Commit Graph

5332 Commits

Author SHA1 Message Date
Laine Stump
51781b82f7 qemu: fix typo in name - should be VHOST_NET, not VNET_HOST
NB: the enum that uses the string vnet-host (now changed to vhost-net)
is used in XML, but fortunately that hasn't been in an official
release yet, so it can still be fixed.
2011-05-24 10:45:55 -04:00
Daniel P. Berrange
58765b58a3 Fix QEMU -vnc arg generation with raw IPv6 addresses
Since -vnc uses ':' to separate the address from the port, raw
IPv6 addresses need to be escaped like [addr]:port

* src/qemu/qemu_command.c: Escape raw IPv6 addresses with []
* tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc.args,
  tests/qemuxml2argvdata/qemuxml2argv-graphics-vnc.xml: Tweak
  to test Ipv6 escaping
* docs/schemas/domain.rng: Allow Ipv6 addresses, or hostnames
  in <graphics> listen attributes
2011-05-24 10:33:53 -04:00
Daniel P. Berrange
65e1acad80 Fix peer2peer migration with transient VMs
The qemuMigrationConfirm method shouldn't deal with final VM
cleanup, since it can be called from the peer2peer migration,
which expects to still use the 'vm' object afterwards.

Push the cleanup code out of qemuMigrationConfirm, into its
caller, qemuDomainMigrateConfirm3

* src/qemu/qemu_driver.c: Add VM cleanup code to
  qemuDomainMigrateConfirm3
* src/qemu/qemu_migration.c, src/qemu/qemu_migration.h: Remove
  job handling cleanup from qemuMigrationConfirm
2011-05-24 05:41:23 -04:00
Daniel P. Berrange
f88af9dc16 Perform feature flag compat checking in QEMU migration cookies
To allow new mandatory migration cookie data to be introduced,
add support for checking supported feature flags when parsing
migration cookie.

* src/qemu/qemu_migration.c: Feature flag checking in migration
  cookie parsing
2011-05-24 05:40:50 -04:00
Jiri Denemark
5e09aea7b0 Replace all remaining setgid/setuid calls with virSetUIDGID
Two additional places need initgroups call to properly work in an
environment where the UID is allowed to open/create stuff through its
supplementary groups.
2011-05-24 12:09:53 +03:00
Jiri Denemark
4dd9c16161 util: Keep errno set to the root error after when returning from virSetUIDGID 2011-05-24 12:09:53 +03:00
Michal Privoznik
5f88d198bd storage: Add comment to picking return value of qemu-img
Commit d7b2679253 introduced
a return value picking of qemu-img on '-h', but without any comment.
2011-05-24 08:54:37 +02:00
Alon Levy
bb1c5423b9 spice: support streaming-video parameter
This adds a streaming-video=filter|all|off attribute. It is used to change
the behavior of video stream detection in spice, the default is filter (the
default for libvirt is not to specify it - the actual default is defined in
libspice-server.so).

Usage:

    <graphics type='spice' autoport='yes'>
      <streaming mode='off'/>
    </graphics>

Tested with the above and with tests/qemuxml2argvtest.

Signed-off-by: Alon Levy <alevy@redhat.com>
2011-05-23 20:53:59 -06:00
Stefan Berger
fcb0e8c227 nwfilter: enable filtering of gratuitous ARP packets
This patch enables filtering of gratuitous ARP packets using the following XML:

<rule action='accept' direction='in' priority='425'>
<arp gratuitous='true'/>
</rule>
2011-05-23 19:41:18 -04:00
Laine Stump
17266c5c68 qemu: don't require is_kvm for vhost-net support
This was discussed in:

  https://www.redhat.com/archives/libvir-list/2011-May/msg01370.html

The capabilities code only sets the flag to allow use of vhost-net if
kvm is detected (set if the help string contains "(qemu-kvm-" or
"(kvm-"), but actually vhost-net is available in some qemu builds that
don't have kvm in their name, so just checking for ",vhost=" is enough.
2011-05-23 15:59:31 -04:00
Doug Goldstein
a67407fa36 Use per-user TLS certificates when possible
When using TLS authentication and operating as the non-root user,
initially attempt to use that specific user's TLS certificates before
attempting to use the system wide TLS certificates.

Signed-off-by: Doug Goldstein <cardoe@cardoe.com>
2011-05-23 13:18:14 -06:00
Michal Privoznik
d7b2679253 storage: pick return value of qemu-img
qemu-img returns non-zero status on -h. Therefore we need to
provide virCommandRun() a non-NULL exit status pointer.
2011-05-23 13:47:06 +02:00
Matthias Bolte
f0a5be514d remote generator: Add special case for virConnectGetType 2011-05-20 18:12:50 +02:00
Richard W.M. Jones
bb12a63909 qemudDomainMemoryPeek: change ownership/selinux label on temporary file.
Otherwise qemu is unable to write to it, with the error:

libvir: QEMU error : internal error unable to execute QEMU command 'memsave': Could not open '/var/cache/libvirt/qemu/qemu.mem.RRNvLv'
2011-05-20 16:12:36 +01:00
Daniel P. Berrange
6b937b2430 Don't generate cookies with v2 migration protocol.
The v2 migration protocol had a limit on cookie length that was
too small to be useful for QEMU. Avoid generating cookies with
v2 protocol, so that old libvirtd can still reliably migrate a
guest to new libvirtd uses v2 protocol.

* src/qemu/qemu_driver.c: Avoid migration cookies with v2
  migration
2011-05-19 07:13:07 -04:00
Daniel P. Berrange
03f8832684 Fix QEMU migration cookie crash for guests with no graphics
When generating a cookie for a guest with no data, the
QEMU_MIGRATION_COOKIE_GRAPHICS flag was set even if no
graphics data was added. Avoid setting the flag unless
it was needed, also add a safety check for mig->graphics
being non-NULL

* src/qemu/qemu_migration.c: Avoid cookie crash for guest
  with no graphics
2011-05-19 07:13:00 -04:00
Daniel P. Berrange
2f3c682668 Ensure p2p and direct migration use the new v3 protocol if available
The internal virDomainMigratePeer2Peer and virDomainMigrateDirect
helper methods were not checking whether the target supports the
v3 migration protocol.

* src/libvirt.c: Use v3 migration protocol for p2p/direct
  migration if available.
2011-05-19 07:12:53 -04:00
Daniel P. Berrange
4bfe396e14 Blank out the 'listenAddr' parameter if empty string
Some bogus apps are generating a VNC/SPICE/RFB listen attribute
with no content. This then causes a failure with the graphics
migration cookie parsing. Blank out the 'listenAddr' parameter
after parsing domain XML if it is the empty string, so the host
default takes over

* src/qemu/qemu_migration.c: Blank out listenAddr parameter
  if empty
2011-05-19 07:12:45 -04:00
Eric Blake
8fcbc0c63c remote: remove special case for getting version
The on-the-wire protocol is identical; XDR guarantees that
both 'hyper' and 'unsigned hyper' are transmitted as 8 bytes.

* src/remote/remote_protocol.x (remote_get_version_ret)
(remote_get_lib_version_ret): Match public API.
* daemon/remote_generator.pl: Drop special case.
* src/remote_protocol-structs: Reflect updated type.
2011-05-18 15:25:03 -06:00
Eric Blake
7647422a8c build: silence clang false positive
Clang couldn't quite see that the same condition of
(flags & VIR_DOMAIN_MEM_CONFIG) is used twice, such that
the second block is guaranteed that def was assigned in
the first block.

* src/libxl/libxl_driver.c (libxlDomainSetMemoryFlags): Add a hint
for clang.
2011-05-18 12:47:46 -06:00
Matthias Bolte
4d2a189646 Improve invalid argument checks for the public API 2011-05-18 18:20:47 +02:00
Matthias Bolte
191e1ec65c Clarify that virDomainGet(Memory|Blkio)Parameters doesn't support subsets
Improve invalid argument checks in the size query case. The drivers already
relied on this unchecked behavior.

Relax the implementation of virDomainGet(Memory|Blkio)MemoryParameters
in the drivers and allow to pass more memory than necessary for all
parameters.
2011-05-18 18:20:47 +02:00
Matthias Bolte
8a3b74e770 Clarify that virDomainSet(Memory|Blkio)Parameters can take parameter subsets 2011-05-18 18:20:47 +02:00
Matthias Bolte
d870ec367d Clarify that virDomainSetSchedulerParameters(Flags) can take subsets
Add invalid argument checks for params and nparams to the public API
and remove them from the drivers (e.g. xend).

Add subset handling to libxl and test drivers.
2011-05-18 18:20:47 +02:00
Matthias Bolte
e430c0d0c6 Clarify the semantic of virDomainGetSchedulerParameters arguments
params and nparams are essential and cannot be NULL. Check this in
libvirt.c and remove redundant checks from the drivers (e.g. xend).

Instead of enforcing that nparams must point to exact same value as
returned by virDomainGetSchedulerType relax this to a lower bound
check. This is what some drivers (e.g. xen hypervisor and esx)
already did. Other drivers (e.g. xend) didn't check nparams at all
and assumed that there is enough space in params.

Unify the behavior in all drivers to a lower bound check and update
nparams to the number of valid values in params on success.
2011-05-18 18:20:47 +02:00
Matthias Bolte
7b2f20b10b Clarify semantic of nparams argument of virDomainGetSchedulerType
Some drivers assumed it can be NULL (e.g. qemu and lxc) and check it
before assigning to it, other drivers assumed it must be non-NULL
(e.g. test and esx) and just assigned to it.

Unify this to nparams being optional and document it.
2011-05-18 18:20:47 +02:00
Cole Robinson
ed97be6176 Fix messages using VIR_ERR_XML_ERROR
This error code has existed since the dawn of time, yet the messages it
generates are almost universally busted. Here's a small sampling:

src/conf/domain_conf.c:4889 : XML description for missing root element is not well formed or invalid
src/conf/domain_conf.c:4951 : XML description for unknown device type is not well formed or invalid
src/conf/domain_conf.c:5460 : XML description for maximum vcpus must be an integer is not well formed or invalid
src/conf/domain_conf.c:5468 : XML description for invalid maxvcpus %(count)lu is not well formed or invalid

Fix up the error code to instead be

XML error: <msg>

Adjust the few locations that were using the original correctly (or shouldn't
have been using the error code at all).

v2:
    Fix wording of error code without a passed argument
2011-05-18 11:18:09 -04:00
Dirk Herrendorefer
5252a06d65 Add support for 'passthru' mode for direct network interfaces
starting with kernel 2.6.38 macvtap supports a 'passthru' mode for
attaching virtual functions of a SRIOV capable network card directly to a VM.
This patch adds the capability to configure such a device.

Signed-off-by: Dirk Herrendoerfer <d.herrendoerfer@herrendoerfer.name>
2011-05-18 08:15:08 -06:00
Michal Privoznik
45b28f7c4f qemu: fix typo in spice migration code
This typo caused XPath returning improper value and thus not
working spice after migration.
2011-05-18 11:57:07 +02:00
Hu Tao
bb9f1bbf4a remote: introduce remoteSetSchedulerParametersFlags
support for virDomainSetSchedulerParametersFlags of remote driver.
2011-05-17 10:38:30 -06:00
Hu Tao
a9189e2c41 qemu: introduce qemuSetSchedulerParametersFlags
Support for virDomainSetSchedulerParametersFlags of qemu driver.
2011-05-17 10:17:53 -06:00
Hu Tao
d4b8a35755 introduce virDomainSetSchedulerParametersFlags
This new function allows aditional flags to be passed into from
the virsh command line.
2011-05-17 09:37:46 -06:00
Eric Blake
d4982b86d2 build: drop unused <sys/syslimits.h> header
<sys/syslimits.h> is not standardized, so portable programs should
not need to rely on it.  If there really is something that we need
where <sys/syslimits.h> provided the limit but <limits.h> did not,
then that would be a candidate for fixing in gnulib.  But this patch
did not turn up any compilation failures on Linux.

* src/internal.h (includes): Drop unused header.
* daemon/libvirtd.h (includes): Likewise.
* configure.ac (AC_CHECK_HEADERS): Likewise.
Based on a report by Matthias Bolte.
2011-05-17 09:34:11 -06:00
Daniel P. Berrange
00e74007cb Fix prototype of virRun for Win32 targets
* src/util/util.c: Fix virRun prototype
2011-05-17 16:23:22 +01:00
Eric Blake
b3918fabda build: tolerate unlimited group size
POSIX allows sysconf(_SC_GETPW_R_SIZE_MAX) to return -1 if there
is no fixed limit, and requires ERANGE errors to track real size.
Model our behavior after the example in POSIX itself:
http://pubs.opengroup.org/onlinepubs/9699919799/functions/getpwuid_r.html

Also, on error for get*_r functions, errno is undefined, and the
real error was the return value.

* src/util/util.c (virGetUserEnt, virGetUserID, virGetGroupID)
(virSetUIDGID):  Cope with sysconf failure or too small buffer.
Reported by Matthias Bolte.
2011-05-17 09:17:46 -06:00
Eric Blake
00fa155578 openvz: fix logic bug in previous patch
We want to free names on failure, not on success.

* src/openvz/openvz_driver.c (openvzListDefinedDomains): Use
correct condition.
2011-05-17 09:12:16 -06:00
Cole Robinson
1ccc16c603 storage_backend: Convert virRunWithHook usage to virCommand
virRunWithHook is now unused, so we can drop it. Tested w/ raw + qcow2
volume creation and copying.

v2:
    Use opaque data to skip hook second time around
    Simply command building

v3:
    Drop explicit FindFileInPath
2011-05-17 10:16:38 -04:00
Cole Robinson
51622f21a2 storage_backend: Fix error reporting with regex helper
Some clients overwrite the error from the regex helper, or do half-baked
error reporting with the exitstatus.
2011-05-17 10:16:38 -04:00
Cole Robinson
be1965be66 storage: Covert regex helpers to virCommand
v2:
    Simplify command creation
    Add a missing virCommandFree
    Use virCommand auto-cleanup for async process
2011-05-17 10:16:38 -04:00
Cole Robinson
0c0ed675de openvz: Convert virExec usage to virCommand
v2:
    Use virCommand's autocleanup

v3:
    Don't free 'names' on success
2011-05-17 10:16:38 -04:00
Cole Robinson
1fcafb02e2 storage: iscsi: Convert virExec to virCommand
v2:
    Use virCommand auto-cleanup
2011-05-17 10:11:09 -04:00
Matthias Bolte
5b77f1d5dc Fix error reporting in stream creation code
virStreamNew needs to dispatch the error that virGetStream reports
on failure.

remoteCreateClientStream can fail due to virStreamNew or due to
VIR_ALLOC. Report OOM error for VIR_ALLOC failure to report errors
in all error cases.

Remove OOM error reporting from remoteCreateClientStream callers.
2011-05-17 14:54:54 +02:00
Matthias Bolte
55cb8f5baa remote generator, client: Add more special case handling
For virDomainDestroy and virDrvSupportsFeature.
2011-05-17 14:52:23 +02:00
Matthias Bolte
0882f7a200 remote generator, client: Handle functions that return an optional string 2011-05-17 14:48:08 +02:00
Matthias Bolte
483ed20ae6 esx: Simplify some esxVI_Boolean to bool 2011-05-17 13:20:49 +02:00
Matthias Bolte
93f31b073d esx: Convert autoAnswer from esxVI_Boolean to a simple bool
Just true/false is good enough for it. Also use it directly from the
parsed URI instead of caching it in esxPrivate.
2011-05-17 13:16:48 +02:00
Matthias Bolte
6bf31327c6 esx: Fix race condition in esxVI_EnsureSession
When the session has expired then multiple threads can race while
reestablishing it.

This race condition is not that critical as it requires a special usage
pattern to be triggered. It can only happen when an application doesn't
do API calls for quite some time (the session expires after 30 min
inactivity) and then multiple threads doing simultaneous API calls and
end up doing simultaneous calls to esxVI_EnsureSession.
2011-05-17 13:11:32 +02:00
Jiri Denemark
c256542e76 virsh: Correctly initialize libvirt
virsh didn't call virInitialize(), which (among other things)
initializes virLastErr thread local variable. As a result of that, virsh
could just segfault in virEventRegisterDefaultImpl() since that is the
first call that touches (resets) virLastErr.

I have no idea what lucky coincidence made this bug visible but I was
able to reproduce it in 100% cases but only in one specific environment
which included building in sandbox.
2011-05-17 12:37:30 +02:00
Matthias Bolte
a39376016a esx: Whitespace cleanup in the generator
Break long lines and change spacing of keyword arguments to match
Python style standards better.

No functional change included.
2011-05-17 09:44:37 +02:00
Matthias Bolte
a6946ea66e esx: Change some alignments in the input file
No functional change included.
2011-05-16 20:22:50 +02:00
Matthias Bolte
1f6fc82bf3 esx: Change generated method parameter autobinding
Instead of specifying the type of the managed object directly specify
the ServiceContent member name. This way the mapping dictionary can be
removed.
2011-05-16 20:21:10 +02:00
Eric Blake
1d8bcb45ca maint: mark more perl scripts executable
* src/remote/rpcgen_fix.pl: Add executable bit.
* tests/oomtrace.pl: Likewise.
2011-05-16 10:12:21 -06:00
Daniel P. Berrange
6e7c56f8c9 Add missing initialization to 'ret' in qemu migration
* src/qemu/qemu_migration.c: Add missing 'ret' initializer
  in qemuMigrationCookieXMLParseStr
2011-05-16 16:11:10 +01:00
Daniel P. Berrange
91e5c3dc7c Disable virCommandExec on Win32
Mingw execve() has a broken signature. Disable this
function until gnulib fixes the signature, since we
don't really need this on Win32 anyway.

* src/util/command.c: Disable virCommandExec on Win32
2011-05-16 15:20:48 +01:00
Daniel P. Berrange
7bf733584a Improve error message when XDR marshalling fails
When failing to marshall an XDR message, include the
full program/version/status/proc/type info, to allow
easier debugging & diagnosis of the problem.

* src/remote/remote_driver.c: Improve error when marshalling
  fails
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
1d916a60a7 Run tunnelled migration IO in separate thread
By running the doTunnelSendAll code in a separate thread, the
main thread can do qemuMigrationWaitForCompletion as with
normal migration. This in turn ensures that job signals work
correctly and that progress monitoring can be done

* src/qemu/qemu_migration.c: Run tunnelled migration in
  separate thread
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
5a6ca96a01 Don't overwrite error when stream send fails
virStreamSend already sets an error message, so don't
overwrite it

* src/qemu/qemu_migration.c: Remove bogus error report
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
2bf92bb829 Close all sockets before cancelling QEMU migration
Cancelling the QEMU migration may cause QEMU to flush pending
data on the migration socket. This may in turn block QEMU if
nothing reads from the other end of the socket. Closing the
socket before cancelling QEMU migration avoids this possible
deadlock.

* src/qemu/qemu_migration.c: Close sockets before cancelling
  migration on failure
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
74f332468d Ensure we always read a full buffer in tunnelled migration
The 'nbytes' variable was not re-initialized to the
buffer size on each iteration of the tunnelled migration
loop. While saferead() will ensure a full read, except
on EOF, it is clearer to use the real buffer size

* src/qemu/qemu_migration.c: Always read full buffer of data
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
dba5a60462 Make tunnelled migration honour resource restriction
The doTunnelMigrate method forgot to set the bandwidth
resource restriction

* src/qemu/qemu_migration.c: Set resource restriction
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
792a5a6159 Refactor migration completion loop to allow code reuse
The qemuMigrationWaitForCompletion method contains a loop which
repeatedly queries QEMU to check migration progress, and also
processes job signals (pause, setspeed, setbandwidth, cancel).

The tunnelled migration loop does not currently support this
functionality, but should. Refactor the code to allow it to
be used with tunnelled migration.
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
2d5caf7a25 Implement migration v3 protocol in QEMU driver
Implement the v3 migration protocol, which has two extra
steps, 'begin' on the source host and 'confirm' on the
source host. All other methods also gain both input and
output cookies to allow bi-directional data passing at
all stages.

The QEMU peer2peer migration method gains another impl
to provide the v3 migration. This finally allows migration
cookies to work with tunnelled migration, which is required
for Spice seamless migration & the lock manager transfer

* src/qemu/qemu_driver.c: Wire up migrate v3 APIs
* src/qemu/qemu_migration.c, src/qemu/qemu_migration.h: Add
  begin & confirm methods, and peer2peer impl of v3
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
636ee9267f Merge tunnel & non-tunnel migration impl into one
Merge the doNonTunnelMigrate2 and doTunnelMigrate2 methods
into one doPeer2PeerMigrate2 method, since they are substantially
the same. With the introduction of v3 migration, this will be
even more important, to avoid massive code duplication.

* src/qemu/qemu_migration.c: Merge tunnel & non-tunnel migration
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
6b0fa703a8 Fix VM teardown if prepare returns invalid URI in v2 migration
The v2 migration protocol was accidentally missing out the
finish step, when prepare succeeded, but returned an invalid
URI

* src/libvirt.c: Teardown VM if prepare returns invalid URI
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
13cb49f847 Refactor tunnelled migration methods
To facilitate the introduction of the v3 migration protocol,
the doTunnelMigrate method is refactored into two pieces. One
piece is intended to mirror the flow of virDomainMigrateVersion2,
while the other is the helper for setting up sockets and processing
the data.

Previously socket setup would be done before the 'prepare' step,
so errors could be dealt with immediately, avoiding need to shut
off the destination QEMU. In the new split, socket setup is done
after the 'prepare' step. This is not a serious problem, since
the control flow already requires calling 'finish' to tear down
the destination QEMU upon several errors.

* src/qemu/qemu_migration.c:
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
cc53b4c444 Wire up SPICE client relocation with QEMU migration
Use the graphics information from the QEMU migration cookie to
issue a 'client_migrate_info' monitor command to QEMU. This causes
the SPICE client to automatically reconnect to the target host
when migration completes

* src/qemu/qemu_migration.c: Set data for SPICE client relocation
  before starting migration on src
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
  src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Add
  new qemuMonitorGraphicsRelocate() command
2011-05-16 15:18:22 +01:00
Daniel P. Berrange
72de0d2819 Pass graphics setup from dst back to src via migration cookies
Extend the QEMU migration cookie structure to allow information
about the destination host graphics setup to be passed by to
the source host. This will enable seamless migration of any
connected graphics clients

* src/qemu/qemu_migration.c: Add graphics info to migration
  cookies
* daemon/libvirtd.c: Always initialize gnutls to enable
  x509 cert parsing in QEMU
2011-05-16 15:18:21 +01:00
Daniel P. Berrange
8654175c5b Introduce migration cookies to QEMU driver
The migration protocol has support for a 'cookie' parameter which
is an opaque array of bytes as far as libvirt is concerned. Drivers
may use this for passing around arbitrary extra data they might
need during migration. The QEMU driver needs to do a few things:

 - Pass hostname/uuid to allow strict protection against localhost
   migration attempts
 - Pass SPICE/VNC server port from the target back to the source to
   allow seamless relocation of client sessions
 - Pass lock driver state from source to destination

This patch introduces the basic glue for handling cookies
but only includes the host/guest UUID & name.

* src/libvirt_private.syms: Export virXMLParseStrHelper
* src/qemu/qemu_migration.c, src/qemu/qemu_migration.h: Parsing
  and formatting of migration cookies
* src/qemu/qemu_driver.c: Pass in cookie parameters where possible
* src/remote/remote_protocol.h, src/remote/remote_protocol.x: Change
  cookie max length to 16384 bytes
2011-05-16 15:18:20 +01:00
Daniel P. Berrange
9ab245585b Fix locking with qemuMigrationPrepareTunnel method
The qemuMigrationPrepareTunnel method should not unlock the
qemu driver, since that is the caller's job.

* src/qemu/qemu_migration.c: Fix qemuMigrationPrepareTunnel
  unlocking of QEMU driver
2011-05-16 15:17:15 +01:00
Daniel P. Berrange
d59e14a1a2 Remote driver implementation of new migration API
* src/remote/remote_protocol.x: Define wire protocol for migration
  protocol v3
* daemon/remote.c: Server side dispatch
* src/remote/remote_driver.c: Client side serialization
* src/remote/remote_protocol.c, src/remote/remote_protocol.h,
  daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
  daemon/remote_dispatch_ret.h, daemon/remote_dispatch_table.h:
  Re-generate files
* src/remote_protocol-structs: Declare new ABIs
2011-05-16 15:09:25 +01:00
Daniel P. Berrange
65043d2dff Introduce yet another migration version in API.
Migration just seems to go from bad to worse. We already had to
introduce a second migration protocol when adding the QEMU driver,
since the one from Xen was insufficiently flexible to cope with
passing the data the QEMU driver required.

It turns out that this protocol still has some flaws that we
need to address. The current sequence is

 *  Src: DumpXML
          - Generate XML to pass to dst

 *  Dst: Prepare
          - Get ready to accept incoming VM
          - Generate optional cookie to pass to src

 *  Src: Perform
          - Start migration and wait for send completion
          - Kill off VM if successful, resume if failed

 *  Dst: Finish
          - Wait for recv completion and check status
          - Kill off VM if unsuccessful

The problems with this are:

 - Since the first step is a generic 'DumpXML' call, we can't
   add in other migration specific data. eg, we can't include
   any VM lease data from lock manager plugins
 - Since the first step is a generic 'DumpXML' call, we can't
   emit any 'migration begin' event on the source, or have
   any hook that runs right at the start of the process
 - Since there is no final step on the source, if the Finish
   method fails to receive all migration data & has to kill
   the VM, then there's no way to resume the original VM
   on the source

This patch attempts to introduce a version 3 that uses the
improved 5 step sequence

 *  Src: Begin
          - Generate XML to pass to dst
          - Generate optional cookie to pass to dst

 *  Dst: Prepare
          - Get ready to accept incoming VM
          - Generate optional cookie to pass to src

 *  Src: Perform
          - Start migration and wait for send completion
          - Generate optional cookie to pass to dst

 *  Dst: Finish
          - Wait for recv completion and check status
          - Kill off VM if failed, resume if success
          - Generate optional cookie to pass to src

 *  Src: Confirm
          - Kill off VM if success, resume if failed

The API is designed to allow both input and output cookies
in all methods where applicable. This lets us pass around
arbitrary extra driver specific data between src & dst during
migration. Combined with the extra 'Begin' method this lets
us pass lease information from source to dst at the start of
migration

Moving the killing of the source VM out of Perform and
into Confirm, means we can now recover if the dst host
can't successfully Finish receiving migration data.
2011-05-16 15:09:19 +01:00
Daniel P. Berrange
9b1ae97fdc Add many version number annotations to drivers
Add many version number annotations to the internal driver
tables, to allow hvsupport.html to display more accurate
information
2011-05-16 14:20:48 +01:00
Daniel P. Berrange
879d409e9e Convert all driver struct intializers to C99 style
Change all the driver struct initializers to use the
C99 style, leaving out unused fields. This will make
it possible to add new APIs without changing every
driver. eg change:

    qemudDomainResume, /* domainResume */
    qemudDomainShutdown, /* domainShutdown */
    NULL, /* domainReboot */
    qemudDomainDestroy, /* domainDestroy */

to

    .domainResume = qemudDomainResume,
    .domainShutdown = qemudDomainShutdown,
    .domainDestroy = qemudDomainDestroy,

And get rid of any existing C99 style initializersr which
set NULL, eg change

     .listPools          = vboxStorageListPools,
     .numOfDefinedPools  = NULL,
     .listDefinedPools   = NULL,
     .findPoolSources    = NULL,
     .poolLookupByName   = vboxStoragePoolLookupByName,

to

     .listPools          = vboxStorageListPools,
     .poolLookupByName   = vboxStoragePoolLookupByName,
2011-05-16 14:20:43 +01:00
Daniel P. Berrange
360df0199e Tweak driver naming for consistency with public API
Fix some driver names:

  s/virDrvCPUCompare/virDrvCompareCPU/
  s/virDrvCPUBaseline/virDrvBaselineCPU/
  s/virDrvQemuDomainMonitorCommand/virDrvDomainQemuMonitorCommand/
  s/virDrvSecretNumOfSecrets/virDrvNumOfSecrets/
  s/virDrvSecretListSecrets/virDrvListSecrets/

And some driver struct field names:

  s/getFreeMemory/nodeGetFreeMemory/
2011-05-16 14:20:35 +01:00
Jiri Denemark
9f1319618a qemu: Update domain state when reconnecting monitor
A qemu domain can get paused when libvirtd is stopped (e.g., because of
I/O error) so we should check its current state when reconnecting to it.
2011-05-16 13:36:08 +02:00
Jiri Denemark
b046c55d40 Implement domain state reason
Only in drivers which use virDomainObj, drivers that query hypervisor
for domain status need to be updated separately in case their hypervisor
supports this functionality.

The reason is also saved into domain state XML so if a domain is not
running (i.e., no state XML exists) the reason will be lost by libvirtd
restart. I think this is an acceptable limitation.
2011-05-16 13:36:08 +02:00
Jiri Denemark
26d94012f6 Implement basic virDomainGetState in all drivers
Reason is currently always set to 0 (i.e., *_UNKNOWN).
2011-05-16 11:33:53 +02:00
Jiri Denemark
9f181ebc14 Wire protocol format and remote driver for virDomainGetState 2011-05-16 10:04:19 +02:00
Jiri Denemark
46b95e6428 virDomainGetState public API implementation 2011-05-16 10:04:18 +02:00
Jiri Denemark
6feb1341e5 Internal driver API for virDomainGetState 2011-05-16 10:04:18 +02:00
Jiri Denemark
d65a924b34 virDomainGetState public API
This API is supposed to replace virDomainGetInfo when the only purpose
of calling it is getting current domain status.
2011-05-16 10:04:18 +02:00
Eric Blake
0f9e52da82 phyp: avoid a crash
This has been present since the introduction of phypAttachDevice
in commit 444fd07a.

* src/phyp/phyp_driver.c (phypAttachDevice): Don't dereference
NULL.
2011-05-14 09:24:27 -06:00
Eric Blake
34b999be42 stream: avoid use-after-free
virFDStreamClose used a mutex after it was freed, and failed
to destroy that mutex on its last use.

* src/fdstream.c (virFDStreamFree): Inline into sole caller...
(virFDStreamClose): ...to avoid use-after-free and leak.
Reported by Matthias Bolte.
2011-05-14 09:02:33 -06:00
Matthias Bolte
fbe3ab1a27 esx: Refactor common code in the generator
Move common code from Property and Parameter into new Member class.

Rename the other base class to Type.
2011-05-14 12:15:15 +02:00
Matthias Bolte
efd9265991 esx: Improve dynamic cast detection in the generator
Detect it based on usage as parameter, return type and member of other
object types.
2011-05-14 12:10:38 +02:00
Matthias Bolte
35cdab71e4 esx: Improve list usage detection in the generator
Detect it based on usage as parameter and return type too.
2011-05-14 12:00:46 +02:00
Matthias Bolte
59f1f5f151 esx: Remove 1000 lines of generated but unused code
Don't make all object and enum types (de)serializable by default.
Detect this from the input file instead.
2011-05-14 11:51:21 +02:00
Matthias Bolte
6c1d30a7f5 esx: Generate implicit _this macros
Several vSphere API methods are called on global objects like the
FileManager, the PerformanceManager or the SearchIndex. The generator
input file allows to mark such methods and the generator generates
such method in a way that automatically handles marked parameter. This
is done by some special macros. Those were manually written and this
patch moves them to the generator.
2011-05-14 11:45:08 +02:00
Matthias Bolte
0b85d10483 esx: Move the Event type from the VI generator to manually written code
Accept all types on deserialization in order to accept all Event subtypes.

This will be used for the upcoming domain event support.
2011-05-14 11:01:43 +02:00
Matthias Bolte
fe99c6b3c6 command: Fix compilation on FreeBSD
kill, SIGTERM and SIGKILL require additional header.
2011-05-14 07:00:27 +02:00
Matthias Bolte
0ec289a469 apparmor: Fix compilation by removing remains from virCommand conversion
Commit aaf20355b8 was incomplete here and
missed to remove some parts.
2011-05-14 06:51:32 +02:00
Cole Robinson
028c30885e remote: Convert SSH tunnel to virCommand 2011-05-13 15:48:16 -04:00
Cole Robinson
b3ecd78064 storage: Convert qemu-img -help parsing to virCommand 2011-05-13 14:19:08 -04:00
Cole Robinson
aaf20355b8 apparmor: Convert virExec usage to virCommand
Untested
2011-05-13 14:19:08 -04:00
Cole Robinson
8d0188fb45 util: Combine __virExec and virExecWithHook
All callers were expecting argv logging, so the split is unneeded.

v2:
    Reindent new virExecWithHook call
2011-05-13 14:19:08 -04:00
Cole Robinson
0f5599cd2a remote_driver: Convert virExecDaemonize usage to virCommand
And drop the now unused virExecDaemonize
2011-05-13 14:19:08 -04:00
Eric Blake
1c9c494fc1 remote: keep 'make check' happy
* src/remote_protocol-structs (remote_domain_screenshot_args): Use
spelling preferred by dwarves.
2011-05-13 11:31:06 -06:00
Eric Blake
a9bb4f65ec libxl: fix typos in previous patch
* src/libxl/libxl_driver.c (libxlDomainEventFlush, libxlShutdown)
(libxlStartup): Fix typos.
2011-05-13 11:31:05 -06:00
Cole Robinson
4e6e66728f remote: Use virDomainEventState helpers
One functionality change here is that we no longer force enable the event
timeout for every queued event, only enable it for the first event after
the queue has been flushed. This is how other drivers have already done it,
and I haven't encountered problems in practice.

v3:
    Adjust for new virDomainEventStateNew argument
2011-05-13 11:00:10 -04:00
Cole Robinson
7405aebe01 libxl: Convert to virDomainEventState 2011-05-13 10:48:32 -04:00
Cole Robinson
4d7297f87e test: Use virDomainEventState helpers
v3:
    Adjust for new virDomainEventStateNew argument
2011-05-13 10:48:32 -04:00
Cole Robinson
1ded8942c7 lxc: Use virDomainEventState helpers
v3:
    Adjust for new virDomainEventStateNew argument
2011-05-13 10:48:32 -04:00
Cole Robinson
42a3687f29 qemu: Use virDomainEventState helpers
v2:
    Drop libvirt_private.syms changes

v3:
    Adjust for new virDomainEventStateNew argument
2011-05-13 10:48:32 -04:00
Cole Robinson
227d67ca00 domain_event: Add common domain event queue/flush helpers
The same code for queueing, flushing, and deregistering events exists
in multiple drivers, which will soon use these common functions.

v2:
    Adjust libvirt_private.syms
    isDispatching bool fixes
    NONNULL tagging

v3:
    Add requireTimer parameter to virDomainEventStateNew
2011-05-13 10:48:32 -04:00
Cole Robinson
aaf2b70bae domain_event: Add virDomainEventState structure
This structure will be used to unify lots of duplicated event handling code
across the state drivers.

v2:
    Check for state == NULL in StateFree
    Add NONNULL tagging
    Use bool for isDispatching

Signed-off-by: Cole Robinson <crobinso@redhat.com>
2011-05-13 10:48:32 -04:00
Cole Robinson
b9e51e5677 xml: Use virXMLParse* helpers everywhere
virt-aa-helper isn't even compile tested since I don't have the setup for
it.

v2:
    virt-aa-helper fixes from Eric
2011-05-13 10:32:53 -04:00
Cole Robinson
34639a3f6b domain: Require <init> for container guests
Use capabilities to allow a driver to register a default <init> if none
is specified in the XML. Openvz was already open-coding this to be /sbin/init

LXC currently falls over if no init is specified, so an explicit error is
an improvement IMO.

(Side note: I don't think we can set a default value for LXC. If we use
/sbin/init but the user doesn't specify a separate root FS for their guest,
the container will rerun the host's init which can be traumatic :). For
virt-install I'm thinking of defaulting to /sbin/init if a root FS has
been specified, otherwise require the user to manually specify <init>)
2011-05-13 10:32:53 -04:00
Cole Robinson
0571c3afde xml: Make sure virXpathNodeSet always sets an error
And update callers to actually respect the error
2011-05-13 10:32:52 -04:00
Michal Privoznik
11d5488791 vbox: Implement the driver methods
* src/vbox/vbox_tmpl.c: New vboxDomainScreenshot() function
2011-05-13 12:46:25 +02:00
Michal Privoznik
9936aecfd1 qemu: Implement the driver methods
* src/qemu/qemu_driver.c: new qemuDomainScreenshot() function
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
  src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
  src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h:
  Monitor command
2011-05-13 12:45:42 +02:00
Michal Privoznik
6a1f5f568f virFDStream: Add option for delete file after it's opening
This is needed if we want to transfer a temporary file. If the
transfer is done with iohelper, we might run into a race condition,
where we unlink() file before iohelper is executed.

* src/fdstream.c, src/fdstream.h,
  src/util/iohelper.c: Add new option
* src/lxc/lxc_driver.c, src/qemu/qemu_driver.c,
  src/storage/storage_driver.c, src/uml/uml_driver.c,
  src/xen/xen_driver.c: Expand existing function calls
2011-05-13 12:44:49 +02:00
Michal Privoznik
2c6efac985 screenshot: Implementing the remote protocol
* src/remote/remote_protocol.x: Wire protocol definition
* daemon/remote.c: Daemon part
* src/remote/remote_driver.c: Client part
* src/remote_protocol-structs: Add structures
2011-05-13 12:44:23 +02:00
Michal Privoznik
1f9f12140f screenshot: Implementing the public API
* src/libvirt.c: new function virDomainScreenshot
2011-05-13 12:43:49 +02:00
Michal Privoznik
3c38664339 screenshot: Defining the internal API
* src/driver.h: Stub code for new API
* src/esx/esx_driver.c, src/libxl/libxl_driver.c,
  src/lxc/lxc_driver.c, src/openvz/openvz_driver.c,
  src/phyp/phyp_driver.c, src/qemu/qemu_driver.c,
  rc/remote/remote_driver.c, rc/test/test_driver.c,
  src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
  src/vmware/vmware_driver.c, src/xen/xen_driver.c,
  src/xen/xen_driver.h, src/xen/xen_hypervisor.c,
  src/xen/xen_inotify.c, src/xen/xend_internal.c,
  src/xen/xm_internal.c, src/xen/xs_internal.c,
  src/xenapi/xenapi_driver.c: Add dummy entries in driver
  table for new APIs
2011-05-13 12:35:58 +02:00
Michal Privoznik
6a1fcd9f20 screenshot: Defining the public API
Add public API for taking screenshots of current domain console.

* include/libvirt/libvirt.h.in: add virDomainScreenshot
* src/libvirt_public.syms: Export new symbol
2011-05-13 12:35:45 +02:00
Matthias Bolte
2a5251e2c4 remote generator: Add skipgen/autogen flags to .x files
Make procedure parsing more robust, by allowing arbitrary
amounts of whitespaces.

Also make some error messages more verbose.
2011-05-12 08:44:07 +02:00
Eric Blake
88d03d4ff1 nwfilter: drop unused flag argument
The public API and RPC over-the-wire format have no flags argument,
so neither should the internal callback API.  This simplifies the
RPC generator.

* src/driver.h (virDrvNWFilterDefineXML): Drop argument that does
not match public API.
* src/nwfilter/nwfilter_driver.c (nwfilterDefine): Likewise.
* src/libvirt.c (virNWFilterDefineXML): Likewise.
* daemon/remote_generator.pl: Drop special case.
2011-05-11 19:26:59 -06:00
Eric Blake
cb84580a25 maint: omit translation for all VIR_INFO
We were 31/73 on whether to translate; since less than 50% translated
and since VIR_INFO is less than VIR_WARN which also doesn't translate,
this makes sense.

* cfg.mk (sc_prohibit_gettext_markup): Add VIR_INFO, since it
falls between WARN and DEBUG.
* daemon/libvirtd.c (qemudDispatchSignalEvent, remoteCheckAccess)
(qemudDispatchServer): Adjust offenders.
* daemon/remote.c (remoteDispatchAuthPolkit): Likewise.
* src/network/bridge_driver.c (networkReloadIptablesRules)
(networkStartNetworkDaemon, networkShutdownNetworkDaemon)
(networkCreate, networkDefine, networkUndefine): Likewise.
* src/qemu/qemu_driver.c (qemudDomainDefine)
(qemudDomainUndefine): Likewise.
* src/storage/storage_driver.c (storagePoolCreate)
(storagePoolDefine, storagePoolUndefine, storagePoolStart)
(storagePoolDestroy, storagePoolDelete, storageVolumeCreateXML)
(storageVolumeCreateXMLFrom, storageVolumeDelete): Likewise.
* src/util/bridge.c (brProbeVnetHdr): Likewise.
* po/POTFILES.in: Drop src/util/bridge.c.
2011-05-11 15:20:33 -06:00
Eric Blake
5c129f7438 build: wrap macro body in one-shot do-while loop
* src/libvirt.c (VIR_DOMAIN_DEBUG_1): Convert to single statement.
Suggested by Jiri Denemark.
2011-05-11 15:14:05 -06:00
Eric Blake
5bc168ede3 build: drop need for VIR_DOMAIN_DEBUG0()
This one's tricker than the VIR_DEBUG0() removal, but the end
result is still C99 compliant, and reasonable with enough comments.

* src/libvirt.c (VIR_ARG10, VIR_HAS_COMMA)
(VIR_DOMAIN_DEBUG_EXPAND, VIR_DOMAIN_DEBUG_PASTE): New macros.
(VIR_DOMAIN_DEBUG): Rewrite to handle one argument, moving
multi-argument guts to...
(VIR_DOMAIN_DEBUG_1): New macro.
(VIR_DOMAIN_DEBUG0): Rename to VIR_DOMAIN_DEBUG_0.
2011-05-11 15:08:53 -06:00
Eric Blake
bc6bfeaa17 build: avoid gcc preprocessor extensions
Use of ',##__VA_ARGS__' is a gcc extension not guaranteed by
C99; thankfully, we can avoid it by lumping the format argument
into the var-args set.

* src/util/logging.h (VIR_DEBUG_INT, VIR_INFO_INT, VIR_WARN_INT)
(VIR_ERROR_INT, VIR_DEBUG, VIR_INFO, VIR_WARN, VIR_ERROR): Stick
to C99 var-arg macro syntax.
* examples/domain-events/events-c/event-test.c (VIR_DEBUG):
Simplify.
2011-05-11 13:28:50 -06:00
Lai Jiangshan
b65f37a4a1 libvirt,logging: cleanup VIR_XXX0()
These VIR_XXXX0 APIs make us confused, use the non-0-suffix APIs instead.

How do these coversions works? The magic is using the gcc extension of ##.
When __VA_ARGS__ is empty, "##" will swallow the "," in "fmt," to
avoid compile error.

example: origin				after CPP
	high_level_api("%d", a_int)	low_level_api("%d", a_int)
	high_level_api("a  string")	low_level_api("a  string")

About 400 conversions.

8 special conversions:
VIR_XXXX0("") -> VIR_XXXX("msg") (avoid empty format) 2 conversions
VIR_XXXX0(string_literal_with_%) -> VIR_XXXX(%->%%) 0 conversions
VIR_XXXX0(non_string_literal) -> VIR_XXXX("%s", non_string_literal)
  (for security) 6 conversions

Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
2011-05-11 12:41:14 -06:00
Eric Blake
98cd17bd18 node_device: avoid null dereference on error
If we plow on after udev_device_get_syspath fails, we will hit a NULL
dereference.  Clang found one due to strdup later in udevSetParent,
but in fact we hit a NULL dereference sooner because of the use of
STREQ within virNodeDeviceFindBySysfsPath.

* src/conf/node_device_conf.h (virNodeDeviceFindBySysfsPath): Mark
path argument non-null.
* src/node_device/node_device_udev.c (udevSetParent): Avoid null
dereference.
2011-05-11 11:55:16 -06:00
Eric Blake
4c6ae9ae36 build: remove some dead assignments
No syntactic effect; this merely silences some clang warnings.

* src/libxl/libxl_driver.c (libxlDomainSetVcpusFlags): Drop
redundant ret=0 statement.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextDriveDel):
Likewise.
2011-05-11 10:43:13 -06:00
Daniel P. Berrange
cbf9f2f2c0 Allow destroying QEMU VM even if a job is active
Introduce a virProcessKill function that can be safely called
even when the job mutex is held. This allows virDomainDestroy
to kill any VM even if it is asleep in a monitor job. The PID
will die and the thread asleep on the monitor will then wake
up releasing the job mutex.

* src/qemu/qemu_driver.c: Kill process before using qemuProcessStop
  to ensure job is released
* src/qemu/qemu_process.c: Add virProcessKill for killing off
  QEMU processes
2011-05-11 09:35:15 +01:00
Daniel P. Berrange
9f5d3a912d Add support for YAJL version 2 API/ABI
Version 2.0.0 or yajl changed API. It is fairly trivial for us to
cope with both APIs in libvirt, so adapt.

* configure.ac: Probe for yajl2 API
* src/util/json.c: Conditional support for yajl2 API
2011-05-11 09:35:10 +01:00
Paolo Bonzini
761a742a8d libxl: support enabling the HPET
libxl accepts hpet configuration in its domain info struct.  Parse the
domain definition's <clock> element in order to set the value.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

Apologies from Eric Blake, for mistakenly committing the broken
intermediate version.
2011-05-10 16:38:30 -06:00
Paolo Bonzini
0fd3fac537 libxl: support enabling the HPET
libxl accepts hpet configuration in its domain info struct.  Parse the
domain definition's <clock> element in order to set the value.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-05-10 16:28:09 -06:00
Paolo Bonzini
e547e44cb0 xen: parse and generate hpet item in sxpr
Recent versions of Xen disable the virtual HPET by default.  This is
usually more precise because tick policies are not implemented for
the HPET in Xen.  However, there may be several reasons to control
the HPET manually: 1) to test the emulation; 2) because distros may
provide the knob while leaving the default to "enabled" for compatibility
reasons.

This patch provides support for the hpet item in both sexpr and xm
formats, and translates it to a <timer> element.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2011-05-10 16:16:55 -06:00
Doug Goldstein
343c69dbad virsh: flexibility in CA cert and user cert/key
Allow the CA certificate to come from the user's home directory or from
the global location independently of the client certificate/key pair.

Mostly for the case when each user on a system has their own cert/key
pair but the system as a whole shares the same CA.

Signed-off-by: Doug Goldstein <cardoe@gentoo.org>
2011-05-10 14:45:09 -06:00
Matthias Bolte
bfb188dd44 remote generator: Unify unsigned int notation in .x files
Rename u_int and unsigned to unsigned int. This gets rid of some special
case code in the generator.
2011-05-10 20:47:24 +02:00
Matthias Bolte
9817604afc Rename internal DumpXML functions to GetXMLDesc
This matches the public API and helps to get rid of some special
case code in the remote generator.

Rename driver API functions and XDR protocol structs.

No functional change included outside of the remote generator.
2011-05-10 20:32:41 +02:00
Lai Jiangshan
fcf967f2ad qemu,inject-nmi: Implement the driver methods 2011-05-10 11:40:51 -06:00
Lai Jiangshan
b8c776eb63 inject-nmi: Implementing the remote protocol 2011-05-10 11:40:51 -06:00
Lai Jiangshan
9a1b5dc66f inject-nmi: Implementing the public API 2011-05-10 11:40:51 -06:00
Lai Jiangshan
b19bd85e15 inject-nmi: Defining the internal API 2011-05-10 11:40:51 -06:00
Lai Jiangshan
b08ad6cd87 inject-nmi: Defining the public API 2011-05-10 11:40:51 -06:00
Cole Robinson
0ed4aa448e lxc: container: Build init cmd before we close stdout
That way we can log the 'init' argv for debugging.
2011-05-10 13:15:50 -04:00
Cole Robinson
0719c3d64c lxc: container: Convert <init> exec to virCommand 2011-05-10 13:15:50 -04:00
Cole Robinson
f095398a47 command: Add virCommandExec helper
Actually execs the argv/env we've generated, replacing the current process.
Kind of has a limited usage, but allows us to use virCommand in LXC
driver to launch the 'init' process
2011-05-10 13:15:50 -04:00
Cole Robinson
924eb9a4b4 lxc: driver: Improve logging when launching emulator
Log the full command line and a timestamp like we do for QEMU
2011-05-10 13:15:50 -04:00
Cole Robinson
451cfd05a2 lxc: driver: Convert emulator launching to virCommand
v2:
    Shorten a few virCommand calls
    s/remain/retain/
2011-05-10 13:15:50 -04:00
Cole Robinson
35c1b35e25 command: Add virCommandEnvAddFormat
Similar to virCommandArgAddFormat. We will use this shortly.

v2:
    Convert virCommandEnvAddPair to use the new function
2011-05-10 13:15:50 -04:00
Matthias Bolte
fc0ab50abd Fix two uninitialized variable warnings
gcc only reports them when compiling with -O3.
2011-05-10 08:39:56 +02:00
Matthias Bolte
ebea59ad82 apparmor: Fix uninitalized variable warning in virt-aa-helper 2011-05-10 08:03:31 +02:00
Daniel P. Berrange
8b83cc4219 Remove bogus assert() from migration code
assert() is forbidden in libvirt code, and these two cases would
in fact never execute due to earlier error checks.

* src/libvirt.c: Remove assert() usage
2011-05-09 17:59:04 +01:00
Jiri Denemark
b9171eba2f json: Fix *GetBoolean functions
They were not used anywhere so far so nobody noticed they are broken.
2011-05-09 14:02:13 +02:00
Eric Blake
0f536dea9b build: rebuild generated files after rpcgen_fix.pl tweak
Noticed this while trying to run rpcgen on cygwin.

* src/Makefile.am ($(srcdir)/remote/%_protocol.h)
($(srcdir)/remote/%_protocol.c): Add a dependency.
2011-05-09 14:02:13 +02:00
Eric Blake
3e63a94cb9 build: fix VPATH builds
* src/Makefile.am (REMOTE_DRIVER_GENERATED): Generated files
should live in $(srcdir). Update rules to reflect this.
2011-05-09 14:02:13 +02:00
Daniel P. Berrange
3496b7f500 build: Remove all generated RPC files from GIT
Stop storing the generated files for the remote protocol client
and server in source control. The generated files will still be
included in the result of 'make dist' to avoid end-users needing
to generate the files

Signed-off-by: Eric Blake <eblake@redhat.com>

Unfortunately, this means that the strings marked for translation
in generated files are not picked up by gnulib's syntax-check,
I'm working on fixing that in gnulib.

* .gitignore, cfg.mk, po/POTFILES.in: Reflect deletion.
2011-05-06 16:22:33 -06:00
Daniel P. Berrange
fb1e8d9c44 build: refactor generated RPC files
Always generate the rpc files, and require rpcgen during bootstrap.

* daemon/Makefile.am: Removed generated files with
  maintainer-clean target
* src/Makefile.am: Removed generated files with
  maintainer-clean target. Always run 'rpcgen' if
  generated files are missing
2011-05-06 16:18:31 -06:00
Eric Blake
d3c5104dda build: rename generated files to .h, for automake's sake
In preparation for removing generated files, it is necessary
to tell automake that the generated files must be distributed
but not directly compiled (since they are included into the
body of a larger .c file that is compiled).  Hence, even though
these files are code and not headers in the strict sense of
the word, it is easier to rename them to .h for automake's sake.

* daemon/remote_client_bodies.c: Rename to .h.
* daemon/qemu_client_bodies.c: Likewise.
* src/remote/remote_client_bodies.c: Likewise.
* src/remote/qemu_client_bodies.c: Likewise.
* daemon/Makefile.am (remote_dispatch_bodies.c)
(qemu_dispatch_bodies.c): Rename to .h.
(remote.c, EXTRA_DIST): Reflect rename.
* daemon/remote.c: Likewise.
* daemon/remote_generator.pl: Likewise.
* src/Makefile.am (remote/remote_driver.c): Likewise.
* src/remote/remote_driver.c: Likewise.
* po/POTFILES.in: Likewise.
* cfg.mk (exclude_file_name_regexp--sc_require_config_h)
(exclude_file_name_regexp--sc_require_config_h_first)
(exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF):
Likewise.
2011-05-06 15:11:36 -06:00
Matthias Bolte
15b64ef0ed remote generator, client: Handle arguments with limited length
This adds length checks to all affected functions.
2011-05-06 20:27:29 +02:00
Matthias Bolte
b5041a49ec remote generator, client: Handle functions that return lists 2011-05-06 20:27:27 +02:00
Matthias Bolte
8921799aae remote: Refactor remote*Open and remote*Close functions
Add generic versions of the open and close functions and call them.
2011-05-06 20:27:26 +02:00
Matthias Bolte
58b6a5c49e remote generator, client: Handle functions with optional return values 2011-05-06 20:27:24 +02:00
Matthias Bolte
abd05a07ae remote generator, client: Handle functions with multiple return values 2011-05-06 20:27:22 +02:00
Matthias Bolte
a1c891ec1e remote generator, client: Handle functions with wrapped return values 2011-05-06 20:27:20 +02:00
Matthias Bolte
9de503f957 remote generator, client: Handle functions with simple return values 2011-05-06 20:27:18 +02:00
Matthias Bolte
f68bb4edb3 remote generator, client: Handle simple remote driver functions
Rename remoteSecretListSecrets to remoteListSecrets to match the normal
naming pattern.
2011-05-06 20:26:21 +02:00
Matthias Bolte
6384104bcc remote generator, daemon: Handle functions with multiple return values
Once again rename members in the XDR definitions to avoid special case
code in the generator.
2011-05-06 20:08:36 +02:00
Matthias Bolte
705519d8e9 remote: Rename 'nameslen' to the common 'maxnames'
Avoids special case handling in the remote generator.
2011-05-06 20:08:25 +02:00
Matthias Bolte
37cb0882b5 remote: Replace 'domain' with 'dom' in the XDR protocol
This simplifies the remote protocol code generator.

Also rename 'ret' to 'result' to resolve a naming conflict in the
generator.
2011-05-06 20:05:00 +02:00
Matthias Bolte
aff1db9fab remote generator, daemon: Output function bodies too
This patch just covers the simple functions without explicit return
values. There is more to be handled.

The generator collects the members of the XDR argument structs and uses
this information to generate the function bodies.

Exclude the generated files from offending syntax-checks.

Suggested by Richard W.M. Jones
2011-05-06 20:04:56 +02:00
Matthias Bolte
999f5b3ea6 remote generator: Replace tabs with spaces and rename file
No functional change included, just a whitespace change.
2011-05-06 20:04:55 +02:00
Markus Groß
0d9936f622 Balloon dom0 in libxl driver
Creating a domU on a freshly booted dom0 does not work,
because the libxl driver does not allocate memory for the domU.
After creating a domain with xl libvirt is able to create domains too.
This patch reserves enough memory for the domU first.
2011-05-06 11:20:33 -06:00
Doug Goldstein
db36449fd6 remote: check actual access to the cert
Instead of calling stat(), check that we'll actually be able to access
and read the file.

Signed-off-by: Doug Goldstein <cardoe@gentoo.org>
2011-05-06 10:38:14 -06:00
Eric Blake
f84fe150e1 maint: avoid comparisons to bool constants
HACKING already mentions that comparisons against literal 'true'
are unsafe; for consistency, also shorten comparisons against 'false'.

* src/conf/domain_conf.c (virDomainNetDefParseXML): Simplify.
* src/nwfilter/nwfilter_gentech_driver.c
(virNWFilterDomainFWUpdateCB): Likewise.
* tools/virsh.c (cmdVolDownload, vshCommandRun, vshPrintExtra):
Likewise.
2011-05-06 10:28:28 -06:00
Michal Privoznik
5d09c31495 Add warning message to XML definition files stored on disk
Users often edit XML file stored in configuration directory
thinking of modifying a domain/network/pool/etc. Thus it is wise
to let them know they are using the wrong way and give them hint.
2011-05-06 16:48:52 +02:00
Daniel P. Berrange
d37c6a3ae0 Fix security driver handling of FIFOs with QEMU
When setting up a FIFO for QEMU, it allows either a pair
of fifos used unidirectionally, or a single fifo used
bidirectionally. Look for the bidirectional fifo first
when labelling since that is more useful

* src/security/security_dac.c,
  src/security/security_selinux.c: Fix fifo handling
2011-05-06 12:56:32 +01:00
Daniel P. Berrange
f79cddad55 Make taint warnings also go into the domain logfile
As well as taint warnings going to the main libvirt log,
add taint warnings to the per-domain logfile

  Domain id=3 is tainted: high-privileges
  Domain id=3 is tainted: disk-probing
  Domain id=3 is tainted: shell-scripts
  Domain id=3 is tainted: custom-monitor

* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Enhance
  qemuDomainTaint to also log to the domain logfile
* src/qemu/qemu_driver.c: Pass -1 for logFD to taint methods to
  auto-append to logfile
* src/qemu/qemu_process.c: Pass open logFD at startup for taint
  methods
2011-05-06 12:02:02 +01:00
Daniel P. Berrange
1f1db0b52f Add a qemuDomainAppendLog method for writing to the domain logfile
The qemuDomainAppendLog method allows writing a formatted string
to the end of the domain logfile, optionally opening it if needed.

* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Add
  qemuDomainAppendLog
2011-05-06 12:02:02 +01:00
Daniel P. Berrange
ce1b1f4186 Move qemuProcessLogReadFD and qemuProcessLogFD methods
Move the qemuProcessLogReadFD and qemuProcessLogFD methods
into qemu_domain.c, renaming them to qemuDomainCreateLog
and qemuDomainOpenLog.

* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Add
  qemuDomainCreateLog and qemuDomainOpenLog.
* src/qemu/qemu_process.c: Remove qemuProcessLogFD
  and qemuProcessLogReadFD
2011-05-06 12:02:02 +01:00
Daniel P. Berrange
718ac9b52f Log taint warnings in QEMU driver
Wire up logging of VM tainting to the QEMU driver

 - If running QEMU as root user/group or without capabilities
   being cleared
 - If passing custom QEMU command line args
 - If issuing custom QEMU monitor commands
 - If using a network interface config with an associated
   shell script
 - If using a disk config relying on format probing

The warnings, per-VM appear in the main libvirtd logs

  11:56:17.571: 10832: warning : qemuDomainObjTaint:712 : Domain id=1 name='l2' uuid=c7a3edbd-edaf-9455-926a-d65c16db1802 is tainted: high-privileges
  11:56:17.571: 10832: warning : qemuDomainObjTaint:712 : Domain id=1 name='l2' uuid=c7a3edbd-edaf-9455-926a-d65c16db1802 is tainted: disk-probing

The taint flags are reset when the VM is stopped.

* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Helper APIs
  for logging taint warnings
* src/qemu/qemu_driver.c: Log tainting with custom QEMU monitor
  commands and disk/net hotplug with unsupported configs
* src/qemu/qemu_process.c: Log tainting at startup based on
  unsupported configs
2011-05-06 12:02:02 +01:00
Daniel P. Berrange
7998465005 Add field to virDomainObjPtr to track "tainting"
Some configuration setups for guests are allowed, but strongly
discouraged and unsupportable in production systems. Introduce
a concept of 'tainting' to virDomainObjPtr to allow such setups
to be identified. Drivers can then log warnings at suitable
times

* src/conf/domain_conf.c, src/conf/domain_conf.h: Declare taint
  flags and add parsing/formatting of domain status XML
2011-05-06 12:01:57 +01:00
Doug Goldstein
1945d74cc3 virsh: improve TLS certificate error messages
Print the name of the CA cert, certificate, and key file that resulted
in the failure so that the user has an idea what to troubleshoot.

Signed-off-by: Doug Goldstein <cardoe@gentoo.org>
2011-05-05 17:16:58 -06:00
Eric Blake
f09acccfd7 buf: add virBufferVasprintf
Match the fact that we have virAsprintf and virVasprintf.

* src/util/buf.h (virBufferVasprintf): New prototype.
* src/util/buf.c (virBufferAsprintf): Move guts...
(virBufferVasprintf): ...to new function.
* src/libvirt_private.syms (buf.h): Export it.
* bootstrap.conf (gnulib_modules): Add stdarg, for va_copy.
2011-05-05 13:48:19 -06:00
Eric Blake
68ea80cfdd maint: rename virBufferVSprintf to virBufferAsprintf
We already have virAsprintf, so picking a similar name helps for
seeing a similar purpose.  Furthermore, the prefix V before printf
generally implies 'va_list', even though this variant was '...', and
the old name got in the way of adding a new va_list version.

global rename performed with:

$ git grep -l virBufferVSprintf \
  | xargs -L1 sed -i 's/virBufferVSprintf/virBufferAsprintf/g'

then revert the changes in ChangeLog-old.
2011-05-05 13:47:40 -06:00
Daniel P. Berrange
f7fc885dec Fix qemuMigrationToFile nonull annotation
The qemuMigrationToFile method was accidentally annotated for
the 'compressor' parameter to be non-null, instead of the
'path' parameter. Thus GCC with -O2, unhelpfully deleted the
entire 'if (compressor == NULL)' block of code during
optimization. Thus NULL was passed to virCommandNew() with
predictably bad results.

* src/qemu/qemu_migration.h: Fix non-null annotation to be
  against path instead of compressor
2011-05-05 12:53:23 +01:00
Daniel P. Berrange
7c31e1ef0f Make QEMU migration use cached qemu capabilities data
* src/qemu/qemu_migration.c, src/qemu/qemu_migration.h: Remove
  qemuCaps parameters & use cached data
* src/qemu/qemu_driver.c: Don't create & pass qemuCaps to
  migration methods
2011-05-05 11:33:15 +01:00
Daniel P. Berrange
a623bff450 Make QEMU hotplug use cached qemu capabilities data
* src/qemu/qemu_hotplug.h, src/qemu/qemu_hotplug.c: Remove
  qemuCaps parameters from all methods
* src/qemu/qemu_driver.c: Don't create & pass qemuCaps to
  hotplug methods
2011-05-05 11:33:10 +01:00
Daniel P. Berrange
43c01d3838 Persist qemu capabilities in the domain status file
To cope with the QEMU binary being changed while a VM is running,
it is neccessary to persist the original qemu capabilities at the
time the VM is booted.

* src/qemu/qemu_capabilities.c, src/qemu/qemu_capabilities.h: Add
  an enum for a string rep of every capability
* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Support for
  storing capabilities in the domain status XML
* src/qemu/qemu_process.c: Populate & free QEMU capabilities at
  domain startup
2011-05-05 11:33:03 +01:00
Eric Blake
4644f0b253 storage: avoid null deref and leak on failure
Detected by clang.  NULL deref added in commit 343a27a (Mar 11),
but leak of voldef present since commit 2cd9b2d (Apr 09).

* src/storage/storage_driver.c (storageVolumeCreateXML): Don't
leak voldef or dereference null volobj.
2011-05-04 15:01:13 -06:00
Matthias Bolte
6eb3a1f4f7 esx: Disable performance counter queries in esxDomainGetInfo
The queried values aren't used yet.
2011-05-04 20:41:09 +02:00
Matthias Bolte
62a6b7cc9b esx: Avoid null dereference on error in esxDomainGetInfo
Add missing early exits and convert error logging to proper API level
error reporting.

Centralize cleanup code for the PerfQuerySpec object.

Reported by Eric Blake, detected by clang.
2011-05-04 20:25:28 +02:00
Matthias Bolte
d0a8f99c75 esx: Remove dead store in esxUtil_ParseDatastorePath
The ++ on preliminaryFileName was a left over from a previous version
of this function that explicitly returned the filename and did a strdup
on preliminaryFileName afterwards.

As the filename isn't returned explicitly anymore remove the preliminary
variable for it and reuse the tmp variable instead.

Reported by Eric Blake, detected by clang.
2011-05-04 18:33:14 +02:00
Eric Blake
29e131dec2 qemu: update qemuCgroupControllerActive signature
Clang warned about a dead assignment.  In the process, I noticed
that we are only using the function for a bool value.  I audited
all other callers in qemu_{migration,cgroup,driver,hotplug), and
all were making the call in a bool context.

Also, do bounds checking on the argument.

* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Delete dead
assignment.
(qemuCgroupControllerActive): Change return type to bool.
* src/qemu/qemu_cgroup.h (qemuCgroupControllerActive): Likewise.
2011-05-04 09:35:47 -06:00
Eric Blake
44aa49aefe util: remove dead assignment
Clang complained about this, and it was easy enough to fix.

* src/util/util.c (virFileOpenAs): Drop dead assignment.
2011-05-04 09:25:07 -06:00
Eric Blake
32388f12d5 lxc: report correct error
Clang noticed a dead assignment, which turned out to be the use
of the wrong variable.  rc starts life as -1, and is only ever
assigned to 0 just before a successful cleanup.

* src/lxc/lxc_driver.c (lxcSetupInterfaces): Don't call
virReportSystemError(-1).
2011-05-04 09:24:09 -06:00
Eric Blake
710f8811f5 libxl: avoid compiler warning
Detected by gcc:

libxl/libxl_driver.c: In function 'libxlDomainDestroy':
libxl/libxl_drier.c:1351:30: error: variable 'priv' set but not used [-Werror=unused-but-set-variable]

* src/libxl/libxl_driver.c (libxlDomainDestroy): Delete unused
variable.
2011-05-04 09:21:05 -06:00
Eric Blake
5f929dd3aa qemu: remove dead assignment
Detected by clang.

* src/qemu/qemu_migration.c (qemuMigrationToFile): Nothing later
uses is_reg.
2011-05-04 09:14:13 -06:00
Eric Blake
f72393fa97 storage: use virCommand to avoid compiler warning
clang didn't like the last increment to nargs.  But why even
track nargs ourselves, when virCommand does it for us?

* src/storage/storage_backend_iscsi.c
(virStorageBackendISCSIConnection): Switch to virCommand to avoid
a dead-store warning on nargs.
2011-05-04 08:54:20 -06:00
Eric Blake
ead2b43357 cgroup: avoid leaking a file
Clang detected a dead store to rc.  It turns out that in fixing this,
I also found a FILE* leak.

This is a subtle change in behavior, although unlikely to hit.  The
pidfile is a kernel file, so we've probably got more serious problems
under foot if we fail to parse one.  However, the previous behavior
was that even if one pid file failed to parse, we tried others,
whereas now we give up on the first failure.  Either way, though,
the function returns -1, so the caller will know that something is
going wrong, and that not all pids were necessarily reaped.  Besides,
there were other instances already in the code where failure in the
inner loop aborted the outer loop.

* src/util/cgroup.c (virCgroupKillInternal): Abort rather than
resuming loop on fscanf failure, and cleanup file on error.
2011-05-04 08:38:27 -06:00
Eric Blake
d8f7528157 qemu: silence clang false positives
Clang 2.8 wasn't quite able to follow that persistentDef was
assigned earlier if (flags & VIR_DOMAIN_MEM_CONFIG) is true.
Silence this false positive, to make clang analysis easier to use.

* src/qemu/qemu_driver.c (qemudDomainSetMemoryFlags): Add an
annotation to silence clang's claim of a NULL dereference.
2011-05-03 13:19:48 -06:00
Eric Blake
1164e1a2da pci: fix null pointer dereference
Clang detected a null-pointer dereference regression, introduced
in commit 4e8969eb.  Without this patch, a device with
unbind_from_stub set to false would eventually try to call
virFileExists on uncomputed drvdir.

* src/util/pci.c (pciUnbindDeviceFromStub): Ensure drvdir is set
before use.
2011-05-03 10:59:57 -06:00
Eric Blake
4d080ee403 qemu: avoid null pointer dereference
This code has had problems historically.  As originally
written, in commit 6bcf2501 (Jun 08), it could call unlink
on a random string, nuking an unrelated file.

Then commit 182a80b9 (Sep 09), the code was rewritten to
allocate tmp, with both a use-after-free bug and a chance to
call unlink(NULL).

Commit e206946 (Mar 11) fixed the use-after-free, but not the
NULL dereference.  Thanks to clang for catching this!

* src/qemu/qemu_driver.c (qemudDomainMemoryPeek): Don't call
unlink on NULL.
2011-05-03 10:59:55 -06:00
Eric Blake
6e177fa1b6 Revert "lxc: Do not try to reconnect inactive domain when do lxcStartup"
This reverts commit 0e7f7f8566.

From the mailing list:

> So, AFAICT, this patch means we will never reconnect to any LXC
> VMs now.
>
> The correct solution, is to refactor LXC driver startup to work
> the same way as the QEMU driver startup.
>
>   - Load all the live state XML files (to pick up running VMs)
>   - Reconnect to all VMs
>   - Load all the persistent config XML files (to pick up any additional
>     inactive guets)

But that solution is invasive enough to be post-0.9.1.
2011-05-03 10:07:48 -06:00
Michal Privoznik
a2eab0033c Fix disability to run on systems with no PCI bus
The patch which moved libpciaccess initialization to one place caused
regression - we were not able to run on system with no PCI bus, like
s390(x).
2011-05-03 13:46:22 +02:00
Osier Yang
0e7f7f8566 lxc: Do not try to reconnect inactive domain when do lxcStartup
Otherwise if there are inactive lxc domains, lxcStartup will
try to reconnect to sockets of these domains, which results in
errors in libvirtd log.
2011-05-03 14:48:03 +08:00
Christophe Fergeau
b15a8a1bdf qemu: fix uninitialized variable warning
This commit fixes
qemu/qemu_driver.c: In function 'qemuDomainModifyDeviceFlags':
qemu/qemu_driver.c:4041:8: warning: 'ret' may be used uninitialized in this
function [-Wuninitialized]
qemu/qemu_driver.c:4013:9: note: 'ret' was declared here

The variable is set to -1 so that the error paths are taken when the code
to set it didn't get a chance to run. Without initializing it, we could
return some an undefined value from this function.

While I was at it, I made a trivial whitespace change in the same function
to improve readability.
2011-05-02 09:23:47 -06:00
Matthias Bolte
0e7c7b8b32 nwfilter: Fix memory leak in the ebtables subdriver
Call shutdown functions for all subcomponents in nwfilterDriverShutdown.

Make sure that this shutdown functions can safely be called multiple times
and independent from the actual subcomponents state.
2011-04-30 17:37:54 +02:00
Matthias Bolte
feecc9f395 qemu: Fix qemuDomainModifyDeviceFlags leaking the caps bitmap 2011-04-30 17:37:34 +02:00
Matthias Bolte
9d50b323a9 Fix memory leak in __virExec
Commit e0d014f237 made binary potentially allocated on the heap.
It was freed in the parent in the error path, but not in the success path
that doesn't goto the cleanup label.

Found by 'make -C tests valgrind'.
2011-04-30 17:37:29 +02:00
Eric Blake
701bee0193 hash: fix memory leak regression
Commit 1671d1d introduced a memory leak in virHashFree, and
wholesale table corruption in virHashRemoveSet (elements not
requested to be freed are lost).

* src/util/hash.c (virHashFree): Free bucket array.
(virHashRemoveSet): Don't lose elements.
* tests/hashtest.c (testHashCheckForEachCount): New method.
(testHashCheckCount): Expose the bug.
2011-04-29 14:26:40 -06:00
KAMEZAWA Hiroyuki
f37c29c8aa libvirt/qemu - support persistent update of disks
Support update of disks by MODIFY_CONFIG

This patch includes changes for qemu's disk to support
virDomainUpdateDeviceFlags() with VIR_DOMAIN_DEVICE_MODIFY_CONFIG.

This patch adds support for CDROM/foppy disk types.

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>

* src/qemu/qemu_driver.c
(qemuDomainUpdateDeviceConfig): support cdrom/floppy.
2011-04-28 14:59:06 -06:00
Jim Fehlig
578391e1bc Xen: Do not generate net ifname if domain is inactive
V2: Use virAsprintf instead of snprintf/strdup

The xend driver will generate a virDomainNetDef ifname if one is not
specified in xend sexpr, even if domain is inactive.  The result is
network interface XML containing 'vif-1.Y' on dev attribute of target
element, e.g.

  <interface type='bridge'>
    <target dev='vif-1.0'/>
    ...

This patch changes the behavior to only generate the ifname if not
specified in xend sexpr *and* domain is not inactive (id != -1).
2011-04-28 14:54:06 -06:00
Yufang Zhang
a88916665d xen: check if device is assigned to guest before reattaching
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=664059

Reattaching pci device back to host without destroying guest or
detaching device from guest would cause host to crash. This patch adds
a check before doing device reattach. If the device is being assigned
to guest, libvirt refuses to reattach device to host. The patch only
works for Xen, for it just checks xenstore to get pci device
information.

Signed-off-by: Yufang Zhang <yuzhang@redhat.com>
2011-04-28 14:45:31 -06:00
Laine Stump
f7bd72fa26 network: fix return value of hostsFileWrite
The lone caller to hostsFileWrite (and the callers for at least 3
levels up the return stack) assume that the return value will be < 0
on failure. However, hostsFileWrite returns 0 on success, and a
positive errno on failure. This patch changes hostsFileWrite to return
-errno on failure.
2011-04-28 10:44:57 -04:00
Eric Blake
a372c405b4 maint: fix comment typos
* src/esx/esx_driver.c: Fix spelling of 'relative'.
* src/util/util.c: Likewise.
2011-04-28 08:19:51 -06:00
Osier Yang
32398e1282 util: Initialize hooks at daemon shutdown if no hooks defined
We support to initialize the hooks at daemon reload if there is no
hooks script is defined, we should also support initialize the hooks
at daemon shutdown if no hooks is defined.

To address bz: https://bugzilla.redhat.com/show_bug.cgi?id=688859
2011-04-28 14:48:26 +08:00
KAMEZAWA Hiroyuki
ab9102c232 libvirt/qemu - support persistent attach/detach disks
Support changes of disks by MODIFY_CONFIG for qemu.

This patch includes patches for qemu's disk to support
virDomainAt(De)tachDeviceFlags with VIR_DOMAIN_DEVICE_MODIFY_CONFIG.

Other devices can be added incrementally.

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>

* /src/conf/domain_conf.c
(virDomainDiskIndexByName): returns array index of disk in vmdef.
(virDomainDiskRemoveByName): removes a disk which has the name in vmdef.
* src/qemu/qemu_driver.c
(qemuDomainAttachDeviceConfig): add support for Disks.
(qemuDomainDetachDeviceConfig): add support for Disks.
2011-04-27 21:46:35 -06:00
KAMEZAWA Hiroyuki
da1eba6bc8 libvirt/qemu - support persistent modification of devices
This patch adds functions for modify domain's persistent definition.
To do error recovery in easy way, we use a copy of vmdef and update it.

The whole sequence will be:

  make a copy of domain definition.

  if (flags & MODIFY_CONFIG)
      update copied domain definition
  if (flags & MODIF_LIVE)
      do hotplug.
  if (no error)
      save copied one to the file and update cached definition.
  else
      discard copied definition.

This patch is mixuture of Eric Blake's work and mine.
From: Eric Blake <eblake@redhat.com>
Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>

(virDomainObjCopyPersistentDef): make a copy of persistent vm definition
(qemuDomainAttach/Detach/UpdateDeviceConfig) : callbacks. now empty
(qemuDomainModifyDeviceFlags): add support for MODIFY_CONFIG and MODIFY_CURRENT
2011-04-27 21:33:58 -06:00
Jiri Denemark
1671d1dc78 util: Simplify hash implementation
So far first entries for each hash key are stored directly in the hash
table while other entries mapped to the same key are linked through
pointers. As a result of that, the code is cluttered with special
handling for the first items.

This patch makes all entries (even the first ones) linked through
pointers, which significantly simplifies the code and makes it more
maintainable.
2011-04-27 15:32:30 +02:00
Jiri Denemark
91e12a5094 tests: More unit tests for internal hash APIs
This adds several tests for remaining hash APIs (custom
hasher/comparator functions are not covered yet, though).

All tests pass both before and after the "Simplify hash implementation".
2011-04-27 15:32:30 +02:00
Wen Congyang
968fd0111a release PCI address only when we have ensured it successfully
Steps to reproduce this bug:
1. # cat net.xml # 00:03.0 has been used
    <interface type='network'>
      <mac address='52:54:00:04:72:f3'/>
      <source network='default'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>

2. # virsh attach-device vm1 net.xml
   error: Failed to attach device from net.xml
   error: internal error unable to reserve PCI address 0:0:3

3. # virsh attach-device vm1 net.xml
   error: Failed to attach device from net.xml
   error: internal error unable to execute QEMU command 'device_add': Device 'rtl8139' could not be initialized

The reason of this bug is that: we can not reserve PCI address 0:0:3 because it has
been used, but we release PCI address when we reserve it failed.
2011-04-27 20:12:14 +08:00
Wen Congyang
6fee3da262 free buf->content when vsnprintf() failed
When buf->error is 1, we do not return buf->content in the function
virBufferContentAndReset(). So we should free buf->content when
vsnprintf() failed.
2011-04-27 20:12:13 +08:00
Matthias Bolte
4a9019afbb esx: Fix dynamic dispatch for CastFromAnyType functions
This was broken by the refactoring in ac1e6586ec. It resulted in a
segfault for 'virsh vol-dumpxml' and related volume functions.

Before the refactoring all users of the ESX_VI__TEMPLATE__DISPATCH
macro dispatched on the item type, as the item is the input to all those
functions.

Commit ac1e6586ec made the dynamically dispatched CastFromAnyType
functions use this macro too, but this functions dispatched on the
actual type of the AnyType object. The item is the output of the
CastFromAnyType functions.

This difference was missed in the refactoring, making CastFromAnyType
functions dereferencing the item pointer that is NULL at the time of
the dispatch.
2011-04-27 09:33:02 +02:00
Matthias Bolte
3ba5d77f3c Move call to virReportOOMError into virFileBuildPath
Suggested by Daniel P. Berrange
2011-04-27 09:18:53 +02:00
Eric Blake
59a5981dd3 build: use gnulib passfd for simpler SCM_RIGHTS code
* .gnulib: Update to latest for passfd fixes.
* bootstrap.conf (gnulib_modules): Add passfd.
* src/util/util.c (virFileOpenAs): Simplify.
2011-04-26 10:36:56 -06:00
Jiri Denemark
1c84237852 qemu: Add flags checking in DomainCoreDump 2011-04-26 13:37:26 +02:00
Mark Wu
d9b46a0d04 Make crash and live flags mutually exclusive in virDomainCoreDump
They don't make any sense when used together.
2011-04-26 13:37:21 +02:00
Guido Günther
bf5e3f6598 Make sure DNSMASQ_STATE_DIR exists
otherwise the directory returned by networkDnsmasqLeaseFileName will not
be created if ipdef->nhosts == 0 in networkBuildDnsmasqArgv.
2011-04-25 23:41:57 +02:00
Matthias Bolte
bf130d2c85 Fix small memory leaks in config parsing related functions
Found by 'make -C tests valgrind'.

xen_xm.c: Dummy allocation via virDomainChrDefNew is directly
overwritten and lost. Free 'script' in success path too.

vmx.c: Free virtualDev_string in success path too.

domain_conf.c: Free compression in success path too.
2011-04-25 19:08:53 +02:00
Matthias Bolte
14a961ca73 Add virDomainEventRebootNew
This will be used in the ESX driver event handling.
2011-04-25 18:55:01 +02:00
Eric Blake
90d761eeb2 build: make VIR_FREE do some type checking
We can exploit the fact that gcc warns about int-to-pointer conversion
in ternary cond?(void*):(int) in order to prevent future mistakes of
calling VIR_FREE on a scalar lvalue.  For example, between commits
158ba873 and 802e2df, we would have had this warning:

cc1: warnings being treated as errors
remote.c: In function 'remoteDispatchListNetworks':
remote.c:3684:70: error: pointer/integer type mismatch in conditional expression

There are still a number of places that malloc into a const char*;
while it would probably be worth scrubbing them to use char*
instead, that is a separate patch, so we have to cast away const
in VIR_FREE for now.

* src/util/memory.h (VIR_FREE): Make gcc warn about integers.
Iteratively developed from a patch by Christophe Fergeau.
2011-04-25 10:20:18 -06:00
Eric Blake
99de59900a threads: add one-time initialization support
mingw lacks the counterpart to PTHREAD_MUTEX_INITIALIZER, so the
best we can do is portably expose once-only runtime initialization.

* src/util/threads.h (virOnceControlPtr): New opaque type.
(virOnceFunc): New callback type.
(virOnce): New prototype.
* src/util/threads-pthread.h (virOnceControl): Declare.
(VIR_ONCE_CONTROL_INITIALIZER): Define.
* src/util/threads-win32.h (virOnceControl)
(VIR_ONCE_CONTROL_INITIALIZER): Likewise.
* src/util/threads-pthread.c (virOnce): Implement in pthreads.
* src/util/threads-win32.c (virOnce): Implement in WIN32.
* src/libvirt_private.syms: Export it.
2011-04-25 08:53:09 -06:00
Matthias Bolte
061956ccc7 esx: Add a wrapper for shared CURL handles
To be used to share a CURL handle between multiple threads in the
upcoming domain event support.
2011-04-24 11:33:47 +02:00
Matthias Bolte
d21342af19 esx: Move CURL handling code to it's own type 2011-04-24 11:22:23 +02:00
KAMEZAWA Hiroyuki
9b8543b6ad libvirt/qemu - clean up UpdateDevice for consolidation.
This patch strips reusable part of qemuDomainUpdateDeviceFlags()
and consolidate it to qemuDomainModifyDeviceFlags().
No functional changes.

* src/qemu/qemu_driver.c
(qemuDomainChangeDiskMediaLive) : pulled out code for updating disks.
(qemuDomainUpdateDeviceLive) : core of UpdateDevice, extracted from
UpdateDeviceFlags()
(qemuDomainModifyDeviceFlags): add support for updating device in live domain.
(qemuDomainUpdateDeviceFlags): reworked as a wrapper function of
qemuDomainModifyDeviceFlags()

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-04-21 15:49:57 -06:00
KAMEZAWA Hiroyuki
19ad136f60 libvirt/qemu - clean up At(De)tachDeviceFlags() for consolidation.
clean up At(De)tachDeviceFlags() for consolidation.

qemuDomainAttachDeviceFlags()/qemuDomainDetachFlags()/
qemuDomainUpdateDeviceFlags() has similar logics and copied codes.

This patch series tries to unify them to use shared code when it can.
At first, clean up At(De)tachDeviceFlags() and devide it into functions.

By this, this patch pulls out shared components between functions.
Based on patch series by Eric Blake, I added some modification as
switch-case with QEMU_DEVICE_ATTACH, QEMU_DEVICE_DETACH, QEMU_DEVICE_UPDATE

* src/qemu/qemu_driver.c
(qemuDomainAt(De)tachDeviceFlags) : pulled out to qemuDomainModifyDeviceFlags()
(qemuDomainModifyDeviceFlags) : implements generic code for modifying domain.
(qemuDomainAt(De)tachDeviceFlagsLive) : code for at(de)taching devices to
domain in line. no changes in logic from old code.
(qemuDomainAt(De)tachDeviceDiskLive) : for at(de)taching Disks.
(qemuDomainAt(De)tachDeviceControllerLive) : for at(de)taching Controllers

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-04-21 14:19:21 -06:00
KAMEZAWA Hiroyuki
2160116ff8 libvirt/qemu - Centralize device modification in the more flexible APIs
Centralize device modification in the more flexible APIs, to allow future
honoring of additional flags.  Explicitly reject the
VIR_DOMAIN_DEVICE_MODIFY_FORCE flag on attach/detach.

Based on Eric Blake<eblake@redhat.com>'s work.

* src/qemu/qemu_driver.c
(qemudDomainAttachDevice)(qemudDomainAttachDeviceFlags): Swap bodies,rename...
(qemudDomainDetachDevice, qemudDomainDetachDeviceFlags): Likewise.

Signed-off-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-04-21 13:12:04 -06:00
Michal Privoznik
eb954ede72 Add support for s390(x) cpu options parsing
Up to now we missed parser for cpuinfo on x390(x) machines. Those machines
have only 1 thread, core, socket. What is missing is information about
CPU frequency.
2011-04-21 10:50:17 -06:00
Daniel P. Berrange
29fca78541 Fix QEMU tunnelled migration FD handling
The two ends of the pipe used for feeding QEMU tunnelled
migration data were interchanged, so QEMU got given the
"write" end instead of the "read" end.

The qemuMigrationPrepareTunnel method was also immediately
closing the "write" end of the pipe, so the stream failed
to actually write anything.

* src/qemu/qemu_migration.c: Swap tunnelled migration
  pipe FDs & don't close pipe given to stream
2011-04-21 17:27:53 +01:00
Jiri Denemark
068add8ea9 Remove artificial minimum limit for guest memory
Remove the artificial minimum of 4096 KB for guest memory. It's drivers'
job to set the limit if needed.
2011-04-21 12:06:41 +02:00
Eduardo Otubo
41461ff7f7 PHYP: Adding reboot domain function
Adding reboot <domain> function for pHyp driver.
2011-04-21 08:25:33 +02:00
Wen Congyang
2cb1d6f220 fix tunnelled migration's regression
If the migrateFrom is "stdio" not "stdin", qemuBuildCommandLine()
will convert it to exec:cat or fd:n.
2011-04-20 21:30:00 +08:00
Stefan Berger
973b681bdf nwfilter: no support for direct type of interface
Ebtables filtering doesn't work on macvtap device. Remove support for direct type of interface.
2011-04-19 16:23:59 -04:00
Wen Congyang
d2fd997ea6 qemu: fix the check of virDomainObjUnref()'s return value
If vm is unlocked in virDomainObjUnref(), the return value is 0, not less
than 0.
2011-04-19 21:46:09 +08:00
Markus Groß
68c5b6fb2b Add cputune support to libxl driver
Here is a new version of this patch:
https://www.redhat.com/archives/libvir-list/2011-April/msg00337.html

v2:
  - store the cputune info for the whole runtime of the domain
  - remove cputune info when domain is destroyed

The nodeGetInfo code had to be moved into a helper
function to reuse it without a virConnectPtr.
2011-04-18 12:13:11 -06:00
Matthias Bolte
78ef49eae3 Update and sort msg_gen_function list and mark unmarked messages
Inspired by Eric Blake
2011-04-18 19:05:15 +02:00
Eric Blake
a35af32c1e phyp: another simplification
Rather than copying and pasting lots of code, factor it into a
single helper function.

This commit adds a warning if tighter integer parsing would fail
due to any stray bytes after the number, but should not change
any behavior other than the bug fix for phypNumDomainsGeneric
looking only at numeric lines.

* src/phyp/phyp_driver.c (phypExecInt): New function.
(phypGetVIOSPartitionID, phypNumDomainsGeneric, phypGetLparID)
(phypGetLparMem, phypGetLparCPUGeneric, phypGetRemoteSlot)
(phypGetVIOSNextSlotNumber, phypAttachDevice)
(phypGetStoragePoolSize, phypStoragePoolNumOfVolumes)
(phypNumOfStoragePools, phypInterfaceDestroy)
(phypInterfaceDefineXML, phypInterfaceLookupByName)
(phypInterfaceIsActive, phypNumOfInterfaces): Use it.
(phypNumDomainsGeneric): Correctly find numeric line.
2011-04-18 10:53:26 -06:00
Daniel P. Berrange
ce3ae1b084 build: fix qemu build failure in previous patch
This last minute addition caused a build failure

cc1: warnings being treated as errors
qemu/qemu_process.c: In function 'qemuProcessHandleWatchdog':
qemu/qemu_process.c:436:34: error: ignoring return value of 'virDomainObjUnref', declared with attribute warn_unused_result [-Wunused-result]
make[3]: *** [libvirt_driver_qemu_la-qemu_process.lo] Error 1
2011-04-18 09:27:13 -06:00
Wen Congyang
b060d2e5d4 enhance processWatchdogEvent()
This patch does the following two things:
1. hold an extra reference while handling watchdog event
   If the domain is not persistent, and qemu quits unexpectedly before
   calling processWatchdogEvent(), vm will be freed and the function
   processWatchdogEvent() will be dangerous.

2. unlock qemu driver and vm before returning from processWatchdogEvent()
   When the function processWatchdogEvent() failed, we only free wdEvent,
   but forget to unlock qemu driver and vm, free dumpfile.
2011-04-18 09:38:45 +08:00
Wen Congyang
847efb32de qemu: avoid qemu_driver being unlocked twice when virThreadPoolNew() failed
We do not lock qemu_driver when calling virThreadPoolNew(). If it failed,
we will unlock qemu_driver. It is dangerous.

We may use this pool during auto starting domains. So we must create it before
calling qemuAutostartDomains(). Otherwise, libvirtd will crash.
2011-04-18 09:38:45 +08:00
Richard Laager
cf7124946a Fix two out-of-date comments in LVM backend 2011-04-17 08:37:31 +02:00
Matthias Bolte
12459d1ea7 xen: Replace statsErrorFunc with a macro
Also mark error messages in block_stats.c for translation, add the
new macro to the msg_gen functions in cfg.mk and add block_stats.c
to po/POTFILES.in
2011-04-17 07:53:26 +02:00
Matthias Bolte
60d769a13a Remove virConnectPtr from virRaiseErrorFull
And from all related macros and functions.
2011-04-17 07:22:23 +02:00
Wen Congyang
ffbdf3e144 build: include esx_vi.generated.* into dist file
commit d4601696 introduces two more generated files: esx_vi.generated.h
and esx_vi.generated.h. But we do not include them into dist file.
It will break building if using dist file to build.
2011-04-16 07:09:51 +02:00
Eric Blake
0bd34a9dec phyp: avoid memory leaks in command values
* src/phyp/phyp_driver.c (phypExecBuffer): New function. Use it
throughout file for less code, and for plugging a few leaks.
2011-04-15 15:32:19 -06:00
Eric Blake
a1b46e714a phyp: use consistent return string handling
Use the name 'ret' for all phypExec results, to make it easier
to wrap phypExec.  Don't allow a possibly NULL ret through printf.

* src/phyp/phyp_driver.c (phypBuildVolume, phypDestroyStoragePool)
(phypBuildStoragePool, phypBuildLpar): Avoid NULL dereference.
(phypInterfaceDestroy): Avoid redundant free.
(phypVolumeLookupByPath, phypVolumeGetPath): Use consistent
naming.
2011-04-15 15:26:27 -06:00
Eric Blake
e00c892f0b phyp: prefer memcpy over memmove when legal
* src/phyp/phyp_driver.c (phypUUIDTable_AddLpar)
(phypGetLparUUID, phypGetStoragePoolUUID, phypVolumeGetXMLDesc)
(phypGetStoragePoolXMLDesc): Use faster method.
2011-04-15 15:26:27 -06:00
Eric Blake
f61785225d phyp: use consistent style for labels
* src/phyp/phyp_driver.c: Match label style of rest of project.
(phypExec, phypUUIDTable_Pull): Drop an extra label.
2011-04-15 15:26:26 -06:00
Eric Blake
444306d591 phyp: more return handling cleanup
* src/phyp/phyp_driver.c (phypInterfaceDestroy)
(phypInterfaceDefineXML, phypInterfaceLookupByName)
(phypInterfaceIsActive, phypListInterfaces, phypNumOfInterfaces):
Clean up return handling of recent additions.
2011-04-15 15:26:26 -06:00
Eric Blake
8f03c6e869 phyp: avoid memory leak on failure
* src/phyp/phyp_driver.c (phypUUIDTable_Init): Avoid memory leak
on error.
2011-04-15 15:26:26 -06:00
Eric Blake
ef6147c40e phyp: avoid a logic bug
Ever since commit ebc46f, the destroy function built two command
variants but only used one.  I went with the variant that matches
the idiom used in the counterpart of phypBuildStoragePool.

* src/phyp/phyp_driver.c (phypDestroyStoragePool): Avoid
clobbering cmd.  Fix error message typo.
2011-04-15 15:26:26 -06:00
Eric Blake
dbe3bad987 maint: use lighter-weight function for straight appends
It costs quite a few processor cycles to go through printf parsing
just to determine that we only meant to append.

* src/xen/xend_internal.c (xend_op_ext): Consolidate multiple
printfs into one.
* src/qemu/qemu_command.c (qemuBuildWatchdogDevStr)
(qemuBuildUSBInputDevStr, qemuBuildSoundDevStr)
(qemuBuildSoundCodecStr, qemuBuildVideoDevStr): Likewise.
(qemuBuildCpuArgStr, qemuBuildCommandLine): Prefer virBufferAdd
over virBufferVsprintf for trivial appends.
* src/phyp/phyp_driver.c (phypExec, phypUUIDTable_Push)
(phypUUIDTable_Pull): Likewise.
* src/conf/nwfilter_conf.c (macProtocolIDFormatter)
(arpOpcodeFormatter, formatIPProtocolID, printStringItems)
(virNWFilterPrintStateMatchFlags, virNWIPAddressFormat)
(virNWFilterDefFormat): Likewise.
* src/security/virt-aa-helper.c (main): Likewise.
* src/util/sexpr.c (sexpr2string): Likewise.
* src/xenxs/xen_sxpr.c (xenFormatSxprChr): Likewise.
* src/xenxs/xen_xm.c (xenFormatXMDisk): Likewise.
2011-04-15 15:26:26 -06:00
Matthias Bolte
1afaafe307 esx: Fix gcc 4.6 warning about initialized but unused variables
This warnings come from partly generated code. Therefore, the best
solution is to mark them as potentially being unused using the
ATTRIBUTE_UNUSED macro. This is suggested by the gcc documentation.

Reported by Christophe Fergeau
2011-04-15 12:31:38 -06:00
Eric Blake
e692352689 maint: silence cppi warnings
* src/nodeinfo.c (linuxNodeInfoCPUPopulate): Fix indentation of
last patch.
2011-04-14 13:33:24 -06:00
Laine Stump
020ad8d1a2 network: truncate bridges' dummy tap device names to IFNAMSIZ (15) chars
This patch addresses:

   https://bugzilla.redhat.com/show_bug.cgi?id=694382

In order to give each libvirt-created bridge a fixed MAC address,
commit 5754dbd56d, added code to create
a dummy tap device with guaranteed lowest MAC address and attach it to
the bridge. This tap device was given the name "${bridgename}-nic".
However, an interface device name must be IFNAMSIZ (15) characters or
less, so a valid ${bridgename} such as "verylongname123" (15
characters) would lead to an invalid tap device name
("verylongname123-nic" - 19 characters), and that in turn led to a
failure to bring up the network.

The solution is to shorten the part of the original name used to
generate the tap device name. However, simply truncating it is
insufficient, because the last few characters of an interface name are
often a number used to indicate one of a list of several similar
devices (for example, "verylongname123", "verylongname124", etc) and
simple truncation would lead to duplicate names (eg "verlongnam-nic"
and "verylongnam-nic"). So instead we take the first 8 characters of
$bridgename ("verylong" in the example), add on the final 3 bytes
("123"), then add "-nic" (so "verylong123-nic").  Not pretty, but it
is much more likely to generate a unique name, and is reproducible
(unlike, say, a random number).
2011-04-14 15:24:17 -04:00
Stefan Berger
d21f9d5a64 ppc: Enable starting of Qemu VMs on ppc host
Due to differences in /proc/cpuinfo the parsing of the cpu data is
different between architectures. On PPC /proc/cpuinfo looks like this:

[original formatting with tabs]

processor    : 0
cpu          : PPC970MP, altivec supported
clock        : 2297.700000MHz
revision     : 1.1 (pvr 0044 0101)

processor    : 1
cpu          : PPC970MP, altivec supported
clock        : 2297.700000MHz
revision     : 1.1 (pvr 0044 0101)

[..]

timebase     : 14318000
platform     : pSeries
model        : IBM,8844-AC1
machine      : CHRP IBM,8844-AC1

The patch adapts the parsing of the data found in /proc/cpuinfo.

/sys/devices/system/cpu/cpuX/topology/physical_package_id also
always returns -1. Check for it on ppc and make it '0' if found negative.
2011-04-14 14:50:22 -04:00
Stefan Berger
cf2145d546 Migrate VMs between different-endianess hosts
This patch enables the migration of Qemu VMs between hosts of different endianess. I tested this by migrating a i686 VM between a x86 and ppc64 host.

I am converting the 'int's in the VM's state header to uint32_t assuming this doesn't break compatibility with existing deployments other than Linux.
2011-04-14 14:48:03 -04:00
Christophe Fergeau
c59f3d8de4 Fix gcc 4.6 warnings in vbox_tmpl.c 2011-04-14 19:23:30 +02:00
Christophe Fergeau
454e50beee Fix gcc 4.6 warnings
gcc 4.6 warns when a variable is initialized but isn't used afterwards:

vmware/vmware_driver.c:449:18: warning: variable 'vmxPath' set but not used [-Wunused-but-set-variable]

This patch fixes these warnings. There are still 2 offending files:

- vbox_tmpl.c: the variable is used inside an #ifdef and is assigned several
  times outside of #ifdef. Fixing the warning would have required wrapping
  all the assignment inside #ifdef which hurts readability.

vbox/vbox_tmpl.c: In function 'vboxAttachDrives':
vbox/vbox_tmpl.c:3918:22: warning: variable 'accessMode' set but not used [-Wunused-but-set-variable]

- esx_vi_types.generated.c: the name implies it's generated code and I
  didn't want to dive into the code generator

esx/esx_vi_types.generated.c: In function 'esxVI_FileQueryFlags_Free':
esx/esx_vi_types.generated.c:1203:3: warning: variable 'item' set but not used [-Wunused-but-set-variable]
2011-04-14 19:09:12 +02:00
Michal Novotny
2ac455c4d2 Introduce virDomainChrDefNew()
Make: passed
Make check: passed
Make syntax-check: passed

this is the commit to introduce the function to create new character
device definition for the domain as advised by Cole Robinson
<crobinso@redhat.com>.

The function is used on the relevant places and also new tests has
been added.

Signed-off-by: Michal Novotny <minovotn@redhat.com>
2011-04-14 10:29:39 -06:00
Michal Privoznik
abb1570eac Spice: support audio, images and stream compression
This extends the SPICE XML to allow variable compression settings for audio,
images and streaming:
    <graphics type='spice' port='5901' tlsPort='-1' autoport='yes'>
        <image compression='auto_glz'/>
        <jpeg compression='auto'/>
        <zlib compression='auto'/>
        <playback compression='on'/>
    </graphics>

All new elements are optional.
2011-04-14 10:23:59 -06:00
Hu Tao
eed9d69e3c free cpumask of vcpupinDef
cpumask doesn't get freed when vcpupinDef being freed, this leaks
memory.
2011-04-14 09:47:10 -06:00
Matthias Bolte
e63dfb8198 esx: Make the parsed URI part of the private connection data
This will be used to make esxVI_Context clonable.

Also move cleanup code for esxPrivate to esxFreePrivate().
2011-04-14 17:39:05 +02:00
Matthias Bolte
991f97d827 esx: Mark error message in macros for translation 2011-04-14 17:35:11 +02:00
Matthias Bolte
d460169610 esx: Extend VI generator to cover managed object types
Generate lookup functions for managed object types.
2011-04-14 17:14:21 +02:00
Matthias Bolte
ac1e6586ec esx: Cleanup and refactor CastFromAnyType macros
Add CastFromAnyType functions for the String type.
2011-04-14 17:03:42 +02:00
Matthias Bolte
a8ad5a40c6 esx: Cleanup VI generator code 2011-04-14 16:56:50 +02:00
Michal Privoznik
2444c411ca network: Fix NULL dereference during error recovery
This fixes: https://bugzilla.redhat.com/show_bug.cgi?id=696660

While starting a network, if brSetForwardDelay() fails, we go to err1
where we want to access macTapIfName variable which was just
VIR_FREE'd a few lines above. Instead, keep macTapIfName until we are
certain of success.
2011-04-14 10:56:17 -04:00
Daniel P. Berrange
97263cb115 Add missing checks for QEMU domain state in tunables APIs
The methods qemuDomain{Get,Set}{Memory,Blkio,Scheduler}Parameters
all forgot to do a check on virDomainIsActive(), resulting in bogus
error messages from later parts of their impl

* src/qemu/qemu_driver.c: Add missing checks on virDomainIsActive()
2011-04-14 14:32:34 +01:00
Matthias Bolte
28e938a9ec phyp: Fix too small buffer allocation in phypAttachDevice
sizeof(domain->name) is the wrong thing. Instead of using strdup here
rewrite escape_specialcharacters to allocate the buffer itself.

Add a contains_specialcharacters to be used in phypOpen, as phypOpen is
not interested in the escaped version.
2011-04-14 13:58:22 +02:00
Matthias Bolte
e13e1f4f5d phyp: Don't overwrite error from virDomainDeviceDefParse by OOM error 2011-04-14 13:08:30 +02:00
Matthias Bolte
e69aa73339 phyp: Don't try to use a string from a failed virAsprintf 2011-04-14 13:06:37 +02:00
Matthias Bolte
d765a6f071 phyp: Reduce code duplication in error and success paths
Also fix memory leaks along the way in phypCreateServerSCSIAdapter and
phypAttachDevice.
2011-04-14 13:01:37 +02:00
Matthias Bolte
444fd07a0a phyp: Remove stack allocating a 4kb volume key and fix related memory leaks
Don't pre-allocate 4kb per key, make phypVolumeGetKey allocate the memory.

Make phypBuildVolume return the volume key instead of using pre-allocated
memory to store it.

Also fix a memory leak in phypVolumeLookupByName when phypVolumeGetKey
fails. Fix another memory leak in phypVolumeLookupByPath in the success
path. Fix phypVolumeGetXMLDesc leaking voldef.key.
2011-04-14 12:54:36 +02:00
Daniel P. Berrange
4bfab4a0d3 Remove C99 variable declare in PHYP network driver
Move the virInterfacePtr declaration to the top of the
function to avoid jump uninitialized variable warnings

* src/phyp/phyp_driver.c: Fix var declaration
2011-04-13 19:15:22 +01:00
Eduardo Otubo
67eecd1610 PHYP: Adding network interface
This is the implementation of the previous patch now using virInterface*
API. Ended up this patch got much more simpler, smaller and easier to
review. Here is some details:

  * MAC size and interface name are fixed due to specifications on HMC,
    both are created automatically and CAN'T be specified from user. They
    have the following format:

     * MAC: 122980003002
     * Interface name: U9124.720.067BE8B-V3-C0

  * I did replaced all the |grep|sed following the comments Eric Blake
    did on the last patch.

  * According to my last email, It's not possible to create a network
    interface without assigning it to a specific lpar. Then, I am using
    this very minimalistic XML file for testing:

     <interface type='ethernet' name='LPAR01'>
     </interface>

    In this file I am using "name" as the lpar name which I am going to
    assign the new network interface. I couldn't find a better way to
    refer to it. Comments are welcome.

  * Regarding the fact I am sleeping one second waiting for the HMC to
    complete creation of the interface, I don't have means to check
    if the whole process is done. All I do is execute a command, wait
    until is complete (which is not enough in this case) check
    the return and the exit status. The process of actually creating
    a networking interface seems to take a little longer than just the
    return of the ssh control.
2011-04-13 11:18:22 -06:00
Hu Tao
30c551ab4e qemu: fix a dead-lock problem
In qemuDomainObjBeginJobWithDriver, when virCondWaitUntil timeouts,
the function tries to call qemuDriverLock with virDomainObj locked,
this causes the dead-lock problem. This patch fixes this.
2011-04-13 09:43:16 +08:00
Jiri Denemark
5c53160a2f util: Fix crash when removing entries during hash iteration
Commit 9677cd33ee made it possible to
remove current entry when iterating through all hash entries. However,
it didn't properly handle a special case of removing first entry
assigned to a given key which contains several entries in its collision
list.
2011-04-12 19:18:08 +02:00
Michal Privoznik
50e4b9195d Fix possible infinite loop in remote driver
When we take out completed calls from queue we might end up
in circular pointer. We don't want pointer to previous item
point to element taken out.
2011-04-12 09:18:40 -06:00
Eric Blake
99fa30804b maint: fix grammar errors
Jim Meyering recently improved gnulib to catch various grammar
errors during 'make syntax-check'.

* .gnulib: Update to latest, for syntax-check improvements.
* include/libvirt/libvirt.h.in (virConnectAuthCallbackPtr): Use
cannot rather than two words.
* src/driver.c: Likewise.
* src/driver.h (VIR_SECRET_GET_VALUE_INTERNAL_CALL): Likewise.
* src/remote/remote_driver.c (initialize_gnutls): Likewise.
* src/util/pci.c (pciBindDeviceToStub): Likewise.
* src/storage/storage_backend.c (virStorageBackendCreateQemuImg):
Likewise.
(virStorageBackendUpdateVolTargetInfoFD): Avoid doubled word.
* docs/formatdomain.html.in: Likewise.
* src/qemu/qemu_process.c (qemuProcessStart): Likewise.
* cfg.mk (exclude_file_name_regexp--sc_prohibit_can_not)
(exclude_file_name_regexp--sc_prohibit_doubled_word): Exclude
existing translation problems.
2011-04-12 09:06:14 -06:00
Matthias Bolte
6519b76000 xen: Remove PATH_MAX sized stack allocation from block stats code 2011-04-10 13:35:04 +02:00
Taku Izumi
c1795c5204 maxmem: implement virDomainSetMaxMemory API of the qemu driver
This patch implements the code to support virDomainSetMaxMemory API,
and to support VIR_DOMAIN_MEM_MAXIMUM flag in qemudDomainSetMemoryFlags function.
As a result, we can change the maximum memory size of inactive QEMU guests.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-04-08 17:40:29 -06:00
Taku Izumi
e3b4ca21b2 maxmem: introduces VIR_DOMAIN_MEM_MAXIMUM flag
This patch introduces VIR_DOMAIN_MEM_MAXIMUM flag.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-04-08 16:38:00 -06:00
Jean-Baptiste Rouault
ae25096692 docs: remove "returns" word from beginning of lines
Move "returns" keyword from beginning of API doc lines
when it does not describe return values.
Maybe the API doc extractor could be changed to look for
"returns: " to avoid such confusion.
2011-04-08 16:27:06 -06:00
Eric Blake
5bc22e129b docs: tweak virsh restore warning
* tools/virsh.pod: Fix grammar, and clarify wording.
* src/qemu/qemu_driver.c (qemudDomainObjStart): Drop redundant
condition.
2011-04-08 07:58:07 -06:00
Wen Congyang
2999bb06f3 do not build libvirt_iohelper when building without libvirtd
The libexec program libvirt_iohelper is only for libvirtd. If we build rpm
without libvirtd, we will receive the following messages:

Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/wency/rpmbuild/BUILDROOT/libvirt-0.9.0-1.el6.x86_64
error: Installed (but unpackaged) file(s) found:
   /usr/libexec/libvirt_iohelper
2011-04-08 21:52:46 +08:00
Stefan Berger
6ab24feb44 nwfilters: support for TCP flags evaluation
This patch adds support for the evaluation of TCP flags in nwfilters.

It adds documentation to the web page and extends the tests as well.
Also, the nwfilter schema is extended.

The following are some example for rules using the tcp flags:

<rule action='accept' direction='in'>
    <tcp state='NONE' flags='SYN/ALL' dsptportstart='80'/>
</rule>
<rule action='drop' direction='in'>
    <tcp state='NONE' flags='SYN/ALL'/>
</rule>
2011-04-07 20:13:38 -04:00
Taku Izumi
95298e2380 setmem: add VIR_DOMAIN_MEM_CURRENT support to qemu
This patch adds virDomainSetMemoryFlags(,,VIR_DOMAIN_MEM_CURRENT) support
code to qemu driver.

Also, change virDomainObjIsActive to return bool, given its usage.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-04-07 17:13:56 -06:00
Taku Izumi
0f2e50be5f setmem: introduce VIR_DOMAIN_MEM_CURRENT flag
This patch introduces VIR_DOMAIN_MEM_CURRENT flag and
modifies virDomainSetMemoryFlags function to support it.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-04-07 17:13:56 -06:00
Jim Fehlig
f7e9b44812 build: Install libxenlight log dir
Add $localstatedir/log/libvirt/libxl when building libxenlight driver
2011-04-07 16:39:04 -06:00
Eric Blake
8ae5df5d93 virsh: fix mingw startup
* .gnulib: Update to latest, for pipe2.
* bootstrap.conf (gnulib_modules): Add pipe2.
* src/util/event_poll.c (virEventPollInit): Use it, to avoid
problematic virSetCloseExec on mingw.
2011-04-07 15:13:24 -06:00
Markus Groß
a7a4414b75 Add domainSet/GetSchedulerParameters to libxl driver
Libxenlight currently only supports the credit scheduler.
Therefore setting or getting a parameter of other
schedulers raise an error (for now).
2011-04-07 10:23:19 -06:00
Osier Yang
a73bbfc8be qemu: Remove the managed state file only if restoring succeeded
1) Both "qemuDomainStartWithFlags" and "qemuAutostartDomain" try to
restore the domain from managedsave'ed image if it exists (by
invoking "qemuDomainObjRestore"), but it unlinks the image even
if restoring fails, which causes data loss. (This problem exists
for "virsh managedsave dom; virsh start dom").

The fix for is to unlink the managed state file only if restoring
succeeded.

2) For "virsh save dom; virsh restore dom;", it can cause data
corruption if one reuse the saved state file for restoring. Add
doc to tell user about it.

3) In "qemuDomainObjStart", if "managed_save" is NULL, we shouldn't
fallback to start the domain, skipping it to cleanup as a incidental
fix. Discovered by Eric.
2011-04-07 16:58:26 +08:00
Wen Congyang
a4efb2e335 reattach pci devices when qemuPrepareHostdevPCIDevices() failed
Reattach all pci devices that we detached when qemuPrepareHostdevPCIDevices()
failed.
2011-04-07 13:09:46 +08:00
Wen Congyang
4e8969ebcf reattach pci device when pciBindDeviceToStub() failed
We should bind pci device to original driver when pciBindDeviceToStub() failed.
If the pci device is not bound to any driver before calling pciBindDeviceToStub(),
we should only unbind it from pci-stub. If it is bound to pci-stub, we should not
unbind it from pci-stub.
2011-04-07 13:09:46 +08:00
Wen Congyang
9121b1930f rename pciUnBindDeviceFromStub() to pciUnbindDeviceFromStub() and float it up
This patch do the following things:
1. rename the function as 'Unbind' is better than 'UnBind'.
2. pciUnbindDeviceFromStub() will be used in the function pciBindDeviceToStub() in
   next patch. Float it up, instead of having to have a forward declaration
2011-04-07 13:09:46 +08:00
Wen Congyang
115498597a remove devices from driver->activePciHostdevs when qemuPrepareHostdevPCIDevices() failed
We should not mark pci devices as active when qemuPrepareHostdevPCIDevices()
failed.
2011-04-07 13:09:45 +08:00
Wen Congyang
d5981f1caf pci: avoid invalid free, init path to NULL
This bug was introduce by commit 57162db8, and it will cause libvirtd crashed.
2011-04-07 13:09:39 +08:00
Eric Blake
f6447e8a54 build: avoid compiler warning on cygwin
In file included from util/threads.c:31:
util/threads-pthread.c: In function 'virThreadSelfID':
util/threads-pthread.c:214: warning: cast from function call of type 'pthread_t' to non-matching type 'int' [-Wbad-function-cast]

* src/util/threads-pthread.c (virThreadSelfID) [!SYS_gettid]:
Add intermediate cast to silence gcc.
2011-04-06 17:07:23 -06:00
Markus Groß
bf7f62519a Add domainIsUpdated to libxl driver 2011-04-06 15:31:04 -06:00
Serge Hallyn
2879582847 Change locking for udev monitor and callbacks
We're seeing bugs apparently resulting from thread unsafety of
libpciaccess, such as
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/726099
To prevent those, as suggested by danpb on irc, move the
nodeDeviceLock(driverState) higher into the callers.  In
particular:

  udevDeviceMonitorStartup should hold the lock while calling
  udevEnumerateDevices(), and udevEventHandleCallback should hold it
  over its entire execution.

It's not clear to me whether it is ok to hold the
nodeDeviceLock while taking the virNodeDeviceObjLock(dev) on a
device.  If not, then the lock will need to be dropped around
the calling of udevSetupSystemDev(), and udevAddOneDevice()
may not actually be safe to call from higher layers with the
driverstate lock held.

libvirt 0.8.8 with this patch on it seems to work fine for me.
Assuming it looks ok and I haven't done anything obviously dumb,
I'll ask the bug submitters to try this patch.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2011-04-06 10:20:47 -06:00
Jiri Denemark
87e78b2bc0 qemu: Support for overriding NPROC limit
This patch adds max_processes option to qemu.conf which can be used to
override system default limit on number of processes that are allowed to
be running for qemu user.
2011-04-06 12:08:59 +02:00
Osier Yang
7b2cac1238 qemu: Always reserves slot 0x02 for primary VGA.
To address https://bugzilla.redhat.com/show_bug.cgi?id=692355

This fix is to reserve slot 0x02 for primary VGA even if there
is no "video" specified in domain XML to avoid the problem.
2011-04-06 14:22:54 +08:00
Eric Blake
3eb869a04b libxl: avoid compiler warning
cc1: warnings being treated as errors
libxl/libxl_driver.c: In function 'libxlDomainSetVcpusFlags':
libxl/libxl_driver.c:1570:14: error: cast from function call of type 'double' to non-matching type 'unsigned int' [-Wbad-function-cast]
libxl/libxl_driver.c:1578:15: error: cast from function call of type 'double' to non-matching type 'unsigned int' [-Wbad-function-cast]

This was the only use of floor() and ceil(), and floating-point
is overkill for power-of-two manipulations.

* src/libxl/libxl_driver.c (libxlDomainSetVcpusFlags): Avoid -lm
for trivial computations.
2011-04-05 11:09:12 -06:00
Daniel P. Berrange
5b099250e3 Avoid compiler warnings about int -> void * casts
GCC is a little confused about the cast of beginthread/beginthreadex
from unsigned long -> void *. Go via an intermediate variable avoids
the bogus warning, and makes the code a little cleaner

* src/util/threads-win32.c: Avoid compiler warning in cast
2011-04-05 17:43:33 +01:00
Daniel P. Berrange
fdcd06ef71 Improve SCSI volume key generation
The SCSI volumes get a better 'key' field based on the fully
qualified volume path. All SCSI volumes have a unique serial
available in hardware which can be obtained by sending a
suitable SCSI command. Call out to udev's 'scsi_id' command
to fetch this value

* src/storage/storage_backend_scsi.c: Improve volume key
  field value stability and uniqueness
2011-04-05 16:04:22 +01:00
Jiri Denemark
ef264e82ee qemu: Ignore unusable binaries
When initializing qemu guest capabilities, we should ignore qemu
binaries that we are not able to extract version/help info from since
they will be unusable for creating domains anyway. Ignoring them is also
much better than letting initialization of qemu driver fail.
2011-04-05 14:02:55 +02:00
Jiri Denemark
69afdf14b8 qemu: Rewrite LOOKUP_PTYS macro into a function
The macro is huge and gives us nothing but headache when maintaining it.
2011-04-05 14:02:55 +02:00
Daniel P. Berrange
a4e37ff1a3 Enable use of -Wold-style-definition compiler flag
A couple of functions were declared using the old style foo()
for no-parameters, instead of foo(void)

* src/xen/xen_hypervisor.c, tests/testutils.c: Replace () with (void)
  in some function declarations
* m4/virt-compile-warnings.m4: Enable -Wold-style-definition
2011-04-05 11:40:04 +01:00
Daniel P. Berrange
329e9dc629 Enable use of -Wmissing-noreturn
* src/internal.h: Define a ATTRIBUTE_NO_RETURN annotation
* src/lxc/lxc_container.c: Annotate lxcContainerDummyChild
  with ATTRIBUTE_NO_RETURN
* tests/eventtest.c: Mark async thread as ATTRIBUTE_NO_RETURN
* m4/virt-compile-warnings.m4: Enable -Wmissing-noreturn
2011-04-05 11:39:58 +01:00
Daniel P. Berrange
222402417d Remove possible uninitialized variable in openvz driver
* src/openvz/openvz_driver.c: Initialize saveptr variable
2011-04-05 10:54:59 +01:00
Matthias Bolte
9e3550dc4e Use virBufferPtr for sexpr2string instead of manual buffer handling
Removes 4kb stack allocation in the XenD subdriver.
2011-04-05 09:14:59 +02:00
Matthias Bolte
9faf3d084c xend: Remove 4kb stack allocation 2011-04-05 09:14:06 +02:00
Matthias Bolte
3ac2a6f1b5 uml: Remove PATH_MAX sized stack allocation from /proc parsing code 2011-04-05 09:13:29 +02:00
Matthias Bolte
cd708ef4ea storage: Remove PATH_MAX sized stack allocation from iSCSI backend 2011-04-05 09:12:46 +02:00
Matthias Bolte
651a9529b2 qemu: Remove PATH_MAX sized stack allocation used in commandline building 2011-04-05 09:11:32 +02:00
Matthias Bolte
25f85e4938 Remove PATH_MAX sized stack allocation from virFileOpenTtyAt 2011-04-05 09:10:32 +02:00
Matthias Bolte
f044376530 openvz: Remove several larger stack allocations
Replace openvz_readline with getline in several places to get rid of stack
allocated buffers to hold lines.

openvzReadConfigParam allocates memory for return values instead of
expecting a preexisting buffer.
2011-04-05 09:09:38 +02:00
Matthias Bolte
a16de3594f Use virFileAbsPath instead of manually creating the absolute path
Removes multiple 4kb stack allocations.

Removes TODO comments as suggested by Daniel P. Berrange.
2011-04-05 09:05:11 +02:00
Matthias Bolte
1901d091f1 xenxs: Remove PATH_MAX sized stack allocation in XM script parsing 2011-04-05 09:01:37 +02:00
Matthias Bolte
0e27b8a856 sasl: Remove stack allocated 8kb temporary buffers
Move the buffers to the heap allocated client/private data structs.
2011-04-05 08:55:27 +02:00
Matthias Bolte
fb7f0051a2 qemu: Use heap allocated memory to read the monitor greeting
Removing a 4kb stack allocation.

Reduce stack buffer for virStrerror to the common 1kb instead of 4kb.
2011-04-05 08:55:27 +02:00
Matthias Bolte
d1591ad50b phyp: Remove 16kb stack allocation
Allocate on the heap instead.
2011-04-05 08:55:27 +02:00
Matthias Bolte
97176c6350 virt-aa-helper: Remove PATH_MAX sized stack allocations 2011-04-05 08:55:27 +02:00
Matthias Bolte
859efe7f88 ebtables: Remove PATH_MAX sized stack allocation 2011-04-05 08:55:27 +02:00
Matthias Bolte
57162db82c pci: Remove PATH_MAX sized stack allocations
Use virAsprintf instead of snprintf.
2011-04-05 08:55:27 +02:00
Matthias Bolte
1573158190 Remove PATH_MAX sized stack allocations related to virFileBuildPath
Make virFileBuildPath operate on the heap instead of the stack. It
allocates a buffer instead of expecting a preexisting buffer.
2011-04-05 08:55:27 +02:00
Matthias Bolte
bb3fa04183 vmx: Use case-insensitive compare functions for all content 2011-04-05 08:43:23 +02:00
Matthias Bolte
81800ff647 vmx: Support persistent CPU shares 2011-04-05 08:40:57 +02:00
Markus Groß
fb92307f0d Add autostart support to libxl driver
The domainSetAutostart function is nearly identical to the one from qemu.
2011-04-04 17:28:37 -06:00
Jesse Cook
33da939b0f Allow relative path for qemu backing file
This patch enables the relative backing file path support provided by
qemu-img create.

If a relative path is specified for the backing file, it is converted
to an absolute path using the storage pool path. The absolute path is
used to verify that the backing file exists. If the backing file exists,
the relative path is allowed and will be provided to qemu-img create.
2011-04-04 16:37:58 -06:00
Eric Blake
0d166c6b7c build: detect potentential uninitialized variables
Even with -Wuninitialized (which is part of autobuild.sh
--enable-compile-warnings=error), gcc does NOT catch this
use of an uninitialized variable:

{
  if (cond)
    goto error;
  int a = 1;
error:
  printf("%d", a);
}

which prints 0 (supposing the stack started life wiped) if
cond was true.  Clang will catch it, but we don't use clang
as often.  Using gcc -Wjump-misses-init catches it, but also
gives false positives:

{
  if (cond)
    goto error;
  int a = 1;
  return a;
error:
  return 0;
}

Here, a was never used in the scope of the error block, so
declaring it after goto is technically fine (and clang agrees).
However, given that our HACKING already documents a preference
to C89 decl-before-statement, the false positive warning is
enough of a prod to comply with HACKING.

[Personally, I'd _really_ rather use C99 decl-after-statement
to minimize scope, but until gcc can efficiently and reliably
catch scoping and uninitialized usage bugs, I'll settle with
the compromise of enforcing a coding standard that happens to
reject false positives if it can also detect real bugs.]

* acinclude.m4 (LIBVIRT_COMPILE_WARNINGS): Add -Wjump-misses-init.
* src/util/util.c (__virExec): Adjust offenders.
* src/conf/domain_conf.c (virDomainTimerDefParseXML): Likewise.
* src/remote/remote_driver.c (doRemoteOpen): Likewise.
* src/phyp/phyp_driver.c (phypGetLparNAME, phypGetLparProfile)
(phypGetVIOSFreeSCSIAdapter, phypVolumeGetKey)
(phypGetStoragePoolDevice)
(phypVolumeGetPhysicalVolumeByStoragePool)
(phypVolumeGetPath): Likewise.
* src/vbox/vbox_tmpl.c (vboxNetworkUndefineDestroy)
(vboxNetworkCreate, vboxNetworkDumpXML)
(vboxNetworkDefineCreateXML): Likewise.
* src/xenapi/xenapi_driver.c (getCapsObject)
(xenapiDomainDumpXML): Likewise.
* src/xenapi/xenapi_utils.c (createVMRecordFromXml): Likewise.
* src/security/security_selinux.c (SELinuxGenNewContext):
Likewise.
* src/qemu/qemu_command.c (qemuBuildCommandLine): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainChangeEjectableMedia):
Likewise.
* src/qemu/qemu_process.c (qemuProcessWaitForMonitor): Likewise.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextGetPtyPaths):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainShutdown)
(qemudDomainBlockStats, qemudDomainMemoryPeek): Likewise.
* src/storage/storage_backend_iscsi.c
(virStorageBackendCreateIfaceIQN): Likewise.
* src/node_device/node_device_udev.c (udevProcessPCI): Likewise.
2011-04-04 11:26:29 -06:00
Wen Congyang
4a3976211d fix memory leak in qemuProcessHandleGraphics()
If strdup("x509dname") or strdup("saslUsername") success, but
strdup(x509dname) or strdup(saslUsername) failed, subject->nidentity
is not the num elements of subject->identities, and we will leak some
memory.
2011-04-03 09:13:53 +08:00
Wen Congyang
19f916a764 do not lock vm while allocating memory
There is no need to lock vm while allocating memory. If allocating
memory failed, we forgot to unlock vm.
2011-04-03 09:13:46 +08:00
Eric Blake
da3c471467 virsh: fix mingw failure on creating nonblocking pipe
* .gnulib: Update to latest, for nonblocking module.
* bootstrap.conf (gnulib_modules): Add nonblocking.
* src/util/util.c (virSetBlocking): Defer to gnulib.
2011-04-01 08:43:10 -06:00
Daniel Veillard
03ede2f69d Fix libxl driver startup
When you happen to have a libvirtd binary compiled with the
libxenlight driver (say you have installed xen-4.1 libraries)
but not running a xen enabled system, then libvirtd fails to start.

The cause is that libxlStartup() returns -1 when failing to initialize
the library, and this propagates to virStateInitialize() which consider
this a failure. We should only exit libxlStartup with an error code
if something like an allocation error occurs, not if the driver failed
to initialize.

* src/libxl/libxl_driver.c: fix libxlStartup() to not return -1
  when failing to initialize the libxenlight library
2011-04-01 19:30:53 +08:00
Guido Günther
d0bd206a61 Make check_fc_host() and check_vport_capable() usable as rvalues
as needed on non linux ports using HAL.
2011-04-01 11:23:51 +02:00
Jiri Denemark
72ab0b6dc8 qemu: Ignore libvirt debug messages in qemu log
qemu driver uses a 4K buffer for reading qemu log file. This is enough
when only qemu's output is present in the log file. However, when
debugging messages are turned on, intermediate libvirt process fills the
log with a bunch of debugging messages before it executes qemu binary.
In such a case the buffer may become too small. However, we are not
really interested in libvirt messages so they can be filtered out from
the buffer.
2011-04-01 08:48:32 +02:00
Osier Yang
0ca16a78af qemu: Fix improper logic of qemuCgroupSetup
It throws errors as long as the cgroup controller is not available,
regardless of whether we really want to use it to do setup or not,
which is not what we want, fixing it with throwing error when need
to use the controller.

And change "VIR_WARN" to "qemuReportError" for memory controller
incidentally.
2011-04-01 11:41:33 +08:00
Wen Congyang
e206946da7 free tmp after unlinking it
We create a temporary file to save memory, and we will remove it after reading
memory to buffer. But we free the variable that contains the temporary filename
before we remove it. So we should free tmp after unlinking it.
2011-04-01 12:15:21 +08:00
Michal Privoznik
51434d3bef Fix several formatting mistakes in doc 2011-03-31 14:36:19 -06:00
Eric Blake
6c9e89bbd2 maint: avoid locale-sensitivity in string case comparisons
strcase{cmp/str} have the drawback of being sensitive to the global
locale; this is unacceptable in a library setting.  Prefer a
hard-coded C locale alternative for all but virsh, which is user
facing and where the global locale isn't changing externally.

* .gnulib: Update to latest, for c-strcasestr change.
* bootstrap.conf (gnulib_modules): Drop strcasestr, add c-strcase
and c-strcasestr.
* cfg.mk (sc_avoid_strcase): New rule.
(exclude_file_name_regexp--sc_avoid_strcase): New exception.
* src/internal.h (STRCASEEQ, STRCASENEQ, STRCASEEQLEN)
(STRCASENEQLEN): Adjust offenders.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextEjectMedia):
Likewise.
* tools/virsh.c (namesorter): Document exception.
2011-03-30 20:26:27 -06:00
Jiri Denemark
e586f57487 qemu: Fix media eject with qemu-0.12.*
In qemu-0.12.* "device '...' is locked" message was changed to "Device
..." so libvirt was no longer detecting this as an error.
2011-03-30 20:43:55 +02:00
Wen Congyang
0ecfa7f2e1 check whether qemuMonitorJSONHMP() failed
If qemu quited unexpectedly when we call qemuMonitorJSONHMP(),
libvirt will crash.
Steps to reproduce this bug:
1. use gdb to attach libvirtd, and set a breakpoint in the function
   qemuMonitorSetCapabilities()
2. start a vm
3. let the libvirtd to run until qemuMonitorJSONSetCapabilities() returns.
4. kill the qemu process
5. continue running libvirtd

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-30 16:32:22 +08:00
Wen Congyang
cc2424fc65 do not send monitor command after monitor meet error
If the monitor met a error, and we will call qemuProcessHandleMonitorEOF().
But we may try to send monitor command after qemuProcessHandleMonitorEOF()
returned. Then libvirtd will be blocked in qemuMonitorSend().

Steps to reproduce this bug:
1. use gdb to attach libvirtd, and set a breakpoint in the function
   qemuConnectMonitor()
2. start a vm
3. let the libvirtd to run until qemuMonitorOpen() returns.
4. kill the qemu process
5. continue running libvirtd

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-30 16:32:22 +08:00
Hu Tao
025e199810 qemu: unlock qemu driver before return from domain save
qemuDriverUnlock() wasn't called on 2 exit paths
* src/qemu/qemu_driver.c: fix qemudDomainSave() to always unlock
  the driver before exiting on error
2011-03-30 10:34:16 +08:00
Naoya Horiguchi
343a27aff8 extend logging to record configuration-related changes
Currently libvirt's default logging is limited and it is difficult to
determine what was happening when a proglem occurred (especially on a
machines where one don't know the detail.)  This patch helps to do that
by making additional logging available for the following events:

  creating/defining/undefining domains
  creating/defining/undefining/starting/stopping networks
  creating/defining/undefining/starting/stopping storage pools
  creating/defining/undefining/starting/stopping storage volumes.

* AUTHORS: add Naoya Horiguchi
* src/network/bridge_driver.c src/qemu/qemu_driver.c
  src/storage/storage_driver.c: provide more VIR_INFO logging
2011-03-30 09:19:47 +08:00
Osier Yang
01692bb167 cputune: Support cputune for xend driver
Not sure if it's the correct way to add cputune xml for xend driver,
and besides, seems "xm driver" and "xen hypervisor" also support
vcpu affinity, do we need to add support for them too?
2011-03-29 22:13:46 +08:00
Osier Yang
e98eb7f4a5 cputune: Support cputune for lxc driver
LXC driver doesn't support vcpu affinity yet, so just need
to modify it to support cpu shares.
2011-03-29 22:13:46 +08:00
Osier Yang
1cc4d0259c cputune: Support cputune for qemu driver
When domain startup, setting cpu affinity and cpu shares according
to the cputune xml specified in domain xml.

Modify "qemudDomainPinVcpu" to update domain config for vcpupin,
and modify "qemuSetSchedulerParameters" to update domain config
for cpu shares.

v1 - v2:
   * Use "VIR_ALLOC_N" instead of "VIR_ALLOC_VAR"
   * But keep raising error when it fails on adding vcpupin xml
     entry, as I still don't have a better idea yet.
2011-03-29 22:13:46 +08:00
Osier Yang
b8853925fa cputune: Implementations of parsing and formating cputune xml
Implementations of following functions:
  virDomainVcpupinIsDuplicate
  virDomainVcpupinFindByVcpu
  virDomainVcpupinAdd

Update "virDomainDefParseXML" to parse, and "virDomainDefFormatXML"
to build cputune xml, also implementations of new internal helper
functions.

v1 - v2:
  * Resolve potential crash bug of "virDomainVcpupinAdd"
2011-03-29 22:13:46 +08:00
Osier Yang
853f0fdfd9 cputune: Add data structures presenting cputune XML
Also related new functions' declaration, and expose the new introduced
functions in libvirt_private.syms.

v1 - v2:
  Don't expose "virAllocVar" in libvirt_private.syms
2011-03-29 22:13:46 +08:00
Eric Blake
daa6aa687a qemu: fix regression with fd labeling on migration
My earlier testing for commit 34fa0de0 was done while starting
just-built libvirt from an unconfined_t shell, where the fds happened
to work when transferring to qemu.  But when installed and run under
virtd_t, failure to label the raw file (with no compression) or the
pipe (with compression) triggers SELinux failures when passing fds
over SCM_RIGHTS to svirt_t qemu.

* src/qemu/qemu_migration.c (qemuMigrationToFile): When passing
FDs, make sure they are labeled.
2011-03-29 07:12:29 -06:00
Eric Blake
285e8a1769 qemu: improve error message on failed fd transfer
First fallout of fd: migration - it looks like SELinux enforcing
_does_ require fd labeling (running uninstalled libvirtd from an
unconstrained shell had no problems, but once faked out by doing
 chcon `stat -c %C /usr/sbin/libvirtd` daemon/libvirtd
 run_init $PWD/daemon/libvirtd
to run it with the same context as an init script service, and with
SELinux enforcing, I got a rather confusing failure:
error: Failed to save domain fedora_12 to fed12.img
error: internal error unable to send TAP file handle: No file descriptor supplied via SCM_RIGHTS

This fixes the error message, then I need to figure out a subsequent
patch that does the fsetfilecon() necessary to keep things happy.
It also appears that libvirtd hangs on a failed fd transfer; I don't
know if that needs an independent fix.

* src/qemu/qemu_monitor_text.c (qemuMonitorTextSendFileHandle):
Improve message, since TAP is no longer only client.
2011-03-29 07:12:29 -06:00
Markus Groß
6ebcb0c777 Add domainSuspend/Resume to libxl driver
* src/libxl/libxl_driver.c: implements libxlDomainSuspend and
  libxlDomainResume
2011-03-29 20:57:02 +08:00
Markus Groß
f367a1dfce Add domainGetOSType to libxl driver
* src/libxl/libxl_driver.c: implements libxlDomainGetOSType
2011-03-29 20:57:02 +08:00
Markus Groß
d53bca4868 Add domainGetSchedulerType to libxl driver
* src/libxl/libxl_driver.c: implements libxlDomainGetSchedulerType
2011-03-29 20:57:02 +08:00
Markus Groß
0244977180 Implements domainXMLTo/FromNative in libxl driver
* src/Makefile.am src/libvirt_private.syms configure.ac: share and
  reuse the sexpr routines from sexpr.h of the old xen driver
* src/libxl/libxl_driver.c: implements libxlDomainXMLFromNative and
  libxlDomainXMLToNative
2011-03-29 20:57:02 +08:00
Markus Groß
3d6fe99c5c Add vcpu functions to libxl driver
Hook the virtual cpu functions to their libxenlight counterparts

* src/libxl/libxl_driver.c: implements libxlDomainSetVcpus,
  libxlDomainGetVcpus, libxlDomainSetVcpusFlags,
  libxlDomainGetVcpusFlags and libxlDomainPinVcpu
2011-03-29 20:57:02 +08:00
Markus Groß
cbf2717cfd List authors in copyright headers
* src/libxl/libxl_conf.[ch] src/libxl/libxl_driver.[ch]: add authors
  after the licence template
2011-03-29 20:57:02 +08:00
Markus Groß
68e1032378 Add event callbacks to libxl driver
* src/libxl/libxl_conf.h: add the necessary fields to the driver
  private structure
* src/libxl/libxl_driver.c: add lifecycle event support and entry
  points for event(de)register(any)
2011-03-29 20:57:02 +08:00
Markus Groß
6d60ca5d58 Ignore return value of virDomainObjUnref
* src/libxl/libxl_driver.c: use ignore_value() in libxlDomainObjUnref
  and libxlCreateDomEvents
2011-03-29 20:57:02 +08:00
Daniel P. Berrange
230a5d8b4a Remote protocol support for storage vol upload/download APIs
* daemon/remote.c, src/remote/remote_driver.c: Implementation
  of storage vol upload/download APIs
* src/remote/remote_protocol.x: Wire protocol definition for
  upload/download
* daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
  daemon/remote_dispatch_table.h, src/remote/remote_protocol.h,
  src/remote/remote_protocol.c: Re-generate
2011-03-29 12:17:52 +01:00
Daniel P. Berrange
925639627c Support volume data upload/download APIs in storage driver
Use generic FD streams to allow data upload/download to/from
any storage volume

* src/storage/storage_driver.c: Wire up upload/download APIs
2011-03-29 12:17:45 +01:00
Daniel P. Berrange
7300f68dff Add public APIs for storage volume upload/download
New APIs are added allowing streaming of content to/from
storage volumes.

* include/libvirt/libvirt.h.in: Add virStorageVolUpload and
  virStorageVolDownload APIs
* src/driver.h, src/libvirt.c, src/libvirt_public.syms: Stub
  code for new APIs
* src/storage/storage_driver.c, src/esx/esx_storage_driver.c:
  Add dummy entries in driver table for new APIs
2011-03-29 12:17:33 +01:00
Daniel P. Berrange
e886237af5 Enhance the streams helper to support plain file I/O
The O_NONBLOCK flag doesn't work as desired on plain files
or block devices. Introduce an I/O helper program that does
the blocking I/O operations, communicating over a pipe that
can support O_NONBLOCK

* src/fdstream.c, src/fdstream.h: Add non-blocking I/O
  on plain files/block devices
* src/Makefile.am, src/util/iohelper.c: I/O helper program
* src/qemu/qemu_driver.c, src/lxc/lxc_driver.c,
  src/uml/uml_driver.c, src/xen/xen_driver.c: Update for
  streams API change
2011-03-29 12:17:28 +01:00
Eric Blake
83b77fa589 qemu: fix regression that hangs on save failure
Regression introduced in commit 6034ddd55.

* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Jump to correct
label.
2011-03-28 17:00:32 -06:00
Eric Blake
16a4243c19 build: fix compilation on mingw
* src/util/command.c (virCommandAbort) [WIN32]: Provide stub.
Reported by Daniel P. Berrange's autobuilder.
2011-03-28 14:12:28 -06:00
Eric Blake
15d757ac4e qemu: support fd: migration with compression
Spawn the compressor ourselves, instead of requiring the shell.

* src/qemu/qemu_migration.c (qemuMigrationToFile): Spawn
compression helper process when needed.
2011-03-28 10:26:33 -06:00
Eric Blake
34fa0de05e qemu: skip granting access during fd migration
SELinux labeling and cgroup ACLs aren't required if we hand a
pre-opened fd to qemu.  All the more reason to love fd: migration.

* src/qemu/qemu_migration.c (qemuMigrationToFile): Skip steps
that are irrelevant in fd migration.
2011-03-28 10:26:33 -06:00
Eric Blake
6034ddd559 qemu: consolidate migration to file code
This points out that core dumps (still) don't work for root-squash
NFS, since the fd is not opened correctly.  This patch should not
introduce any functionality change, it is just a refactoring to
avoid duplicated code.

* src/qemu/qemu_migration.h (qemuMigrationToFile): New prototype.
* src/qemu/qemu_migration.c (qemuMigrationToFile): New function.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag, doCoreDump): Use
it.
2011-03-28 10:26:33 -06:00
Eric Blake
80449b325e qemu: use common API for reading difficult files
Direct access to an open file is so much simpler than passing
everything through a pipe!

* src/qemu/qemu_driver.c (qemudOpenAsUID)
(qemudDomainSaveImageClose): Delete.
(qemudDomainSaveImageOpen): Rename...
(qemuDomainSaveImageOpen): ...and drop read_pid argument.  Use
virFileOpenAs instead of qemudOpenAsUID.
(qemudDomainSaveImageStartVM, qemudDomainRestore)
(qemudDomainObjRestore): Rename...
(qemuDomainSaveImageStartVM, qemuDomainRestore)
(qemDomainObjRestore): ...and simplify accordingly.
(qemudDomainObjStart, qemuDriver): Update callers.
2011-03-28 10:26:33 -06:00
Eric Blake
1a369dfbe8 qemu, storage: improve type safety
* src/storage/storage_backend.c (createRawFileOpHook): Change
signature.
(struct createRawFileOpHookData): Delete unused struct.
(virStorageBackendCreateRaw): Adjust caller.
* src/qemu/qemu_driver.c (struct fileOpHookData): Delete unused
struct.
(qemudDomainSaveFileOpHook): Rename...
(qemuDomainSaveFileOpHook): ...and change signature.
(qemudDomainSaveFlag): Adjust caller.
2011-03-28 10:26:33 -06:00
Eric Blake
fa3e1e35eb util: adjust indentation in previous patch
Separating the indentation from the real patch made review easier.

* src/util/util.c (virFileOpenAs): Whitespace changes.
2011-03-28 10:26:33 -06:00
Eric Blake
1fdd50f999 util: rename virFileOperation to virFileOpenAs
This patch intentionally doesn't change indentation, in order to
make it easier to review the real changes.

* src/util/util.h (VIR_FILE_OP_RETURN_FD, virFileOperationHook):
Delete.
(virFileOperation): Rename...
(virFileOpenAs): ...and reduce parameters.
* src/util/util.c (virFileOperationNoFork, virFileOperation):
Rename and simplify.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Adjust caller.
* src/storage/storage_backend.c (virStorageBackendCreateRaw):
Likewise.
* src/libvirt_private.syms: Reflect rename.
2011-03-28 10:26:33 -06:00
Eric Blake
fe303a4256 storage: simplify fd handling
* src/storage/storage_backend.c (virStorageBackendCreateRaw): Use
new virFileOperation flag.
2011-03-28 10:26:33 -06:00
Eric Blake
3eede281eb qemu: simplify domain save fd handling
This makes root-squash NFS saves more efficient.

* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Use new
virFileOperation flag to open fd only once.
2011-03-28 10:26:33 -06:00
Eric Blake
055d4ff87c util: use SCM_RIGHTS in virFileOperation when needed
Currently, the hook function in virFileOperation is extremely limited:
it must be async-signal-safe, and cannot modify any memory in the
parent process.  It is much handier to return a valid fd and operate
on it in the parent than to deal with hook restrictions.

* src/util/util.h (VIR_FILE_OP_RETURN_FD): New flag.
* src/util/util.c (virFileOperationNoFork, virFileOperation):
Honor new flag.
2011-03-28 10:26:33 -06:00
Eric Blake
9497506fa0 qemu: allow simple domain save to use fd: protocol
This allows direct saves (no compression, no root-squash NFS) to use
the more efficient fd: migration, which in turn avoids a race where
qemu exec: migration can sometimes fail because qemu does a generic
waitpid() that conflicts with the pclose() used by exec:.  Further
patches will solve compression and root-squash NFS.

* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Use new function
when there is no compression.
2011-03-28 10:26:32 -06:00
Eric Blake
d51023d4c2 qemu: fix restoring a compressed save image
Latent bug introduced in commit 2d6a581960 (Aug 2009), but not exposed
until commit 1859939a (Jan 2011).  Basically, when virExec creates a
pipe, it always marks libvirt's side as cloexec.  If libvirt then
wants to hand that pipe to another child process, things work great if
the fd is dup2()'d onto stdin or stdout (as with stdin: or exec:
migration), but if the pipe is instead used as-is (such as with fd:
migration) then qemu sees EBADF because the fd was closed at exec().

This is a minimal fix for the problem at hand; it is slightly racy,
but no more racy than the rest of libvirt fd handling, including the
case of uncompressed save images.  A more invasive fix, but ultimately
safer at avoiding leaking unintended fds, would be to _always and
atomically_ open all fds as cloexec in libvirt (thanks to primitives
like open(O_CLOEXEC), pipe2(), accept4(), ...), then teach virExec to
clear that bit for all fds explicitly marked to be handed to the child
only after forking.

* src/qemu/qemu_command.c (qemuBuildCommandLine): Clear cloexec
flag.
* tests/qemuxml2argvtest.c (testCompareXMLToArgvFiles): Tweak test.
2011-03-28 10:26:32 -06:00
Eric Blake
296eb0bbe3 util: allow clearing cloexec bit
* src/util/util.h (virSetInherit): New prototype.
* src/util/util.c (virSetCloseExec): Move guts...
(virSetInherit): ...to new function, and allow clearing.
* src/libvirt_private.syms (util.h): Export it.
2011-03-28 10:26:32 -06:00
Eric Blake
60dea30b7d logging: always NUL-terminate circular buffer
* src/util/logging.c (virLogStartup, virLogSetBufferSize):
Over-allocate, so that a debugger can just print the circular
buffer.  Suggested by Daniel Veillard.
2011-03-28 10:14:06 -06:00
Eric Blake
009bd51b94 maint: use space, not tab, in remote_protocol-structs
* src/Makefile.am (remote_protocol-structs): Flatten tabs.
* src/remote_protocol-structs: Likewise.  Also add a hint to emacs
to make it easier to keep spaces in the file.
2011-03-28 10:10:04 -06:00
Eric Blake
ef701fd8cb docs: document recent hook additions
* src/qemu/qemu_process.c (qemuProcessStart, qemuProcessStop): Fix
typos.
* docs/hooks.html.in: Document 'prepare' and 'release' hooks.
2011-03-28 09:51:04 -06:00
Eric Blake
96d567862a qemu: don't restore state label twice
Otherwise, if something like doStopVcpus fails after the first
restore, a second restore is attempted and throws a useless
warning.

* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Avoid second
restore of state label.
2011-03-28 09:10:09 -06:00
Daniel P. Berrange
4591df766d Remove the Open Nebula driver
The Open Nebula driver has been unmaintained since it was first
introduced. The only commits have been for tree-wide cleanups.
It also has a major design flaw, in that it only knows about guests
that it has created itself, which makes it of very limited use.

Discussions wrt evolution of the VMWare ESX driver, concluded that
it should limit itself to single-node ESX operation and not try to
manage the multi-node architecture of VirtualCenter. Open Nebula
is a cluster like Virtual Center, not a single node system, so
the same reasoning applies.

The DeltaCloud project includes an Open Nebula driver and is a much
better fit architecturally, since it is explicitly targetting the
distributed multihost cluster scenario.

Thus this patch deletes the libvirt Open Nebula driver with the
recommendation that people use DeltaCloud for managing it instead.

* configure.ac: Remove probe for xmlrpc & --with-one arg
* daemon/Makefile.am, daemon/libvirtd.c, src/Makefile.am: Remove
  ONE driver build
* src/opennebula/one_client.c, src/opennebula/one_client.h,
  src/opennebula/one_conf.c, src/opennebula/one_conf.h,
  src/opennebula/one_driver.c, src/opennebula/one_driver.c: Delete
  files
* autobuild.sh, libvirt.spec.in, mingw32-libvirt.spec.in: Remove
  build rules for Open Nebula
* docs/drivers.html.in, docs/sitemap.html.in: Remove reference
  to OpenNebula
* docs/drvone.html.in: Delete file
2011-03-28 14:09:11 +01:00
Matthias Bolte
4cb5044dcb remote: Don't leak gnutls session on negotiation error 2011-03-26 16:43:44 +01:00
Eric Blake
42a0fc39c1 hooks: fix regression in previous patch
* src/util/hooks.c (virHookCheck): Missing hooks should just be
debug, not warn.
2011-03-25 15:15:11 -06:00
Philipp Hahn
24da109573 Add missing { for qemudDomainInterfaceStats
Add missing open curly brace between function declaration of non-linux
variant of qemudDomainInterfaceStats() and its body.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2011-03-25 09:56:06 -06:00
Eric Blake
9ed545185f command: add virCommandAbort for cleanup paths
Sometimes, an asynchronous helper is started (such as a compressor
or iohelper program), but a later error means that we want to
abort that child.  Make this easier.

Note that since daemons and virCommandRunAsync can't mix, the only
time virCommandFree can reap a process is if someone did
virCommandRunAsync for a non-daemon and didn't stash the pid.

* src/util/command.h (virCommandAbort): New prototype.
* src/util/command.c (_virCommand): Add new field.
(virCommandRunAsync, virCommandWait): Track whether pid was used.
(virCommandFree): Reap child if caller did not request pid.
(virCommandAbort): New function.
* src/libvirt_private.syms (command.h): Export it.
* tests/commandtest.c (test19): New test.
2011-03-25 05:34:48 -06:00
Eric Blake
4e808602f1 command: don't mix RunAsync and daemons
It doesn't make sense to run a daemon without synchronously
waiting for the child process to reply whether the daemon has
been kicked off and pidfile written yet.

* src/util/command.c (VIR_EXEC_RUN_SYNC): New constant.
(virCommandRun): Set temporary flag.
(virCommandRunAsync): Use it to prevent async runs of intermediate
child when spawning asynchronous daemon grandchild.
2011-03-25 05:34:48 -06:00
Eric Blake
208a044a54 command: properly diagnose process exit via signal
Child processes don't always reach _exit(); if they die from a
signal, then any messages should still be accurate.  Most users
either expect a 0 status (thankfully, if status==0, then
WIFEXITED(status) is true and WEXITSTATUS(status)==0 for all
known platforms) or were filtering on WIFEXITED before printing
a status, but a few were missing this check.  Additionally,
nwfilter_ebiptables_driver was making an assumption that works
on Linux (where WEXITSTATUS shifts and WTERMSIG just masks)
but fails on other platforms (where WEXITSTATUS just masks and
WTERMSIG shifts).

* src/util/command.h (virCommandTranslateStatus): New helper.
* src/libvirt_private.syms (command.h): Export it.
* src/util/command.c (virCommandTranslateStatus): New function.
(virCommandWait): Use it to also diagnose status from signals.
* src/security/security_apparmor.c (load_profile): Likewise.
* src/storage/storage_backend.c
(virStorageBackendQEMUImgBackingFormat): Likewise.
* src/util/util.c (virExecDaemonize, virRunWithHook)
(virFileOperation, virDirCreate): Likewise.
* daemon/remote.c (remoteDispatchAuthPolkit): Likewise.
* src/nwfilter/nwfilter_ebiptables_driver.c (ebiptablesExecCLI):
Likewise.
2011-03-25 05:34:48 -06:00
Markus Groß
6ef1f6c2a1 Add memory functions to libxl driver 2011-03-25 04:14:20 -06:00
Wen Congyang
c4dae2d9a8 fix the check of the output of monitor command 'device_add'
Hotpluging host usb device by text mode will fail, because the monitor
command 'device_add' outputs 'husb: using...' if it succeeds, but we
think the command should not output anything.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-25 12:38:34 +08:00
Eric Blake
72d4ff5b7c build: enforce reference count checking
Add the compiler attribute to ensure we don't introduce any more
ref bugs like were just patched in commit 9741f34, then explicitly
mark the remaining places in code that are safe.

* src/qemu/qemu_monitor.h (qemuMonitorUnref): Mark
ATTRIBUTE_RETURN_CHECK.
* src/conf/domain_conf.h (virDomainObjUnref): Likewise.
* src/conf/domain_conf.c (virDomainObjParseXML)
(virDomainLoadStatus): Fix offenders.
* src/openvz/openvz_conf.c (openvzLoadDomains): Likewise.
* src/vmware/vmware_conf.c (vmwareLoadDomains): Likewise.
* src/qemu/qemu_domain.c (qemuDomainObjBeginJob)
(qemuDomainObjBeginJobWithDriver)
(qemuDomainObjExitRemoteWithDriver): Likewise.
* src/qemu/qemu_monitor.c (QEMU_MONITOR_CALLBACK): Likewise.
Suggested by Daniel P. Berrange.
2011-03-24 15:29:18 -06:00
Eric Blake
391c397e48 maint: prohibit access(,X_OK)
This simplifies several callers that were repeating checks already
guaranteed by util.c, and makes other callers more robust to now
reject directories.  remote_driver.c was over-strict - access(,R_OK)
is only needed to execute a script file; a binary only needs
access(,X_OK) (besides, it's unusual to see a file with x but not
r permissions, whether script or binary).

* cfg.mk (sc_prohibit_access_xok): New syntax-check rule.
(exclude_file_name_regexp--sc_prohibit_access_xok): Exempt one use.
* src/network/bridge_driver.c (networkStartRadvd): Fix offenders.
* src/qemu/qemu_capabilities.c (qemuCapsProbeMachineTypes)
(qemuCapsInitGuest, qemuCapsInit, qemuCapsExtractVersionInfo):
Likewise.
* src/remote/remote_driver.c (remoteFindDaemonPath): Likewise.
* src/uml/uml_driver.c (umlStartVMDaemon): Likewise.
* src/util/hooks.c (virHookCheck): Likewise.
2011-03-24 15:18:44 -06:00
Markus Groß
d1c8c8d438 Get cpu time and current memory balloon from libxl 2011-03-24 13:34:44 -06:00
Wen Congyang
9450a7cbef update domain status forcibly even if attach a device failed
Steps to reproduce this bug:
1. virsh attach-disk domain --source diskimage --target sdb --sourcetype file --driver qemu --subdriver qcow2
   error: Failed to attach disk
   error: operation failed: adding scsi-disk,bus=scsi0.0,scsi-id=1,drive=drive-scsi0-0-1,id=scsi0-0-1 device failed: Property 'scsi-disk.drive' can't find value 'drive-scsi0-0-1'
2. service libvirtd restart
   Stopping libvirtd daemon:                                  [  OK  ]
   Starting libvirtd daemon:                                  [  OK  ]
3. virsh attach-disk domain --source diskimage --target sdb --sourcetype file --driver qemu --subdriver raw
   error: Failed to attach disk
   error: operation failed: adding lsi,id=scsi0,bus=pci.0,addr=0x6 device failed: Duplicate ID 'scsi0' for device

The reason is that we create a new scsi controller but we do not update
/var/run/libvirt/qemu/domain.xml.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-24 15:26:28 +08:00
Eric Blake
ee691d8433 command: reject pidfile on non-daemon
* src/util/command.c (virCommandRunAsync): Since virExec only
creates pidfiles for daemon, enforce this in virCommand.
2011-03-23 15:01:28 -06:00
Eric Blake
e904ce3c47 domain_conf: drop unused ref-count in snapshot object
The ref count was assigned to 1 at creation, then never modified again
until it was decremented just before freeing the object.

* src/conf/domain_conf.h (_virDomainSnapshotObj): Delete unused
field.
(virDomainSnapshotObjUnref): Delete unused prototype.
* src/libvirt_private.syms: Likewise.
* src/conf/domain_conf.c (virDomainSnapshotObjNew)
(virDomainSnapshotObjListDataFree): Update users.
(virDomainSnapshotObjUnref): Delete.
2011-03-23 11:34:29 -06:00
Osier Yang
93e8b8778a util: Fix return value for virJSONValueFromString if it fails
Problem:
  "parser.head" is not NULL even if it's free'ed by "virJSONValueFree",
returning "parser.head" when "virJSONValueFromString" fails will cause
unexpected errors (libvirtd will crash sometimes), e.g.
  In function "qemuMonitorJSONArbitraryCommand":

        if (!(cmd = virJSONValueFromString(cmd_str)))
            goto cleanup;

        if (qemuMonitorJSONCommand(mon, cmd, &reply) < 0)
            goto cleanup;

        ......

     cleanup:
        virJSONValueFree(cmd);

  It will continues to send command to monitor even if "virJSONValueFromString"
is failed, and more worse, it trys to free "cmd" again.

  Crash example:
{"error":{"class":"QMPBadInputObject","desc":"Expected 'execute' in QMP input","data":{"expected":"execute"}}}
{"error":{"class":"QMPBadInputObject","desc":"Expected 'execute' in QMP input","data":{"expected":"execute"}}}
error: server closed connection:
error: unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: Connection refused
error: failed to connect to the hypervisor

  This fix is to:
    1) return NULL for failure of "virJSONValueFromString",
    2) and it seems "virJSONValueFree" uses incorrect loop index for type
       of "VIR_JSON_TYPE_OBJECT", fix it together.

* src/util/json.c
2011-03-23 22:57:44 +08:00
Wen Congyang
bcac844f4f Initialization error of qemuCgroupData in Qemu host usb hotplug
Steps to reproduce this bug:
# cat usb.xml
<hostdev mode='subsystem' type='usb'>
  <source>
    <address bus='0x001' device='0x003'/>
  </source>
</hostdev>
# virsh attach-device vm1 usb.xml
error: Failed to attach device from usb.xml
error: server closed connection:

The reason of this bug is that we set data.cgroup to NULL, and this will cause
libvirtd crashed.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-23 22:10:14 +08:00
Eric Blake
18d68462e3 qemu: simplify monitor callbacks
A future patch will change reference counting idioms; consolidating
this pattern now makes the next patch smaller (touch only the new
macro rather than every caller).

* src/qemu/qemu_monitor.c (QEMU_MONITOR_CALLBACK): New helper.
(qemuMonitorGetDiskSecret, qemuMonitorEmitShutdown)
(qemuMonitorEmitReset, qemuMonitorEmitPowerdown)
(qemuMonitorEmitStop, qemuMonitorEmitRTCChange)
(qemuMonitorEmitWatchdog, qemuMonitorEmitIOError)
(qemuMonitorEmitGraphics): Use it to reduce duplication.
2011-03-22 17:16:08 -06:00
Eric Blake
6afa49a987 build: fix missing initializer
Commit cb4aba9b6 forgot xenapi.

* src/xenapi/xenapi_driver.c (xenapiDriver): Adjust to recent API.
2011-03-22 14:37:02 -06:00
Roopa Prabhu
7708da38c7 8021Qbh: use preassociate-rr during the migration prepare stage
This patch introduces PREASSOCIATE-RR during incoming VM migration on the
destination host. This is similar to the usage of PREASSOCIATE during
migration in 8021qbg libvirt code today. PREASSOCIATE-RR is a VDP operation.
With the latest at IEEE, 8021qbh will need to support VDP operations.
A corresponding enic driver patch to support PREASSOCIATE-RR for 8021qbh
will be posted for net-next-2.6 inclusion soon.
2011-03-22 15:27:01 -04:00
Daniel P. Berrange
c59176c109 Fix uninitialized variable & error reporting in LXC veth setup
THe veth setup in LXC had a couple of flaws, first brInit did
not report any error when it failed. Second vethCreate() did
not correctly initialize the variable containing the return
code, so could report failure even when it succeeded.

* src/lxc/lxc_driver.c: Report error when brInit fails
* src/lxc/veth.c: Fix uninitialized variable
2011-03-22 15:54:56 +00:00
Daniel P. Berrange
83cc3d1d55 Wire up virDomainMigrateSetSpeed into QEMU driver
Enhance the QEMU migration monitoring loop, so that it can get
a signal to change migration speed on the fly

* src/qemu/qemu_domain.h: Add signal for changing speed on the fly
* src/qemu/qemu_driver.c: Wire up virDomainMigrateSetSpeed driver
* src/qemu/qemu_migration.c: Support signal for changing speed
2011-03-22 15:53:08 +00:00
Daniel P. Berrange
118dd7d06e Wire up virDomainMigrateSetSpeed for the remote RPC driver
* src/remote/remote_protocol.x: Define wire protocol
* daemon/remote.c, src/remote/remote_driver.c: Add new
  functions for virDomainMigrateSetSpeed API
* src/remote/remote_protocol.c, src/remote/remote_protocol.h,
  daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
  daemon/remote_dispatch_table.h: Re-generate files
2011-03-22 15:53:08 +00:00
Daniel P. Berrange
cb4aba9b6a Add public API for setting migration speed on the fly
It is possible to set a migration speed limit when starting
migration. This new API allows the speed limit to be changed
on the fly to adjust to changing conditions

* src/driver.h, src/libvirt.c, src/libvirt_public.syms,
  include/libvirt/libvirt.h.in: Add virDomainMigrateSetMaxSpeed
* src/esx/esx_driver.c, src/lxc/lxc_driver.c,
  src/opennebula/one_driver.c, src/openvz/openvz_driver.c,
  src/phyp/phyp_driver.c, src/qemu/qemu_driver.c,
  src/remote/remote_driver.c, src/test/test_driver.c,
  src/uml/uml_driver.c, src/vbox/vbox_tmpl.c,
  src/vmware/vmware_driver.c, src/xen/xen_driver.c,
  src/libxl/libxl_driver.c: Stub new API
2011-03-22 15:53:08 +00:00
Hu Tao
c33ac2e3b9 qemu: fallback to HMP drive_add/drive_del
fallback to HMP drive_add/drive_del commands if not found in QMP
2011-03-22 15:03:58 +01:00
Jiri Denemark
24c56ceb08 qemu: Only use HMP passthrough if it is supported
Avoids calling text monitor methods when it is know they will not
succeed and also results in nicer error messages.
2011-03-22 15:03:58 +01:00
Jiri Denemark
abdfca09f5 qemu: Detect support for HMP passthrough 2011-03-22 15:03:57 +01:00
Thibault Vincent
3415eeb53e qemu: add two hook script events "prepare" and "release"
Fix for bug https://bugzilla.redhat.com/show_bug.cgi?id=618970

The "prepare" hook is called very early in the VM statup process
before device labeling, so that it can allocate ressources not
managed by libvirt, such as DRBD, or for instance create missing
bridges and vlan interfaces.
* src/util/hooks.c src/util/hooks.h: add definitions for new hooks
  VIR_HOOK_QEMU_OP_PREPARE and VIR_HOOK_QEMU_OP_RELEASE
* src/qemu/qemu_process.c: use them in qemuProcessStart and
  qemuProcessStop()
2011-03-22 21:12:36 +08:00
Eric Blake
a24ada4e09 qemu: simplify interface fd handling in monitor
With only a single caller to these two monitor commands, I
didn't need to wrap a new WithFds version, but just change
the command itself.

* src/qemu/qemu_monitor.h (qemuMonitorAddNetdev)
(qemuMonitorAddHostNetwork): Add parameters.
* src/qemu/qemu_monitor.c (qemuMonitorAddNetdev)
(qemuMonitorAddHostNetwork): Add support for fd passing.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Use it to
simplify code.
2011-03-21 10:47:48 -06:00
Eric Blake
098312391e qemu: simplify PCI configfd handling in monitor
This is also a bug fix - on the error path, qemu_hotplug would
leave the configfd file leaked into qemu.  At least the next
attempt to hotplug a PCI device would reuse the same fdname,
and when the qemu getfd monitor command gets a new fd by the
same name as an earlier one, it closes the earlier one, so there
is no risk of qemu running out of fds.

* src/qemu/qemu_monitor.h (qemuMonitorAddDeviceWithFd): New
prototype.
* src/qemu/qemu_monitor.c (qemuMonitorAddDevice): Move guts...
(qemuMonitorAddDeviceWithFd): ...to new function, and add support
for fd passing.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostPciDevice): Use it
to simplify code.
Suggested by Daniel P. Berrange.
2011-03-21 10:47:48 -06:00
Eric Blake
058d4efa58 qemu: simplify monitor fd error handling
qemu_monitor was already returning -1 and setting errno to EINVAL
on any attempt to send an fd without a unix socket, but this was
a silent failure in the case of qemuDomainAttachHostPciDevice.
Meanwhile, qemuDomainAttachNetDevice was doing some sanity checking
for a better error message; it's better to consolidate that to a
central point in the API.

* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Move sanity
checking...
* src/qemu/qemu_monitor.c (qemuMonitorSendFileHandle): ...into
central location.
Suggested by Chris Wright.
2011-03-21 10:47:48 -06:00
Eric Blake
4c7508b4de udev: fix regression with qemu:///session
https://bugzilla.redhat.com/show_bug.cgi?id=684655 points out
a regression introduced in commit 2215050edd - non-root users
can't connect to qemu:///session because libvirtd dies when
it can't use pciaccess initialization.

* src/node_device/node_device_udev.c (udevDeviceMonitorStartup):
Don't abort udev driver (and libvirtd overall) if non-root user
can't use pciaccess.
2011-03-21 10:47:48 -06:00
Eric Blake
dd5564f218 logging: fix off-by-one bug
Valgrind caught that our log wrap-around was going 1 past the end.
Regression introduced in commit b16f47a; previously the
buffer was static and size+1 bytes, but now it is dynamic and
exactly size bytes.

* src/util/logging.c (virLogStr): Don't write past end of log.
2011-03-21 09:35:01 -06:00
Wen Congyang
3c2b210a3c do not report OOM error when prepareCall() failed
We have reported error in the function prepareCall(), and
the error is not only OOM error. So we should not report
OOM error in the function call() when prepareCall() failed.
2011-03-21 09:28:25 -06:00
Eric Blake
8351358fb4 util: guarantee sane errno in virFileIsExecutable
If virFileIsExecutable is to replace access(file,X_OK), then
errno must be usable on failure.

* src/util/util.c (virFileIsExecutable): Set errno on failure.
2011-03-21 09:22:30 -06:00
Tiziano Mueller
83bc4fa7fa update virGetVersion description
The current description suggests that you always have to provide
a valid typeVer pointer. But if you want only the libvirt version
it's also possible to set type and typeVer to NULL to skip the
hypervisor part.
2011-03-18 17:09:28 -06:00
Hu Tao
ae5155768f Don't return an error on failure to create blkio controller
This patch enables cgroup controllers as much as possible by skipping
the creation of blkio controller when running with old kernels that
doesn't support multi-level directory for blkio controller.

Signed-off-by: Hu Tao <hutao@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-03-18 16:59:03 -06:00
Eric Blake
496084175a qemu: respect locking rules
THREADS.txt states that the contents of vm should not be read or
modified while the vm lock is not held, but that the lock must not
be held while performing a monitor command.  This fixes all the
offenders that I could find.

* src/qemu/qemu_process.c (qemuProcessStartCPUs)
(qemuProcessInitPasswords, qemuProcessStart): Don't modify or
refer to vm state outside lock.
* src/qemu/qemu_driver.c (qemudDomainHotplugVcpus): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainChangeGraphicsPasswords):
Likewise.
2011-03-18 13:32:17 -06:00
Laine Stump
b538cdd5a9 network driver: log error and abort network startup when radvd isn't found
This is detailed in:

  https://bugzilla.redhat.com/show_bug.cgi?id=688957

Since radvd is executed by daemonizing it, the attempt to exec the
radvd binary doesn't happen until after libvirtd has already received
an exit code from the intermediate forked process, so no error is
detected or logged by __virExec().

We can't require radvd as a prerequisite for the libvirt package (many
installations don't use IPv6, so they don't need it), so instead we
add in a check to verify there is an executable radvd binary prior to
trying to exec it.
2011-03-18 14:53:45 -04:00
Jean-Baptiste Rouault
9db5679b02 openvz: fix a simple bug in openvzListDefinedDomains()
This patch adds missing curly brackets to an if
statement in openvzListDefinedDomains()
2011-03-18 11:05:34 -06:00
Daniel P. Berrange
635523f74a Fix delayed event delivery when SASL is active
When SASL is active, it was possible that we read and decoded
more data off the wire than we initially wanted. The loop
processing this data terminated after only one message to
avoid delaying the calling thread, but this could delay
event delivery. As long as there is decoded SASL data in
memory, we must process it, before returning to the poll()
event loop.

This is a counterpart to the same kind of issue solved in

  commit 68d2c3482f

in a different area of the code

* src/remote/remote_driver.c: Process all pending SASL data
2011-03-18 16:47:46 +00:00
Daniel P. Berrange
e0d014f237 Ensure binary is resolved wrt $PATH in virExec
virExec would only resolved the binary to $PATH if no env
variables were being set. Since there is no execvep() API
in POSIX, we use virFindFileInPath to manually resolve
the binary and then use execv() instead of execvp().
2011-03-18 16:40:01 +00:00
Jim Fehlig
2b84e445d5 Add libxenlight driver
Add a new xen driver based on libxenlight [1], which is the primary
toolstack starting with Xen 4.1.0.  The driver is stateful and runs
privileged only.

Like the existing xen-unified driver, the libxenlight driver is
accessed with xen:// URI.  Driver selection is based on the status
of xend.  If xend is running, the libxenlight driver will not load
and xen:// connections are handled by xen-unified.  If xend is not
running *and* the libxenlight driver is available, xen://
connections are deferred to the libxenlight driver.

V6:
 - Address several code style issues noted by Daniel Veillard
 - Make drive work with xen:/// URI
 - Hold domain object reference while domain is injected in
   libvirt event loop.  Race found and fixed by Markus Groß.

V5:
 - Ensure events are unregistered when domain private data
   is destroyed.  Discovered and fixed by Markus Groß.

V4:
 - Handle restart of libvirtd, reconnecting to previously
   started domains
 - Rebased to current master
 - Tested against Xen 4.1 RC7-pre (c/s 22961:c5d121fd35c0)

V3:
  - Reserve vnc port within driver when autoport=yes

V2:
  - Update to Xen 4.1 RC6-pre (c/s 22940:5a4710640f81)
  - Rebased to current master
  - Plug memory leaks found by Stefano Stabellini and valgrind
  - Handle SHUTDOWN_crash domain death event

[1] http://lists.xensource.com/archives/html/xen-devel/2009-11/msg00436.html
2011-03-18 08:57:48 -06:00
Jiri Denemark
fba550f651 util: Forbid calling hash APIs from iterator callback
Calling most hash APIs is not safe from inside of an iterator callback.
Exceptions are APIs that do not modify the hash table and removing
current hash entry from virHashFroEach callback.

This patch make all APIs which are not safe fail instead of just relying
on the callback being nice not calling any unsafe APIs.
2011-03-18 10:54:56 +01:00
Jiri Denemark
c3ad755f58 qemu: Fix copy&paste error messages in text monitor 2011-03-18 10:49:11 +01:00
Wen Congyang
d5df67be3c do not unref obj in qemuDomainObjExitMonitor*
Steps to reproduce this bug:
# cat test.sh
  #! /bin/bash -x
  virsh start domain
  sleep 5
  virsh qemu-monitor-command domain 'cpu_set 2 online' --hmp
# while true; do ./test.sh ; done

Then libvirtd will crash.

The reason is that:
we add a reference of obj when we open the monitor. We will reduce this
reference when we free the monitor.

If the reference of monitor is 0, we will free monitor automatically and
the reference of obj is reduced.

But in the function qemuDomainObjExitMonitorWithDriver(), we reduce this
reference again when the reference of monitor is 0.

It will cause the obj be freed in the function qemuDomainObjEndJob().

Then we start the domain again, and libvirtd will crash in the function
virDomainObjListSearchName(), because we pass a null pointer(obj->def->name)
to strcmp().

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-18 01:26:31 -04:00
Wen Congyang
e2aec53b97 qemu: check driver name while attaching disk
This bug was reported by Shi Jin(jinzishuai@gmail.com):
=============
# virsh attach-disk RHEL6RC /var/lib/libvirt/images/test3.img vdb \
        --driver file --subdriver qcow2
Disk attached successfully

# virsh save RHEL6RC /var/lib/libvirt/images/memory.save
Domain RHEL6RC saved to /var/lib/libvirt/images/memory.save

# virsh restore /var/lib/libvirt/images/memory.save
error: Failed to restore domain from /var/lib/libvirt/images/memory.save
error: internal error unsupported driver name 'file'
       for disk '/var/lib/libvirt/images/test3.img'
=============

We check the driver name when we start or restore VM, but we do
not check it while attaching a disk. This adds the same check on disk
driverName used in qemuBuildCommandLine to qemudDomainAttachDevice.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-18 00:36:37 -04:00
Daniel Veillard
10598dd568 Avoid taking lock in libvirt debug dump
As pointed out, locking the buffer from the signal handler
cannot been guaranteed to be safe, so to avoid any hazard
we prefer the trade off of dumping logs possibly messed up
by concurrent logging activity rather than risk a daemon
crash.

* src/util/logging.c: change virLogEmergencyDumpAll() to not
  take any lock on the log buffer but reset buffer content variables
  to an empty set before starting the actual dump.
2011-03-18 10:06:30 +08:00
Wen Congyang
9741f3461b unlock the monitor when unwatching the monitor
Steps to reproduce this bug:
# virsh qemu-monitor-command domain 'cpu_set 2 online' --hmp
The domain has 2 cpus, and we try to set the third cpu online.
The qemu crashes, and this command will hang.

The reason is that the refs is not 1 when we unwatch the monitor.
We lock the monitor, but we do not unlock it. So virCondWait()
will be blocked.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-17 17:29:38 -06:00
Hu Tao
d69171566d Make virDomainObjParseNode() static
Make virDomainObjParseNode() static since it is called only
in one file.
2011-03-17 16:47:55 -06:00
Nikunj A. Dadhania
78ba748ef1 virsh: fix memtune's help message for swap_hard_limit
* Correct the documentation for cgroup: the swap_hard_limit indicates
  mem+swap_hard_limit.
* Change cgroup private apis to: virCgroupGet/SetMemSwapHardLimit

Signed-off-by: Nikunj A. Dadhania <nikunj@linux.vnet.ibm.com>
2011-03-17 16:45:06 -06:00
Alex Williamson
2090b0f52d Add PCI sysfs reset access
I'm proposing we make use of $PCIDIR/reset in qemu-kvm to reset
devices on VM reset.  We need to add it to libvirt's list of
files that get ownership for device assignment.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
2011-03-17 14:52:50 -06:00
Jim Fehlig
b24b442bf7 Support Xen sysctl v8, domctl v7
xen-unstable c/s 21118:28e5409e3fb3 bumped sysctl version to 8.
xen-unstable c/s 21212:de94884a669c introduced CPU pools feature,
adding another member to xen_domctl_getdomaininfo struct.  Add a
corresponding domctl v7 struct in xen hypervisor sub-driver and
detect sysctl v8 during initialization.
2011-03-17 14:16:47 -06:00
Matthias Bolte
55fb386671 remote: Add missing virCondDestroy calls
The virCond of the remote_thread_call struct was leaked in some
places. This results in leaking the underlying mutex. Which in turn
leaks a handle on Windows.

Reported by Aliaksandr Chabatar and Ihar Smertsin.
2011-03-17 17:51:33 +01:00
Laine Stump
12775d9491 macvtap: log an error if on failure to connect to netlink socket
A bug in libnl (see https://bugzilla.redhat.com/show_bug.cgi?id=677724
and https://bugzilla.redhat.com/show_bug.cgi?id=677725) makes it very
easy to create a failure to connect to the netlink socket when trying
to open a macvtap network device ("type='direct'" in domain interface
XML). When that error occurred (during a call to libnl's nl_connect()
from libvirt's nlComm(), there was no log message, leading virsh (for
example) to report "unknown error".

There were two other cases in nlComm where an error in a libnl
function might return with failure but no error reported. In all three
cases, this patch logs a message which will hopefully be more useful.

Note that more detailed information about the failure might be
available from libnl's nl_geterror() function, but it calls
strerror(), which is not threadsafe, so we can't use it.
2011-03-16 13:46:29 -04:00
Osier Yang
98a4e5a301 storage: Fix a problem which will cause libvirtd crashed
If pool xml has no definition for "port", then "Segmentation fault"
happens when jumping to "cleanup:" to do "VIR_FREE(port)", as "port"
was not initialized in this situation.

* src/conf/storage_conf.c
2011-03-16 16:28:07 +08:00
Eric Blake
100bba0647 qemu: support migration to fd
* src/qemu/qemu_monitor.h (qemuMonitorMigrateToFd): New
prototype.
* src/qemu/qemu_monitor.c (qemuMonitorMigrateToFd): New function.
2011-03-15 16:35:43 -06:00
Eric Blake
8e42c50bd4 qemu: improve efficiency of dd during snapshots
POSIX states about dd:

If the bs=expr operand is specified and no conversions other than
sync, noerror, or notrunc are requested, the data returned from each
input block shall be written as a separate output block; if the read
returns less than a full block and the sync conversion is not
specified, the resulting output block shall be the same size as the
input block. If the bs=expr operand is not specified, or a conversion
other than sync, noerror, or notrunc is requested, the input shall be
processed and collected into full-sized output blocks until the end of
the input is reached.

Since we aren't using conv=sync, there is no zero-padding, but our
use of bs= means that a short read results in a short write.  If
instead we use ibs= and obs=, then short reads are collected and dd
only has to do a single write, which can make dd more efficient.

* src/qemu/qemu_monitor.c (qemuMonitorMigrateToFile):
Avoid 'dd bs=', since it can cause short writes.
2011-03-15 16:35:43 -06:00
Wen Congyang
ce81bc5ce8 qemu: Fallback to HMP when cpu_set QMP command is not found 2011-03-15 09:55:06 -06:00
Daniel P. Berrange
a9c32b5d62 Change message for VIR_FROM_RPC error domain
The VIR_FROM_RPC error domain is used generically for any RPC
problem, not simply XML-RPC problems.

* src/util/virterror.c: s/XML-RPC/RPC/
2011-03-15 15:26:35 +00:00
Daniel P. Berrange
bd82db4057 Add compat function for geteuid()
* configure.ac: Check for geteuid()
* src/util/util.h: Compat for geteuid()
2011-03-15 15:26:35 +00:00
Daniel P. Berrange
2a2a00eb69 Fix misc bugs in virCommandPtr
The virCommandNewArgs() method would free the virCommandPtr
if it failed to add the args. This meant errors reported in
virCommandAddArgSet() were lost. Simply removing the check
for errors from the constructor means they can be reported
correctly later

The virCommandAddEnvPassCommon() method failed to check for
errors before reallocating the cmd->env array, causing a
potential SEGV if cmd was NULL

The virCommandAddArgSet() method needs to validate that at
least 1 element in 'val's parameter is non-NULL, otherwise
code like

    cmd = virCommandNew(binary)
    virCommandAddAtg(cmd, "foo")

Would end up trying todo  execve("foo"), if binary was
NULL.
2011-03-15 15:26:35 +00:00
Daniel P. Berrange
2737b6c20b Add virSetBlocking() to allow O_NONBLOCK to be toggle on or off
The virSetNonBlock() API only allows enabling non-blocking
operations. It doesn't allow turning blocking back on. Add
a new API to allow arbitrary toggling.

* src/libvirt_private.syms, src/util/util.h
  src/util/util.c: Add virSetBlocking
2011-03-15 15:26:35 +00:00
Eric Blake
30a50fc3b0 qemu: use more appropriate error
Fixes bug in commit acacced

* src/qemu/qemu_command.c (qemuBuildCommandLine):
s/INVALID_ARG/CONFIG_UNSUPPORTED/.
Reported by Daniel P. Berrange.
2011-03-15 08:49:04 -06:00
Taku Izumi
e5d46c08af libvirt: fix a simple bug in virDomainSetMemoryFlags()
This patch fix a simple bug in virDomainSetMemoryFlags function.
The patch sent before lacks the consideration of the case
where the driver doesn't support virDomainSetMemoryFlags API.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-03-15 08:14:41 -04:00
Daniel P. Berrange
4e3117ae50 Make LXC container startup/shutdown/I/O more robust
The current LXC I/O controller looks for HUP to detect
when a guest has quit. This isn't reliable as during
initial bootup it is possible that 'init' will close
the console and let mingetty re-open it. The shutdown
of containers was also flakey because it only killed
the libvirt I/O controller and expected container
processes to gracefully follow.

Change the I/O controller such that when it see HUP
or an I/O error, it uses kill($PID, 0) to see if the
process has really quit.

Change the container shutdown sequence to use the
virCgroupKillPainfully function to ensure every
really goes away

This change makes the use of the 'cpu', 'devices'
and 'memory' cgroups controllers compulsory with
LXC

* docs/drvlxc.html.in: Document that certain cgroups
  controllers are now mandatory
* src/lxc/lxc_controller.c: Check if PID is still
  alive before quitting on I/O error/HUP
* src/lxc/lxc_driver.c: Use virCgroupKillPainfully
2011-03-15 12:12:53 +00:00
Daniel Veillard
b16f47ab61 Allow to dynamically set the size of the debug buffer
This is the part allowing to dynamically resize the debug log
buffer from it's default 64kB size. The buffer is now dynamically
allocated.
It adds a new API virLogSetBufferSize() which resizes the buffer
If passed a zero size, the buffer is deallocated and we do the small
optimization of not formatting messages which are not output anymore.
On the daemon side, it just adds a new option log_buffer_size to
libvirtd.conf and call virLogSetBufferSize() if needed
* src/util/logging.h src/util/logging.c src/libvirt_private.syms:
  make buffer dynamic and add virLogSetBufferSize() internal API
* daemon/libvirtd.conf: document the new log_buffer_size option
* daemon/libvirtd.c: read and use the new log_buffer_size option
2011-03-15 15:13:21 +08:00
Eric Blake
1c5dc4c607 qemu: consolidate duplicated monitor migration code
* src/qemu/qemu_monitor_text.h (qemuMonitorTextMigrate): Declare
in place of individual monitor commands.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONMigrate): Likewise.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextMigrateToHost)
(qemuMonitorTextMigrateToCommand, qemuMonitorTextMigrateToFile)
(qemuMonitorTextMigrateToUnix): Delete.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMigrateToHost)
(qemuMonitorJSONMigrateToCommand, qemuMonitorJSONMigrateToFile)
(qemuMonitorJSONMigrateToUnix): Delete.
* src/qemu/qemu_monitor.c (qemuMonitorMigrateToHost)
(qemuMonitorMigrateToCommand, qemuMonitorMigrateToFile)
(qemuMonitorMigrateToUnix): Consolidate shared code.
2011-03-14 21:57:43 -06:00
Eric Blake
c7af07ace4 qemu: use lighter-weight fd:n on incoming tunneled migration
Outgoing migration still uses a Unix socket and or exec netcat until
the next patch.

* src/qemu/qemu_migration.c (qemuMigrationPrepareTunnel):
Replace Unix socket with simpler pipe.
Suggested by Paolo Bonzini.
2011-03-14 21:57:42 -06:00
Osier Yang
acacced812 qemu: Check the unsigned integer overflow
As perhaps other hypervisor drivers use different capacity units,
do the checking in qemu driver instead of in conf/domain_conf.c.
2011-03-15 11:50:09 +08:00
Minoru Usui
9bfde34661 Fix performance problem of virStorageVolCreateXMLFrom()
This patch changes zerobuf variable from array to VIR_ALLOC_N().

Signed-off-by: Minoru Usui <usui@mxm.nes.nec.co.jp>
2011-03-14 21:02:17 -06:00
Laine Stump
7cc101ce0e audit: eliminate potential null pointer deref when auditing macvtap devices
The newly added call to qemuAuditNetDevice in qemuPhysIfaceConnect was
assuming that res_ifname (the name of the macvtap device) was always
valid, but this isn't the case. If openMacvtapTap fails, it always
returns NULL, which would result in a segv.

Since the audit log only needs a record of devices that are actually
sent to qemu, and a failure to open the macvtap device means that no
device will be sent to qemu, we can solve this problem by only doing
the audit if openMacvtapTap is successful (in which case res_ifname is
guaranteed valid).
2011-03-14 12:45:03 -04:00
Laine Stump
013427e6e7 network driver: don't send default route to clients on isolated networks
Normally dnsmasq will send a default route (the address of the host in
the network definition) to any client requesting an address via
DHCP. On an isolated network this makes no sense, as we have iptables
to prevent any traffic going out via that interface, so anything sent
that way would be dropped anyway.

This extra/unusable default route becomes problematic if you have
setup a guest with multiple network interfaces, with one connected to
an isolated network and another that provides connectivity to the
outside (example - one interface directly connecting to a physical
interface via macvtap, with a second connected to an isolated network
so that the host and guest can communicate (macvtap doesn't support
guest<->host communication without an external switch that supports
vepa, or reflecting all traffic back)). In this case, if the guest
chooses the default route of the isolated network, the guest will not
be able to get network traffic beyond the host.

To prevent dnsmasq from sending a default route, you can tell it to
send 0 bytes of data for the default route option (option number 3)
with --dhcp-option=3 (normally the data to send for the option would
follow the option number; no extra data means "don't send this option").

I have checked on RHEL5 (a good representative of the oldest supported
libvirt platforms) and its version of dnsmasq (2.45) does support
--dhcp-option, so this shouldn't create any compatibility problems.
2011-03-14 08:24:23 -04:00
Guido Günther
71753cb7f7 Add missing checks for read only connections
As pointed on CVE-2011-1146, some API forgot to check the read-only
status of the connection for entry point which modify the state
of the system or may lead to a remote execution using user data.
The entry points concerned are:
  - virConnectDomainXMLToNative
  - virNodeDeviceDettach
  - virNodeDeviceReAttach
  - virNodeDeviceReset
  - virDomainRevertToSnapshot
  - virDomainSnapshotDelete

* src/libvirt.c: fix the above set of entry points to error on read-only
                 connections
2011-03-14 10:56:28 +08:00
Laine Stump
13c00dde31 network driver: Use a separate dhcp leases file for each network
By default, all dnsmasq processes share the same leases file. libvirt
also uses the --dhcp-lease-max option to control the maximum number of
leases allowed. The problem is that libvirt puts in a number equal to
the number of addresses in the range for the one network handled by a
single instance of dnsmasq, but dnsmasq checks the total number of
leases in the file (which could potentially contain many more).

The solution is to tell each instance of dnsmasq to create and use its
own leases file. (/var/lib/libvirt/network/<net-name>.leases).

This file is created by dnsmasq when it starts, but not deleted when
it exists. This is fine when the network is just being stopped, but if
the leases file was left around when a network was undefined, we could
end up with an ever-increasing number of dead files - instead, we
explicitly unlink the leases file when a network is undefined.

Note that Ubuntu carries a patch against an older version of libvirt for this:

hhttps://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/713071
ttp://bazaar.launchpad.net/~serge-hallyn/ubuntu/maverick/libvirt/bugall/revision/109

I was certain I'd also seen discussion of this on libvir-list or
libvirt-users, but couldn't find it.
2011-03-11 23:49:47 -05:00
Laine Stump
e368e71040 network driver: Fix indentation from previous commit
The previous commit put a large portion of networkBuildDnsmasqArgv
inside an if { } block. This readjusts the indentation.
2011-03-11 23:49:30 -05:00
Laine Stump
7892edc9cc network driver: Start dnsmasq even if no dhcp ranges/hosts are specified.
This fixes a regression introduced in commit ad48df, and reported on
the libvirt-users list:

  https://www.redhat.com/archives/libvirt-users/2011-March/msg00018.html

The problem in that commit was that we began searching a list of ip
address definitions (rather than just having one) to look for a dhcp
range or static host; when we didn't find any, our pointer (ipdef) was
left at NULL, and when ipdef was NULL, we returned without starting up
dnsmasq.

Previously dnsmasq was started even without any dhcp ranges or static
entries, because it's still useful for DNS services.

Another problem I noticed while investigating was that, if there are
IPv6 addresses, but no IPv4 addresses of any kind, we would jump out
at an ever higher level in the call chain.

This patch does the following:

1) networkBuildDnsmasqArgv() = all uses of ipdef are protected from
   NULL dereference. (this patch doesn't change indentation, to make
   review easier. The next patch will change just the
   indentation). ipdef is intended to point to the first IPv4 address
   with DHCP info (or the first IPv4 address if none of them have any
   dhcp info).

2) networkStartDhcpDaemon() = if the loop looking for an ipdef with
   DHCP info comes up empty, we then grab the first IPv4 def from the
   list. Also, instead of returning if there are no IPv4 defs, we just
   return if there are no IP defs at all (either v4 or v6). This way a
   network that is IPv6-only will still get dnsmasq listening for DNS
   queries.

3) in networkStartNetworkDaemon() - we will startup dhcp not just if there
   are any IPv4 addresses, but also if there are any IPv6 addresses.
2011-03-11 23:49:11 -05:00
Eric Blake
de6b8a0800 qemu: fix -global argument usage
* src/qemu/qemu_command.c (qemuBuildCommandLine): Pass two
separate arguments, and fix indentation.
2011-03-11 10:11:48 -07:00
Philipp Hahn
0ed445e79c Ignore backing file errors in FS storage pool
Currently a single storage volume with a broken backing file will disable the
whole storage pool. This can happen when the backing file is on some
unavailable network storage or if the backing volume is deleted, while the
storage volumes using it remain.
Since the storage pool can not be re-activated, re-creating the missing
or deleting the now useless volumes using libvirt only is not possible.

Fixing this is a little bit tricky:
1. virStorageBackendProbeTarget() only detects the missing backing file,
   if the backing file format is not explicitly specified. If the
   backing file is created using
	   kvm-img create -f qcow2 -o backing_fmt=qcow2,backing_file=... ...
   no error is detected at this stage.
   The new return code -3 signals that the backing file could not be
   opened.
2. The backingStore.format must be >= 0, since values < 0 would break
   virStorageVolTargetDefFormat() when dumping the XML data such as
       <format type='...'/>
   Because of this the format is faked as VIR_STORAGE_FILE_RAW.
3. virStorageBackendUpdateVolTargetInfo() always opens the backing file
   and thus always detects a missing backing file.
   Since it "only" updates the capacity, allocation, owner, group, mode
   and SELinux label, just ignore errors at this stage, print an error
   message and continue.
4. Using vol-dump on a broken volume still doesn't work, but at least
   vol-destroy and pool-refresh do work now.

To reproduce:
  dir=$(mktemp -d)
  virsh pool-create-as tmp dir '' '' '' '' "$dir"
  virsh vol-create-as --format qcow2 tmp back 1G
  virsh vol-create-as --format qcow2 --backing-vol-format qcow2 --backing-vol back tmp cow 1G
  virsh vol-delete --pool tmp back
  virsh pool-refresh tmp
After the last step, the pool will be gone (because it was not persistent). As
long as the now broken image stays in the directory, you will not be able to
re-create or re-start the pool.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2011-03-11 09:54:44 -07:00
Gui Jianfeng
5f4a48cbdf remote-protocol: implement new BlkioParameters API
Remote protocol implementation of virDomainSetBlkioParameters and virDomainGetBlkioParameters.

Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-03-10 17:54:12 -07:00
Gui Jianfeng
f84a756eca qemu: implement new BlkioParameters API
Implement domainSetBlkioParameters and domainGetBlkioParameters for QEmu

Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-03-10 17:53:52 -07:00
Gui Jianfeng
d55aa8694e libvirt: implements virDomain{Get,Set}BlkioParameters
Implements virDomainSetBlkioParameters and virDomainGetBlkioParameters and initialization

Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-03-10 17:53:33 -07:00
Taku Izumi
55141abf9d setmem: implement the remote protocol to address the new API
This patch implements the remote protocol to address the new API.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-03-10 15:02:58 -07:00
Taku Izumi
cad769001c setmem: implement the code to address the new API in the qemu driver
This patch implements the code to address the new API
in the qemu driver.

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-03-10 15:02:58 -07:00
Taku Izumi
e8340a8b79 setmem: introduce a new libvirt API (virDomainSetMemoryFlags)
This patch introduces a new libvirt API (virDomainSetMemoryFlags) and
a flag (virDomainMemoryModFlags).

Signed-off-by: Taku Izumi <izumi.taku@jp.fujitsu.com>
2011-03-10 15:02:58 -07:00
Eric Blake
9516a0eca3 audit: audit use of /dev/net/tun, /dev/tapN, /dev/vhost-net
Opening raw network devices with the intent of passing those fds to
qemu is worth an audit point.  This makes a multi-part audit: first,
we audit the device(s) that libvirt opens on behalf of the MAC address
of a to-be-created interface (which can independently succeed or
fail), then we audit whether qemu actually started the network device
with the same MAC (so searching backwards for successful audits with
the same MAC will show which fd(s) qemu is actually using).  Note that
it is possible for the fd to be successfully opened but no attempt
made to pass the fd to qemu (for example, because intermediate
nwfilter operations failed) - no interface start audit will occur in
that case; so the audit for a successful opened fd does not imply
rights given to qemu unless there is a followup audit about the
attempt to start a new interface.

Likewise, when a network device is hot-unplugged, there is only one
audit message about the MAC being discontinued; again, searching back
to the earlier device open audits will show which fds that qemu quits
using (and yes, I checked via /proc/<qemu-pid>/fd that qemu _does_
close out the fds associated with an interface on hot-unplug).  The
code would require much more refactoring to be able to definitively
state which device(s) were discontinued at that point, since we
currently don't record anywhere in the XML whether /dev/vhost-net was
opened for a given interface.

* src/qemu/qemu_audit.h (qemuAuditNetDevice): New prototype.
* src/qemu/qemu_audit.c (qemuAuditNetDevice): New function.
* src/qemu/qemu_command.h (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Adjust prototype.
* src/qemu/qemu_command.c (qemuNetworkIfaceConnect)
(qemuPhysIfaceConnect, qemuOpenVhostNet): Add audit points and
adjust parameters.
(qemuBuildCommandLine): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
2011-03-10 08:35:42 -07:00
Eric Blake
c52cbe487c qemu: don't request cgroup ACL access for /dev/net/tun
Since libvirt always passes /dev/net/tun to qemu via fd, we should
never trigger the cases where qemu tries to directly open the
device.  Therefore, it is safer to deny the cgroup device ACL.

* src/qemu/qemu_cgroup.c (defaultDeviceACL): Remove /dev/net/tun.
* src/qemu/qemu.conf (cgroup_device_acl): Reflect this change.
2011-03-10 08:32:43 -07:00
Eric Blake
5d09151341 qemu: support vhost in attach-interface
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Honor vhost
designations, similar to qemu_command code paths.
* src/qemu/qemu_command.h (qemuOpenVhostNet): New prototype.
* src/qemu/qemu_command.c (qemuOpenVhostNet): Export.
2011-03-10 08:28:16 -07:00
Jiri Denemark
346236fea9 qemu: Stop guest CPUs before creating a snapshot 2011-03-10 14:36:05 +01:00
Jiri Denemark
89e75b01a0 qemu: Refactor qemuDomainSnapshotCreateXML 2011-03-10 14:36:05 +01:00
Jiri Denemark
81711cee34 qemu: Escape snapshot name passed to {save,load,del}vm 2011-03-10 14:36:05 +01:00
Jiri Denemark
89241fe0d1 qemu: Fallback to HMP for snapshot commands
qemu driver in libvirt gained support for creating domain snapshots
almost a year ago in libvirt 0.8.0. Since then we enabled QMP support
for qemu >= 0.13.0 but QMP equivalents of {save,load,del}vm commands are
not implemented in current qemu (0.14.0) so the domain snapshot support
is not very useful.

This patch detects when the appropriate QMP command is not implemented
and tries to use human-monitor-command (aka HMP passthrough) to run
it's HMP equivalent.
2011-03-10 14:36:05 +01:00
Jiri Denemark
b3c6ec03b8 qemu: Rename qemuMonitorCommandWithHandler as qemuMonitorText*
To make it more obvious that it is only used for text monitor. The
naming also matches the style of qemuMonitorTextCommandWithFd.
2011-03-10 14:36:05 +01:00
Jiri Denemark
39b4f4aab2 qemu: Rename qemuMonitorCommand{,WithFd} as qemuMonitorHMP*
So that it's obvious that they are supposed to be used with HMP commands.
2011-03-10 14:36:04 +01:00
Jiri Denemark
266265a560 qemu: Setup infrastructure for HMP passthrough
JSON monitor command implementation can now just directly call text
monitor implementation and it will be automatically encapsulated into
QMP's human-monitor-command.
2011-03-10 14:36:04 +01:00
Jiri Denemark
3b8bf4a3a9 qemu: Fix warnings in event handlers
Some qemu monitor event handlers were issuing inadequate warning when
virDomainSaveStatus() failed. They copied the message from I/O error
handler without customizing it to provide better information on why
virDomainSaveStatus() was called.
2011-03-10 14:18:37 +01:00
Osier Yang
d999376954 storage: Update qemu-img flag checking
For newer qemu-img, the help string for "backing file format" is
"[-F backing_fmt]".

Fix the wrong logic error by commit e997c268.

* src/storage/storage_backend.c
2011-03-10 15:02:28 +08:00
Osier Yang
e997c268ef qemu: Replace deprecated option of qemu-img
qemu-img silently disable "-e", so we can't use it for volume
encryption anymore, change it into "-o encryption=on" if qemu
supports "-o" option.
2011-03-10 10:05:14 +08:00
Eric Blake
340ab27dd2 audit: also audit cgroup ACL permissions
* src/qemu/qemu_audit.h (qemuAuditCgroupMajor)
(qemuAuditCgroupPath): Add parameter.
* src/qemu/qemu_audit.c (qemuAuditCgroupMajor)
(qemuAuditCgroupPath): Add 'acl=rwm' to cgroup audit entries.
* src/qemu/qemu_cgroup.c: Update clients.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Likewise.
2011-03-09 11:36:59 -07:00
Eric Blake
5564c57528 cgroup: allow fine-tuning of device ACL permissions
Adding audit points showed that we were granting too much privilege
to qemu; it should not need any mknod rights to recreate any
devices.  On the other hand, lxc should have all device privileges.
The solution is adding a flag parameter.

This also lets us restrict write access to read-only disks.

* src/util/cgroup.h (virCgroup*Device*): Adjust prototypes.
* src/util/cgroup.c (virCgroupAllowDevice)
(virCgroupAllowDeviceMajor, virCgroupAllowDevicePath)
(virCgroupDenyDevice, virCgroupDenyDeviceMajor)
(virCgroupDenyDevicePath): Add parameter.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update clients.
* src/lxc/lxc_controller.c (lxcSetContainerResources): Likewise.
* src/qemu/qemu_cgroup.c: Likewise.
(qemuSetupDiskPathAllow): Also, honor read-only disks.
2011-03-09 11:35:36 -07:00
Eric Blake
48096a0064 audit: rename remaining qemu audit functions
Also add ATTRIBUTE_NONNULL markers.

* src/qemu/qemu_audit.h: The pattern qemuDomainXXXAudit is
inconsistent; prefer qemuAuditXXX instead.
* src/qemu/qemu_audit.c: Reflect the renames.
* src/qemu/qemu_driver.c: Likewise.
* src/qemu/qemu_hotplug.c: Likewise.
* src/qemu/qemu_migration.c: Likewise.
* src/qemu/qemu_process.c: Likewise.
2011-03-09 11:35:20 -07:00
Eric Blake
f2512684ad audit: also audit cgroup controller path
Although the cgroup device ACL controller path can be worked out
by researching the code, it is more efficient to include that
information directly in the audit message.

* src/util/cgroup.h (virCgroupPathOfController): New prototype.
* src/util/cgroup.c (virCgroupPathOfController): Export.
* src/libvirt_private.syms: Likewise.
* src/qemu/qemu_audit.c (qemuAuditCgroup): Use it.
2011-03-09 10:19:17 -07:00
Eric Blake
d04916faae audit: split cgroup audit types to allow more information
Device names can be manipulated, so it is better to also log
the major/minor device number corresponding to the cgroup ACL
changes that libvirt made.  This required some refactoring
of the relatively new qemu cgroup audit code.

Also, qemuSetupChardevCgroup was only auditing on failure, not success.

* src/qemu/qemu_audit.h (qemuDomainCgroupAudit): Delete.
(qemuAuditCgroup, qemuAuditCgroupMajor, qemuAuditCgroupPath): New
prototypes.
* src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Rename...
(qemuAuditCgroup): ...and drop a parameter.
(qemuAuditCgroupMajor, qemuAuditCgroupPath): New functions, to
allow listing device major/minor in audit.
(qemuAuditGetRdev): New helper function.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Adjust callers.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupHostUsbDeviceCgroup, qemuSetupCgroup)
(qemuTeardownDiskPathDeny): Likewise.
(qemuSetupChardevCgroup): Likewise, fixing missing audit.
2011-03-09 09:08:10 -07:00
Eric Blake
30ad48836e audit: tweak audit messages to match conventions
* src/qemu/qemu_audit.c (qemuDomainHostdevAudit): Avoid use of
"type", which has a pre-defined meaning.
(qemuDomainCgroupAudit): Likewise, as well as "item".
2011-03-09 08:11:31 -07:00
Eric Blake
b12a02803e docs: silence warnings about generated API docs
I noticed these while testing 'make dist'.

Parsing ./../src/util/event.c
Function comment for virEventRegisterDefaultImpl lacks description of return value
Function comment for virEventRunDefaultImpl lacks description of return value
Parsing ./../src/util/virterror.c
Missing comment for function virSetErrorLogPriorityFunc

* src/util/event.c (virEventRegisterDefaultImpl)
(virEventRunDefaultImpl): Document return types.
* src/util/virterror.c (virSetErrorLogPriorityFunc): Provide docs.
2011-03-09 08:07:09 -07:00
Cole Robinson
9189301426 Don't overwrite virRun error messages
virRun gives pretty useful error output, let's not overwrite it unless there
is a good reason. Some places were providing more information about what
the commands were _attempting_ to do, however that's usually less useful from
a debugging POV than what actually happened.
2011-03-09 08:53:12 -05:00
Guido Günther
ae1c5a936c libvirtd: Remove indirect linking
as described at
http://wiki.debian.org/ToolChain/DSOLinking
https://fedoraproject.org/wiki/UnderstandingDSOLinkChange

otherwise the build fails on current Debian unstable with:

CCLD   libvirtd
/usr/bin/ld: ../src/.libs/libvirt_driver_lxc.a(libvirt_driver_lxc_la-lxc_container.o): undefined reference to symbol 'capng_apply'
/usr/bin/ld: note: 'capng_apply' is defined in DSO //usr/lib/libcap-ng.so.0 so try adding it to the linker command line

CCLD   libvirtd
/usr/bin/ld: ../src/.libs/libvirt_driver_storage.a(libvirt_driver_storage_la-storage_backend.o): undefined reference to symbol 'fgetfilecon'
/usr/bin/ld: note: 'fgetfilecon' is defined in DSO //lib/libselinux.so.1 so try adding it to the linker command line
//lib/libselinux.so.1: could not read symbols: Invalid operation

and similar errors.
2011-03-09 13:59:58 +01:00
Hu Tao
83d35233a9 Fix a wrong error message thrown to user
* src/qemu/qemu_driver.c: qemuDomainUpdateDeviceFlags() is not disk
  specific as the message suggests
2011-03-09 20:09:25 +08:00
Eric Blake
3dfd4ea398 build: avoid compiler warning on cygwin
On cygwin:

  CC       libvirt_driver_security_la-security_dac.lo
security/security_dac.c: In function 'virSecurityDACSetProcessLabel':
security/security_dac.c:618: warning: format '%d' expects type 'int', but argument 7 has type 'uid_t' [-Wformat]

We've done this before (see src/util/util.c).

* src/security/security_dac.c (virSecurityDACSetProcessLabel): On
cygwin, uid_t is a 32-bit long.
2011-03-08 21:56:18 -07:00
Eric Blake
b1a5aefcee build: fix build on cygwin
On cygwin:

  CC        libvirt_util_la-cgroup.lo
util/cgroup.c: In function 'virCgroupKillRecursiveInternal':
util/cgroup.c:1458: warning: implicit declaration of function 'virCgroupNew' [-Wimplicit-function-declaration]

* src/util/cgroup.c (virCgroupKill): Don't build on platforms
where virCgroupNew is unsupported.
2011-03-08 21:44:24 -07:00
Daniel Veillard
d299e1d08e Fix build on cygwin
Apparently some signals found on Unix are not exposed, this led
to a compilation failure
* src/util/logging.c: make code related to each signal dependant
  upon the definition of that signal
2011-03-08 16:01:25 +08:00
Wen Congyang
0e29f71135 support to detach USB disk
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-07 11:40:12 -07:00
Wen Congyang
8f338032b9 rename qemuDomainDetachSCSIDiskDevice to qemuDomainDetachDiskDevice
The way to detach a USB disk is the same as that to detach a SCSI
disk. Rename this function and we can use it to detach a USB disk.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-03-07 11:28:15 -07:00
Cole Robinson
56a4d8127f qemu_hotplug: Reword error if spice password change not available
Currently it sounds like spice is completely unsupported, which is
confusing.
2011-03-07 13:26:46 -05:00
Wen Congyang
ac9ee6b5e0 unlock eventLoop before calling callback function
When I use newest libvirt to save a domain, libvirtd will be deadlock.
Here is the output of gdb:
(gdb) thread 3
[Switching to thread 3 (Thread 0x7f972a1fc710 (LWP 30265))]#0  0x000000351fe0e034 in __lll_lock_wait () from /lib64/libpthread.so.0
(gdb) bt
    at qemu/qemu_driver.c:2074
    ret=0x7f972a1fbbe0) at remote.c:2273
(gdb) thread 7
[Switching to thread 7 (Thread 0x7f9730bcd710 (LWP 30261))]#0  0x000000351fe0e034 in __lll_lock_wait () from /lib64/libpthread.so.0
(gdb) bt
(gdb) p *(virMutexPtr)0x6fdd60
$2 = {lock = {__data = {__lock = 2, __count = 0, __owner = 30261, __nusers = 1, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}},
    __size = "\002\000\000\000\000\000\000\000\065v\000\000\001", '\000' <repeats 26 times>, __align = 2}}
(gdb) p *(virMutexPtr)0x1a63ac0
$3 = {lock = {__data = {__lock = 2, __count = 0, __owner = 30265, __nusers = 1, __kind = 0, __spins = 0, __list = {__prev = 0x0, __next = 0x0}},
    __size = "\002\000\000\000\000\000\000\000\071v\000\000\001", '\000' <repeats 26 times>, __align = 2}}
(gdb) info threads
  7 Thread 0x7f9730bcd710 (LWP 30261)  0x000000351fe0e034 in __lll_lock_wait () from /lib64/libpthread.so.0
  6 Thread 0x7f972bfff710 (LWP 30262)  0x000000351fe0b43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  5 Thread 0x7f972b5fe710 (LWP 30263)  0x000000351fe0b43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  4 Thread 0x7f972abfd710 (LWP 30264)  0x000000351fe0b43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
* 3 Thread 0x7f972a1fc710 (LWP 30265)  0x000000351fe0e034 in __lll_lock_wait () from /lib64/libpthread.so.0
  2 Thread 0x7f97297fb710 (LWP 30266)  0x000000351fe0b43c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  1 Thread 0x7f9737aac800 (LWP 30260)  0x000000351fe0803d in pthread_join () from /lib64/libpthread.so.0

The reason is that we will try to lock some object in callback function, and we may call event API with locking the same object.
In the function virEventDispatchHandles(), we unlock eventLoop before calling callback function. I think we should
do the same thing in the function virEventCleanupTimeouts() and virEventCleanupHandles().

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-03-07 10:05:17 -07:00
Daniel P. Berrange
2ed6cc7bec Expose event loop implementation as a public API
Not all applications have an existing event loop they need
to integrate with. Forcing them to implement the libvirt
event loop integration APIs is an undue burden. This just
exposes our simple poll() based implementation for apps
to use. So instead of calling

   virEventRegister(....callbacks...)

The app would call

   virEventRegisterDefaultImpl()

And then have a thread somewhere calling

    static bool quit = false;
    ....
    while (!quit)
      virEventRunDefaultImpl()

* daemon/libvirtd.c, tools/console.c,
  tools/virsh.c: Convert to public event loop APIs
* include/libvirt/libvirt.h.in, src/libvirt_private.syms: Add
  virEventRegisterDefaultImpl and virEventRunDefaultImpl
* src/util/event.c: Implement virEventRegisterDefaultImpl
  and virEventRunDefaultImpl using poll() event loop
* src/util/event_poll.c: Add full error reporting
* src/util/virterror.c, include/libvirt/virterror.h: Add
  VIR_FROM_EVENTS
2011-03-07 14:16:13 +00:00
Daniel P. Berrange
343eaa150b Move event code out of the daemon/ into src/util/
The event loop implementation is used by more than just the
daemon, so move it into the shared area.

* daemon/event.c, src/util/event_poll.c: Renamed
* daemon/event.h, src/util/event_poll.h: Renamed
* tools/Makefile.am, tools/console.c, tools/virsh.c: Update
  to use new virEventPoll APIs
* daemon/mdns.c, daemon/mdns.c, daemon/Makefile.am: Update
  to use new virEventPoll APIs
2011-03-07 14:16:13 +00:00
Daniel Veillard
bcb40b852c Cleaning up some of the logging code
* src/util/logging.c: fix virLogDumpAllFD() to avoid snprintf, simplify
  the code and provide more useful signal descriptions. Also remove an
  unused variable.
2011-03-07 21:23:53 +08:00
Osier Yang
82dfc6f38e qemu: Support vram for video of qxl type
For qemu names the primary vga as "qxl-vga":

  1) if vram is specified for 2nd qxl device:

    -vga qxl -global qxl-vga.vram_size=$SIZE \
    -device qxl,id=video1,vram_size=$SIZE,...

  2) if vram is not specified for 2nd qxl device, (use the default
     set by global):

    -vga qxl -global qxl-vga.vram_size=$SIZE \
    -device qxl,id=video1,...

For qemu names all qxl devices as "qxl":

  1) if vram is specified for 2nd qxl device:

    -vga qxl -global qxl.vram_size=$SIZE \
    -device qxl,id=video1,vram_size=$SIZE ...

  2) if vram is not specified for 2nd qxl device:

    -vga qxl -global qxl-vga.vram_size=$SIZE \
    -device qxl,id=video1,...

"-global" is the only way to define vram_size for the primary qxl
device, regardless of how qemu names it, (It's not good a good
way, as original idea of "-global" is to set a global default for
a driver property, but to specify vram for first qxl device, we
have to use it).

For other qxl devices, as they are represented by "-device", could
specify it directly and seperately for each, and it overrides the
default set by "-global" if specified.

v1 - v2:
  * modify "virDomainVideoDefaultRAM" so that it returns 16M as the
    default vram_size for qxl device.

  * vram_size * 1024 (qemu accepts bytes for vram_size).

  * apply default vram_size for qxl device for which vram_size is
    not specified.

  * modify "graphics-spice" tests (more sensiable vram_size)

  * Add an argument of virDomainDefPtr type for qemuBuildVideoDevStr,
    to use virDomainVideoDefaultRAM in qemuBuildVideoDevStr).

v2 - v3:
  * Modify default video memory size for qxl device from 16M to 24M

  * Update codes to be consistent with changes on qemu_capabilities.*
2011-03-06 22:00:27 +08:00
Phil Petty
5a81401235 fixes for several memory leaks
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-03-04 09:52:12 -07:00
Daniel Veillard
398553c157 Add an an internal API for emergency dump of debug buffer
virLogEmergencyDumpAll() allows to dump the content of the
debug buffer from within a signal handler. It saves to all
log file or stderr if none is found
* src/util/logging.h src/util/logging.c: add the new API
  and cleanup the old virLogDump code
* src/libvirt_private.syms: exports it as a private symbol
2011-03-04 22:43:55 +08:00
Daniel Veillard
35708ec151 Fix a counter bug in the log buffer
* src/util/logging.c: the start pointer need to wrap around too
2011-03-04 22:43:55 +08:00
Daniel Veillard
8b9a1190c1 Force all logs to go to the round robbin memory buffer
Initially only the log actually written out by libvirt were
saved on the memory buffer, this patch forces all informations
including info and debug to be saved in memory too. This is
useful to get full data in case of crash.
2011-03-04 22:43:55 +08:00
Laine Stump
f8ac67909d qemu: avoid corruption of domain hashtable and misuse of freed domains
This was also found while investigating

   https://bugzilla.redhat.com/show_bug.cgi?id=670848

An EOF on a domain's monitor socket results in an event being queued
to handle the EOF. The handler calls qemuProcessHandleMonitorEOF. If
it is a transient domain, this leads to a call to
virDomainRemoveInactive, which removes the domain from the driver's
hashtable and unref's it. Nowhere in this code is the qemu driver lock
acquired.

However, all modifications to the driver's domain hashtable *must* be
done while holding the driver lock, otherwise the hashtable can become
corrupt, and (even more likely) another thread could call a different
hashtable function and acquire a pointer to the domain that is in the
process of being destroyed.

To prevent such a disaster, qemuProcessHandleMonitorEOF must get the
qemu driver lock *before* it gets the DomainObj's lock, and hold it
until it is finished with the DomainObj. This guarantees that nobody
else modifies the hashtable at the same time, and that anyone who had
already gotten the DomainObj from the hashtable prior to this call has
finished with it before we remove/destroy it.
2011-03-04 08:13:11 -05:00
Laine Stump
e570ca1246 qemu: Add missing lock of virDomainObj before calling virDomainUnref
This was found while researching the root cause of:

https://bugzilla.redhat.com/show_bug.cgi?id=670848

virDomainUnref should only be called with the lock held for the
virDomainObj in question. However, when a transient qemu domain gets
EOF on its monitor socket, it queues an event which frees the monitor,
which unref's the virDomainObj without first locking it. If another
thread has already locked the virDomainObj, the modification of the
refcount could potentially be corrupted. In an extreme case, it could
also be potentially unlocked by virDomainObjFree, thus left open to
modification by anyone else who would have otherwise waited for the
lock (not to mention the fact that they would be accessing freed
data!).

The solution is to have qemuMonitorFree lock the domain object right
before unrefing it. Since the caller to qemuMonitorFree doesn't expect
this lock to be held, if the refcount doesn't go all the way to 0,
qemuMonitorFree must unlock it after the unref.
2011-03-04 08:12:58 -05:00
Matthias Bolte
b31d6c1269 esx: Escape password for XML
Passwords are allowed to contain <, >, &, ', " characters.
Those need to be replaced by the corresponding entities.

Reported by Hereward Cooper.
2011-03-03 22:18:09 +01:00
Eric Blake
d152f64760 util: correct retry path in virFileOperation
In virFileOperation, the parent does a fallback to a non-fork
attempt if it detects that the child returned EACCES.  However,
the child was calling _exit(-EACCES), which does _not_ appear
as EACCES in the parent.

* src/util/util.c (virFileOperation): Correctly pass EACCES from
child to parent.
2011-03-03 08:12:08 -07:00
Soren Hansen
e5f3b90e97 Pass virSecurityManagerPtr to virSecurityDAC{Set, Restore}ChardevCallback
virSecurityDAC{Set,Restore}ChardevCallback expect virSecurityManagerPtr,
but are passed virDomainObjPtr instead. This makes
virSecurityDACSetChardevLabel set a wrong uid/gid on chardevs. This
patch fixes this behaviour.

Signed-off-by: Soren Hansen <soren@linux2go.dk>
2011-03-03 08:08:16 -07:00
Jiri Denemark
9677cd33ee util: Allow removing hash entries in virHashForEach
This fixes a possible crash of libvirtd during its startup. When qemu
driver reconnects to running domains, it iterates over all domain
objects in a hash. When reconnecting to an associated qemu monitor
fails and the domain is transient, it's immediately removed from the
hash. Despite the fact that it's explicitly forbidden to do so. If
libvirtd is lucky enough, virHashForEach will access random memory when
the callback finishes and the deamon will crash.

Since it's trivial to fix virHashForEach to allow removal of hash
entries while iterating through them, I went this way instead of fixing
qemuReconnectDomain callback (and possibly others) to avoid deleting the
entries.
2011-03-03 15:22:16 +01:00
Daniel P. Berrange
d6d30cd4ae Attempt to improve an error message
Replace the 'Unknown failure' error message with something a
little bit more descriptive.

* src/util/virterror.c: Improve error message
2011-03-03 14:17:12 +00:00
Eric Blake
4f805dcdc4 qemu: avoid double close on domain restore
qemudDomainSaveImageStartVM was evil - it closed the incoming fd
argument on some, but not all, code paths, without informing the
caller about that action.  No wonder that this resulted in
double-closes: https://bugzilla.redhat.com/show_bug.cgi?id=672725

* src/qemu/qemu_driver.c (qemudDomainSaveImageStartVM): Alter
signature, to avoid double-close.
(qemudDomainRestore, qemudDomainObjRestore): Update callers.
2011-03-02 08:58:49 -07:00
Daniel P. Berrange
6a8ef183be add additional event debug points
Followup to commit 2222bd24
2011-03-01 16:54:20 -07:00
Eric Blake
7c6b22c4d5 qemu: only request sound cgroup ACL when required
When a SPICE or VNC graphics controller is present, and sound is
piggybacked over a channel to the graphics device rather than
directly accessing host hardware, then there is no need to grant
host hardware access to that qemu process.

* src/qemu/qemu_cgroup.c (qemuSetupCgroup): Prevent sound with
spice, and with vnc when vnc_allow_host_audio is 0.
Reported by Daniel Berrange.
2011-02-28 09:42:25 -07:00
Daniel P. Berrange
3c37a171a2 Add check for kill() to fix build of cgroups on win32
The kill() function doesn't exist on Win32, so it needs to be
checked for at build time & code disabled in cgroups

* configure.ac: Check for kill()
* src/util/cgroup.c: Stub out virCGroupKill* functions
  when kill() isn't available
2011-02-28 14:13:58 +00:00
Michal Novotny
3ee7cf6c9b Add support for multiple serial ports into the Xen driver
this is the patch to add support for multiple serial ports to the
libvirt Xen driver. It support both old style (serial = "pty") and
new style (serial = [ "/dev/ttyS0", "/dev/ttyS1" ]) definition and
tests for xml2sexpr, sexpr2xml and xmconfig have been added as well.

Written and tested on RHEL-5 Xen dom0 and working as designed but
the Xen version have to have patch for RHBZ #614004 but this patch
is for upstream version of libvirt.

Also, this patch is addressing issue described in RHBZ #670789.

Signed-off-by: Michal Novotny <minovotn@redhat.com>
2011-02-25 11:33:27 -07:00
Michal Novotny
79c3fe4d16 Fix port value parsing for serial and parallel ports
this is the patch to fix the virDomainChrDefParseTargetXML() functionality
to parse the target port from XML if available. This is necessary for
multiple serial port support which is the second part of this patch.

Signed-off-by: Michal Novotny <minovotn@redhat.com>
2011-02-25 11:33:27 -07:00
Daniel P. Berrange
33191b419c Add APIs for killing off processes inside a cgroup
The virCgroupKill method kills all PIDs found in a cgroup

The virCgroupKillRecursively method does this recursively
for child cgroups.

The virCgroupKillPainfully method does a recursive kill
several times in a row until everything has really died
2011-02-25 14:21:30 +00:00
Daniel P. Berrange
16ba2aafc4 Allow hash tables to use generic pointers as keys
Relax the restriction that the hash table key must be a string
by allowing an arbitrary hash code generator + comparison func
to be provided

* util/hash.c, util/hash.h: Allow any pointer as a key
* internal.h: Include stdbool.h as standard.
* conf/domain_conf.c, conf/domain_conf.c,
  conf/nwfilter_params.c, nwfilter/nwfilter_gentech_driver.c,
  nwfilter/nwfilter_gentech_driver.h, nwfilter/nwfilter_learnipaddr.c,
  qemu/qemu_command.c, qemu/qemu_driver.c,
  qemu/qemu_process.c, uml/uml_driver.c,
  xen/xm_internal.c: s/char */void */ in hash callbacks
2011-02-25 13:00:54 +00:00
Daniel P. Berrange
6952708ca4 Remove deallocator parameter from hash functions
Since the deallocator is passed into the constructor of
a hash table it is not desirable to pass it into each
function again. Remove it from all functions, but provide
a virHashSteal to allow a item to be removed from a hash
table without deleteing it.

* src/util/hash.c, src/util/hash.h: Remove deallocator
  param from all functions. Add virHashSteal
* src/libvirt_private.syms: Add virHashSteal
* src/conf/domain_conf.c, src/conf/nwfilter_params.c,
  src/nwfilter/nwfilter_learnipaddr.c,
  src/qemu/qemu_command.c, src/xen/xm_internal.c: Update
  for changed hash API
2011-02-25 13:00:46 +00:00
Philipp Hahn
0905d1ee95 Fix spelling mistake: seek
Replace wrong "set" by correct "seek" in error message.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2011-02-24 14:19:15 -07:00
Eric Blake
1aaef5ad72 audit: audit qemu pci and usb device passthrough
* src/qemu/qemu_audit.h (qemuDomainHostdevAudit): New prototype.
* src/qemu/qemu_audit.c (qemuDomainHostdevAudit): New function.
(qemuDomainStartAudit): Call as appropriate.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostPciDevice)
(qemuDomainAttachHostUsbDevice, qemuDomainDetachHostPciDevice)
(qemuDomainDetachHostUsbDevice): Likewise.
2011-02-24 13:32:17 -07:00
Eric Blake
e25f2c74df audit: audit qemu memory and vcpu adjusments
* src/qemu/qemu_audit.h (qemuDomainMemoryAudit)
(qemuDomainVcpuAudit): New prototypes.
* src/qemu/qemu_audit.c (qemuDomainResourceAudit)
(qemuDomainMemoryAudit, qemuDomainVcpuAudit): New functions.
(qemuDomainStartAudit): Call as appropriate.
* src/qemu/qemu_driver.c (qemudDomainSetMemory)
(qemudDomainHotplugVcpus): Likewise.
2011-02-24 13:32:17 -07:00
Eric Blake
6bb98d419f audit: add qemu hooks for auditing cgroup events
* src/qemu/qemu_audit.h (qemuDomainCgroupAudit): New prototype.
* src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Implement it.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Add audit.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
(qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.
2011-02-24 13:32:15 -07:00
Eric Blake
b4d3434fc2 audit: prepare qemu for listing vm in cgroup audits
* src/qemu/qemu_cgroup.h (struct qemuCgroupData): New helper type.
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Drop unneeded prototypes.
(qemuSetupDiskCgroup, qemuTeardownDiskCgroup): Adjust prototype.
* src/qemu/qemu_cgroup.c
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Mark static and use new type.
(qemuSetupHostUsbDeviceCgroup): Use new type.
(qemuSetupDiskCgroup): Alter signature.
(qemuSetupCgroup): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostUsbDevice)
(qemuDomainDetachPciDiskDevice, qemuDomainDetachSCSIDiskDevice):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainAttachDevice)
(qemuDomainUpdateDeviceFlags): Likewise.
2011-02-24 13:31:05 -07:00
Eric Blake
061738764d cgroup: determine when skipping non-devices
* src/util/cgroup.c (virCgroupAllowDevicePath)
(virCgroupDenyDevicePath): Don't fail with EINVAL for
non-devices.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update caller.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
(qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.
2011-02-24 13:31:05 -07:00
Eric Blake
fd21ecfd49 virExec: avoid uninitialized memory usage
valgrind warns:

==21079== Syscall param rt_sigaction(act->sa_mask) points to uninitialised byte(s)
==21079==    at 0x329840F63E: __libc_sigaction (sigaction.c:67)
==21079==    by 0x4E5A8E7: __virExec (util.c:661)

Regression introduced in commit ab07533e.  Technically, sa_mask
shouldn't affect operation if sa_flags selects sa_handler, and
sa_handler selects SIG_IGN, but better safe than sorry.

* src/util/util.c (__virExec): Supply missing sigemptyset.
2011-02-24 13:12:52 -07:00
Daniel P. Berrange
4f2094a8a6 Allow 32-on-64 execution for LXC guests
Using the 'personality(2)' system call, we can make a container
on an x86_64 host appear to be i686. Likewise for most other
Linux 64bit arches.

* src/lxc/lxc_conf.c: Fill in 32bit capabilities for x86_64 hosts
* src/lxc/lxc_container.h, src/lxc/lxc_container.c: Add API to
  check if an arch has a 32bit alternative
* src/lxc/lxc_controller.c: Set the process personality when
  starting guest
2011-02-24 12:04:29 +00:00
Daniel P. Berrange
35416720c2 Put <stdbool.h> into internal.h so it is available everywhere
Remove the <stdbool.h> header from all source files / headers
and just put it into internal.h

* src/internal.h: Add <stdbool.h>
2011-02-24 12:04:06 +00:00
Jiri Denemark
9fc4b6a606 qemu: Switch over command line capabilities to virBitmap
This is done for two reasons:
- we are getting very close to 64 flags which is the maximum we can use
  with unsigned long long
- by using LL constants in enum we already violates C99 constraint that
  enum values have to fit into int
2011-02-24 12:10:00 +01:00
Jiri Denemark
23d935bd97 qemu: Rename qemud\?CmdFlags to qemuCaps
The new name complies more with the fact that it contains a set of
qemuCapsFlags.
2011-02-24 12:08:34 +01:00
Jiri Denemark
a96d08dc53 qemu: Use helper functions for handling cmd line capabilities
Three new functions (qemuCapsSet, qemuCapsClear, and qemuCapsGet) were
introduced replacing direct bit operations.
2011-02-24 12:07:06 +01:00
Jiri Denemark
21642e82b1 qemu: Rename QEMUD_CMD_FLAG_* to QEMU_CAPS_*
The new names comply more with the fact that they are all members of
enum qemuCapsFlags.
2011-02-24 12:05:39 +01:00
Jiri Denemark
40641f2a63 util: Add API for converting virBitmap into printable string 2011-02-24 12:03:04 +01:00
Jiri Denemark
533bee8249 util: Use unsigned long as a base type for virBitmap 2011-02-24 12:00:52 +01:00
Daniel P. Berrange
6704e3fdb3 Expose name + UUID to LXC containers via env variables
When spawning 'init' in the container, set

  LIBVIRT_LXC_UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
  LIBVIRT_LXC_NAME=YYYYYYYYYYYY

to allow guest software to detect & identify that they
are in a container

* src/lxc/lxc_container.c: Set LIBVIRT_LXC_UUID and
  LIBVIRT_LXC_NAME env vars
2011-02-23 11:41:02 +00:00
Daniel P. Berrange
9f5bbe3b92 Fix off-by-1 in virFileAbsPath.
The virFileAbsPath was not taking into account the '/' directory
separator when allocating memory for combining cwd + path. Convert
to use virAsprintf to avoid this type of bug completely.

* src/util/util.c: Convert virFileAbsPath to use virAsprintf
2011-02-23 11:11:45 +00:00
Daniel P. Berrange
08fb2a9ce8 Fix group/mode for /dev/pts inside LXC container
Normal practice for /dev/pts is to have it mode=620,gid=5
but LXC was leaving mode=000,gid=0 preventing unprivilegd
users in the guest use of PTYs

* src/lxc/lxc_controller.c: Fix /dev/pts setup
2011-02-23 11:11:35 +00:00
Eric Blake
009fce98be security: avoid memory leak
Leak introduced in commit d6623003.

* src/qemu/qemu_driver.c (qemuSecurityInit): Avoid leak on failure.
* src/security/security_stack.c (virSecurityStackClose): Avoid
leaking component drivers.
2011-02-22 09:50:34 -07:00
Roopa Prabhu
dfd39ccda8 802.1Qbh: Delay IFF_UP'ing interface until migration final stage
Current code does an IFF_UP on a 8021Qbh interface immediately after a port
profile set. This is ok in most cases except when its the migration prepare
stage. During migration we want to postpone IFF_UP'ing the interface on the
destination host until the source host has disassociated the interface.
This patch moves IFF_UP of the interface to the final stage of migration.
The motivation for this change is to postpone any addr registrations on the
destination host until the source host has done the addr deregistrations.

While at it, for symmetry with associate move ifDown of a 8021Qbh interface
to before disassociate
2011-02-22 07:48:54 -05:00
Osier Yang
9f928af12b storage: make debug log more useful
"__func__" is useless there, as VIR_DEBUG will print the function
name.

* src/storage/storage_backend_mpath.c
2011-02-22 10:10:31 +08:00
Markus Groß
3e53c7f954 Renamed functions in xenxs 2011-02-21 11:15:08 -07:00