false, not
integers.

Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
2010-09-09 16:29:27 -06:00
Soren Hansen
f68fd1472c Add nwfilter support to UML driver
Extend user-mode-linux driver to support nwfilter.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-09-09 15:08:36 -06:00
Matthias Bolte
8eac26214d test: Don't overwrite storage volume target path and key
Only generate target path and key when they are not defined
in the XML config.
2010-09-09 22:05:47 +02:00
Matthias Bolte
5699034b65 esx: Use SessionIsActive when available
Before this commit SessionIsActive was not used because ESX(i)
doesn't implement it. vCenter supports SessionIsActive, so use
it here, but keep the fall back mechanism for ESX(i) and GSX.
2010-09-08 00:20:29 +02:00
Matthias Bolte
8fdb0b0c84 esx: Fall back to path as key when QueryVirtualDiskUuid isn't available
QueryVirtualDiskUuid is only available on an ESX(i) server. vCenter
returns an NotImplemented fault and a GSX server is missing the
VirtualDiskManager completely. Therefore only use QueryVirtualDiskUuid
with an ESX(i) server and fall back to path as storage volume key for
vCenter and GSX server.
2010-09-07 19:46:07 +02:00
Matthias Bolte
635f01ae28 esx: Use the VirtualDisk UUID as storage volume key
VirtualDisks are .vmdk file based. Other files in a datastore
like .iso or .flp files don't have a UUID attached, fall back
to the path as key for them.
2010-09-04 00:36:15 +02:00
Matthias Bolte
e5a3c0b35d esx: Add .vmdk storage volume creation 2010-09-03 23:17:38 +02:00
Jean-Baptiste Rouault
9a4b705f74 OpenVZ: add ethernet interface type support
This patch adds support for ethernet interface type to OpenVZ domains
as stated in this previous message: http://www.redhat.com/archives/libvir-
list/2010-July/msg00658.html
2010-09-03 14:05:44 -06:00
Eric Blake
2ce55fe77e build: avoid uninitialized variable warning
* src/vbox/vbox_tmpl.c (vboxAttachDrives): Capture return value.
2010-09-03 09:44:49 -06:00
Matthias Bolte
847689129c esx: Rework datastore path parsing and handling
Instead of splitting the path part of a datastore path into
directory and file name, keep this in one piece. An example:

  "[datastore] directory/file"

was split into this before:

  datastoreName = "datastore"
  directoryName = "directory"
  fileName = "file"

Now it's split into this:

  datastoreName = "datastore"
  directoryName = "directory"
  directoryAndFileName = "directory/file"

This simplifies code using esxUtil_ParseDatastorePath, because
directoryAndFileName is used more often than fileName. Also the
old approach expected the datastore path to reference an actual
file, but this isn't always correct, especially when listing
volumes. In that case esxUtil_ParseDatastorePath is used to parse
a path that references a directory. This fails for a vpx://
connection because the vCenter returns directory paths with a
trailing '/'. The new approach is robust against this and the
actual decision if the datastore path should reference a file or
a directory is up to the caller of esxUtil_ParseDatastorePath.

Update the tests accordingly.
2010-09-03 00:38:22 +02:00
Eric Blake
2af93cd43c vbox: factor a large function
* src/vbox/vbox_tmpl.c (vboxDomainDefineXML): Split...
(vboxSetBootDeviceOrder, vboxAttachDrives, vboxAttachSound)
(vboxAttachNetwork, vboxAttachSerial, vboxAttachParallel)
(vboxAttachVideo, vboxAttachDisplay, vboxAttachUSB): ...into new
helper functions.
2010-09-02 15:50:45 -06:00
Eric Blake
f694036f2d lxc: avoid large stacks with veth creation
* src/lxc/veth.h (vethCreate): Change prototype.
* src/lxc/veth.c (vethCreate): Always malloc veth2, and allocate
veth1 if needed.
(getFreeVethName): Adjust signature, and use virAsprintf.
* src/lxc/lxc_driver.c (lxcSetupInterfaces): Adjust caller.
2010-09-02 15:48:24 -06:00
Matthias Bolte
1504cc4f02 esx: Fix generator for string return values
Distinguish between strings as parameters (const char *)
and strings as return values (char **).
2010-09-02 12:36:11 +02:00
Eric Blake
a9afbf4fc5 openvz: use virAsprintf to avoid large stacks
* src/openvz/openvz_conf.c (openvzLocateConfFile): Alter
signature.
(openvzGetVPSUUID, openvzSetDefinedUUID)
(openvzWriteVPSConfigParam, openvzReadVPSConfigParam)
(openvzCopyDefaultConfig): Adjust callers.
2010-09-01 16:29:59 -06:00
Eric Blake
c6e8e26edf openvz: formatting cleanups
* src/openvz/openvz_conf.c: Whitespace fixes.
* src/openvz/openvz_driver.c: Likewise.
2010-09-01 16:18:22 -06:00
Eric Blake
ff82941604 network: use virAsprintf when appropriate
* src/conf/network_conf.c (virNetworkAllocateBridge): Avoid
limited buffer from snprintf.
2010-09-01 15:56:49 -06:00
Soren Hansen
9c4f62ae61 Use global directory as UML's monitorDir for privileged connections
For privileged UML connections (uml:///system), we shouldn't use root's
home dir, but rather somewhere in /var/run/libvirt/uml-guest.

https://bugzilla.redhat.com/show_bug.cgi?id=499536

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-31 10:28:57 -06:00
Soren Hansen
0a58eed3d9 Explicitly pass uml_dir argument to user-mode-linux
uml_dir overrides user-mode-linux's default of ~/.uml. This is needed
for a couple of different reasons:

libvirt expects this to default to virGetUserDirectory(geteuid()) +
'/.uml'. However, user-mode-linux actually uses the HOME environment
variable to determine where to look for the uml sockets, but if running
libvirtd under sudo (which I routinely do during development), $HOME is
pointing at my user's homedir, while my euid is 0, so libvirt looks in
/root.

Also (and this was my actual motivation for this patch), if HOME isn't
set at all, user-mode-linux utterly fails. Looking at the code, it seems
it's meant to emit a warning, but alas, it doesn't for some reason.
If running libvirtd from upstart, HOME is not set, so any system using
upstart will need this change.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-31 10:13:05 -06:00
Jim Fehlig
2b3109e2bd Add blktap2 support to xend driver
Xen4.0 includes a new blktap2 implementation, which is specified
with 'tap2' prefix.  AFAICT it's configuration syntax is identical
to blktap, with exception of 'tap2' vs 'tap' prefix.  This patch
takes the simple approach of accepting and generating sexp
containing 'tap2' prefix.
2010-08-31 09:51:05 -06:00
Matthias Bolte
4aad5fbb96 esx: Map the .vmx annotation to the domain XML description
Take care of escaping '"' and '|' (the escape character).

Add tests for this.
2010-08-30 22:22:03 +02:00
Matthias Bolte
1fe2927a34 Move hextobin as virHexToBin to util.c
virHexToBin will be used in the .vmx handling code.
2010-08-30 22:21:54 +02:00
Eduardo Otubo
09d37bdef5 PHYP: Bad comparison when checking for existing domain name
When creating a new domain from XML, the check for an existing
domain name should compare the return of the function to a valid
LPAR ID (!= -1) and not to error (== -1).
2010-08-27 12:19:10 +02:00
Matthias Bolte
e1bd99ab7e esx: Fix esxVI_BuildSelectSet's invalid argument check
The check was altered in 8c48743b97
and got too strict, I've no clue how that snuck in. This check
makes every try to open a connection using the ESX driver fail
with an invalid argument error.

Revert the change to the check and add a comment to prevent future
mistakes with this check.
2010-08-27 00:07:23 +02:00
Matthias Bolte
681ff75e88 esx: Add read-only storage volume access
This allows to list existing volumes and to retrieve information
about them.
2010-08-26 23:19:55 +02:00
Soren Hansen
5c3eec9ffb Support virDomainAttachDevice and virDomainDetachDevice for disks in UML
UML supports hot plugging and unplugging of various devices. This patch
exposes this functionality for disks.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-24 23:34:28 +02:00
Soren Hansen
efe4e210b8 Rename qemudShrinkDisks to virDomainDiskRemove and move to domain_conf.c
Other drivers will need this same functionality, so move it to up to
conf/domain_conf.c and give it a more general name.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-24 20:17:48 +02:00
Daniel P. Berrange
628c935747 Fix handling of sparse NUMA topologies
When finding a sparse NUMA topology, libnuma will return ENOENT
the first time it is invoked. On subsequent invocations it
will return success, but with an all-1's CPU mask. Check for
this, to avoid polluting the capabilities XML with 4096 bogus
CPUs

* src/nodeinfo.c: Check for all-1s CPU mask
2010-08-24 14:19:21 +01:00
Daniel P. Berrange
ac7baddf9d Log return value for virConnectGetCapabilities
Enabling debug doesn't show the capabilities XML for a connection.
Add an extra debug statement for the return value

* src/libvirt.c: Enable debug logging of capabilities XML
2010-08-24 14:19:12 +01:00
Soren Hansen
21dcce5364 Allow chardev of type 'file' for UML domains.
Like the comment suggested, we just open the file and pass the file
descriptor to uml. The input "stream" is set to "null", since I couldn't
find any useful way to actually use a file for input for a chardev and
this also mimics what e.g. QEmu does internally.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-24 11:19:21 +02:00
Matthias Bolte
8c48743b97 esx: Improve object-by-type lookup performance
Instead of using one big traversal spec for lookup use a set of
more fine grained traversal specs that are selected based on the
actual needs of the lookup.

This gives up to 20% speedup for certain operations like domain
listing due to less HTTP(S) traffic.
2010-08-24 11:06:06 +02:00
Eric Blake
5bf8690486 xenapi: support xenapi 5.6.0 headers
* src/xenapi/xenapi_driver.c (xenapiDomainGetInfo): Avoid using
XEN_VM_POWER_STATE_UNKNOWN, which disappeared in newer xenapi.
* src/xenapi/xenapi_utils.c (mapPowerState): Likewise.
2010-08-23 10:00:11 -06:00
Daniel P. Berrange
6e44ec7a91 Add support for -enable-kqemu flag
Previously QEMU enabled KQEMU by default and had -no-kqemu.
0.11.x switched to requiring -enable-kqemu. 0.12.x dropped
kqemu entirely. This patch adds support for -enable-kqemu
so 0.11.x works. It replaces a huge set of if() with a
switch() to make the code a bit more readable.

* src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Support
  -enable-kqemu
2010-08-23 14:10:15 +01:00
Matthias Bolte
92af69abad esx: Use MD5 sum of mount path as storage pool UUID
With the previous storage pool UUID source not all storage pools
had a proper UUID, especially GSX storage pools. The mount path
is unique per host and cannot change during the lifetime of the
datastore. Therefore, it's MD5 sum can be used as UUID.

Use gnulib's crypto/md5 module to generate the MD5 sum.
2010-08-21 01:30:08 +02:00
Matthias Bolte
a8cc67a44b esx: Make sure dumpxml outputs proper ID for active domains 2010-08-21 00:03:27 +02:00
Matthias Bolte
d6fdde23f7 xenapi: Fix compile error in previous commit 2010-08-20 23:28:28 +02:00
Jim Fehlig
b9c10268e1 Add actions to virDomainLifecycle enum
Xen supports on_crash actions coredump-{destroy,restart}.  libvirt
cannot parse config returned by xend that contains either of these
actions

xen52 # xm li -l test | grep on_crash
    (on_crash coredump-restart)
xen52 # virsh dumpxml test
error: internal error unknown lifecycle type coredump-restart

This patch adds a new virDomainLifecycleCrash enum and appends
the new options to existing destroy, restart, preserve, and
rename-restart options.
2010-08-20 15:06:30 -06:00
Jiri Denemark
7fb3435186 qemu: Remove code duplication
We already filled the PCI address structure when we checked whether it's
free or not, so let's just use the structure here instead of filling it
again.
2010-08-20 16:26:28 +02:00
Jiri Denemark
1208e6e488 qemu: Check for errors when converting PCI address to string 2010-08-20 16:26:28 +02:00
Jiri Denemark
72c791e430 qemu: Fix JSON migrate_set_downtime command 2010-08-20 16:26:28 +02:00
Eric Blake
bee2ad895e vbox: factor a large function
* src/vbox/vbox_tmpl.c (vboxDomainCreateWithFlags): Split...
(vboxStartMachine): ...into new helper.
2010-08-19 17:20:23 -06:00
Eric Blake
5da4302f5d xenapi: avoid sprintf
* src/xenapi/xenapi_utils.h (createVifNetwork): Delete prototype.
* src/xenapi/xenapi_utils.c (createVifNetwork): Change signature,
and use virAsprintf.  Detect allocation failure.
(createVMRecordFromXml): Adjust caller.
2010-08-19 16:18:11 -06:00
Eric Blake
4bcac75bd0 storage: avoid s[n]printf
* src/storage/storage_backend.c (virStorageBackendCreateQemuImg)
(virStorageBackendCreateQcowCreate): Use virAsprintf instead.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskCreateVol, virStorageBackendDiskPartFormat):
Likewise.
2010-08-19 16:18:11 -06:00
Eric Blake
57ae4c0435 maint: whitespace cleanups
* src/storage/storage_backend_disk.c
(virStorageBackendDiskPartFormat): Fix spacing.
2010-08-19 16:18:04 -06:00
Eric Blake
4b93002358 build: delete dead comments
* src/qemu/qemu_driver.c (qemudGetProcessInfo): Clean up.
* src/uml/uml_driver.c (umlGetProcessInfo): Likewise.
* src/xen/sexpr.c (_string2sexpr): Likewise.
2010-08-19 16:09:46 -06:00
Patrick Dignan
20be699ee3 storage: add support for Vendor and Model in XML
I wrote a patch to add support for listing the Vendor and Model of a
storage pool in the storage pool XML.  This would allow vendor
extensions of specific devices.  The patch includes a test for the new
attributes as well.

Patrick Dignan
2010-08-19 15:58:43 -06:00
Eric Blake
3223871e2e uml: fix logic bug in checking reply length
* src/uml/uml_driver.c (umlMonitorCommand): Validate that enough
bytes were read to dereference both res.length, and that many
bytes from res.data.
Reported by Soren Hansen.
2010-08-19 14:50:22 -06:00
Eric Blake
52baf647ca nwfilter: use consistent OOM reporting
* src/nwfilter/nwfilter_driver.c (nwfilterLog): Delete.
(nwfilterDriverStartup): Use virReportOOMError instead.
2010-08-19 13:14:41 -06:00
Eric Blake
9ba934c640 build: fix compiler warning
node_device/node_device_driver.c: In function 'nodeDeviceVportCreateDelete':
node_device/node_device_driver.c:423: error: implicit declaration of function 'stat' [-Wimplicit-function-declaration]

* src/node_device/node_device_driver.c (includes): Add <sys/stat.h>.
2010-08-18 13:46:09 -06:00
Daniel Veillard
1dcd5ab989 xen: Fix scheduler setting problems
Doing `virsh schedinfo rhel5u3 --cap 65535' the hypervisor does the
call, but does not change the value nor raise an error. Best is just to
consider it's not in the allowed values. The problem is that the error
won't be output since the xend driver will then be called and raise an
error

    error: this function is not supported by the hypervisor: unsupported
    in xendConfigVersion < 4

which will override the useful information from
xenUnifiedDomainSetSchedulerParameters(). So best is to also invert the
order in which the xen sub-drivers are called.

* src/xen/xen_hypervisor.c: mark 65535 cap value as out of bound
* src/xen/xen_hypervisor.c: reverse the order of the calls to the xen
  sub drivers to get the error message if needed
2010-08-18 17:32:31 +02:00
Jiri Denemark
47c74e8264 nodedev: Free the right pointers when getting WWNs fails 2010-08-18 17:32:31 +02:00
Dave Allan
b31ef77313 nodedev: Fix sysfs paths for vport operations
Some kernels, such as the one used in RHEL-5, have vport_create and
vport_delete operation files in /sys/class/scsi_host/hostN directory
instead of /sys/class/fc_host/hostN. Let's check both paths for
compatibility reasons.

This also removes unnecessary '/' characters from sysfs paths containing
LINUX_SYSFS_FC_HOST_PREFIX.
2010-08-18 17:32:31 +02:00
Daniel Berrange
8ebda73609 xen: Fix device count on detach 2010-08-18 17:32:31 +02:00
Daniel Berrange
9f45fabda2 remote: Fix incorrect use of private data field
NodeDeviceCreateXML and NodeDeviceDestroy methods added for NPIV were
using the wrong privateData field for the remote driver. This doesn't
impact KVM, since the remote driver handles everything, thus
privateData == devMonPrivateData. It does impact Xen though, because
the remote driver only handles a subset of methods and thus
privateData != devMonPrivateData.
2010-08-18 17:32:31 +02:00
Matthias Bolte
f688faceac esx: Fix memory leak when looking up an non-existing domain by name
In case an optional object cannot be found the lookup function is
left early and the cleanup code is not executed.

This pattern occurs in some other functions too.
2010-08-17 23:04:36 +02:00
Chris Lalancette
4303c91cc3 Fix up qemu domain save/managed save locking.
The current version of the qemu managed save implementation
is subject to a race where the domain shuts down between
the time that we start the command and the time that we
actually try to do the save.  Close this race by making
qemuDomainSaveFlags() expect both the driver and the passed-in
vm object to be locked before executing.

Signed-off-by: Chris Lalancette <clalance@redhat.com>
2010-08-17 16:18:49 -04:00
Stefan Berger
b8564da17a cygwin: build fix
Fixing a problem in the build on cygwin due to missing #define's.
2010-08-17 06:37:27 -04:00
Jiri Denemark
0a5f3ae0c6 qemu: Fix copy&paste error in warning message
This also makes the message consistent with the message used in error
path of qemudDomainAttachHostPciDevice.
2010-08-16 21:37:13 +02:00
Jiri Denemark
5afec51730 qemu: Release PCI slot when detaching disk and net devices 2010-08-16 21:36:59 +02:00
Jiri Denemark
4f86613ba1 qemu: Re-reserve all PCI addresses on libvirtd restart
When reconnecting to existing VMs, we re-reserved only those PCI
addresses which were explicitly mentioned in domain XML. Since some
addresses are always reserved (e.g., 0:0:0 and 0:0:1), we need to handle
those too.

Also all this should only be done if device flag is supported by qemu.
2010-08-16 21:36:53 +02:00
Jamie Strandboge
8e3eeb4e1d build: fix AppArmor compilation
* src/security/virt-aa-helper.c: Add missing include.
2010-08-16 11:39:33 -06:00
Stefan Berger
cf6f8b9a97 nwfilter: extend nwfilter reload support
In this patch I am extending and fixing the nwfilter module's reload support to stop all ongoing threads (for learning IP addresses of interfaces) and rebuild the filtering rules of all interfaces of all VMs when libvirt is started. Now libvirtd rebuilds the filters upon the SIGHUP signal and libvirtd restart.

About the patch: The nwfilter functions require a virConnectPtr. Therefore I am opening a connection in qemudStartup, which later on needs to be closed outside where the driver lock is held since otherwise it ends up in a deadlock due to virConnectClose() trying to lock the driver as well.

I have tested this now for a while with several machines running and needing the IP address learner thread(s). The rebuilding of the firewall rules seems to work fine following libvirtd restart or a SIGHUP. Also the termination of libvirtd worked fine.
2010-08-16 12:59:54 -04:00
Matthias Bolte
7c0cbe0279 esx: Explicitly disable unused floppy devices
floppy0.present defaults to true. Therefore, it needs to be
explicitly set to false when the XML config doesn't specify the
corresponding floppy device.

Also update tests accordingly.
2010-08-14 20:16:14 +02:00
Matthias Bolte
177e17e462 Generate libvirt_qemu.def from libvirt_qemu.syms for MinGW builds 2010-08-14 19:19:24 +02:00
Eduardo Otubo
50e4908559 PHYP: Add rudimentary network driver
I changed virStorage[Open|Close] to virVIOSDriver[Open|Close] so
the network driver can use it - since the network driver deals
with Open/Close in the same way.
2010-08-14 11:16:08 -06:00
Soren Hansen
b9e1f11a2d Make umlConnectTapDevice ask brAddTap for a persistent tap device.
This patch does two things:

 * It makes umlConnectTapDevice ask brAddTap for a persistent tap by
   passing it a NULL tapfd argument.
 * Stops umlConnectTapDevice from immediately dismantling the bridge
   it just set up.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2010-08-14 10:53:25 -06:00