Commit Graph

362 Commits

Author SHA1 Message Date
Jim Fehlig
f5bc5bd4df libxl: use job functions in libxlDomain{Suspend,Resume}
These operations aren't necessarily time consuming, but need to
wait in the queue of modify jobs.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
ac1444c35f libxl: use job functions in libxlDomainSetMemoryFlags
Large balloon operation can be time consuming.  Use the recently
added job functions and unlock the virDomainObj while ballooning.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
491593e840 libxl: use job functions in libxlVmStart
Creating a large domain could potentially be time consuming.  Use the
recently added job functions and unlock the virDomainObj while
the create operation is in progress.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
4b4b61c329 libxl: Add job support to libxl driver
Follows the pattern used in the QEMU driver for managing multiple,
simultaneous jobs within the driver.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
343119a44b libxl: remove libxlVmReap function
This function, which only has five call sites, simply calls
libxl_domain_destroy and libxlVmCleanup.  Call those functions
directly at the call sites, allowing more control over how a
domain is destroyed and cleaned up.  This patch maintains the
existing semantic, leaving changes to a subsequent patch.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
219d34cfe2 libxl: always set vm id to -1 on shutdown
Once a domain has reached the shutdown state, set its ID to -1.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-19 11:10:00 -07:00
Jim Fehlig
2fbfedeb0d libxl: fix libxlDoDomainSave documentation
Update the function's comment, which was missed when removing use of
the driver lock everywhere.
2014-02-11 11:03:53 -07:00
Jim Fehlig
3d8a3d6e5b libxl: register for domain events immediately after creation
A small fix for the possiblitiy of jumping to an error path before
registering for domain events, preventing receiving important ones
like shutdown and death.
2014-02-11 11:03:53 -07:00
Jim Fehlig
e20bf46741 libxl: rename libxlCreateDomEvents to libxlDomEventsRegister
libxlDomEventsRegister better reflects its purpose: register for
domain events from libxl.
2014-02-11 11:03:53 -07:00
Jim Fehlig
630b645695 libxl: remove unneeded locking of driver when restoring
libxlDomainRestoreFlags acquires the driver lock while reading the
domain config from the save file and adding it to
libxlDriverPrivatePtr->domains.  But virDomainObjList provides
self-locking APIs, so remove the needless driver locking.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-06 10:39:32 -07:00
Jim Fehlig
778067e195 libxl: improve subprocess handling
If available, let libxl handle reaping any children it creates by
specifying libxl_sigchld_owner_libxl_always_selective_reap.  This
feature was added to improve subprocess handling in libxl when used
in an application that does not install a SIGCHLD handler like
libvirt

http://lists.xen.org/archives/html/xen-devel/2014-01/msg01555.html

Prior to this patch, it is possible to hit asserts in libxl when
reaping subprocesses, particularly during simultaneous operations
on multiple domains.  With this patch, and the corresponding changes
to libxl, I no longer see the asserts.  Note that the libxl changes
will be included in Xen 4.4.0.  Previous Xen versions will be
susceptible to hitting the asserts even with this patch applied to
the libvirt libxl driver.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-06 10:20:31 -07:00
Jim Fehlig
03b3f8940a libxl: handle domain shutdown events in a thread
Handling the domain shutdown event within the event handler seems
a bit unfair to libxl's event machinery.  Domain "shutdown" could
take considerable time.  E.g. if the shutdown reason is reboot,
the domain must be reaped and then started again.

Spawn a shutdown handler thread to do this work, allowing libxl's
event machinery to go about its business.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-06 10:17:58 -07:00
Jim Fehlig
eaa8d9b2c7 libxl: remove list of timer registrations from libxlDomainObjPrivate
Due to some misunderstanding of requirements libxl places on timer
handling, I introduced the half-brained idea of maintaining a list
of timeouts that the driver could force to expire before freeing a
libxlDomainObjPrivate (and hence libxl_ctx).  But testing all
the latest versions of Xen supported by the libxl driver (4.2.3,
4.3.1, 4.4.0 RC3), I see that libxl will handle this just fine and
there is no need to force expiration behind libxl's back.  Indeed it
may be harmful to do so.

This patch removes the timer list, allowing libxl to handle cleanup
of its timer registrations.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-06 10:08:11 -07:00
Jim Fehlig
cda52dbfe5 libxl: fix leaking libxlDomainObjPrivate
When libxl registers an FD with the libxl driver, the refcnt of the
associated libxlDomainObjPrivate object is incremented. The refcnt
is decremented when libxl deregisters the FD.  But some FDs are only
deregistered when their libxl ctx is freed, which unfortunately is
done in the libxlDomainObjPrivate dispose function.  With references
held by the FDs, libxlDomainObjPrivate is never disposed.

I added the ref/unref in FD registration/deregistration when adding
the same in timer registration/deregistration.  For timers, this
is a simple approach to ensuring the libxlDomainObjPrivate is not
disposed prior to their expirtation, which libxl guarantees will
occur.  It is not needed for FDs, and only causes
libxlDomainObjPrivate to leak.

This patch removes the reference on libxlDomainObjPrivate for FD
registrations, but retains them for timer registrations.  Tested on
the latest releases of Xen supported by the libxl driver:  4.2.3,
4.3.1, and 4.4.0 RC3.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-02-06 10:06:26 -07:00
Eric Blake
11f20e43f1 event: move event filtering to daemon (regression fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1058839

Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
need to check the ACL rules to filter which events to send.  But
it overlooked one thing: the event dispatch queue is running in
the main loop thread, and therefore does not normally have a
current virIdentityPtr.  But filter checks can be based on current
identity, so when libvirtd.conf contains access_drivers=["polkit"],
we ended up rejecting access for EVERY event due to failure to
look up the current identity, even if it should have been allowed.

Furthermore, even for events that are triggered by API calls, it
is important to remember that the point of events is that they can
be copied across multiple connections, which may have separate
identities and permissions.  So even if events were dispatched
from a context where we have an identity, we must change to the
correct identity of the connection that will be receiving the
event, rather than basing a decision on the context that triggered
the event, when deciding whether to filter an event to a
particular connection.

If there were an easy way to get from virConnectPtr to the
appropriate virIdentityPtr, then object_event.c could adjust the
identity prior to checking whether to dispatch an event.  But
setting up that back-reference is a bit invasive.  Instead, it
is easier to delay the filtering check until lower down the
stack, at the point where we have direct access to the RPC
client object that owns an identity.  As such, this patch ends
up reverting a large portion of the framework of commit f9f56340.
We also have to teach 'make check' to special-case the fact that
the event registration filtering is done at the point of dispatch,
rather than the point of registration.  Note that even though we
don't actually use virConnectDomainEventRegisterCheckACL (because
the RegisterAny variant is sufficient), we still generate the
function for the purposes of documenting that the filtering
takes place.

Also note that I did not entirely delete the notion of a filter
from object_event.c; I still plan on using that for my upcoming
patch series for qemu monitor events in libvirt-qemu.so.  In
other words, while this patch changes ACL filtering to live in
remote.c and therefore we have no current client of the filtering
in object_event.c, the notion of filtering in object_event.c is
still useful down the road.

* src/check-aclrules.pl: Exempt event registration from having to
pass checkACL filter down call stack.
* daemon/remote.c (remoteRelayDomainEventCheckACL)
(remoteRelayNetworkEventCheckACL): New functions.
(remoteRelay*Event*): Use new functions.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Drop unused parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/domain_event.c (virDomainEventFilter): Delete unused
function.
* src/conf/network_event.c (virNetworkEventFilter): Likewise.
* src/libxl/libxl_driver.c: Adjust caller.
* src/lxc/lxc_driver.c: Likewise.
* src/network/bridge_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/remote/remote_driver.c: Likewise.
* src/test/test_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/vbox/vbox_tmpl.c: Likewise.
* src/xen/xen_driver.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-02-05 08:03:31 -07:00
John Ferlan
5c36e63198 Resolve Coverity dead_error_begin
Coverity complains about default: label in libxl_driver.c not be able
to be reached. It's by design for the code and since it's not necessary
in the code nor does it elicit any compiler/make check warnings - just
remove it rather than adding a coverity[dead_error_begin] tag.

While I'm at it, lxc_driver.c and nodeinfo.c have the same design, so I
removed the default labels and the existing coverity tags.
2014-01-31 12:48:01 -05:00
Eric Blake
7f2d27d1e3 api: require write permission for guest agent interaction
I noticed that we allow virDomainGetVcpusFlags even for read-only
connections, but that with a flag, it can require guest agent
interaction.  It is feasible that a malicious guest could
intentionally abuse the replies it sends over the guest agent
connection to possibly trigger a bug in libvirt's JSON parser,
or withhold an answer so as to prevent the use of the agent
in a later command such as a shutdown request.  Although we
don't know of any such exploits now (and therefore don't mind
posting this patch publicly without trying to get a CVE assigned),
it is better to err on the side of caution and explicitly require
full access to any domain where the API requires guest interaction
to operate correctly.

I audited all commands that are marked as conditionally using a
guest agent.  Note that at least virDomainFSTrim is documented
as needing a guest agent, but that such use is unconditional
depending on the hypervisor (so the existing domain:fs_trim ACL
should be sufficient there, rather than also requirng domain:write).
But when designing future APIs, such as the plans for obtaining
a domain's IP addresses, we should copy the approach of this patch
in making interaction with the guest be specified via a flag, and
use that flag to also require stricter access checks.

* src/libvirt.c (virDomainGetVcpusFlags): Forbid guest interaction
on read-only connection.
(virDomainShutdownFlags, virDomainReboot): Improve docs on agent
interaction.
* src/remote/remote_protocol.x
(REMOTE_PROC_DOMAIN_SNAPSHOT_CREATE_XML)
(REMOTE_PROC_DOMAIN_SET_VCPUS_FLAGS)
(REMOTE_PROC_DOMAIN_GET_VCPUS_FLAGS, REMOTE_PROC_DOMAIN_REBOOT)
(REMOTE_PROC_DOMAIN_SHUTDOWN_FLAGS): Require domain:write for any
conditional use of a guest agent.
* src/xen/xen_driver.c: Fix clients.
* src/libxl/libxl_driver.c: Likewise.
* src/uml/uml_driver.c: Likewise.
* src/qemu/qemu_driver.c: Likewise.
* src/lxc/lxc_driver.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-22 16:52:41 -07:00
Eric Blake
f9f5634053 event: filter global events by domain:getattr ACL [CVE-2014-0028]
Ever since ACL filtering was added in commit 7639736 (v1.1.1), a
user could still use event registration to obtain access to a
domain that they could not normally access via virDomainLookup*
or virConnectListAllDomains and friends.  We already have the
framework in the RPC generator for creating the filter, and
previous cleanup patches got us to the point that we can now
wire the filter through the entire object event stack.

Furthermore, whether or not domain:getattr is honored, use of
global events is a form of obtaining a list of networks, which
is covered by connect:search_domains added in a93cd08 (v1.1.0).
Ideally, we'd have a way to enforce connect:search_domains when
doing global registrations while omitting that check on a
per-domain registration.  But this patch just unconditionally
requires connect:search_domains, even when no list could be
obtained, based on the following observations:
1. Administrators are unlikely to grant domain:getattr for one
or all domains while still denying connect:search_domains - a
user that is able to manage domains will want to be able to
manage them efficiently, but efficient management includes being
able to list the domains they can access.  The idea of denying
connect:search_domains while still granting access to individual
domains is therefore not adding any real security, but just
serves as a layer of obscurity to annoy the end user.
2. In the current implementation, domain events are filtered
on the client; the server has no idea if a domain filter was
requested, and must therefore assume that all domain event
requests are global.  Even if we fix the RPC protocol to
allow for server-side filtering for newer client/server combos,
making the connect:serach_domains ACL check conditional on
whether the domain argument was NULL won't benefit older clients.
Therefore, we choose to document that connect:search_domains
is a pre-requisite to any domain event management.

Network events need the same treatment, with the obvious
change of using connect:search_networks and network:getattr.

* src/access/viraccessperm.h
(VIR_ACCESS_PERM_CONNECT_SEARCH_DOMAINS)
(VIR_ACCESS_PERM_CONNECT_SEARCH_NETWORKS): Document additional
effect of the permission.
* src/conf/domain_event.h (virDomainEventStateRegister)
(virDomainEventStateRegisterID): Add new parameter.
* src/conf/network_event.h (virNetworkEventStateRegisterID):
Likewise.
* src/conf/object_event_private.h (virObjectEventStateRegisterID):
Likewise.
* src/conf/object_event.c (_virObjectEventCallback): Track a filter.
(virObjectEventDispatchMatchCallback): Use filter.
(virObjectEventCallbackListAddID): Register filter.
* src/conf/domain_event.c (virDomainEventFilter): New function.
(virDomainEventStateRegister, virDomainEventStateRegisterID):
Adjust callers.
* src/conf/network_event.c (virNetworkEventFilter): New function.
(virNetworkEventStateRegisterID): Adjust caller.
* src/remote/remote_protocol.x
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_REGISTER)
(REMOTE_PROC_CONNECT_DOMAIN_EVENT_REGISTER_ANY)
(REMOTE_PROC_CONNECT_NETWORK_EVENT_REGISTER_ANY): Generate a
filter, and require connect:search_domains instead of weaker
connect:read.
* src/test/test_driver.c (testConnectDomainEventRegister)
(testConnectDomainEventRegisterAny)
(testConnectNetworkEventRegisterAny): Update callers.
* src/remote/remote_driver.c (remoteConnectDomainEventRegister)
(remoteConnectDomainEventRegisterAny): Likewise.
* src/xen/xen_driver.c (xenUnifiedConnectDomainEventRegister)
(xenUnifiedConnectDomainEventRegisterAny): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainGetXMLDesc): Likewise.
* src/libxl/libxl_driver.c (libxlConnectDomainEventRegister)
(libxlConnectDomainEventRegisterAny): Likewise.
* src/qemu/qemu_driver.c (qemuConnectDomainEventRegister)
(qemuConnectDomainEventRegisterAny): Likewise.
* src/uml/uml_driver.c (umlConnectDomainEventRegister)
(umlConnectDomainEventRegisterAny): Likewise.
* src/network/bridge_driver.c
(networkConnectNetworkEventRegisterAny): Likewise.
* src/lxc/lxc_driver.c (lxcConnectDomainEventRegister)
(lxcConnectDomainEventRegisterAny): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-15 13:55:21 -07:00
Stefan Bader
e1459c1fe8 libxl: Fix devid init in libxlMakeNicList
This basically reverts commit ba64b97134
"libxl: Allow libxl to set NIC devid". However assigning devid's
before calling libxlMakeNic does not work as that is calling
libxl_device_nic_init which sets it back to -1.
Right now auto-assignment only works in the hotplug case. But even if
that would be fixed at some point (if that is possible at all), this
would add a weird dependency between Xen and libvirt versions.
The change here should accept any auto-assignment that makes it into
libxl_device_nic_init. My understanding is that a caller always is
allowed to make the devid choice itself. And assuming libxlMakeNicList
is only used on domain creation, a sequential numbering should be ok.

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
2014-01-08 19:07:01 -07:00
Eric Blake
31b5bad9ff event: make deregister return value match docs
Ever since their introduction (commit 1509b80 in v0.5.0 for
virConnectDomainEventRegister, commit 4445723 in v0.8.0 for
virConnectDomainEventDeregisterAny), the event deregistration
functions have been documented as returning 0 on success;
likewise for older registration (only the newer RegisterAny
must return a non-zero callbackID).  And now that we are
adding virConnectNetworkEventDeregisterAny for v1.2.1, it
should have the same semantics.

Fortunately, all of the stateful drivers have been obeying
the docs and returning 0, thanks to the way the remote_driver
tracks things (in fact, the RPC wire protocol is unable to
send a return value for DomainEventRegisterAny, at least not
without adding a new RPC number).  Well, except for vbox,
which was always failing deregistration, due to failure to
set the return value to anything besides its initial -1.

But for local drivers, such as test:///default, we've been
returning non-zero numbers; worse, the non-zero numbers have
differed over time.  For example, in Fedora 12 (libvirt 0.8.2),
calling Register twice would return 0 and 1 [the callbackID
generated under the hood]; while in Fedora 20 (libvirt 1.1.3),
it returns 1 and 2 [the number of callbacks registered for
that event type].  Since we have changed the behavior over
time, and since it differs by local vs. remote, we can safely
argue that no one could have been reasonably relying on any
particular behavior, so we might as well obey the docs, as well
as prepare callers that might deal with older clients to not be
surprised if the docs are not strictly followed.

For consistency, this patch fixes the code for all drivers,
even though it only makes an impact for vbox and for local
drivers.  By fixing all drivers, future copy and paste from
a remote driver to a local driver is less likely to
reintroduce the bug.

Finally, update the testsuite to gain some coverage of the
issue for local drivers, including the first test of old-style
domain event registration via function pointer instead of
event id.

* src/libvirt.c (virConnectDomainEventRegister)
(virConnectDomainEventDeregister)
(virConnectDomainEventDeregisterAny): Clarify docs.
* src/libxl/libxl_driver.c (libxlConnectDomainEventRegister)
(libxlConnectDomainEventDeregister)
(libxlConnectDomainEventDeregisterAny): Match documentation.
* src/lxc/lxc_driver.c (lxcConnectDomainEventRegister)
(lxcConnectDomainEventDeregister)
(lxcConnectDomainEventDeregisterAny): Likewise.
* src/test/test_driver.c (testConnectDomainEventRegister)
(testConnectDomainEventDeregister)
(testConnectDomainEventDeregisterAny)
(testConnectNetworkEventDeregisterAny): Likewise.
* src/uml/uml_driver.c (umlConnectDomainEventRegister)
(umlConnectDomainEventDeregister)
(umlConnectDomainEventDeregisterAny): Likewise.
* src/vbox/vbox_tmpl.c (vboxConnectDomainEventRegister)
(vboxConnectDomainEventDeregister)
(vboxConnectDomainEventDeregisterAny): Likewise.
* src/xen/xen_driver.c (xenUnifiedConnectDomainEventRegister)
(xenUnifiedConnectDomainEventDeregister)
(xenUnifiedConnectDomainEventDeregisterAny): Likewise.
* src/network/bridge_driver.c
(networkConnectNetworkEventDeregisterAny): Likewise.
* tests/objecteventtest.c (testDomainCreateXMLOld): New test.
(mymain): Run it.
(testDomainCreateXML): Check return values.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-01-07 06:53:40 -07:00
Peter Krempa
aef39eb021 maint: Fix messy include of libvirt_internal.h
The libvirt_internal.h header was included by the internal.h header.
This made it painful to add new stuff to the header file that would
require some more specific types. Remove inclusion by internal.h and add
it to appropriate places manually.
2014-01-07 10:03:14 +01:00
Jim Fehlig
7c98d1c153 libxl: Fix initialization of nictype in libxl_device_nic
As pointed out by the Xen folks [1], HVM nics should always be set
to type LIBXL_NIC_TYPE_VIF_IOEMU unless the user explicity requests
LIBXL_NIC_TYPE_VIF via model='netfront'.  The current logic in
libxlMakeNic() only sets the nictype to LIBXL_NIC_TYPE_VIF_IOEMU if
a model is specified that is not 'netfront', which breaks PXE booting
configurations where no model is specified (i.e. use the hypervisor
default).

  Reported-by: Stefan Bader <stefan.bader@canonical.com>

[1] https://www.redhat.com/archives/libvir-list/2013-December/msg01156.html
2014-01-06 16:15:32 -07:00
Dario Faggioli
9375ba2a6e libxl: correctly handle affinity reset in virDomainPinVcpu[Flags]
By actually removing the <vcpupin> element (from within the
<cputune> section) from the XML, rather than jus update it with
a fully set vcpu affinity mask.

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
2013-12-23 22:43:32 -07:00
Dario Faggioli
520c3fbd1b libxl: implement virDomainPinVcpuFlags
And use it to implement libxlDomainPinVcpu(), similarly to what
happens in the QEMU driver. This way, it is possible to both
query and change the vcpu affinity of a persistent but not
running domain.

In face, before this patch, we have:
 # virsh list --all
  Id    Name                           State
 ----------------------------------------------------
  5     debian_32                      running
  -     fedora20_64                    shut off
 # virsh vcpupin fedora20_64 0 2-4 --current
 error: this function is not supported by the connection driver: virDomainPinVcpuFlags

After (same situation as above):
 # virsh vcpupin  fedora20_64 0 2-4 --current
 # virsh vcpupin  fedora20_64 0
 VCPU: CPU Affinity
 ----------------------------------
    0: 2-4

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
2013-12-23 22:33:30 -07:00
Dario Faggioli
2682d0d522 libxl: implement virDomainGetVcpuPinInfo
So that it is possible to query vcpu related information of
a persistent but not running domain, like it is for the QEMU
driver.

In fact, before this patch, we have:
 # virsh list --all
  Id    Name                           State
 ----------------------------------------------------
  5     debian_32                      running
  -     fedora20_64                    shut off
 # virsh vcpuinfo fedora20_64
 error: this function is not supported by the connection driver: virDomainGetVcpuPinInfo

After (same situation as above, i.e., fedora20_64 not running):
 # virsh vcpuinfo fedora20_64
 VCPU:           0
 CPU:            N/A
 State:          N/A
 CPU time        N/A
 CPU Affinity:   yyyyyyyy

 VCPU:           1
 CPU:            N/A
 State:          N/A
 CPU time        N/A
 CPU Affinity:   yyyyyyyy

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
2013-12-23 22:17:03 -07:00
Bamvor Jian Zhang
b03eba1376 libxl: fix segfault when domain create fail
there is a segfault in libxl logging in libxl_ctx_free when domain
create fail. because the log output handler vmessage is freed by
xtl_logger_destroy before libxl_ctx_free in virDomainObjListRemove.
move xtl_logger_destroy after libxl_ctx_free could fix this bug.

Signed-off-by: Bamvor Jian Zhang <bjzhang@suse.com>
2013-12-20 11:49:24 -07:00
Dario Faggioli
f9ee91d355 libxl: avoid crashing if calling `virsh numatune' on inactive domain
by, in libxlDomainGetNumaParameters(), calling libxl_bitmap_init() as soon as
possible, which avoids getting to 'cleanup:', where libxl_bitmap_dispose()
happens, without having initialized the nodemap, and hence crashing after some
invalid free()-s:

 # ./daemon/libvirtd -v
 *** Error in `/home/xen/libvirt.git/daemon/.libs/lt-libvirtd': munmap_chunk(): invalid pointer: 0x00007fdd42592666 ***
 ======= Backtrace: =========
 /lib64/libc.so.6(+0x7bbe7)[0x7fdd3f767be7]
 /lib64/libxenlight.so.4.3(libxl_bitmap_dispose+0xd)[0x7fdd2c88c045]
 /home/xen/libvirt.git/daemon/.libs/../../src/.libs/libvirt_driver_libxl.so(+0x12d26)[0x7fdd2caccd26]
 /home/xen/libvirt.git/src/.libs/libvirt.so.0(virDomainGetNumaParameters+0x15c)[0x7fdd4247898c]
 /home/xen/libvirt.git/daemon/.libs/lt-libvirtd(+0x1d9a2)[0x7fdd42ecc9a2]
 /home/xen/libvirt.git/src/.libs/libvirt.so.0(virNetServerProgramDispatch+0x3da)[0x7fdd424e9eaa]
 /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0x1a6f38)[0x7fdd424e3f38]
 /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa81e5)[0x7fdd423e51e5]
 /home/xen/libvirt.git/src/.libs/libvirt.so.0(+0xa783e)[0x7fdd423e483e]
 /lib64/libpthread.so.0(+0x7c53)[0x7fdd3febbc53]
 /lib64/libc.so.6(clone+0x6d)[0x7fdd3f7e1dbd]

Signed-off-by: Dario Faggili <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
2013-12-20 11:11:50 -07:00
Dario Faggioli
284d2fc299 libxl: libxl_get_max_cpus returning a libxl error from 4.4 onward
Starting from commit 2e82c18c in Xen (will be included in Xen 4.4)
both libxl_get_max_cpus() and libxl_get_max_nodes() start returning
a proper libxl error code, in case of failure. This patch fixes
this in the libxl driver.

Note that, although it is now basically impossible for them to return
0, that would, theoretically, still be wrong. Also, checking that the
returned value is '<= 0' makes the code correct for both Xen 4.4 and
Xen 4.3 (and 4.2), and that is why we go for it (rather than
just '< 0').

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Jim Fehlig <jfehlig@suse.com>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: Martin Kletzander <mkletzan@redhat.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2013-12-18 17:08:41 +01:00
Cédric Bosdonnat
67d91cb2bd Use virObjectEventPtr instead of virDomainEventPtr
The virDomainEvent class is kept as it indicates what meta informations
are valid for the children classes. This may be useful in the future.
2013-12-10 12:45:21 +00:00
Cédric Bosdonnat
6ffce0f698 Renamed virDomainEventNew* to virDomainEventLifecycleNew*
This aims at providing some consistency with other domain events
2013-12-10 12:27:37 +00:00
Cédric Bosdonnat
146434efad Renamed virDomainEventState to virObjectEventState
Leave virDomainEventRegister and its Deregister brother as these are
legacy functions only for domain lifecycle events.
2013-12-10 11:35:34 +00:00
Eric Blake
86f6748bda maint: fix comma style issues: xen
Most of our code base uses space after comma but not before;
fix the remaining uses before adding a syntax check.

* src/libxl/libxl_driver.c: Consistently use commas.
* src/xen/xend_internal.c: Likewise.
* src/xen/xs_internal.c: Likewise.
* src/xenapi/xenapi_driver.c: Likewise.
* src/xenapi/xenapi_utils.c: Likewise.
* src/xenxs/xen_sxpr.c: Likewise.
* src/xenxs/xen_xm.c: Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-11-20 09:14:54 -07:00
Ján Tomko
8c41794af8 Return -1 in virPortAllocatorAcquire if all ports are used
Report the error in virPortAllocatorAcquire instead
of doing it in every caller.

The error contains the port range name instead of the intended
use for the port, e.g.:
Unable to find an unused port in range 'display' (65534-65535)
instead of:
Unable to find an unused port for SPICE

This also adds error reporting when the QEMU driver could not
find an unused port for VNC, VNC WebSockets or NBD migration.
2013-11-18 12:28:07 +01:00
Ján Tomko
d16d90fd40 Add a name to virPortAllocator
This allows its error messages to be more specific.
2013-11-18 12:28:02 +01:00
Jason Andryuk
7d58c7fc8e libxl: Fix Xen 4.4 libxlVmStart logic
ifdef LIBXL_HAVE_DOMAIN_CREATE_RESTORE_PARAMS hides a multi-line body
for a brace-less else.  Add braces to ensure proper logic is applied.

Without this fix, new domains cannot be started.  Both
libxl_domain_create_new and libxl_domain_create_restore are called when
starting a new domain leading to this error:
libxl: error: libxl.c:324:libxl__domain_rename: domain with name "guest" already exists.
libxl: error: libxl_create.c:800:initiate_domain_create: cannot make domain: -6
2013-11-12 13:14:24 -07:00
Peter Krempa
de7b5faf43 conf: Refactor storing and usage of feature flags
Currently we were storing domain feature flags in a bit field as the
they were either enabled or disabled. New features such as paravirtual
spinlocks however can be tri-state as the default option may depend on
hypervisor version.

To allow storing tri-state feature state in the same place instead of
having to declare dedicated variables for each feature this patch
refactors the bit field to an array.
2013-11-08 09:44:42 +01:00
Jeremy Fitzhardinge
ba1bf10063 libxl: fix dubious cpumask handling in libxlDomainSetVcpuAffinities
Rather than casting the virBitmap pointer to uint8_t* and then using
the structure contents as a byte array, use the virBitmap API to determine
the bitmap size and test each bit.

Signed-off-by: Jeremy Fitzhardinge <jeremy@goop.org>
2013-11-01 09:05:36 -06:00
Jim Fehlig
835f992a68 Revert "libxl: Fix possible invalid read"
This reverts commit 394d6e0a95.
The real problem is accessing the virtBitmap structure as a byte
array, which was correctly identified and fixed by Jeremy Fitzhardinge

https://www.redhat.com/archives/libvir-list/2013-October/msg01257.html
2013-11-01 09:05:36 -06:00
Bamvor Jian Zhang
a52fa5569a fix api changes in xen restore
in recently xen commit: 7051d5c8, there is a api changes in
libxl_domain_create_restore.
Author: Andrew Cooper <andrew.cooper3@citrix.com>
Date:   Thu Oct 10 12:23:10 2013 +0100

    tools/migrate: Fix regression when migrating from older version of Xen

use the macro LIBXL_HAVE_DOMAIN_CREATE_RESTORE_PARAMS in libxl.h
in order to make libvirt could compile with old and new xen.

the params checkpointed_stream is useful if libvirt libxl driver
support migration. for new, set it as zero.

Signed-off-by: Bamvor Jian Zhang <bjzhang@suse.com>
2013-11-01 08:10:48 -06:00
Martin Kletzander
394d6e0a95 libxl: Fix possible invalid read
According to the following valgrind output, there seems to be a
invalid limit for the iterator (captured on Fedora 19):

==3945== Invalid read of size 1
==3945==    at 0x1E1FA410: libxlVmStart (libxl_driver.c:475)
==3945==    by 0x1E1FAD9A: libxlDomainCreateWithFlags (libxl_driver.c:2633)
==3945==    by 0x5187D46: virDomainCreate (libvirt.c:9439)
==3945==    by 0x13BAA6: remoteDispatchDomainCreateHelper (remote_dispatch.h:2910)
==3945==    by 0x51DE5B9: virNetServerProgramDispatch (virnetserverprogram.c:435)
==3945==    by 0x51D93E7: virNetServerHandleJob (virnetserver.c:165)
==3945==    by 0x50F5BF4: virThreadPoolWorker (virthreadpool.c:144)
==3945==    by 0x50F5670: virThreadHelper (virthreadpthread.c:161)
==3945==    by 0x8046C52: start_thread (pthread_create.c:308)
==3945==    by 0x8758E1C: clone (clone.S:113)
==3945==  Address 0x23424d81 is 0 bytes after a block of size 1 alloc'd
==3945==    at 0x4A08121: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==3945==    by 0x50B1F8C: virAllocN (viralloc.c:189)
==3945==    by 0x1E1FA3CA: libxlVmStart (libxl_driver.c:468)
==3945==    by 0x1E1FAD9A: libxlDomainCreateWithFlags (libxl_driver.c:2633)
==3945==    by 0x5187D46: virDomainCreate (libvirt.c:9439)
==3945==    by 0x13BAA6: remoteDispatchDomainCreateHelper (remote_dispatch.h:2910)
==3945==    by 0x51DE5B9: virNetServerProgramDispatch (virnetserverprogram.c:435)
==3945==    by 0x51D93E7: virNetServerHandleJob (virnetserver.c:165)
==3945==    by 0x50F5BF4: virThreadPoolWorker (virthreadpool.c:144)
==3945==    by 0x50F5670: virThreadHelper (virthreadpthread.c:161)
==3945==    by 0x8046C52: start_thread (pthread_create.c:308)
==3945==    by 0x8758E1C: clone (clone.S:113)
==3945==

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1013045
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2013-10-24 11:14:28 +01:00
Eric Blake
d24677090f maint: avoid 'const fooPtr' in domain_conf
'const fooPtr' is the same as 'foo * const' (the pointer won't
change, but it's contents can).  But in general, if an interface
is trying to be const-correct, it should be using 'const foo *'
(the pointer is to data that can't be changed).

Fix up offenders in src/conf/domain_conf, and their fallout.

Several things to note: virObjectLock() requires a non-const
argument; if this were C++, we could treat the locking field
as 'mutable' and allow locking an otherwise 'const' object, but
that is a more invasive change, so I instead dropped attempts
to be const-correct on domain lookup.  virXMLPropString and
friends require a non-const xmlNodePtr - this is because libxml2
is not a const-correct library.  We could make the src/util/virxml
wrappers cast away const, but I figured it was easier to not
try to mark xmlNodePtr as const.  Finally, virDomainDeviceDefCopy
was a rather hard conversion - it calls virDomainDeviceDefPostParse,
which in turn in the xen driver was actually modifying the domain
outside of the current device being visited.  We should not be
adding a device on the first per-device callback, but waiting until
after all per-device callbacks are complete.

* src/conf/domain_conf.h (virDomainObjListFindByID)
(virDomainObjListFindByUUID, virDomainObjListFindByName)
(virDomainObjAssignDef, virDomainObjListAdd): Drop attempt at
const.
(virDomainDeviceDefCopy): Use intended type.
(virDomainDeviceDefParse, virDomainDeviceDefPostParseCallback)
(virDomainVideoDefaultType, virDomainVideoDefaultRAM)
(virDomainChrGetDomainPtrs): Make const-correct.
* src/conf/domain_conf.c (virDomainObjListFindByID)
(virDomainObjListFindByUUID, virDomainObjListFindByName)
(virDomainDeviceDefCopy, virDomainObjListAdd)
(virDomainObjAssignDef, virDomainHostdevSubsysUsbDefParseXML)
(virDomainHostdevSubsysPciOrigStatesDefParseXML)
(virDomainHostdevSubsysPciDefParseXML)
(virDomainHostdevSubsysScsiDefParseXML)
(virDomainControllerModelTypeFromString)
(virDomainTPMDefParseXML, virDomainTimerDefParseXML)
(virDomainSoundCodecDefParseXML, virDomainSoundDefParseXML)
(virDomainWatchdogDefParseXML, virDomainRNGDefParseXML)
(virDomainMemballoonDefParseXML, virDomainNVRAMDefParseXML)
(virSysinfoParseXML, virDomainVideoAccelDefParseXML)
(virDomainVideoDefParseXML, virDomainHostdevDefParseXML)
(virDomainRedirdevDefParseXML)
(virDomainRedirFilterUsbDevDefParseXML)
(virDomainRedirFilterDefParseXML, virDomainIdMapEntrySort)
(virDomainIdmapDefParseXML, virDomainVcpuPinDefParseXML)
(virDiskNameToBusDeviceIndex, virDomainDeviceDefCopy)
(virDomainVideoDefaultType, virDomainHostdevAssignAddress)
(virDomainDeviceDefPostParseInternal, virDomainDeviceDefPostParse)
(virDomainChrGetDomainPtrs, virDomainControllerSCSINextUnit)
(virDomainSCSIDriveAddressIsUsed)
(virDomainDriveAddressIsUsedByDisk)
(virDomainDriveAddressIsUsedByHostdev): Fix fallout.
* src/openvz/openvz_driver.c (openvzDomainDeviceDefPostParse):
Likewise.
* src/libxl/libxl_domain.c (libxlDomainDeviceDefPostParse):
Likewise.
* src/qemu/qemu_domain.c (qemuDomainDeviceDefPostParse)
(qemuDomainDefaultNetModel): Likewise.
* src/lxc/lxc_domain.c (virLXCDomainDeviceDefPostParse):
Likewise.
* src/uml/uml_driver.c (umlDomainDeviceDefPostParse): Likewise.
* src/xen/xen_driver.c (xenDomainDeviceDefPostParse): Split...
(xenDomainDefPostParse): ...since per-device callback is not the
time to be adding a device.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-10-14 14:34:38 -06:00
Jim Fehlig
4e0ba0bd05 libxl: Compile regular expression where it is used
The regular expression used to determine guest capabilities
was compiled in libxlCapsInitHost() but used in libxlCapsInitGuests().
Move compilation to libxlCapsInitGuests() where it is used, and free
the compiled regex after use.  Ensure not to free the regex if
compilation fails.
2013-09-05 10:55:17 -06:00
Jim Fehlig
b78e8cb2ec libxl: Unconditionally call virSysinfoRead() on driver init
No need to check if privileged when reading hostsysinfo, since
that check was already done in libxlDriverShouldLoad().  The
libxl driver fails to load if not privileged.
2013-09-05 00:42:27 -06:00
Jim Fehlig
3fed82daa4 libxl: Check for regcomp failure
Change libxlGetAutoballoonConf() function to return an int
for success/failure, and fail if regcomp fails.
2013-09-04 16:51:20 -06:00
Jim Fehlig
5236aed83f libxl: Fix Coverity warning
John Ferlan reported the following Coverity warning:

In libxlDomainCoreDump() Coverity has noted a FORWARD_NULL reference:

2004 	    if ((flags & VIR_DUMP_CRASH) && !vm->persistent) {
2005 	        virDomainObjListRemove(driver->domains, vm);

(20) Event assign_zero: 	Assigning: "vm" = "NULL".
Also see events: 	[var_deref_model]

2006 	        vm = NULL;
2007 	    }
2008
2009 	    ret = 0;
2010
2011 	cleanup_unpause:

(21) Event var_deref_model: 	Passing null pointer "vm" to function
     "virDomainObjIsActive(virDomainObjPtr)", which dereferences it. [details]
Also see events: 	[assign_zero]

2012 	    if (virDomainObjIsActive(vm) && paused) {
2013 	        if (libxl_domain_unpause(priv->ctx, dom->id) != 0) {
2014 	            virReportError(VIR_ERR_INTERNAL_ERROR,

Removing the vm from domain obj list and setting it to NULL can be
done in the previous 'if (flags & VIR_DUMP_CRASH)' conditional.  Fix
the Coverity warning by ensuring vm is not NULL before testing if it
is still active.
2013-09-04 15:32:24 -06:00
Jim Fehlig
edd60d9cf6 libxl: Use standard format for source file copyright notice
Change source file copyright notice to prevailing libvirt style.
2013-09-03 23:53:48 -06:00
Jim Fehlig
0d87fd0aa9 libxl: Add libxlDomObjFromDomain
Similar to the QEMU and LXC drivers, add a helper function to
lookup a domain, and use it instead of much copy and paste.
2013-09-03 16:43:21 -06:00
Jim Fehlig
21bdbb829f libxl: Remove unnecessary driver locking
Now that most fields of libxlDriverPrivate struct are immutable
or self-locking, there is no need to acquire the driver lock in
much of the libxl driver.
2013-09-03 16:43:21 -06:00
Jim Fehlig
cf735fe03c libxl: Move driver lock/unlock to libxl_conf
Move the libxl driver lock/unlock functions from libxl_driver.c
to libxl_conf.h so they can be used by other source files.
2013-09-03 16:43:21 -06:00
Jim Fehlig
288fdcd06d libxl: Add comments to libxlDriverPrivate fields
Similar to the QEMU and LXC drivers, annotate the fields of
libxlDriverPrivate struct to indicate the locking rules for
their use.
2013-09-03 16:43:21 -06:00
Jim Fehlig
6cd43d3654 libxl: Use atomic ops for driver->nactive 2013-09-03 16:43:21 -06:00
Jim Fehlig
d9f19c30d0 libxl: Introduce libxlDriverConfig object
The libxlDriverPrivate struct contains an variety of data with
varying access needs. Similar to the QEMU and LXC drivers,
move all the static config data into a dedicated libxlDriverConfig
object. The only locking requirement is to hold the driver lock
while obtaining an instance of libxlDriverConfig. Once a reference
is held on the config object, it can be used completely lockless
since it is immutable.
2013-09-03 16:43:20 -06:00
Jim Fehlig
4147587669 libxl: User per-domain ctx in libxlDomainGetInfo
libxlDomainGetInfo() uses the driver-wide libxl ctx when
it would be more appropriate to use the per-domain ctx
associated with the domain.  Switch to using the per-domain
libxl ctx.
2013-09-03 16:43:20 -06:00
Jim Fehlig
e1f67c90d5 libxl: libxl: Use per-domain ctx in libxlMakeDomCreateInfo
libxlMakeDomCreateInfo() uses the driver-wide libxl ctx when
it would be more appropriate to use the per-domain ctx
associated with the domain.  Switch to using the per-domain
libxl ctx.
2013-09-03 16:43:20 -06:00
Jim Fehlig
cb0d49af11 libxl: Add libxl_version_info to libxlDriverPrivate
libxl version info is static data as far as the libxl driver
is concerned, so retrieve this info when the driver is initialized
and stash it in the libxlDriverPrivate object.  Subsequently use
the stashed info instead of repeatedly calling libxl_get_version_info().
2013-09-03 16:43:20 -06:00
Jim Fehlig
2f8d0f9021 libxl: Earlier detection of not running on Xen
Detect early on in libxl driver initialization if the driver
should be loaded at all, avoiding needless initialization steps
that only have to be undone later.  While at it, move the
detection to a helper function to improve readability.

After detecting that the driver should be loaded, subsequent
failures such as initializing the log stream, allocating libxl
ctx, etc. should be treated as failure to initialize the driver.
2013-09-03 16:43:20 -06:00
Jim Fehlig
12315cd779 libxl: Introduce libxl_domain.[ch]
Create libxl_domain.[ch] and move all functions operating on
libxlDomainObjPrivate to these files.  This will be useful for
future patches that e.g. add job support for libxlDomainObjPrivate.
2013-09-03 16:43:20 -06:00
Jim Fehlig
c9d5432d85 libxl: Move detection of autoballoon to libxl_conf
Detecting whether or not to autoballoon is configuration related,
so move the code to libxl_conf.
2013-09-03 16:43:20 -06:00
Jim Fehlig
4d1cf65a8c libxl: fix libvirtd crash when reconnecting domains
More fallout from commit d72ef888.  When reconnecting to running
domains, the libxl_ctx in libxlDomainObjPrivate was used before
initializing it, causing a segfault in libxl and consequently
crashing libvirtd.

Initialize the libxlDomainObjPrivate libxl_ctx in libxlReconnectDomain,
and while at it use this ctx in libxlReconnectDomain instead of the
driver-wide ctx.
2013-08-21 11:05:18 -06:00
John Ferlan
6aea4ebcd0 libxl: Resolve possible NULL dereference
If we reached cleanup: prior to allocating cpus, it was possible that
'nr_nodes' had a value, but cpus was NULL leading to a possible NULL
deref. Add a 'cpus' as an end condition to for loop
2013-08-20 13:20:56 -04:00
Jim Fehlig
0192fd6711 libxl: implement NUMA capabilities reporting
From: Dario Faggioli <dario.faggioli@citrix.com>

Starting from Xen 4.2, libxl has all the bits and pieces in place
for retrieving an adequate amount of information about the host
NUMA topology. It is therefore possible, after a bit of shuffling,
to arrange those information in the way libvirt wants to present
them to the outside world.

Therefore, with this patch, the <topology> section of the host
capabilities is properly populated, when running on Xen, so that
we can figure out whether or not we're running on a NUMA host,
and what its characteristics are.

[raistlin@Zhaman ~]$ sudo virsh --connect xen:/// capabilities
<capabilities>
  <host>
    <cpu>
    ....
    <topology>
      <cells num='2'>
        <cell id='0'>
          <memory unit='KiB'>6291456</memory>
          <cpus num='8'>
            <cpu id='0' socket_id='1' core_id='0' siblings='0-1'/>
            <cpu id='1' socket_id='1' core_id='0' siblings='0-1'/>
            <cpu id='2' socket_id='1' core_id='1' siblings='2-3'/>
            <cpu id='3' socket_id='1' core_id='1' siblings='2-3'/>
            <cpu id='4' socket_id='1' core_id='9' siblings='4-5'/>
            <cpu id='5' socket_id='1' core_id='9' siblings='4-5'/>
            <cpu id='6' socket_id='1' core_id='10' siblings='6-7'/>
            <cpu id='7' socket_id='1' core_id='10' siblings='6-7'/>
          </cpus>
        </cell>
        <cell id='1'>
          <memory unit='KiB'>6881280</memory>
          <cpus num='8'>
            <cpu id='8' socket_id='0' core_id='0' siblings='8-9'/>
            <cpu id='9' socket_id='0' core_id='0' siblings='8-9'/>
            <cpu id='10' socket_id='0' core_id='1' siblings='10-11'/>
            <cpu id='11' socket_id='0' core_id='1' siblings='10-11'/>
            <cpu id='12' socket_id='0' core_id='9' siblings='12-13'/>
            <cpu id='13' socket_id='0' core_id='9' siblings='12-13'/>
            <cpu id='14' socket_id='0' core_id='10' siblings='14-15'/>
            <cpu id='15' socket_id='0' core_id='10' siblings='14-15'/>
          </cpus>
        </cell>
      </cells>
    </topology>
  </host>
  ....
2013-08-19 12:04:55 -06:00
Jim Fehlig
aeab0243e1 libxl: refactor capabilities code
Cleanup the libxl capabilities code to be a bit more extensible,
splitting out the creation of host and guest capabilities.  This
should make it easier to implement additional capabilities in the
future, such as NUMA topology reporting.
2013-08-16 10:07:30 -06:00
Jim Fehlig
f0c513a6a0 libxl: unref DomainObjPrivate on error path
There is a potential leak of a newly created libxlDomainObjPrivate
when subsequent allocation of the object's chrdev field fails.
Unref the object on such an error so that it is properly disposed.
2013-08-15 10:49:14 -06:00
Jim Fehlig
54e43dc302 libxl: remove unnecessary curly braces
As per HACKING, remove some unneeded curly braces in the
libxl driver.
2013-08-14 16:12:25 -06:00
Jim Fehlig
dd00c3f6c9 libxl: fix libvirtd segfault
Commit d72ef888 introduced a bug in the libxl driver that will
segfault libvirtd if libxl reports an error message, e.g. when
attempting to initialize the driver on a non-Xen system.  I
assumed it was valid to pass a NULL logger to libxl_ctx_alloc(),
but that is not the case since any errors associated with the ctx
that are emitted by libxl will dereference the logger and crash
libvirtd.

Errors associated with the libxl driver-wide ctx could be useful
for debugging anyway, so create a 'libxl-driver.log' to capture
these errors.
2013-08-09 18:01:30 -06:00
Dario Faggioli
625980cc54 libxl: fix node ranges in libxlNodeGetCellsFreeMemory()
introduced by cs 4b9eec50fe ("libxl: implement per
NUMA node free memory reporting"). What was wrong was that
libxl_get_numainfo() put in nr_nodes the actual number of
host NUMA nodes, not the highest node ID (like libnuma's
numa_max_node() does instead).

While at it, turn the failure of libxl_get_numainfo() from
a simple warning to a proper error, as requested during the
review of another patch of the original series.

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Daniel P. Berrange <berrange@redhat.com>
2013-08-09 10:02:34 -06:00
Jim Fehlig
d72ef88876 libxl: Create per-domain log file
Currently, only one log file is created by the libxl driver, with
all output from libxl for all domains going to this one file.

Create a per-domain log file based on domain name, making sifting
through the logs a bit easier.  This required deferring libxl_ctx
allocation until starting the domain, which is fine since the
ctx is not used when the domain is inactive.

    Tested-by: Dario Faggioli <dario.faggioli@citrix.com>
2013-08-09 08:22:16 -06:00
Bamvor Jian Zhang
bcef0f0158 add console support in libxl
this patch introduce the console api in libxl driver for both pv and
hvm guest.  and import and update the libxlMakeChrdevStr function
which was deleted in commit dfa1e1dd.

Signed-off-by: Bamvor Jian Zhang <bjzhang@suse.com>
2013-07-30 15:58:28 -06:00
John Ferlan
cefb97fb81 virStateDriver - Separate AutoStart from Initialize
Adjust these drivers to handle their Autostart functionality after each
of the drivers has gone through their Initialization functions
2013-07-26 09:30:53 -04:00
Stefan Bader
65026d7239 libxl: Correctly initialize vcpu bitmap
The avail_vcpu bitmap has to be allocated before it can be used (using
the maximum allowed value for that). Then for each available VCPU the
bit in the mask has to be set (libxl_bitmap_set takes a bit position
as an argument, not the number of bits to set).

Without this, I would always only get one VCPU for guests created
through libvirt/libxl.

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
2013-07-24 09:03:04 -06:00
Dario Faggioli
261c4f5fb9 libxl: implement virDomainGetNumaParameters
Although, having it depending on Xen >= 4.3 (by using the proper
libxl feature flag).

Xen currently implements a NUMA placement policy which is basically
the same as the 'interleaved' policy of `numactl', although it can
be applied on a subset of the available nodes. We therefore hardcode
"interleave" as 'numa_mode', and we use the newly introduced libxl
interface to figure out what nodes a domain spans ('numa_nodeset').

With this change, it is now possible to query the NUMA node
affinity of a running domain:

[raistlin@Zhaman ~]$ sudo virsh --connect xen:/// list
 Id    Name                           State
----------------------------------------------------
 23    F18_x64                        running

[raistlin@Zhaman ~]$ sudo virsh --connect xen:/// numatune 23
numa_mode      : interleave
numa_nodeset   : 1

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
2013-07-17 10:46:09 -06:00
Dario Faggioli
98984b71a8 libxl: advertise the support for VIR_TYPED_PARAM_STRING
domainGetNumaParameters has a string typed parameter, hence it
is necessary for the libxl driver to support this.

This change implements the connectSupportsFeature hook for the
libxl driver, advertising that VIR_DRV_FEATURE_TYPED_PARAM_STRING
is supported.

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Cc: Eric Blake <eblake@redhat.com>
2013-07-17 10:45:05 -06:00
Daniel P. Berrange
bdf91a0ce5 Convert 'int i' to 'size_t i' in src/libxl/ files
Convert the type of loop iterators named 'i', 'j', k',
'ii', 'jj', 'kk', to be 'size_t' instead of 'int' or
'unsigned int', also santizing 'ii', 'jj', 'kk' to use
the normal 'i', 'j', 'k' naming

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-10 17:55:16 +01:00
Michal Privoznik
23b861f52e Adapt to VIR_ALLOC and virAsprintf in src/libxl/* 2013-07-10 11:07:32 +02:00
Jiri Denemark
db0a18a165 Fix NULL dereference caused by ACL filtering of domains
Caused by 763973607d.
2013-07-04 16:55:53 +02:00
Marek Marczykowski-Górecki
1d76326536 libxl: fix deadlock in libxlReconnectDomain
Use virDomainObjListRemoveLocked instead of virDomainObjListRemove, as
driver->domains is already taken by virDomainObjListForEach.

Above deadlock can be triggered when libvirtd is started after some
domain have been started by hand (in which case driver will not find
libvirt-xml domain config).

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2013-07-03 14:43:31 -06:00
Daniel P. Berrange
763973607d Add access control filtering of domain objects
Ensure that all APIs which list domain objects filter
them against the access control system.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-07-03 15:54:53 +01:00
Dario Faggioli
4b9eec50fe libxl: implement per NUMA node free memory reporting
By providing the implementation of nodeGetCellsFreeMemory for
the driver. This is all just a matter of properly formatting, in
a way that libvirt like, what Xen provides via libxl_get_numainfo().

[raistlin@Zhaman ~]$ sudo virsh --connect xen:/// freecell --all
    0:      25004 KiB
    1:     105848 KiB
--------------------
Total:     130852 KiB

Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
2013-07-01 17:14:57 -06:00
Ján Tomko
11a5c957f4 Use 1.1.0 everywhere in the documentation
Since we already have the v1.1.0-rc1 tag in git.
2013-06-25 15:37:31 +02:00
Jiri Denemark
c40ed4168a Rename virTypedParameterArrayValidate as virTypedParamsValidate 2013-06-25 00:38:24 +02:00
Jim Fehlig
c302130277 libxl: support qdisk backend
libxl supports the LIBXL_DISK_BACKEND_QDISK disk backend, where qemu
is used to provide the disk backend.  This patch simply maps the
existing <driver name='qemu'/> to LIBXL_DISK_BACKEND_QDISK.
2013-06-24 09:10:14 -06:00
Jim Fehlig
05bcf6f06d libxl: Fix disk format error message
Specifying an unsupported disk format with the tap driver resulted in
a less than helpful error message

error: Failed to start domain test-hvm
error: internal error libxenlight does not support disk driver qed

Change the message to state that the qed format is not supported by
the tap driver, e.g.

error: Failed to start domain test-hvm
error: internal error libxenlight does not support disk format qed
with disk driver tap

While at it, check for unsupported formats in the other driver
backends.
2013-06-24 09:10:14 -06:00
Daniel P. Berrange
f5e007c353 Add ACL checks into the libxl driver
Insert calls to the ACL checking APIs in all libxl driver
entrypoints.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-06-24 15:25:44 +01:00
Jim Fehlig
fdc10e8d80 libxl: Implement virConnectGetSysinfo
virConnectGetSysinfo was never implemented in the libxl driver.
This patch provides an implementation based on the qemu driver.
2013-06-21 10:42:24 -06:00
Jim Fehlig
ba64b97134 libxl: Allow libxl to set NIC devid
libxl contains logic to determine an appropriate devid for new devices
that do not specify one in their configuration.  For all device types
except NICs, the libxl driver allows libxl to determine devid.  Do the
same for NICs.
2013-06-21 10:16:47 -06:00
Marek Marczykowski-Górecki
855f3a2e22 libxl: support paused domain restore in virDomainRestoreFlags
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2013-06-20 12:13:14 -06:00
Marek Marczykowski-Górecki
c3358d14d9 libxl: initialize device structures
Do not leave uninitialized variables, not all parameters are set in
libxlMake*.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2013-06-20 10:06:54 -06:00
Marek Marczykowski-Górecki
7ed47d16dd libxl: populate xenstore memory entries at startup, handle dom0_mem
libxl uses some xenstore entries for hints in memory management
(especially when starting new domain). This includes dom0 memory limit
and Xen free memory margin, based on current system state. Entries are
created at first function usage, so force such call at daemon startup,
which most likely will be before any domain startup.
Also prevent automatic memory management if dom0_mem= option passed to
xen hypervisor - it is known to be incompatible with autoballoon.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2013-06-19 16:23:40 -06:00
Frediano Ziglio
d58ce13612 Implement dispose method for libxlDomainObjPrivate
When creating a timer/event handler reference counting is used. So it could
be possible (in theory) that libxlDomainObjPrivateFree is called with
reference counting >1. The problem is that libxlDomainObjPrivateFree leave
the object in an invalid state with ctx freed (but still having dandling
pointer). This can lead timer/event handler to core.

This patch implements a dispose method for libxlDomainObjPrivate, and moves
freeing the libxl ctx to the dispose method, ensuring the ctx is valid while
the object's reference count is > 0.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
2013-06-13 16:12:39 -06:00
Marek Marczykowski-Górecki
2903197539 libxl: allow only 'ethernet' and 'bridge' interfaces, allow script there
Actually only those interface types are handled correctly so reject
others instead of ignoring settings (i.e. treating as bridge/ethernet
anyway).
Also allow <script/> in 'ethernet' (which should be the only
script-allowing type). Keep <script/> allowed in bridge to be compatible
with legacy 'xen' driver.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2013-06-13 15:22:11 -06:00
Jim Fehlig
e1f31f5ae1 libxl: set bootloader for PV domains if not specified
The legacy xen toolstack will set pygrub as the bootloader if not
specified.  For compatibility, do the same in the libxl driver
iff not using direct kernel boot.
2013-06-12 08:42:15 -06:00
Jim Fehlig
47d14c3791 libxl: Report connect type as Xen
Currently, the libxl driver reports a connection type of "xenlight".
To be compatible with the legacy Xen driver, it should return "Xen".

Note: I noticed this while testing the libxl driver on OpenStack.
After switching my Xen compute nodes to use the libxl stack, I
could no longer launch instances on those nodes since
hypervisor_type was reported as "xenlight" instead of "xen".
2013-06-12 08:42:15 -06:00
Michal Privoznik
e463f4de77 Prefer VIR_STRDUP over virAsprintf(&dst, "%s", str)
There's no sense in using virAsprintf() just to duplicate a string.
We should use VIR_STRDUP which is designed just for that.
2013-06-07 17:45:53 +02:00
Eric Blake
1add9c78da maint: don't use config.h in .h files
Enforce the rule that .h files don't need to (redundantly)
include <config.h>.

* cfg.mk (sc_prohibit_config_h_in_headers): New rule.
(_virsh_includes): Delete; instead, inline a smaller number of
exclusions...
(exclude_file_name_regexp--sc_require_config_h)
(exclude_file_name_regexp--sc_require_config_h_first): ...here.
* daemon/libvirtd.h (includes): Fix offenders.
* src/driver.h (includes): Likewise.
* src/gnutls_1_0_compat.h (includes): Likewise.
* src/libxl/libxl_conf.h (includes): Likewise.
* src/libxl/libxl_driver.h (includes): Likewise.
* src/lxc/lxc_conf.h (includes): Likewise.
* src/lxc/lxc_driver.h (includes): Likewise.
* src/lxc/lxc_fuse.h (includes): Likewise.
* src/network/bridge_driver.h (includes): Likewise.
* src/phyp/phyp_driver.h (includes): Likewise.
* src/qemu/qemu_conf.h (includes): Likewise.
* src/util/virnetlink.h (includes): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-06-05 05:53:25 -06:00
Ján Tomko
de68895902 use virBitmapFree instead of VIR_FREE for cpumask
Found by 'git grep FREE.*cpumask' after looking at 31f1f6b.
2013-06-03 14:11:22 +02:00
Osier Yang
67a407e08b src/libxl: Remove the whitespace before ';' 2013-05-21 23:41:43 +08:00
Jim Fehlig
a2619bb1ff libxl: fix leaking libxl events
libxl expects the event handler to free the event passed to it.  From
libxl_event.h:

   event becomes owned by the application and must be freed, either
   by event_occurs or later
2013-05-17 02:35:56 -06:00
Jim Fehlig
43b0ff5b1e libxl: fix build with Xen4.3
Xen 4.3 fixes a mistake in the libxl event handler signature where the
event owned by the application was defined as const.  Detect this and
define the libvirt libxl event handler signature appropriately.
2013-05-17 02:31:14 -06:00
Laine Stump
a2c1bedbd8 util: fix virFileOpenAs return value and resulting error logs
This resolves:

     https://bugzilla.redhat.com/show_bug.cgi?id=851411
     https://bugzilla.redhat.com/show_bug.cgi?id=955500

The first problem was that virFileOpenAs was returning fd (-1) in one
of the error cases rather than ret (-errno), so the caller thought
that the error was EPERM rather than ENOENT.

The second problem was that some log messages in the general purpose
qemuOpenFile() function would always say "Failed to create" even if
the caller hadn't included O_CREAT (i.e. they were trying to open an
existing file).

This fixes virFileOpenAs to jump down to the error return (which
returns ret instead of fd) in the previously mentioned incorrect
failure case of virFileOpenAs(), removes all error logging from
virFileOpenAs() (since the callers report it), and modifies
qemuOpenFile to appropriately use "open" or "create" in its log
messages.

NB: I seriously considered removing logging from all callers of
virFileOpenAs(), but there is at least one case where the caller
doesn't want virFileOpenAs() to log any errors, because it's just
going to try again (qemuOpenFile()). We can't simply make a silent
variation of virFileOpenAs() though, because qemuOpenFile() can't make
the decision about whether or not it wants to retry until after
virFileOpenAs() has already returned an error code.

Likewise, I also considered changing virFileOpenAs() to return -1 with
errno set on return, and may still do that, but only as a separate
patch, as it obscures the intent of this patch too much.
2013-05-10 13:09:25 -04:00
Michal Privoznik
08152a6982 Adapt to VIR_STRDUP and VIR_STRNDUP in src/libxl/* 2013-05-09 14:00:45 +02:00
Daniel P. Berrange
a605b7e041 Unmerge attach/update/modify device APIs in drivers
The LXC, QEMU, and LibXL drivers have all merged their handling of
the attach/update/modify device APIs into one large

  'xxxxDomainModifyDeviceFlags'

which then does a 'switch()' based on the actual API being invoked.
While this saves some lines of code, it is not really all that
significant in the context of the driver API impls as a whole.

This merger of the handling of different APIs creates pain when
wanting to automated analysis of the code and do things which
are specific to individual APIs. The slight duplication of code
from unmerged the API impls, is preferrable to allow for easier
automated analysis.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-05-08 10:47:48 +01:00
Daniel P. Berrange
ead630319d Separate virGetHostname() API contract from driver APIs
Currently the virGetHostname() API has a bogus virConnectPtr
parameter. This is because virtualization drivers directly
reference this API in their virDriverPtr tables, tieing its
API design to the public virConnectGetHostname API design.

This also causes problems for access control checks since
these must only be done for invocations from the public
API, not internal invocation.

Remove the bogus virConnectPtr parameter, and make each
hypervisor driver provide a dedicated function for the
driver API impl. This will allow access control checks
to be easily inserted later.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-05-08 10:47:47 +01:00
Michal Privoznik
7c9a2d88cd virutil: Move string related functions to virstring.c
The source code base needs to be adapted as well. Some files
include virutil.h just for the string related functions (here,
the include is substituted to match the new file), some include
virutil.h without any need (here, the include is removed), and
some require both.
2013-05-02 16:56:55 +02:00
Jim Fehlig
80f01915b5 libxl: Fix double-dispose of libxl domain config
libxlBuildDomainConfig() was disposing the libxl_domain_config object
on error, only to have it disposed again by libxlBuildDomainConfig()'s
caller, which resulted in a segfault.  Leave disposing of the config
object to it's owner.
2013-04-30 09:13:42 -06:00
Bamvor Jian Zhang
91d1911c2f fix segfault during virsh save in pv guest
this patch fix the wrong sequence for fd and timeout register. the sequence
was right in dfa1e1dd for fd register, but it changed in e0622ca2.
in this patch, set priv, xl_priv in info and increase info->priv ref count
before virEventAddHandle. if do this after virEventAddHandle, the fd
callback or fd deregister maybe got the empty priv, xl_priv or wrong ref
count.

after apply this patch, test more than 100 rounds passed compare to fail
within 3 rounds without this patch. each round includes define -> start ->
destroy -> create -> suspend -> resume -> reboot -> shutdown -> save ->
resotre -> dump -> destroy -> create -> setmem -> setvcpus -> destroy.

Signed-off-by: Bamvor Jian Zhang <bjzhang@suse.com>
2013-04-26 10:22:47 -06:00
Daniel P. Berrange
90430791ae Make driver method names consistent with public APIs
Ensure that all drivers implementing public APIs use a
naming convention for their implementation that matches
the public API name.

eg for the public API   virDomainCreate make sure QEMU
uses qemuDomainCreate and not qemuDomainStart

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-04-24 11:00:18 +01:00
Daniel P. Berrange
abe038cfc0 Extend previous check to validate driver struct field names
Ensure that the driver struct field names match the public
API names. For an API virXXXX we must have a driver struct
field xXXXX. ie strip the leading 'vir' and lowercase any
leading uppercase letters.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-04-24 10:59:53 +01:00
Osier Yang
bc95be5dea cleanup: Remove the duplicate header
Detected by a simple Shell script:

for i in $(git ls-files -- '*.[ch]'); do
    awk 'BEGIN {
        fail=0
    }
    /# *include.*\.h/{
        match($0, /["<][^">]*[">]/)
        arr[substr($0, RSTART+1, RLENGTH-2)]++
    }
    END {
        for (key in arr) {
            if (arr[key] > 1) {
                fail=1
                printf("%d %s\n", arr[key], key)
            }
        }
        if (fail == 1)
            exit 1
    }' $i

    if test $? != 0; then
        echo "Duplicate header(s) in $i"
    fi
done;

A later patch will add the syntax-check to avoid duplicate
headers.
2013-04-17 15:49:35 +08:00
Peter Krempa
482e5f159c virCaps: get rid of defaultConsoleTargetType callback
This patch refactors various places to allow removing of the
defaultConsoleTargetType callback from the virCaps structure.

A new console character device target type is introduced -
VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE - to mark that no type was
specified in the XML. This type is at the end converted to the standard
VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL. Other types that are
different from this default have to be processed separately in the
device post parse callback.
2013-04-04 22:42:39 +02:00
Peter Krempa
46becc18ba virCaps: get rid of macPrefix field
Use the virDomainXMLConf structure to hold this data and tweak the code
to avoid semantic change.

Without configuration the KVM mac prefix is used by default. I chose it
as it's in the privately administered segment so it should be usable for
any purposes.
2013-04-04 22:42:38 +02:00
Peter Krempa
ad0d10b2b1 conf callback: Rearrange function parameters
Move the xmlopt and caps arguments to the end of the argument list.
2013-04-04 22:41:19 +02:00
Peter Krempa
43b99fc4c0 conf: Add post XML parse callbacks and prepare for cleaning of virCaps
This patch adds instrumentation that will allow hypervisor drivers to
fill and validate domain and device definitions after parsed by the XML
parser.

With this patch, after the XML is parsed, a callback to the driver is
issued requesting to fill and validate driver specific details of the
configuration. This allows to use sensible defaults and checks on a per
driver basis at the time the XML is parsed.

Two callback pointers are stored in the new virDomainXMLConf object:
* virDomainDeviceDefPostParseCallback (devicesPostParseCallback)
  - called for a single device parsed and for every single device in a
    domain config. A virDomainDeviceDefPtr is passed along with the
    domain definition and virCaps.

* virDomainDefPostParseCallback, (domainPostParseCallback)
  - A callback that is meant to process the domain config after it's
  parsed.  A virDomainDefPtr is passed along with virCaps.

Both types of callbacks support arbitrary opaque data passed for the
callback functions.

Errors may be reported in those callbacks resulting in a XML parsing
failure.
2013-04-04 22:29:48 +02:00
Peter Krempa
e84b19316a maint: Rename xmlconf to xmlopt and virDomainXMLConfig to virDomainXMLOption
This patch is the result of running:

for i in $(git ls-files | grep -v html | grep -v \.po$ ); do
  sed -i -e "s/virDomainXMLConf/virDomainXMLOption/g" -e "s/xmlconf/xmlopt/g" $i
done

and a few manual tweaks.
2013-04-04 22:18:56 +02:00
Peter Krempa
27cf98e2d1 virCaps: conf: start splitting out irrelevat data
The virCaps structure gathered a ton of irrelevant data over time that.
The original reason is that it was propagated to the XML parser
functions.

This patch aims to create a new data structure virDomainXMLConf that
will contain immutable data that are used by the XML parser. This will
allow two things we need:

1) Get rid of the stuff from virCaps

2) Allow us to add callbacks to check and add driver specific stuff
after domain XML is parsed.

This first attempt removes pointers to private data allocation functions
to this new structure and update all callers and function that require
them.
2013-03-13 09:27:14 +01:00
John Ferlan
40e904490f libxl_driver: Resolve Coverity errors
1. The virObjectLock() call was unconditional, but Unlock was conditional
   on vm being valid.  Removed the check

2. A call to virDomainEventNewFromObj() isn't guaranteed to return an
   event - that check needs to be made prior to libxlDomainEventQueue()
   of the event. Did not add libxlDriverLock/Unlock around the call since
   some callers already have lock taken

3. Need to initialize fd = -1 in libxlDoDomainSave() since we can jump
   to cleanup before it's set.

4. Missing break;'s in libxlDomainModifyDeviceFlags() for case
   LIBXL_DEVICE_UPDATE.  The default: case would report an error
2013-03-05 22:52:51 -05:00
John Ferlan
50de0e0807 libxl_conf: Resolve Coverity issue with call to regcomp() 2013-03-05 22:52:51 -05:00
Jim Fehlig
567779e51a libxl: Fix setting of disk backend
The libxl driver was setting the backend field of libxl_device_disk
structure to LIBXL_DISK_BACKEND_TAP when the driver element of disk
configuration was not specified.  This needlessly forces the use of
blktap driver, which may not be loaded in dom0

https://bugzilla.redhat.com/show_bug.cgi?id=912488

Ian Campbell suggested that LIBXL_DISK_BACKEND_UNKNOWN is a better
default in this case

https://www.redhat.com/archives/libvir-list/2013-February/msg01126.html
2013-02-20 14:52:10 -07:00
Daniel P. Berrange
fed92f08db Turn virCapabilities into a virObject
To enable virCapabilities instances to be reference counted,
turn it into a virObject. All cases of virCapabilitiesFree
turn into virObjectUnref

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-02-08 11:34:26 +00:00
Daniel P. Berrange
eea87129f1 Merge virDomainObjListIsDuplicate into virDomainObjListAdd
The duplicate VM checking should be done atomically with
virDomainObjListAdd, so shoud not be a separate function.
Instead just use flags to indicate what kind of checks are
required.

This pair, used in virDomainCreateXML:

   if (virDomainObjListIsDuplicate(privconn->domains, def, 1) < 0)
     goto cleanup;
   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def, false)))
     goto cleanup;

Changes to

   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def,
                                   VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE,
                                   NULL)))
     goto cleanup;

This pair, used in virDomainRestoreFlags:

   if (virDomainObjListIsDuplicate(privconn->domains, def, 1) < 0)
     goto cleanup;
   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def, true)))
     goto cleanup;

Changes to

   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def,
                                   VIR_DOMAIN_OBJ_LIST_ADD_LIVE |
                                   VIR_DOMAIN_OBJ_LIST_ADD_CHECK_LIVE,
                                   NULL)))
     goto cleanup;

This pair, used in virDomainDefineXML:

   if (virDomainObjListIsDuplicate(privconn->domains, def, 0) < 0)
     goto cleanup;
   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def, false)))
     goto cleanup;

Changes to

   if (!(dom = virDomainObjListAdd(privconn->domains,
                                   privconn->caps,
                                   def,
                                   0, NULL)))
     goto cleanup;
2013-02-05 19:22:25 +00:00
Daniel P. Berrange
37abd47165 Turn virDomainObjList into an opaque virObject
As a step towards making virDomainObjList thread-safe turn it
into an opaque virObject, preventing any direct access to its
internals.

As part of this a new method virDomainObjListForEach is
introduced to replace all existing usage of virHashForEach
2013-02-05 15:49:25 +00:00
Daniel P. Berrange
4f6ed6c33a Rename all domain list APIs to have virDomainObjList prefix
The APIs names for accessing the domain list object are
very inconsistent. Rename them all to have a standard
virDomainObjList prefix.
2013-02-05 15:49:25 +00:00
Jim Fehlig
702911496f libxl: Domain event handler improvements
Since libxl provides the domain ID in the event handler callback,
find the domain object based on the ID.  This approach prevents
processing the callback on a domain that has already been reaped.

Also, similar to the xl implementation, ignore the SUSPEND shutdown
reason.  By calling libxl_domain_suspend(), we know a shutdown
event with SUSPEND reason will be generated, but it can be safely
ignored since any subsequent cleanup will be done by the callers.
2013-01-25 11:38:47 -07:00
Jim Fehlig
02ed255e22 libxl: Fix removing non-persistent domain after save
libxlDoDomainSave() was removing non-persistent domains, but
required callers to have the virDomainObj locked.  Callers could
potentially unlock an already freed virDomainObj.  Move this
logic to the callers of libxlDoDomainSave().
2013-01-25 11:35:57 -07:00
Jim Fehlig
ce33422d35 libxl: Explicitly remove timeouts
I've noticed that libxl can invoke timeout reregister/modify hooks
after returning from libxl_ctx_free.  Explicitly remove the
timeouts before freeing the libxl ctx to avoid executing hooks on
stale objects.
2013-01-25 11:35:41 -07:00
Jim Fehlig
889ce7460c libxl: Fix race between destruction of objects
It is possible to destroy and cleanup a VM, resulting in freeing the
libxlDomainObjPrivate object and associated libxl ctx, before all fds and
timeouts have been deregistered and destroyed.

Fix this race by incrementing the reference count on libxlDomainObjPrivate
for each fd and timeout registration.  Only when all fds and timeouts are
deregistered and destroyed will the libxlDomainObjPrivate be destroyed.
2013-01-25 11:31:35 -07:00
Jim Fehlig
e0622ca281 libxl: Fix races in libxl event code
The libxl driver is racy in it's interactions with libxl and libvirt's
event loop.  The event loop can invoke callbacks after libxl has
deregistered the event, and possibly access freed data associated with
the event.

This patch fixes the race by converting libxlDomainObjPrivate to a
virObjectLockable, and locking it while executing libxl upcalls and
libvirt event loop callbacks.

Note that using the virDomainObj lock is not satisfactory since it may
be desirable to hold the virDomainObj lock even when libxl events such
as reading and writing to xenstore need processed.
2013-01-25 11:31:19 -07:00
Jim Fehlig
04172610c0 libxl: Fix handling of timeouts
xen-unstable changeset 26469 makes changes wrt modifying and deregistering
timeouts.

First, timeout modify callbacks will only be invoked with an
abs_t of {0,0}, i.e. make the timeout fire immediately.  Prior to this
commit, timeout modify callbacks were never invoked.

Second, timeout deregister hooks will no longer be called.

This patch makes changes in the libvirt libxl driver that should be
compatible before and after changeset 26469.

While at it, fix a potential overflow in the timeout register callback.
2013-01-25 11:21:01 -07:00
Jim Fehlig
c1eda06478 libxl: Fix cleanup on domain start error
If building the libxl domain config fails, cleanup before returning
failure.
2013-01-16 10:13:26 -07:00
Jim Fehlig
52947fe3ae libxl: Check for libxl_ctx_alloc failure 2013-01-16 10:13:26 -07:00
Jim Fehlig
7459cae9b0 libxl: Don't free domain death event
Callers should not free death events provided by libxl_evdisable_FOO().
2013-01-16 10:13:26 -07:00
Jim Fehlig
f426ab08fb libxl: Use consistent parameter naming scheme
Use consistent parameter names throughout the libxl timeout and fd
event functions.
2013-01-16 10:13:26 -07:00
Jim Fehlig
130cbf193a libxl: Use consistent style for function definitions
Commit dfa1e1dd added functions whose definitions do not conform
to the style used in the libxl driver.  Change these functions to
be consistent throughout the driver.
2013-01-16 10:13:26 -07:00
Daniel P. Berrange
0995b00084 Convert libxl driver over to use virPortAllocator APIs
Replace the current libxl driver code for managing port
reservations with the new virPortAllocator APIs.
2013-01-16 11:02:58 +00:00
Daniel P. Berrange
325b02b5a3 Convert virDomainObj, qemuAgent, qemuMonitor, lxcMonitor to virObjectLockable
The  virDomainObj, qemuAgent, qemuMonitor, lxcMonitor classes
all require a mutex, so can be switched to use virObjectLockable

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-01-16 11:02:58 +00:00
Daniel P. Berrange
f24404a324 Rename virterror.c virterror_internal.h to virerror.{c,h} 2012-12-21 11:19:50 +00:00
Daniel P. Berrange
e861b31275 Rename uuid.{c,h} to viruuid.{c,h} 2012-12-21 11:19:49 +00:00
Daniel P. Berrange
05dc8398dd Rename storage_file.{c,h} to virstoragefile.{c,h} 2012-12-21 11:19:48 +00:00
Daniel P. Berrange
ab9b7ec2f6 Rename memory.{c,h} to viralloc.{c,h} 2012-12-21 11:17:14 +00:00
Daniel P. Berrange
936d95d347 Rename logging.{c,h} to virlog.{c,h} 2012-12-21 11:17:14 +00:00
Daniel P. Berrange
0f8454101d Rename conf.{c,h} to virconf.{c,h} 2012-12-21 11:17:13 +00:00
Daniel P. Berrange
04d9510f50 Rename command.{c,h} to vircommand.{c,h} 2012-12-21 11:17:13 +00:00
Daniel P. Berrange
a27e4fbb72 Rename bitmap.{c,h} to virbitmap.{c,h}
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-21 11:17:12 +00:00
Martin Kletzander
b72c97e732 fix typo in the word affinities
This patch fixes just the word Affinites to Affinities (it's really
painful to search in TAGS without being able to find the right
function).
2012-12-19 02:17:38 +01:00
Daniel P. Berrange
8db1f2d228 Fix libxl driver for virArch changes 2012-12-18 19:50:24 +00:00
Daniel P. Berrange
c25c18f71b Convert capabilities / domain_conf to use virArch
Convert the host capabilities and domain config structs to
use the virArch datatype. Update the parsers and all drivers
to take account of datatype change

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-18 16:53:03 +00:00
Jim Fehlig
f6b5ed5ef0 Support network boot for HVM guests in libxl
The libxl driver ignored boot devices in the domain config,
preventing PXE booting HVM domains.  This patch accounts for
user-specified boot devices when building the libxl domain
configuration.
2012-12-13 08:05:12 -07:00
Jim Fehlig
dfa1e1dd53 Convert libxl driver to Xen 4.2
Based on a patch originally authored by Daniel De Graaf

  http://lists.xen.org/archives/html/xen-devel/2012-05/msg00565.html

This patch converts the Xen libxl driver to support only Xen >= 4.2.
Support for Xen 4.1 libxl is dropped since that version of libxl is
designated 'technology preview' only and is incompatible with Xen 4.2
libxl.  Additionally, the default toolstack in Xen 4.1 is still xend,
for which libvirt has a stable, functional driver.
2012-12-06 16:15:54 -07:00
Daniel P. Berrange
79b8a56995 Replace polling for active VMs with signalling by drivers
Currently to deal with auto-shutdown libvirtd must periodically
poll all stateful drivers. Thus sucks because it requires
acquiring both the driver lock and locks on every single virtual
machine. Instead pass in a "inhibit" callback to virStateInitialize
which drivers can invoke whenever they want to inhibit shutdown
due to existance of active VMs.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-12-04 12:14:04 +00:00
Daniel P. Berrange
f4ea67f5b3 Turn some dual-state int parameters into booleans
The virStateInitialize method and several cgroups methods were
using an 'int privileged' parameter or similar for dual-state
values. These are better represented with the bool type.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-11-29 16:14:43 +00:00
Viktor Mihajlovski
b1c88c1476 capabilities: defaultConsoleTargetType can depend on architecture
For S390, the default console target type cannot be of type 'serial'.
It is necessary to at least interpret the 'arch' attribute
value of the os/type element to produce the correct default type.

Therefore we need to extend the signature of defaultConsoleTargetType
to account for architecture. As a consequence all the drivers
supporting this capability function must be updated.

Despite the amount of changed files, the only change in behavior is
that for S390 the default console target type will be 'virtio'.

N.B.: A more future-proof approach could be to to use hypervisor
specific capabilities to determine the best possible console type.
For instance one could add an opaque private data pointer to the
virCaps structure (in case of QEMU to hold capsCache) which could
then be passed to the defaultConsoleTargetType callback to determine
the console target type.
Seems to be however a bit overengineered for the use case...

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-11-09 09:20:59 -07:00