Commit Graph

12530 Commits

Author SHA1 Message Date
Mike Perez
d950494129 qemu: Add cmd_per_lun, max_sectors to virtio-scsi
This introduces two new attributes "cmd_per_lun" and "max_sectors" same
with the names QEMU uses for virtio-scsi. An example of the XML:

<controller type='scsi' index='0' model='virtio-scsi' cmd_per_lun='50'
max_sectors='512'/>

The corresponding QEMU command line:

-device virtio-scsi-pci,id=scsi0,cmd_per_lun=50,max_sectors=512,
bus=pci.0,addr=0x3

Signed-off-by: Mike Perez <thingee@gmail.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-07-02 09:43:17 +02:00
Ján Tomko
fba6bc47cb Add invariant TSC cpu flag
Add suport for invariant TSC flag (CPUID 0x80000007, bit 8 of EDX).
If this flag is enabled, the TSC ticks at a constant rate across
all ACPI P-, C- and T-states.

This can be enabled by adding:
<feature name='invtsc'/>
to the <cpu> element.

Migration and saving the domain does not work with this flag.

QEMU support: http://git.qemu.org/?p=qemu.git;a=commitdiff;h=303752a

The feature name "invtsc" differs from the name "" used by the linux kernel:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/arch/x86/kernel/cpu/powerflags.c?id=30321c7b#n18
2014-07-02 09:22:13 +02:00
Giuseppe Scrivano
72f919f558 qemu: raise an error when trying to use readonly ide disks
The IDE bus doesn't support readonly disks, so inform the user with an
error message instead of let qemu fail with a more obscure "Device
'ide-hd' could not be initialized" error message.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1112939

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-07-02 08:17:23 +02:00
Martin Kletzander
1ef6584288 util: unify extra asterisk in viralloc.h
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-02 08:17:23 +02:00
Peter Krempa
42619ed05d qemu: copy: Accept 'format' parameter when copying to a non-existing img
We have the following matrix of possible arguments handled by the logic
statement touched by this patch:
       | flags & _REUSE_EXT | !(flags & _REUSE_EXT)
-------+--------------------+----------------------
 format| (1)                | (2)
-------+--------------------+----------------------
!format| (3)                | (4)
-------+--------------------+----------------------

In cases 1 and 2 the user provided a format, in cases 3 and 4 not. The
user requests to use a pre-existing image in 1 and 3 and libvirt will
create a new image in 2 and 4.

The difference between cases 3 and 4 is that for 3 the format is probed
from the user-provided image, whereas in 4 we just use the existing disk
format.

The current code would treat cases 1,3 and 4 correctly but in case 2 the
format provided by the user would be ignored.

The particular piece of code was broken in commit 35c7701c64
but since it was introduced a few commits before that it was never
released as working.
2014-07-01 17:45:26 +02:00
Peter Krempa
f412fc9ffa storage: gluster: Fix header reader function
Advance the right pointer to actually append to the buffer. We were
lucky that all reads were completed in one try.
2014-07-01 17:39:50 +02:00
Peter Krempa
88f3f7c390 conf: storage: Add volume feature formatter for gluster pools
Libvirt didn't output feature flags for images stored on native gluster.
Fix this trivially by adding a feature formatter callback.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1095035
2014-07-01 17:39:50 +02:00
Martin Kletzander
fb62d31151 build: link libvirt_conf with libxml
Since there is code using functions from the libxml library,
libvirt_conf should have that in LIBADD so it can be linked against
even without libvirt_util (which usually deals with the error itself,
since libvirt_util has libxml in LIBADD).  The same applies to
storage_backend.c.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-07-01 17:24:27 +02:00
Ján Tomko
1c7601f5c3 Report one error less when getting net dev speed
virFileReadAll already logs an error. If reading the 'speed' file
fails with EINVAL, we log an error even though we ignore it. If it
fails with other errors, we log two errors.

Use virFileReadAllQuiet - ignore EINVAL and report just one error
in other cases.

Fixes this error on libvirtd startup:
2014-06-30 12:47:14.583+0000: 20971: error : virFileReadAll:1297 :
Failed to read file '/sys/class/net/wlan0/speed': Invalid argument
2014-07-01 16:33:14 +02:00
Ján Tomko
f638c13ea4 Introduce virFileReadAllQuiet
Just like virFileReadAll, but returns -errno instead
of reporting errors. Useful for ignoring some errors.
2014-07-01 16:32:29 +02:00
Ján Tomko
5de9b50259 Only detect PCI Express devices as root in udev nodedev driver
This stops the error message spam when running unprivileged
libvirtd:
2014-06-30 12:38:47.990+0000: 631: error : virPCIDeviceConfigOpen:300 :
Failed to open config space file
'/sys/bus/pci/devices/0000:00:00.0/config': Permission denied

Reported by Daniel Berrange:
https://www.redhat.com/archives/libvir-list/2014-June/msg01082.html
2014-07-01 16:30:32 +02:00
Ján Tomko
1229ef493f Track privileged state in udev nodedev driver
Remember if libvirtd is running as root or not.
2014-07-01 15:29:46 +02:00
Jim Fehlig
ec7b922576 libxl: add PV console if not explicitly specified
Xen PV domains always have a PV console, so add one to the domain
config via post-parse callback if not explicitly specified in
the XML.  The legacy Xen driver behaves similarly, causing a
regression when switching to the new Xen toolstack.  I.e.

  virsh console pv-domain

will no longer work after upgrading a xm/xend stack to xl/libxl.
2014-06-30 18:56:44 -06:00
Jim Fehlig
dc16534213 build: fix 'make syntax-check' after commit c6cf5df3
The commit caused prohibit_long_lines to fail in src/Makefile.am.
2014-06-30 18:48:19 -06:00
Jim Fehlig
c6cf5df32a vbox: fix linker error
Noticed the following error when building the vbox driver
in the openSUSE build service

CCLD     vboxsnapshotxmltest
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld:
../src/.libs/libvirt_driver_vbox_impl.a
(libvirt_driver_vbox_impl_la-vbox_snapshot_conf.o):
undefined reference to symbol 'xmlXPathRegisterNs@@LIBXML2_2.4.30'
/usr/lib64/libxml2.so: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status

Fixed by adding LIBXML_LIBS to libvirt_driver_vbox_impl_la_LIBADD
2014-06-30 16:34:46 -06:00
Dario Faggioli
bfc72e9992 libxl: don't break the build on Xen>=4.5 because of libxl_vcpu_setaffinity()
libxl interface for vcpu pinning is changing in Xen 4.5. Basically,
libxl_set_vcpuaffinity() now wants one more parameter. That is
representative of 'VCPU soft affinity', which libvirt does not use.

To mark such change, the macro LIBXL_HAVE_VCPUINFO_SOFT_AFFINITY is
defined. Use it as a gate and, if present, re-#define the calls from
the old to the new interface, to avoid breaking the build.

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Campbell <Ian.Campbell@citrix.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
2014-06-30 14:49:22 -06:00
Chen Hanxiao
5fc1d4ec7e LXC: throw an error if we failed to get Idmap elements
Throwing an error is much friendly than just
"error: An error occurred, but the cause is unknown"

Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
2014-06-30 15:38:47 +02:00
Peter Krempa
9036b31aed qemu: snapshot: Save persistent domain config when taking external snapshot
Commit 55bbb011b9 introduced a regression
where we forgot to save the persistent domain configuration after an
external snapshot. This would make libvirt forget the snapshots and
effectively revert to the previous state in the following scenario:

1) Start VM
2) Take snapshot
3) Destroy VM
4) Restart libvirtd

Also fix spurious blank line added by patch mentioned above.
2014-06-30 15:14:07 +02:00
Roman Bogorodskiy
b963ca06d4 bhyve: fix build by fixing typo in variable name
Commit 80d0918b introduced a typo in variable name:

s/failIncomaptible/failIncompatible/

Pushed under the build breaker rule.
2014-06-27 19:04:41 +04:00
Jiri Denemark
0453376755 cpu: Add new Broadwell CPU model 2014-06-27 16:19:46 +02:00
Peter Krempa
02bffd47bd net: merge virNetworkGetDHCPLeases and virNetworkGetDHCPLeasesForMAC
Instead of maintaining two very similar APIs, add the "@mac" parameter
to virNetworkGetDHCPLeases and kill virNetworkGetDHCPLeasesForMAC. Both
of those functions would return data the same way, so making @mac an
optional filter simplifies a lot of stuff.
2014-06-27 09:38:13 +02:00
Jim Fehlig
1d37a4c46b libxl: detect support for save and restore
libxl does not support save, restore, or migrate on all architectures,
notably ARM.  Detect whether libxl supports these operations using
LIBXL_HAVE_NO_SUSPEND_RESUME.  If not supported, drop advertisement of
<migration_features>.

Found by Ian Campbell while improving Xen's OSSTEST infrastructure

http://lists.xen.org/archives/html/xen-devel/2014-06/msg02171.html
2014-06-26 12:00:15 -06:00
Martin Kletzander
39931f5ee8 qemu: fix guestfwd chardev option back how it was
Since commit d86c876a66 we are using
guestfwd=tcp:IP:PORT,chardev=ID for guestfwd specification, however,
that has not changed in qemu, so guestfwd does not work since.

Apart from that, guestfwd is not working with older qemu that doesn't
have QEMU_CAPS_DEVICE.

Both regressions exist since late 2009 and nobody found that (until
now), so I'm only fixing the first one.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1112066

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-06-26 16:56:09 +02:00
Daniel P. Berrange
adae3f9705 Fix typo s/SASL_CONF_DIR/SASL_CONF_PATH/ in QEMU VNC code
The QEMU VNC client arg code has a long standing typo
of SASL_CONF_DIR when it should be SASL_CONF_PATH for
the env variable name.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-26 14:32:34 +01:00
Peter Krempa
02b364e186 qemu: blockcopy: Don't remove existing disk mirror info
When creating a new disk mirror the new struct is stored in a separate
variable until everything went well. The removed hunk would actually
remove existing mirror information for example when the api would be run
if a mirror still exists.
2014-06-26 10:18:47 +02:00
Peter Krempa
7dbfd12426 security: nop: Avoid very long lines
The function headers contain type on the same line as the name. When
combined with usage of ATTRIBUTE_UNUSED, the function headers were very
long. Shorten them by breaking the line after the type.
2014-06-26 10:18:47 +02:00
Peter Krempa
9e1b2cff8e security: Fix header formatting of a few functions
Some of the functions in the storage driver had their headers formatted
incorrectly.
2014-06-26 10:18:47 +02:00
Peter Krempa
8b641f44fc security: manager: Document behavior of disk label manipulation funcs
virSecurityManagerSetDiskLabel and virSecurityManagerRestoreDiskLabel
don't have complementary semantics. Document the semantics to avoid
possible problems.
2014-06-26 10:18:47 +02:00
Peter Krempa
2e5ffb2946 security: manager: Unify function header format 2014-06-26 10:18:47 +02:00
Peter Krempa
5fd0b40ff4 security: manager: Avoid forward decl of virSecurityManagerDispose 2014-06-26 10:18:47 +02:00
Peter Krempa
23a8646a89 security: Rename virSecurityManagerRestoreImageLabel to *Disk*
I'm going to add functions that will deal with individual image files
rather than whole disks. Rename the security function to make room for
the new one.
2014-06-26 10:18:47 +02:00
Peter Krempa
74d52fe809 util: s/virStorageSourceClearBackingStore/virStorageSourceBackingStoreClear
Rename them to comply with the naming policy.
2014-06-26 10:18:39 +02:00
Daniel Veillard
ee8abfbeac Fix a typo in a localized string
As pointed by Yuri Chornoivan in transifex:
https://fedora.transifex.com/projects/p/libvirt/translate/#uk/strings/27026506
2014-06-26 15:47:16 +08:00
Jiri Denemark
80d0918bd2 virConnectCompareCPU: Introduce FAIL_INCOMPATIBLE flag
The new VIR_CONNECT_COMPARE_CPU_FAIL_INCOMPATIBLE flag for
virConnectCompareCPU can be used to get an error
(VIR_ERR_CPU_INCOMPATIBLE) describing the incompatibility instead of the
usual VIR_CPU_COMPARE_INCOMPATIBLE return code.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-26 00:44:02 +02:00
Jiri Denemark
b14954fc12 cpuCompare*: Add support for reporting failure on incompatible CPUs
When CPU comparison APIs return VIR_CPU_COMPARE_INCOMPATIBLE, the caller
has no clue why the CPU is considered incompatible with host CPU. And in
some cases, it would be nice to be able to get such info in a client
rather than having to look in logs.

To achieve this, the APIs can be told to return VIR_ERR_CPU_INCOMPATIBLE
error for incompatible CPUs and the reason will be described in the
associated error message.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-26 00:43:54 +02:00
Jiri Denemark
871e64c66d cpu: Cleanup coding style in generic CPU driver
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-26 00:43:49 +02:00
Chen Fan
ca3d9afeb1 conf: whitespace tweak
Fix missing whitespace when parsing 'managed' attribute.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-25 12:43:22 -06:00
Jincheng Miao
01e508f33c enhance hostdev mode 'capabilities' process
Currently, only LXC has hostdev mode 'capabilities' support,
so the other drivers should forbid to define it in XML.
The hostdev mode check is added to devicesPostParseCallback()
for each hypervisor driver.

But there are some drivers lack function devicesPostParseCallback(),
so only add check for qemu, libxl, openvz, uml, xen, xenapi.

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
2014-06-25 18:19:11 +02:00
Peter Krempa
9a39f50420 storage: Don't store parent directory of an image explicitly
The parent directory doesn't necessarily need to be stored after we
don't mangle the path stored in the image. Remove it and tweak the code
to avoid using it.
2014-06-25 10:05:56 +02:00
Peter Krempa
e71437fff2 storage: Don't canonicalize paths unnecessarily
Store backing chain paths as non-canonical. The canonicalization step
will be already taken. This will allow to avoid storing unnecessary
amounts of data.
2014-06-25 10:02:59 +02:00
Peter Krempa
84b1f5d875 util: storage: Remove now redundant backingRelative from virStorageSource
Now that we store only relative names in virStorageSource's member
relPath the backingRelative member is obsolete. Remove it and adapt the
code to the removal.
2014-06-25 09:58:42 +02:00
Peter Krempa
7ba6a6f973 storage: Store relative path only for relatively backed storage
Due to various refactors and compatibility with the virstoragetest the
relPath field of the virStorageSource structure was always filled either
with the relative name or the full path in case of absolutely backed
storage. Return its original purpose to store only the relative name of
the disk if it is backed relatively and tweak the tests.
2014-06-25 09:54:42 +02:00
Peter Krempa
157a33a707 util: storage: Add helper to resolve relative path difference
This patch introduces a function that will allow us to resolve a
relative difference between two elements of a disk backing chain. This
function will be used to allow relative block commit and block pull
where we need to specify the new relative name of the image to qemu.

This patch also adds unit tests for the function to verify that it works
correctly.
2014-06-25 09:27:16 +02:00
Chen Hanxiao
ae38288b8a LXC: check whether we get MemSwap[Total|Usage]
Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
2014-06-25 07:17:21 +02:00
Julio Faracco
aa990efe97 qemu: enum cleanups in "src/qemu/*"
As we are doing with the enum structures, a cleanup in "src/qemu/"
directory was done now. All the enums that were defined in the
header files were converted to typedefs in this directory. This
patch includes all the adjustments to remove conflicts when you do
this kind of change. "Enum-to-typedef"'s conversions were made in
"src/qemu/qemu_{capabilities, domain, migration, hotplug}.h".

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
2014-06-24 12:56:54 -06:00
Jim Fehlig
887e648a98 libxl: fix version annotation of migration functions
Commit 9b8d6e1e missed updating the libvirt version which
introduced support for domainMigrate*3Params functions.
2014-06-24 11:12:21 -06:00
Peter Krempa
11863f7067 bridge: leases: Fix potential crash caused by use after free
Don't free individual JSON array members as the array will be freed at
the end. This may potentially lead to a crash although it didn't crash
on my setup.
2014-06-24 15:17:22 +02:00
Ján Tomko
15b46520e5 Free DHCP leases file in networkGetDHCPLeasesHelper
Introduced by commit ba51398
2014-06-24 14:41:50 +02:00
Ján Tomko
7086d7fab9 Free file header in virStorageFileGetMetadataRecurse
Introduced by commit 2bdb8b9
2014-06-24 14:41:19 +02:00
Daniel P. Berrange
6512c8b456 Change 'interface' to 'iface' in virNetworkDHCPLease
Variables/fields named 'interface' clash with system
header symbols on some platforms.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-24 13:30:16 +01:00
Giuseppe Scrivano
1a065caa79 graphics: remember graphics not auto allocated ports
When looking for a port to allocate, the port allocator didn't take in
consideration ports that are statically set by the user.  Defining
these two graphics elements in the XML would cause an error, as the
port allocator would try to use the same port for the spice graphics
element:

    <graphics type='spice' autoport='yes'/>
    <graphics type='vnc' port='5900' autoport='no'/>

The new *[pP]ortReserved variables keep track of the ports that were
successfully tracked as used by the port allocator but that weren't
bound.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1081881

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-06-24 14:17:59 +02:00
Giuseppe Scrivano
1d8d2fbcd0 virtportallocator: new function "virPortAllocatorSetUsed"
virPortAllocatorSetUsed permits to set a port as already used and
prevent the port allocator to use it without any attempt to bind it.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-24 14:17:55 +02:00
Nehal J Wani
59cac9a918 net-dhcp-leases: Add virsh support
Use virNetworkGetDHCPLeases and virNetworkGetDHCPLeasesForMAC in virsh.

The new feature supports the follwing methods:

1. Retrieve leases info for a given virtual network

2. Retrieve leases info for given network interface

tools/virsh-domain-monitor.c
   * Introduce new command : net-dhcp-leases
     Example Usage: net-dhcp-leases <network> [mac]

   virsh # net-dhcp-leases --network default6
   Expiry Time          MAC address        Protocol  IP address                Hostname        Client ID or DUID
   -------------------------------------------------------------------------------------------------------------------
   2014-06-16 03:40:14  52:54:00:85:90:e2  ipv4      192.168.150.231/24        fedora20-test   01:52:54:00:85:90:e2
   2014-06-16 03:40:17  52:54:00:85:90:e2  ipv6      2001:db8:ca2:2:1::c0/64   fedora20-test   00:04:b1:d8:86:42:e1:6a:aa:cf:d5:86:94:23:6f:94:04:cd
   2014-06-16 03:34:42  52:54:00:e8:73:eb  ipv4      192.168.150.181/24        ubuntu14-vm     -
   2014-06-16 03:34:46  52:54:00:e8:73:eb  ipv6      2001:db8:ca2:2:1::5b/64   -               00:01:00:01:1b:30:c6:aa:52:54:00:e8:73:eb

tools/virsh.pod
   * Document new command

src/internal.h
   * Introduce new macro: EMPTYSTR
2014-06-24 12:26:31 +01:00
Nehal J Wani
ba5139821a net-dhcp-leases: Private implementation inside network
Query the network driver for the path of the custom leases file for the given
virtual network and parse it to retrieve info.

src/network/bridge_driver.c:
* Implement networkGetDHCPLeases
* Implement networkGetDHCPLeasesForMAC
* Implement networkGetDHCPLeasesHelper
2014-06-24 12:26:31 +01:00
Nehal J Wani
990c3b6554 net-dhcp-leases: Implement the remote protocol
Implement RPC calls for virNetworkGetDHCPLeases, virNetworkGetDHCPLeasesForMAC

daemon/remote.c
   * Define remoteSerializeNetworkDHCPLeases,
            remoteDispatchNetworkGetDHCPLeases
   * Define remoteDispatchNetworkGetDHCPLeasesForMAC
   * Define helper function remoteSerializeDHCPLease

src/remote/remote_driver.c
   * Define remoteNetworkGetDHCPLeases
   * Define remoteNetworkGetDHCPLeasesForMAC
   * Define helper function remoteSerializeDHCPLease

src/remote/remote_protocol.x
   * New RPC procedure: REMOTE_PROC_NETWORK_GET_DHCP_LEASES
   * Define structs remote_network_dhcp_leases, remote_network_get_dhcp_leases_args,
                    remote_network_get_dhcp_leases_ret
   * New RPC procedure: REMOTE_PROC_NETWORK_GET_DHCP_LEASES_FOR_MAC
   * Define structs remote_network_dhcp_leases_for_mac, remote_network_get_dhcp_leases_for_mac_args,
                    remote_network_get_dhcp_leases_for_mac_ret

src/remote_protocol-structs
   * New structs added

src/rpc/gendispatch.pl
   * Add exception (s/Dhcp/DHCP) for auto-generating names of the remote functions
     in daemon/remote_dispatch.h
2014-06-24 12:26:31 +01:00
Nehal J Wani
03e0e79e07 net-dhcp-leases: Implement the public APIs
Introduce 3 new APIs, virNetworkGetDHCPLeases, virNetworkGetDHCPLeasesForMAC
and virNetworkDHCPLeaseFree.

* virNetworkGetDHCPLeases: returns the dhcp leases information for a given
     virtual network.

  For DHCPv4, the information returned:
  - Network Interface Name
  - Expiry Time
  - MAC address
  - IAID (NULL)
  - IPv4 address (with type and prefix)
  - Hostname (can be NULL)
  - Client ID (can be NULL)

  For DHCPv6, the information returned:
  - Network Interface Name
  - Expiry Time
  - MAC address
  - IAID (can be NULL, only in rare cases)
  - IPv6 address (with type and prefix)
  - Hostname (can be NULL)
  - Client DUID

  Note: @mac, @iaid, @ipaddr, @clientid are in ASCII form, not raw bytes.
  Note: @expirytime can 0, in case the lease is for infinite time.

* virNetworkGetDHCPLeasesForMAC: returns the dhcp leases information for a
     given virtual network and specified MAC Address.

* virNetworkDHCPLeaseFree: allows the upper layer application to free the
     network interface object conveniently.

There is no support for flags, so user is expected to pass 0 for
both the APIs.

include/libvirt/libvirt.h.in:
  * Define virNetworkGetDHCPLeases
  * Define virNetworkGetDHCPLeasesForMAC
  * Define virNetworkDHCPLeaseFree

src/driver.h:
  * Define networkGetDHCPLeases
  * Define networkGetDHCPLeasesForMAC

src/libvirt.c:
  * Implement virNetworkGetDHCPLeases
  * Implement virNetworkGetDHCPLeasesForMAC
  * Implement virNetworkDHCPLeaseFree

src/libvirt_public.syms:
  * Export the new symbols
2014-06-24 12:26:31 +01:00
Chen Hanxiao
bffe8d2ddf LXC: trivially support flag VIR_DRV_FEATURE_TYPED_PARAM_STRING
Fix lxcDomainGetMemoryParameters and lxcDomainGetSchedulerParametersFlags:
virsh -c lxc:/// memtune DOMAIN
error: Unable to get number of memory parameters
error: unsupported flags (0x4) in function lxcDomainGetMemoryParameters

Introduced by commit 399394.

Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-06-24 12:41:39 +02:00
Michal Privoznik
2c78a270da virNumaGetPages: Don't fail on huge page-less systems
If we are running on a system that is not capable of huge pages (e.g.
because the kernel is not configured that way) we still try to open
"/sys/kernel/mm/hugepages/" which however does not exist. We should
be tolerant to this specific use case.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-24 11:50:32 +02:00
Michal Privoznik
3499eedd4b virNumaGetPageInfo: Take huge pages into account
On the Linux kernel, if huge pages are allocated the size they cut off
from memory is accounted under the 'MemUsed' in the meminfo file.
However, we want the sum to be subtracted from 'MemTotal'. This patch
implements this feature. After this change, we can enable reporting
of the ordinary system pages in the capability XML:

<capabilities>

  <host>
    <uuid>01281cda-f352-cb11-a9db-e905fe22010c</uuid>
    <cpu>
      <arch>x86_64</arch>
      <model>Haswell</model>
      <vendor>Intel</vendor>
      <topology sockets='1' cores='1' threads='1'/>
      <feature/>
      <pages unit='KiB' size='4'/>
      <pages unit='KiB' size='2048'/>
      <pages unit='KiB' size='1048576'/>
    </cpu>
    <power_management/>
    <migration_features/>
    <topology>
      <cells num='4'>
        <cell id='0'>
          <memory unit='KiB'>4048248</memory>
          <pages unit='KiB' size='4'>748382</pages>
          <pages unit='KiB' size='2048'>3</pages>
          <pages unit='KiB' size='1048576'>1</pages>
          <distances/>
          <cpus num='1'>
            <cpu id='0' socket_id='0' core_id='0' siblings='0'/>
          </cpus>
        </cell>
        ...
      </cells>
    </topology>
  </host>
</capabilities>

You can see the beautiful thing about this: if you sum up all the
<pages/> you'll get <memory/>.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-24 11:50:31 +02:00
Peter Krempa
2cff94cc85 storage: gluster: Avoid name shadow on older compilers
s/link/linkpath/g in virStorageFileBackendGlusterReadlinkCallback as
older gcc complains.
2014-06-24 11:22:17 +02:00
Peter Krempa
975f0e2eb4 storage: gluster: Add backend to return unique storage file path
Use virStorageFileSimplifyPathInternal to canonicalize gluster paths
via a callback and use it for the unique volume path retrieval API.
2014-06-24 10:45:43 +02:00
Peter Krempa
08aa22ec1d util: storagefile: Introduce universal function to canonicalize paths
Introduce a common function that will take a callback to resolve links
that will be used to canonicalize paths on various storage systems and
add extensive tests.
2014-06-24 10:45:43 +02:00
Peter Krempa
5d4a482584 util: string: Add helper to free non-NULL terminated string arrays
To free string lists with some strings stolen from the middle we need to
walk the complete array. Introduce a new helper that takes the string
list size to free such string lists.
2014-06-24 10:45:43 +02:00
Jim Fehlig
48d81cef3b libxl: prefer qdisk for <driver name='file'>
The libxl driver currently sets the disk backend to
LIBXL_DISK_BACKEND_TAP when <driver name='file'> is specified
in the <disk> config.  qdisk should be prefered with this
configuration, otherwise existing configuration such as the
following, which worked with the old Xen driver, will not work
with the libxl driver

  <disk type='file' device='cdrom'>
    <driver name='file'/>
    <source file='/path/to/some/iso'/>
    <target dev='hdc' bus='ide'/>
    <readonly/>
  </disk>

In addition, tap performs poorly compared to qdisk.
2014-06-23 15:52:14 -06:00
Roman Bogorodskiy
4a82ef92be Fix closedir usage in virNumaGetPages
virNumaGetPages calls closedir(dir) in cleanup and dir could
be NULL if we jump there from the failed opendir() call.

While it's not harmful on Linux, FreeBSD libc crashes [1], so
make sure that dir is not NULL before calling closedir.

1: http://lists.freebsd.org/pipermail/freebsd-standards/2014-January/002704.html
2014-06-23 19:25:59 +04:00
Daniel P. Berrange
60c343f688 Add pkg-config files to allow deps to build against source tree
When testing language bindings it is useful to be able to build
them against an uninstalled libvirt source tree. Add a dummy
set of pkg-config files to allow for this. This can be used by
setting

  export PKG_CONFIG_PATH=/path/to/libvirt/git/src

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-23 16:17:55 +01:00
Michal Privoznik
9e72691b7e virnuma: Actually build huge page code
One of previous commits (e6258a33) tried to build the huge page code
only on Linux since it's Linux centric indeed. But it failed miserably
as it used 'WITH_LINUX' which is an automake conditional not a gcc
one. In the sources we need to use __linux__.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-23 16:24:02 +02:00
Laine Stump
ef01622607 qemu: parse -device virtio-balloon
There are no options to parse here other than the name of the device,
and all three possible device names have the same prefix
("virtio-balloon" with "-ccw", "-pci", or "-device" appended), so the
code is fairly simple. It has been implemented such that it will be
easier to add handling for other -device entries that aren't otherwise
recognized - just add another "else if (STRPREFIX(opts, ....)" clause.

qemuParseCommandLineString() previously would always add a <memballoon
model='virtio'/> to every result (the comments erroneously say that it
is adding a <memballoon model='none'/>) This has been changed to add
model='none', and 84 test case xml's updated accordingly (so that
qemuxml2argvtest won't fail).

Now that the memballoon device is properly parsed, we can safely add a
test for properly ignoring -nodefconfig and -nodefaults. Rather than
adding an entire new test case for this (and memballoon), we just
randomly pick the clock-utc test and modify it slightly to fulfill the
purpose.
2014-06-23 16:34:53 +03:00
Ján Tomko
f8a33815d0 Report correct error in virNetDevTapCreate
ioctl returns -1, not the errno value
2014-06-23 14:16:23 +02:00
Ján Tomko
10af0a1973 Do not call closedir with NULL argument
Only three other callers possibly call closedir on a NULL argument.
Even though these probably won't be used on FreeBSD where this crashes,
let's be nice and only call closedir on an actual directory stream.
2014-06-23 14:16:23 +02:00
Ján Tomko
9a2e523eba Fix invalid write in virNumaGetDistances
==== Invalid write of size 4
====    at 0x52E678C: virNumaGetDistances (virnuma.c:479)
====    by 0x5396890: nodeCapsInitNUMA (nodeinfo.c:1796)
====    by 0x203C2B: virQEMUCapsInit (qemu_capabilities.c:960)
====  Address 0xe10a1e0 is 0 bytes after a block of size 0 alloc'd
====    at 0x4C2A6D0: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
====    by 0x52A10D6: virAllocN (viralloc.c:191)
====    by 0x52E674D: virNumaGetDistances (virnuma.c:470)
====    by 0x5396890: nodeCapsInitNUMA (nodeinfo.c:1796)
====    by 0x203C2B: virQEMUCapsInit (qemu_capabilities.c:960)
2014-06-23 14:16:23 +02:00
Peter Krempa
e6258a333c util: numa: Stub out hugepage code on non-Linux platforms
The hugepage sizing and counting code gathers the information from sysfs
and thus isn't portable. Stub it out for non-Linux so that we can report
a better error. This patch also avoids calling sysinfo() on Mingw where
it isn't supported.
2014-06-23 14:07:57 +02:00
Peter Krempa
00b2317a66 util: numa: Catch readdir errors in virNumaGetPages
Don't return possibly incomplete result if virDirRead fails.
2014-06-23 14:00:10 +02:00
Ján Tomko
3fe9d75ab6 Properly check the return value of CCWAddressAsString
It returns NULL on failure. Checking if the negation of it
is less than zero makes no sense. (Found by coverity after moving
the code)

In another case, the return value wasn't checked at all.
2014-06-23 08:31:53 +02:00
Ján Tomko
b2626755d3 Split out CCW address allocation
Just code movement and rename.
2014-06-21 10:12:21 +02:00
Jason Andryuk
c1bc06e2d7 libxl: Use cooperative resume for migration
Migration code specifies the problematic non-cooperative resume mode
which is a known issue with Xen's libxl [1].  Instead, use the better
supported cooperative mode.

Without this, guests BUG() in xen_irq_resume after failing to bind
still-bound event channels.

[1] http://bugs.xenproject.org/xen/bug/30
2014-06-20 11:34:26 -06:00
Michal Privoznik
d06d4c95a6 cpu_arm: Support all ARM processors we know about
So far three ARM processor families are known to libvirt,
however the cpu driver knows only about one of them. This
make host initialization on the other two fail:

2014-06-17 13:35:41.419+0000: 6840: info : libvirt version: 1.2.6
2014-06-17 13:35:41.419+0000: 6840: error : cpuNodeData:342 : this function is not supported by the connection driver: cannot get node CPU data for armv6l architecture
2014-06-17 13:35:41.433+0000: 6840: warning : virQEMUCapsInit:943 : Failed to get host CPU

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-20 15:59:12 +02:00
Michal Privoznik
f4dc812c9e virNodeParseSocket: Take ARM into account
The virNodeParseSocket() function tries to get socked ID from
'topology/physical_package_id' file. However, on some architectures
the file contains the -1 constant which makes in turn libvirt think
the info extraction was unsuccessful. If that's the case, we need to
overwrite the obtained integer with zero like we are doing for other
architectures.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-20 15:59:08 +02:00
Michal Privoznik
9571eaaa63 virNodeParseNode: Propagate host architecture
As in previous commit, there are again some places where we can do
runtime decision instead of compile time. This time it's whether the
'topology/physical_package_id' is allowed to have '-1' within or not.
Then, core ID is pared differently on s390(x) than on the rest of
architectures.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-20 15:50:56 +02:00
Michal Privoznik
e808357528 nodeinfo: Introduce @arch to linuxNodeInfoCPUPopulate
So far, we are doing compile time decisions on which architecture is
used. However, for testing purposes it's much easier if we pass host
architecture as parameter and then let the function decide which code
snippet for extracting host CPU info will be used.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-20 15:46:52 +02:00
Laine Stump
0b33d7c921 interface: clean up virInterfaceDefDevFormat
This modifies the formatting function of virInterface to be a proper
mirror of the parse function, including the addition of a
"parentIfType" arg so that we can decide whether or not it is
appropriate to emit the elements that are only in toplevel interfaces,
as well as the <link> element (which isn't allowed for bridge
interfaces).

Since the restructuring of the code necessarily changes the order of
some of the elements, some test case data had to be updated.
2014-06-20 11:50:41 +03:00
Laine Stump
3aa8197393 interface: clean up virInterfaceDefParseXML
the switch cases for the 4 different interface types had repetitive
code which has now been pulled out as common. While touching those
lines, some extra usage of "!= NULL" etc has been eliminated to make
things more compact and inline with current coding practices.

NB: parentIfType == VIR_INTERFACE_TYPE_LAST means that this is a
toplevel interface (not a subordinate of a bridge or bond). Only
toplevel interfaces can have a start mode, mtu, or IP address element.
2014-06-20 11:49:06 +03:00
Laine Stump
7edc46ac26 interface: move parsing of bridge attributes into appropriate function
For some reason the bridge stp mode and delay were put directly into
the "bridge" case of the switch in virInterfaceDefParseXML(), although
they are inside the <bridge> element, and so should be parsed in the
function created for that purpose - virInterfaceBridgeDefFormat().
2014-06-20 11:47:14 +03:00
Laine Stump
69db5f921a interface: report link state for bonds and vlans too
The interface state for bonds and vlans does seem to reflect the state
of the underlying physical devices, at least in some cases, so it
makes sense to allow reporting it (netcf now does).

The link state/speed for bridge devices is meaningless though, so we
don't even look for it.
2014-06-20 11:43:19 +03:00
Peter Krempa
c8e4220515 security: Rename virSecurityManagerSetImageLabel to *Disk*
I'm going to add functions that will deal with individual image files
rather than whole disks. Rename the security function to make room for
the new one.
2014-06-20 09:27:19 +02:00
Peter Krempa
7c6dae0418 security: Sanitize type of @migrated in virSecurityManagerRestoreAllLabel
Also remove one spurious ATTRIBUTE_UNUSED guarding the @migrated
argument.
2014-06-20 09:27:19 +02:00
Peter Krempa
83c896c859 util: Don't require full disk definition when getting imagelabels
The image labels are stored in the virStorageSource struct. Convert the
virDomainDiskDefGetSecurityLabelDef helper not to use the full disk def
and move it appropriately.
2014-06-20 09:27:15 +02:00
Peter Krempa
5aadf43750 util: storagefile: Introduce helper to free storage source perms
It will also be reused later.
2014-06-20 09:14:47 +02:00
Peter Krempa
89939e1301 util: seclabel: Add deep copy function for device labels 2014-06-20 09:14:47 +02:00
Peter Krempa
756b46ddd2 storage: encryption: Add deep copy function for storage encryption 2014-06-20 09:14:46 +02:00
Jim Fehlig
2624dfde37 libxl: limit support for specifying an interface script
Generally, <interface> ... <script> is only supported for
type='ethernet'.  Due to the long and pervasive use of

  <interface type='bridge'>
    ...
    <script path='foo'/>
  </interface>

in Xen domain configuration, it was agreed to allow the use
of <script> with type='bridge' for backwards compatibility.  See
the following discussion thread

http://www.redhat.com/archives/libvir-list/2013-April/msg00755.html

This patch limits the use of <script> to interface types ethernet
and bridge, raising an unsupported config error if <script> is
specified for all other interface types.

While at it, use VIR_ERR_CONFIG_UNSUPPORTED instead of
VIR_ERR_INTERNAL_ERROR when reporting unsupported interface types.
2014-06-19 15:33:36 -06:00
Jim Fehlig
bf410bb8eb libxl: support interface type=network
Add support for <interface type='network'> in the libxl driver.
2014-06-19 15:33:36 -06:00
Michal Privoznik
38fa03f4b0 nodeinfo: Implement nodeGetFreePages
And add stubs to other drivers like: lxc, qemu, uml and vbox.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:50 +02:00
Michal Privoznik
34f2d0319d Introduce virNodeGetFreePages
The aim of the API is to get information on number of free pages
on the system. The API behaves similar to the
virNodeGetCellsFreeMemory(). User passes starting NUMA cell, the
count of nodes that he's interested in, pages sizes (yes,
multiple sizes can be queried at once) and the counts are
returned in an array.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:49 +02:00
Michal Privoznik
02129b7c0e virCaps: expose pages info
There are two places where you'll find info on page sizes. The first
one is under <cpu/> element, where all supported pages sizes are
listed. Then the second one is under each <cell/> element which refers
to concrete NUMA node. At this place, the size of page's pool is
reported. So the capabilities XML looks something like this:

<capabilities>

  <host>
    <uuid>01281cda-f352-cb11-a9db-e905fe22010c</uuid>
    <cpu>
      <arch>x86_64</arch>
      <model>Westmere</model>
      <vendor>Intel</vendor>
      <topology sockets='1' cores='1' threads='1'/>
      ...
      <pages unit='KiB' size='4'/>
      <pages unit='KiB' size='2048'/>
      <pages unit='KiB' size='1048576'/>
    </cpu>
    ...
    <topology>
      <cells num='4'>
        <cell id='0'>
          <memory unit='KiB'>4054408</memory>
          <pages unit='KiB' size='4'>1013602</pages>
          <pages unit='KiB' size='2048'>3</pages>
          <pages unit='KiB' size='1048576'>1</pages>
          <distances/>
          <cpus num='1'>
            <cpu id='0' socket_id='0' core_id='0' siblings='0'/>
          </cpus>
        </cell>
        <cell id='1'>
          <memory unit='KiB'>4071072</memory>
          <pages unit='KiB' size='4'>1017768</pages>
          <pages unit='KiB' size='2048'>3</pages>
          <pages unit='KiB' size='1048576'>1</pages>
          <distances/>
          <cpus num='1'>
            <cpu id='1' socket_id='0' core_id='0' siblings='1'/>
          </cpus>
        </cell>
        ...
      </cells>
    </topology>
    ...
  </host>

  <guest/>

</capabilities>

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:49 +02:00
Michal Privoznik
35f1095e12 virnuma: Introduce pages helpers
For future work we need two functions that fetches total number of
pages and number of free pages for given NUMA node and page size
(virNumaGetPageInfo()).

Then we need to learn pages of what sizes are supported on given node
(virNumaGetPages()).

Note that system page size is disabled at the moment as there's one
issue connected. If you have a NUMA node with huge pages allocated the
kernel would return the normal size of memory for that node. It
basically ignores the fact that huge pages steal size from the system
memory. Until we resolve this, it's safer to not confuse users and
hence not report any system pages yet.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:49 +02:00
Michal Privoznik
99a63aed2d nodeinfo: Rename nodeGetFreeMemory to nodeGetMemory
For future work we want to get info for not only the free memory
but overall memory size too. That's why the function must have
new signature too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:49 +02:00
Michal Privoznik
356c6f389f virnuma: Introduce virNumaNodeIsAvailable
Not on all hosts the set of NUMA nodes IDs is continuous. This is
critical, because our code currently assumes the set doesn't contain
holes. For instance in nodeGetFreeMemory() we can see the following
pattern:

    if ((max_node = virNumaGetMaxNode()) < 0)
        return 0;

    for (n = 0; n <= max_node; n++) {
        ...
    }

while it should be something like this:

    if ((max_node = virNumaGetMaxNode()) < 0)
        return 0;

    for (n = 0; n <= max_node; n++) {
        if (!virNumaNodeIsAvailable(n))
            continue;
        ...
    }

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-19 15:10:49 +02:00
Eric Blake
1bfe73a126 blockjob: use stable disk string in job event
When the block job event was first added, it was for block pull,
where the active layer of the disk remains the same name.  It was
also in a day where we only cared about local files, and so we
always had a canonical absolute file name.  But two things have
changed since then: we now have network disks, where determining
a single absolute string does not really make sense; and we have
two-phase jobs (copy and active commit) where the name of the
active layer changes between the first event (ready, on the old
name) and second (complete, on the pivoted name).

Adam Litke reported that having an unstable string between events
makes life harder for clients.  Furthermore, all of our API that
operate on a particular disk of a domain accept multiple strings:
not only the absolute name of the active layer, but also the
destination device name (such as 'vda').  As this latter name is
stable, even for network sources, it serves as a better string
to supply in block job events.

But backwards-compatibility demands that we should not change the
name handed to users unless they explicitly request it.  Therefore,
this patch adds a new event, BLOCK_JOB_2 (alas, I couldn't think of
any nicer name - but at least Migrate2 and Migrate3 are precedent
for a number suffix).  We must double up on emitting both old-style
and new-style events according to what clients have registered for
(see also how IOError and IOErrorReason emits double events, but
there the difference was a larger struct rather than changed
meaning of one of the struct members).

Unfortunately, adding a new event isn't something that can easily
be broken into pieces, so the commit is rather large.

* include/libvirt/libvirt.h.in (virDomainEventID): Add a new id
for VIR_DOMAIN_EVENT_ID_BLOCK_JOB_2.
(virConnectDomainEventBlockJobCallback): Document new semantics.
* src/conf/domain_event.c (_virDomainEventBlockJob): Rename field,
to ensure we catch all clients.
(virDomainEventBlockJobNew): Add parameter.
(virDomainEventBlockJobDispose)
(virDomainEventBlockJobNewFromObj)
(virDomainEventBlockJobNewFromDom)
(virDomainEventDispatchDefaultFunc): Adjust clients.
(virDomainEventBlockJob2NewFromObj)
(virDomainEventBlockJob2NewFromDom): New functions.
* src/conf/domain_event.h: Add new prototypes.
* src/libvirt_private.syms (domain_event.h): Export new functions.
* src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Generate two
different events.
* src/qemu/qemu_process.c (qemuProcessHandleBlockJob): Likewise.
* src/remote/remote_protocol.x
(remote_domain_event_block_job_2_msg): New struct.
(REMOTE_PROC_DOMAIN_EVENT_BLOCK_JOB_2): New RPC.
* src/remote/remote_driver.c
(remoteDomainBuildEventBlockJob2): New handler.
(remoteEvents): Register new event.
* daemon/remote.c (remoteRelayDomainEventBlockJob2): New handler.
(domainEventCallbacks): Register new event.
* tools/virsh-domain.c (vshEventCallbacks): Likewise.
(vshEventBlockJobPrint): Adjust client.
* src/remote_protocol-structs: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-19 06:54:12 -06:00
Jim Fehlig
64b60266ad Fix xmconfigtest
Commit ac63014c introduced a regression in the conversion of Xen
xm config to XML by emitting an empty <cmdline>.  Prior to this
commit, <cmdline> was omitted if the xm config was missing (or
contained an empty) 'extra='.
2014-06-18 23:47:41 -06:00
Ian Campbell
ac63014cfd xen: handle root= in xen-xm configuration files.
In addition to extra= xm supported a root= option which was supposed
to be incorporated into the final command line. Handle that for "virsh
domxml-from-native xen-xm". Tested with the libxl backend.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
2014-06-18 11:11:12 -06:00
Pavel Hrdina
97af511b1a vbox_snapshot_conf: fix wrong use of 'xmlSaveFormatFileEnc'
The function 'xmlSaveFormatFileEnc' has a last option to set
if you want to format dumped xml with whitespaces or not.

Older libxml2, the one used in RHEL6, take this option as it is
but newer libxml2 check this option if it's true or not. This
small difference somehow makes things messy on RHEL6 and generated
xml had extra new line and extra whitespaces.

We should pass 1 instead if -1 because the -1 confuses the libxml2.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-06-18 15:19:18 +02:00
Serge Hallyn
c7abe7448c virt-aa-helper: allow access to /dev/vhost-net if needed
Only allow the access if it is a KVM domain which has a NIC which wants
non-userspace networking.

This addresses https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1322568

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2014-06-17 22:12:31 -06:00
Yohan BELLEGUIC
49ce28d668 vbox: fix a segfault when taking a snapshot
there is a segfault in the vbox driver when taking a snapshot in the
following functions:
- vboxDomainGetXMLDesc
- vboxSnapshotGetReadWriteDisks
- vboxSnapshotGetReadOnlyDisks

The virStorageSourcePtr in virDomainDiskDef was not correctly allocated.

(The problem stems from the fact that commit 4dc5d8f and commit bc3f5f1
were written in one order but applied in another; so each tested in
isolation passed, but the combination introduces the problem due to
changed semantics).

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-17 21:35:44 -06:00
Peter Krempa
28427e6b2a vbox: snapshot: Avoid memleaks in functions dealing with disk arrays
In virVBoxSnapshotConfRemoveFakeDisks and
virVBoxSnapshotConfDiskIsInMediaRegistry the disk array constructed from
all the disks would be leaked at the end of the function and on
allocation errors. Also the temporary disk list would be leaked.

Add a cleanup section and free the memory properly.

Found by coverity.
2014-06-17 13:28:44 +02:00
Peter Krempa
ca9a94a0a9 vbox: snapshot: Avoid memleak in virVBoxSnapshotConfAllChildren
On re-allocation failure the function would leak already allocated
memory.
2014-06-17 13:28:39 +02:00
Peter Krempa
b9f8a2f25e network: bridge: Avoid freeing uninitialized pointer on cleanup path
The cleanup path in networkBuildDhcpDaemonCommandLine could cause a
crash by freeing uninitialized pointer.
2014-06-17 10:03:53 +02:00
Peter Krempa
0657ed2a5c net: leaseshelper: Refactor copying of old entries to avoid double free
When copying entries from the old lease file into the new array the old
code would copy the pointer of the json object into the second array
without removing it from the first. Afterwards when both arrays were
freed this might lead to a crash due to access of already freed memory.

Refactor the code to use the new array item stealing helper added to the
json code so that the entry resides just in one array.
2014-06-17 09:10:08 +02:00
Peter Krempa
45d51681ce net: leaseshelper: Ignore corrupted lease file and rewrite it
Instead of reporting an error and terminating, rewrite the file with
the newly learned info.
2014-06-17 09:02:26 +02:00
Peter Krempa
f1385e222e net: leaseshelper: Don't crash if DNSMASQ doesn't provide lease expiry
The value is provided via environment and causes a crash if not defined.
2014-06-17 08:55:50 +02:00
Peter Krempa
5133b50372 util: json: Add helpers for manipulating json arrays
Add a checker to determine whether a JSON object is an array and a
helper to steal objects from a JSON array.
2014-06-17 08:51:41 +02:00
Peter Krempa
5429a3b648 util: json: Unify function header formatting
Use consistent formatting of function headers:
- two newlines separating functions
- function return type on separate line
- one argument per line
2014-06-17 08:48:44 +02:00
Eric Blake
b50e104923 blockjob: don't remove older-style mirror XML
Commit 7c6fc39 introduced a regression in the XML produced for older
clients.  The argument at the time was that clients shouldn't be
depending on output-only data for something that is only going to
be triggered for a transient guest; but John Ferlan reported that
the automated testsuite was such a client.  It's better to be safe
than sorry by guaranteeing back-compat cruft.  Note that later
patches will be using <mirror> for active block commit, but there
we don't have to worry about back-compat.

* src/conf/domain_conf.c (virDomainDiskDefFormat): Restore old
style output when necessary.
* docs/schemas/domaincommon.rng: Validate back-compat style.
* docs/formatdomain.html.in: Update the documentation.
* tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-mirror-old.xml:
Update tests.
* tests/qemuxml2argvdata/qemuxml2argv-disk-mirror.xml: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-16 13:48:00 -06:00
Shivaprasad G Bhat
eb104e6255 Increase the size of REMOTE_MIGRATE_COOKIE_MAX to REMOTE_STRING_MAX
During guest migration, if the domain xml is bigger than 16384 which is
easily possible for a guest with good number of disks, message encode fails
for xdr_remote_domain_migrate_perform3_ret().
So, Increase the COOKIE_MAX to STRING_MAX value.

Signed-off-by: Shivaprasad G Bhat <shivaprasadbhat@gmail.com>
2014-06-16 18:10:48 +02:00
Michal Privoznik
16ebf10f34 nodedev: Introduce <pci-express/> to PCI devices
This new element is there to represent PCI-Express capabilities
of a PCI devices, like link speed, number of lanes, etc.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-16 17:40:49 +02:00
Michal Privoznik
a22a7a5ef3 virpci: Introduce virPCIDeviceIsPCIExpress and friends
These functions will handle PCIe devices and their link capabilities
to query some info about it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-16 17:40:49 +02:00
Eric Blake
3e3c6ff10f blockcommit: require base below top
The block commit code looks for an explicit base file relative
to the discovered top file; so for a chain of:
  base <- snap1 <- snap2 <- snap3
and a command of:
  virsh blockcommit $dom vda --base snap2 --top snap1
we got a sane message (here from libvirt 1.0.5):
error: invalid argument: could not find base 'snap2' below 'snap1' in chain for 'vda'

Meanwhile, recent refactoring has slightly reduced the quality of the
libvirt error messages, by losing the phrase 'below xyz':
error: invalid argument: could not find image 'snap2' in chain for 'snap3'

But we had a one-off, where we were not excluding the top file
itself in searching for the base; thankfully qemu still reports
the error, but the quality is worse:
  virsh blockcommit $dom vda --base snap2 --top snap2
error: internal error unable to execute QEMU command 'block-commit': Base '/snap2' not found

Fix the one-off in blockcommit by changing the semantics of name
lookup - if a starting point is specified, then the result must
be below that point, rather than including that point.  The only
other call to chain lookup was blockpull code, which was already
forcing the lookup to omit the active layer and only needs a
tweak to use the new semantics.

This also fixes the bug exposed in the testsuite, where when doing
a lookup pinned to an intermediate point in the chain, we were
unable to return the name of the parent also in the chain.

* src/util/virstoragefile.c (virStorageFileChainLookup): Change
semantics for non-NULL startFrom.
* src/qemu/qemu_driver.c (qemuDomainBlockJobImpl): Adjust caller,
to keep existing semantics.
* tests/virstoragetest.c (mymain): Adjust to expose new semantics.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-16 09:33:57 -06:00
Peter Krempa
b77d3d9b81 qemu: snapshot: Don't mark all block disks for metadata reuse
For block devices used as snapshot source the new snapshot code would
set the reuse flag. This inhibits to take snapshot without specially
preparing the block image before taking the snapshot.

Fortunately this is not a regression as only the new way of specifying
snapshot source is affected.

For the followin snapshot XML:
 <domainsnapshot>
   <disks>
     <disk name='vda' type='block'>
       <driver type='qcow2'/>
       <source dev="/dev/andariel/testsnap" />
     </disk>
   </disks>
 </domainsnapshot>

You'd get:
error: internal error: unable to execute QEMU command 'transaction': Image is not in qcow2 format

After this patch the snapshot is created successfully.
2014-06-16 17:22:05 +02:00
Pavel Hrdina
647bdf02d8 leaseshelper: fix another crash
We create a 'lease_new' when we are adding new lease entry, then later
in the code we add the 'lease_new' into a 'leases_array_new' which
leads into the crash because we double free the 'lease_new'.

To prevent the double free we set the 'lease_new' to NULL after
successful append into the 'leases_array_new'.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-06-16 14:41:19 +02:00
Roman Bogorodskiy
f477f555f0 bhyve: silent destroy command errors on cleanup
When virBhyveProcessStart() fails, it tries to unload
a guest that could have been already loaded using
bhyveload(8) to make sure not to leave it hanging in memory.

However, we could fail before loading a VM into memory,
so 'bhyvectl --destroy' command will fail and print
an error message that looks confusing to users.

So ignore errors when running this in cleanup.
2014-06-14 00:22:35 +04:00
Roman Bogorodskiy
5c1f82efae bhyve: do not cleanup unallocated networks on fail
virBhyveProcessStart() calls bhyveNetCleanup() if it fails. However,
it might fail earlier than networks are allocated, so modify
bhyveNetCleanup() to check if net->ifname is not NULL before
going further with the cleanup.
2014-06-13 20:44:36 +04:00
Roman Bogorodskiy
381a3dbdab bhyve: fix crash in bhyveBuildNetArgStr
bhyveBuildNetArgStr() calls virNetDevTapCreateInBridgePort() and
passes tapfd = NULL, but tapfdSize = 1. That is wrong, because
if virNetDevTapCreateInBridgePort() crashes after successfully
creating a TAP device, it'll jump to 'error' label, that
loops over tapfd and calls VIR_FORCE_CLOSE:

   for (i = 0; i < tapfdSize && tapfd[i] >= 0; i++)

In that case we get a segfault.

As the bhyve code doesn't use tapfd, pass NULL and set tapfdSize to 0.
2014-06-13 20:44:36 +04:00
Giuseppe Scrivano
d6e92bfa38 storage: report VIR_ERR_NO_STORAGE_VOL when the file doesn't exist
Report VIR_ERR_NO_STORAGE_VOL instead of a system error when lstat
fails because the file doesn't exist.

Fixes this problem in virt-install:

  https://bugzilla.redhat.com/show_bug.cgi?id=1108922

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-06-13 10:05:33 -06:00
Roman Bogorodskiy
aad479dc4e bhyve: implement PCI address allocation
Automatically allocate PCI addresses for devices instead
of hardcoding them in the driver code. The current
allocation schema is to dedicate an entire slot for each devices.

Also, allow having arbitrary number of devices.
2014-06-13 19:25:27 +04:00
Michal Privoznik
90ba5ef1bb virNetDevGetLinkInfo: Don't report link speed if NIC's not up
The kernel's more broken than one would think. Various drivers report
various (usually spurious) values if the interface is in other state
than 'up' . While on some we experience -EINVAL when read()-ing the
speed sysfs file, with other drivers we might get anything from 0 to
UINT_MAX. If that's the case it's better to not report link speed.
Well, the interface is not up anyway.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-13 11:29:48 +02:00
Eric Blake
278c51af3a blockcommit: update error messages related to block jobs
A future patch will add two-phase block commit jobs; as the
mechanism for managing them is similar to managing a block copy
job, existing errors should be made generic enough to occur
for either job type.

* src/conf/domain_conf.c (virDomainHasDiskMirror): Update
comment.
* src/qemu/qemu_driver.c (qemuDomainDefineXML)
(qemuDomainSnapshotCreateXML, qemuDomainRevertToSnapshot)
(qemuDomainBlockJobImpl, qemuDomainBlockCopy): Update error
message.
* src/qemu/qemu_hotplug.c (qemuDomainDetachDiskDevice): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-12 20:54:32 -06:00
Michal Privoznik
bab4558547 virNodeDevCapPCIDevParseXML: Initialize numa_node variable
With one of my recent patches (1c70277) libvirt's capable of
reporting NUMA node locality for PCI devices. The node ID is
stored in pci_dev.numa_node variable. However, since zero is
valid NUMA node ID, the default is -1 as it is in kernel too.
So, if the PCI device is not tied to any specific NUMA node, the
default is then NOT printed into XML. Therefore, when parsing
node device XML, the <node/> element is optional. But currently,
if it's not there, we must set sane default, otherwise after
parsing in the memory representation doesn't match the XML. We
are already doing this in other place: udevProcessPCI().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-12 17:18:29 +02:00
Eric Blake
519181d932 blockcommit: fix regression with explicit top argument
Commit f586965 accidentally changed the semantics of the
virDomainBlockCommit command; where it previously looked for
an explicit top argument from the top of the chain, it now
starts from the backing file of the top.  Of course, until
we allow active commits, the only difference it makes is in
the quality of the error message, but with code for active
commit coming soon, we need to support an explicit mention
of the active layer.

* src/qemu/qemu_driver.c (qemuDomainBlockCommit): Start looking
from top of chain.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-12 07:01:18 -06:00
Ján Tomko
7eb0ee175b Fix crash when saving a domain with type none dac label
qemuDomainGetImageIds did not check if there was a label
in the seclabel, thus crashing on
<seclabel type='none' model='dac'/>

https://bugzilla.redhat.com/show_bug.cgi?id=1108590
2014-06-12 12:01:35 +02:00
John Ferlan
fdfdbc0d12 vbox_snapshot_conf: Resolve Coverity warnings
Clean up some Coverity warnings from commit id '4dc5d8f1'
2014-06-12 05:44:47 -04:00
John Ferlan
70bd552e67 vbox_temp: Resolve Coverity warnings
Clean up code to resolve Coverity RESOURCE_LEAK's from commit id's
'632b9600' and 'b739f807'.
2014-06-12 05:36:37 -04:00
Peter Krempa
cc6484d486 security: Don't skip labelling for network disks
A network disk might actually be backed by local storage. Also the path
iterator actually handles networked disks well now so remove the code
that skips the labelling in dac and selinux security driver.
2014-06-12 10:32:12 +02:00
Peter Krempa
f332ffc0dc storage: volume: Rework lookup of volume objects
Add a helper to do all the lookup steps and remove a ton of duplicated
code.
2014-06-12 10:26:56 +02:00
Peter Krempa
30d99eb534 storage: Clean up unlocking of storage pool objects
Most of the APIs now don't reach the cleanup section when the pool
object wasn't found and thus don't need to check before unlocking it.
2014-06-12 09:55:17 +02:00
Peter Krempa
efd892761e storage: pool: Fix handling of errors on pool lookup failure
Rework internal pool lookup code to avoid printing the raw UUID buffer
in the case a storage pool can't be found:

 $ virsh pool-name e012ace0-0460-5810-39ef-1bce5fa5a4dd
 error: failed to get pool 'e012ace0-0460-5810-39ef-1bce5fa5a4dd'
 error: Storage pool not found: no storage pool with matching uuid à¬à`X9ï_¥¤Ý

The rework is mostly done by switching the lookup code to the newly
introduced helper virStoragePoolObjFromStoragePool

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1104993
2014-06-12 09:55:08 +02:00
John Ferlan
5ca7c95549 libxl: Resolve Coverity warnings
Resolve two Coverity issues introduced by commit id '9b8d6e1e'

Signed-off-by: John Ferlan <jferlan@redhat.com>
2014-06-11 14:58:20 -04:00
Pavel Hrdina
a93504cca4 leaseshelper: fix crash
Commit baafe668 introduced new leaseshelper with a crash of freeing
env string. Calling 'getenv()' inside 'virGetEnvAllowSUID()' may
return a static string and we definitely should not free it.

The author probably want to free the copy of that string.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-06-11 17:21:11 +02:00
Shivaprasad G Bhat
edc80e2344 qemu: Properly label FDs when restoring domain with static label
When saving domain with relabel=no, the file that gets created must have the
context set anyway.  That way restore can be successful without the need of
relabelling the file.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
2014-06-11 16:33:51 +02:00
Jean-Baptiste Rouault
775bb9b15f vmware: make version parsing more robust
Since commit d69415d4, vmware version is parsed from both stdout and
stderr. This patch makes version parsing work even if there is garbage
(libvirt debug messages for example) in the command output.

Add test data for this case.
2014-06-11 14:56:18 +02:00
Michal Privoznik
3c43b6a7b2 virnetdev: Use ifname in virNetDevGetLinkInfo
If we're compiling on non-Linux platform, the virNetDevGetLinkInfo()
is a dummy function which barely logs debug message that getting link
info is not supported. However, while the debug message was prepared
for printing the interface name too, I actually forgot to pass the
variable which resulted in build error on platforms like mingw or
FreeBSD.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-11 13:05:17 +02:00
Michal Privoznik
0311ef3d65 node_device: Expose link state & speed
While exposing the info under <interface/> in previous patch works, it
may work only in cases where interface is configured on the host.
However, orchestrating application may want to know the link state and
speed even in that case. That's why we ought to expose this in nodedev
XML too:

virsh # nodedev-dumpxml net_eth0_f0_de_f1_2b_1b_f3
<device>
  <name>net_eth0_f0_de_f1_2b_1b_f3</name>
  <path>/sys/devices/pci0000:00/0000:00:19.0/net/eth0</path>
  <parent>pci_0000_00_19_0</parent>
  <capability type='net'>
    <interface>eth0</interface>
    <address>f0🇩🇪f1:2b:1b:f3</address>
    <link speed='1000' state='up'/>
    <capability type='80203'/>
  </capability>
</device>

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-11 10:59:39 +02:00
Michal Privoznik
b2019ee470 interface_backend_udev: Implement link speed & state
In the previous commit the helper function was prepared, so now
we can wire it up and benefit from it. The Makefile change is
required because we're including virnedev,h which includes
virnetlink.h which tries to include netlink/msg.h. However this
file is not under /usr/include directly but is dependent on libnl
used.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-11 09:57:45 +02:00
Michal Privoznik
05630cf4e5 virnetdev: Introduce virNetDevGetLinkInfo
The purpose of this function is to fetch link state
and link speed for given NIC name from the SYSFS.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-11 09:57:39 +02:00
Michal Privoznik
3db89662c2 virInterface: Expose link state & speed
Currently it is not possible to determine the speed of an interface
and whether a link is actually detected from the API. Orchestrating
platforms want to be able to determine when the link has failed and
where multiple speeds may be available which one the interface is
actually connected at. This commit introduces an extension to our
interface XML (without implementation to interface driver backends):

  <interface type='ethernet' name='eth0'>
    <start mode='none'/>
    <mac address='aa:bb:cc:dd:ee:ff'/>
    <link speed='1000' state='up'/>
    <mtu size='1492'/>
    ...
  </interface>

Where @speed is negotiated link speed in Mbits per second, and state
is the current NIC state (can be one of the following:  "unknown",
"notpresent", "down", "lowerlayerdown","testing", "dormant", "up").

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-11 09:13:32 +02:00
Eric Blake
10c10f4380 nodeinfo: avoid uninitialized variable on error
Commit 8ba0a58 introduced a compiler warning that I hit during
a run of ./autobuild.sh:

../../src/nodeinfo.c: In function 'nodeCapsInitNUMA':
../../src/nodeinfo.c:1853:43: error: 'nsiblings' may be used uninitialized in this function [-Werror=maybe-uninitialized]
         if (virCapabilitiesAddHostNUMACell(caps, n, memory,
                                           ^

Sure enough, nsiblings starts uninitialized, and is set by a call
to virNodeCapsGetSiblingInfo, but that function fails to assign
through the pointer if virNumaGetDistances fails.

* src/nodeinfo.c (nodeCapsInitNUMA): Initialize nsiblings.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-10 16:27:34 -06:00
Eric Blake
1c7eb95c84 storage: fix memory leak with encrypted images
Jim Fehlig reported a regression found by libvirt-TCK tests:

> ~ # perl /usr/share/libvirt-tck/tests/qemu/100-disk-encryption.t
...
> ok 4 - defined persistent domain config
> # Starting inactive domain config
> libvirt error code: 1, message: internal error: unable to execute QEMU command
> 'cont': 'drive-ide0-0-1'
> (/var/cache/libvirt-tck/300-disk-encryption/demo.qcow2) is encrypted

Commit 2279d560 converted a boolean into a pointer with the intent of
transferring that pointer out of a temporary object into the caller's
data structure.  The temporary structure meant that meta->encryption
was always NULL on entry, so we could get away with blindly allocating
the pointer when the header said so.  But later, commit 8823272d
tweaked things to do backing chain detection in-place, rather than via
a temporary object; this has the net result that meta->encryption can
be non-NULL on entry.  Not only did this turn the latent behavior into
a memory leak, it is also a behavior regression: blindly allocating a
new pointer wipes out what secrets we already knew about the chain,
making it impossible to restart the domain.

Of course, no one in their right mind should be relying on qcow2
encryption - it is fundamentally flawed.  And sadly, the TCK tests
don't get run often enough, and this shows that our virstoragetest
does not exercise encrypted images at all.  Otherwise, we could
have avoided a release containing this regression.

* src/util/virstoragefile.c (virStorageFileGetMetadataInternal):
Don't nuke an already-existing encryption.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-10 11:41:59 -06:00
Roman Bogorodskiy
0568db02a5 vbox: fix compilation error
clang complains about possibly uninitialized variable:

vbox/vbox_snapshot_conf.c:1355:9: error: variable 'ret' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
    if (!(xPathContext = xmlXPathNewContext(xml))) {
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

So init 'ret' with NULL.
2014-06-10 21:30:44 +04:00
Eric Blake
b298025063 blockcommit: document semantics of committing active layer
Now that qemu 2.0 allows commit of the active layer, people are
attempting to use virsh blockcommit and getting into a stuck
state, because libvirt is unprepared to handle the two-phase
commit required by qemu.

Stepping back a bit, there are two valid semantics for a
commit operation:

1. Maintain a 'golden' base, and a transient overlay. Make
changes in the overlay, and if everything appears to work,
commit those changes into the base, but still keep the overlay
for the next round of changes; repeat the cycle as desired.

2. Create an external snapshot, then back up the stable state
in the backing file. Once the backup is complete, commit the
overlay back into the base, and delete the temporary snapshot.

Since qemu doesn't know up front which of the two styles is
preferred, a block commit of the active layer merely gets
the job into a synchronized state, and sends an event; then
the user must either cancel (case 1) or complete (case 2),
where qemu then sends a second event that actually ends the
job.  However, until commit e6bcbcd, libvirt was blindly
assuming the semantics that apply to a commit of an
intermediate image, where there is only one sane conclusion
(the job automatically ends with fewer elements in the chain);
and getting stuck because it wasn't prepared for qemu to enter
a second phase of the job.

This patch adds a flag to the libvirt API that a user MUST
supply in order to acknowledge that they will be using two-phase
semantics.  It might be possible to have a mode where if the
flag is omitted, we automatically do the case 2 semantics on
the user's behalf; but before that happens, I must do additional
patches to track the fact that we are doing an active commit
in the domain XML.  Later patches will add support of the flag,
and once 2-phase semantics are working, we can then decide
whether to relax things to allow an omitted flag to cause an
automatic pivot.

* include/libvirt/libvirt.h.in (VIR_DOMAIN_BLOCK_COMMIT_ACTIVE)
(VIR_DOMAIN_BLOCK_JOB_TYPE_ACTIVE_COMMIT): New enums.
* src/libvirt.c (virDomainBlockCommit): Document two-phase job
when committing active layer, through new flag.
(virDomainBlockJobAbort): Document that pivot also occurs after
active commit.
* tools/virsh-domain.c (vshDomainBlockJob): Cover new job.
* src/qemu/qemu_driver.c (qemuDomainBlockCommit): Explicitly
reject active copy; later patches will add it in.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-10 11:11:16 -06:00
Yohan BELLEGUIC
b739f80758 vbox_tmpl.c: Add function for undefining snapshot
All snapshots information will be deleted from the vbox XML, but
differencing disks will be kept so the user will be able to redefine the
snapshot.
2014-06-10 15:14:15 +01:00
Yohan BELLEGUIC
632b960044 vbox_tmpl.c: Patch for redefining snapshots
The machine is unregistered and its vbox XML file is changed in order to
add snapshot information. The machine is then registered with the
snapshot to redefine.
2014-06-10 15:10:20 +01:00
Yohan BELLEGUIC
4dc5d8f100 Add vbox_snapshot_conf struct
This structure contains the data to be saved in the VirtualBox XML file
and can be manipulated with severals exposed functions.
The structure is created by vboxSnapshotLoadVboxFile taking the
machine XML file.
It also can rewrite the XML by using vboxSnapshotSaveVboxFile.
2014-06-10 15:07:36 +01:00
Manuel VIVES
538ee93314 vbox_tmpl.c: Better XML description for snapshots
It will be needed for the future patches because we will
redefine snapshots
2014-06-10 14:27:04 +01:00
Ján Tomko
f9bf63e673 SELinux: don't fail silently when no label is present
This fixes startup of a domain with:
<seclabel type='none' model='dac'/>
on a host with selinux and dac drivers and
security_default_confined = 0

https://bugzilla.redhat.com/show_bug.cgi?id=1105939
https://bugzilla.redhat.com/show_bug.cgi?id=1102611
2014-06-10 10:18:24 +02:00
Laine Stump
a7b0040ad2 qemu: ignore -nodefconfig and -nodefaults when parsing commandline
The qemu driver always adds these options to the qemu commandlines,
but the commandline parser didn't recognize them, so sending a
libvirt-generated qemu commandline to its own argvtoxml would always
result in a warning message and a qemu namespace added to the
xml. Since the options don't add any functionality to the domain, they
should just be ignored (similar to -S).

Note that we can't yet add a test for this to qemuargv2xmltest,
because we would have to add QEMU_CAPS_NODEFCONFIG and
QEMU_CAPS_DEVICE to the capabilities for any corresponding
xml2argvtest, and QEMU_CAPS_DEVICE would necessitate having support
for parsing a memballoon device in order for qemuargv2xmltest to
pass. So we wait to add a test for -nodefconfig and -nodefaults until
after adding support for parsing -device virtio-balloon-*.
2014-06-09 13:53:06 +03:00
Peter Krempa
20d0c33aee parallels: Avoid possible leak of "cpu" from parallelsBuildCapabilities
4d06af97d3 introduced a possible memory
leak of the memory allocated into the "cpu" pointer in
parallelsBuildCapabilities in the case "nodeGetInfo()" would fail right
after the allocation. Rearrange the code to avoid the possibility of the
leak.

Found by Coverity.
2014-06-09 09:49:56 +02:00
Matthias Bolte
0e4370eddf vmx: Relax virtualHW.version check
The original implementation of the VMX config parser assumed that the
virtualHW.version would have more influence on the content of the VMX
file than it actually seems to have. It started with accepting only
version 4. Additonal versions were added later without any additional
changes in the parser itself. This suggests that the influence of the
virtualHW.version on the content and format of the VMX file is small
or non-existent.

The parser worked without any changes across several virtualHW and
vSphere versions. So instead of adding new virtualHW.version values to
the parser as they come along, or adding an extra flag to allow unknown
virtualHW.version values just relax the check to require version 4 or
later.
2014-06-07 21:37:51 +02:00
Eric Blake
7c6fc3948e conf: alter disk mirror xml output
Now that we track a disk mirror as a virStorageSource, we might
as well update the XML to theoretically allow any type of
mirroring destination (not just a local file).  A later patch
will also be reusing <mirror> to track the block commit of the
top layer of a chain, which is another case where libvirt needs
to update the backing chain after the job is finally pivoted,
and since backing chains can have network backing files as the
destination to commit into, it makes more sense to display that
in the XML.

This patch changes output-only XML; it was already documented
that <mirror> does not affect a domain definition at this point
(because qemu doesn't provide persistent bitmaps yet).  Any
application that was starting a block copy job with older libvirt
and then relying on the domain XML to determine if it was
complete will no longer be able to access the file= and format=
attributes of mirror that were previously used.  However, this is
not going to be a problem in practice: the only time a block copy
job works is on a transient domain, and any app that is managing
a transient domain probably already does enough of its own
bookkeeping to know which file it is mirroring into without
having to re-read it from the libvirt XML.  The one thing that
was likely to be used in a mirroring job was the ready=
attribute, which is unchanged.  Meanwhile, I made sure the schema
and parser still accept the old format, even if we no longer
output it, so that upgrading from an older version of libvirt is
seamless.

* docs/schemas/domaincommon.rng (diskMirror): Alter definition.
* src/conf/domain_conf.c (virDomainDiskDefParseXML): Parse two
styles of mirror elements.
(virDomainDiskDefFormat): Output new style.
* tests/qemuxml2argvdata/qemuxml2argv-disk-mirror-old.xml: New
file, copied from...
* tests/qemuxml2argvdata/qemuxml2argv-disk-mirror.xml: ...here
before modernizing.
* tests/qemuxml2xmloutdata/qemuxml2xmlout-disk-mirror-old*: New
files.
* tests/qemuxml2xmltest.c (mymain): Test both styles.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 11:48:09 -06:00
Eric Blake
7b7bf00110 conf: store mirroring information in virStorageSource
The current implementation of 'virsh blockcopy' (virDomainBlockRebase)
is limited to copying to a local file name.  But future patches want
to extend it to also copy to network disks.  This patch converts over
to a virStorageSourcePtr, although it should have no semantic change
visible to the user, in anticipation of those future patches being
able to use more fields for non-file destinations.

* src/conf/domain_conf.h (_virDomainDiskDef): Change type of
mirror information.
* src/conf/domain_conf.c (virDomainDiskDefParseXML): Localize
mirror parsing into new object.
(virDomainDiskDefFormat): Adjust clients.
* src/qemu/qemu_domain.c (qemuDomainDeviceDefPostParse):
Likewise.
* src/qemu/qemu_driver.c (qemuDomainBlockPivot)
(qemuDomainBlockJobImpl, qemuDomainBlockCopy): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 09:56:28 -06:00
Eric Blake
c123ef7104 conf: store disk source as pointer, for easier manipulation
As part of the work on backing chains, I'm finding that it would
be easier to directly manipulate chains of pointers (adding a
snapshot merely adjusts pointers to form the correct list) rather
than copy data from one struct to another.  This patch converts
domain disk source to be a pointer.

In this patch, the pointer is ALWAYS allocated (thanks in part to
the previous patch forwarding all disk def allocation through a
common point), and all other changse are just mechanical fallout of
the new type; there should be no functional change.  It is possible
that we may want to leave the pointer NULL for a cdrom with no
medium in a later patch, but as that requires a closer audit of the
source to ensure we don't fault on a null dereference, I didn't do
it here.

* src/conf/domain_conf.h (_virDomainDiskDef): Change type of src.
* src/conf/domain_conf.c: Adjust all clients.
* src/security/security_selinux.c: Likewise.
* src/qemu/qemu_domain.c: Likewise.
* src/qemu/qemu_command.c: Likewise.
* src/qemu/qemu_conf.c: Likewise.
* src/qemu/qemu_process.c: Likewise.
* src/qemu/qemu_migration.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/lxc/lxc_driver.c: Likewise.
* src/lxc/lxc_controller.c: Likewise.
* tests/securityselinuxlabeltest.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 09:56:28 -06:00
Eric Blake
bc3f5f190e conf: consolidate disk def allocation
A future patch wants to create disk definitions with non-zero
default contents; to avoid crashes, all callers that allocate
a disk definition should go through a common point.

I found allocation points by looking for any code that increments
ndisks, as well as any matches for ALLOC.*disk.  Most places that
modified ndisks were covered by the parse from XML to domain/device
definition by initial domain creation or device hotplug; I also
hand-checked all drivers that generate a device struct on the
fly during getXMLDesc.

* src/conf/domain_conf.h (virDomainDiskDefNew): New prototype.
* src/conf/domain_conf.c (virDomainDiskDefNew): New function.
(virDomainDiskDefParseXML): Use it.
* src/parallels/parallels_driver.c (parallelsAddHddInfo):
Likewise.
* src/qemu/qemu_command.c (qemuParseCommandLine): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc): Likewise.
* src/vmx/vmx.c (virVMXParseDisk): Likewise.
* src/xenxs/xen_sxpr.c (xenParseSxprDisks, xenParseSxpr):
Likewise.
* src/xenxs/xen_xm.c (xenParseXM): Likewise.
* src/libvirt_private.syms (domain_conf.h): Export it.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 09:56:27 -06:00
Eric Blake
00c6327a12 conf: store snapshot source as pointer, for easier manipulation
As part of the work on backing chains, I'm finding that it would
be easier to directly manipulate chains of pointers (adding a
snapshot merely adjusts pointers to form the correct list) rather
than copy data from one struct to another. This patch converts
snapshot source to be a pointer.

In this patch, the pointer is ALWAYS allocated (any code that
increases ndisks now also allocates a source pointer for each
new disk), and all other changes are just mechanical fallout of
the new type; there should be no functional change.  It is
possible that we may want to leave the pointer NULL for internal
snapshots in a later patch, but as that requires a closer audit
of the source to ensure we don't fault on a null dereference, I
didn't do it here.

* src/conf/snapshot_conf.h (_virDomainSnapshotDiskDef): Change
type of src.
* src/conf/snapshot_conf.c: Adjust all clients.
* src/qemu/qemu_conf.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 09:56:27 -06:00
Michal Privoznik
1c70277886 nodedev: Export NUMA node locality for PCI devices
A PCI device can be associated with a specific NUMA node. Later, when
a guest is pinned to one NUMA node the PCI device can be assigned on
different NUMA node. This makes DMA transfers travel across nodes and
thus results in suboptimal performance. We should expose the NUMA node
locality for PCI devices so management applications can make better
decisions.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-06 15:10:57 +02:00
Ján Tomko
7d8afc4725 Introduce virBitmapDataToString
For converting bitmap data to human-readable strings.
2014-06-06 14:35:19 +02:00
Ján Tomko
d4edce5f1e Always report an error if virBitmapFormat fails
It already reports an error if STRDUP fails.
2014-06-06 14:35:19 +02:00
Ján Tomko
cd09ab4db0 Format NULL bitmap as an empty string
This simplifies the usage in {libxl,qemu}DomainGetNumaParameters
and it's needed for consistent error reporting in virBitmapFormat.

Also remove the forgotten ATTRIBUTE_NONNULL marker.
2014-06-06 14:35:18 +02:00
Alexander Burluka
4d06af97d3 Parallels: Include CPU info in the capabilities XML
Openstack uses (or will start to using) CPU info from the
capabilities XML. So this section is expanded, added CPU info
about arch, type and info about number of cores, sockets and threads.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 06:30:09 -06:00
Alexander Burluka
d1c69d4158 Parallels: add connectBaselineCPU()
Openstack Nova (starting at Icehouse release) requires this function
to start VM.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 06:30:03 -06:00
Alexander Burluka
e721e9e6bd Parallels: add domainGetVcpus()
OpenStack Nova requires this function
to start VM instance. Cpumask info is obtained via prlctl utility.
Unlike KVM, Parallels Cloud Server is unable to set cpu affinity
mask for every VCpu. Mask is unique for all VCpu. You can set it
using 'prlctl set <vm_id|vm_name> --cpumask <{n[,n,n1-n2]|all}>'
command. For example, 'prlctl set SomeDomain --cpumask 0,1,5-7'
would set this mask to yy---yyy.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-06 06:29:52 -06:00
Martin Kletzander
3de462fe9a Remove unnecessary empty first lines
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-06-06 10:52:05 +02:00
Ján Tomko
c110cdb2bc Fix storage format probing
Commit fff74b2 moved the probing into virStorageFileGetMetadataFromBuf
but didn't update the format in volume definition.

https://bugzilla.redhat.com/show_bug.cgi?id=1104908
2014-06-05 18:58:58 +02:00
Ján Tomko
effbb11e29 Simplify conditions in virStorageBackendProbeTarget
Jump out early if no metadata was detected (for directories).
Join the error and cleanup labels.
2014-06-05 18:46:20 +02:00
Ján Tomko
febcb89c5b Don't reuse 'ret' variable in virStorageBackendProbeTarget
To match the convention:
ret - current function's return value
rc - other function's return values
2014-06-05 18:19:16 +02:00
Jim Fehlig
9b8d6e1eef libxl: add migration support
This patch adds initial migration support to the libxl driver,
using the VIR_DRV_FEATURE_MIGRATION_PARAMS family of migration
functions.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-06-04 21:01:07 -06:00
Jim Fehlig
d9a099a4c5 libxl: introduce libxlDomainDefCheckABIStability
Introduce a simple libxlDomainDefCheckABIStability() function that
can be used check ABI stability between two virDomainDef objects.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-06-04 21:01:07 -06:00
Michal Privoznik
9e0cbcd888 virnuma: Check for numa_bitmask_isbitset presence
On some systems, libnuma can be present but it's so ancient that
it misses some symbols that virNumaGetDistances() needs. To be
more precise: numa_bitmask_isbitset() and numa_nodes_ptr are the
symbols in question. Fortunately, they were both introduced in
the same release so it's sufficient for us to check for only one
of them. And the winner is numa_bitmask_isbitset().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-04 16:06:51 +02:00
Michal Privoznik
3289edd224 virnuma: Implement virNumaGetDistances stub for non-NUMA
In case the libvirt is built without numactl support, we're
missing the virNumaGetDistances() stub so the linking fails:

  CCLD     libvirt_lxc
libvirt_lxc-nodeinfo.o: In function `virNodeCapsGetSiblingInfo':
/home/zippy/tmp/libvirt.git/src/nodeinfo.c:1763: undefined reference to `virNumaGetDistances'
collect2: error: ld returned 1 exit status
make[3]: *** [libvirt_lxc] Error 1

The issue was introduced in 77c830d8c4.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-04 11:09:11 +02:00
Michal Privoznik
8ba0a58f8d virCaps: Expose distance between host NUMA nodes
If user or management application wants to create a guest,
it may be useful to know the cost of internode latencies
before the guest resources are pinned. For example:

<capabilities>

  <host>
    ...
    <topology>
      <cells num='2'>
        <cell id='0'>
          <memory unit='KiB'>4004132</memory>
          <distances>
            <sibling id='0' value='10'/>
            <sibling id='1' value='20'/>
          </distances>
          <cpus num='2'>
            <cpu id='0' socket_id='0' core_id='0' siblings='0'/>
            <cpu id='2' socket_id='0' core_id='2' siblings='2'/>
          </cpus>
        </cell>
        <cell id='1'>
          <memory unit='KiB'>4030064</memory>
          <distances>
            <sibling id='0' value='20'/>
            <sibling id='1' value='10'/>
          </distances>
          <cpus num='2'>
            <cpu id='1' socket_id='0' core_id='0' siblings='1'/>
            <cpu id='3' socket_id='0' core_id='2' siblings='3'/>
          </cpus>
        </cell>
      </cells>
    </topology>
    ...
  </host>
  ...
</capabilities>

We can see the distance from node1 to node0 is 20 and within nodes 10.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-04 09:35:55 +02:00
Michal Privoznik
77c830d8c4 virnuma: Introduce virNumaGetDistances
The API gets a NUMA node and find distances to other nodes.  The
distances are returned in an array. If an item X within the array
equals to value of zero, then there's no such node as X.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-04 08:54:16 +02:00
Peter Krempa
23c2763b4f network: bridge: Avoid memory leak from networkBuildDhcpDaemonCommandLine
If the leasehelper_path couldn't be found the code would leak the
freshly constructed command structure. Re-arrange code to avoid the
problem.

Found by coverity, broken by baafe668fa.
2014-06-03 14:34:23 +02:00
Peter Krempa
ce2107a9a0 qemu: monitor: Fix type of holdtime argument in qemuMonitorJSONSendKey
qemuMonitorJSONSendKey declares the "holdtime" argument as unsigned int
while the command was constructed in qemuMonitorJSONMakeCommand using
the "P" modifier which took a unsigned long from the variable
arguments which then made it possible to access uninitialized memory.

This broke the qemumonitorjsontest on 32bit fedora 20:
64) qemuMonitorJSONSendKey
... libvirt: QEMU Driver error : internal error: unsupported data type 'W' for arg 'WVSƒì ‹D$0è‘wÿÿÃAå' FAILED

Uncovered by upstream commit f744b831c6.

Additionally add test for the hold-time option.
2014-06-03 14:24:14 +02:00
Daniel P. Berrange
10a99a6d13 libxl: Avoid possible use of uninitialized mem in libxlDomainStart
The 'libxl_domain_config' object is stack allocated which means its
memory contents are undefined. The libxl_domain_config_dispose() call
is only safe if the memory is initialized to a defined state. Not all
code paths which reach libxl_domain_config_dispose() will ensure that
libxl_domain_config_init() is called. Move the libxl_domain_config_init()
call earlier in the function to ensure all codepaths have defined
memory state.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-03 11:45:59 +01:00
Daniel P. Berrange
3bab69c30f libxl: Move virDomainXMLOptionNew into libxlCreateXMLConf
To allow the test suite to creat the XML option object,
move the virDomainXMLOptionNew call into a libxlCreateXMLConf
method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-03 11:45:59 +01:00
Daniel P. Berrange
a6abdbf645 libxl: Don't pass libxlDriverPrivatePtr into libxlBuildDomainConfig
To make it easier to test, change libxlBuildDomainConfig so
that it takes a virPortAllocatorPtr instead of the larger
libxlDriverPrivatePtr object.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-03 11:45:59 +01:00
Daniel P. Berrange
5da28f2405 libxl: Don't pass virDomainObjPtr to libxlBuildDomainConfig
To make it easier to unit test, change libxlBuildDomainConfig
so that it takes 'virDomainDefPtr' and 'libxl_ctx *' objects
as separate parameters.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-06-03 11:45:59 +01:00
Jiri Denemark
5bf670323e qemu: Return in from qemuDomainRemove*Device
Some of the APIs already return int since they can produce errors that
need to be propagated. For consistency reasons, this patch changes the
rest of the APIs to also return int even though they do not fail or
report any errors.
2014-06-03 10:58:07 +02:00
Jiri Denemark
55b21f9b23 qemu: Remove character device backend only after frontend is gone
In general, we should only remove a backend after seeing DEVICE_DELETED
event for a corresponding frontend.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-03 10:58:07 +02:00
Jiri Denemark
0635785b6e qemu: Remove disk backend only after frontend is gone
In general, we should only remove a backend after seeing DEVICE_DELETED
event for a corresponding frontend. This doesn't make any difference for
disks attached using -drive or drive_add since QEMU automatically
removes their backends but it's still better to make our code
consistent. And it may start making difference in case we switch to
attaching disks using -blockdev.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-03 10:58:06 +02:00
Jiri Denemark
81f765985e qemu: Remove interface backend only after frontend is gone
[1] reported that we are removing network's backend too early. I didn't
really get the reproducer but libvirt behaves strangely when a guest
does not confirm the removal, e.g., it does not support PCI hotplug. In
such case, detaching a network device leaves its frontend in place but
removes the backend, which makes the device unusable for the guest.
Moreover attaching the same device again succeeds and both the guest and
libvirt will see two network interfaces attached but only one of them is
actually working.

I checked with Paolo Bonzini and he confirmed we should only remove a
backend after seeing DEVICE_DELETED event for a corresponding frontend.

[1] https://www.redhat.com/archives/libvir-list/2014-March/msg01740.html

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-03 10:58:06 +02:00
Peter Krempa
f744b831c6 qemu: json: Add format strings for optional command arguments
This patch adds option to specify that a json qemu command argument is
optional without the need to use if's or ternary operators to pass the
list. Additionally all the modifier characters are documented to avoid
user confusion.
2014-06-03 09:47:13 +02:00
Peter Krempa
682267496b util: string: Return element count from virStringSplit
To allow using the array manipulation macros on the arrays returned by
virStringSplit we need to know the count of the elements in the array.
Modify virStringSplit to return this value, rename it and add a helper
with the old name so that we don't need to update all the code.
2014-06-03 09:27:24 +02:00
Peter Krempa
1423ae296f storage: Traverse backing chains of network disks
Now we don't need to skip backing chain detection for remote disks.
2014-06-03 09:27:24 +02:00
Peter Krempa
b225444e25 storage: Change to new backing store parser
Use the new backing store parser in the backing chain crawler. This
change needs one test change where information about the NBD image are
now parsed differently.
2014-06-03 09:27:24 +02:00
Peter Krempa
ed68eb8628 storage: Add infrastructure to parse remote network backing names
Add parsers for relative and absolute backing names for local and remote
storage files.

This parser parses relative paths as relative to their parents and
absolute paths according to the protocol or local access.

For remote storage volumes, all URI based backing file names are
supported and for the qemu colon syntax the NBD protocol is supported.
2014-06-03 09:27:24 +02:00
Peter Krempa
6cdff20c2a storage: Switch metadata crawler to use storage driver file access check
Use virStorageFileAccess() to to check whether the file is accessible in
the main part of the metadata crawler.
2014-06-03 09:27:23 +02:00
Peter Krempa
2bdb8b965b storage: Switch metadata crawler to use storage driver to read headers
Use virStorageFileReadHeader() to read headers of storage files possibly
on remote storage to retrieve the image metadata.

The backend information is now parsed by
virStorageFileGetMetadataInternal which is now exported from the util
source and virStorageFileGetMetadataFromFDInternal now doesn't need to
be exported.
2014-06-03 09:27:23 +02:00
Peter Krempa
395171f87f storage: Switch metadata crawler to use storage driver to get unique path
Use the virStorageFileGetUniqueIdentifier() function to get a unique
identifier regardless of the target storage type instead of relying on
canonicalize_path().

A new function that checks whether we support a given image is
introduced to avoid errors for unimplemented backends.
2014-06-03 09:27:23 +02:00
Peter Krempa
edfd6127c1 storage: backend: Add possibility to suppress errors from backend lookup
Add a new function wrapper and tweak the storage file backend lookup
function so that it can be used without reporting error. This will be
useful in the metadata crawler code where we need silently break if
metadata retrieval is not supported for the current storage type.
2014-06-03 09:27:23 +02:00
Peter Krempa
d4c0ceae1b storage: Determine the local storage type right away
When walking the backing chain we previously set the storage type to
_FILE and let the virStorageFileGetMetadataFromFDInternal update it to
the correct type later on.

This patch moves the actual storage type determination to the place
where we parse the backing store name so that the code can later be
switched to use virStorageFileReadHeader() directly.
2014-06-03 09:27:23 +02:00
Peter Krempa
713cc3b0a7 storage: Move virStorageFileGetMetadata to the storage driver
My future work will modify the metadata crawler function to use the
storage driver file APIs to access the files instead of accessing them
directly so that we will be able to request the metadata for remote
files too. To avoid linking the storage driver to every helper file
using the utils code, the backing chain traversal function needs to be
moved to the storage driver source.

Additionally the virt-aa-helper and virstoragetest programs need to be
linked with the storage driver as a result of this change.
2014-06-03 09:27:23 +02:00
Peter Krempa
4cb2505557 storage: Add API to check accessibility of storage volumes
Add a storage driver API equivalent of the access() function.
Implementations for the filesystem and gluster backends are provided.
2014-06-03 09:27:23 +02:00
Peter Krempa
684ec651e9 storage: backend: Add unique id retrieval API
Different protocols have different means to uniquely identify a storage
file. This patch implements a storage driver API to retrieve a unique
string describing a volume. The current implementation works for local
storage only and returns the canonical path of the volume.

To add caching support the local filesystem driver now has a private
structure holding the cached string, which is created only when it's
initially accessed.

This patch provides the implementation for local files only for start.
2014-06-03 09:27:22 +02:00
Michal Privoznik
b20060bae2 xenapi_utils: Adapt to enum cleanups
It was just very recently that we transfered from:

  enum virSomeEnumName{
      ...
  };

to:
  typedef enum {
      ...
  } virSomeEnumName;

This change requires some code adaptation, which wasn't done for
xenapi driver. With this fix we are able to build again.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-03 09:18:58 +02:00
Michal Privoznik
3dd23b6106 virnuma.c: Fix some comments
In 9dd02965 the virNumaGetNodeMemory was introduced, however the
comment describing the function mentions virNumaGetNodeMemorySize.
And there's one typo in virNumaIsAvailable() description.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-06-03 08:58:24 +02:00
Julio Faracco
5a2bd4c917 conf: more enum cleanups in "src/conf/domain_conf.h"
In "src/conf/domain_conf.h" there are many enum declarations. The
cleanup in this header filer was started, but it wasn't enough and
there are many other files that has enum variables declared. So, the
commit was starting to be big. This commit finish the cleanup in this
header file and in other files that has enum variables, parameters,
or functions declared.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-06-02 15:32:58 -06:00
Julio Faracco
d4dad16204 conf: enum cleanups in "src/conf/domain_conf.h"
In "src/conf/domain_conf.h" there are many enumerations (enum)
declarations to be converted as a typedef too. As mentioned before,
it's better to use a typedef for variable types, function types and
other usages. I think this file has most of those enum declarations
at "src/conf/". So, me and Eric Blake plan to keep the cleanups all
over the source code. This time, most of the files changed in this
commit are related to part of one file: "src/conf/domain_conf.h".

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
2014-06-02 15:20:22 -06:00
Julio Faracco
5443b15829 cpu: use typedefs for enums in "src/cpu/cpu_map.h"
In "src/cpu/" there are some enumerations (enum) declarations.
Similar to the recent cleanup to "src/util", "src/conf" and other
directories, it's better to use a typedef for variable types,
function types and other usages. Other enumeration and folders will
be changed to typedef's in the future. Specially, in files that are
in different places of "src/util" and "src/conf". Most of the files
changed in this commit are related to CPU (cpu_map.h) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
2014-06-02 15:15:05 -06:00
Ján Tomko
819ca36e2b Don't use AI_ADDRCONFIG when binding to wildcard addresses
https://bugzilla.redhat.com/show_bug.cgi?id=1098659

With parallel boot, network addresses might not yet be assigned [1],
but binding to wildcard addresses should work.

For non-wildcard addresses, ADDRCONFIG is still used. Document this
in libvirtd.conf.

[1] http://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
2014-06-02 17:12:01 +02:00
Jiri Denemark
25a5df16a6 qemu: Unref cfg when detaching hostdev interface
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-02 16:47:36 +02:00
Jiri Denemark
47f424c2d9 qemu: Process DEVICE_DELETED event in a separate thread
Currently, we don not acquire any job when removing a device after
DEVICE_DELETED event was received from QEMU. This means that if there is
another API running at the time DEVICE_DELETED is delivered and the API
acquired a job, we may happily change the definition of the domain the
API is working with whenever it unlocks the domain object (e.g., to talk
with its monitor). That said, we have to acquire a job before finishing
device removal to make things safe. However, doing so in the main event
loop would cause a deadlock so we need to move most of the event handler
into a separate thread.

Another good reason for both acquiring a job and handling the event in a
separate thread is that we currently remove a device backend immediately
after removing its frontend while we should only remove the backend once
we already received DEVICE_DELETED event. That is, we will have to talk
to QEMU monitor from the event handler.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-02 16:47:36 +02:00
Jiri Denemark
4670f1dd02 qemu: Finish device removal in the original thread
If QEMU supports DEVICE_DELETED event, we always call
qemuDomainRemoveDevice from the event handler. However, we will need to
push this call away from the main event loop and begin a job for it (see
the following commit), we need to make sure the device is fully removed
by the original thread (and within its existing job) in case the
DEVICE_DELETED event arrives before qemuDomainWaitForDeviceRemoval times
out.

Without this patch, device removals would be guaranteed to never finish
before the timeout because the could would be blocked by the original
job being still active.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-06-02 16:47:36 +02:00
Pavel Hrdina
f8a0c9edf0 Fix build on freebsd
On freebsd there isn't known "setlocale" so we have to include locale.h
2014-06-02 16:45:42 +02:00
Nehal J Wani
baafe668fa Add helper program to create custom leases
Introduce helper program to catch events from dnsmasq and maintain a custom
lease file per network. It supports dhcpv4 and dhcpv6. The file is saved as
"<interface-name>.status".

Each lease contains the following info:
<expiry-time (epoch time)> <mac> <iaid> <ip-address> <hostname> <clientid>

Example of custom leases file content:
[
    {
        "iaid": "1221229",
        "ip-address": "2001:db8:ca2:2:1::95",
        "mac-address": "52:54:00:12:a2:6d",
        "hostname": "Fedora20",
        "client-id": "00:04:1a:c1:d9:6b:5a:0a:e2:bc:f8:4b:1e:37:2e:38:22:55",
        "expiry-time": 1393244216
    },
    {
        "ip-address": "192.168.150.208",
        "mac-address": "52:54:00:11:56:b3",
        "hostname": "Wani-PC",
        "client-id": "01:52:54:00:11:56:b3",
        "expiry-time": 1393244248
    }
]

src/Makefile.am:
   * Add options to compile the helper program

src/network/bridge_driver.c:
   * Introduce networkDnsmasqLeaseFileNameCustom()
   * Invoke helper program along with dnsmasq
   * Delete the .status file when corresponding n/w is destroyed.

src/network/leaseshelper.c
   * Helper program to create the custom lease file
2014-06-02 11:45:10 +01:00
Peter Krempa
23f38f8813 qemu: snapshot: Improve detection of mixed snapshots
Currently we don't support mixed (external + internal) snapshots. The
code detecting the snapshot type didn't make sure that the memory image
was consistent with the snapshot type leading into strange error
message:

 $ virsh snapshot-create-as --domain VM --diskspec vda,snapshot=internal --memspec snapshot=external,file=/tmp/blah
 error: internal error: unexpected code path

Fix the mixed detection code to detect this kind of mistake:

 $ virsh snapshot-create-as --domain VM --diskspec vda,snapshot=internal --memspec snapshot=external,file=/tmp/blah
 error: unsupported configuration: mixing internal and external targets for a snapshot is not yet supported
2014-05-29 17:00:11 +02:00
Peter Krempa
d2e668e535 qemu: snapshot: Reject internal active snapshot without memory state
A internal snapshot of a active VM with the memory snapshot disabled
explicitly would actually still take the memory snapshot. Reject it
explicitly.

Before:
 $ virsh snapshot-create-as --domain VM --diskspec vda,snapshot=internal --memspec snapshot=no
 Domain snapshot 1401353155 created

After:
 $ virsh snapshot-create-as --domain VM --diskspec vda,snapshot=internal --memspec snapshot=no
 error: Operation not supported: internal snapshot of a running VM must include the memory state

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1083345
2014-05-29 17:00:11 +02:00
Peter Krempa
4a051b807e util: storage: Fix crash of libvirtd on network backed guest block-pull
For guests backed by gluster volumes (or other network storage) we don't
fill the backing chain (see qemuDomainDetermineDiskChain). This leaves
the "relPath" field of the top image NULL. This causes a crash in
virStorageFileChainLookup() when looking up a backing element for such a
disk.

Since I'm working on adding support for network storage and one of the
steps will make the "relPath" field optional let's use STREQ_NULLABLE
instead of STREQ in virStorageFileChainLookup() to avoid the problem.
2014-05-29 16:51:05 +02:00
Laine Stump
26d43113a3 util: fix virTimeLocalOffsetFromUTC DST processing
The original version of virTimeLocalOffsetFromUTC() would fail for
certain times of the day if daylight savings time was active. This
could most easily be seen by uncommenting the TEST_LOCALOFFSET() cases
that include a DST setting.

After a lot of experimenting, I found that the way to solve it in
almost all test cases is to set tm_isdst = -1 in the struct tm prior
to calling mktime(). Once this is done, the correct offset is returned
for all test cases at all times except the two hours just after
00:00:00 Jan 1 UTC - during that time, any timezone that is *behind*
UTC, and that is supposed to always be in DST will not have DST
accounted for in its offset.

I believe that the code of virTimeLocalOffsetFromUTC() actually is
correct for all cases, but the problem still encountered is due to our
inability to come up with a TZ string that properly forces DST to
*always* be active. Since a modfication of the (currently fixed)
expected result data to account for this would necessarily use the
same functions that we're trying to test, I've instead just made the
test program conditionally bypass the problematic cases if the current
date is either December 31 or January 1. This way we get maximum
testing during 363 days of the year, but don't get false failures on
Dec 31 and Jan 1.
2014-05-29 10:37:49 +03:00
Peter Krempa
0b317d61fc qemu: managedsave: Don't spam logs with warnings about corrupted image
Even successful start of a VM from a managed save image would spam the
logs with the following message:

Unable to restore from managed state [path]. Maybe the file is
corrupted?

Re-arrange the logic to output the warning only when the image is
corrupted.

The flaw was introduced in commit cfc28c66.
2014-05-28 19:27:27 +02:00
Peter Krempa
92dc2dabb3 utils: storage: Canonicalize paths only for local filesystems
Now that virStorageFileGetMetadataFromBuf is used only for remote
filesystems, don't canonicalize the path in it.
2014-05-28 19:23:36 +02:00
Peter Krempa
34d86185ec storage: fs: Drop-in replace use of virStorageFileGetMetadataFromBuf
Use virStorageFileGetMetadataFromFD instead in
virStorageBackendProbeTarget as it now returns all required data and the
storage file is already open in a filedescriptor.

Also fix improper error code being returned when virFileReadHeaderFD
would fail as virStorageBackendUpdateVolTargetInfoFD would set the
return code to 0.
2014-05-28 19:23:35 +02:00
Peter Krempa
5a1cf6bd16 storage: Return backing format from virStorageFileGetMetadataFromFD
Add argument to return backing file format of a file probed by
virStorageFileGetMetadataFromFD so that it can be used in place of
virStorageFileGetMetadataFromBuf.
2014-05-28 19:23:35 +02:00
Eric Blake
e6bcbcd32c qemu: reject rather than hang on blockcommit of active layer
qemu 2.0 added the ability to commit the active layer, but slightly
differently than what libvirt had been anticipating in its
implementation of the virDomainBlockCommit call.  As a result, if
you attempt to do a 'virsh blockcommit $dom vda', qemu gets into a
state where it is waiting on libvirt to end the job, while libvirt
is waiting on qemu to end the job, and the guest is effectively
hung with regards to further commands for that block device.

I have patches coming down the pipeline that will add full support
for blockcommit of the active layer when coupled with qemu 2.0 or
later; but they depend on Peter's improvements to block job handling
and form enough of a new feature that they are not ready for
inclusion in the 1.2.5 release.  So for now, just reject the
attempt, rather than letting the user get stuck.  This is no worse
than the behavior of qemu 1.7 rejecting the job.

* src/qemu/qemu_driver.c (qemuDomainBlockCommit): Reject active
commit.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-28 10:41:58 -06:00
Dan Kenigsberg
110be4112f doc: fix documentation of virDomainSet(Get)Metadata
The documentation of the functions should match the argument name in the actual
function signature.

Signed-off-by: Dan Kenigsberg <danken@redhat.com>
2014-05-28 13:23:11 +02:00
Olivia Yin
fd0f22ed41 qemu: Fix specifying char devs for PPC
QEMU ppce500 board uses the legacy -serial option.

Other PPC boards don't give any way to explicitly wire in a -chardev
except pseries which uses -device spapr-vty with -chardev.

Add test case for -serial option for ppce500

Signed-off-by: Olivia Yin <Hong-Hua.Yin@freescale.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-05-27 08:48:57 +02:00
Daniel Veillard
f07d24a6b8 Fix an extra ' in a translated string
Raised by ukrainian translator Yuri Chornoivan
https://fedora.transifex.com/projects/p/libvirt/translate/#uk/strings/25483059
2014-05-26 21:51:26 +08:00
Ján Tomko
205010c40e Clean up chardev sockets on QEMU shutdown
https://bugzilla.redhat.com/show_bug.cgi?id=1088787

Clean up unix socket files for chardevs using mode='bind',
like we clean up the monitor socket.
They are created by QEMU on startup and not really useful
after shutting it down.
2014-05-26 15:17:54 +02:00
Laine Stump
cde8ca2dfd qemu: fix <clock offset='variable' basis='localtime'/>
For a clock element as above, libvirt simply converts current system
time with localtime_r(), then starts qemu with a time string that
doesn't contain any timezone information. So, from qemu's point of
view, the -rtc string it gets for:

   <clock offset='variable' basis='utc' adjustment='10800'/>

is identical to the -rtc string it gets for:

   <clock offset='variable' basis='localtime' adjustment='0'/>

(assuming the host is in a timezone that is 10800 seconds ahead of
UTC, as is the case on the machine where this message is being
written).

Since the commandlines are identical, qemu will behave identically
after this point in either case.

There are two problems in the case of basis='localtime' though:

Problem 1) If the guest modifies its RTC, for example to add 20
seconds, the RTC_CHANGE event from qemu will then contain offset:20 in
both cases. But libvirt will have saved the original adjustment into
adjustment0, and will add that value onto the offset in the
event. This means that in the case of basis=;utc', it will properly
emit an event with offset:10820, but in the case of basis='localtime'
the event will contain offset:20, which is *not* the new offset of the
RTC from UTC (as the event it documented to provide).

Problem 2) If the guest is migrated to another host that is in a
different timezone, or if it is migrated or saved/restored after the
DST status has changed from what it was when the guest was originally
started, the newly restarted guest will have a different RTC (since it
will be based on the new localtime, which could have shifted by
several hours).

The solution to both of these problems is simple - rather than
maintaining the original adjustment value along with
"basis='localtime'" in the domain status, when the domain is started
we convert the adjustment offset to one relative to UTC, and set the
status to "basis='utc'". Thus, whatever the RTC offset was from UTC
when it was initially started, that offset will be maintained when
migrating across timezones and DST settings, and the RTC_CHANGE events
will automatically contain the proper offset (which should by
definition always be relative to UTC).

This fixes a problem that was implied but not openly stated in:

  https://bugzilla.redhat.com/show_bug.cgi?id=964177
2014-05-26 13:59:32 +03:00
Laine Stump
b62d67da3e qemu: fix RTC_CHANGE event for <clock offset='variable' basis='utc'/>
commit e31b5cf393 attempted to fix libvirt's
VIR_DOMAIN_EVENT_ID_RTC_CHANGE, which is documentated to always
provide the new offset of the domain's real time clock from UTC. The
problem was that, in the case that qemu is provided with an "-rtc
base=x" where x is an absolute time (rather than "utc" or
"localtime"), the offset sent by qemu's RTC_CHANGE event is *not* the
new offset from UTC, but rather is the sum of all changes to the
domain's RTC since it was started with base=x.

So, despite what was said in commit e31b5cf393, if we assume that
the original value stored in "adjustment" was the offset from UTC at
the time the domain was started, we can always determine the current
offset from UTC by simply adding the most recent (i.e. current) offset
from qemu to that original adjustment.

This patch accomplishes that by storing the initial adjustment in the
domain's status as "adjustment0". Each time a new RTC_CHANGE event is
received from qemu, we simply add adjustment0 to the value sent by
qemu, store that as the new adjustment, and forward that value on to
any event handler.

This patch (*not* e31b5cf393, which should be reverted prior to
applying this patch) fixes:

https://bugzilla.redhat.com/show_bug.cgi?id=964177

(for the case where basis='utc'. It does not fix basis='localtime')
2014-05-26 13:58:09 +03:00
Laine Stump
b8efa6f2e3 Revert "qemu: Report the offset from host UTC for RTC_CHANGE event"
This reverts commit e31b5cf393.

This commit attempted to work around a bug in the offset value
reported by qemu's RTC_CHANGE event in the case that a variable base
date was given on the qemu commandline. The patch mixed up the math
involved in arriving at the corrected offset to report, and in the
process added an unnecessary private attribute to the clock
element. Since that element is private/internal and not used by anyone
else, it makes sense to simplify things by removing it.
2014-05-26 13:53:16 +03:00
Laine Stump
1cddaea7ae util: new function virTimeLocalOffsetFromUTC
Since there isn't a single libc API to get this value, this patch
supplies one which gets the value by grabbing current time, then
converting that into a struct tm with gmtime_r(), then back to a
time_t using mktime.

The returned value is the difference between UTC and localtime in
seconds. If localtime is ahead of UTC (east) the offset will be a
positive number, and if localtime is behind UTC (west) the offset will
be negative.

This function should be POSIX-compliant, and is threadsafe, but not
async signal safe. If it was ever necessary to know this value in a
child process, we could cache it with a one-time init function when
libvirtd starts, then just supply the cached value, but that
complexity isn't needed for current usage; that would also have the
problem that it might not be accurate after a local daylight savings
boundary.

(If it weren't for DST, we could simply replace this entire function
with "-timezone"; timezone contains the offset of the current timezone
(negated from what we want) but doesn't account for DST. And in spite
of being guaranteed by POSIX, it isn't available on older versions of
mingw.)

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-26 13:51:05 +03:00
Peter Krempa
81271a9261 storage: Add storage file API to read file headers
Add storage driver based functions to access headers of storage files
for metadata extraction. Along with this patch a local filesystem and
gluster via libgfapi implementation is provided. The gluster
implementation is based on code of the saferead_lim function.
2014-05-23 10:57:33 +02:00
Peter Krempa
ae26731e1f storage: Add support for access to files using provided uid/gid
To allow using the storage driver APIs to access files on various
storage sources in a universal fashion possibly on storage such as nfs
with root squash we'll need to store the desired uid/gid in the
metadata.

Add new initialisation API that will store the desired uid/gid and a
wrapper for the current use. Additionally add docs for the two APIs.
2014-05-23 10:48:48 +02:00
Peter Krempa
a01d93579e storage: Add NONE protocol type for network disks
Currently the protocol type with index 0 was NBD which made it hard to
distinguish whether the protocol type was actually assigned. Add a new
protocol type with index 0 to distinguish it explicitly.
2014-05-23 10:08:35 +02:00
Peter Krempa
b52e1ad961 conf: Fix domain disk path iterator to work with networked storage
Skip networked storage but continue iteration through backing chain to
iterate through all the local paths in the backing chain.
2014-05-23 09:25:52 +02:00
Peter Krempa
0620bd42ad storage: Rework debugging of storage file access through storage driver
Print the debug statements of individual file access functions from the
main API functions instead of the individual backend functions.

Also enhance initialization debug messages on a per-backend basis.
2014-05-23 09:25:52 +02:00
Peter Krempa
1115f975b4 storage: Store gluster volume name separately
The gluster volume name was previously stored as part of the source path
string. This is unfortunate when we want to do operations on the path as
the volume is used separately.

Parse and store the volume name separately for gluster storage volumes
and use the newly stored variable appropriately.
2014-05-23 09:25:51 +02:00
Peter Krempa
b8d6ba9bdc qemu: Make qemuDomainPrepareDiskChainElement aware of remote storage
Refactor the function to accept a virStorageSourcePtr instead of just
the path, add a check to run it only on local storage and fix callers
(possibly by using a newly introduced wrapper that wraps a path in the
 virStorageSource struct for legacy code)
2014-05-23 09:25:51 +02:00
Peter Krempa
b3e99ad8d6 qemu: process: Refresh backing chain info when reconnecting to qemu
Refresh the disk backing chains when reconnecting to a qemu process
after daemon restart. There are a few internal fields that don't get
refreshed from the XML. Until we are able to do that, let's reload all
the metadata by the backing chain crawler.
2014-05-23 09:25:51 +02:00
Jiri Denemark
7757d83dd5 qemu: Properly abort migration to a file
This is similar to the previous commit in that we need to explicitly
send migrate_cancel when libvirt detects an error other than those
reported by query-migrate. However, the possibility to hit such error is
pretty small.
2014-05-23 09:05:53 +02:00
Jiri Denemark
e27d28970f qemu: Send migrate_cancel when aborting migration
When QEMU reports failed or cancelled migration, we don't need to send
it migrate_cancel QMP command. But in all other error paths, such as if
we detect broken connection to a destination daemon or something else
happens inside libvirt, we need to explicitly send migrate_cancel
command instead of relying on the migration to be implicitly cancelled
when destination QEMU is killed.

Because we were not doing so, one could end up with a paused domain
after failed migration.

https://bugzilla.redhat.com/show_bug.cgi?id=1098833
2014-05-23 09:05:44 +02:00
Jiri Denemark
7bdc7702f3 Fix error message when TUNNELLED flag is used in non-p2p migration
The current error message is

    error: use virDomainMigrateToURI3 for peer-to-peer migration

which is correct but a bit misleading because the client did not specify
VIR_MIGRATE_PEER2PEER flag. This patch changes the error message to

    error: cannot perform tunnelled migration without using peer2peer
    flag

which is consistent with the error reported by older migration APIs.

Reported by Rich Jones in
https://bugzilla.redhat.com/show_bug.cgi?id=1095924
2014-05-23 09:05:39 +02:00
Eric Blake
aefd9bcf9b conf: fix backing store parse off-by-one
Commit 546154e parses the type attribute from a <backingStore>
element, but forgot that the earlier commit 9673418 added a
placeholder element in the same 1.2.3 release; as a result,
the C code was mistakenly allowing "none" as a type.

Similarly, the same commit allows "none" as the <format>
sub-element type, even though that has been a placeholder
since the 0.10.2 release with commit f772b3d.

* src/conf/domain_conf.c (virDomainDiskBackingStoreParse): Require
non-zero types.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-22 11:23:35 -06:00
Ján Tomko
268101ea90 Don't log an internal error when the guest hasn't updated balloon stats
If virDomainMemoryStats is called too soon after domain startup,
QEMU returns:
"error":{"class":"GenericError","desc":"guest hasn't updated any stats yet"}
when we try to query balloon stats.

Check for this reply and log it as OPERATION_INVALID instead of
INTERNAL_ERROR. This means the daemon only logs it at the debug level,
without polluting system logs.

Reported by Laszlo Pal:
https://www.redhat.com/archives/libvirt-users/2014-May/msg00023.html
2014-05-22 14:41:10 +02:00
Michal Privoznik
4dae1eddde qemuSetupCgroupForVcpu: s/virProcessInfoSetAffinity/virProcessSetAffinity/
In the f56c773bf we've made the substitution but forgot to fix one
comment which is still referring to the old name. This may be
potentially misleading.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-05-22 12:30:20 +02:00
Roman Bogorodskiy
344582a8a7 bhyve: fix virObjectUnlock() usage
In a number of places in the bhyve driver, virObjectUnlock()
is called with an arg without check if the arg is non-NULL, which
could result in passing NULL value and a warning like:

virObjectUnlock:340 : Object 0x0 ((unknown)) is not a virObjectLockable instance

* src/bhyve/bhyve_driver.c (bhyveDomainGetInfo)
(bhyveDomainGetState, bhyveDomainGetAutostart)
(bhyveDomainSetAutostart, bhyveDomainIsActive)
(bhyveDomainIsPersistent, bhyveDomainGetXMLDesc)
(bhyveDomainUndefine, bhyveDomainLookupByUUID)
(bhyveDomainLookupByName, bhyveDomainLookupByID)
(bhyveDomainCreateWithFlags, bhyveDomainOpenConsole):
Check if arg is not NULL before calling virObjectUnlock on it.
2014-05-21 19:45:29 +04:00
Cole Robinson
b51804535a virdbus: Show method name in error message
If you trigger bug 1033369, we get the error message:

  error from service: Invalid argument

Which is a bit too generic to pinpoint what is actually failing. This
changes it to:

  error from service: CreateMachine: Invalid argument

Acked-by: Eric Blake <eblake@redhat.com>
2014-05-21 09:33:25 -04:00
Cole Robinson
aa7fc495c0 virdbus: Remove redundant error macro
This is the only callsite.

We drop use of localerror.name here, because it's not actually useful
to us: rather than the parameter name which received an invalid value
(which was assumed), it's actually the the dbus errno equivalent.
Just use the error string.

Acked-by: Eric Blake <eblake@redhat.com>
2014-05-21 09:33:24 -04:00
Peter Krempa
cb6681ff1d qemu: snapshot: Fix return value of external checkpoint with no disks
When doing an external checkpoint of a VM with no disk selected we'd
return failure but not set error code. This was a result of ret not
being set to 0 during walking of the disk array.

Rework early failure checking and set the error code to success before
iterating the array of disks so that we return success if no disks are
snapshotted.

Fixes the following symptom (or without --diskspec for diskless VMs)

 $ virsh snapshot-create-as snapshot-test  --memspec /tmp/asdf --diskspec hda,snapshot=no
 error: An error occurred, but the cause is unknown
2014-05-20 19:28:10 +02:00
Peter Krempa
91b7e06865 qemu: snapshot: Forbid empty snapshots
If neither disks nor memory are selected for snapshot we'd record
metadata in case of external snapshot and do a disk snapshot in case of
external disk snapshot. Forbid this as it doesn't make much sense.
2014-05-20 19:28:10 +02:00
Peter Krempa
03b4da131a qemu: snapshot: Forbid partial internal snapshots
qemu's savevm command does a snapshot of all non readonly disks of a VM.
Libvirt though allowed disabling snapshot for certain disk of a VM.
2014-05-20 19:28:10 +02:00
Peter Krempa
68c15a4f8b qemu: snapshot: Use typecasted switch in qemuDomainSnapshotPrepare()
Convert the switch to a typecasted value so that the compiler tracks
additions for us.
2014-05-20 19:28:10 +02:00
Roman Bogorodskiy
5c13c3202f bhyve: domain events support
Support events for these functions:

 - domainDefineXML
 - domainUndefine
 - domainCreate{WithFlags,XML}
 - domainDestroy
2014-05-20 20:17:09 +04:00
Chen Fan
b0312d9fbd migration: add support for migrateURI configuration
For now, we set the migration URI via command line '--migrate_uri' or
construct the URI by looking up the dest host's hostname which could be
solved by DNS automatically.

But in cases the dest host have two or more NICs to reach, we may need to
send the migration data over a specific NIC which is different from the
automatically resolved one for some reason like performance, security, etc.
Thus we must explicitly specify the migrateuri in command line everytime,
but it is too troublesome if there are many such hosts (and don't forget
virt-manager).

This patch adds a configuration file option on dest host to save the
default value set which can be specified to a migration hostname or
one of this host's addresses used for transferring data, thus user doesn't
have to specify it in command line everytime.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-20 13:13:29 +02:00
Laine Stump
5d85b8a8f4 util: refactor virNetlinkCommand to fix several bugs / style problems
Inspired by a simpler patch from "Wangrui (K) <moon.wangrui@huawei.com>".

A submitted patch pointed out that virNetlinkCommand() was doing an
improper typecast of the return value from nl_recv() (int to
unsigned), causing it to miss error returns, and that even after
remedying that problem, virNetlinkCommand() was calling VIR_FREE() on
the pointer returned from nl_recv() (*resp) even if nl_recv() had
returned an error, and that in this case the pointer was verifiably
invalid, as it was pointing to memory that had been allocated by
libnl, but then freed prior to returning the error.

While reviewing this patch, I noticed several other problems with this
seemingly simple function (at least one of them as serious as the
problem being reported/fixed by the aforementioned patch), and decided
they all deserved to be fixed. Here is the list:

1) The return value from nl_recv() must be assigned to an int (rather
   than unsigned int) in order to detect failure.

2) When nl_recv() returns an error or 0, the contents of *resp is
   invalid, and should be simply set to 0, *not* VIR_FREE()'d.

3) When nl_recv() returns 0, errno is not set, so the logged error
   message should not reference errno (it *is* an error though).

4) The first error return from virNetlinkCommand returns -EINVAL,
   incorrectly implying that the caller can expect the return value to
   be of the "-errno" variety, which is not true in any other case.

5) The 2nd error return returns directly with garbage in *resp. While
   the caller should never use *resp in this case, it's still good
   practice to set it to NULL.

6) For the next 5 (!!) error conditions, *resp will contain garbage,
   and virNetlinkCommand() will goto it's cleanup code which will
   VIR_FREE(*resp), almost surely leading to a segfault.

In addition to fixing these 6 problems, this patch also makes the
following two changes to make the function conform more closely to the
style of other libvirt code:

1) Change the handling of return code from "named rc and defaulted to
0, but changed to -1 on error" to the more common "named ret and
defaulted to -1, but changed to 0 on success".

2) Rename the "error" label to "cleanup", since the code that follows
is executed in success cases as well as failure.
2014-05-20 11:21:00 +03:00
Eric Blake
88b5acb67f build: nuke more uses of 'sync'
Commit d5c86278 was incomplete; other functions also triggered
compiler warnings about collisions in the use of 'sync'.

* src/qemu/qemu_driver.c (qemuDomainSetTime): Fix another client.
* tools/virsh-domain-monitor.c (cmdDomTime): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-19 17:07:47 -06:00
Pavel Hrdina
d5c86278a7 avoid 'sync' as variable name
Old gcc complains about shadowing 'sync' variable:

../../src/qemu/qemu_agent.c: In function 'qemuAgentSetTime':
../../src/qemu/qemu_agent.c:1737: warning: declaration of 'sync'
  shadows a global declaration [-Wshadow]
/usr/include/unistd.h:464: warning: shadowed declaration is here
  [-Wshadow]

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-05-19 18:40:02 +02:00
Pavel Hrdina
d49f18e976 Return error when updating cdrom device
The commit 84c59ffa improved the way we change ejectable media.
If for any reason the first "eject" didn't open the tray we
should return with error.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-05-19 18:40:02 +02:00
Eric Blake
71bce84a06 Revert "maint: prefer enum over int for virstoragefile structs"
This partially reverts commits b279e52f7 and ea18f8b2.

It turns out our code base is full of:

if ((struct.member = virBlahFromString(str)) < 0)
    goto error;

Meanwhile, the C standard says it is up to the compiler whether
an enum is signed or unsigned when all of its declared values
happen to be positive.  In my testing (Fedora 20, gcc 4.8.2),
the compiler picked signed, and nothing changed.  But others
testing with gcc 4.7 got compiler warnings, because it picked
the enum to be unsigned, but no unsigned value is less than 0.
Even worse:

if ((struct.member = virBlahFromString(str)) <= 0)
    goto error;

is silently compiled without warning, but incorrectly treats -1
from a bad parse as a large positive number with no warning; and
without the compiler's help to find these instances, it is a
nightmare to maintain correctly.  We could force signed enums
with a dummy negative declaration in each enum, or cast the
result of virBlahFromString back to int after assigning to an
enum value, or use a temporary int for collecting results from
virBlahFromString, but those actions are all uglier than what we
were trying to cure by directly using enum types for struct
values in the first place.  It's better off to just live with int
members, and use 'switch ((virFoo) struct.member)' where we want
the compiler to help, than to track down all the conversions from
string to enum and ensure they don't suffer from type problems.

* src/util/virstorageencryption.h: Revert back to int declarations
with comment about enum usage.
* src/util/virstoragefile.h: Likewise.
* src/conf/domain_conf.c: Restore back to casts in switches.
* src/qemu/qemu_driver.c: Likewise.
* src/qemu/qemu_command.c: Add cast rather than revert.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-19 09:00:51 -06:00
Ján Tomko
88e36a69de Fix crash in DAC driver with no seclabels
With dynamic_ownership = 1 but no seclabels, RestoreChardevLabel
dereferences the NULL seclabel when checking if norelabel is set.

Remove this check, since it is already done in RestoreSecurityAllLabel
and if norelabel is set, RestoreChardevLabel is never called.
2014-05-19 15:31:42 +02:00
Dmitry Guryanov
4bafe31264 parallels: create VMs in the default place
Each VM consists of a set of files in PCS: config, hard
disk images, log file, memory dump. All these files are stored
in a per-vm directory. When we create a new VM, we can ether specify
path to the VM or create the VM in a default path
(<default path>/<vm name>.pvm). This default path can be configured
with command
prlsrvctl user set --def-vm-home <path> command.

Currenty parallels driver creates VM in the same place, where first
hard disk is located. Let's change this logic and create VMs in
the default path. It will be much clearer and allow us to create
VMs without hard disks.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-19 13:02:57 +01:00
Dmitry Guryanov
a15d8d716f parallels: add disks correctly
Disks support in this driver was implemented with an assumption,
that disk images can't be created by hand, without VM. So
complex storage driver was implemented with workaround.

This is not true, we can create new disks using ploop tool.
So the first step to reimplement disks support in parallels
driver is to do not use information from the storage driver,
until we will implement VIR_STORAGE_TYPE_VOLUME disks.

So after this patch disks can be added in the same way as
in any other driver: you create a disk image and then add
an entry to the XML definition of the domain with path to that
image file, for example:

<disk type='file' device='disk'>
  <driver type='ploop'/>
  <source file='/storage/harddisk1.hdd'/>
  <target dev='sda' bus='sata'/>
  <address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>

This patch makes parallels storage driver useless, but I'll fix it
later. Now you can create an image by hand, using ploop tool,
and then add it to some domain.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-19 13:02:54 +01:00
Dmitry Guryanov
5530424af2 parallels: set file format in virDomainDef
Set file format in virDomainDef structure to produce correct
XML in virDomainGetXMLDesc function.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-19 12:34:31 +01:00
Dmitry Guryanov
13f229aa0f parallels: add VIR_STORAGE_FILE_PLOOP format
Add VIR_STORAGE_FILE_PLOOP format. This format is used
to store disk images for virtual machines in PCS and containers
in PCS, OpenVZ and also in Parallels Desktop for Mac.

This format is described on OpenVZ site -
https://openvz.org/Ploop (together with ploop devices). It
consists of XML descriptor and one or more image files: base
image and deltas. Format of the image files described here:
https://openvz.org/Ploop/format.

This patch only adds VIR_STORAGE_FILE_PLOOP constant, consequent
patches will use it in parallels driver.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-19 12:34:31 +01:00
Michal Privoznik
64c1e1ead1 virSecurityDACRestoreSecurityHostdevLabel: Unmark @def as unused
The domain definition is clearly used a few lines
below so there's no need to mark @def as unused.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-05-19 11:15:52 +02:00
Ján Tomko
5ac9b9ddff conf: fix seclabels for chardevs
We allow a seclabel to be specified in the <source> element
of a chardev:

<serial type='file'>
  <source path='/tmp/serial.file'>
    <seclabel model='dac' relabel='no'/>
  </source>
</serial>

But we format it outside the source:

<serial type='file'>
  <source path='/tmp/serial.file'/>
  <target port='0'/>
    <seclabel model='dac' relabel='no'/>
</serial>

Move the formatting inside the source to fix this to make the
seclabel persistent across XML format->parse.

Introduced by commit f8b08d0 'Add <seclabel> to character devices.'
2014-05-19 08:47:03 +02:00
Ján Tomko
719ac9e4a7 Rename virDomainDiskSourceDefFormatSeclabel
Drop the 'Disk' from the name, as there is nothing disk-specific
about the function.
2014-05-19 08:47:03 +02:00
Jim Fehlig
a0f82fd2bd security_dac: honor relabel='no' in chardev config
The DAC driver ignores the relabel='no' attribute in chardev config

  <serial type='file'>
    <source path='/tmp/jim/test.file'>
      <seclabel model='dac' relabel='no'/>
    </source>
    <target port='0'/>
  </serial>

This patch avoids labeling chardevs when relabel='no' is specified.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:15 -06:00
Jim Fehlig
bb917a90b1 security_dac: avoid relabeling hostdevs when relabel='no'
When relabel='no' at the domain level, there is no need to call
the hostdev relabeling functions.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Jim Fehlig
3c2487ab0a security_dac: honor relabel='no' in disk config
https://bugzilla.redhat.com/show_bug.cgi?id=999301

The DAC driver ignores the relabel='no' attribute in disk config

  <disk type='file' device='floppy'>
    <driver name='qemu' type='raw'/>
    <source file='/some/path/floppy.img'>
      <seclabel model='dac' relabel='no'/>
    </source>
    <target dev='fda' bus='fdc'/>
    <readonly/>
  </disk>

This patch avoid labeling disks when relabel='no' is specified.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Jim Fehlig
9369a56244 security_dac: avoid relabeling when relabel='no'
If relabel='no' at the domain level, no need to attempt relabeling
in virSecurityDAC{Set,Restore}SecurityAllLabel().

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Jim Fehlig
3de7e4ec5e security_dac: rework callback parameter passing
Currently, the DAC security driver passes callback data as

    void params[2];
    params[0] = mgr;
    params[1] = def;

Clean this up by defining a structure for passing the callback
data.  Moreover, there's no need to pass the whole virDomainDef
in the callback as the only thing needed in the callbacks is
virSecurityLabelDefPtr.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Jim Fehlig
1d98e713d5 security_dac: cleanup use of enum types
In switch statements, use enum types since it is safer when
adding new items to the enum.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Jim Fehlig
e1ce6d836e security_dac: annotate some functions with ATTRIBUTE_NONNULL
Annotate some static function parameters with ATTRIBUTE_NONNULL
and remove checks for NULL inputs.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-05-16 15:32:14 -06:00
Eric Blake
3931ba2d44 maint: fix typos related to disk name resolution
In a number of APIs, the text implied that a user might have
<target dev='xvda'/> - but common convention is to use "vda",
not "xvda".  For example, virDomainGetDiskErrors was correct,
while virDomainBlockStats was confusing.

* src/libvirt.c: Make examples consistent.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 11:25:37 -06:00
Chen Hanxiao
d18aa70416 util: fix memory leak in failure path of virCgroupKillRecursiveInternal
Don't leak keypath when we fail to kill a process

Signed-off-by: Chen Hanxiao <chenhanxiao@cn.fujitsu.com>
2014-05-16 14:11:07 +03:00
Eric Blake
b279e52f7b maint: prefer enum over int for virstoragefile structs
For internal structs, we might as well be type-safe and let the
compiler help us with less typing required on our part (getting
rid of casts is always nice).  In trying to use enums directly,
I noticed two problems in virstoragefile.h that can't be fixed
without more invasive refactoring: virStorageSource.format is
used as more of a union of multiple enums in storage volume
code (so it has to remain an int), and virStorageSourcePoolDef
refers to pooltype whose enum is declared in src/conf, but where
src/util can't pull in headers from src/conf.

* src/util/virstoragefile.h (virStorageNetHostDef)
(virStorageSourcePoolDef, virStorageSource): Use enums instead of
int for fields of internal types.
* src/qemu/qemu_command.c (qemuParseCommandLine): Cover all values.
* src/conf/domain_conf.c (virDomainDiskSourceParse)
(virDomainDiskSourceFormat): Simplify clients.
* src/qemu/qemu_driver.c
(qemuDomainSnapshotCreateSingleDiskActive)
(qemuDomainSnapshotPrepareDiskExternalBackingInactive)
(qemuDomainSnapshotPrepareDiskExternalOverlayActive)
(qemuDomainSnapshotPrepareDiskInternal): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Eric Blake
ab5178188f maint: shorten 'TypeType' function names
The VIR_ENUM_DECL/VIR_ENUM_IMPL helper macros already append 'Type'
to the enum name being converted; it looks silly to have functions
with 'TypeType' in their name.  Even though some of our enums have
to have a 'Type' suffix, the corresponding string conversion
functions do not.

* src/conf/secret_conf.h (VIR_ENUM_DECL): Rename virSecretUsageType.
* src/conf/storage_conf.h (VIR_ENUM_DECL): Rename
virStoragePoolAuthType, virStoragePoolSourceAdapterType,
virStoragePartedFsType.
* src/conf/domain_conf.c (virDomainDiskDefParseXML)
(virDomainFSDefParseXML, virDomainFSDefFormat): Update callers.
* src/conf/secret_conf.c (virSecretDefParseUsage)
(virSecretDefFormatUsage): Likewise.
* src/conf/storage_conf.c (virStoragePoolDefParseAuth)
(virStoragePoolDefParseSource, virStoragePoolSourceFormat):
Likewise.
* src/lxc/lxc_controller.c (virLXCControllerSetupLoopDevices):
Likewise.
* src/storage/storage_backend_disk.c
(virStorageBackendDiskPartFormat): Likewise.
* src/util/virstorageencryption.c (virStorageEncryptionSecretParse)
(virStorageEncryptionSecretFormat): Likewise.
* tools/virsh-secret.c (cmdSecretList): Likewise.
* src/libvirt_private.syms (secret_conf.h, storage_conf.h): Export
corrected names.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Eric Blake
ea18f8b2b0 maint: use enum typedef for virstorageencryption.h
Continuing the work of consistent enum cleanups; this time in
virstorageencryption.h.

* src/util/virstorageencryption.h (virStorageEncryptionFormat):
Convert to typedef, renaming to avoid collision with function.
(virStorageEncryptionSecret, virStorageEncryption): Directly use
enums.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Eric Blake
3e44cf7fc6 vbox: fix stale comment about vdi storage type
The code had some todo's about adding 'vdi' to the list of
virStorageType, but we've already done that.

* src/vbox/vbox_tmpl.c (vboxStorageVolCreateXML)
(vboxStorageVolGetXMLDesc): Use enum value for vdi type.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-16 00:22:18 -06:00
Michal Privoznik
6f9c75a6f7 qemu: Implement virDomain{Get,Set}Time
One caveat though, qemu-ga is expecting time and returning time
in nanoseconds. With all the buffering and propagation delay, the
time is already wrong once it gets to the qemu-ga, but there's
nothing we can do about it.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-05-15 16:44:45 +02:00
Michal Privoznik
0abb369380 Introduce virDomain{Get,Set}Time APIs
These APIs allow users to get or set time in a domain, which may come
handy if the domain has been resumed just recently and NTP is not
configured or hasn't kicked in yet and the guest is running
something time critical. In addition, NTP may refuse to re-set the clock
if the skew is too big.

In addition, new ACL attribute is introduced 'set_time'.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-05-15 16:15:54 +02:00
Jiri Denemark
a4693c76f5 qemu: Avoid leak in qemuDomainCheckRemoveOptionalDisk
Coverity complains about event being leaked in
qemuDomainCheckRemoveOptionalDisk. The best fix for it is to remove the
disk directly since we already know its index.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-15 14:45:26 +02:00
Jim Fehlig
5099084eb3 security_dac: Fix indentation 2014-05-14 11:43:00 -06:00
Jim Fehlig
d77fa847c3 security_dac: Remove unnecessary curly braces 2014-05-14 11:43:00 -06:00
Jim Fehlig
fcf5ea7fc0 security_dac: Remove unnecessary ATTRIBUTE_UNUSED
Remove ATTRIBUTE_UNUSED on several function parameters that are
actually used.
2014-05-14 11:43:00 -06:00
Julio Faracco
660d661e85 conf: use typedefs for enums in "src/conf/snapshot_conf.h"
In "src/conf/" there are many enumeration (enum) declarations.
Similar to the recent cleanup to "src/util" directory, it's
better to use a typedef for variable types, function types and
other usages. Other enumeration and folders will be changed to
typedef's in the future. Most of the files changed in this
commit are related to snapshot (snapshot_conf) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-14 10:26:29 -06:00
Julio Faracco
1ce86e62e1 conf: use typedefs for enums in "src/conf/storage_conf.h"
In "src/conf/" there are many enumeration (enum) declarations.
Similar to the recent cleanup to "src/util" directory, it's
better to use a typedef for variable types, function types and
other usages. Other enumeration and folders will be changed to
typedef's in the future. Most of the files changed in this
commit are related to storage (storage_conf) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-14 10:18:35 -06:00
Julio Faracco
5a2cd6a775 conf: use typedefs for enums in "src/conf/nwfilter_conf.h"
In "src/conf/" there are many enumeration (enum) declarations.
Similar to the recent cleanup to "src/util" directory, it's better
to use a typedef for variable types, function types and other
usages. Other enumeration and folders will be changed to typedef's
in the future. Most of the files changed in this commit are related
to network filter (nwfilter_conf) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-14 09:49:57 -06:00
Jiri Denemark
cc4882f4ab qemu: Ignore temporary job errors when checking migration status
When qemu driver is polling for migration to finish (in
qemuMigrationWaitForCompletion), it may happen that another job allowed
during migration is running and if it does not finish within 30 seconds,
migration would be cancelled because of that. However, we can just
ignore the timeout and let the waiting loop try again later.

If an event fired at the end of migration is ever implemented in QEMU,
we can just wait for the event instead of polling for migration status
and libvirt will behave consistently, i.e., migration won't be cancelled
in case another job started during migration takes long time to finish.

For bug https://bugzilla.redhat.com/show_bug.cgi?id=1083238

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-14 13:27:23 +02:00
Jiri Denemark
b5e0532e04 qemu: Make qemuProcess{Start,Stop}CPUs easier to follow
As a side effect, the return value of qemuDomainObjEnterMonitorAsync is
not directly used as the return value of qemuProcess{Start,Stop}CPUs.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-14 13:27:18 +02:00
Jiri Denemark
dca377dbd6 qemuDomainObjBeginNestedJob: Return -2 for temporary failures
If job queue is full or waiting for a job times out, the function
returns -2 so that it can be handled in a different way by callers.

The change is safe since all existing callers of
qemuDomainObjBeginNestedJob check the return value to be less than zero.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-14 13:27:07 +02:00
Jiri Denemark
1643b158f6 qemu: Make qemuDomainObjBeginNestedJob static
It's only used within qemu_domain.c.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-05-14 13:26:59 +02:00
Peter Krempa
71802685ba qemu: snapshot: Terminate job when memory compression program isn't found
If the compression program for external snapshot memory image isn't
found we exitted the function without terminating the domain job. This
caused the domain to be unusable.

The problem was introduced in commit 7df5093f.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1097503
2014-05-14 09:43:52 +02:00
Roman Bogorodskiy
353cf3707a qemu: extract common PCI handling functions
Move sharable PCI handling functions to domain_addr.[ch], and
change theirs prefix from 'qemu' to 'vir':

 - virDomainPCIAddressAsString;
 - virDomainPCIAddressBusSetModel;
 - virDomainPCIAddressEnsureAddr;
 - virDomainPCIAddressFlagsCompatible;
 - virDomainPCIAddressGetNextSlot;
 - virDomainPCIAddressReleaseSlot;
 - virDomainPCIAddressReserveAddr;
 - virDomainPCIAddressReserveNextSlot;
 - virDomainPCIAddressReserveSlot;
 - virDomainPCIAddressSetFree;
 - virDomainPCIAddressSetGrow;
 - virDomainPCIAddressSlotInUse;
 - virDomainPCIAddressValidate;

The only change here is function names, the implementation itself
stays untouched.

Extract common allocation code from DomainPCIAddressSetCreate
into virDomainPCIAddressSetAlloc.
2014-05-13 20:17:54 +04:00
Roman Bogorodskiy
c453f2d076 qemu: extract PCI handling structs
Introduce new files (domain_addr.[ch]) to provide
an API for domain device handling that could be
shared across the drivers.

A list of data types were extracted and moved there:

 qemuDomainPCIAddressBus -> virDomainPCIAddressBus
 qemuDomainPCIAddressBusPtr -> virDomainPCIAddressBusPtr
 _qemuDomainPCIAddressSet -> virDomainPCIAddressSet
 qemuDomainPCIAddressSetPtr -> virDomainPCIAddressSetPtr
 qemuDomainPCIConnectFlags -> virDomainPCIConnectFlags

Also, move the related definitions and macros.
2014-05-13 20:10:20 +04:00
Martin Kletzander
5884adc28a sanlock: avoid leak in acquire()
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-05-13 13:50:57 +02:00
John Ferlan
87388d688d qemu: Adjust size for qcow2/qed if not on sector boundary
https://bugzilla.redhat.com/show_bug.cgi?id=1002813

If qemuDomainBlockResize() is passed a size not on a KiB boundary - that
is passed a size based in bytes (VIR_DOMAIN_BLOCK_RESIZE_BYTES), then
depending on the source format (qcow2 or qed), the value passed must
be on a sector (or 512 byte) boundary. Since other libvirt code quietly
adjusts the capacity values, then do so here as well.
2014-05-13 07:26:03 -04:00
John Ferlan
85a117a579 Revert "qemu: Adjust size for qcow2/qed if not on sector boundary"
This reverts commit e3d66229a1.
2014-05-13 07:26:03 -04:00
Martin Kletzander
da879e5921 sanlock: don't fail with unregistered domains
When a domain was started without registration in sanlock, but libvirt
was restarted after that, most of the operations failed due to
contacting sanlock about that process.  E.g. migration could not be
performed because the locks couldn't be released (or inquired before a
release).

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1088034

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-05-13 10:51:43 +02:00
Martin Kletzander
d99057423c sanlock: code movement in virLockManagerSanlockAcquire
Just move some code around for future patches to ease the review.
With this patch there is no need for drastic cleanup path later.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-05-13 10:51:43 +02:00
Tomoki Sekiyama
2bb520c802 qemu: Support mountpoints option of guest-fsfreeze-freeze
With this patch, virDomainFSFreeze will pass the mountpoints argument
to qemu guest agent. For example,

  virDomainFSFreeze(dom, {"/mnt/vol1", "/mnt/vol2"}, 2, 0)

will issue qemu guest agent command:

  {"execute":"guest-fsfreeze-freeze",
   "arguments":{"mountpoints":["/mnt/vol1","/mnt/vol2"]}}

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Acked-by: Daniel P. Berrange <berrange@redhat.com>
2014-05-12 21:24:23 -06:00
Tomoki Sekiyama
4acccdf13c qemu: Implement virDomainFSFreeze and virDomainFSThaw
Use qemuDomainSnapshotFSFreeze() and qemuDomainSnapshotFSFThaw() which are
already implemented for snapshot quiescing.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
2014-05-12 20:18:12 -06:00
Eric Blake
b4e4dfffdb maint: fix typos related to 'frozen'
"Freezed" is not an English word.

* src/lxc/lxc_driver.c (lxcFreezeContainer): Fix typo.
* src/qemu/qemu_driver.c (qemuDomainSnapshotFSFreeze): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-12 20:15:50 -06:00
Julio Faracco
e087911786 conf: use typedefs for enums in node_device_conf, nwfilter_params
In "src/conf/" there are many enumeration (enum) declarations. Similar
to the recent cleanup to "src/util" directory, it's better to use a
typedef for variable types, function types and other usages. Other
enumeration and folders will be changed to typedef's in the future.
Most of the files changed in this commit are reltaed to Node and
Network (node_device_conf.h and nwfilter_params.*) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-12 16:49:43 -06:00
Chunyan Liu
fd43d1f8bd libxl: fix support for <interface type="hostdev"> syntax
A VIR_DOMAIN_NET_TYPE_HOSTDEV interface device is really a hostdev
device, which is created by the libxl driver in libxlMakePCIList().
There is no need to create a libxl_device_nic for such hostdev
devices, so skip interfaces of type VIR_DOMAIN_NET_TYPE_HOSTDEV in
libxlMakeNicList().

Signed-off-by: Chunyan Liu <cyliu@suse.com>
2014-05-12 14:52:50 -06:00
Roman Bogorodskiy
0cb88f3b38 bhyve: implement connectGetSysinfo 2014-05-12 19:15:04 +04:00
Oleg Strikov
825a23d916 qemu: Implement a stub cpuArchDriver.compare() handler for arm and aarch64
Libvirt calls cpuArchDriver.compare() while doing guest migration.
We don't have any logic to distinguish between different arm and
aarch64 models that's why this patch allows migration to any host.

Signed-off-by: Oleg Strikov <oleg.strikov@canonical.com>
2014-05-11 18:16:34 -04:00
Dawid Zamirski
77e7a75a8b ESX: add virStorageVolGetInfo in iSCSI backend.
Since the ESX storage implements VMFS and iSCSI storage backends and
chooses relevant backend dynamically at runtime, there was a segfault
when issuing vol-info on iSCSI volume due to unimplemented
virStorageGetInfo function. This patch implements that function that was
missing in iSCSI backend and returns expected result without a segfault.
2014-05-10 17:35:03 +02:00
John Ferlan
e1e4483c90 storage: Resolve issues in failure path
https://bugzilla.redhat.com/show_bug.cgi?id=1092882

Refactoring in commit id '0c2305b3' resulted in the wrong storage
volume object being passed to the new storageVolDeleteInternal().
It should have passed 'voldef' which is the address found in the
pool->volumes.objs[i] array.  By passing 'voldef', the DeleteInternal
code will find and remove the voldef from the volumes.objs[] list.
2014-05-07 10:21:18 -04:00
Dmitry Guryanov
99f4def63b parallels: add a set of trivial functions
Add functions parallelsIsAlive, parallelsIsEncrypted,
parallelsIsSecure which are very simple to implement, but
may be required by some libvirt users. Almost all other
drivers have these functions.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-07 14:56:53 +01:00
Dmitry Guryanov
68a81f77d0 parallels: don't add domain to the list twice
There is a problem with function parallelsDomainDefineXML. If we
are defining a new domain, then we need to do 2 things: aclually
create a VM in PCS and add new domain to the cached list of domains
_parallelsConn.domains.

This is done in the function parallelsLoadDomains. So call to
virDomainObjListAdd will return a error, because a domain
with the same name and id will already be in the list.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-07 14:56:39 +01:00
Dmitry Guryanov
6d02d2774d parallels: don't enable VNC when we define a new domain
I added this code year ago, instead of implementing ability
to change VNC configuration, which was not trivial, I added
extra call to prlctl, which sets up VNC with auto port, despite
VNC configuration given by a user.

Let's remove this hack, because, first, it doesn't work on the
latest Parallels Cloud Server release (you have to either specify
--vnc-nopasswd option or password). And also has problem with
error handling. If second call to prlctl fails, VM, created by
first call to prlctl, will not be removed.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-07 14:56:39 +01:00
Dmitry Guryanov
740a3f2731 parallels: fix virDomainDef.features comparison
virDomainDef.features became an array, so now we can't simply
compare one features variable to another. We need to compare
each each element from the array.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-05-07 14:56:39 +01:00
John Ferlan
e3d66229a1 qemu: Adjust size for qcow2/qed if not on sector boundary
https://bugzilla.redhat.com/show_bug.cgi?id=1002813

If qemuDomainBlockResize() is passed a size not on a KiB boundary - that
is passed a size based in bytes (VIR_DOMAIN_BLOCK_RESIZE_BYTES), then
depending on the source format (qcow2 or qed), the value passed must
be on a sector (or 512 byte) boundary. Since other libvirt code quietly
adjusts the capacity values, then do so here as well - of course ensuring
that adjustment still fits.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2014-05-07 07:25:16 -04:00
Ján Tomko
f3be5f0c50 Add support for timestamping QEMU logs
QEMU commit 5e2ac51 added a boolean '-msg timestamp=[on|off]'
option, which can enable timestamps on errors:
$ qemu-system-x86_64 -msg timestamp=on zghhdorf
2014-04-09T13:25:46.779484Z qemu-system-x86_64: -msg timestamp=on: could
not open disk image zghhdorf: Could not open 'zghhdorf': No such file or
directory

Enable this timestamp if the QEMU binary supports it.

Add a 'log_timestamp' option to qemu.conf for disabling this behavior.
2014-05-07 10:27:50 +02:00
Tomoki Sekiyama
b6d4dad11b qemu: track quiesced status in qemuDomainSnapshotFSFreeze
Adds 'quiesced' status into qemuDomainObjPrivate that tracks whether
FSFreeze is requested in the domain.

It modifies error code from qemuDomainSnapshotFSFreeze and
qemuDomainSnapshotFSThaw, so that a caller can know whether the command is
actually sent to the guest agent. If the error is caused before sending a
freeze command, a counterpart thaw command shouldn't be sent either, not to
confuse fsfreeze status tracking.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-06 21:50:53 -06:00
Tomoki Sekiyama
ca3d07fd45 remote: Implement virDomainFSFreeze and virDomainFSThaw
New rules are added in fixup_name in gendispatch.pl to keep the name
FSFreeze and FSThaw. This adds a new ACL permission 'fs_freeze',
which is also applied to VIR_DOMAIN_SNAPSHOT_CREATE_QUIESCE flag.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Acked-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-06 18:01:05 -06:00
Tomoki Sekiyama
208f002c9d Introduce virDomainFSFreeze() and virDomainFSThaw() public API
These will freeze and thaw filesystems within guest specified by
@mountpoints parameters. The parameters can be NULL and 0, then all
mounted filesystems are frozen or thawed. @flags parameter, which are
currently not used, is for future extensions.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-06 17:41:58 -06:00
Giuseppe Scrivano
2c054ca176 udev: consider the device a CDROM when ID_CDROM=1
Some CDROM devices are reported by udev to have an ID_TYPE="generic"
thus it is necessary to check if ID_CDROM is present.

As a side effect, treating ID_TYPE="generic" as a missing ID_TYPE will
enable checks for ID_DRIVE_FLASH_SD and ID_DRIVE_FLOPPY and the
udevKludgeStorageType heuristic.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-06 16:32:27 -06:00
Cole Robinson
709f2455cc virdbus: Make virDBusCall static 2014-05-06 11:22:13 -04:00
Cole Robinson
3e8699d324 virerror: Fix an error message typo 2014-05-06 11:21:57 -04:00
Daniel P. Berrange
d6b27d3e4c LSN-2014-0003: Don't expand entities when parsing XML
If the XML_PARSE_NOENT flag is passed to libxml2, then any
entities in the input document will be fully expanded. This
allows the user to read arbitrary files on the host machine
by creating an entity pointing to a local file. Removing
the XML_PARSE_NOENT flag means that any entities are left
unchanged by the parser, or expanded to "" by the XPath
APIs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-05-06 14:04:45 +01:00
Laine Stump
1e947cf7d8 qemu: specify domain in host-side PCI addresses when needed/supported
This uses the new QEMU_CAPS_HOST_PCI_MULTIDOMAIN capability when
present, for -devivce pci-assign, -device vfio-pci, and -pcidevice.

While creating tests for this new functionality, I noticed that the
xmls for two existing tests had erroneously specified an
until-now-ignored domain="0x0002", so I corrected those two tests, and
also added two failure tests to be sure that we alert users who
attempt to use a non-zero domain with a qemu that doesn't support it.
2014-05-06 14:34:56 +03:00
Laine Stump
17133e3702 qemu: add host-pci-multidomain capability
Quite a long time ago, (apparently between qemu 0.12 and 0.13) qemu
quietly began supporting the optional specification of a domain in the
host-side address of all pci passthrough commands (by simply
prepending it to the bus:slot.function format, as
"dddd:bb:ss.f"). Since machines with multiple PCI domains are very
rare, this never came up in practice, so libvirt was never updated to
support it.

This patch takes the first step to supporting specification of a non-0
domain in the host-side address of PCI devices being assigned to a
domain, by adding a capability bit to indicate support
"QEMU_CAPS_HOST_PCI_MULTIDOMAIN", and detect it. Since this support
was added in a version prior to the minimum version required for
QMP-style capabilities detection, the capability is always enabled for
any qemu that uses QMP for capabilities detection. For older qemus,
the only clue that a domain can be specified in the host pci address
is the presence of the string "[seg:]" in the help string for
-pcidevice. (Ironically, libvirt will not be modified to support
specification of domain for -pcidevice, since any qemu new enough for
us to care about also supports "-device pci-assign" or "-device
vfio-pci", which are greatly preferred).
2014-05-06 14:32:33 +03:00
Michal Privoznik
eb54426659 storageVolCreateXMLFrom: Allow multiple accesses to origvol
When creating a new volume, it is possible to copy data into it from
another already existing volume (referred to as @origvol). Obviously,
the read-only access to @origvol is required, which is thread safe
(probably not performance-wise though). However, with current code
both @newvol and @origvol are marked as building for the time of
copying data from the @origvol to @newvol. The rationale behind
is to disallow some operations on both @origvol and @newvol, e.g.
vol-wipe, vol-delete, vol-download. While it makes sense to not allow
such operations on partly copied mirror, but it doesn't make sense to
disallow vol-create or vol-download on the source (@origvol).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-05-06 10:24:44 +02:00
Ján Tomko
c3f6882383 Fix build wihout macvtap or virtualport
Commit 1b14c44 broke the build on FreeBSD by changing
the signature of a few functions without updating the
corresponding stubs that are used when WITH_MACVTAP
or WITH_VIRTUALPORT is not defined.
2014-05-06 09:14:05 +02:00
Julio Faracco
6000705ab1 conf: use typedefs for enums in "src/conf/{network,interface}_conf.h"
In "src/conf/" there are many enumeration (enum) declarations.
Similar to the recent cleanup to "src/util" directory, it's
better to use a typedef for variable types, function types and
other usages. Other enumeration and folders will be changed to
typedef's in the future. Most of the files changed in this commit
are reltaed to Network (network_conf.* and interface_conf.*) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-05 16:04:53 -06:00
Julio Faracco
00ee955d08 conf: use typedefs for enums in "src/conf/cpu_conf.h"
In "src/conf/" there are many enumeration (enum) declarations.
Similar to the recent cleanup to "src/util" directory, it's
better to use a typedef for variable types, function types and
other usages. Other enumeration and folders will be changed to
typedef's in the future. Most of the files changed in this commit
are related to CPU (cpu_conf) enums.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-05 15:52:36 -06:00
Julio Faracco
1b14c449b8 util: use typedefs for enums in "src/util/" directory
In "src/util/" there are many enumeration (enum) declarations.
Sometimes, it's better using a typedef for variable types,
function types and other usages. Other enumeration will be
changed to typedef's in the future.

Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-05 14:30:01 -06:00
Jim Fehlig
da74412046 libxl: support PARAVIRT reboot flag
Add support for the VIR_DOMAIN_REBOOT_PARAVIRT flag in
libxlDomainReboot().
2014-05-05 10:52:21 -06:00
Jim Fehlig
c4fe29f88c libxl: support PARAVIRT and ACPI shutdown flags
Add support for VIR_DOMAIN_SHUTDOWN_PARAVIRT and
VIR_DOMAIN_SHUTDOWN_ACPI_POWER_BTN flags in
libxlDomainShutdownFlags().
2014-05-05 10:52:21 -06:00
Eric Blake
fff74b275e conf: drop extra storage probe
All callers of virStorageFileGetMetadataFromBuf were first calling
virStorageFileProbeFormatFromBuf, to learn what format to pass in.
But this function is already wired to do the exact same probe if
the incoming format is VIR_STORAGE_FILE_AUTO, so it's simpler to
just refactor the probing into the central function.

* src/util/virstoragefile.h (virStorageFileGetMetadataFromBuf):
Drop parameter.
(virStorageFileProbeFormatFromBuf): Drop declaration.
* src/util/virstoragefile.c (virStorageFileGetMetadataFromBuf):
Do probe here instead of in callers.
(virStorageFileProbeFormatFromBuf): Make static.
* src/libvirt_private.syms (virstoragefile.h): Drop function.
* src/storage/storage_backend_fs.c (virStorageBackendProbeTarget):
Update caller.
* src/storage/storage_backend_gluster.c
(virStorageBackendGlusterRefreshVol): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-05 10:46:05 -06:00
Roman Bogorodskiy
0541727cf7 bhyve: report cpuTime in bhyveDomainGetInfo
Add a helper function virBhyveGetDomainTotalCpuStats() to
obtain process CPU time using kvm (kernel memory interface)
and use it to set cpuTime field of the virDomainInfo struct in
bhyveDomainGetInfo().
2014-05-05 18:03:15 +04:00
Martin Kletzander
6d105946a9 typos: fix s/it/is/ where applicable
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-05-05 11:49:36 +02:00
Li Yang
0525ab1c8c datatypes: Fix comment of secret uuid
Signed-off-by: Li Yang <liyang.fnst@cn.fujitsu.com>
2014-05-05 10:20:51 +02:00
Roman Bogorodskiy
747ed3e657 bhyve: implement connectDomainXMLToNative
The only accepted format for now is 'bhyve-argv' which
prints out a bhyve command corresponding to the given
domain definition.
2014-05-04 17:43:55 +04:00
Roman Bogorodskiy
07e371fc36 bhyve: improve bhyve_command.c testability
* bhyve_command.c (bhyveBuildNetArgStr, virBhyveProcessBuildBhyveCmd):
  add dryRun mode which doesn't create any devices when enabled
* bhyve_command.c (virBhyveProcessBuildBhyveCmd,
  virBhyveProcessBuildDestroyCmd, virBhyveProcessBuildLoadCmd): accept
  virDomainDefPtr instead of virDomainObjPtr.
2014-05-04 17:43:54 +04:00
Ján Tomko
a65871aaae Fix vlan ID detection in udev interface driver
Instead of guessing it from the interface name, look into
/proc/net/vlan/<interface>.

This works for devices not named <real_device>.<vlan ID>,
avoiding an error flood when virt-manager keeps asking about
them every second:

https://bugzilla.redhat.com/show_bug.cgi?id=966329
2014-05-04 15:08:14 +02:00
John Ferlan
f1856eb622 Restore skipping of setting capacity
Commit id 'ac9a0963' refactored out the 'withCapacity' for the
virStorageBackendUpdateVolInfo() API.  See:

http://www.redhat.com/archives/libvir-list/2014-April/msg00043.html

This resulted in a difference in how 'virsh vol-info --pool <poolName>
<volume>' or 'virsh vol-list vol-list --pool <poolName> --details' outputs
the capacity information for a directory pool with a qcow2 sparse file.

For example, using the following XML

mkdir /home/TestPool
cat testpool.xml
<pool type='dir'>
  <name>TestPool</name>
  <uuid>6bf80895-10b6-75a6-6059-89fdea2aefb7</uuid>
  <source>
  </source>
  <target>
    <path>/home/TestPool</path>
    <permissions>
      <mode>0755</mode>
      <owner>0</owner>
      <group>0</group>
    </permissions>
  </target>
</pool>

virsh pool-create testpool.xml
virsh vol-create-as --pool TestPool temp_vol_1 \
      --capacity 1048576 --allocation 1048576 --format qcow2
virsh vol-info --pool TestPool temp_vol_1

Results in listing a Capacity value.  Prior to the commit, the value would
be '1.0 MiB' (1048576 bytes). However, after the commit the output would be
(for example) '192.50 KiB', which for my system was the size of the volume
in my file system (eg 'ls -l TestPool/temp_vol_1' results in '197120' bytes
or 192.50 KiB). While perhaps technically correct, it's not necessarily
what the user expected (certainly virt-test didn't expect it).

This patch restores the code to not update the target capacity for this path
2014-05-02 07:11:05 -04:00
Ján Tomko
1055852aef fix build with older gcc
Older gcc (4.1.2-55.el5, 4.2.1 on FreeBSD) reports bogus warnings:
../../src/conf/nwfilter_conf.c:2111: warning: 'protocol' may be used
uninitialized in this function
../../src/conf/nwfilter_conf.c:2110: warning: 'dataProtocolID' may be
used uninitialized in this function

Initialize them to NULL to make the compiler happy.
2014-05-02 09:37:34 +02:00
Eric Blake
5c05e2b126 storage: reject negative indices
Commit f22b7899 stumbled across a difference between 32-bit and
64-bit platforms when parsing "-1" as an int.  Now that we've
fixed that difference, it's time to fix the testsuite.

* src/util/virstoragefile.c (virStorageFileParseChainIndex):
Require a positive index.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-01 15:11:02 -06:00
Eric Blake
7b045c8ce9 util: new stricter unsigned int parsing
strtoul() is required to parse negative numbers as their
twos-complement positive counterpart.  But sometimes we want
to reject negative numbers.  Add new functions to do this.
The 'p' suffix is a mnemonic for 'positive' (technically it
also parses 0, but 'non-negative' doesn't lend itself to a
nice one-letter suffix).

* src/util/virstring.h (virStrToLong_uip, virStrToLong_ulp)
(virStrToLong_ullp): New prototypes.
* src/util/virstring.c (virStrToLong_uip, virStrToLong_ulp)
(virStrToLong_ullp): New functions.
* src/libvirt_private.syms (virstring.h): Export them.
* tests/virstringtest.c (testStringToLong): Test them.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-01 15:11:02 -06:00
Eric Blake
f18c02ec22 util: fix uint parsing on 64-bit platforms
Commit f22b7899 called to light a long-standing latent bug: the
behavior of virStrToLong_ui was different on 32-bit platforms
than on 64-bit platforms.  Curse you, C type promotion and
narrowing rules, and strtoul specification.  POSIX says that for
a 32-bit long, strtol handles only 2^32 values [LONG_MIN to
LONG_MAX] while strtoul handles 2^33 - 1 values [-ULONG_MAX to
ULONG_MAX] with twos-complement wraparound for negatives.  Thus,
parsing -1 as unsigned long produces ULONG_MAX, rather than a
range error.  We WANT[1] this same shortcut for turning -1 into
UINT_MAX when parsing to int; and get it for free with 32-bit
long.  But with 64-bit long, ULONG_MAX is outside the range
of int and we were rejecting it as invalid; meanwhile, we were
silently treating -18446744073709551615 as 1 even though it
textually exceeds INT_MIN.  Too bad there's not a strtoui() in
libc that does guaranteed parsing to int, regardless of the size
of long.

The bug has been latent since 2007, introduced by Jim Meyering
in commit 5d25419 in the attempt to eradicate unsafe use of
strto[u]l when parsing ints and longs.  How embarrassing that we
are only discovering it now - so I'm adding a testsuite to ensure
that it covers all the corner cases we care about.

[1] Ideally, we really want the caller to be able to choose whether
to allow negative numbers to wrap around to their 2s-complement
counterpart, as in strtoul, or to force a stricter input range
of [0 to UINT_MAX] by rejecting negative signs; this will be added
in a later patch for all three int types.

This patch is tested on both 32- and 64-bit; the enhanced
virstringtest passes on both platforms, while virstoragetest now
reliably fails on both platforms instead of just 32-bit platforms.
That test will be fixed later.

* src/util/virstring.c (virStrToLong_ui): Ensure same behavior
regardless of platform long size.
* tests/virstringtest.c (testStringToLong): New function.
(mymain): Comprehensively test string to long parsing.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-05-01 15:11:02 -06:00
Daniel P. Berrange
dca027a9b7 Misc error reporting bugs in QEMU cli builder
A couple of places in the QEMU XML -> ARGV conversion code
raised an error but then forgot to return an error status
due to missing gotos. While fixing this also tweak style
of a couple of other error reports

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-05-01 17:24:45 +01:00
Laine Stump
0eac9d1e90 qemu: fix crash when removing <filterref> from interface with update-device
If a domain network interface that contains a <filterref> is modified
"live" using "virsh update-device --live", libvirtd would crash. This
was because the code supporting live update of an interface's
filterref was assuming that a filterref might be added or modified,
but didn't account for removing the filterref, resulting in a null
dereference of the filter name.

Introduced with commit 258fb278, which was first in libvirt v1.0.1.

This addresses https://bugzilla.redhat.com/show_bug.cgi?id=1093301
2014-05-01 15:46:10 +03:00
Peter Krempa
b47668233e storage: Clear all data allocated about backing store before reparsing
To avoid memory leak of the "backingStoreRaw" field when reparsing
backing chains a new function is being introduced by this patch that
shall be used to clear backing store information.

The memory leak was introduced in commit 8823272d41.
2014-04-30 19:59:20 +02:00
Stefan Berger
cdebc2f74c nwfilter: Tear down temp. filters when tearing all filters
Refactor the ebiptablesTearNewRules function so that the teardown of temporary
filters can also be called by the ebiptablesAllTeardown function.

This fixes a problem that leaves temporary filters behind when a VM shuts down
while its filters are modified.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

v1->v2:
  - test cases adjusted to expect more commands
2014-04-30 12:51:38 -04:00
Michal Privoznik
7a6ae35dbe Device{Attach,Detach}: Document S4 limitations
https://bugzilla.redhat.com/show_bug.cgi?id=808463

Well, libvirt doesn't distinguish between domain poweroff and
hibernation (S4). It's hard to differentiate these two on a real
machine anyway. As a result, any device that is hot(un-)plugged is
lost (appears again) when domain is started again as from our POV
it is a fresh cold boot. Instead of doing anything wise here, we
should just document this as known limitation.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-04-30 18:25:11 +02:00
Daniel P. Berrange
916b147cc8 Set mknod permission in device ACL for LXC USB devices
The LXC controller itself needs to mknod the USB device
node in /dev/bus/usb, so we can't block mknod permission
from the cgroup.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-30 16:54:13 +01:00
Stefan Berger
a457fc6550 nwfilter: Validate rule after parsing
An IP or IPv6 rule with port specification but without protocol
specification cannot be instantiated by ebtables. The documentation
points to 'protocol' being required but implementation does not
enforce it to be given.

Implement a rule validation function that checks whether the rule is
valid when it is defined. This for example prevents the definition
of rules like:

<ip dstportstart='53'>

where a protocol attribute would be required for it to be valid and for
ebtables to be able to instantiate it. A valid rule then is:

<ip protocol='udp' dstportstart='53'>

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2014-04-30 11:41:18 -04:00
Sahid Orentino Ferdjaoui
f393c4603a Add support for QEMU migration to use SASL authentication
This commit provides the ability to virDomainMigrateToURI to
check for SASL credentials when attempts to migrate a domain
with the driver QEMU.

Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@cloudwatt.com>
2014-04-30 14:07:53 +01:00
Pavel Hrdina
620e16760e virfirewall: fix build on freebsd
Freebsd doesn't know ENODATA so we have to use different EINVAL
error code.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-04-30 08:51:29 +02:00
Eric Blake
c9679edca9 conf: avoid null deref during storage probe
Commit 5c43e2e introduced a NULL deref if there is a failure
in virStorageFileGetMetadataInternal.

* src/util/virstoragefile.c (virStorageFileGetMetadataFromBuf):
Fix error handling.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-29 08:13:29 -06:00
Daniel P. Berrange
37697d828b Don't use SO_REUSEADDR on Win32 platforms
SO_REUSEADDR on Windows is actually akin to SO_REUSEPORT
on Linux/BSD. ie it allows 2 apps to listen to the same
port at once. Thus we must not set it on Win32 platforms

See http://msdn.microsoft.com/en-us/library/windows/desktop/ms740621.aspx

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-29 11:30:32 +01:00
Martin Kletzander
837154a151 qemu: properly quit migration with abort_on_error
When EIO comes to qemu while it's replying to
qemuMigrationUpdateJobStatus(), qemu blocks, the migration of RAM can
complete in the meantime, and when qemu unblocks, it sends us
BLOCK_IO_ERROR plus migrations "status": "complete".  Even though we
act upon the BLOCK_IO_ERROR by setting the proper state of the domain,
the call still waits for the proper reply on monitor for query_migrate
and after it gets it, it checks that migration is completed and the
migration is finished.  This is what abort_on_error flag was meant for
(we can migrate with these errors, but this flag must inhibit such
behaviour).  Changing the order of the steps guarantees the flag works
properly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1045833

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-04-29 10:40:44 +02:00
Martin Kletzander
f6ec6af8a6 qemu: don't call virFileExists() for network type disks
Based on suggestion from Eric [1], because it might not get cleaned up
before the release, so to avoid potential errors.

[1] https://www.redhat.com/archives/libvir-list/2014-April/msg00929.html

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-04-29 10:32:27 +02:00
Steven McDonald
4cd508ba4f storage_backend_rbd: Correct argument order to rbd_create3
The stripe_unit and stripe_count arguments are passed to rbd_create3 in
the wrong order, resulting in a stripe size of 1 byte with 4194304
stripes on newly created RBD volumes.

https://bugzilla.redhat.com/show_bug.cgi?id=1092208
Signed-off-by: Steven McDonald <steven.mcdonald@anchor.net.au>
2014-04-28 22:11:09 -06:00
Eric Blake
eae00fb59a enforce sane readdir usage
Now that all clients have been adjusted, ensure that no future
misuse of readdir is introduced into the code base.

* cfg.mk (sc_prohibit_readdir): New rule.
* src/util/virfile.c (virDirRead): Exempt the wrapper.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:46 -06:00
Laine Stump
a431523444 network: use virDirRead in networkMigrateStateFiles
This attempts to follow the same variable name and usage patterns as
the other conversions to virDirRead().
2014-04-28 17:52:46 -06:00
Eric Blake
56a03233ab storage: use virDirRead API
More instances of failure to report (unlikely) readdir errors.
In one case, I chose to ignore them, given that a readdir error
would be no different than timing out on the loop, where the
fallback path behaves correctly either way.

* src/storage/storage_backend.c (virStorageBackendStablePath):
Ignore readdir errors.
* src/storage/storage_backend_fs.c
(virStorageBackendFileSystemRefresh): Report readdir errors.
* src/storage/storage_backend_iscsi.c
(virStorageBackendISCSIGetHostNumber): Likewise.
* src/storage/storage_backend_scsi.c (getNewStyleBlockDevice)
(getBlockDevice, virStorageBackendSCSIFindLUs): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:46 -06:00
Eric Blake
ddcf4730ce drivers: use virDirRead API
Convert all remaining clients of readdir to use the new
interface, so that we can ensure (unlikely) errors while
reading a directory are reported.

* src/openvz/openvz_conf.c (openvzAssignUUIDs): Use new
interface.
* src/parallels/parallels_storage.c (parallelsFindVolumes)
(parallelsFindVmVolumes): Report readdir failures.
* src/qemu/qemu_driver.c (qemuDomainSnapshotLoad): Ignore readdir
failures.
* src/secret/secret_driver.c (loadSecrets): Likewise.
* src/qemu/qemu_hostdev.c
(qemuHostdevHostSupportsPassthroughVFIO): Report readdir failures.
* src/xen/xen_inotify.c (xenInotifyOpen): Likewise.
* src/xen/xm_internal.c (xenXMConfigCacheRefresh): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:45 -06:00
Eric Blake
ac1d42ac72 util: use virDirRead API
In making the conversion to the new API, I fixed a couple bugs:
virSCSIDeviceGetSgName would leak memory if a directory
unexpectedly contained multiple entries;
virNetDevTapGetRealDeviceName could report a spurious error
from a stale errno inherited before starting the readdir search.

The decision on whether to store the result of virDirRead into
a variable is based on whether the end of the loop falls through
to cleanup code automatically.  In some cases, we have loops that
are documented to return NULL on failure, and which raise an
error on most failure paths but not in the case where the directory
was unexpectedly empty; it may be worth a followup patch to
explicitly report an error if readdir was successful but the
directory was empty, so that a NULL return always has an error set.

* src/util/vircgroup.c (virCgroupRemoveRecursively): Use new
interface.
(virCgroupKillRecursiveInternal, virCgroupSetOwner): Report
readdir failures.
* src/util/virfile.c (virFileLoopDeviceOpenSearch)
(virFileNBDDeviceFindUnused, virFileDeleteTree): Use new
interface.
* src/util/virnetdevtap.c (virNetDevTapGetRealDeviceName):
Properly check readdir errors.
* src/util/virpci.c (virPCIDeviceIterDevices)
(virPCIDeviceFileIterate, virPCIGetNetName): Report readdir
failures.
(virPCIDeviceAddressIOMMUGroupIterate): Use new interface.
* src/util/virscsi.c (virSCSIDeviceGetSgName): Report readdir
failures, and avoid memory leak.
(virSCSIDeviceGetDevName): Report readdir failures.
* src/util/virusb.c (virUSBDeviceSearch): Report readdir
failures.
* src/util/virutil.c (virGetFCHostNameByWWN)
(virFindFCHostCapableVport): Report readdir failures.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:45 -06:00
Eric Blake
6b9f40e856 conf: use virDirRead API
When reading configuration files, we were silently ignoring
directory read failures.  While unlikely, we might as well
report them.

* src/conf/domain_conf.c (virDomainObjListLoadAllConfigs): Report
readdir errors.
* src/conf/network_conf.c (virNetworkLoadAllState)
(virNetworkLoadAllConfigs): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterLoadAllConfigs): Likewise.
* src/conf/storage_conf.c (virStoragePoolLoadAllConfigs):
Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:45 -06:00
Natanael Copa
92cf75df8e nodeinfo: use virDirRead API
This makes sure that errno is reset before readdir is called, even if
the loop does a 'continue'.

This fixes issue with musl libc which sets errno on sscanf. The
following 'continue' makes the errno be set before calling readdir.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:45 -06:00
Natanael Copa
1ce2f1a434 util: introduce virDirRead wrapper for readdir
Introduce a wrapper for readdir. This helps us make sure that we always
set errno before calling readdir and it will make sure errors are
properly logged.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-28 17:52:45 -06:00
Jim Fehlig
4f70ae2409 xen: ensure /usr/sbin/xend exists before checking status
With xend on the way out, installations may not even have
/usr/sbin/xend, which results in the following error when the
drivers are probed

2014-04-28 18:21:19.271+0000: 22129: error : virCommandWait:2426 :
internal error: Child process (/usr/sbin/xend status) unexpected exit
status 127: libvirt:  error : cannot execute binary /usr/sbin/xend:
No such file or directory

Check for existence of /usr/sbin/xend before trying to run it with
the 'status' option.
2014-04-28 13:58:33 -06:00
Daniel P. Berrange
04515a3438 Remove bogus ATTRIBUTE_NONNULL from virFirewallAddRuleFull
The virFirewallAddRuleFull method originally had a single
compulsory virFirewallQueryCallback parameter. During dev
work though the ignoreErrors parameter was added and the
callback parameter made optional. The ATTRIBUTE_NONNULL
annotation was never removed though.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-28 14:27:40 +01:00
Daniel P. Berrange
727efb9696 Make autostart of virtlockd actually work
The virnetsocket.c API is hardcoded to pass --timeout=30 to
any daemon it auto-starts. For inexplicable reasons the virtlockd
daemon did not implement the --timeout option, so it would
immediately exit on autostart with an error.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-28 13:30:41 +01:00
Daniel P. Berrange
e18a80a3a0 Use virFileFindResource to locate virtlockd daemon
Make the lock plugin use virFileFindResource to find the
virtlockd daemon path, so that it executes the in-builddir
daemon if run from source tree.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-28 13:30:41 +01:00
Daniel P. Berrange
57e5c3c2ae Use virFileFindResource to locate libvirtd daemon
Make the remote driver use virFileFindResource to find the
libvirt daemon path, so that it executes the in-builddir
daemon if run from source tree.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-28 13:30:41 +01:00
Jiri Denemark
eec2f65946 Recheck disk backing chains after snapshot
When a snapshot operation finishes we have to recheck the backing chain
of all disks involved in the snapshot. And we need to do that even if
the operation failed because some of the disks might have changed if
QEMU did not support transactions.
2014-04-27 21:19:12 +02:00
Laine Stump
34cc3b2f10 network: centralize check for active network during interface attach
The check for a network being active during interface attach was being
done individually in several places (by both the lxc driver and the
qemu driver), but those places were too specific, leading to it *not*
being checked when allocating a connection/device from a macvtap or
hostdev network.

This patch puts a single check in networkAllocateActualDevice(), which
is always called before the any network interface is attached to any
type of domain. It also removes all the other now-redundant checks
from the lxc and qemu drivers.

NB: the following patches are prerequisites for this patch, in the
case that it is backported to any branch:

  440beeb network: fix virNetworkObjAssignDef and persistence
  8aaa5b6 network: create statedir during driver initialization
  b9e9549 network: change location of network state xml files
  411c548 network: set macvtap/hostdev networks active if their state
          file exists

This fixes:

  https://bugzilla.redhat.com/show_bug.cgi?id=880483
2014-04-27 12:22:36 +03:00
Laine Stump
411c548668 network: set macvtap/hostdev networks active if their state file exists
libvirt attempts to determine at startup time which networks are
already active, and set their active flags. Previously it has done
this by assuming that all networks are inactive, then setting the
active flag if the network has a bridge device associated with it and
that bridge device exists. This is not useful for macvtap and hostdev
based networks, since they do not use a bridge device.

Of course the reason that such a check had to be done was that the
presence of a status file in the network "stateDir" couldn't be
trusted as an indicator of whether or not a network was active. This
was due to the network driver mistakenly using
/var/lib/libvirt/network to store the status files, rather than
/var/run/libvirt/network (similar to what is done by every other
libvirt driver that stores status xml for its objects). The difference
is that /var/run is cleared out when the host reboots, so you can be
assured that the state file you are seeing isn't just left over from a
previous boot of the host.

Now that the network driver has been switched to using
/var/run/libvirt/network for status, we can also modify it to assume
that any network with an existing status file is by definition active
- we do this when reading the status file. To fine tune the results,
networkFindActiveConfigs() is changed to networkUpdateAllState(),
and only sets active = 0 if the conditions for particular network
types are *not* met.

The result is that during the first run of libvirtd after the host
boots, there are no status files, so no networks are active. Any time
libvirtd is restarted, any network with a status file will be marked
as active (unless the network uses a bridge device and that device for
some reason doesn't exist).
2014-04-27 12:20:39 +03:00
Laine Stump
b9e95491d1 network: change location of network state xml files
For some reason these have been stored in /var/lib, although other
drivers (e.g. qemu and lxc) store their state files in /var/run.

It's much nicer to store state files in /var/run because it is
automatically cleared out when the system reboots. We can then use
existence of the state file as a convenient indicator of whether or
not a particular network is active.

Since changing the location of the state files by itself will cause
problems in the case of a *live* upgrade from an older libvirt that
uses /var/lib (because current status of active networks will be
lost), the network driver initialization has been modified to migrate
any network state files from /var/lib to /var/run.

This will not help those trying to *downgrade*, but in practice this
will only be problematic in two cases

1) If there are networks with network-wide bandwidth limits configured
   *and in use* by a guest during a downgrade to "old" libvirt. In this
   case, the class ID's used for that network's tc rules, as well as
   the currently in-use bandwidth "floor" will be forgotten.

2) If someone does this: 1) upgrade libvirt, 2) downgrade libvirt, 3)
   modify running state of network (e.g. add a static dhcp host, etc),
   4) upgrade. In this case, the modifications to the running network
   will be lost (but not any persistent changes to the network's
   config).
2014-04-27 12:19:57 +03:00
Laine Stump
8aaa5b68ef network: create statedir during driver initialization
This directory should be created when the network driver is first
started up, not just when a dhcp daemon is run. This hasn't posed a
problem in the past, because the directory has always been
pre-existing.
2014-04-27 12:19:13 +03:00
Laine Stump
440beeb7ac network: fix virNetworkObjAssignDef and persistence
Experimentation showed that if virNetworkCreateXML() was called for a
network that was already defined, and then the network was
subsequently shutdown, the network would continue to be persistent
after the shutdown (expected/desired), but the original config would
be lost in favor of the transient config sent in with
virNetworkCreateXML() (which would then be the new persistent config)
(obviously unexpected/not desired).

To fix this, virNetworkObjAssignDef() has been changed to

1) properly save/free network->def and network->newDef for all the
various combinations of live/active/persistent, including some
combinations that were previously considered to be an error but didn't
need to be (e.g. setting a "live" config for a network that isn't yet
active but soon will be - that was previously considered an error,
even though in practice it can be very useful).

2) automatically set the persistent flag whenever a new non-live
config is assigned to the network (and clear it when the non-live
config is set to NULL). the libvirt network driver no longer directly
manipulates network->persistent, but instead relies entirely on
virNetworkObjAssignDef() to do the right thing automatically.

After this patch, the following sequence will behave as expected:

virNetworkDefineXML(X)
virNetworkCreateXML(X') (same name but some config different)
virNetworkDestroy(X)

At the end of these calls, the network config will remain as it was
after the initial virNetworkDefine(), whereas previously it would take
on the changes given during virNetworkCreateXML().

Another effect of this tighter coupling between a) setting a !live def
and b) setting/clearing the "persistent" flag, is that future patches
which change the details of network lifecycle management
(e.g. upcoming patches to fix detection of "active" networks when
libvirtd is restarted) will find it much more difficult to break
persistence functionality.
2014-04-27 11:02:05 +03:00
Dwight Engen
014f317b71 build: -avoid-version on libvirt_driver_nwfilter
This fixes the following make rpm warning:

warning: Installed (but unpackaged) file(s) found:
   /usr/lib64/libvirt/connection-driver/libvirt_driver_nwfilter.so.0
   /usr/lib64/libvirt/connection-driver/libvirt_driver_nwfilter.so.0.0.0

introduced in comit 8d559864

Signed-off-by: Dwight Engen <dwight.engen@oracle.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-04-26 22:38:22 -06:00
Ian Campbell
657cb1e44d libxl: Support PV consoles
Currently the driver only exposes the ability to connect to the serial console
of a Xen guest, which doesn't work for a PV guest. Since for an HVM guest the
serial devices are duplicated as consoles it is sufficient to just use the
console devices unconditionally.

Tested with the following bit of config XML:

<domain type='xen'>
  ...
  <devices>
    <console type='pty'>
      <target type='xen'/>
    </console>
  </devices>
</domain>

I have observed and tested this on ARM but I believe it also applies to x86 PV
guests.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Clark Laughlin <clark.laughlin@linaro.org>
2014-04-25 14:08:54 -06:00
Daniel P. Berrange
3ba789ccd5 Add a test suite for nwfilter ebiptables tech driver
Create a nwfilterxml2firewalltest to exercise the
ebiptables_driver.applyNewRules method with a variety of
different XML input files. The XML input files are taken
from the libvirt-tck nwfilter tests. While the nwfilter
tests verify the final state of the iptables chains, this
test verifies the set of commands invoked to create the
chains.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
4131bff5b7 Remove last trace of direct firewall command exection
Remove all the left over code related to the direct invocation
of firewall-cmd/iptables/ip6tables/ebtables. This is all handled
by the virFirewallPtr APIs now.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
70571ccc98 Convert ebiptablesDriverProbeStateMatch to virFirewall
Conver the ebiptablesDriverProbeStateMatch initialization
check to use the virFirewall APIs for querying iptables
version.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
001130c096 Convert nwfilter ebiptablesApplyNewRules to virFirewall
Convert the nwfilter ebtablesApplyNewRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
051eb0238a Convert nwfilter ebtablesApplyDropAllRules to virFirewall
Convert the nwfilter ebtablesApplyDropAllRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
423735d763 Convert nwfilter ebtablesApplyDHCPOnlyRules to virFirewall
Convert the nwfilter ebtablesApplyDHCPOnlyRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
d01eb15303 Convert nwfilter ebtablesApplyBasicRules to virFirewall
Convert the nwfilter ebtablesApplyBasicRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
138ef25e99 Convert nwfilter ebiptablesTearNewRules to virFirewall
Convert the nwfilter ebiptablesTearNewRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:10 +01:00
Daniel P. Berrange
d7b83ab7c3 Convert nwfilter ebtablesRemoveBasicRules to virFirewall
Convert the nwfilter ebtablesRemoveBasicRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
3010fae592 Convert nwfilter ebiptablesTearOldRules to virFirewall
Convert the nwfilter ebiptablesTearOldRules method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
8d55986427 Convert nwfilter ebiptablesAllTeardown to virFirewall
Convert the nwfilter ebiptablesAllTeardown method to use the
virFirewall object APIs instead of creating shell scripts
using virBuffer APIs. This provides a performance improvement
through allowing direct use of firewalld dbus APIs and will
facilitate automated testing.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
3bf346a124 Convert ebtables code over to use firewall APIs
Convert the virebtables.{c,h} files to use the new virFirewall
APIs for changing ebtables rules.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
c13a952f69 Replace virNetworkObjPtr with virNetworkDefPtr in network platform APIs
The networkCheckRouteCollision, networkAddFirewallRules and
networkRemoveFirewallRules APIs all take a virNetworkObjPtr
instance, but only ever access the 'def' member. It thus
simplifies testing if the APIs are changed to just take a
virNetworkDefPtr instead

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
a66fc27d89 Convert bridge driver over to use new firewall APIs
Update the iptablesXXXX methods so that instead of directly
executing iptables commands, they populate rules in an
instance of virFirewallPtr. The bridge driver can thus
construct the ruleset and then invoke it in one operation
having rollback handled automatically.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
3a0ca7de51 Introduce an object for managing firewall rulesets
The network and nwfilter drivers both have a need to update
firewall rules. The currently share no code for interacting
with iptables / firewalld. The nwfilter driver is fairly
tied to the concept of creating shell scripts to execute
which makes it very hard to port to talk to firewalld via
DBus APIs.

This patch introduces a virFirewallPtr object which is able
to represent a complete sequence of rule changes, with the
ability to have multiple transactional checkpoints with
rollbacks. By formally separating the definition of the rules
to be applied from the mechanism used to apply them, it is
also possible to write a firewall engine that uses firewalld
DBus APIs natively instead of via the slow firewalld-cmd.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
89f244ba7c Preserve error when tearing down nwfilter rules
When a VM fails to launch due to error creating nwfilter
rules, we must avoid overwriting the original error when
tearing down the partially created rules.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
b1c1df05bf Remove two-stage construction of commands in nwfilter
The nwfilter ebiptables driver will build up commands to run in
two phases. The first phase contains all of the command, except
for the '-A' part. Instead it has a '%c' placeholder, along with
a '%s' placeholder for a position arg. The second phase than
substitutes these placeholders. The only values ever used for
these substitutions though is '-A' and '', so it is entirely
pointless. Remove the second phase entirely, since it will make
it harder to convert to the new firewall APIs

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
3f74b2eb2c Merge nwfilter createRuleInstance driver into applyNewRules
The current nwfilter tech driver API has a 'createRuleInstance' method
which populates virNWFilterRuleInstPtr with a command line string
containing variable placeholders. The 'applyNewRules' method then
expands the variables and executes the commands. This split of
responsibility won't work when switching to the virFirewallPtr
APIs, since we can't just build up command line strings. This patch
this merges the functionality of 'createRuleInstance' into the
applyNewRules method.

The virNWFilterRuleInstPtr struct is changed from holding an array
of opaque pointers, into holding generic metadata about the rules
to be processed. In essence this is the result of taking a linked
set of virNWFilterDefPtr's and flattening the tree to get a list
of virNWFilterRuleDefPtr's. At the same time we must keep track of
any nested virNWFilterObjPtr instances, so that the locks are held
for the duration of the 'applyNewRules' method.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
4dd7eaa36f Push virNWFilterRuleInstPtr out of (eb|ip)tablesCreateRuleInstance
Later refactoring will change use of the virNWFilterRuleInstPtr struct.
Prepare for this by pushing use of the virNWFilterRuleInstPtr parameter
out of the ebtablesCreateRuleInstance and iptablesCreateRuleInstance
methods. Instead they simply string(s) with the constructed rule data.
The ebiptablesCreateRuleInstance method will make use of the
virNWFilterRuleInstPtr struct instead.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
23b1d0c07d Add helper methods for determining what protocol layer is used
Add virNWFilterRuleIsProtocol{Ethernet,IPv4,IPv6} helper methods
to avoid having to write a giant switch statements with many cases.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
143a8a3038 Remove nwfilter tech driver 'displayRuleInstance' callback
The 'displayRuleInstance' callback in the nwfilter tech driver
is never invoked, so can be deleted.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
9b8aef1a02 Remove nwfilter tech driver 'removeRules' callback
The 'removeRules' callback in the nwfilter tech driver is never
invoked, so can be deleted.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00
Daniel P. Berrange
293d4fe2f1 Remove pointless storage of var names in virNWFilterHashTable
The virNWFilterHashTable struct contains a virHashTable and
then a 'char **names' field which keeps a copy of all the
hash keys. Presumably this was intended to record the ordering
of the hash keys. No code ever uses this and the ordering is
mangled whenever a variable is removed from the hash, because
the last element in the list is copied into the middle of the
list when shrinking the array.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-04-25 15:44:09 +01:00