Commit Graph

1398 Commits

Author SHA1 Message Date
Eric Blake
7339bc4ced network: match xml warning message
I noticed that /var/lib/libvirt/dnsmasq/*.conf used the wrong word;
it was intended to match the wording in src/util/xml.c.

* src/network/bridge_driver.c (networkDnsmasqConfContents): Fix typo.
* tests/networkxml2confdata/*.conf: Update accordingly.
2012-12-12 15:12:58 -07:00
Serge Hallyn
a4e44e674e add vnc unix sockets to apparmor policy
When using vnc gaphics over a unix socket, virt-aa-helper needs to provide
access for the qemu domain to access the sockfile.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2012-12-11 14:32:39 -07:00
Serge Hallyn
88bd1a644b add security hook for permitting hugetlbfs access
When a qemu domain is backed by huge pages, apparmor needs to grant the domain
rw access to files under the hugetlbfs mount point.  Add a hook, called in
qemu_process.c, which ends up adding the read-write access through
virt-aa-helper.  Qemu will be creating a randomly named file under the
mountpoint and unlinking it as soon as it has mmap()d it, therefore we
cannot predict the full pathname, but for the same reason it is generally
safe to provide access to $path/**.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2012-12-11 14:27:20 -07:00
Gene Czarcinski
8b32c80df0 network: put dnsmasq parameters in conf-file instead of command line
This patch changes how parameters are passed to dnsmasq.  Instead of
being on the command line, the parameters are put into a file (one
parameter per line) and a commandline --conf-file= specifies the
location of the file.  The file is located in the same directory as
the leases file.

Putting the dnsmasq parameters into a configuration file
allows them to be examined and more easily understood than
examining the command lines displayed by "ps ax".  This is
especially true when a number of networks have been started.

When the use of dnsmasq was originally done, the required command line
was simple, but it has gotten more complicated over time and will
likely become even more complicated in the future.

Note: The test conf files have all been renamed .conf instead of
.argv, and tests/networkxml2xmlargvdata was moved to
tests/networkxml2xmlconfdata.
2012-12-11 05:49:45 -05:00
Gene Czarcinski
2d5cd1d724 network: add support for DHCPv6
The DHCPv6 support includes IPV6 dhcp-range and dhcp-host for one
IPv6 subnetwork on one interface.  This support will only work
if dnsmasq version >= 2.64; otherwise an error occurs if
dhcp-range or dhcp-host is specified for an IPv6 address.

Essentially, this change provides the same DHCP support for IPv6
that has been available for IPv4.

With dnsmasq >= 2.64, support for the RA service is also now provided
by dnsmasq (radvd is no longer used/started). (Although at least one
version of dnsmasq prior to 2.64 "supported" IPv6 Router
Advertisement, there were bugs (fixed in 2.64) that rendered it
unusable.)

Documentation and the network schema has been updated
to reflect the new support.
2012-12-11 05:49:45 -05:00
Osier Yang
b718ded39a qemu: Allow the user to specify vendor and product for disk
QEMU supports setting vendor and product strings for disk since
1.2.0 (only scsi-disk, scsi-hd, scsi-cd support it), this patch
exposes it with new XML elements <vendor> and <product> of disk
device.
2012-12-07 16:53:27 +08:00
Gene Czarcinski
705e67d40b network: allow guest to guest IPv6 without gateway definition
This patch adds the capability for virtual guests to do IPv6
communication via a virtual network interface with no IPv6 (gateway)
addresses specified.  This capability has always been enabled by
default for IPv4, but disabled for IPv6 for security concerns, and
because it requires the ip6tables command to be operational (which
isn't the case on a system with the ipv6 module completely disabled).

This patch adds a new attribute "ipv6" at the toplevel of a <network>
object.  If ipv6='yes', the extra ip6tables rules required to permite
inter-guest communications are added when the network is started. If
it is 'no', or not present, those rules will not be added; thus the
default behavior doesn't change, so there should be no compatibility
issues with any existing installations.

Note that virtual guests cannot communication with the virtualization
host via this interface, because the following kernel tunable has
been set:

   net.ipv6.conf.<bridge_interface_name>.disable_ipv6 = 1

This assures that the bridge interface will not have an IPv6
link-local (fe80::) address.

To control this behavior so that it is not enabled by default, the parameter
ipv6='yes' on the <network> statement has been added.

Documentation related to this patch has been updated.
The network schema has also been updated.
2012-12-05 14:58:32 -05:00
Daniel P. Berrange
76c1fd33c8 Introduce APIs for splitting/joining strings
This introduces a few new APIs for dealing with strings.
One to split a char * into a char **, another to join a
char ** into a char *, and finally one to free a char **

There is a simple test suite to validate the edge cases
too. No more need to use the horrible strtok_r() API,
or hand-written code for splitting strings.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-11-30 20:05:43 +00:00
Laine Stump
753ff83a50 network: use dnsmasq --bind-dynamic when available
This bug resolves CVE-2012-3411, which is described in the following
bugzilla report:

  https://bugzilla.redhat.com/show_bug.cgi?id=833033

The following report is specifically for libvirt on Fedora:

  https://bugzilla.redhat.com/show_bug.cgi?id=874702

In short, a dnsmasq instance run with the intention of listening for
DHCP/DNS requests only on a libvirt virtual network (which is
constructed using a Linux host bridge) would also answer queries sent
from outside the virtualization host.

This patch takes advantage of a new dnsmasq option "--bind-dynamic",
which will cause the listening socket to be setup such that it will
only receive those requests that actually come in via the bridge
interface. In order for this behavior to actually occur, not only must
"--bind-interfaces" be replaced with "--bind-dynamic", but also all
"--listen-address" options must be replaced with a single
"--interface" option. Fully:

   --bind-interfaces --except-interface lo --listen-address x.x.x.x ...

(with --listen-address possibly repeated) is replaced with:

   --bind-dynamic --interface virbrX

Of course libvirt can't use this new option if the host's dnsmasq
doesn't have it, but we still want libvirt to function (because the
great majority of libvirt installations, which only have mode='nat'
networks using RFC1918 private address ranges (e.g. 192.168.122.0/24),
are immune to this vulnerability from anywhere beyond the local subnet
of the host), so we use the new dnsmasqCaps API to check if dnsmasq
supports the new option and, if not, we use the "old" option style
instead. In order to assure that this permissiveness doesn't lead to a
vulnerable system, we do check for non-private addresses in this case,
and refuse to start the network if both a) we are using the old-style
options, and b) the network has a publicly routable IP
address. Hopefully this will provide the proper balance of not being
disruptive to those not practically affected, and making sure that
those who *are* affected get their dnsmasq upgraded.

(--bind-dynamic was added to dnsmasq in upstream commit
54dd393f3938fc0c19088fbd319b95e37d81a2b0, which was included in
dnsmasq-2.63)
2012-11-29 15:02:39 -05:00
Laine Stump
719c2c7665 util: capabilities detection for dnsmasq
In order to optionally take advantage of new features in dnsmasq when
the host's version of dnsmasq supports them, but still be able to run
on hosts that don't support the new features, we need to be able to
detect the version of dnsmasq running on the host, and possibly
determine from the help output what options are in this dnsmasq.

This patch implements a greatly simplified version of the capabilities
code we already have for qemu. A dnsmasqCaps device can be created and
populated either from running a program on disk, reading a file with
the concatenated output of "dnsmasq --version; dnsmasq --help", or
examining a buffer in memory that contains the concatenated output of
those two commands. Simple functions to retrieve capabilities flags,
the version number, and the path of the binary are also included.

bridge_driver.c creates a single dnsmasqCaps object at driver startup,
and disposes of it at driver shutdown. Any time it must be used, the
dnsmasqCapsRefresh method is called - it checks the mtime of the
binary, and re-runs the checks if the binary has changed.

networkxml2argvtest.c creates 2 "artificial" dnsmasqCaps objects at
startup - one "restricted" (doesn't support --bind-dynamic) and one
"full" (does support --bind-dynamic). Some of the test cases use one
and some the other, to make sure both code pathes are tested.
2012-11-29 15:02:39 -05:00
Daniel P. Berrange
4738c2a7e7 Replace 'struct qemud_driver *' with virQEMUDriverPtr
Remove the obsolete 'qemud' naming prefix and underscore
based type name. Introduce virQEMUDriverPtr as the replacement,
in common with LXC driver naming style
2012-11-28 18:17:25 +00:00
Guannan Ren
237629d204 bitmap: fix typo to use UL type of integer constant in virBitmapIsAllSet
This bug leads to getting incorrect vcpupin information via
qemudDomainGetVcpuPinInfo() API when the number of maximum
cpu on a host falls into a range such as 31 < ncpus < 64.

gcc warning:
left shift count >= width of type

The following bug is such the case
https://bugzilla.redhat.com/show_bug.cgi?id=876415
2012-11-28 18:30:28 +08:00
Harsh Prateek Bora
f97a569944 tests: Add tests for gluster protocol based network disks support
Signed-off-by: Harsh Prateek Bora <harsh@linux.vnet.ibm.com>
2012-11-27 10:19:22 +01:00
Ján Tomko
5efacd7813 build: fix build --without-network
bridge_driver.h: silence gcc warnings:
statement with no effect [-Wunused-value]
unused variable 'net' [-Wunused-variable]

virdrivermoduletest.c: don't require network driver module
if it hasn't been built.
2012-11-26 14:01:23 +01:00
Michal Privoznik
a154f5f313 qemuhelpdata: Revert my 'fix'
I was convicted that space at EOL should no be there
even for qemu help data. Hence, I've removed one in
commit bb2f621611. However, it turns out we want
it exactly the way qemu produces it. So I should undo
my premature fix. A patch against qemu has been posted
as well.
2012-11-23 09:25:20 +01:00
Ján Tomko
bb2f621611 tests: update qemuhelptest data
Both generated with
qemu-system-x86_64 --help > qemu-1.2.0

qemu-system-x86_64 \
-device ? \
-device pci-assign,? \
-device virtio-blk-pci,? \
-device virtio-net-pci,? \
-device scsi-disk,? \
-device PIIX4_PM,? \
-device usb-redir,? \
-device ide-drive,? \
-device usb-host,? 2> qemu-1.2.0-device

It seems I missed a few -device flags when doing this last time and I
mixed up qemu and qemu-kvm.
2012-11-21 18:43:18 +01:00
Ján Tomko
c5834ec148 tests: add boot order for host and redirected USB to qemu argv test 2012-11-21 18:43:15 +01:00
Miloslav Trmač
37f7a1faf1 Add metadata to virLogOutputFunc
... and update all users.  No change in functionality, the parameter
will be used in the next patch.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2012-11-14 19:14:07 -07:00
Peter Krempa
e5aab47ab3 tests: Remove temporary directories in qemumonitorjsontest
qemumonitorjsontest creates a temporary directory to hold the socket
that is simulating the monitor socket. The directory containing the
socket wasn't disposed properly at the end of the test leaving garbage
in the temporary folder.
2012-11-13 09:32:15 +01:00
Peter Krempa
e25a32f3da tests: Fix qemumonitorjsontest deadlock when the machine is under load
When doing the qemumonitorjsontest on a machine under heavy load the
test tends to deadlock from time to time. This patch adds the hack to
break the event loop that is used in virsh.
2012-11-13 09:32:14 +01:00
Peter Krempa
7a791677b0 nodeinfotest: Add test data from a AMD bulldozer machine.
The AMD Bulldozer architecture uses so called "Clustered integer core
modules" that count both as threads and cores. This patch expects the
cpu to be detected using the new fallback condition otherwise twice the
number of processors would be detected.
2012-11-13 00:35:36 +01:00
Peter Krempa
86748976f1 nodeinfotest: Add test data for 2 processor host with broken NUMA
This test data was gathered on an AMD MagnyCours machine that reports it
has only one NUMA node although the hardware is consisting of 4. As
duplicate core id's are ignored the reported topology was bogous. This
should be fixed by the previous patch.

Reported and data provided by George-Cristian Bîrzan.
2012-11-13 00:35:36 +01:00
Viktor Mihajlovski
b1c88c1476 capabilities: defaultConsoleTargetType can depend on architecture
For S390, the default console target type cannot be of type 'serial'.
It is necessary to at least interpret the 'arch' attribute
value of the os/type element to produce the correct default type.

Therefore we need to extend the signature of defaultConsoleTargetType
to account for architecture. As a consequence all the drivers
supporting this capability function must be updated.

Despite the amount of changed files, the only change in behavior is
that for S390 the default console target type will be 'virtio'.

N.B.: A more future-proof approach could be to to use hypervisor
specific capabilities to determine the best possible console type.
For instance one could add an opaque private data pointer to the
virCaps structure (in case of QEMU to hold capsCache) which could
then be passed to the defaultConsoleTargetType callback to determine
the console target type.
Seems to be however a bit overengineered for the use case...

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-11-09 09:20:59 -07:00
Eric Blake
2cd4d8e506 virsh: add snapshot-create-as memspec support
External checkpoints could be created with snapshot-create, but
without libvirt supplying a default name for the memory file,
it is essential to add a new argument to snapshot-create-as to
allow the user to choose the memory file name.  This adds the
option --memspec [file=]name[,snapshot=type], where type can
be none, internal, or external.  For an example,

virsh snapshot-create-as $dom --memspec /path/to/file

is the shortest possible command line for creating an external
checkpoint, named after the current timestamp.

* tools/virsh-snapshot.c (vshParseSnapshotMemspec): New function.
(cmdSnapshotCreateAs): Use it.
* tests/virsh-optparse (test_url): Test it.
* tools/virsh.pod (snapshot-create-as): Document it.
2012-11-07 09:04:18 -07:00
Michal Privoznik
a95c9406a2 tests: Add test for controller order 2012-11-06 10:11:35 +01:00
Eric Blake
4201a7ea1c snapshot: new XML for external system checkpoint
Each <domainsnapshot> can now contain an optional <memory>
element that describes how the VM state was handled, similar
to disk snapshots.  The new element will always appear in
output; for back-compat, an input that lacks the element will
assume 'no' or 'internal' according to the domain state.

Along with this change, it is now possible to pass <disks> in
the XML for an offline snapshot; this also needs to be wired up
in a future patch, to make it possible to choose internal vs.
external on a per-disk basis for each disk in an offline domain.
At that point, using the --disk-only flag for an offline domain
will be able to work.

For some examples below, remember that qemu supports the
following snapshot actions:

qemu-img: offline external and internal disk
savevm: online internal VM and disk
migrate: online external VM
transaction: online external disk

=====
<domainsnapshot>
  <memory snapshot='no'/>
  ...
</domainsnapshot>

implies that there is no VM state saved (mandatory for
offline and disk-only snapshots, not possible otherwise);
using qemu-img for offline domains and transaction for online.

=====
<domainsnapshot>
  <memory snapshot='internal'/>
  ...
</domainsnapshot>

state is saved inside one of the disks (as in qemu's 'savevm'
system checkpoint implementation).  If needed in the future,
we can also add an attribute pointing out _which_ disk saved
the internal state; maybe disk='vda'.

=====
<domainsnapshot>
  <memory snapshot='external' file='/path/to/state'/>
  ...
</domainsnapshot>

This is not wired up yet, but future patches will allow this to
control a combination of 'virsh save /path/to/state' plus disk
snapshots from the same point in time.

=====

So for 1.0.1 (and later, as needed), I plan to implement this table
of combinations, with '*' designating new code and '+' designating
existing code reached through new combinations of xml and/or the
existing DISK_ONLY flag:

domain  memory  disk   disk-only | result
-----------------------------------------
offline omit    omit   any       | memory=no disk=int, via qemu-img
offline no      omit   any       |+memory=no disk=int, via qemu-img
offline omit/no no     any       | invalid combination (nothing to snapshot)
offline omit/no int    any       |+memory=no disk=int, via qemu-img
offline omit/no ext    any       |*memory=no disk=ext, via qemu-img
offline int/ext any    any       | invalid combination (no memory to save)
online  omit    omit   off       | memory=int disk=int, via savevm
online  omit    omit   on        | memory=no disk=default, via transaction
online  omit    no/ext off       | unsupported for now
online  omit    no     on        | invalid combination (nothing to snapshot)
online  omit    ext    on        | memory=no disk=ext, via transaction
online  omit    int    off       |+memory=int disk=int, via savevm
online  omit    int    on        | unsupported for now
online  no      omit   any       |+memory=no disk=default, via transaction
online  no      no     any       | invalid combination (nothing to snapshot)
online  no      int    any       | unsupported for now
online  no      ext    any       |+memory=no disk=ext, via transaction
online  int/ext any    on        | invalid combination (disk-only vs. memory)
online  int     omit   off       |+memory=int disk=int, via savevm
online  int     no/ext off       | unsupported for now
online  int     int    off       |+memory=int disk=int, via savevm
online  ext     omit   off       |*memory=ext disk=default, via migrate+trans
online  ext     no     off       |+memory=ext disk=no, via migrate
online  ext     int    off       | unsupported for now
online  ext     ext    off       |*memory=ext disk=ext, via migrate+transaction

* docs/schemas/domainsnapshot.rng (memory): New RNG element.
* docs/formatsnapshot.html.in: Document it.
* src/conf/snapshot_conf.h (virDomainSnapshotDef): New fields.
* src/conf/domain_conf.c (virDomainSnapshotDefFree)
(virDomainSnapshotDefParseString, virDomainSnapshotDefFormat):
Manage new fields.
* tests/domainsnapshotxml2xmltest.c: New test.
* tests/domainsnapshotxml2xmlin/*.xml: Update existing tests.
* tests/domainsnapshotxml2xmlout/*.xml: Likewise.
2012-11-02 09:56:23 -06:00
Daniel P. Berrange
1c04f99970 Remove spurious whitespace between function name & open brackets
The libvirt coding standard is to use 'function(...args...)'
instead of 'function (...args...)'. A non-trivial number of
places did not follow this rule and are fixed in this patch.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-11-02 13:36:49 +00:00
Guido Günther
0e7fd31fb5 Create temporary dir for socket
to avoid ENAMETOOLONG:

https://buildd.debian.org/status/fetch.php?pkg=libvirt&arch=amd64&ver=1.0.0~rc1-1&stamp=1351453521
2012-10-30 19:16:57 +01:00
Peter Krempa
f88b076d17 nodeinfotest: Delete NUL bytes from test data
The test data contained extra \0 bytes after newlines probably due to a
kernel off-by-one bug.
2012-10-30 10:39:06 +01:00
Vladislav Bogdanov
81af5336ac qemu: pass -usb and usb hubs earlier, so USB disks with static address are handled properly 2012-10-30 08:54:32 +01:00
Eric Blake
0711c4b74d bitmap: add virBitmapCountBits
Sometimes it's handy to know how many bits are set.

* src/util/bitmap.h (virBitmapCountBits): New prototype.
(virBitmapNextSetBit): Use correct type.
* src/util/bitmap.c (virBitmapNextSetBit): Likewise.
(virBitmapSetAll): Maintain invariant of clear tail bits.
(virBitmapCountBits): New function.
* src/libvirt_private.syms (bitmap.h): Export it.
* tests/virbitmaptest.c (test2): Test it.
2012-10-25 11:19:23 -06:00
Doug Goldstein
2da776b1d6 qemu: Don't blindly assume VNC is supported
Currently it's assumed that qemu always supports VNC, however it is
definitely possible to compile qemu without VNC support so we should at
the very least check for it and handle that correctly.
2012-10-22 23:16:17 +08:00
Doug Goldstein
8be88034bf test: Don't assume VNC is always available
Several tests assume that VNC is always available and include it in
their configs and the expected command line. The tests have nothing to
do with graphics display so they shouldn't rely on VNC.
2012-10-22 23:16:11 +08:00
Laine Stump
1cb1f9dabf network: always create dnsmasq hosts and addnhosts files, even if empty
This fixes the problem reported in:

  https://bugzilla.redhat.com/show_bug.cgi?id=868389

Previously, the dnsmasq hosts file (used for static dhcp entries, and
addnhosts file (used for additional dns host entries) were only
created/referenced on the dnsmasq commandline if there was something
to put in them at the time the network was started. Once we can update
a network definition while it's active (which is now possible with
virNetworkUpdate), this is no longer a valid strategy - if there were
0 dhcp static hosts (resulting in no reference to the hosts file on the
commandline), then one was later added, the commandline wouldn't have
linked dnsmasq up to the file, so even though we create it, dnsmasq
doesn't pay any attention.

The solution is to just always create these files and reference them
on the dnsmasq commandline (almost always, anyway). That way dnsmasq
can notice when a new entry is added at runtime (a SIGHUP is sent to
dnsmasq by virNetworkUdpate whenever a host entry is added or removed)

The exception to this is that the dhcp static hosts file isn't created
if there are no lease ranges *and* no static hosts. This is because in
this case dnsmasq won't be setup to listen for dhcp requests anyway -
in that case, if the count of dhcp hosts goes from 0 to 1, dnsmasq
will need to be restarted anyway (to get it listening on the dhcp
port). Likewise, if the dhcp hosts count goes from 1 to 0 (and there
are no dhcp ranges) we need to restart dnsmasq so that it will stop
listening on port 67. These special situations are handled in the
bridge driver's networkUpdate() by checking for ((bool)
nranges||nhosts) both before and after the update, and triggering a
dnsmasq restart if the before and after don't match.
2012-10-20 21:29:19 -04:00
Eric Blake
41e0edaf84 storage: treat 'aio' like 'raw' at parse time
We have historically allowed 'aio' as a synonym for 'raw' for
back-compat to xen, but since a future patch will move to using
an enum value, we have to pick one to be our preferred output
name.  This is a slight change in the output XML, but the sexpr
and xm outputs should still be identical, and the input XML can
still use either form.

* src/conf/domain_conf.c (virDomainDiskDefForeachPath): Move aio
back-compat...
(virDomainDiskDefParseXML): ...to parse time.
* src/xenxs/xen_sxpr.c (xenParseSxprDisks, xenFormatSxprDisk): ...and
to output time.
* src/xenxs/xen_xm.c (xenParseXM, xenFormatXMDisk): Likewise.
* tests/sexpr2xmldata/sexpr2xml-*.xml: Update tests.
2012-10-19 17:35:09 -06:00
Peter Krempa
09f10a12be qemu: Add support for HyperV Enlightenment feature "relaxed"
This patch adds QEMU support for the "relaxed" feature implemented by
previous patch.
2012-10-18 12:22:50 +02:00
Daniel P. Berrange
eca72d4759 Introduce an internal API for handling file based lockspaces
The previously introduced virFile{Lock,Unlock} APIs provide a
way to acquire/release fcntl() locks on individual files. For
unknown reason though, the POSIX spec says that fcntl() locks
are released when *any* file handle referring to the same path
is closed. In the following sequence

  threadA: fd1 = open("foo")
  threadB: fd2 = open("foo")
  threadA: virFileLock(fd1)
  threadB: virFileLock(fd2)
  threadB: close(fd2)

you'd expect threadA to come out holding a lock on 'foo', and
indeed it does hold a lock for a very short time. Unfortunately
when threadB does close(fd2) this releases the lock associated
with fd1. For the current libvirt use case for virFileLock -
pidfiles - this doesn't matter since the lock is acquired
at startup while single threaded an never released until
exit.

To provide a more generally useful API though, it is necessary
to introduce a slightly higher level abstraction, which is to
be referred to as a "lockspace".  This is to be provided by
a virLockSpacePtr object in src/util/virlockspace.{c,h}. The
core idea is that the lockspace keeps track of what files are
already open+locked. This means that when a 2nd thread comes
along and tries to acquire a lock, it doesn't end up opening
and closing a new FD. The lockspace just checks the current
list of held locks and immediately returns VIR_ERR_RESOURCE_BUSY.

NB, the API as it stands is designed on the basis that the
files being locked are not being otherwise opened and used
by the application code. One approach to using this API is to
acquire locks based on a hash of the filepath.

eg to lock /var/lib/libvirt/images/foo.img the application
might do

   virLockSpacePtr lockspace = virLockSpaceNew("/var/lib/libvirt/imagelocks");
   lockname = md5sum("/var/lib/libvirt/images/foo.img");
   virLockSpaceAcquireLock(lockspace, lockname);

NB, in this example, the caller should ensure that the path
is canonicalized before calculating the checksum.

It is also possible to do locks directly on resources by
using a NULL lockspace directory and then using the file
path as the lock name eg

   virLockSpacePtr lockspace = virLockSpaceNew(NULL);
   virLockSpaceAcquireLock(lockspace, "/var/lib/libvirt/images/foo.img");

This is only safe to do though if no other part of the process
will be opening the files. This will be the case when this
code is used inside the soon-to-be-reposted virlockd daemon

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-10-16 15:45:55 +01:00
Martin Kletzander
59952932f5 conf: add test for boot dev and order
Add test for 280b8c9e7c.
2012-10-16 12:25:32 +02:00
Martin Kletzander
9674f2c637 selinux: Use raw contexts
We are currently able to work only with non-translated SELinux
contexts, but we are using functions that work with translated
contexts throughout the code.  This patch swaps all SELinux context
translation relative calls with their raw sisters to avoid parsing
problems.

The problems can be experienced with mcstrans for example.  The
difference is that if you have translations enabled (yum install
mcstrans; service mcstrans start), fgetfilecon_raw() will get you
something like 'system_u:object_r:virt_image_t:s0', whereas
fgetfilecon() will return 'system_u:object_r:virt_image_t:SystemLow'
that we cannot parse.

I was trying to confirm that the _raw variants were here since the dawn of
time, but the only thing I see now is that it was imported together in
the upstream repo [1] from svn, so before 2008.

Thanks Laurent Bigonville for finding this out.

[1] http://oss.tresys.com/git/selinux.git
2012-10-12 17:54:09 +02:00
Ján Tomko
149c87b49d Various typos and misspellings 2012-10-12 00:03:43 +02:00
Jiri Denemark
844cdf22e6 qemu: Fix QMP detection of QXL graphics
With the recent introduction of QMP capabilities probing, libvirt failed
to detect support for QXL graphics in QEMU 1.2 and newer. In addition to
fixing that, this patch also causes libvirt to detect QXL support for
qemu-kvm-0.13.0, which doesn't advertise it in -help output but mentions
it in device list. Since qemu-kvm-0.13.0 supported -spice, it looks like
not having qxl in -help was a bug.
2012-10-09 11:42:05 +02:00
Martin Kletzander
5d692cc714 fix kvm_pv_eoi with kvmclock
When both kvmclock and kvm_pv_eoi are configured (either disabled or
enabled) libvirt will generate invalid CPU specification due to the
fact that even though kvmclock causes the CPU to be specified, it
doesn't set have_cpu flag to true (and the new kvm_pv_eoi as well).
This patch fixes the issue and adds a test exactly for that to show
that it is fixed correctly (and also to keep it that way in the future
of course).
2012-10-08 20:13:55 +02:00
Daniel P. Berrange
b073fe40db Refactor qemuCapsParseDeviceStr to work from data tables
Currently the qemuCapsParseDeviceStr method has a bunch of open
coded string searches/comparisons to detect devices and their
properties. Soon this data will be obtained from QMP queries
instead of -device help output. Maintaining the list of device
and properties in two places is undesirable. Thus the existing
qemuCapsParseDeviceStr() method needs to be refactored to
separate the device types and properties from the actual
search code.

Thus the -device help output is now parsed to construct a
list of device names, and device properties. These are then
checked against a set of datatables to set the capability
flags

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 11:25:49 +01:00
Daniel P. Berrange
e8fd8757c8 Change logging category parameter into an enum
The 'const char *category' parameter only has a few possible
values now that the filename has been separated. Turn this
parameter into an enum instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 10:39:28 +01:00
Daniel P. Berrange
0225c566f4 Include filename explicitly in logging APIs
Currently the logging APIs have a 'const char *category' parameter
which indicates where the log message comes from. This is typically
a combination of the __FILE__ string and other prefix. Split the
__FILE__ off into a dedicated parameter so it can passed to the
log outputs

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 10:34:14 +01:00
Daniel P. Berrange
4764a6c5a3 s/int/virLogDestination/ in logging code
The log destinations are an enum, but most of the code was
just using a plain 'int' for function params / variables.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 10:22:13 +01:00
Daniel P. Berrange
2dd77cd1ff s/long long/size_t/ for file line numbers in logging code
The __LINE__ macro value is specified to fit in the size_t
type, so use that instead of 'long long' in the logging code

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 10:17:02 +01:00
Daniel P. Berrange
de29867e22 s/int/virLogPriority/ in logging code
The log priority levels are an enum, but most of the code was
just using a plain 'int' for function params / variables.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-28 10:10:47 +01:00
Miloslav Trmač
a5fa3322c8 Pass the "raw" log message to each virLogOutputFunc
In addition to the preformatted text line, pass the raw message as well,
to allow the output functions to use a different output format.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 12:46:26 +01:00
Daniel P. Berrange
c70a6154b6 Add a qemuMonitorGetCommands() method for QMP query-commands command
Add a new qemuMonitorGetCPUCommands() method to support invocation
of the 'query-commands' JSON monitor command. No HMP equivalent
is required, since this will only be used when JSON is available

The existing qemuMonitorJSONCheckCommands() method is refactored
to use this new method

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 11:04:32 +01:00
Daniel P. Berrange
2ecec6e206 Add a qemuMonitorGetCPUDefinitions method for QMP query-cpu-definitions command
Add a new qemuMonitorGetCPUDefinitions() method to support invocation
of the 'query-cpu-definitions' JSON monitor command. No HMP equivalent
is required, since this will only be present for QEMU >= 1.2

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:53:24 +01:00
Daniel P. Berrange
3999372182 Add a qemuMonitorGetMachines() method for QMP query-machines command
Add a new qemuMonitorGetMachines() method to support invocation
of the 'query-machines' JSON monitor command. No HMP equivalent
is required, since this will only be present for QEMU >= 1.2

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:47:16 +01:00
Daniel P. Berrange
3dce0a829a Add a qemuMonitorGetVersion() method for QMP query-version command
Add a new qemuMonitorGetVersion() method to support invocation
of the 'query-version' JSON monitor command. No HMP equivalent
is provided, since this will only be used for QEMU >= 1.2

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:46:34 +01:00
Daniel P. Berrange
ed769e1854 Remove probing of CPU models when launching QEMU guests
When launching a QEMU guest the binary is probed to discover
the list of supported CPU names. Remove this probing with a
simple lookup of CPU models in the qemuCapsPtr object. This
avoids another invocation of the QEMU binary during the
startup path.

As a nice benefit we can now remove all the nasty hacks from
the test suite which were done to avoid having to exec QEMU
on the test system. The building of the -cpu command line
can just rely on data we pre-populate in qemuCapsPtr.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:24:52 +01:00
Daniel P. Berrange
bd66c243b3 Remove probing of machine types when canonicalizing XML
When XML for a new guest is received, the machine type is
immediately canonicalized into the version specific name.
This involves probing QEMU for supported machine types.
Replace this probing with a lookup of the machine types
in the (hopefully cached) qemuCapsPtr object

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:24:52 +01:00
Daniel P. Berrange
15ee6614f7 Remove probing of flags when launching QEMU guests
Remove all use of the existing APIs for querying QEMU
capability flags. Instead obtain a qemuCapsPtr object
from the global cache. This avoids the execution of
'qemu -help' (and related commands) when launching new
guests.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-27 10:24:52 +01:00
Daniel P. Berrange
9467ab6074 Move virProcess{Kill,Abort,TranslateStatus} into virprocess.{c,h}
Continue consolidation of process functions by moving some
helpers out of command.{c,h} into virprocess.{c,h}

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-26 10:09:57 +01:00
Daniel P. Berrange
0fb58ef5cd Rename virPid{Abort,Wait} to virProcess{Abort,Wait}
Change "Pid" to "Process" to align with the virProcessKill
API naming prefix

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-26 10:09:57 +01:00
Eric Blake
d165c54d86 tests: test previous commit
Add a test to avoid virCommand regressions.

* tests/commandtest.c (test8): Explicitly test env-var overrides.
2012-09-24 17:04:46 -06:00
Miloslav Trmač
fca338a06c Drop unused return value of virLogOutputFunc
Nothing uses the return value, and creating it requries otherwise
unnecessary strlen () calls.

This cleanup is conceptually independent from the rest of the series
(although the later patches won't apply without it).  This just seems
a good opportunity to clean this up, instead of entrenching the unnecessary
return value in the virLogOutputFunc instance that will be added in this
series.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2012-09-21 12:55:13 -06:00
Eric Blake
4ecb723b9e maint: fix up copyright notice inconsistencies
https://www.gnu.org/licenses/gpl-howto.html recommends that
the 'If not, see <url>.' phrase be a separate sentence.

* tests/securityselinuxhelper.c: Remove doubled line.
* tests/securityselinuxtest.c: Likewise.
* globally: s/;  If/.  If/
2012-09-20 16:30:55 -06:00
Martin Kletzander
3b72650181 tests: Add tests for dump-core option 2012-09-20 16:41:07 +02:00
Martin Kletzander
ff2d5a3d8a qemu: add support for dump-guest-core option
The "dump-guest-core' option is new option for the machine type
(-machine pc,dump-guest-core) that controls whether the guest memory
will be marked as dumpable.

While testing this, I've found out that the value for the '-M' options
is not parsed correctly when additional parameters are used. However,
when '-machine' is used for the same options, it gets parsed as
expected. That's why this patch also modifies the parsing and creating
of the command line, so both '-M' and '-machine' are recognized. In
QEMU's help there is only mention of the 'machine parameter now with
no sign of the older '-M'.
2012-09-20 16:41:07 +02:00
Martin Kletzander
ec62a602bb QEMU Tests for reboot-timeout 2012-09-20 16:41:02 +02:00
Martin Kletzander
8c95290868 qemu: Cleanup boot parameter building
This patch cleans up building the "-boot" parameter and while on that
fixes one inconsistency by modifying these things:

 - I completed the unfinished virDomainBootMenu enum by specifying
   LAST, declaring it and also declaring the TypeFromString and
   TypeToString parameters.
 - Previously mentioned TypeFromString and TypeToString are used when
   parsing the XML.
 - Last, but not least, visible change is that the "-boot" parameter
   is built and parsed properly:
    - The "order=" prefix is used only when additional parameters are
      used (menu, etc.).
    - It's rewritten in a way that other parameters can be added
      easily in the future (used in following patch).
    - The "order=" parameter is properly parsed regardless to where it
      is placed in the string (e.g. "menu=on,order=nc").
    - The "menu=" parameter (and others in the future) are created
      when they should be (i.e. even when bootindex is supported and
      used, but not when bootloader is selected).
2012-09-20 10:59:35 +02:00
Doug Goldstein
b95ad92e05 build: define WITH_INTERFACE for the driver
Based exclusively on work by Eric Blake in a patch posted with the same
subject. However some modifications related to comments and my plans to
add another backend.

Added WITH_INTERFACE as the only automake variable deciding whether to
build the driver and using WITH_NETCF to identify that we're wanting to
use the netcf library as the backend.

* configure.ac: Added with_interface
* src/interface/netcf_driver.c: Renamed..
* src/interface/interface_backend_netcf.c: ..to this to match storage.
* src/interface/netcf_driver.h: Renamed..
* src/interface/interface_driver.h: ..to this.
* daemon/Makefile.am: Respect WITH_INTERFACE and WITH_NETCF.
* libvirt.spec.in: Add RPM support for --with-interface
2012-09-19 08:27:01 -06:00
Eric Blake
fd66ea669c bitmap: fix problems in previous commit
Commit ee3d3893 missed the fact that (unsigned char)<<(int)
is truncated to int, and therefore failed for any bitmap data
longer than four bytes.

Also, I failed to run 'make syntax-check' on my commit 4bba6579;
for whatever odd reason, ffs lives in a different header than ffsl.

* src/util/bitmap.c (virBitmapNewData): Use correct shift type.
(includes): Glibc (and therefore gnulib) decided ffs is in
<strings.h>, but ffsl is in <string.h>.
* tests/virbitmaptest.c (test5): Test it.
2012-09-18 17:47:06 -06:00
Ján Tomko
587632ffeb qemuhelptest: convert runaway tab to spaces
Make syntax-check happy and smiling again.
2012-09-18 11:47:12 +02:00
Ján Tomko
76345dd43a tests: add qemu-1.2.0 help data
Generated with:

qemu-system-x86_64 -help >tests/qemuhelpdata/qemu-1.2.0
qemu-system-x86_64 \
    -device ? \
    -device pci-assign,? \
    -device virtio-blk-pci,? \
    -device virtio-net-pci,? \
    -device scsi-disk,? 2>tests/qemuhelpdata/qemu-1.2.0-device
2012-09-18 15:43:28 +08:00
Osier Yang
6e73850b01 qemu: Use disk wwn in qemu command line
All of ide-drive, ide-hd, ide-cd, scsi-disk, scsi-hd, and scsi-cd
supports wwn property. (NB, scsi-block doesn't support to set wwn).

* src/qemu/qemu_command.c: Error out if underlying QEMU doesn't
support wwn property for the device; Set wwn for the device otherwise.

* tests/qemuxml2argvdata/qemuxml2argv-disk-ide-wwn.args: New test
* tests/qemuxml2argvdata/qemuxml2argv-disk-ide-wwn.xml: Likewise
* tests/qemuxml2argvdata/qemuxml2argv-disk-scsi-disk-wwn.args: Likewise
* tests/qemuxml2argvdata/qemuxml2argv-disk-scsi-disk-wwn.xml: Likewise
* tests/qemuxml2argvtest.c: Add the new tests.
2012-09-18 15:00:01 +08:00
Hu Tao
ee7d23ba4b use virBitmap to store cpumask info. 2012-09-17 14:59:37 -04:00
Hu Tao
0fc89098a6 New functions for virBitmap
In many places we store bitmap info in a chunk of data
(pointed to by a char *), and have redundant codes to
set/unset bits. This patch extends virBitmap, and convert
those codes to use virBitmap in subsequent patches.
2012-09-17 14:59:36 -04:00
Daniel P. Berrange
a55a610b30 Fix 3 broken test cases which were mistakenly raising errors
Several test cases were mistakenly raising errors due to the
QEMU_CAPS_KVM flag being missed.
2012-09-14 17:15:31 +01:00
Martin Kletzander
fbf9aa12c7 qemu: Add support for EOI with APIC
This patch adds full support for EOI setting for domains. Because this
is CPU feature (flag), the model needs to be added even when it's not
specified. Fortunately this problem was already solved with kvmclock,
so this patch simply abuses that.

And due to the size of the patch (17 lines) I dared to include the tests.
2012-09-14 08:32:56 +02:00
Dmitry Guryanov
a62116de32 parallels: implement containers creation
Add separate function parallelsCreateCt, which creates container.
Also add example xml configuration domain-parallels-ct-simple.xml.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2012-09-13 21:19:58 +08:00
Daniel P. Berrange
beac09fd68 Turn QEMU capabilities object into a full virObjectPtr
The current qemu capabilities are stored in a virBitmapPtr
object, whose type is exposed to callers. We want to store
more data besides just the flags, so we need to move to a
struct type. This object will also need to be reference
counted, since we'll be maintaining a cache of data per
binary. This change introduces a 'qemuCapsPtr' virObject
class. Most of the change is just renaming types and
variables in all the callers

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-13 12:24:12 +01:00
Daniel P. Berrange
985a321ac0 Wait to receive QMP greeting before sending any monitor commands
Technically speaking we should wait until we receive the QMP
greeting message before attempting to send any QMP monitor
commands. Mostly we've got away with this, but there is a race
in some QEMU which cause it to SEGV if you sent it data too
soon after startup. Waiting for the QMP greeting avoids the
race

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-13 11:44:05 +01:00
Guannan Ren
1c9d485dda test: add xml2argvtest for usb-redir filter and update xml schema 2012-09-13 17:22:37 +08:00
Eric Blake
a20f06d9d9 build: avoid confusing make with raw name 'undefine'
Make has a builtin operator 'undefine', and coupled with latest
automake.git, this test name ended up confusing make into thinking
the file name was meant to be used as the make operator.  Renaming
the file avoids the confusion.

* tests/undefine: Rename...
* tests/virsh-undefine: ...to this.
* tests/Makefile.am (test_scripts): Use new name.
Reported by Jim Meyering.
2012-09-12 11:27:22 -06:00
Daniel P. Berrange
48d112210d Introduce a test suite for the JSON monitor
Take advantage of the previously added monitor helpers to
create a test suite for the QEMU JSON monitor impl. As a
proof of concept, this tests the 'qemuMonitorGetStatus'
implementation

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-07 13:18:09 +01:00
Daniel P. Berrange
8d78fd04be Add helper library for testing the qemu monitor code
To be able to test the QEMU monitor code, we need to have a fake
QEMU monitor server. This introduces a simple (dumb) framework
that can do this. The test case registers a series of items to
be sent back as replies to commands that will be executed. A
thread runs the event loop looking for incoming replies and
sending back this pre-registered data. This allows testing all
QEMU monitor code that deals with parsing responses and errors
from QEMU, without needing QEMU around

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-07 13:18:04 +01:00
Gene Czarcinski
f20b7dbe63 remove dnsmasq command line parameter "--filterwin2k"
This patch removed the "--filterwin2k" dnsmasq command line
parameter which was unnecessary for domain specification,
possibly blocked some usage, and was command line clutter.

Gene Czarcinski <gene@czarc.net>
2012-09-06 10:59:33 -06:00
Eric Blake
5d3b65f96b build: avoid test failure when sasl was not compiled in
On systems without cyrus-sasl-devel available (I happened to be
in that situation on my FreeBSD testing), this test fails rather
miserably:

TEST: libvirtdconftest
      .....!!!!!!...!!!!!!!!!!!!!!!!!!!!!!!!!  39  FAIL
FAIL: libvirtdconftest

with verbose output showing things like:

39) Test corruption                                          ... libvir: Config File error : unsupporeted configuration: remoteReadConfigFile: /usr/home/dummy/libvirt/tests/../daemon/libvirtd.conf: auth_tcp: unsupported auth sasl

* tests/libvirtdconftest.c (testCorrupt): Avoid failure when sasl
is missing.
2012-09-05 15:02:01 -06:00
Viktor Mihajlovski
72f1f2206e Rename iolimit to blockio.
After discussion with DB we decided to rename the new iolimit
element as it creates the impression it would be there to
limit (i.e. throttle) I/O instead of specifying immutable
characteristics of a block device.
This is also backed by the fact that the term I/O Limits has
vanished from newer storage admin documentation.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-09-04 09:14:36 -06:00
Daniel P. Berrange
8675406cea Fix mingw64 build by using intptr_t for int->void* casts
The viratomictest.c was casting from an int to a void* via a
long. This works on Linux or Mingw32, but fails on Mingw64
due to a pointer/integer size mis-match. Replacing 'long'
with 'intptr_t' ensures matching type sizes
2012-09-04 11:16:55 +01:00
Martin Kletzander
65c4ae93b5 tests: Add tests for qemu S3/S4 state configuration
Few tests were added which are checking whether the parsing of the xml
and command-line arguments is working and compatible with each other.
2012-09-03 09:32:45 +02:00
Viktor Mihajlovski
277a49bce7 qemu: Support for Block Device IO Limits.
Implementation of iolimits for the qemu driver with
capability probing for block size attribute and
command line generation for block sizes.
Including testcase for qemuxml2argvtest.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-08-31 11:27:47 -07:00
Eric Blake
54e99644bf command: shell-quote when logging commands
Without this patch, logged command executions can be ambiguous if
the command contained any shell metacharacters.  This has caused
more than one person to attempt to patch clients to add unnecessary
quoting, without realizing that the command itself was run with
correct args, and only the logged output was ambiguous.

* src/util/command.c (virCommandToString): Add shell escapes.
* tests/commandtest.c (test16): Test new behavior.
* tests/commanddata/test16.log: Update expected output.
* tests/qemuxml2argvdata/qemuxml2argv-*.args: Likewise.
* tests/networkxml2argvdata/*.argv: Likewise.
2012-08-31 08:10:58 -07:00
Gene Czarcinski
f3868259ca dnsmasq: avoid forwarding queries without a domain
dnsmasq is forwarding a number of queries upstream that should not
be done.  There still remains an MX query for a plain name with no
domain specified that will be forwarded is dnsmasq has --domain=xxx
--local=/xxx/ specified. This does not happen with no domain name
and --local=// ... not a libvirt problem.

BTW, thanks again to Claudio Bley!
2012-08-22 11:36:39 -06:00
Tang Chen
19630db3e3 Support emulatorpin xml parse.
This patch adds a new xml element <emulatorpin>, which is a sibling
to the existing <vcpupin> element under the <cputune>, to pin emulator
threads to specified physical CPUs.

Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
2012-08-22 15:51:23 +08:00
J.B. Joret
a46af26004 qemu: Disk Geometry Override Support
Qemu command line generation for geometry override and testcases.

Signed-off-by: J.B. Joret <jb@linux.vnet.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-08-21 15:35:48 -06:00
Eric Blake
1a4379cb21 build: split driver_storage into convenience library
Commit 1d22ba95 was complete at the time, but we have since
reintroduced a warning that is fixed in the same manner:

  CCLD   storagebackendsheepdogtest

*** Warning: Linking the executable storagebackendsheepdogtest against the loadable module
*** libvirt_driver_storage.so is not portable!

* src/Makefile.am (libvirt_driver_storage.la): Factor into new
convenience library libvirt_driver_storage_impl.la.
* tests/Makefile.am (storagebackendsheepdogtest_LDADD): Link to
convenience library, not shared library.
2012-08-21 09:44:14 -06:00
Daniel P. Berrange
9136032a66 Add test case for SELinux label generation
This test case validates the correct generation of SELinux labels
for VMs, wrt the current process label. Since we can't actually
change the label of the test program process, we create a shared
library libsecurityselinuxhelper.so which overrides the getcon()
and setcon() libselinux.so functions. When started the test case
will check to see if LD_PRELOAD is set, and if not, it will
re-exec() itself setting LD_PRELOAD=libsecurityselinuxhelper.so

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-21 11:37:57 +01:00
Marcelo Cerri
e9377dda36 Multiple security drivers in XML data
This patch updates the domain and capability XML parser and formatter to
support more than one "seclabel" element for each domain and device. The
RNG schema and the tests related to this are also updated by this patch.

Signed-off-by: Marcelo Cerri <mhcerri@linux.vnet.ibm.com>
2012-08-20 19:13:33 +02:00
Shradha Shah
1446003419 conf: parser/formatter/rng for <forward mode='hostdev'>
This patch introduces the new forward mode='hostdev' along with
attribute managed. Includes updates to the network RNG and new xml
parser/formatter code.

Signed-off-by: Shradha Shah <sshah@solarflare.com>
2012-08-17 15:43:26 -04:00
Laine Stump
3f9274a524 conf: add <vlan> element to network and domain interface elements
The following config elements now support a <vlan> subelements:

within a domain: <interface>, and the <actual> subelement of <interface>
within a network: the toplevel, as well as any <portgroup>

Each vlan element must have one or more <tag id='n'/> subelements.  If
there is more than one tag, it is assumed that vlan trunking is being
requested. If trunking is required with only a single tag, the
attribute "trunk='yes'" should be added to the toplevel <vlan>
element.

Some examples:

  <interface type='hostdev'/>
    <vlan>
      <tag id='42'/>
    </vlan>
    <mac address='52:54:00:12:34:56'/>
    ...
  </interface>

  <network>
    <name>vlan-net</name>
    <vlan trunk='yes'>
      <tag id='30'/>
    </vlan>
    <virtualport type='openvswitch'/>
  </network>

  <interface type='network'/>
    <source network='vlan-net'/>
    ...
  </interface>

  <network>
    <name>trunk-vlan</name>
    <vlan>
      <tag id='42'/>
      <tag id='43'/>
    </vlan>
    ...
  </network>

  <network>
    <name>multi</name>
    ...
    <portgroup name='production'/>
      <vlan>
        <tag id='42'/>
      </vlan>
    </portgroup>
    <portgroup name='test'/>
      <vlan>
        <tag id='666'/>
      </vlan>
    </portgroup>
  </network>

  <interface type='network'/>
    <source network='multi' portgroup='test'/>
    ...
  </interface>

IMPORTANT NOTE: As of this patch there is no backend support for the
vlan element for *any* network device type. When support is added in
later patches, it will only be for those select network types that
support setting up a vlan on the host side, without the guest's
involvement. (For example, it will be possible to configure a vlan for
a guest connected to an openvswitch bridge, but it won't be possible
to do that for one that is connected to a standard Linux host bridge.)
2012-08-15 13:10:57 -04:00
Dmitry Guryanov
9700ca82fe parallels: add domain configuration example
Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2012-08-15 16:39:40 +08:00
Laine Stump
4af3cbafdd conf: support partially-specified <virtualport> in parser and formatter
Until now, all attributes in a <virtualport> parameter list that were
acceptable for a particular type, were also required. There were no
optional attributes.

One of the aims of supporting <virtualport> in libvirt's virtual
networks and portgroups is to allow specifying the group-wide
parameters in the network's virtualport, and merge that with the
interface's virtualport, which will have the instance-specific info
(i.e. the interfaceid or instanceid).

Additionally, the guest's interface XML shouldn't need to know what
type of network connection will be used prior to runtime - it could be
openvswitch, 802.1Qbh, 802.1Qbg, or none of the above - but should
still be able to specify instance-specific info just in case it turns
out to be applicable.

Finally, up to now, the parser for virtualport has always generated a
random instanceid/interfaceid when appropriate, making it impossible
to leave it blank (which is what's required for virtualports within a
network/portprofile definition).

This patch modifies the parser and formatter of the <virtualport>
element in the following ways:

* because most of the attributes in a virNetDevVPortProfile are fixed
  size binary data with no reserved values, there is no way to embed a
  "this value wasn't specified" sentinel into the existing data. To
  solve this problem, the new *_specified fields in the
  virNetDevVPortProfile object that were added in a previous patch of
  this series are now set when the corresponding attribute is present
  during the parse.

* allow parsing/formatting a <virtualport> that has no type set. In
  this case, all fields are settable, but all are also optional.

* add a GENERATE_MISSING_DEFAULTS flag to the parser - if this flag is
  set and an instanceid/interfaceid is expected but not provided, a
  random one will be generated. This was previously the default
  behavior, but is now done only for virtualports inside an
  <interface> definition, not for those in <network> or <portgroup>.

* add a REQUIRE_ALL_ATTRIBUTES flag to the parser - if this flag is
  set the parser will call the new
  virNetDevVPortProfileCheckComplete() functions at the end of the
  parser to check for any missing attributes (based on type), and
  return failure if anything is missing. This used to be default
  behavior. Now it is only used for the virtualport defined inside an
  interface's <actual> element (by the time you've figured out the
  contents of <actual>, you should have all the necessary data to fill
  in the entire virtualport)

* add a REQUIRE_TYPE flag to the parser - if this flag is set, the
  parser will return an error if the virtualport has no type
  attribute. This also was previously the default behavior, but isn't
  needed in the case of the virtualport for a type='network' interface
  (i.e. the exact type isn't yet known), or the virtualport of a
  portgroup (i.e. the portgroup just has modifiers for the network's
  virtualport, which *does* require a type) - in those cases, the
  check will be done at domain startup, once the final virtualport is
  assembled (this is handled in the next patch).
2012-08-14 15:47:50 -04:00
Eric Blake
a40f9e9a59 maint: drop a leftover comment line
* tests/viratomictest.c: Fix copy-and-paste bug.
2012-08-14 11:39:56 -06:00
Eric Blake
51ee43aa55 build: fix PROBE() usage of intptr_t
Otherwise, in locations like virobject.c where PROBE is used,
for certain configure options, the compiler warns:

util/virobject.c:110:1: error: 'intptr_t' undeclared (first use in this function)

As long as we are making this header always available, we can
clean up several other files.

* src/internal.h (includes): Pull in <stdint.h>.
* src/conf/nwfilter_conf.h: Rely on internal.h.
* src/storage/storage_backend.c: Likewise.
* src/storage/storage_backend.h: Likewise.
* src/util/cgroup.c: Likewise.
* src/util/sexpr.h: Likewise.
* src/util/virhashcode.h: Likewise.
* src/util/virnetdevvportprofile.h: Likewise.
* src/util/virnetlink.h: Likewise.
* src/util/virrandom.h: Likewise.
* src/vbox/vbox_driver.c: Likewise.
* src/xenapi/xenapi_driver.c: Likewise.
* src/xenapi/xenapi_utils.c: Likewise.
* src/xenapi/xenapi_utils.h: Likewise.
* src/xenxs/xenxs_private.h: Likewise.
* tests/storagebackendsheepdogtest.c: Likewise.
2012-08-09 15:40:42 -06:00
Guannan Ren
015c603bcd qemu: add two qemu caps for lsi and virtio-scsi SCSI controllers
Rename qemuDefaultScsiControllerModel to qemuCheckScsiControllerModel.
When scsi model is given explicitly in XML(model > 0) checking if the
underlying QEMU supports it or not first, raise an error on checking
failure.
When the model is not given(mode <= 0), return LSI by default, if
the QEMU doesn't support it, raise an error.
2012-08-08 15:06:33 +08:00
Guannan Ren
8694c716ae qemu: add capabilities flags related to scsi controller
QEMU_CAPS_SCSI_LSI
    set the flag when "lsi53c895a", bus PCI, alias "lsi" in
    the output of "qemu -device ?"
    -device lsi in qemu command line

  QEMU_CAPS_VIRTIO_SCSI_PCI
    set the flag when "name "virtio-scsi-pci", bus PCI" in
    the output of qemu devices query.
    -device virtio-scsi-pci in qemu command line
2012-08-08 14:25:24 +08:00
Daniel P. Berrange
7c1119e3bb Set LIBVIRT_AUTOSTART=0 when running test suites
Occasionally some test cases will (accidentally) try to spawn
libvirtd. Set the LIBVIRT_AUTOSTART=0 environment variable to
ensure the remote driver never tries autostart.
2012-08-07 14:58:17 +01:00
Daniel P. Berrange
f9456b0160 Don't check the 'connect' command in virsh-all test
The 'virsh-all' test case will invoke each virsh command with
no args. With the 'connect' command this causes virsh to try
to connect to the default URI, which in turn tries to spawn
libvirtd. This is not something we want todo in the test suite,
so skip the 'connect' command.
2012-08-07 11:59:08 +01:00
Daniel P. Berrange
410a5dac42 Turn virSocket into a virObject
Make virSocket use the virObject APIs for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange
e10e1969d5 Turn virNetTLSContext and virNetTLSSession into virObject instances
Make virNetTLSContext and virNetTLSSession use the virObject
APIs for reference counting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Daniel P. Berrange
46ec5f85c8 Convert public datatypes to inherit from virObject
This converts the following public API datatypes to use the
virObject infrastructure:

  virConnectPtr
  virDomainPtr
  virDomainSnapshotPtr
  virInterfacePtr
  virNetworkPtr
  virNodeDevicePtr
  virNWFilterPtr
  virSecretPtr
  virStreamPtr
  virStorageVolPtr
  virStoragePoolPtr

The code is significantly simplified, since the mutex in the
virConnectPtr object now only needs to be held when accessing
the per-connection virError object instance. All other operations
are completely lock free.

* src/datatypes.c, src/datatypes.h, src/libvirt.c: Convert
  public datatypes to use virObject
* src/conf/domain_event.c, src/phyp/phyp_driver.c,
  src/qemu/qemu_command.c, src/qemu/qemu_migration.c,
  src/qemu/qemu_process.c, src/storage/storage_driver.c,
  src/vbox/vbox_tmpl.c, src/xen/xend_internal.c,
  tests/qemuxml2argvtest.c, tests/qemuxmlnstest.c,
  tests/sexpr2xmltest.c, tests/xmconfigtest.c: Convert
  to use virObjectUnref/virObjectRef

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-07 11:47:41 +01:00
Richa Marwaha
756fe7868b Add -netdev bridge capabilities
This patch adds the capability in libvirt to check if
-netdev bridge option is supported or not.

Signed-off-by: Richa Marwaha <rmarwah@linux.vnet.ibm.com>
Signed-off-by: Corey Bryant<coreyb@linux.vnet.ibm.com>
2012-08-06 16:56:59 +02:00
Eric Blake
87de27b7f9 virrandom: make virRandomInitialize an automatic one-shot
All callers used the same initialization seed (well, the new
viratomictest forgot to look at getpid()); so we might as well
make this value automatic.  And while it may feel like we are
giving up functionality, I documented how to get it back in the
unlikely case that you actually need to debug with a fixed
pseudo-random sequence.  I left that crippled by default, so
that a stray environment variable doesn't cause a lack of
randomness to become a security issue.

* src/util/virrandom.c (virRandomInitialize): Rename...
(virRandomOnceInit): ...and make static, with one-shot call.
Document how to do fixed-seed debugging.
* src/util/virrandom.h (virRandomInitialize): Drop prototype.
* src/libvirt_private.syms (virrandom.h): Don't export it.
* src/libvirt.c (virInitialize): Adjust caller.
* src/lxc/lxc_controller.c (main): Likewise.
* src/security/virt-aa-helper.c (main): Likewise.
* src/util/iohelper.c (main): Likewise.
* tests/seclabeltest.c (main): Likewise.
* tests/testutils.c (virtTestMain): Likewise.
* tests/viratomictest.c (mymain): Likewise.
2012-08-06 08:15:13 -06:00
Laine Stump
86d56e3104 build: fix "make rpm"
make rpm was failing with the following error:

Entering directory `/home/laine/devel/libvirt/tests'
make[2]: *** No rule to make target `viratomicdata.h',
             needed by `distdir'.  Stop.

viratomicdata.h is listed in tests/Makefile.am as a dependency of
viratomictest, but doesn't exist, is never referenced, and removing
that dependency permits make rpm to complete successfully.
2012-08-03 10:38:24 -04:00
Hendrik Schwartke
7383c1d762 Added timestamps to storage volumes
The access, birth, modification and change times are added to
storage volumes and corresponding xml representations.  This
shows up in the XML in this format:

<timestamps>
  <atime>1341933637.027319099</atime>
  <mtime>1341933637.027319099</mtime>
</timestamps>

Signed-off-by: Eric Blake <eblake@redhat.com>
2012-08-02 17:14:17 -06:00
Ján Tomko
37a10129c2 Update xml schemas according to libvirt source
capability.rng: Guest features can be in any order.
nodedev.rng: Added <driver> element, <capability> phys_function and
virt_functions for PCI devices.
storagepool.rng: Owner or group ID can be -1.

schema tests: New capabilities and nodedev files; changed owner and
group to -1 in pool-dir.xml.
storage_conf: Print uid_t and gid_t as signed to storage pool XML.
2012-08-02 14:36:23 -06:00
Jiri Denemark
2f2ca02195 build: Link security manager into libvirt.so
Security manager is not a dynamically loadable driver, it's a common
infrastructure similar to util, conf, cpu, etc. used by individual
drivers. Such code is allowed to be linked into libvirt.so.

This reverts commit ec5b7bd2ec and most of
aae5cfb699.

This patch is supposed to fix virdrivermoduletest failures for qemu and
lxc drivers as well as libvirtd's ability to load qemu and lxc drivers.
2012-08-02 16:17:00 +02:00
Daniel P. Berrange
0c9fd4cfe9 Rewrite virAtomic APIs using GLib's atomic ops code
There are a few issues with the current virAtomic APIs

 - They require use of a virAtomicInt struct instead of a plain
   int type
 - Several of the methods do not implement memory barriers
 - The methods do not implement compiler re-ordering barriers
 - There is no Win32 native impl

The GLib library has a nice LGPLv2+ licensed impl of atomic
ops that works with GCC, Win32, or pthreads.h that addresses
all these problems. The main downside to their code is that
the pthreads impl uses a single global mutex, instead of
a per-variable mutex. Given that it does have a Win32 impl
though, we don't expect anyone to seriously use the pthread.h
impl, so this downside is not significant.

* .gitignore: Ignore test case
* configure.ac: Check for which atomic ops impl to use
* src/Makefile.am: Add viratomic.c
* src/nwfilter/nwfilter_dhcpsnoop.c: Switch to new atomic
  ops APIs and plain int datatype
* src/util/viratomic.h: inline impls of all atomic ops
  for GCC, Win32 and pthreads
* src/util/viratomic.c: Global pthreads mutex for atomic
  ops
* tests/viratomictest.c: Test validate to validate safety
  of atomic ops.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-08-02 11:50:59 +01:00
Peter Krempa
fbe871263c qemu: Add support for "none" USB controller
This patch enables the "none" USB controller for qemu guests and adds
valdiation on hot-plugged devices if the guest has USB disabled.

This patch also adds a set of tests to check parsing of domain XMLs that
use the "none" controller and some forbidden situations concerning it.
2012-08-02 12:13:48 +02:00
Daniel P. Berrange
aae5cfb699 Don't link nwfilter or secrets driver to libvirt.so
The nwfilter and secrets drivers are both stateful and are already
linked directly to libvirtd. Linking them to libvirt.so is thus
wrong, likewise exporting their symbols in libvirt.so is wrong
2012-07-31 17:49:41 +01:00
Daniel P. Berrange
92c5924a05 Remove tabs from all perl files & enforce this
The cfg.mk file rule to check for tab characters was not
applied to perl files. Much of our Perl code is full of
tabs as a result. Kill them, kill them all !
2012-07-30 13:09:57 +01:00
Eric Blake
3ad13c92a7 maint: avoid regression on copyright listings
Commit f9ce7dad6 tried to kill uses of a raw street address, but
missed a few instances.  Automate things so we don't introduce
new problems in the future.

* cfg.mk (sc_copyright_address): New rule.
(exclude_file_name_regexp--sc_copyright_address): Add exemption.
* bootstrap.conf: Adjust offenders.
* build-aux/augeas-gentest.pl: Likewise.
* examples/systemtap/events.stp: Likewise.
* examples/systemtap/qemu-monitor.stp: Likewise.
* examples/systemtap/rpc-monitor.stp: Likewise.
* src/dtrace2systemtap.pl: Likewise.
* src/esx/esx_vi_generator.py: Likewise.
* src/hyperv/hyperv_wmi_generator.py: Likewise.
* src/remote/qemu_protocol.x: Likewise.
* src/remote/remote_protocol.x: Likewise.
* src/rpc/gensystemtap.pl: Likewise.
* src/rpc/virnetprotocol.x: Likewise.
* tests/object-locking.ml: Likewise.
* tools/virt-xml-validate.in: Likewise.
2012-07-27 07:42:34 -06:00
Osier Yang
a4bcefbcff maint: Use consistent copyright.
This is a follow up patch of commit f9ce7dad6, it modifies all
the files which declare the copyright like "See COPYING.LIB for
the License of this software" to use the detailed/consistent one.

And deserts the outdated comments like:

 * libvirt-qemu.h:
 * Summary: qemu specific interfaces
 * Description: Provides the interfaces of the libvirt library to handle
 *              qemu specific methods
 *
 * Copy:  Copyright (C) 2010, 2012 Red Hat, Inc.

Uses the more compact style like:

 * libvirt-qemu.h: Interfaces specific for QEMU/KVM driver
 *
 * Copyright (C) 2010, 2012 Red Hat, Inc.
2012-07-27 18:27:21 +08:00
Osier Yang
98518178a2 daemon: Fix the wrong macro name
WITH_INTERFACE is not defined, it should be WITH_NETCF there to load
the interface driver.

Eric posted patch weeks ago to resolve the problems in the whole
build system, but it's not finalised yet:

https://www.redhat.com/archives/libvir-list/2012-June/msg01299.html

I'm going to simply fix the wrong macro name here so that the
interface driver could loaded, and continue the work on the listing
API for interface driver.
2012-07-24 15:45:20 -06:00
Peter Krempa
fa54d2a823 tests: Add support for catching domain XML parsing errors
This patch enhances qemuxml2argvtest to deal with semantically incorrect
domain XMLs, that generate errors while parsing.

This patch cleans up macros that invoke the tests and changes boolean
flags to a bit array flag variable.
2012-07-23 13:46:53 +02:00
Doug Goldstein
faffe26909 Fix test failure when no IPv6 is avail
When the system doesn't have IPv6 available (e.g. not built into the
kernel or the module isn't loaded), you can not create an IPv6 socket.
The test determines earlier on that IPv6 isn't available then goes and
creates a socket. This makes socket creation conditional on IPv6
availability.
2012-07-23 10:37:01 +02:00
Osier Yang
f9ce7dad60 Desert the FSF address in copyright
Per the FSF address could be changed from time to time, and GNU
recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)

  You should have received a copy of the GNU General Public License
  along with Foobar.  If not, see <http://www.gnu.org/licenses/>.

This patch removes the explicit FSF address, and uses above instead
(of course, with inserting 'Lesser' before 'General').

Except a bunch of files for security driver, all others are changed
automatically, the copyright for securify files are not complete,
that's why to do it manually:

  src/security/security_selinux.h
  src/security/security_driver.h
  src/security/security_selinux.c
  src/security/security_apparmor.h
  src/security/security_apparmor.c
  src/security/security_driver.c
2012-07-23 10:50:50 +08:00
Jean-Baptiste Rouault
d4611c0ee3 vmx: handle shared folders parsing
This patch adds support for parsing vmx files with
shared folders enabled.

Update test suite accordingly.
2012-07-21 20:15:02 +02:00
Jean-Baptiste Rouault
1f2bd1072a vmx: handle shared folders formatting
This patch adds support for generating vmx files with
shared folders enabled.

Update test suite accordingly.
2012-07-21 19:45:02 +02:00
Eric Blake
df80282dab tests: reduce length of nodeinfodata test names
Commit ddd6bef4 switched to the ustar format to fix an issue where
'make dist' fails to create a tarball because we have files with
relative names longer than 100 bytes by the time you include a
'libvirt-0.9.13' prefix.  Unfortunately, even with ustar format,
the use of 'tar -ch' tries to convert symlinks to hard links,
also with a name too long (omitting the -h works, but automake
automatically passes -h); such symlinks were added in commit
6dcf98c, which resulted in 'make dist' breaking again.  The
solution is to rename the offending symlinks to something shorter,
by shortening the entire nodeinfodata naming scheme.

* tests/nodeinfotest.c (mymain): Shorten test names.
(linuxTestNodeInfo): Accommodate new names.
* tests/nodeinfodata/*: Rename files accordingly.
2012-07-20 15:36:11 -06:00
Eric Blake
a22a36e8fe tests: avoid seclabeltest crash
Commit a56c347 introduced a use of random numbers into seclabel
handling, but failed to initialize the random number generator
in the testsuite.  Also, fail with usual status, not 255.

* tests/seclabeltest.c (main): Initialize randomness.
2012-07-20 15:04:23 -06:00
Eric Blake
03e0ec10b4 nodeinfo: deal with offline cpus in a node
Commit 80533ca forgot to think about offline cpus.  When a node
cpu is offline, then its topology/ subdirectory is not present,
leading to spurious error messages leaked to the user such as:

libvir:  error : cannot open /home/dummy/libvirt/tests/nodeinfodata/linux-nodeinfo-sysfs-test-6/node/node0/cpu7/topology/physical_package_id: No such file or directory

Fix that, as well as test it; the test data is gathered from a
machine with one NUMA node, hyperthreading, and with 2 of the
8 cpus offline.

* src/nodeinfo.c (virNodeParseNode): Don't parse topology of
offline cpus.
* tests/nodeinfotest.c (mymain): Run new test.
* tests/nodeinfodata/linux-nodeinfo-sysfs-test-6*: New data.
2012-07-18 17:11:42 -06:00
Sebastian Wiedenroth
29bc4fe646 Add a sheepdog backend for the storage driver
This patch brings support to manage sheepdog pools and volumes to libvirt.
It uses the "collie" command-line utility that comes with sheepdog for that.

A sheepdog pool in libvirt maps to a sheepdog cluster.
It needs a host and port to connect to, which in most cases
is just going to be the default of localhost on port 7000.

A sheepdog volume in libvirt maps to a sheepdog vdi.
To create one specify the pool, a name and the capacity.
Volumes can also be resized later.

In the volume XML the vdi name has to be put into the <target><path>.
To use the volume as a disk source for virtual machines specify
the vdi name as "name" attribute of the <source>.
The host and port information from the pool are specified inside the host tag.

  <disk type='network'>
    ...
    <source protocol="sheepdog" name="vdi_name">
      <host name="localhost" port="7000"/>
    </source>
  </disk>

To work right this patch parses the output of collie,
so it relies on the raw output option. There recently was a bug which caused
size information to be reported wrong. This is fixed upstream already and
will be in the next release.

Signed-off-by: Sebastian Wiedenroth <wiedi@frubar.net>
2012-07-18 20:08:27 +01:00
Peter Krempa
7ea1dd93aa test: Add test case for nodeinfotest if host machine doesn't have NUMA
Test filling of nodeinfo structure if /sys/devices/system/node does not
exist. (Based on dump from a real machine)
2012-07-11 15:40:37 +02:00
Peter Krempa
1aa1a45b0a test: Add new test case for nodeinfotest
This patch adds test data that describe a machine that has two physical
processors that don't share same core id's on their cores. On this data
the "virsh nodeinfo" reported that the machine had 10 cores per socket
while the processor had only 8. (Before fixing nodeinfo gathering code).
2012-07-11 15:36:26 +02:00
Peter Krempa
80533ca25d nodeinfo: Fix gathering of nodeinfo data structure
This patch changes the way data to fill the nodeinfo structure are
gathered. We've gathere the test data by iterating processors an sockets
separately from nodes. The reported data was based solely on information
about core id. Problems arise when eg cores in mulit-processor machines
don't have same id's on both processors or maybe one physical processor
contains more NUMA nodes.

This patch changes the approach how we detect processors and nodes. Now
we start at enumerating nodes and for each node processors, sockets and
threads are enumerated separately. This approach provides acurate data
that comply to docs about the nodeinfo structure. This also enables to
get rid of hacks: see commits 10d9038b74,
ac9dd4a676. (Those changes in nodeinfo.c
are efectively reverted by this patch).

This patch also changes output of one of the tests, as the processor
topology is now acquired more precisely.
2012-07-11 15:32:19 +02:00
Peter Krempa
6dcf98c822 nodeinfo_test: Enhance test data before changing nodeinfo gathering
This patch adds test data needed by the new way node information will be
gathered. This patch adds symlinks to cpu cores to their corresponding
node directory.
2012-07-11 15:16:36 +02:00
Viktor Mihajlovski
028ba4f375 S390: Adding testcases for s390
Add minimal s390-virtio domain testcase and testcases for virtio serial,
net, disk for the virtio-s390 bus.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-07-11 11:19:05 +02:00
Viktor Mihajlovski
6e15887f30 qemu: Change tests to use (modified) qemuDomainAssignAddresses
Rewrote the device assignment parts in tests to use qemuDomainAssignAddresses.
This way the tests will work for new device address types as they show
up in the future (like s390 device types).

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-07-11 11:19:05 +02:00
Christophe Fergeau
626dd5180e Fix /domain/features setting in qemuParseCommandLine
Commit 5e6ce1 moved down detection of the ACPI feature in
qemuParseCommandLine. However, when ACPI is detected, it clears
all feature flags in def->features to only set ACPI. This used to
be fine because this was the first place were def->features was set,
but after the move this is no longer necessarily true because this
block comes before the ACPI check:

if (strstr(def->emulator, "kvm")) {
    def->virtType = VIR_DOMAIN_VIRT_KVM;
    def->features |= (1 << VIR_DOMAIN_FEATURE_PAE);
}

Since def is allocated in qemuParseCommandLine using VIR_ALLOC, we
can always use |= when modifying def->features
2012-07-11 09:10:21 +02:00
Daniel Veillard
c47a8aec53 Fix one test regression on auth Ceph support
The extra data need to be added to one test case
2012-07-05 17:56:23 +08:00
Hendrik Schwartke
a3389319ba Added the attribute vendor_id to the cpu model
Introducing the attribute vendor_id to force the CPUID instruction
in a kvm guest to return the specified vendor.
2012-07-03 12:06:38 +02:00
Peter Krempa
11bdab02c2 maint: include ignore-value in internal.h
The ignore_value macro is used across libvirt. This patch includes it in
the internal header and cleans all other includes.
2012-06-28 16:36:30 +02:00
Gerd Hoffmann
fd4fd420b4 qemu: Add xhci support
qemu 1.1 features a xhci controller,
this patch adds support for it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-06-21 16:33:00 +02:00
Eric Blake
9202f2c220 buf: support peeking at string contents
Right now, the only way to get at the contents of a virBuffer is
to destroy it.  But there are cases in my upcoming patches where
peeking at the contents makes life easier.  I suppose this does
open up the potential for bad code to dereference a stale pointer,
by disregarding the docs that the return value is invalid on the
next virBuf operation, but such is life.

* src/util/buf.h (virBufferCurrentContent): New declaration.
* src/util/buf.c (virBufferCurrentContent): Implement it.
* src/libvirt_private.syms (buf.h): Export it.
* tests/virbuftest.c (testBufAutoIndent): Test it.
2012-06-11 09:21:27 -06:00
Guido Günther
2d98c68662 msg_buf_size is unsigned long not size_t
This fixes the build on 32bit systems which otherwise fails with:

virnetmessagetest.c: In function 'testMessageHeaderEncode':
virnetmessagetest.c:75:9: error: format '%zu' expects argument of type 'size_t', but argument 7 has type 'long unsigned int' [-Werror=format]
2012-06-10 20:43:30 +02:00
Michal Privoznik
a2c304f687 rpc: Switch to dynamically allocated message buffer
Currently, we are allocating buffer for RPC messages statically.
This is not such pain when RPC limits are small. However, if we want
ever to increase those limits, we need to allocate buffer dynamically,
based on RPC message len (= the first 4 bytes). Therefore we will
decrease our mem usage in most cases and still be flexible enough in
corner cases.
2012-06-05 17:48:40 +02:00
Jiri Denemark
ae953f5134 tests: Refresh qemu-1.1.0 data
QEMU 1.1.0 has been officially released. With 1.1.0 QEMU went back to
three-digits version even for the initial release and I renamed the data
files to match this fact. They were generated with

qemu-system-x86_64 -help >tests/qemuhelpdata/qemu-1.1.0
qemu-system-x86_64 \
    -device ? \
    -device pci-assign,? \
    -device virtio-blk-pci,? \
    -device virtio-net-pci,? \
    -device scsi-disk,? 2>tests/qemuhelpdata/qemu-1.1.0-device
2012-06-05 15:44:40 +02:00
Beat Jörg
7508338ff3 Fix for parallel port passthrough for QEMU
I came across a bug that the command line generated for passthrough
of the host parallel port /dev/parport0 by libvirt for QEMU is incorrect.

It currently produces:
-chardev tty,id=charparallel0,path=/dev/parport0
-device isa-parallel,chardev=charparallel0,id=parallel0

The first parameter is "tty". It sould be "parport".

If I launch qemu with -chardev parport,... it works as expected.

I have already filled a bug report (
https://bugzilla.redhat.com/show_bug.cgi?id=823879 ), the topic was
already on the list some months ago:

https://www.redhat.com/archives/libvirt-users/2011-September/msg00095.html

Signed-off-by: Eric Blake <eblake@redhat.com>
2012-06-04 16:46:23 -06:00
Eric Blake
858c2476d9 command: avoid deadlock on EPIPE situation
It is possible to deadlock libvirt by having a domain with XML
longer than PIPE_BUF, and by writing a hook script that closes
stdin early.  This is because libvirt was keeping a copy of the
child's stdin read fd open, which means the write fd in the
parent will never see EPIPE (remember, libvirt should always be
run with SIGPIPE ignored, so we should never get a SIGPIPE signal).
Since there is no error, libvirt blocks waiting for a write to
complete, even though the only reader is also libvirt.  The
solution is to ensure that only the child can act as a reader
before the parent does any writes; and then dealing with the
fallout of dealing with EPIPE.

Thankfully, this is not a security hole - since the only way to
trigger the deadlock is to install a custom hook script, anyone
that already has privileges to install a hook script already has
privileges to do any number of other equally disruptive things
to libvirt; it would only be a security hole if an unprivileged
user could install a hook script to DoS a privileged user.

* src/util/command.c (virCommandRun): Close parent's copy of child
read fd earlier.
(virCommandProcessIO): Don't let EPIPE be fatal; the child may
be done parsing input.
* tests/commandhelper.c (main): Set up a SIGPIPE situation.
* tests/commandtest.c (test20): Trigger it.
* tests/commanddata/test20.log: New file.
2012-06-04 13:06:07 -06:00
Marti Raudsepp
195fa214b6 qemu: move -name arg to be 1st in "ps x" output
Currently, monitoring QEMU virtual machines with standard Unix
sysadmin tools is harder than it has to be. The QEMU command line is
often miles long and mostly redundant, it's hard to tell which process
is which.

This patch reorders the QEMU -name argument to be the first, so it's
immediately visible in "ps x", htop and "atop -c" output.
2012-06-01 15:06:56 -06:00
Eric Blake
1d22ba953b build: silence libtool during tests
Libtool is picky about linking against a module library (aka a .so);
giving lots of warnings like this in the tests directory:

  CCLD   networkxml2argvtest

*** Warning: Linking the executable networkxml2argvtest against the loadable module
*** libvirt_driver_network.so is not portable!

Fix that by splitting things into a convenience library which can
be used directly by the tests, and making the real .so just wrap
the convenience library.

Based on a suggestion by Daniel P. Berrange.

* configure.ac (--with-driver-modules): Fix help test.
* src/Makefile.am (libvirt_driver_xen.la, libvirt_driver_libxl.la)
(libvirt_driver_qemu.la, libvirt_driver_lxc.la)
(libvirt_driver_uml.la): Factor into new convenience libraries.
* tests/Makefile.am (xen_LDADDS, qemu_LDADDS, lxc_LDADDS)
(networkxml2argvtest_LDADD): Link to convenience libraries, not
shared libraries.
2012-05-28 07:19:25 -06:00
Eric Blake
0159295d29 build: silence libtool warning on probes.o
Libtool supports linking directly against .o files on some platforms
(such as Linux), which happens to be the only place where we are
actually doing that (for the dtrace-generated probes.o files).  However,
it raises a big stink about the non-portability, even though we don't
attempt it on platforms where it would actually fail:

  CCLD   libvirt_driver_qemu.la

*** Warning: Linking the shared library libvirt_driver_qemu.la against
the non-libtool
*** objects  libvirt_qemu_probes.o is not portable!

This shuts libtool up by creating a proper .lo file that matches
what libtool normally expects.

* src/Makefile.am (%_probes.lo): New rule.
(libvirt_probes.stp, libvirt_qemu_probes.stp): Simplify into...
(%_probes.stp): ...shorter rule.
(CLEANFILES): Clean new .lo files.
(libvirt_la_BUILT_LIBADD, libvirt_driver_qemu_la_LIBADD)
(libvirt_lxc_LDADD, virt_aa_helper_LDADD): Link against .lo file.
* tests/Makefile.am (PROBES_O, qemu_LDADDS): Likewise.
2012-05-25 12:00:05 -06:00
Eric Blake
428fc2bf31 tests: run valgrind on real executables, not libtool wrappers
* tests/Makefile.am (valgrind): Use libtool's ability to bypass
libtool wrappers when running valgrind.
2012-05-24 21:20:15 -06:00
Eric Blake
ee40725510 tests: back to short test names
With the switch to modules by default, I was getting super long
test output:

TEST: /home/remote/eblake/libvirt/tests/.libs/lt-interfacexml2xmltest

compared to the former:

TEST: interfacexml2xmltest

* tests/testutils.c (virtTestMain): Trim off libtool goop.
2012-05-24 21:09:03 -06:00
Daniel P. Berrange
6976f9e851 Add test case for loading driver modules
To ensure all symbols used by loadable driver modules are
exported in libvirt.so, add a test suite that simply loads
each driver in turn

* tests/Makefile.am, tests/virdrivermoduletest.c: Add
  a test case for loading drivers

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:01 +01:00
Daniel P. Berrange
a4e45a06c0 Split QEMU dtrace probes into separate file
When building as driver modules, it is not possible for the QEMU
driver module to reference the DTrace/SystemTAP probes linked into
the main libvirt.so. Thus we need to move the QEMU probes into a
separate file 'libvirt_qemu_probes.d'. Also rename the existing
file from 'probes.d' to 'libvirt_probes.d' while we're at it

* daemon/Makefile.am, src/internal.h: Include libvirt_probes.h
  instead of probes.h
* src/Makefile.am: Add rules for libvirt_qemu_probes.d
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor_json.c,
  src/qemu/qemu_monitor_text.c: Include libvirt_qemu_probes.h
* src/libvirt_probes.d: Rename from probes.d
* src/libvirt_qemu_probes.d: QEMU specific probes formerly
  in probes.d

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:01 +01:00
Daniel P. Berrange
6cd4b1fe16 Remove libvirt_test.la library
The libvirt_test.la library was introduced to allow test suites
to reference internal-only symbols. These days, nearly every
symbol we care about is in src/libvirt_private.syms, so there
is no need for libvirt_test.la to continue to exist

* src/Makefile.am: Delete libvirt_test.la & add new .syms files
* src/libvirt_private.syms: Export symbols needed by test suite
* tests/Makefile.am: Link to libvirt_test.la. Ensure LXC tests link
  to network_driver.la
* src/libvirt_esx.syms, src/libvirt_openvz.syms: Add exports needed
  by test suite
2012-05-24 13:18:00 +01:00
Guido Günther
680ac813a5 openvz: support file system quota reporting 2012-05-24 11:35:02 +02:00
Eric Blake
cdb87b1c4b virBuffer: add way to trim back extra text
I'm tired of writing:

bool sep = false;
while (...) {
    if (sep)
       virBufferAddChar(buf, ',');
    sep = true;
    virBufferAdd(buf, str);
}

This makes it easier, allowing one to write:

while (...)
    virBufferAsprintf(buf, "%s,", str);
virBufferTrim(buf, ",", -1);

to trim any remaining comma.

* src/util/buf.h (virBufferTrim): Declare.
* src/util/buf.c (virBufferTrim): New function.
* tests/virbuftest.c (testBufTrim): Test it.
2012-05-21 16:01:43 -06:00
Wido den Hollander
74951eadef storage backend: Add RBD (RADOS Block Device) support
This patch adds support for a new storage backend with RBD support.

RBD is the RADOS Block Device and is part of the Ceph distributed storage
system.

It comes in two flavours: Qemu-RBD and Kernel RBD, this storage backend only
supports Qemu-RBD, thus limiting the use of this storage driver to Qemu only.

To function this backend relies on librbd and librados being present on the
local system.

The backend also supports Cephx authentication for safe authentication with
the Ceph cluster.

For storing credentials it uses the built-in secret mechanism of libvirt.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2012-05-21 12:37:38 -06:00
Stefan Berger
a3f3ab4c9c nwfilter: Add support for ipset
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule evaluation
to achieve higher throughput than what can be achieved with
individual iptables rules.

On the command line iptables supports ipset using

iptables ... -m set --match-set <ipset name> <flags> -j ...

where 'ipset name' is the name of a previously created ipset and
flags is a comma-separated list of up to 6 flags. Flags use 'src' and 'dst'
for selecting IP addresses, ports etc. from the source or
destination part of a packet. So a concrete example may look like this:

iptables -A INPUT -m set --match-set test src,src -j ACCEPT

Since ipset management is quite complex, the idea was to leave ipset 
management outside of libvirt but still allow users to reference an ipset.
The user would have to make sure the ipset is available once the VM is
started so that the iptables rule(s) referencing the ipset can be created.

Using XML to describe an ipset in an nwfilter rule would then look as
follows:

  <rule action='accept' direction='in'>
    <all ipset='test' ipsetflags='src,src'/>
  </rule>

The two parameters on the command line are also the two distinct XML attributes
'ipset' and 'ipsetflags'.

FYI: Here is the man page for ipset:

https://ipset.netfilter.org/ipset.man.html

Regards,
    Stefan
2012-05-21 06:26:34 -04:00
Marc-André Lureau
d9a269bc74 tests: add ich6 codec type test to qemuxml2argv-sound-device
Test new codec type element.
2012-05-17 11:43:35 -06:00
Marc-André Lureau
0aaebd7abc qemu: test CAPS_HDA_MICRO 2012-05-17 11:12:40 -06:00
Eric Blake
5a8262a0ae nodeinfo: test more details
Make it obvious why we need Osier's patch in commit 10d9038b
to fix NUMA parsing of an AMD machine with two cores sharing
a socket id.

* tests/nodeinfotest.c (linuxTestCompareFiles): Enhance the test.
* tests/nodeinfodata/linux-nodeinfo-sysfs-test-*-output.txt: Update.
2012-05-16 10:23:06 -06:00
Daniel Walsh
73580c60d1 Pass the virt driver name into security drivers
To allow the security drivers to apply different configuration
information per hypervisor, pass the virtualization driver name
into the security manager constructor.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-16 10:05:46 +01:00
Jiri Denemark
63b4243624 qemu: Add support for -no-user-config
Thanks to this new option we are now able to use modern CPU models (such
as Westmere) defined in external configuration file.

The qemu-1.1{,-device} data files for qemuhelptest are filled in with
qemu-1.1-rc2 output for now. I will update those files with real
qemu-1.1 output once it is released.
2012-05-15 20:29:12 +02:00
Daniel P. Berrange
03b804a200 Set a sensible default master start port for ehci companion controllers
The uhci1, uhci2, uhci3 companion controllers for ehci1 must
have a master start port set. Since this value is predictable
we should set it automatically if the app does not supply it
2012-05-15 17:07:34 +01:00
Daniel P. Berrange
1ebd52cb87 Fix logic for assigning PCI addresses to USB2 companion controllers
Currently each USB2 companion controller gets put on a separate
PCI slot. Not only is this wasteful of PCI slots, but it is not
in compliance with the spec for USB2 controllers. The master
echi1 and all companion controllers should be in the same slot,
with echi1 in function 7, and uhci1-3 in functions 0-2 respectively.

* src/qemu/qemu_command.c: Special case handling of USB2 controllers
  to apply correct pci slot assignment
* tests/qemuxml2argvdata/qemuxml2argv-usb-ich9-ehci-addr.args,
  tests/qemuxml2argvdata/qemuxml2argv-usb-ich9-ehci-addr.xml: Expand
  test to cover automatic slot assignment
2012-05-15 17:07:34 +01:00
Daniel P. Berrange
548563956e Allow stack traces to be included with log messages
Sometimes it is useful to see the callpath for log messages.
This change enhances the log filter syntax so that stack traces
can be show by setting '1:+NAME' instead of '1:NAME'.

This results in output like:

2012-05-09 14:18:45.136+0000: 13314: debug : virInitialize:414 : register drivers
/home/berrange/src/virt/libvirt/src/.libs/libvirt.so.0(virInitialize+0xd6)[0x7f89188ebe86]
/home/berrange/src/virt/libvirt/tools/.libs/lt-virsh[0x431921]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x3a21e21735]
/home/berrange/src/virt/libvirt/tools/.libs/lt-virsh[0x40a279]

2012-05-09 14:18:45.136+0000: 13314: debug : virRegisterDriver:775 : driver=0x7f8918d02760 name=Test
/home/berrange/src/virt/libvirt/src/.libs/libvirt.so.0(virRegisterDriver+0x6b)[0x7f89188ec717]
/home/berrange/src/virt/libvirt/src/.libs/libvirt.so.0(+0x11b3ad)[0x7f891891e3ad]
/home/berrange/src/virt/libvirt/src/.libs/libvirt.so.0(virInitialize+0xf3)[0x7f89188ebea3]
/home/berrange/src/virt/libvirt/tools/.libs/lt-virsh[0x431921]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x3a21e21735]
/home/berrange/src/virt/libvirt/tools/.libs/lt-virsh[0x40a279]

* docs/logging.html.in: Document new syntax
* configure.ac: Check for execinfo.h
* src/util/logging.c, src/util/logging.h: Add support for
  stack traces
* tests/testutils.c: Adapt to API change

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-15 17:01:40 +01:00
Osier Yang
10d9038b74 nodeinfo: Get the correct CPU number on AMD Magny Cours platform
"Instead of developing one CPU with 12 cores, the Magny Cours is
actually two 6 core “Bulldozer” CPUs combined in to one package"

I.e, each package has two NUMA nodes, and the two numa nodes share
the same core ID set (0-6), which means parsing the cores number
from sysfs doesn't work in this case.

And the wrong CPU number could cause three problems for libvirt:

1) performance lost

  A domain without "cpuset" or "placement='auto'" (to drive numad)
specified will be only pinned to part of the CPUs.

2) domain can be started

  If a domain uses numad, and the advisory nodeset returned from
numad contains node which exceeds the range of wrong total CPU
number. The domain will fail to start, as the bitmask passed to
sched_setaffinity could be fully filled with zero.

3) wrong CPU number affects lots of stuffs.

  E.g. for command "virsh vcpuinfo", "virsh vcpupin", it will always
output with the truncated CPU list.

For more details:

https://www.redhat.com/archives/libvir-list/2012-May/msg00607.html

This patch is to fix the problem by parsing /proc/cpuinfo to get
the value of field "cpu cores", and use it as nodeinfo->cores if
it's greater than the cores number from sysfs.
2012-05-15 10:19:49 +08:00
Li Zhang
bb725ac1fa Assign spapr-vio bus address to ibmvscsi controller
For pseries guest, the default controller model is
ibmvscsi controller, this controller only can work
on spapr-vio address.

This patch is to assign spapr-vio address type to
ibmvscsi controller and correct vscsi test case.

Signed-off-by: Li Zhang <zhlcindy@linux.vnet.ibm.com>
2012-05-14 16:47:16 -06:00
Eric Blake
891a7f9e23 nodeinfo: add some more tests
Test 2 data grabbed from a 2-core 1-node laptop.
Test 3 data grabbed from a 48-cpu AMD Magny Cours box.

* tests/nodeinfodata/linux-nodeinfo-sysfs-test-2*: New test data.
* tests/nodeinfodata/linux-nodeinfo-sysfs-test-3*: Likewise.
* tests/nodeinfotest.c (mymain): Run them.
* cfg.mk
(exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF): Exempt
new test files.
2012-05-14 11:18:26 -06:00
Eric Blake
2b366b46dc nodeinfo: avoid probing host filesystem during test
We had previously weakened our nodeinfotest in order to ignore parsed
node values, because the parse function was mistakenly relying on
host files.  A better fix is to avoid using the numactl library, but
to instead parse the same files that numactl would read, all while
allowing the files to be relative to our choice of directory.

* src/nodeinfo.c (CPU_SYS_PATH, NODE_SYS_PATH): Replace with...
(SYSFS_SYSTEM_PATH): ...parent directory.
(linuxNodeInfoCPUPopulate): Check NUMA nodes from requested
directory (by inlining numactl code).
(nodeGetCPUmap, nodeGetMemoryStats): Adjust macro use.
* tests/nodeinfotest.c (linuxTestCompareFiles, linuxTestNodeInfo):
Update test to match.
2012-05-14 10:44:43 -06:00
Osier Yang
d70f2e117a numad: Always output 'placement' of <vcpu>
<vcpu> is not an optional node. The value for its 'placement'
actually always defaults to 'static' in the underlying codes.
(Even no 'cpuset' and 'placement' is specified, the domain
process will be pinned to all the available pCPUs).
2012-05-08 16:57:37 -06:00
Osier Yang
8d26a7fd4e numad: Copy 'placement' of <numatune> to <vcpu> by default
With this patch, one can also fully drive numad by:

  <vcpu>2</vcpu>
  <numatune>
    <memory placement='auto'/>
  </numatune>

New tests are added.
2012-05-08 16:57:36 -06:00
Osier Yang
97010eb1f1 numad: Set memory policy from numad advisory nodeset
Though numad will manage the memory allocation of task dynamically,
it wants management application (libvirt) to pre-set the memory
policy according to the advisory nodeset returned from querying numad,
(just like pre-bind CPU nodeset for domain process), and thus the
performance could benefit much more from it.

This patch introduces new XML tag 'placement', value 'auto' indicates
whether to set the memory policy with the advisory nodeset from numad,
and its value defaults to the value of <vcpu> placement, or 'static'
if 'nodeset' is specified. Example of the new XML tag's usage:

  <numatune>
    <memory placement='auto' mode='interleave'/>
  </numatune>

Just like what current "numatune" does, the 'auto' numa memory policy
setting uses libnuma's API too.

If <vcpu> "placement" is "auto", and <numatune> is not specified
explicitly, a default <numatume> will be added with "placement"
set as "auto", and "mode" set as "strict".

The following XML can now fully drive numad:

1) <vcpu> placement is 'auto', no <numatune> is specified.

   <vcpu placement='auto'>10</vcpu>

2) <vcpu> placement is 'auto', no 'placement' is specified for
   <numatune>.

   <vcpu placement='auto'>10</vcpu>
   <numatune>
     <memory mode='interleave'/>
   </numatune>

And it's also able to control the CPU placement and memory policy
independently. e.g.

1) <vcpu> placement is 'auto', and <numatune> placement is 'static'

   <vcpu placement='auto'>10</vcpu>
   <numatune>
     <memory mode='strict' nodeset='0-10,^7'/>
   </numatune>

2) <vcpu> placement is 'static', and <numatune> placement is 'auto'

   <vcpu placement='static' cpuset='0-24,^12'>10</vcpu>
   <numatune>
     <memory mode='interleave' placement='auto'/>
   </numatume>

A follow up patch will change the XML formatting codes to always output
'placement' for <vcpu>, even it's 'static'.
2012-05-08 16:57:32 -06:00
Alon Levy
75d155ec26 tests: add some self-documentation to tests
Alon tried './qemuxml2argvtest --help' to figure out a test failure,
but it didn't help.  The information is in HACKING, but it doesn't
hurt to make the tests also provide their own help.

Signed-off-by: Alon Levy <alevy@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2012-05-08 12:38:11 -06:00
Alon Levy
ba97e4edc6 domain_conf: add "default" to list of valid spice channels
qemu's behavior in this case is to change the spice server behavior to
require secure connection to any channel not otherwise specified as
being in plaintext mode. libvirt doesn't currently allow requesting this
(via plaintext-channel=<channel name>).

RHBZ: 819499

Signed-off-by: Alon Levy <alevy@redhat.com>
2012-05-08 12:14:45 -06:00
Alon Levy
4e78ffb634 domain_conf: add "usbredir" to list of valid spice channels
Add "usbredir" channel to list of recognized spice channels.

RHBZ: 819498

Signed-off-by: Alon Levy <alevy@redhat.com>
2012-05-08 09:22:45 -06:00
Eric Blake
0ca336b32b build: avoid link failure on Windows
We only know -lpthread exists on platforms where we build
threads-pthread.c; but when we build threads-win32.c, LIB_PTHREAD
is empty.

* tests/Makefile.am (shunloadtest_LDADD): Use correct library.
2012-05-07 16:11:28 -06:00
Stefan Berger
a01e67217c tests: fix resource leak
Error: RESOURCE_LEAK:
/libvirt/tests/qemuxml2argvtest.c:47:
alloc_arg: Calling allocation function "virAlloc" on "ret".
/libvirt/src/util/memory.c:101:
alloc_fn: Storage is returned from allocation function "calloc".
/libvirt/src/util/memory.c:101:
var_assign: Assigning: "*((void **)ptrptr)" = "calloc(1UL, size)".
/libvirt/tests/qemuxml2argvtest.c:54:
leaked_storage: Variable "ret" going out of scope leaks the storage it points to.
2012-05-04 10:42:09 -04:00
Guido Günther
1cbe658bea openvz: read vmguarpages/privvmpages to set memory tunables 2012-05-04 09:09:07 +02:00
Eric Blake
c898263826 build: fix build on cygwin
On cygwin, <rpc/rpc.h> lives in a different directory than
/usr/include, so anything that uses it must modify CFLAGS.  This
previously tripped up just 'make check', but now that we build
all test programs unconditionally, it also trips up 'make'.

* tests/Makefile.am (virnetmessagetest_CFLAGS): Find rpc headers.
2012-05-03 14:53:11 -06:00
Eric Blake
706aa7c52b virsh: output scaled values with correct units
The recent push to use correct scaling terms (kB for 1000, KiB for
1024 - such as commit 9dfdead) missed some places in virsh.

* tools/virsh.c (prettyCapacity, cmdDominfo, cmdFreecell)
(cmdNodeinfo, cmdNodeMemStats, cmdMigrateSetMaxSpeed)
(cmdBlockCopy, cmdBlockPull, cmdBlockJob): Use KiB, not kB, when
referring to multiples of 1024.
* tests/virshtest.c: Update expected output to match.
2012-05-01 14:58:14 -06:00
Josh Durgin
d50cae3335 qemu: change rbd auth_supported separation character to ;
This works with newer qemu that doesn't allow escaping spaces.
It's backwards compatible as well.

Signed-off-by: Josh Durgin <josh.durgin@dreamhost.com>
2012-05-01 08:49:24 -06:00
Stefan Berger
59b935f5ae More coverity findings addressed
More bug extermination in the category of:

Error: CHECKED_RETURN:

/libvirt/src/conf/network_conf.c:595:
check_return: Calling function "virAsprintf" without checking return value (as is done elsewhere 515 out of 543 times).

/libvirt/src/qemu/qemu_process.c:2780:
unchecked_value: No check of the return value of "virAsprintf(&msg, "was paused (%s)", virDomainPausedReasonTypeToString(reason))".

/libvirt/tests/commandtest.c:809:
check_return: Calling function "setsid" without checking return value (as is done elsewhere 4 out of 5 times).

/libvirt/tests/commandtest.c:830:
unchecked_value: No check of the return value of "virTestGetDebug()".

/libvirt/tests/commandtest.c:831:
check_return: Calling function "virTestGetVerbose" without checking return value (as is done elsewhere 41 out of 42 times).

/libvirt/tests/commandtest.c:833:
check_return: Calling function "virInitialize" without checking return value (as is done elsewhere 18 out of 21 times).


One note about the error in commandtest line 809: setsid() seems to fail when running the test -- could be removed ?
2012-04-27 17:25:35 -04:00
Eric Blake
ae6aa8c396 blockjob: enhance xml to track mirrors across libvirtd restart
In order to track a block copy job across libvirtd restarts, we
need to save internal XML that tracks the name of the file
holding the mirror.  Displaying this name in dumpxml might also
be useful to the user, even if we don't yet have a way to (re-)
start a domain with mirroring enabled up front.  This is done
with a new <mirror> sub-element to <disk>, as in:

    <disk type='file' device='disk'>
      <driver name='qemu' type='raw'/>
      <source file='/var/lib/libvirt/images/original.img'/>
      <mirror file='/var/lib/libvirt/images/copy.img' format='qcow2' ready='yes'/>
      ...
    </disk>

For now, the element is output-only, in live domains; it is ignored
when defining a domain or hot-plugging a disk (since those contexts
use VIR_DOMAIN_XML_INACTIVE in parsing).  The 'ready' attribute appears
when libvirt knows that the job has changed from the initial pulling
phase over to the mirroring phase, although absence of the attribute
is not a sure indicator of the current phase.  If we come up with a way
to make qemu start with mirroring enabled, we can relax the xml
restriction, and allow <mirror> (but not attribute 'ready') on input.
Testing active-only XML meant tweaking the testsuite slightly, but it
was worth it.

* docs/schemas/domaincommon.rng (diskspec): Add diskMirror.
* docs/formatdomain.html.in (elementsDisks): Document it.
* src/conf/domain_conf.h (_virDomainDiskDef): New members.
* src/conf/domain_conf.c (virDomainDiskDefFree): Clean them.
(virDomainDiskDefParseXML): Parse them, but only internally.
(virDomainDiskDefFormat): Output them.
* tests/qemuxml2argvdata/qemuxml2argv-disk-mirror.xml: New test file.
* tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-mirror.xml: Likewise.
* tests/qemuxml2xmltest.c (testInfo): Alter members.
(testCompareXMLToXMLHelper): Allow more test control.
(mymain): Run new test.
2012-04-23 08:43:33 -06:00
Peter Krempa
a2ba53cf18 cpu: Improve error reporting on incompatible CPUs
This patch modifies the CPU comparrison function to report the
incompatibilities in more detail to ease identification of problems.

* src/cpu/cpu.h:
    cpuGuestData(): Add argument to return detailed error message.
* src/cpu/cpu.c:
    cpuGuestData(): Add passthrough for error argument.
* src/cpu/cpu_x86.c
    x86FeatureNames(): Add function to convert a CPU definition to flag
                       names.
    x86Compute(): - Add error message parameter
                  - Add macro for reporting detailed error messages.
                  - Improve error reporting.
                  - Simplify calculation of forbidden flags.
    x86DataIteratorInit():
    x86cpuidMatchAny(): Remove functions that are no longer needed.
* src/qemu/qemu_command.c:
    qemuBuildCpuArgStr(): - Modify for new function prototype
                          - Add detailed error reports
                          - Change error code on incompatible processors
                            to VIR_ERR_CONFIG_UNSUPPORTED instead of
                            internal error
* tests/cputest.c:
    cpuTestGuestData(): Modify for new function prototype
2012-04-23 10:59:51 +02:00
Osier Yang
79568df0f1 tests: Update read-bufsiz to delete the UUID of vm XML
Since now we have fixed domain UUID for test driver, defining
a domain with different name but same UUID doesn't work any
more. This patch delete the UUID from the dumped XML so that
it could be generated.
2012-04-17 22:56:18 +08:00
Osier Yang
a4cda054e7 qemu: Split ide-drive into ide-cd and ide-hd
A "ide-drive" device can be either a hard disk or a CD-ROM,
if there is ",media=cdrom" specified for the backend, it's
a CD-ROM, otherwise it's a hard disk.

Upstream qemu splitted "ide-drive" into "ide-hd" and "ide-cd"
since commit 1f56e32, and ",media=cdrom" is not required for
ide-cd anymore. "ide-drive" is still supported for backwards
compatibility, but no doubt we should go foward.
2012-04-17 17:21:48 +08:00
Osier Yang
02e8d0cfdf qemu: Split scsi-disk into into scsi-hd and scsi-cd
A "scsi-disk" device can be either a hard disk or a CD-ROM,
if there is ",media=cdrom" specified for the backend, it's
a CD-ROM, otherwise it's a hard disk.

But upstream qemu splitted "scsi-disk" into "scsi-hd" and
"scsi-cd" since commit b443ae, and ",media=cdrom" is not
required for scsi-cd anymore. "scsi-disk" is still supported
for backwards compatibility, but no doubt we should go
foward.
2012-04-17 17:21:24 +08:00
Jiri Denemark
1bd587abe2 tests: Fix libvirtdconftest in VPATH build
Without this, libvirtdconftest fails to build with "fatal error:
daemon/libvirtd-config.h: No such file or directory"
2012-04-11 09:57:21 +02:00
Daniel P. Berrange
ddf2dfa1f7 Wire up <loader> to set the QEMU BIOS path
* src/qemu/qemu_command.c: Wire up -bios with <loader>
* tests/qemuxml2argvdata/qemuxml2argv-bios.args,
  tests/qemuxml2argvdata/qemuxml2argv-bios.xml: Expand
  existing BIOS test case to cover <loader>
2012-04-10 16:34:39 +01:00
Daniel P. Berrange
a9694a8e18 Replace daemon-conf test script with a proper test case
The daemon-conf test script continues to be very fragile to
changes in libvirt. It currently fails 1 time in 3/4 due
to race conditions in startup/shutdown of the test script.

Replace it with a proper test case tailored to the code
being tested

* tests/Makefile.am: Remove daemon-conf, add libvirtdconftest
* tests/daemon-conf: Delete obsolete test
* tests/libvirtdconftest.c: Test config file handling
2012-04-10 11:13:44 +01:00
Eric Blake
72505073bd tests: avoid compiler warnings
gcc 4.7 warns about uninitialized struct members

* tests/testutilsqemu.c (testQemuCapsInit): Populate new members.
* tests/viruritest.c (mymain): Likewise.
2012-04-05 22:07:41 -06:00
Laine Stump
06a1a45cef test: fix build errors with gcc 4.7.0 and -O0
When building on Fedora 17 (which uses gcc 4.7.0) with -O0 in CFLAGS,
three of the tests failed to compile.

cputest.c and qemuxml2argvtest.c had non-static structs defined
inside the macro that was being repeatedly invoked. Due to some so-far
unidentified change in gcc, the stack space used by variables defined
inside { } is not recovered/re-used when the block ends, so all these
structs have become additive (this is the same problem worked around
in commit cf57d345b). Fortunately, these two files could be fixed with
a single line addition of "static" to the struct definition in the
macro.

virnettlscontexttest.c was a bit different, though. The problem structs
in the do/while loop of macros had non-constant initializers, so it
took a bit more work and piecemeal initialization instead of member
initialization to get things to be happy.

In an ideal world, none of these changes should be necessary, but not
knowing how long it will be until the gcc regressions are fixed, and
since the code is just as correct after this patch as before, it makes
sense to fix libvirt's build for -O0 while also reporting the gcc
problem.
2012-04-05 22:07:41 -06:00
Guido Günther
4eb1c2560d virURIParse: don't forget to copy the user part
This got dropped with 300e60e15b

Cheers,
 -- Guido
2012-04-06 11:26:52 +08:00
Laine Stump
bde32b1ada test: fix segfault in networkxml2argvtest
This bug resolves https://bugzilla.redhat.com/show_bug.cgi?id=810100

rpm builds for i686 were failing with a segfault in
networkxml2argvtest. Running under valgrind showed that a region of
memory was being referenced after it had been freed (as the result of
realloc - see the valgrind report in the BZ).

The problem (in replaceTokens() - added in commit 22ec60, meaning this
bug was in 0.9.10 and 0.9.11) was that the pointers token_start and
token_end were being computed based on the value of *buf, then *buf
was being realloc'ed (potentially moving it), then token_start and
token_end were used without recomputing them to account for movement
of *buf.

The solution is to change the code so that token_start and token_end
are offsets into *buf rather than pointers. This way there is only a
single pointer to the buffer, and nothing needs readjusting after a
realloc. (You may note that some uses of token_start/token_end didn't
need to be changed to add in "*buf +" - that's because there ended up
being a +*buf and -*buf which canceled each other out).

DV gets the credit for finding this bug and pointing out the valgrind
report.
2012-04-05 07:04:43 -04:00
Daniel P. Berrange
f48de0f161 Fix format specifiers in test cases on Win32
Some of the test suites use fprintf with format specifiers
that are not supported on Win32 and are not fixed by gnulib.

The mingw32 compiler also has trouble detecting ssize_t
correctly, complaining that 'ssize_t' does not match
'signed size_t' (which it expects for %zd). Force the
cast to size_t to avoid this problem

* tests/testutils.c, tests/testutils.h: Fix printf
  annotation on virTestResult. Use virVasprintf
  instead of vfprintf
* tests/virhashtest.c: Use VIR_WARN instead of fprintf(stderr).
  Cast to size_t to avoid mingw32 compiler bug

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-04-04 14:33:27 +01:00
Philipp Hahn
11ec6bd891 Xen: Fix <clock> handling
XenD-3.1 introduced managed domains. HV-domains have rtc_timeoffset
(hgd24f37b31030 from 2007-04-03), which tracks the offset between the
hypervisors clock and the domains RTC, and is persisted by XenD.
In combination with localtime=1 this had a bug until XenD-3.4
(hg5d701be7c37b from 2009-04-01) (I'm not 100% sure how that bug
manifests, but at least for me in TZ=Europe/Berlin I see the previous
offset relative to utc being applied to localtime again, which manifests
in an extra hour being added)

XenD implements the following variants for clock/@offset:
- PV domains don't have a RTC → 'localtime' | 'utc'
- <3.1: no managed domains → 'localtime' | 'utc'
- ≥3.1: the offset is tracked for HV → 'variable'
        due to the localtime=1 bug → 'localtime' | 'utc'
- ≥3.4: the offset is tracked for HV → 'variable'

Current libvirtd still thinks XenD only implements <clock offset='utc'/>
and <clock offset='localtime'/>, which is wrong, since the semantic of
'utc' and 'localtime' specifies, that the offset will be reset on
domain-restart, while with 'variable' the offset is kept. (keeping the
offset over "virsh edit" is important, since otherwise the clock might
jump, which confuses certain guest OSs)

xendConfigVersion was last incremented to 4 by the xen-folks for
xen-3.1.0. I know of no way to reliably detect the version of XenD
(user space tools), which may be different from the version of the
hypervisor (kernel) version! Because of this only the change from
'utc'/'localtime' to 'variable' in XenD-3.1 is handled, not the buggy
behaviour of XenD-3.1 until XenD-3.4.

For backward compatibility with previous versions of libvirt Xen-HV
still accepts 'utc' and 'localtime', but they are returned as 'variable'
on the next read-back from Xend to libvirt, since this is what XenD
implements: The RTC is NOT reset back to the specified time on next
restart, but the previous offset is kept.
This behaviour can be turned off by adding the additional attribute
adjustment='reset', in which case libvirt will report an error instead
of doing the conversion. The attribute can also be used as a shortcut to
offset='variable' with basis='...'.

With these changes, it is also necessary to adjust the xen tests:

"localtime = 0" is always inserted, because otherwise on updates the
value is not changed within XenD.

adjustment='reset' is inserted for all cases, since they're all <
XEND_CONFIG_VERSION_3_1_0, only 3.1 introduced persistent
rtc_timeoffset.

Some statements change their order because code was moved around.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2012-04-02 09:33:54 -06:00
Philipp Hahn
b8bf79aad7 Support clock=variable relative to localtime
Since Xen 3.1 the clock=variable semantic is supported. In addition to
qemu/kvm Xen also knows about a variant where the offset is relative to
'localtime' instead of 'utc'.

Extends the libvirt structure with a flag 'basis' to specify, if the
offset is relative to 'localtime' or 'utc'.

Extends the libvirt structure with a flag 'reset' to force the reset
behaviour of 'localtime' and 'utc'; this is needed for backward
compatibility with previous versions of libvirt, since they report
incorrect XML.

Adapt the only user 'qemu' to the new name.
Extend the RelaxNG schema accordingly.
Document the new 'basis' attribute in the HTML documentation.
Adapt test for the new attribute.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2012-04-02 09:08:31 -06:00
Daniel P. Berrange
ec8cae93db Consistent style for usage of sizeof operator
The code is splattered with a mix of

  sizeof foo
  sizeof (foo)
  sizeof(foo)

Standardize on sizeof(foo) and add a syntax check rule to
enforce it

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-30 11:47:24 +01:00
Daniel P. Berrange
57351139a7 Disable build of commandhelper & ssh on Win32
The commandhelper.c & ssh.c programs rely on various APIs not present
on Win32. Disable them, since the tests that uses these helpers are
already disabled

* tests/commandhelper.c, tests/ssh.c: Disable on WIN32

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-30 11:47:14 +01:00
Daniel P. Berrange
12f0d2ece9 Don't redefine the CPU comparison constants in CPU test
Defining an enum with names like "ERROR" causes  a world of
hurt on Win32 whose headers have such symbol names already

* tests/cputest.c: Remove redefinition of CPU constants

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-30 11:47:04 +01:00
Eric Blake
e8aa5a16c9 build: silence recent syntax check violations
An upstream gnulib bug[1] meant that some of our syntax checks
weren't being run.  Fix up our offenders before we upgrade to
a newer gnulib.

[1] https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00194.html

* src/util/virnetdevtap.c (virNetDevTapCreate): Use flags.
* tests/lxcxml2xmltest.c (mymain): Strip useless ().
2012-03-29 21:23:59 -06:00
Daniel P. Berrange
3a2fc2770b Enable build of test suite programs by default for GIT checkouts
Add a new flag '--with-test-suite' to configure to control whether
the test suite binaries are built by default. ie built with a
plain 'make', as opposed to delayed until 'make check'

For builds from tar.gz tests will not be built by default. For
builds from GIT, tests with be on by default, to try and ensure
that patch developers don't accidentally break the test suites
without noticing.

* configure.ac: Add --with-test-suite
* tests/Makefile.am: Use noinst_PROGRAMS instead of check_PROGRAMS
  if building tests by default. Consolidate setting of TESTS and
  {noinst,check}_PROGRAMS to avoid duplication
2012-03-27 17:08:06 +01:00
Stef Walter
53e1d56dd4 Change the default of mdns_adv to false
* Don't advertise information on the network without consent of
   the user, either through manual configuration, or a user
   interface that drives this option.
 * Since libvirtd must be configured for network access anyway
   (for all but ssh), this setting was not useful "out of the box",
   so changing this default setting does not remove "out of the box"
   functionality.
2012-03-27 09:54:49 -06:00
Daniel P. Berrange
72c507317a Add LXC XML files to schema test & fix problems this uncovers
* docs/schemas/domaincommon.rng: Add missing lxc & openvz
  console target types. Allow arch on LXC <os> type element
* tests/domainschematest: Include tests/lxcxml2xmldata/
2012-03-27 15:52:25 +01:00
Daniel P. Berrange
c91cff255f Add support for setting init argv for LXC
Pass argv to the init binary of LXC, using a new <initarg> element.

* docs/formatdomain.html.in: Document <os> usage for containers
* docs/schemas/domaincommon.rng: Add <initarg> element
* src/conf/domain_conf.c, src/conf/domain_conf.h: parsing and
  formatting of <initarg>
* src/lxc/lxc_container.c: Setup LXC argv
* tests/Makefile.am, tests/lxcxml2xmldata/lxc-systemd.xml,
  tests/lxcxml2xmltest.c, tests/testutilslxc.c,
  tests/testutilslxc.h: Test parsing/formatting of LXC related
  XML parts
2012-03-27 15:52:25 +01:00
Martin Kletzander
9943276fd2 Cleanup for a return statement in source files
Return statements with parameter enclosed in parentheses were modified
and parentheses were removed. The whole change was scripted, here is how:

List of files was obtained using this command:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$'

Found files were modified with this command:
sed -i -e                                                                 \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'

Then checked for nonsense.

The whole command looks like this:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$' | xargs sed -i -e                            \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'
2012-03-26 14:45:22 -06:00
Eric Blake
70c07e01de Fix and test round-trip of query parameters
When qparams support was dropped in commit bc1ff160, we forgot
to add tests to ensure that viruri can do the same round trip
handling of a URI. This round trip was broken, due to use
of the old 'query' field of xmlUriPtr, instead of the new
'query_raw'

Also, we forgot to report an OOM error.

* tests/viruritest.c (mymain): Add tests based on just-deleted
qparamtest.
(testURIParse): Allow difference in input and expected output.
* src/util/viruri.c (virURIFormat): Add missing error. Use
  query_raw, instead of query for xmlUriPtr object.
2012-03-26 11:23:45 +01:00
Eric Blake
98ada9ab70 build: drop obsolete qparams test
Otherwise, 'make check' breaks since commit bc1ff160 deleted
qparams.h.  A later patch will ensure that viruri takes over
what qparams used to do.

* tests/qparamtest.c (mymain): Delete, now that we have viruri.
* tests/Makefile.am (check_PROGRAMS, TESTS, qparamtest_SOURCES):
Delete old test.
* .gitignore: Add recent test additions.
2012-03-23 16:12:58 -06:00
Osier Yang
ad7db43913 qemu: Do not start with source for removable disks if tray is open
This is similiar with physical world, one will be surprised if the
box starts with medium exists while the tray is open.

New tests are added, tests disk-{cdrom,floppy}-tray are for the qemu
supports "-device" flag, and disk-{cdrom,floppy}-no-device-cap are
for old qemu, i.e. which doesn't support "-device" flag.
2012-03-23 23:11:54 +08:00
Daniel P. Berrange
a4fb88b5c9 Add helper API for finding auth file path
* src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath
* include/libvirt/virterror.h, src/util/virterror.c: Add
  VIR_FROM_AUTH error domain

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:07 +00:00
Daniel P. Berrange
f6632f6b7f Add a virKeyfilePtr object for parsing '.ini' files
The '.ini' file format is a useful alternative to the existing
config file style, when you need to have config files which
are hashes of hashes. The 'virKeyFilePtr' object provides a
way to parse these file types.

* src/Makefile.am, src/util/virkeyfile.c,
  src/util/virkeyfile.h: Add .ini file parser
* tests/Makefile.am, tests/virkeyfiletest.c: Test
  basic parsing capabilities

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:06 +00:00
Daniel P. Berrange
4ae4ae4ba4 Store parsed query parameters directly in the virURIPtr struct
Avoid the need for each driver to parse query parameters itself
by storing them directly in the virURIPtr struct. The parsing
code is a copy of that from src/util/qparams.c  The latter will
be removed in a later patch

* src/util/viruri.h: Add query params to virURIPtr
* src/util/viruri.c: Parse query parameters when creating virURIPtr
* tests/viruritest.c: Expand test to cover params

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:23:12 +00:00
Daniel P. Berrange
1f66c18f79 Centralize error reporting for URI parsing/formatting problems
Move error reporting out of the callers, into virURIParse
and virURIFormat, to get consistency.

* include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_URI
* src/util/viruri.c, src/util/viruri.h: Add error reporting
* src/esx/esx_driver.c, src/libvirt.c, src/libxl/libxl_driver.c,
  src/lxc/lxc_driver.c, src/openvz/openvz_driver.c,
  src/qemu/qemu_driver.c, src/qemu/qemu_migration.c,
  src/remote/remote_driver.c, src/uml/uml_driver.c,
  src/vbox/vbox_tmpl.c, src/vmx/vmx.c, src/xen/xen_driver.c,
  src/xen/xend_internal.c, tests/viruritest.c: Remove error
  reporting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:21 +00:00
Daniel P. Berrange
c33dae3175 Use virURIFree instead of xmlFreeURI
Since we defined a custom virURIPtr type, we should use a
virURIFree method instead of assuming it will always be
a typedef for xmlURIPtr

* src/util/viruri.c, src/util/viruri.h, src/libvirt_private.syms:
  Add a virURIFree method
* src/datatypes.c, src/esx/esx_driver.c, src/libvirt.c,
  src/qemu/qemu_migration.c, src/vmx/vmx.c, src/xen/xend_internal.c,
  tests/viruritest.c: s/xmlFreeURI/virURIFree/

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:20 +00:00
Daniel P. Berrange
6a7ffd4389 Add test case for virURIPtr classs
To ensure we properly escape & unescape IPv6 numeric addresses,
add a test case

* tests/Makefile.am, tests/viruritest.c: URI parsing test

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:16 +00:00
Osier Yang
0f8e7ae33a qemu: Support numad
numad is an user-level daemon that monitors NUMA topology and
processes resource consumption to facilitate good NUMA resource
alignment of applications/virtual machines to improve performance
and minimize cost of remote memory latencies. It provides a
pre-placement advisory interface, so significant processes can
be pre-bound to nodes with sufficient available resources.

More details: http://fedoraproject.org/wiki/Features/numad

"numad -w ncpus:memory_amount" is the advisory interface numad
provides currently.

This patch add the support by introducing a new XML attribute
for <vcpu>. e.g.

  <vcpu placement="auto">4</vcpu>
  <vcpu placement="static" cpuset="1-10^6">4</vcpu>

The returned advisory nodeset from numad will be printed
in domain's dumped XML. e.g.
  <vcpu placement="auto" cpuset="1-10^6">4</vcpu>

If placement is "auto", the number of vcpus and the current
memory amount specified in domain XML will be used for numad
command line (numad uses MB for memory amount):
  numad -w $num_of_vcpus:$current_memory_amount / 1024

The advisory nodeset returned from numad will be used to set
domain process CPU affinity then. (e.g. qemuProcessInitCpuAffinity).

If the user specifies both CPU affinity policy (e.g.
(<vcpu cpuset="1-10,^7,^8">4</vcpu>) and placement == "auto"
the specified CPU affinity will be overridden.

Only QEMU/KVM drivers support it now.

See docs update in patch for more details.
2012-03-15 12:24:56 +08:00
Osier Yang
3165602a55 qemu: Use scsi-block for lun passthrough instead of scsi-disk
And don't allow to hotplug a usb disk with "device == lun". This
is the missed pieces in previous virtio-scsi patchset:

http://www.redhat.com/archives/libvir-list/2012-February/msg01052.html
2012-03-14 23:32:53 +08:00
Eric Blake
6e0ff1d402 qemu: support disk filenames with comma
If there is a disk file with a comma in the name, QEmu expects a double
comma instead of a single one (e.g., the file "virtual,disk.img" needs
to be specified as "virtual,,disk.img" in QEmu's command line). This
patch fixes libvirt to work with that feature. Fix RHBZ #801036.

Based on an initial patch by Crístian Viana.

* src/util/buf.h (virBufferEscape): Alter signature.
* src/util/buf.c (virBufferEscape): Add parameter.
(virBufferEscapeSexpr): Fix caller.
* src/qemu/qemu_command.c (qemuBuildRBDString): Likewise.  Also
escape commas in file names.
(qemuBuildDriveStr): Escape commas in file names.
* docs/schemas/basictypes.rng (absFilePath): Relax RNG to allow
commas in input file names.
* tests/qemuxml2argvdata/*-disk-drive-network-sheepdog.*: Update
test.

Signed-off-by: Eric Blake <eblake@redhat.com>
2012-03-12 08:09:37 -06:00
Martin Kletzander
19e235026b Removed more AMD-specific features from cpu64-rhel* models
We found few more AMD-specific features in cpu64-rhel* models that
made it impossible to start qemu guest on Intel host (with this
setting) even though qemu itself starts correctly with them.
This impacts one test, thus the fix in tests/cputestdata/.
2012-03-09 14:36:31 +01:00
Michal Privoznik
c6daec7b14 qemuxml2argvtest: Pass some additional flags to graphics-spice-agentmouse
One of the recent commits introduced support for
spice agent-mouse. However, test for this feature
require some tweaking: pass QEMU_CAPS_CHARDEV_SPICEVMC |
QEMU_CAPS_NODEFCONFIG and add "-vga cirrus".
2012-03-09 10:14:31 +01:00
Michal Privoznik
ee4907320f qemuBuildCommandLine: Don't add tlsPort if none set
If user hasn't supplied any tlsPort we default to setting it
to zero in our internal structure. However, when building command
line we test it against -1 which is obviously wrong.
2012-03-09 08:49:10 +01:00
Peng Zhou
896e6ac4f8 qemu: spice agent-mouse support
spice agent-mouse support

Usage:
  <graphics type='spice'>
    <mouse mode='client'|'server'/>
  <graphics/>

Signed-off-by: Osier Yang <jyang@redhat.com>
2012-03-09 15:26:24 +08:00
Eric Blake
1c56b9fe53 virsh: add option aliases
In the past, we have created some virsh options with less-than-stellar
names.  For back-compat reasons, those names must continue to parse,
but we don't want to document them in help output.  This introduces
a new option type, an alias, which points to a canonical option name
later in the option list.

I'm actually quite impressed that our code has already been factored
to do all option parsing through common entry points, such that I
got this added in relatively few lines of code!

* tools/virsh.c (VSH_OT_ALIAS): New option type.
(opts_echo): Hook up an alias, for easy testing.
(vshCmddefOptParse, vshCmddefHelp, vshCmddefGetOption): Allow for
aliases.
* tools/virsh.pod (NOTES): Document promise of back-compat.
* tests/virshtest.c (mymain): Test new feature.
2012-03-07 18:24:44 -07:00
Eric Blake
2e22f23bde xml: allow scaled memory on input
Output is still in kibibytes, but input can now be in different
scales for ease of typing.

* src/conf/domain_conf.c (virDomainParseMemory): New helper.
(virDomainDefParseXML): Use it when parsing.
* docs/schemas/domaincommon.rng: Expand XML; rename memoryKBElement
to memoryElement and update callers.
* docs/formatdomain.html.in (elementsMemoryAllocation): Document
scaling.
* tests/qemuxml2argvdata/qemuxml2argv-memtune.xml: Adjust test.
* tests/qemuxml2xmltest.c: Likewise.
* tests/qemuxml2xmloutdata/qemuxml2xmlout-memtune.xml: New file.
2012-03-07 18:24:44 -07:00
Eric Blake
1b1402b90f xml: drop unenforced minimum memory limit from RNG
The test domain allows <memory>0</memory>, but the RNG was stating
that memory had to be at least 4096000 bytes.  Hypervisors should
enforce their own limits, rather than complicating the RNG.

Meanwhile, some copy and paste had introduced some fishy constructs
in various unit tests.

* docs/schemas/domaincommon.rng (memoryKB, memoryKBElement): Drop
limit that isn't enforced in code.
* src/conf/domain_conf.c (virDomainDefParseXML): Require current
<= maximum.
* tests/qemuxml2argvdata/*.xml: Fix offenders.
2012-03-07 18:24:43 -07:00
Eric Blake
2e14861224 storage: support more scaling suffixes
Disk manufacturers are fond of quoting sizes in powers of 10,
rather than powers of 2 (after all, 2.1 GB sounds larger than
2.0 GiB, even though the exact opposite is true).  So, we might
as well follow coreutils' lead in supporting three types of
suffix: single letter ${u} (which we already had) and ${u}iB
for the power of 2, and ${u}B for power of 10.

Additionally, it is impossible to create a file with more than
2**63 bytes, since off_t is signed (if you have enough storage
to even create one 8EiB file, I'm jealous).  This now reports
failure up front rather than down the road when the kernel
finally refuses an impossible size.

* docs/schemas/basictypes.rng (unit): Add suffixes.
* src/conf/storage_conf.c (virStorageSize): Use new function.
* docs/formatstorage.html.in: Document it.
* tests/storagevolxml2xmlin/vol-file-backing.xml: Test it.
* tests/storagevolxml2xmlin/vol-file.xml: Likewise.
2012-03-07 18:24:43 -07:00
Eric Blake
265457845f xml: output memory unit for clarity
Make it obvious to 'dumpxml' readers what unit we are using,
since our default of KiB for memory (1024) differs from qemu's
default of MiB; and differs from our use of bytes for storage.

Tests were updated via:

$ find tests/*data tests/*out -name '*.xml' | \
  xargs sed -i 's/<\(memory\|currentMemory\|hard_limit\|soft_limit\|min_guarantee\|swap_hard_limit\)>/<\1 unit='"'KiB'>/"
$ find tests/*data tests/*out -name '*.xml' | \
  xargs sed -i 's/<\(capacity\|allocation\|available\)>/<\1 unit='"'bytes'>/"

followed by a few fixes for the stragglers.

Note that with this patch, the RNG for <memory> still forbids
validation of anything except unit='KiB', since the code silently
ignores the attribute; a later patch will expand <memory> to allow
scaled input in the code and update the RNG to match.

* docs/schemas/basictypes.rng (unit): Add 'bytes'.
(scaledInteger): New define.
* docs/schemas/storagevol.rng (sizing): Use it.
* docs/schemas/storagepool.rng (sizing): Likewise.
* docs/schemas/domaincommon.rng (memoryKBElement): New define; use
for memory elements.
* src/conf/storage_conf.c (virStoragePoolDefFormat)
(virStorageVolDefFormat): Likewise.
* src/conf/domain_conf.h (_virDomainDef): Document unit used
internally.
* src/conf/storage_conf.h (_virStoragePoolDef, _virStorageVolDef):
Likewise.
* tests/*data/*.xml: Update all tests.
* tests/*out/*.xml: Likewise.
* tests/define-dev-segfault: Likewise.
* tests/openvzutilstest.c (testReadNetworkConf): Likewise.
* tests/qemuargv2xmltest.c (blankProblemElements): Likewise.
2012-03-07 18:24:43 -07:00
Laine Stump
8639a42059 qemu: support type='hostdev' network devices at domain start
This patch makes sure that each network device ("interface") of
type='hostdev' appears on both the hostdevs list and the nets list of
the virDomainDef, and it modifies the qemu driver startup code so that
these devices will be presented to qemu on the commandline as hostdevs
rather than as network devices.

It does not add support for hotplug of these type of devices, or code
to honor the <mac address> or <virtualport> given in the config (both
of those will be done in separate patches).

Once each device is placed on both lists, much of what this patch does
is modify places in the code that traverse all the device lists so
that these hybrid devices are only acted on once - either along with
the other hostdevs, or along with the other network interfaces. (In
many cases, only one of the lists is traversed / a specific operation
is performed on only one type of device. In those instances, the code
can remain unchanged.)

There is one special case - when building the commandline, interfaces
are allowed to proceed all the way through
networkAllocateActualDevice() before deciding to skip the rest of
netdev-specific processing - this is so that (once we have support for
networks with pools of hostdev devices) we can get the actual device
allocated, then rely on the loop processing all hostdevs to generate
the correct commandline.

(NB: <interface type='hostdev'> is only supported for PCI network
devices that are SR-IOV Virtual Functions (VF). Standard PCI[e] and
USB devices, and even the Physical Functions (PF) of SR-IOV devices
can only be assigned to a guest using the more basic <hostdev> device
entry. This limitation is mostly due to the fact that non-SR-IOV
ethernet devices tend to lose mac address configuration whenever the
card is reset, which happens when a card is assigned to a guest;
SR-IOV VFs fortunately don't suffer the same problem.)
2012-03-05 23:24:34 -05:00
Laine Stump
3b1c191fe7 conf: parse/format type='hostdev' network interfaces
This is the new interface type that sets up an SR-IOV PCI network
device to be assigned to the guest with PCI passthrough after
initializing some network device-specific things from the config
(e.g. MAC address, virtualport profile parameters). Here is an example
of the syntax:

  <interface type='hostdev' managed='yes'>
    <source>
      <address type='pci' domain='0' bus='0' slot='4' function='3'/>
    </source>
    <mac address='00:11:22:33:44:55'/>
    <address type='pci' domain='0' bus='0' slot='7' function='0'/>
  </interface>

This would assign the PCI card from bus 0 slot 4 function 3 on the
host, to bus 0 slot 7 function 0 on the guest, but would first set the
MAC address of the card to 00:11:22:33:44:55.

NB: The parser and formatter don't care if the PCI card being
specified is a standard single function network adapter, or a virtual
function (VF) of an SR-IOV capable network adapter, but the upcoming
code that implements the back end of this config will work *only* with
SR-IOV VFs. This is because modifying the mac address of a standard
network adapter prior to assigning it to a guest is pointless - part
of the device reset that occurs during that process will reset the MAC
address to the value programmed into the card's firmware.

Although it's not supported by any of libvirt's hypervisor drivers,
usb network hostdevs are also supported in the parser and formatter
for completeness and consistency. <source> syntax is identical to that
for plain <hostdev> devices, except that the <address> element should
have "type='usb'" added if bus/device are specified:

  <interface type='hostdev'>
    <source>
      <address type='usb' bus='0' device='4'/>
    </source>
    <mac address='00:11:22:33:44:55'/>
  </interface>

If the vendor/product form of usb specification is used, type='usb'
is implied:

  <interface type='hostdev'>
    <source>
      <vendor id='0x0012'/>
      <product id='0x24dd'/>
    </source>
    <mac address='00:11:22:33:44:55'/>
  </interface>

Again, the upcoming patch to fill in the backend of this functionality
will log an error and fail with "Unsupported Config" if you actually
try to assign a USB network adapter to a guest using <interface
type='hostdev'> - just use a standard <hostdev> entry in that case
(and also for single-port PCI adapters).
2012-03-05 23:24:28 -05:00
Eric Blake
3e2c3d8f6d build: use correct type for pid and similar types
No thanks to 64-bit windows, with 64-bit pid_t, we have to avoid
constructs like 'int pid'.  Our API in libvirt-qemu cannot be
changed without breaking ABI; but then again, libvirt-qemu can
only be used on systems that support UNIX sockets, which rules
out Windows (even if qemu could be compiled there) - so for all
points on the call chain that interact with this API decision,
we require a different variable name to make it clear that we
audited the use for safety.

Adding a syntax-check rule only solves half the battle; anywhere
that uses printf on a pid_t still needs to be converted, but that
will be a separate patch.

* cfg.mk (sc_correct_id_types): New syntax check.
* src/libvirt-qemu.c (virDomainQemuAttach): Document why we didn't
use pid_t for pid, and validate for overflow.
* include/libvirt/libvirt-qemu.h (virDomainQemuAttach): Tweak name
for syntax check.
* src/vmware/vmware_conf.c (vmwareExtractPid): Likewise.
* src/driver.h (virDrvDomainQemuAttach): Likewise.
* tools/virsh.c (cmdQemuAttach): Likewise.
* src/remote/qemu_protocol.x (qemu_domain_attach_args): Likewise.
* src/qemu_protocol-structs (qemu_domain_attach_args): Likewise.
* src/util/cgroup.c (virCgroupPidCode, virCgroupKillInternal):
Likewise.
* src/qemu/qemu_command.c(qemuParseProcFileStrings): Likewise.
(qemuParseCommandLinePid): Use pid_t for pid.
* daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
* src/conf/domain_conf.h (_virDomainObj): Likewise.
* src/probes.d (rpc_socket_new): Likewise.
* src/qemu/qemu_command.h (qemuParseCommandLinePid): Likewise.
* src/qemu/qemu_driver.c (qemudGetProcessInfo, qemuDomainAttach):
Likewise.
* src/qemu/qemu_process.c (qemuProcessAttach): Likewise.
* src/qemu/qemu_process.h (qemuProcessAttach): Likewise.
* src/uml/uml_driver.c (umlGetProcessInfo): Likewise.
* src/util/virnetdev.h (virNetDevSetNamespace): Likewise.
* src/util/virnetdev.c (virNetDevSetNamespace): Likewise.
* tests/testutils.c (virtTestCaptureProgramOutput): Likewise.
* src/conf/storage_conf.h (_virStoragePerms): Use mode_t, uid_t,
and gid_t rather than int.
* src/security/security_dac.c (virSecurityDACSetOwnership): Likewise.
* src/conf/storage_conf.c (virStorageDefParsePerms): Avoid
compiler warning.
2012-03-02 06:57:43 -07:00
Daniel Veillard
4017ec927f Do not include binaries in EXTRA_DIST
commit f27f616ff8 broke "make dist"
by adding qemumonitortest which is a generated binary to the
EXTRA_DIST, hence breaking "make dist"
2012-02-29 15:24:35 +08:00
Osier Yang
c430248643 tests: Add tests for virtio-scsi and ibmvscsi controllers 2012-02-28 14:28:21 +08:00
Osier Yang
c56fe7f1d6 qemu: Build command line for the new address format
For any disk controller model which is not "lsilogic", the command
line will be like:

  -drive file=/dev/sda,if=none,id=drive-scsi0-0-3-0,format=raw \
  -device scsi-disk,bus=scsi0.0,channel=0,scsi-id=3,lun=0,i\
  drive=drive-scsi0-0-3-0,id=scsi0-0-3-0

The relationship between the libvirt address attrs and the qdev
properties are (controller model is not "lsilogic"; strings
inside <> represent libvirt adress attrs):
  bus=scsi<controller>.0
  channel=<bus>
  scsi-id=<target>
  lun=<unit>

* src/qemu/qemu_command.h: (New param "virDomainDefPtr def"
  for function qemuBuildDriveDevStr; new param "virDomainDefPtr
  vmdef" for function qemuAssignDeviceDiskAlias. Both for
  virDomainDiskFindControllerModel's use).

* src/qemu/qemu_command.c:
  - New param "virDomainDefPtr def" for qemuAssignDeviceDiskAliasCustom.
    For virDomainDiskFindControllerModel's use, if the disk bus is "scsi"
    and the controller model is not "lsilogic", "target" is one part of
    the alias name.
  - According change on qemuAssignDeviceDiskAlias and qemuBuildDriveDevStr

* src/qemu/qemu_hotplug.c:
  - Changes to be consistent with declarations of qemuAssignDeviceDiskAlias
    qemuBuildDriveDevStr, and qemuBuildControllerDevStr.

* tests/qemuxml2argvdata/qemuxml2argv-pseries-vio-user-assigned.args,
  tests/qemuxml2argvdata/qemuxml2argv-pseries-vio.args: Update the
  generated command line.
2012-02-28 14:27:17 +08:00
Osier Yang
4288b22fb2 conf: Introduce new attribute for device address format
* src/conf/domain_conf.h: Add new member "target" to struct
  _virDomainDeviceDriveAddress.

* src/conf/domain_conf.c: Parse and format "target"

* Lots of tests (.xml) in tests/domainsnapshotxml2xmlout,
  tests/qemuxml2argvdata, tests/qemuxml2xmloutdata, and
  tests/vmx2xmldata/ are modified for newly introduced
  attribute "target" for address of "drive" type.
2012-02-28 14:27:11 +08:00
Josh Durgin
f27f616ff8 qemu: unescape HMP commands before converting them to json
QMP commands don't need to be escaped since converting them to json
also escapes special characters. When a QMP command fails, however,
libvirt falls back to HMP commands. These fallback functions
(qemuMonitorText*) do their own escaping, and pass the result directly
to qemuMonitorHMPCommandWithFd. If the monitor is in json mode, these
pre-escaped commands will be escaped again when converted to json,
which can result in the wrong arguments being sent.

For example, a filename test\file would be sent in json as
test\\file.

This prevented attaching an image file with a " or \ in its name in
qemu 1.0.50, and also broke rbd attachment (which uses backslashes to
escape some internal arguments.)

Reported-by: Masuko Tomoya <tomoya.masuko@gmail.com>
Signed-off-by: Josh Durgin <josh.durgin@dreamhost.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2012-02-27 16:06:02 -07:00
Daniel P. Berrange
1d4c4d9d4f Workaround python header file insanity
The /usr/include/python/pyconfig.h file pollutes the global
namespace with a huge number of HAVE_XXX and WITH_XXX
defines. These change what we detected in our own config.h
In particular if you try to build without DTrace, python's
headers turn it back on with predictable fail.

THe hack to workaround this is to rename WITH_DTRACE to
WITH_DTRACE_PROBES to avoid the namespace clash
2012-02-24 16:43:27 +00:00
Jean-Baptiste Rouault
f246cdb5ac vmx: Better Workstation vmx handling
This patch adds support for vmx files with empty networkName
values (which is the case for vmx generated by Workstation).
It also adds support for vmx containing NATed network interfaces.

Update test suite accordingly
2012-02-24 11:53:23 +01:00
Daniel Veillard
ded8e894dd Revert "qemu: add ibmvscsi controller model"
This reverts commit 7b345b69f2.

Conflicts:

	tests/qemuxml2argvdata/qemuxml2argv-disk-scsi-vscsi.xml
2012-02-13 21:37:03 +08:00
Daniel Veillard
3d224ae669 Revert "qemu: add virtio-scsi controller model"
This reverts commit c9abfadf37.

Conflicts:

	tests/qemuxml2argvdata/qemuxml2argv-disk-scsi-virtio-scsi.xml
2012-02-13 21:36:02 +08:00
Osier Yang
7c90026db9 npiv: Auto-generate WWN if it's not specified
The auto-generated WWN comply with the new addressing schema of WWN:

<quote>
the first nibble is either hex 5 or 6 followed by a 3-byte vendor
identifier and 36 bits for a vendor-specified serial number.
</quote>

We choose hex 5 for the first nibble. And for the 3-bytes vendor ID,
we uses the OUI according to underlying hypervisor type, (invoking
virConnectGetType to get the virt type). e.g. If virConnectGetType
returns "QEMU", we use Qumranet's OUI (00:1A:4A), if returns
ESX|VMWARE, we use VMWARE's OUI (00:05:69). Currently it only
supports qemu|xen|libxl|xenapi|hyperv|esx|vmware drivers. The last
36 bits are auto-generated.
2012-02-10 12:53:25 +08:00
Marc-André Lureau
42043afcdc domain: add implicit USB controller
Some tools, such as virt-manager, prefers having the default USB
controller explicit in the XML document. This patch makes sure there
is one. With this patch, it is now possible to switch from USB1 to
USB2 from the release 0.9.1 of virt-manager.

Fix tests to pass with this change.
2012-02-09 16:44:57 -07:00
Jiri Denemark
afb96301f3 security: Driver 'none' cannot create confined guests
In case the caller specifies that confined guests are required but the
security driver turns out to be 'none', we should return an error since
this driver clearly cannot meet that requirement.  As a result of this
error, libvirtd fails to start when the host admin explicitly sets
confined guests are required but there is no security driver available.

Since security driver 'none' cannot create confined guests, we override
default confined setting so that hypervisor drivers do not thing they
should create confined guests.
2012-02-08 11:55:56 +01:00
Jiri Denemark
f6957617c5 seclabel: Do not output relabel attribute for type 'none'
Security label type 'none' requires relabel to be set to 'no' so there's
no reason to output this extra attribute.  Moreover, since relabel is
internally stored in a negative from (norelabel), the default value for
relabel would be 'yes' in case there is no <seclabel> element in domain
configuration.  In case VIR_DOMAIN_SECLABEL_DEFAULT turns into
VIR_DOMAIN_SECLABEL_NONE, we would incorrectly output relabel='yes' for
seclabel type 'none'.
2012-02-08 11:55:56 +01:00
Eric Blake
c052d8a89f seclabel: make code and RNG match
Commit b170eb99 introduced a bug: domains that had an explicit
<seclabel type='none'/> when started would not be reparsed if
libvirtd restarted.  It turns out that our testsuite was not
exercising this because it never tried anything but inactive
parsing.  Additionally, the live XML for such a domain failed
to re-validate.  Applying just the tests/ portion of this patch
will expose the bugs that are fixed by the other two files.

* docs/schemas/domaincommon.rng (seclabel): Allow relabel under
type='none'.
* src/conf/domain_conf.c (virSecurityLabelDefParseXML): Per RNG,
presence of <seclabel> with no type implies dynamic.  Don't
require sub-elements for type='none'.
* tests/qemuxml2xmltest.c (mymain): Add test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.xml: Add file.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-none.args: Add file.
Reported by Ansis Atteka.
2012-02-06 12:04:33 -07:00
Jiri Denemark
8f0b03910c tests: Fix build with -Werror 2012-02-06 09:35:47 +01:00
Eric Blake
8f00276c8a maint: consolidate several .gitignore files
Unlike .cvsignore under CVS, git allows for ignoring nested
names.  We weren't very consistent where new tests were
being ignored (some in .gitignore, some in tests/.gitignore),
and I found it easier to just consolidate everything.

* .gitignore: Subsume entries from subdirectories.
* daemon/.gitignore: Delete.
* docs/.gitignore: Likewise.
* docs/devhelp/.gitignore: Likewise.
* docs/html/.gitignore: Likewise.
* examples/dominfo/.gitignore: Likewise.
* examples/domsuspend/.gitignore: Likewise.
* examples/hellolibvirt/.gitignore: Likewise.
* examples/openauth/.gitignore: Likewise.
* examples/domain-events/events-c/.gitignore: Likewise.
* include/libvirt/.gitignore: Likewise.
* src/.gitignore: Likewise.
* src/esx/.gitignore: Likewise.
* tests/.gitignore: Likewise.
* tools/.gitignore: Likewise.
2012-02-03 15:27:16 -07:00
Eric Blake
8fe454ce90 build: expand rule to cover testsuite
The bulk of this patch was done with:

sed -i 's/\(\bfree *(/VIR_FREE(/g' tests/*.c

followed by fixing the few compile errors that resulted.

* cfg.mk (exclude_file_name_regexp--sc_prohibit_raw_allocation):
Remove tests from exemption.
* tests/testutils.h: Add common header.
* tests/commandhelper.c: Fix offenders.
* tests/cputest.c: Likewise.
* tests/domainsnapshotxml2xmltest.c: Likewise.
* tests/interfacexml2xmltest.c: Likewise.
* tests/networkxml2argvtest.c: Likewise.
* tests/networkxml2xmltest.c: Likewise.
* tests/nodedevxml2xmltest.c: Likewise.
* tests/nodeinfotest.c: Likewise.
* tests/nwfilterxml2xmltest.c: Likewise.
* tests/qemuargv2xmltest.c: Likewise.
* tests/qemuxml2argvtest.c: Likewise.
* tests/qemuxml2xmltest.c: Likewise.
* tests/qemuxmlnstest.c: Likewise.
* tests/qparamtest.c: Likewise.
* tests/sexpr2xmltest.c: Likewise.
* tests/storagepoolxml2xmltest.c: Likewise.
* tests/storagevolxml2xmltest.c: Likewise.
* tests/testutils.c: Likewise.
* tests/virshtest.c: Likewise.
* tests/xencapstest.c: Likewise.
* tests/xmconfigtest.c: Likewise.
* tests/xml2sexprtest.c: Likewise.
2012-02-03 10:41:46 -07:00
Eric Blake
cb33ee1fad build: clean up CPPFLAGS/INCLUDES usage
Our syntax checker missed all-lower-case variables (this will
be fixed by the next .gnulib update).  Additionally, anywhere
that we mix in-tree files with generated files, automake recommends
listing builddir prior to srcdir for VPATH builds.

* src/Makefile.am (*_la_CFLAGS): Favor $(top_srcdir).
(INCLUDES): Likewise, and follow automake recommendations on
builddir before srcdir.
* python/Makefile.am (INCLUDES): Swap directory order.
* tests/Makefile.am (INCLUDES): Likewise.
* tools/Makefile.am (INCLUDES): Likewise.
* daemon/Makefile.am (INCLUDES): Likewise.
(libvirtd.init, libvirtd.service): Favor $().
* examples/hellolibvirt/Makefile.am (hellolibvirt_LDADD):
Likewise.
* examples/openauth/Makefile.am (openauth_LDADD): Likewise.
* examples/dominfo/Makefile.am (INCLUDES): Drop dead include.
* examples/domsuspend/Makefile.am (INCLUDES): Likewise.
2012-02-03 10:36:02 -07:00
Eric Blake
c9ace552eb command: allow merging stdout and stderr in string capture
Sometimes, its easier to run children with 2>&1 in shell notation,
and just deal with stdout and stderr interleaved.  This was already
possible for fd handling; extend it to also work when doing string
capture of a child process.

* docs/internals/command.html.in: Document this.
* src/util/command.c (virCommandSetErrorBuffer): Likewise.
(virCommandRun, virExecWithHook): Implement it.
* tests/commandtest.c (test14): Test it.
* daemon/remote.c (remoteDispatchAuthPolkit): Use new command
feature.
2012-02-03 10:02:34 -07:00
Daniel P. Berrange
b170eb99f5 Add two new security label types
Curently security labels can be of type 'dynamic' or 'static'.
If no security label is given, then 'dynamic' is assumed. The
current code takes advantage of this default, and avoids even
saving <seclabel> elements with type='dynamic' to disk. This
means if you temporarily change security driver, the guests
can all still start.

With the introduction of sVirt to LXC though, there needs to be
a new default of 'none' to allow unconfined LXC containers.

This patch introduces two new security label types

 - default:  the host configuration decides whether to run the
             guest with type 'none' or 'dynamic' at guest start
 - none:     the guest will run unconfined by security policy

The 'none' label type will obviously be undesirable for some
deployments, so a new qemu.conf option allows a host admin to
mandate confined guests. It is also possible to turn off default
confinement

  security_default_confined = 1|0  (default == 1)
  security_require_confined = 1|0  (default == 0)

* src/conf/domain_conf.c, src/conf/domain_conf.h: Add new
  seclabel types
* src/security/security_manager.c, src/security/security_manager.h:
  Set default sec label types
* src/security/security_selinux.c: Handle 'none' seclabel type
* src/qemu/qemu.conf, src/qemu/qemu_conf.c, src/qemu/qemu_conf.h,
  src/qemu/libvirtd_qemu.aug: New security config options
* src/qemu/qemu_driver.c: Tell security driver about default
  config
2012-02-02 17:44:37 -07:00
Philipp Hahn
22ec60001e tests: dynamically replace dnsmasq path
The path to the dnsmasq binary can be configured while in the test data
the path is hard-coded to /usr/bin/. This break the test suite if a the
binary is located in a different location, like /usr/local/sbin/.

Replace the hard coded path in the test data by a token, which is
dynamically replaced in networkxml2argvtest with the configured path
after the test data has been loaded.

(Another option would have been to modify configure.ac to generate the
 test data during configure, but I do not know of an easy way do trick
 configure into mass-generate those test files without listing every
 single one, which I consider less flexible.)

- unit-test the unit-test:
  #include <assert.h>
  #define TEST(in,token,rep,out) { char *buf = strdup(in); assert(!replaceTokens(&buf, token, rep) && !strcmp(buf, out)); free(buf); }
  TEST("", "AA", "B", "");
  TEST("A", "AA", "B", "A");
  TEST("AA", "AA", "B", "B");
  TEST("AAA", "AA", "B", "BA");
  TEST("AA", "AA", "BB", "BB");
  TEST("AA", "AA", "BBB", "BBB");
  TEST("<AA", "AA", "B", "<B");
  TEST("<AA", "AA", "BB", "<BB");
  TEST("<AA", "AA", "BBB", "<BBB");
  TEST("AA>", "AA", "B", "B>");
  TEST("AA>", "AA", "BB", "BB>");
  TEST("AA>", "AA", "BBB", "BBB>");
  TEST("<AA>", "AA", "B", "<B>");
  TEST("<AA>", "AA", "BB", "<BB>");
  TEST("<AA>", "AA", "BBB", "<BBB>");
  TEST("<AA|AA>", "AA", "B", "<B|B>");
  TEST("<AA|AA>", "AA", "BB", "<BB|BB>");
  TEST("<AA|AA>", "AA", "BBB", "<BBB|BBB>");
  TEST("<AAAA>", "AA", "B", "<BB>");
  TEST("<AAAA>", "AA", "BB", "<BBBB>");
  TEST("<AAAA>", "AA", "BBB", "<BBBBBB>");
  TEST("AAAA>", "AA", "B", "BB>");
  TEST("AAAA>", "AA", "BB", "BBBB>");
  TEST("AAAA>", "AA", "BBB", "BBBBBB>");
  TEST("<AAAA", "AA", "B", "<BB");
  TEST("<AAAA", "AA", "BB", "<BBBB");
  TEST("<AAAA", "AA", "BBB", "<BBBBBB");
  alarm(1); /* no infinite loop */
  TEST("A", "A", "A", "A");
  TEST("AA", "A", "A", "AA");
  alarm(0);

Signed-off-by: Philipp Hahn <hahn@univention.de>
2012-02-01 17:02:45 -07:00
Philipp Hahn
08f680ee1b tests: virnettlscontexttest needs gnutls-2.6.0
virnettlscontexttest uses gnutls_x509_crt_set_subject_alt_name() and
GNUTLS_FSAN_APPEND, which - according to
<http://www.gnu.org/software/gnutls/manual/gnutls.html> - are only
available since 2.6.0.

Since libvirt still works fine with gnutls-1.0.25 from RHEL5, only
enable the test when the version of GNUTLS is at least 2.6.0.

Signed-off-by: Philipp Hahn <hahn@univention.de>
Signed-off-by: Eric Blake <eblake@redhat.com>
2012-02-01 16:36:13 -07:00
Peter Krempa
b79ba8382e xml: Add element <title> to allow short description of domains
This patch adds a new element <title> to the domain XML. This attribute
can hold a short title defined by the user to ease the identification of
domains. The title may not contain newlines and should be reasonably short.

 *docs/formatdomain.html.in
 *docs/schemas/domaincommon.rng
        - add schema grammar for the new element and documentation
  *src/conf/domain_conf.c
  *src/conf/domain_conf.h
        - add field to hold the new attribute
        - add code to parse and create XML with the new attribute
2012-02-01 14:41:13 -07:00
Taku Izumi
397e6a705b conf: add rawio attribute to disk element of domain XML
This patch adds a new attribute "rawio" to the "disk" element
 of domain XML. Valid values of "rawio" attribute are "yes"
 and "no".
 rawio='yes' indicates the disk is desirous of CAP_SYS_RAWIO.

 If you specify the following XML:

 <disk type='block' device='lun' rawio='yes'>
  ...
 </disk>

 the domain will be granted CAP_SYS_RAWIO.
 (of course, the domain have to be executed with root privilege)

NOTE:
   - "rawio" attribute is only valid when device='lun'
   - At the moment, any other disks you won't use rawio can use rawio.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2012-01-31 13:36:23 -05:00
Laine Stump
3801831cdf qemu: add "romfile" support to specify device boot ROM
This patch addresses: https://bugzilla.redhat.com/show_bug.cgi?id=781562

Along with the "rombar" option that controls whether or not a boot rom
is made visible to the guest, qemu also has a "romfile" option that
allows specifying a binary file to present as the ROM BIOS of any
emulated or passthrough PCI device. This patch adds support for
specifying romfile to both passthrough PCI devices, and emulated
network devices that attach to the guest's PCI bus (just about
everything other than ne2k_isa).

One example of the usefulness of this option is described in the
bugzilla report: 82576 sriov network adapters don't provide a ROM BIOS
for the cards virtual functions (VF), but an image of such a ROM is
available, and with this ROM visible to the guest, it can PXE boot.

In libvirt's xml, the new option is configured like this:

   <hostdev>
     ...
     <rom file='/etc/fake/boot.bin'/>
     ...
   </hostdev

(similarly for <interface>).
2012-01-30 12:30:35 -05:00
Laine Stump
3284ac046f qemu: (and conf) support rombar for network devices
When support for the rombar option was added, it was only added for
PCI passthrough devices, configured with <hostdev>. The same option is
available for any network device that is attached to the guest's PCI
bus. This patch allows setting rombar for any PCI network device type.

After adding cases to test this to qemuxml2argv-hostdev-pci-rombar.*,
I decided to rename those files (to qemuxml2argv-pci-rom.*) to more
accurately reflect the additional tests, and also noticed that up to
now we've only been performing a domainschematest for that case, so I
added the "pci-rom" test to both qemuxml2argv and qemuxml2xml (and in
the process found some bugs whose fixes I squashed into previous
commits of this series).
2012-01-30 12:25:32 -05:00
Laine Stump
c01ba1a48f conf: relocate rombar and boot order parse/format
Since these two items are now in the virDomainDeviceInfo struct, it
makes sense to parse/format them in the functions written to
parse/format that structure. Not all types of devices allow them, so
two internal flags are added to indicate when it is appropriate to do
so.

I was lucky - only one test case needed to be re-ordered!
2012-01-30 12:25:25 -05:00
Eric Blake
b2e13f9c44 tests: fix reversed comparisons
Otherwise, a failed test gives misleading output.

* tests/commandtest.c (test13, test14, test16): Pass arguments in
correct order.
2012-01-27 16:35:14 -07:00
Paolo Bonzini
b66d1bef14 qemu: parse and create -cpu ...,-kvmclock
QEMU supports a bunch of CPUID features that are tied to the kvm CPUID
nodes rather than the processor's.  They are "kvmclock",
"kvm_nopiodelay", "kvm_mmu", "kvm_asyncpf".  These are not known to
libvirt and their CPUID leaf might move if (for example) the Hyper-V
extensions are enabled. Hence their handling would anyway require some
special-casing.

However, among these the most useful is kvmclock; an additional
"property" of this feature is that a <timer> element is a better model
than a CPUID feature.  Although, creating part of the -cpu command-line
from something other than the <cpu> XML element introduces some
ugliness.

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-01-27 16:51:50 +01:00
Paolo Bonzini
ef00a05e51 x86: add kvm32 and kvm64, update qemu64
Recently (or not so recently) QEMU added the kvm32 and kvm64
architectures, representing a least common denominator of all
hosts that can run KVM.  Add them to the machine map.

Also, some features that TCG supports were added to qemu64.
Add them to the cpu_map.xml whenever KVM is guaranteed to support
those.  We still have to leave some out, because they would not
be available to guests running on older hosts.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-01-27 16:51:49 +01:00
Eric Blake
6e769ebadb qemu: require qmp on new enough qemu
The qemu developers have made it clear that modern qemu will no
longer guarantee human monitor command stability; furthermore,
some features, such as async events, are only supported via qmp.
If we are compiled without support for handling JSON, we cannot
expect to sanely interact with modern qemu.

However, things must continue to build on RHEL 5, where qemu
is stuck at 0.10, and where yajl is not available.

Another benefit of this patch: future additions of new monitor
commands need only focus on qemu_monitor_json.c, instead of
also wasting time with qemu_monitor_text.c.

* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags): Report
error if yajl is missing but qemu requires qmp.
(qemuCapsParseHelpStr): Propagate error.
(qemuCapsExtractVersionInfo): Update caller.
* tests/qemuhelptest.c (testHelpStrParsing): Likewise.
2012-01-27 08:45:50 -07:00
Eric Blake
ff88cd5905 qemu: support qmp on RHEL/CentOS qemu
I'm getting tired of remembering to backport RHEL-specific
patches when building upstream libvirt on RHEL 6.x or CentOS.
All the affected versions of RHEL qemu-kvm have backported
enough patches to a) make JSON useful, and b) modify the
-help text to mention libvirt as the preferred interface;
which means this string in the help output is a reliable
indicator that we can outsmart a strict version check,
even when upstream qemu 0.12 lacked the needed features.

* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags):
Recognize particular help string present when enough features were
backported to be worth using JSON.
* tests/qemuhelptest.c (mymain): Update tests accordingly.
2012-01-27 08:11:19 -07:00
Daniel P. Berrange
1d5c7a9fdf Rename hash.h and hash.c to virhash.h and virhash.c
In preparation for the patch to include Murmurhash3, which
introduces a virhashcode.h and virhashcode.c files, rename
the existing hash.h and hash.c to virhash.h and virhash.c
respectively.
2012-01-26 14:11:13 +00:00
Daniel P. Berrange
9f2bf8fd03 Convert various virHash functions to use size_t / uint32
In preparation for conversion over to use the Murmurhash3
algorithm, convert various virHash APIs to use size_t or
uint32 for their return values/parameters, instead of the
variable size 'unsigned long' or 'int' types
2012-01-26 14:09:21 +00:00
Daniel P. Berrange
e95ef67b35 Introduce new API for generating random numbers
The old virRandom() API was not generating good random numbers.
Replace it with a new API virRandomBits which instead of being
told the upper limit, gets told the number of bits of randomness
required.

* src/util/virrandom.c, src/util/virrandom.h: Add virRandomBits,
  and move virRandomInitialize
* src/util/util.h, src/util/util.c: Delete virRandom and
  virRandomInitialize
* src/libvirt.c, src/security/security_selinux.c,
  src/test/test_driver.c, src/util/iohelper.c: Update for
  changes from virRandom to virRandomBits
* src/storage/storage_backend_iscsi.c: Remove bogus call
  to virRandomInitialize & convert to virRandomBits
2012-01-26 14:03:14 +00:00
Eric Blake
4d71ff450f metadata: group metadata next to description
It's better to group all the metadata together.  This is a
cosmetic output change; since the RNG allows interleave, it
doesn't matter where the user stuck it on input, and an XPath
query will find the same information when parsing the output.

* src/conf/domain_conf.c (virDomainDefFormatInternal): Output
metadata earlier.
* docs/formatdomain.html.in: Update documentation.
* tests/domainsnapshotxml2xmlout/metadata.xml: Update test.
* tests/qemuxml2xmloutdata/qemuxml2xmlout-metadata.xml: Likewise.
2012-01-24 17:40:23 -07:00
Zeeshan Ali (Khattak)
fa981fc945 Allow custom metadata in domain configuration XML
Applications can now insert custom nodes and hierarchies into domain
configuration XML. Although currently not enforced, applications are
required to use their own namespaces on every custom node they insert,
with only one top-level element per namespace.
2012-01-24 17:06:34 -07:00
Michal Privoznik
2f5519dcb6 hashtest: Initialize variable in virHashEqual test
One of latest patches (b7bcb22ce2) enhanced testing for virHashEqual.
However, hash2 variable might be used uninitialized.
2012-01-24 12:09:42 +01:00
Stefan Berger
b7bcb22ce2 Add test case for virHashEqual function
Add a test case to test the virHashEqual function.
2012-01-23 15:35:54 -05:00
Eric Blake
7b4e5693c1 API: make declaration of _LAST enum values conditional
Although this is a public API break, it only affects users that
were compiling against *_LAST values, and can be trivially
worked around without impacting compilation against older
headers, by the user defining VIR_ENUM_SENTINELS before using
libvirt.h.  It is not an ABI break, since enum values do not
appear as .so entry points.  Meanwhile, it prevents users from
using non-stable enum values without explicitly acknowledging
the risk of doing so.

See this list discussion:
https://www.redhat.com/archives/libvir-list/2012-January/msg00804.html

* include/libvirt/libvirt.h.in: Hide all sentinels behind
LIBVIRT_ENUM_SENTINELS, and add missing sentinels.
* src/internal.h (VIR_DEPRECATED): Allow inclusion after
libvirt.h.
(LIBVIRT_ENUM_SENTINELS): Expose sentinels internally.
* daemon/libvirtd.h: Use the sentinels.
* src/remote/remote_protocol.x (includes): Don't expose sentinels.
* python/generator.py (enum): Likewise.
* tests/cputest.c (cpuTestCompResStr): Silence compiler warning.
* tools/virsh.c (vshDomainStateReasonToString)
(vshDomainControlStateToString): Likewise.
2012-01-20 16:05:51 -07:00
Martin Kletzander
4c82f09ef0 Added capability checking for block <iotune> setting.
There was missing capability for blkiotune and thus specifying these
settings caused libvirt to run qemu with invalid parameters and then
reporting qemu error instead of the standard libvirt one. The support
for blkiotune setting was added in upstream qemu repo under commit
0563e191516289c9d2f282a8c50f2eecef2fa773.
2012-01-18 09:56:00 -07:00
Deepak C Shetty
d9e0d8204b Add new attribute wrpolicy to <driver> element
This introduces new attribute wrpolicy with only supported
value as immediate. This will be an optional
attribute with no defaults. This helps specify whether
to skip the host page cache.

When wrpolicy is specified, meaning when wrpolicy=immediate
a writeback is explicitly initiated for the dirty pages in
the host page cache as part of the guest file write operation.

Usage:
<filesystem type='mount' accessmode='passthrough'>
  <driver type='path' wrpolicy='immediate'/>
  <source dir='/export/to/guest'/>
  <target dir='mount_tag'/>
</filesystem>

Currently this only works with type='mount' for the QEMU/KVM driver.

Signed-off-by: Deepak C Shetty <deepakcs@linux.vnet.ibm.com>
2012-01-17 15:37:42 -07:00
Eric Blake
dccf45f376 tests: avoid dirname in tests
qemuxml2argvtest sanitizes PATH to just /bin, but on at least
Fedora 16, dirname lives in /usr/bin instead.  Regression
introduced in commit e7201afd.

* tests/qemuxml2argvdata/qemu.sh: Avoid forking a dirname call,
since dirname might not be in PATH after test sanitization.
* tests/qemuxml2argvdata/qemu-supported-cpus.sh: Likewise.
Diagnosed by Michal Privoznik.
2012-01-17 12:09:51 -07:00
Jiri Denemark
e7201afdf7 qemu: Add support for host CPU modes
This adds support for host-model and host-passthrough CPU modes to qemu
driver. The host-passthrough mode is mapped to -cpu host.
2012-01-17 12:22:19 +01:00
Jiri Denemark
277bc0dcb8 cpu: Update guest CPU in host-* mode
VIR_DOMAIN_XML_UPDATE_CPU flag for virDomainGetXMLDesc may be used to
get updated custom mode guest CPU definition in case it depends on host
CPU. This patch implements the same behavior for host-model and
host-passthrough CPU modes.
2012-01-17 11:42:56 +01:00
Jiri Denemark
f7dd3a4e62 Add support for cpu mode attribute
The mode can be either of "custom" (default), "host-model",
"host-passthrough". The semantics of each mode is described in the
following examples:

- guest CPU is a default model with specified topology:
    <cpu>
      <topology sockets='1' cores='2' threads='1'/>
    </cpu>

- guest CPU matches selected model:
    <cpu mode='custom' match='exact'>
      <model>core2duo</model>
    </cpu>

- guest CPU should be a copy of host CPU as advertised by capabilities
  XML (this is a short cut for manually copying host CPU specification
  from capabilities to domain XML):
    <cpu mode='host-model'/>

  In case a hypervisor does not support the exact host model, libvirt
  automatically falls back to a closest supported CPU model and
  removes/adds features to match host. This behavior can be disabled by
    <cpu mode='host-model'>
      <model fallback='forbid'/>
    </cpu>

- the same as previous returned by virDomainGetXMLDesc with
  VIR_DOMAIN_XML_UPDATE_CPU flag:
    <cpu mode='host-model' match='exact'>
      <model fallback='allow'>Penryn</model>       --+
      <vendor>Intel</vendor>                         |
      <topology sockets='2' cores='4' threads='1'/>  + copied from
      <feature policy='require' name='dca'/>         | capabilities XML
      <feature policy='require' name='xtpr'/>        |
      ...                                          --+
    </cpu>

- guest CPU should be exactly the same as host CPU even in the aspects
  libvirt doesn't model (such domain cannot be migrated unless both
  hosts contain exactly the same CPUs):
    <cpu mode='host-passthrough'/>

- the same as previous returned by virDomainGetXMLDesc with
  VIR_DOMAIN_XML_UPDATE_CPU flag:
    <cpu mode='host-passthrough' match='minimal'>
      <model>Penryn</model>                        --+ copied from caps
      <vendor>Intel</vendor>                         | XML but doesn't
      <topology sockets='2' cores='4' threads='1'/>  | describe all
      <feature policy='require' name='dca'/>         | aspects of the
      <feature policy='require' name='xtpr'/>        | actual guest CPU
      ...                                          --+
    </cpu>
2012-01-17 11:39:23 +01:00
Jiri Denemark
a6f88cbd2d cpu: Optionally forbid fallback CPU models
In case a hypervisor doesn't support the exact CPU model requested by a
domain XML, we automatically fallback to a closest CPU model the
hypervisor supports (and make sure we add/remove any additional features
if needed). This patch adds 'fallback' attribute to model element, which
can be used to disable this automatic fallback.
2012-01-17 11:39:19 +01:00
Jiri Denemark
23cf79f07e tests: Print XML file name in verbose CPU test
It's not totally obvious that a failure in

    CPU guest data(x86): host/guest (models, pref="qemu64")

test means one needs to fix

    x86-host+guest,models,qemu64-result.xml

where the expected XML is stored. Better to provide a nice hint in
verbose mode for failed tests.
2012-01-17 10:52:28 +01:00
Osier Yang
a5f8a01abb docs: Add missed RNG schema for interface
We support <interface> of type "mcast", "server", and "client",
but the RNG schema for them are missed. Attribute "address" is
optional for "server" type. And these 3 types support
<mac address='MAC'/>, too.
2012-01-17 17:09:47 +08:00
Michael Ellerman
4b942fe860 tests: Add qemuxml2argv tests for PPC64 pseries machine
Add four tests of the XML -> argv handling for the PPC64 pseries machine.

The first is just a basic test of a bare bones machine.

The three others test various aspects of the spapr-vio address handling.

It seems that currently we can't include network devices, doing so leads
to a segfault because the network driverState is not initialised. Working
around that leads us to the problem that the 'default' network doesn't
exist. So for now just leave network devices out.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
2012-01-13 16:10:43 -07:00
Michael Ellerman
69dde2e653 tests: Teach qemuxml2argvtest about spapr-vio addresses
We can't call qemuCapsExtractVersionInfo() from test code, because it
expects to be able to call the emulator, and for testing we have fake
emulators that can't be executed. For that reason qemuxml2argvtest.c
doesn't call qemuDomainAssignPCIAddresses(), instead it open codes its
own version.

That means we can't call qemuDomainAssignAddresses() from the test code,
instead we need to manually call qemuDomainAssignSpaprVioAddresses().

Also add logic to cope with qemuDomainAssignSpaprVioAddresses() failing,
so that we can write a test that checks for a known failure in there.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
2012-01-13 16:08:22 -07:00
Paolo Bonzini
c9abfadf37 qemu: add virtio-scsi controller model
Adding a new model for virtio-scsi roughly follows the same scheme
as the previous patch.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-01-13 14:54:48 -07:00
Paolo Bonzini
7b345b69f2 qemu: add ibmvscsi controller model
KVM will be able to use a PCI SCSI controller even on POWER.  Let
the user specify the vSCSI controller by other means than a default.

After this patch, the QEMU driver will actually look at the model
and reject anything but auto, lsilogic and ibmvscsi.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-01-13 14:13:30 -07:00
Osier Yang
5edfcaae6f qemu: Support copy on read for disk
The new introduced optional attribute "copy_on_read</code> controls
whether to copy read backing file into the image file. The value can
be either "on" or "off". Copy-on-read avoids accessing the same backing
file sectors repeatedly and is useful when the backing file is over a
slow network. By default copy-on-read is off.
2012-01-13 10:08:15 +08:00
Eric Blake
d98a3d4a59 build: fix virsh reformat fallout
Commit 69f0b446 failed to update the expected test output.

* tests/virshtest.c (testCompareListDefault)
(testCompareListCustom): Adjust to recent code change.
2012-01-12 15:16:40 -07:00
Deepak C Shetty
99fbb3866c Do not generate security_model when fs driver is anything but 'path'
QEMU does not support security_model for anything but 'path' fs driver type.
Currently in libvirt, when security_model ( accessmode attribute) is not
specified it auto-generates it irrespective of the fs driver type, which
can result in a qemu error for drivers other than path. This patch ensures
that the qemu cmdline is correctly generated by taking into account the
fs driver type.

Signed-off-by: Deepak C Shetty <deepakcs@linux.vnet.ibm.com>
2012-01-11 13:48:52 -07:00
Shradha Shah
52d064f42d Added new option to virsh net-dumpxml called --inactive
The above option helps to differentiate between implicit and explicit
interface pools.
2012-01-11 13:15:09 -07:00
Shradha Shah
b01b53de3f Adding the element pf to network xml.
This element will help the user to just specify the SR-IOV physical
function in order to access all the Virtual functions attached to it.
2012-01-11 13:10:21 -07:00
Stefan Berger
0c42e1d9aa Add test cases for new ways to access variables in filters
This patch adds a couple of XML parser / schema validator test cases
for the new 'ways' to access variables via index or iterator.
2012-01-11 06:42:37 -05:00
Laine Stump
177db08775 qemu: add new disk device='lun' for bus='virtio' & type='block'
In the past, generic SCSI commands issued from a guest to a virtio
disk were always passed through to the underlying disk by qemu, and
the kernel would also pass them on.

As a result of CVE-2011-4127 (see:
http://seclists.org/oss-sec/2011/q4/536), qemu now honors its
scsi=on|off device option for virtio-blk-pci (which enables/disables
passthrough of generic SCSI commands), and the kernel will only allow
the commands for physical devices (not for partitions or logical
volumes). The default behavior of qemu is still to allow sending
generic SCSI commands to physical disks that are presented to a guest
as virtio-blk-pci devices, but libvirt prefers to disable those
commands in the standard virtio block devices, enabling it only when
specifically requested (hopefully indicating that the requester
understands what they're asking for). For this purpose, a new libvirt
disk device type (device='lun') has been created.

device='lun' is identical to the default device='disk', except that:

1) It is only allowed if bus='virtio', type='block', and the qemu
   version is "new enough" to support it ("new enough" == qemu 0.11 or
   better), otherwise the domain will fail to start and a
   CONFIG_UNSUPPORTED error will be logged).

2) The option "scsi=on" will be added to the -device arg to allow
   SG_IO commands (if device !='lun', "scsi=off" will be added to the
   -device arg so that SG_IO commands are specifically forbidden).

Guests which continue to use disk device='disk' (the default) will no
longer be able to use SG_IO commands on the disk; those that have
their disk device changed to device='lun' will still be able to use SG_IO
commands.

*docs/formatdomain.html.in - document the new device attribute value.
*docs/schemas/domaincommon.rng - allow it in the RNG
*tests/* - update the args of several existing tests to add scsi=off, and
 add one new test that will test scsi=on.
*src/conf/domain_conf.c - update domain XML parser and formatter

*src/qemu/qemu_(command|driver|hotplug).c - treat
 VIR_DOMAIN_DISK_DEVICE_LUN *almost* identically to
 VIR_DOMAIN_DISK_DEVICE_DISK, except as indicated above.

Note that no support for this new device value was added to any
hypervisor drivers other than qemu, because it's unclear what it might
mean (if anything) to those drivers.
2012-01-09 10:55:53 -05:00
Eric Blake
74ff57506c tests: avoid test failure on rawhide gnutls
I hit a VERY weird testsuite failure on rawhide, which included
_binary_ output to stderr, followed by a hang waiting for me
to type something! (Here, using ^@ for NUL):

$ ./commandtest
TEST: commandtest
      WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
WARNING: gnome-keyring:: couldn't send data: Bad file descriptor
.8^@^@^@8^@^@^@^A^@^@^@^Bay^A^@^@^@)PRIVATE-GNOME-KEYRING-PKCS11-PROTOCOL-V-1

I finally traced it to the fact that gnome-keyring, called via
gnutls_global_init which is turn called by virNetTLSInit, opens
an internal fd that it expects to communicate to via a
pthread_atfork handler (never mind that it violates POSIX by
using non-async-signal-safe functions in that handler:
https://bugzilla.redhat.com/show_bug.cgi?id=772320).

Our problem stems from the fact that we pulled the rug out from
under the library's expectations by closing an fd that it had
just opened.  While we aren't responsible for fixing the bugs
in that pthread_atfork handler, we can at least avoid the bugs
by not closing the fd in the first place.

* tests/commandtest.c (mymain): Avoid closing fds that were opened
by virInitialize.
2012-01-06 14:24:32 -07:00
Michal Novotny
973af2362c Implement DNS SRV record into the bridge driver
Hi,
this is the fifth version of my SRV record for DNSMasq patch rebased
for the current codebase to the bridge driver and libvirt XML file to
include support for the SRV records in the DNS. The syntax is based on
DNSMasq man page and tests for both xml2xml and xml2argv were added as
well. There are some things written a better way in comparison with
version 4, mainly there's no hack in tests/networkxml2argvtest.c and
also the xPath context is changed to use a simpler query using the
virXPathInt() function relative to the current node.

Also, the patch is also fixing the networkxml2argv test to pass both
checks, i.e. both unit tests and also syntax check.

Please review,
Michal

Signed-off-by: Michal Novotny <minovotn@redhat.com>
2012-01-02 23:05:55 +08:00
Eric Blake
b43432931a seclabel: allow a seclabel override on a disk src
Implement the parsing and formatting of the XML addition of
the previous commit.  The new XML doesn't affect qemu command
line, so we can now test round-trip XML->memory->XML handling.

I chose to reuse the existing structure, even though per-device
override doesn't use all of those fields, rather than create a
new structure, in order to reuse more code.

* src/conf/domain_conf.h (_virDomainDiskDef): Add seclabel member.
* src/conf/domain_conf.c (virDomainDiskDefFree): Free it.
(virSecurityLabelDefFree): New function.
(virDomainDiskDefFormat): Print it.
(virSecurityLabelDefFormat): Reduce output if model not present.
(virDomainDiskDefParseXML): Alter signature, and parse seclabel.
(virSecurityLabelDefParseXML): Split...
(virSecurityLabelDefParseXMLHelper): ...into new helper.
(virDomainDeviceDefParse, virDomainDefParseXML): Update callers.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.args:
New file.
* tests/qemuxml2xmltest.c (mymain): Enhance test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
2011-12-30 10:57:59 +08:00
Eric Blake
6cb4acce8b seclabel: extend XML to allow per-disk label overrides
When doing security relabeling, there are cases where a per-file
override might be appropriate.  For example, with a static label
and relabeling, it might be appropriate to skip relabeling on a
particular disk, where the backing file lives on NFS that lacks
the ability to track labeling.  Or with dynamic labeling, it might
be appropriate to use a custom (non-dynamic) label for a disk
specifically intended to be shared across domains.

The new XML resembles the top-level <seclabel>, but with fewer
options (basically relabel='no', or <label>text</label>):

<domain ...>
  ...
  <devices>
    <disk type='file' device='disk'>
      <source file='/path/to/image1'>
        <seclabel relabel='no'/> <!-- override for just this disk -->
      </source>
      ...
    </disk>
    <disk type='file' device='disk'>
      <source file='/path/to/image1'>
        <seclabel relabel='yes'> <!-- override for just this disk -->
          <label>system_u:object_r:shared_content_t:s0</label>
        </seclabel>
      </source>
      ...
    </disk>
    ...
  </devices>
  <seclabel type='dynamic' model='selinux'>
    <baselabel>text</baselabel> <!-- used for all devices without override -->
  </seclabel>
</domain>

This patch only introduces the XML and documentation; future patches
will actually parse and make use of it.  The intent is that we can
further extend things as needed, adding a per-device <seclabel> in
more places (such as the source of a console device), and possibly
allowing a <baselabel> instead of <label> for labeling where we want
to reuse the cNNN,cNNN pair of a dynamically labeled domain but a
different base label.

First suggested by Daniel P. Berrange here:
https://www.redhat.com/archives/libvir-list/2011-December/msg00258.html

* docs/schemas/domaincommon.rng (devSeclabel): New define.
(disk): Use it.
* docs/formatdomain.html.in (elementsDisks, seclabel): Document
the new XML.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-dynamic-override.xml:
New test, to validate RNG.
2011-12-30 10:57:58 +08:00
Eric Blake
116d6af979 schema: rewrite seclabel rng to match code
The RNG for <seclabel> was too strict - if it was present, then it
had to have sub-elements, even if those didn't make sense for the
given attributes.  Also, we didn't have any tests of <seclabel>
parsing or XML output.

In this patch, I added more parsing tests than output tests (since
the output populates and/or reorders fields not present in certain
inputs).  Making the RNG reliable is a precursor to using <seclabel>
variants in more places in the XML in later patches.

See also:
http://berrange.com/posts/2011/09/29/two-small-improvements-to-svirt-guest-configuration-flexibility-with-kvmlibvirt/

* docs/schemas/domaincommon.rng (seclabel): Tighten rules.
* tests/qemuxml2argvtest.c (mymain): New tests.
* tests/qemuxml2xmltest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-seclabel-*.*: New files.
2011-12-30 10:38:37 +08:00
Eric Blake
dc099b8338 tests: fix schema checks sorting
Commit 6fdbce12 attempted to sort the list of tests, but failed
(without quotes, echo merges all the tests into a single line,
so there was nothing to sort).

* tests/schematestutils.sh: Fix thinko in previous patch.
2011-12-22 13:01:09 -07:00
Michal Privoznik
6da91758d7 qemuhelptest: Add new qemuCap flag
Latest patch a1a83c5874 introduces new qemu capability flag
QEMU_CAPS_FSDEV_READONLY. However, it was missing in qemuhelptest
making test for qemu-1.0 fail.
2011-12-22 11:00:05 +01:00
Eric Blake
6fdbce1232 tests: run schema checks in sorted order
Having a test that depends on file system timestamps and/or inode
allocation order gives non-deterministic output.

* tests/schematestutils.sh: Run test in deterministic order.
2011-12-20 17:34:12 -07:00
Michael Ellerman
bbae92f8b8 tests: Add fake PPC64 emulator for QEMU testing
Create a fake PPC64 QEMU so that we can run PPC64 QEMU tests when we
don't have a real version of the emulator available.

Signed-off-by: Michael Ellerman <michael@ellerman.id.au>
2011-12-20 16:14:09 -07:00