Commit Graph

8418 Commits

Author SHA1 Message Date
Michal Privoznik
3c83df679e qemu: Relax hard RSS limit
Currently, if there's no hard memory limit defined for a domain,
libvirt tries to calculate one, based on domain definition and magic
equation and set it upon the domain startup. The rationale behind was,
if there's a memory leak or exploit in qemu, we should prevent the
host system trashing. However, the equation was too tightening, as it
didn't reflect what the kernel counts into the memory used by a
process. Since many hosts do have a swap, nobody hasn't noticed
anything, because if hard memory limit is reached, process can
continue allocating memory on a swap. However, if there is no swap on
the host, the process gets killed by OOM killer. In our case, the qemu
process it is.

To prevent this, we need to relax the hard RSS limit. Moreover, we
should reflect more precisely the kernel way of accounting the memory
for process. That is, even the kernel caches are counted within the
memory used by a process (within cgroups at least). Hence the magic
equation has to be changed:

  limit = 1.5 * (domain memory + total video memory) + (32MB for cache
          per each disk) + 200MB
2013-01-08 16:32:11 +01:00
Ján Tomko
afc4631b63 storage: fix leak in virStorageBackendLogicalMakeVol
Use regfree instead of VIR_FREE.
2013-01-08 14:01:52 +01:00
J.B. Joret
db2b6861dc S390: Enable SCLP Console in QEMU driver
This is the QEMU backend code for the SCLP console support.
It includes SCLP capability detection, QEMU command line generation
and a test case.

Signed-off-by: J.B. Joret <jb@linux.vnet.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-01-08 11:37:52 +01:00
J.B. Joret
d760255d01 S390: Add SCLP console front end support
The SCLP console is the native console type for s390 and is preferred
over the virtio console as it doesn't require special drivers and
is more efficient. Recent versions of QEMU come with SCLP support
which is hereby enabled.

The new target types 'sclp' and 'sclplm' can be used to specify a
SCLP console. Adding documentation, domain schema and XML processing
support.

Signed-off-by: J.B. Joret <jb@linux.vnet.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-01-08 11:37:52 +01:00
Daniel P. Berrange
014afe6501 Rename lxc_protocol.x to lxc_monitor_protocol.x
To avoid confusion between the LXC driver <-> controller
monitor RPC protocol and the libvirt-lxc.so <-> libvirtd public
RPC protocol, rename the former to lxc_monitor_protocol.x

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-08 09:21:08 +00:00
Daniel P. Berrange
5f669ea976 Add internal APIs for dealing with namespaces
Add some APIs for acquiring namespace file descriptors and
switching namespaces

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-08 09:21:08 +00:00
Daniel P. Berrange
3fd121c170 Add a way to return FDs to the RPC caller
Currently the libvirt client can pass FDs to the server, but the
dispatch mechanism provides no way to return FDs back from the
server to the client. Tweak the dispatch code, such that if a
dispatcher returns '1', this indicates that it populated the
virNetMessagePtr with FDs to return

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-08 08:56:49 +00:00
Daniel P. Berrange
18937c3ae0 Fix receiving of file descriptors from server
A number of bugs handling file descriptors received from the
server caused the FDs to be lost and leaked.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-08 08:56:49 +00:00
Guido Günther
a839dcb850 Add missing flags to migrate documentation 2013-01-08 06:49:34 +01:00
John Ferlan
3e251af561 cpu: Avoid NULL dereference
Don't dereference 'model' in PowerPCBaseline when there's no outputModel
2013-01-07 17:11:57 -07:00
John Ferlan
36ac6e37be lxc: Avoid possible NULL dereference on *root prior to opendir().
If running on older Linux without mounted cgroups then its possible that
*root would be NULL.
2013-01-07 17:11:57 -07:00
John Ferlan
2e0e1a91f7 remote: Avoid calling virAuthConfigLookup() if 'credname' is NULL. 2013-01-07 17:11:56 -07:00
John Ferlan
185478af09 vmware: Avoid NULL dereference for 'caps'
When virCapabilitiesNew() fails, caps will be NULL resulting in possible
core when deref'd in cpuDataFree() call.
2013-01-07 17:11:56 -07:00
John Ferlan
f36d83c441 xen: Avoid possible NULL dereference
Change calling sequence to only call xenUnifiedDomainSetVcpusFlags() when
'dom' is not NULL. Use the GET_PRIVATE() macro to reference privateData.
Just return -1 if dom is NULL.
2013-01-07 17:11:56 -07:00
Daniel P. Berrange
4f1f9d91ab Fix virLXCPrepareHostDevices method
The virLXCPrepareHostDevices method was returning success even
when it reported an error, and failed to handle several host
device types
2013-01-07 18:16:54 +00:00
Daniel P. Berrange
f0e4af91e4 Ensure we always setup a private mount namespace for LXC controller
The code for setting up a private /dev/pts for the containers
is also responsible for making the LXC controller have a
private mount namespace. Unfortunately the /dev/pts code is
not run if launching a container without a custom root. This
causes the LXC FUSE mount to leak into the host FS.
2013-01-07 18:14:34 +00:00
Daniel P. Berrange
198c992d26 Speed up fallback to legacy non-QMP probing
Since we daemonized QEMU for capabilities probing there is a long
time if QEMU fails to launch. This is because we're not passing in
any virDomainObjPtr instance and thus the monitor code can not
check to see if the PID is still alive.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-07 18:13:54 +00:00
Daniel P. Berrange
038cffd831 Only initialize capabilities after setting dir permissions
The current code is initializing capabilities before setting
directory permissions. Thus the QEMU binaries being run may
not have the ability to create the UNIX monitor socket on
the first run of libvirtd.
2013-01-07 18:13:39 +00:00
Eric Blake
5ec4b22b77 build: .service files don't need to be executable
See also commit 66ff2dd, where we avoided installing these files
as executables.

* daemon/Makefile.am (libvirtd.service): Drop chmod.
* tools/Makefile.am (libvirt-guests.service): Likewise.
* src/Makefile.am (virtlockd.service, virtlockd.socket):
Likewise.
2013-01-07 08:56:36 -07:00
Eric Blake
cb854b8f61 build: properly substitute virtlockd.socket
virtlockd.service could be installed to a configurable root,
but virtlockd.socket was hardcoded to installation into a
distro.

* src/Makefile.am (virtlockd.service, virtlockd.socket): Drop
unused substitutions.
* src/locking/virtlockd.socket.in (ListenStream): Don't hard-code
/var.
2013-01-07 08:56:36 -07:00
Eric Blake
462a69621e build: use common .in replacement mechanism
We had several different styles of .in conversion in our Makefiles:
ALLCAPS, @ALLCAPS@, @lower@, ::lower::
Canonicalize on one form, to make it easier to copy and paste
between .in files.

Also, we were using some non-portable sed constructs: \@ is an
undefined escape sequence (it happens to be @ itself in GNU sed,
but POSIX allows it to mean something else), as well as risky
behavior (failure to consistently quote things means a space
in $(sysconfdir) could throw things off; also, Autoconf recommends
using | rather than , or ! in the s||| operator, because | has to
be quoted in shell and is therefore less likely to appear in file
names than , or !).

Fix all of these uses to follow the same syntax.

* daemon/libvirtd.8.in: Switch to @var@.
* tools/virt-xml-validate.in: Likewise.
* tools/virt-pki-validate.in: Likewise.
* src/locking/virtlockd.init.in: Likewise.
* daemon/Makefile.am: Prefer | over ! in sed.
(libvirtd.8): Prefer consistent substitution.
(libvirtd.init, libvirtd.service): Avoid non-portable sed.
* tools/Makefile.am (libvirt-guests.sh, libvirt-guests.init)
(libvirt-guests.service): Likewise.
(virt-xml-validate, virt-pki-validate, virt-sanlock-cleanup):
Prefer consistent capitalization.
* src/Makefile.am (virtlockd.init, virtlockd.service)
(virtlockd.socket): Prefer consistent substitution.
2013-01-07 08:56:36 -07:00
Osier Yang
1279e421b2 qemu: Check if the shared disk's cdbfilter conflicts with others
This prevents domain starting and disk attaching if the shared disk's
setting conflicts with other active domain(s), E.g. A domain with
"sgio" set as "filtered", however, another active domain is using
it set as "unfiltered".
2013-01-07 21:39:20 +08:00
Osier Yang
278f87c4b5 qemu: set unpriv_sgio when starting domain and attaching disk
This ignores the default "filtered" if unpriv_sgio is not supported
by kernel, but for explicit request "filtered", it error out for
domain starting.
2013-01-07 21:39:06 +08:00
Osier Yang
535aed56a2 conf: Parse and format the new XML
Like "rawio", "sgio" is only allowed for block disk of device
type "lun".

It doesn't default disk->sgio to "filtered" when parsing, as
it won't be able to distinguish explicitly requested "filtered"
and a default "filtered" in driver then. We have to error out for
explicit request when the kernel doesn't support the new sysfs
knob "unpriv_sgio", however, for defaulted "filtered", we can
just ignore it if the kernel doesn't support "unpriv_sgio".
2013-01-07 21:38:43 +08:00
Osier Yang
d7ead3e19a qemu: Add a hash table for the shared disks
This introduces a hash table for qemu driver, to store the shared
disk's info as (@major:minor, @ref_count). @ref_count is the number
of domains which shares the disk.

Since we only care about if the disk support unprivileged SG_IO
commands, and the SG_IO commands only make sense for block disk,
this patch only manages (add/remove hash entry) the shared disk for
block disk.

* src/qemu/qemu_conf.h: (Add member 'sharedDisks' of type
                         virHashTablePtr; Declare helpers
                         qemuGetSharedDiskKey, qemuAddSharedDisk
                         and qemuRemoveSharedDisk)
* src/qemu/qemu_conf.c (Implement the 3 helpers)
* src/qemu/qemu_process.c (Update 'sharedDisks' when domain
                           starting and shutdown)
* src/qemu/qemu_driver.c (Update 'sharedDisks' when attaching
                          or detaching disk).
2013-01-07 21:35:19 +08:00
Osier Yang
ba72cb12fa util: Prepare helpers for unpriv_sgio setting
"virGetDeviceID" could be used across the sources, but it doesn't
relate with this series, and could be done later.

* src/util/virutil.h: (Declare virGetDeviceID, and
                       vir{Get,Set}DeviceUnprivSGIO)
* src/util/virutil.c: (Implement virGetDeviceID and
                       vir{Get,Set}DeviceUnprivSGIO)
* src/libvirt_private.syms: Export private symbols of upper helpers
2013-01-07 21:34:01 +08:00
Peter Krempa
731a5a4df7 snapshot: qemu: Allow redefinition of external snapshots
A redefinition of an external inactive snapshot/checkpoint wasn't
possible without this change.
2013-01-05 08:40:01 +01:00
Peter Krempa
709b0f37c5 snapshot: qemu: Fix segfault and vanishing snapshots when redefining
When the disk alignment check done while redefining an existing snapshot
failed, the qemu driver attempted to free the existing snapshot. As in
the cleanup path the definition of the snapshot wasn't assigned, the
cleanup code dereferenced a NULL pointer.

This patch changes the behavior on error paths while redefining snapshot
in two ways:

1) On failure, modifications done on the snapshot definition object are
rolled back.

2) The previous definition of the data isn't freed until it's certain it
won't be needed any more.

This change avoids the segfault and additionally the snapshot doesn't
vanish if redefinition fails for some reason.
2013-01-05 08:40:01 +01:00
Peter Krempa
4494b11f8f snapshot: qemu: Separate logic blocks with newlines 2013-01-05 08:40:00 +01:00
Peter Krempa
51b12b8cca snapshot: conf: Make virDomainSnapshotIsExternal more reusable
Allow to use definition objects with this predicate function.
2013-01-05 08:40:00 +01:00
John Eckersberg
346e43ecfd qemu: Implement virDomainOpenChannel API 2013-01-04 19:03:32 -07:00
John Eckersberg
66a0664974 conf: Add unix socket support to virChrdevOpen
This also changes the function signature to take a
virDomainChrSourceDefPtr instead of just a path, since it needs to
differentiate behavior based on source->type.
2013-01-04 18:07:11 -07:00
John Eckersberg
3c971c675a conf: Rename console-specific identifiers to be more generic
The functionality provided in virchrdev.c (previously virconsole.c) is
applicable to other types of character devices besides consoles, such
as channels.  This patch is just code motion, renaming things such as
"console" or "pty", instead using more general terms such as
"character device" or "device path".
2013-01-04 17:43:21 -07:00
John Eckersberg
4c85421c6c conf: Rename virconsole.* to virchrdev.*
This is just code motion, in preparation to rename identifiers to be
less console-specific.
2013-01-04 17:26:30 -07:00
John Eckersberg
d52add46ed api: Add API to tunnel a guest channel via stream
This patch adds a new API, virDomainOpenChannel, that uses streams to
connect to a virtio channel on a guest.  This creates a secure
communication channel between a guest and a libvirt client.

This behaves the same as virDomainOpenConsole, except on channels
instead of console/serial/parallel devices.
2013-01-04 17:10:55 -07:00
Eric Blake
f5b654e33e network: fix check for ambiguous lookup
gcc -O2 complained:
../../src/conf/network_conf.c: In function 'virNetworkDefUpdateDNSSrv':
../../src/conf/network_conf.c:3232: error: 'foundIdx' may be used uninitialized in this function [-Wuninitialized]

It turned out to be a spurious warning (we didn't use foundIdx
unless foundCt was non-zero).  But in investigating that, I noticed
a worse problem: we were using 'if (foundCt > 1)', but since foundCt
was bool, it could never be > 1.

* src/conf/network_conf.c (virNetworkDefUpdateDNSHost): Use
correct type.
(virNetworkDefUpdateDNSSrv): Likewise, and silence compiler
warning.
2013-01-04 15:08:25 -07:00
John Ferlan
b667125065 Check and handle select() errors from waitsocket(). 2013-01-04 10:57:25 -07:00
John Ferlan
0527d6bd41 vmware: silence Coverity warning
Ignore the return status check for vmwareUpdateVMStatus in convenience
routine vmwareDomainObjListUpdateDomain
2013-01-04 10:56:37 -07:00
Michal Privoznik
632c60edde qemu: Detect VGA_QXL capability correctly
Since 4c993d8a we failed to set this important capability, which
allows starting a domain with QXL video card. We set DEVICE_QXL
capability bit instead, which is not necessary wrong. Anyway, if
qemu supports the new '-device qxl' it supports older '-vga qxl'
as well. The latter is used for the primary (the first) qxl video
card, the former for other video cards.
2013-01-04 15:37:09 +01:00
Guido Günther
66ff2ddc29 Install virtlockd.{socket,service} non executable
since they're not scripts but systemd service files.
2013-01-04 11:48:05 +01:00
Ján Tomko
b7a443fcbb qemu: fix a segfault in qemuProcessWaitForMonitor
Commit b3f2b4ca5c left buf unallocated in
the case of QMP capability probing being used, leading to a segfault in
strlen in the cleanup path.

This patch opens the log and allocates the buffer if QMP probing was
used, so we can display the helpful error message.
2013-01-04 11:00:43 +01:00
John Ferlan
718af45895 parallels: check and handle error for virAsprintf() calls
Ignore the return in parallelsMakePoolName() since subsequent check
validates name was allocated.
2013-01-03 14:37:40 -07:00
John Ferlan
62cc7b702b udev: check and handle error for virAsprintf() calls 2013-01-03 14:36:15 -07:00
Michal Privoznik
b3f2b4ca5c qemu: Don't parse log output when starting up a domain
Despite our great effort we still parsed qemu log output.
We wouldn't notice unless upcoming qemu 1.4 changed the
format of the logs slightly. Anyway, now we should gather
all interesting knobs like pty paths from monitor. Moreover,
since for historical reasons the first console can be just
an alias to the first serial port, we need to check this and
copy the pty path if that's the case to the first console.
2013-01-03 09:56:51 +01:00
Michal Privoznik
fe915278c1 Revert "qemu: Adapt to new log format"
This reverts commit 28224c4d2a
which shouldn't be needed at all because with current qemu
we obtain all paths from 'query-chardev' output. We ought
not parse log output at all anymore.
2013-01-02 11:52:18 +01:00
Michal Privoznik
28224c4d2a qemu: Adapt to new log format
Since 586502189edf9fd0f89a83de96717a2ea826fdb0 qemu commit, the log
lines reporting chardev's path has changed from:

$ ./x86_64-softmmu/qemu-system-x86_64 -serial pty -serial pty -monitor pty
char device redirected to /dev/pts/5
char device redirected to /dev/pts/6
char device redirected to /dev/pts/7

to:

$ ./x86_64-softmmu/qemu-system-x86_64 -serial pty -serial pty -monitor pty
char device compat_monitor0 redirected to /dev/pts/5
char device serial0 redirected to /dev/pts/6
char device serial1 redirected to /dev/pts/7

However, with current code we are not prepared for such change, which
results in us being unable to start any domain.
2012-12-30 12:12:21 +01:00
Michal Privoznik
ce753ec5d6 sanlock: Chown lease files as well
Since sanlock doesn't run under root:root, we have chown()'ed the
__LIBVIRT__DISKS__ lease file to the user:group defined in the
sanlock config. However, when writing the patch I've forgot about
lease files for each disk (this is the
/var/lib/libvirt/sanlock/<md5>) file.
2012-12-28 16:42:38 +01:00
Michal Privoznik
a14768c9d3 qemu: Convert some APIs to use qemuDomObjFromDomain
Many internal qemu APIs must find domain object from passed
virDomainPtr. And with function Peter's introduced, we can use it
instead of copying multiple lines among code.
2012-12-24 09:34:13 +01:00
Michal Privoznik
8c5d2bad12 qemu: Relax locking in DomainHasManagedSaveImage and DomainMonitorCommand
There is no need to hold qemu lock during the whole execution
of these two APIs.
2012-12-24 09:34:13 +01:00
Viktor Mihajlovski
fec9822eeb S390: Re-enable capability probing for virtio devices.
Since we switched to QMP probing, the object types are spelled out
explicitly, i.e. virtio-net-pci. This has effectively disabled
the capability detection of s390 virtio devices. The trivial fix
is to add the s390 virtio types explicitly to qemuCapsObjectProps.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-12-21 14:20:28 -07:00