Commit Graph

11096 Commits

Author SHA1 Message Date
Daniel P. Berrange
650a37faa5 Fix deadlock in handling EOF in LXC monitor
Depending on the scenario in which LXC containers exit, it is
possible for the EOF callback of the LXC monitor to deadlock
the driver.

  #0  0x00000038a0a0de4d in __lll_lock_wait () from /lib64/libpthread.so.0
  #1  0x00000038a0a09ca6 in _L_lock_840 () from /lib64/libpthread.so.0
  #2  0x00000038a0a09ba8 in pthread_mutex_lock () from /lib64/libpthread.so.0
  #3  0x00007f4bd9579d55 in virMutexLock (m=<optimized out>) at util/threads-pthread.c:85
  #4  0x00007f4bcacc7597 in lxcDriverLock (driver=0x7f4bc40c8290) at lxc/lxc_conf.h:81
  #5  virLXCProcessMonitorEOFNotify (mon=<optimized out>, vm=0x7f4bb4000b00) at lxc/lxc_process.c:581
  #6  0x00007f4bd9645c91 in virNetClientCloseLocked (client=client@entry=0x7f4bb4009e60)
      at rpc/virnetclient.c:554
  #7  0x00007f4bd96460f8 in virNetClientIOEventLoopPassTheBuck (thiscall=0x0, client=0x7f4bb4009e60)
      at rpc/virnetclient.c:1306
  #8  virNetClientIOEventLoopPassTheBuck (client=0x7f4bb4009e60, thiscall=0x0)
      at rpc/virnetclient.c:1287
  #9  0x00007f4bd96467a2 in virNetClientCloseInternal (reason=3, client=0x7f4bb4009e60)
      at rpc/virnetclient.c:589
  #10 virNetClientCloseInternal (client=0x7f4bb4009e60, reason=3) at rpc/virnetclient.c:561
  #11 0x00007f4bcacc4a82 in virLXCMonitorClose (mon=0x7f4bb4000a00) at lxc/lxc_monitor.c:201
  #12 0x00007f4bcacc55ac in virLXCProcessCleanup (reason=<optimized out>, vm=0x7f4bb4000b00,
      driver=0x7f4bc40c8290) at lxc/lxc_process.c:240
  #13 virLXCProcessStop (driver=0x7f4bc40c8290, vm=vm@entry=0x7f4bb4000b00,
      reason=reason@entry=VIR_DOMAIN_SHUTOFF_DESTROYED) at lxc/lxc_process.c:735
  #14 0x00007f4bcacc5bd2 in virLXCProcessAutoDestroyDom (payload=<optimized out>,
      name=0x7f4bb4003c80, opaque=0x7fff41af2df0) at lxc/lxc_process.c:94
  #15 0x00007f4bd9586649 in virHashForEach (table=0x7f4bc409b270,
      iter=iter@entry=0x7f4bcacc5ab0 <virLXCProcessAutoDestroyDom>, data=data@entry=0x7fff41af2df0)
      at util/virhash.c:514
  #16 0x00007f4bcacc52d7 in virLXCProcessAutoDestroyRun (driver=driver@entry=0x7f4bc40c8290,
      conn=conn@entry=0x7f4bb8000ab0) at lxc/lxc_process.c:120
  #17 0x00007f4bcacca628 in lxcClose (conn=0x7f4bb8000ab0) at lxc/lxc_driver.c:128
  #18 0x00007f4bd95e67ab in virReleaseConnect (conn=conn@entry=0x7f4bb8000ab0) at datatypes.c:114

When the driver calls virLXCMonitorClose, there is really no
need for the EOF callback to be invoked in this case, since
the caller can easily handle events itself. In changing this,
the monitor needs to take a deep copy of the callback list,
not merely a reference.

Also adds debug statements in various places to aid
troubleshooting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 36c1fc189d)
2012-10-17 16:42:20 -04:00
Jim Fehlig
7e3dab4b9d Support Xen sysctl version 9 in Xen 4.2
Xen upstream c/s 24102:dc8e55c9 bumped the sysctl version to 9.
Support this sysctl version in the xen_hypervisor sub-driver.
(cherry picked from commit 371ddc9866)
2012-10-17 16:42:17 -04:00
Eric Blake
fdfb18690d build: avoid older gcc warning
Jim Fehlig reported a compilation error with older gcc 4.3.4:

libvirt.c: In function 'virDomainGetEmulatorPinInfo':
libvirt.c:9111: error: logical '&&' with non-zero constant will always evaluate as true [-Wlogical-op]

It looks like someone programmed via too much copy-and-paste.

* src/libvirt.c (virDomainGetEmulatorPinInfo): Multiplying by 1 is
a no-op, and thus will never overflow.
(cherry picked from commit 3da355e8c4)
2012-10-17 16:42:13 -04:00
Dmitry Guryanov
e81632740f parallels: don't give null pointers to virBitmapEqual
Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
(cherry picked from commit adae5cf733)
2012-10-17 16:42:09 -04:00
Dmitry Guryanov
3c860c40e3 parallels: fix memory allocation
size of videos array must be increased.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
(cherry picked from commit 9ca569dedf)
2012-10-17 16:42:00 -04:00
Daniel P. Berrange
a8ad93965f Don't use O_TRUNC when opening QEMU logfiles
SELinux wants all log files opened with O_APPEND. When
running non-root though, libvirtd likes to use O_TRUNC
to avoid log files growing in size indefinitely. Instead
of using O_TRUNC though, we can use O_APPEND and then
call ftruncate() which keeps SELinux happier.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 639d5c4966)
2012-10-17 16:41:42 -04:00
Daniel P. Berrange
f4e3a2afa5 Simplify some redundant locking while unref'ing objects
There is no need to hold the mutex when unref'ing
virObject instances

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 7307c3c00c)
2012-10-17 16:41:24 -04:00
Daniel P. Berrange
c9791620a0 Remove pointless virLXCProcessMonitorDestroy method
Asynchronously setting priv->mon to NULL was pointless,
just remove the destroy callback entirely.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit dd0371764f)
2012-10-17 16:41:21 -04:00
Daniel P. Berrange
df2b4be5cb Convert virLXCMonitor to use virObject
Remove custom reference counting from virLXCMonitor, using
virObject instead

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 09e0cb4218)
2012-10-17 16:41:12 -04:00
Daniel P. Berrange
a05d4ca932 Move virProcess{Kill,Abort,TranslateStatus} into virprocess.{c,h}
Continue consolidation of process functions by moving some
helpers out of command.{c,h} into virprocess.{c,h}

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 9467ab6074)
2012-10-17 16:41:06 -04:00
Daniel P. Berrange
a5cf2ef4a7 Move virProcessKill into virprocess.{h,c}
There are a number of process related functions spread
across multiple files. Start to consolidate them by
creating a virprocess.{c,h} file

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit e5e2b65cf8)
2012-10-17 16:41:03 -04:00
Daniel P. Berrange
5292eed6e2 Rename virCommandTranslateStatus to virProcessTranslateStatus
The virCommand prefix was inappropriate because the API
does not use any virCommandPtr object instance. This
API closely related to waitpid/exit, so use virProcess
as the prefix

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 49ecf8b41f)
2012-10-17 16:40:57 -04:00
Daniel P. Berrange
88589de79c Rename virPid{Abort,Wait} to virProcess{Abort,Wait}
Change "Pid" to "Process" to align with the virProcessKill
API naming prefix

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 0fb58ef5cd)
2012-10-17 16:40:55 -04:00
Daniel P. Berrange
035d998f01 Rename virKillProcess to virProcessKill
Changing naming to follow the convention of "object" followed
by "action"

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit cf470068a1)
2012-10-17 16:40:53 -04:00
Daniel P. Berrange
6b2a4e2514 Fix start of containers with custom root filesystem
A prefix change to unmount the SELinux filesystem broke starting
of LXC containers with a custom root filesystem
(cherry picked from commit 1532bd498a)
2012-10-17 16:19:35 -04:00
Doug Goldstein
b53782f102 Update how to compile with -Werror
--enable-compile-warnings=error has been renamed to --enable-werror so
update the HACKING and the hacking.html to reflect that.
(cherry picked from commit 07cbb610ba)
2012-10-17 16:18:22 -04:00
Christophe Fergeau
f35c18c783 build: fix detection of netcf linked with libnl1
Commit 9298bfbcb introduced code to detect if netcf is linked with
libnl1, and to prefer libnl1 over libnl3 when this is the case.
This behaviour can be disabled by setting LIBNL_CFLAGS to any value,
including the empty string.
However, configure.ac sets LIBNL_CFLAGS to "" before attempting
libnl detection, so the libnl1 detection code is always disabled.
This caused issues on my f17 system where netcf is linked with libnl1
but libvirt got built with libnl3.

This commit removes the setting of the LIBNL_* variables to "" as
this does not appear to be needed. After this change, libnl1 is
used when building libvirt on my f17 system.
(cherry picked from commit f6c2951566)
2012-10-17 16:17:29 -04:00
Richard W.M. Jones
eeaa15b6ea command: Change virCommandAddEnv so it replaces existing environment variables.
(cherry picked from commit 2b32735af4)
2012-10-17 12:19:46 -04:00
Richard W.M. Jones
94090184c2 command: Move environ-adding code to common function virCommandAddEnv.
This is just code motion.  The semantics of the code should be
identical after this change.
(cherry picked from commit f644361b1e)
2012-10-17 12:19:37 -04:00
Daniel Veillard
f8fbeb50d5 Release of libvirt-0.10.2
* configure.ac docs/news.html.in libvirt.spec.in: update for the release
* po/*.po*: update from transifex and regenerate
2012-09-24 12:46:37 +08:00
Daniel Veillard
72c1632d90 Fix another rpmbuild failure
without systemd we should not try to package the non-installed
%{_sysconfdir}/rc.d/init.d/libvirtd
2012-09-24 12:46:37 +08:00
Daniel Veillard
35616d6e7e Fix an rpmbuild failure
$RPM_BUILD_ROOT was embedded in /etc/rc.d/init.d/libvirt-guests
2012-09-24 12:37:52 +08:00
Daniel P. Berrange
49e5abb6a6 Don't install legacy initscripts at same time as systemd ones
The Fedora policies don't want us installing the legacy initscripts
in parallel with the systemd ones, so switch to only install the
systemd unit

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-24 10:50:16 +08:00
Laine Stump
5cdcb75d45 network: log error for unknown virNetworkUpdate command codes
Every level of the code for virNetworkUpdate was assuming that some
other level was checking for validity of the "command" arg, but none
actually were. The result was that an invalid command code would do
nothing, but also report success.

Since the command code isn't used until the very lowest level backend
functions, that's where I put the check. I made a separate one-line
function to log the error. The compiler would have combined the
identical strings used by multiple calls if I'd just called
virReportError directly in each location, but sending them all to the
same string in the source guards against inadvertant divergence (which
would lead to extra work for translators.)
2012-09-21 20:10:43 -04:00
Laine Stump
f59e25e012 network: make virNetworkObjUpdate error detection/recovery better
1) virNetworkObjUpdate should be an all or none operation, but in the
case that we want to update both the live state and persistent config
versions of the network, it was committing the update to the live
state before starting to update the persistent config. If update of
the persistent config failed, we would leave with things in an
inconsistent state - the live state would be updated (even though an
error was returned), but persistent config unchanged.

This patch changed virNetworkObjUpdate to use a separate pointer for
each copy of the virNetworkDef, and not commit either of them in the
virNetworkObj until both live and config parts of the update have
successfully completed.

2) The parsers for various pieces of the virNetworkDef have all sorts
of subtle limitations on them that may not be known by the
Update[section] function, making it possible for one of these
functions to make a modification directly to the object that may not
pass the scrutiny of a subsequent parse. But normally another parse
wouldn't be done on the data until the *next* time the object was
updated (which could leave the network definition in an unusable
state).

Rather than fighting the losing battle of trying to duplicate all the
checks from the parsers into the update functions as well, the more
foolproof solution to this is to simply do an extra
virNetworkDefCopy() operation on the updated networkdef -
virNetworkDefCopy() does a virNetworkFormat() followed by a
virNetworkParseString(), so it will do all the checks we need. If this
fails, then we don't commit the changed def.
2012-09-21 20:10:43 -04:00
Laine Stump
36ba0ee7b9 network: don't "refresh" iptables rules on rule-less networks
The bridge driver implementation of virNetworkUpdate() removes and
re-adds iptables rules any time a network has an <ip>, <forward>, or
<forward>/<interface> element updated. There are some types of
networks that have those elements and yet have no iptables rules
associated with them, and unfortunately the functions that remove/add
iptables rules don't check the type of network before attempting to
remove/add the rules, sometimes leading to an erroneous failure of the
entire update operation.

Under normal circumstances I would refactor the lower level functions
to be more robust, but to avoid code churn as much as possible, I've
just added extra checks directly to networkUpdate().
2012-09-21 20:10:43 -04:00
Miloslav Trmač
fca338a06c Drop unused return value of virLogOutputFunc
Nothing uses the return value, and creating it requries otherwise
unnecessary strlen () calls.

This cleanup is conceptually independent from the rest of the series
(although the later patches won't apply without it).  This just seems
a good opportunity to clean this up, instead of entrenching the unnecessary
return value in the virLogOutputFunc instance that will be added in this
series.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2012-09-21 12:55:13 -06:00
Tang Chen
9ce64e6aae Remove redundant lines in src/qemu/qemu_driver.c
maxcpu and hostcpus are defined and calculated in qemudDomainPinVcpuFlags()
and qemudDomainPinEmulator(), but never used. So remove them including nodeinfo.

Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
2012-09-21 12:49:47 -06:00
Richard W.M. Jones
f8b08d0e96 Add <seclabel> to character devices.
This allows the user to control labelling of each character device
separately (the default is to inherit from the VM).

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
2012-09-21 13:43:47 +01:00
Richard W.M. Jones
db2aff6ada Make virSecurityDeviceLabelDefParseXML into generic device <seclabel> parser.
This is just code motion, allowing us to reuse the same function to
parse the <seclabel> from character devices too.

However it also fixes a possible segfault in the original code if
VIR_ALLOC_N returns an error and the cleanup code (at the error:
label) tries to iterate over the unallocated array (thanks Michal
Privoznik for spotting this).

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
2012-09-21 13:43:32 +01:00
Jiri Denemark
8125113cdb qemu: Fix failure path in disk hotplug
Disk hotplug is a two phase action: qemuMonitorAddDrive followed by
qemuMonitorAddDevice. When the first part succeeds but the second one
fails, we need to rollback the drive addition.
2012-09-21 12:23:01 +02:00
Jiri Denemark
98be861b4d locking: Remove README file in favor of internals/locking.html
The README file seems to be a leftover from some previous version of
locking driver. It is not consistent with what the code does nor is it
consistent with existing documentation in internals/locking.html.
2012-09-21 12:23:01 +02:00
Daniel P. Berrange
2b9189e8ad Improve some debugging log messages in LXC mount setup
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-21 10:43:25 +01:00
Daniel P. Berrange
c15d893252 Ensure existing selinux mount is removed before mounting new one in LXC
Some kernel versions (at least RHEL-6 2.6.32) do not let you over-mount
an existing selinuxfs instance with a new one. Thus we must unmount the
existing instance inside our namespace.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-21 10:27:42 +01:00
Daniel P. Berrange
ab42772a46 Fix crash accessing a NULL URI when looking up auth credentials
When auto-probing hypervisor drivers, the conn->uri field will
initially be NULL. Care must be taken not to access members
when doing auth lookups in the config file

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-21 10:13:53 +01:00
Tang Chen
1437ea6f48 Remove a redundant line in src/qemu/qemu_driver.c
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
2012-09-21 12:16:25 +08:00
Laine Stump
8b6f831c8e network: backend for virNetworkUpdate of portgroups
portgroup elements are located in the toplevel of <network>
objects. There can be multiple <portgroup> elements, and they each
have a unique name attribute.

Add, delete, and modify are all supported for portgroup. When deleting
a portgroup, only the name must be specified in the provided xml - all
other attributes and subelements are ignored for the purposes of
matching and existing portgroup.

The bridge driver and virsh already know about the portgroup element,
so providing this backend should cause the entire stack to work. Note
that in the case of portgroup, there is no external daemon based on
the portgroup config, so nothing must be restarted.

It is important to note that guests make a copy of the appropriate
network's portgroup data when they are started, so although an updated
portgroup's configuration will have an affect on new guests started
after the cahange, existing guests won't magically have their
bandwidth changed, for example. If something like that is desired, it
will take a lot of redesign work in the way network devices are setup
(there is currently no link from the network back to the individual
interfaces using it, much less from a portgroup within a network back
to the individual interfaces).
2012-09-21 12:14:15 +08:00
Laine Stump
1100f61074 network: backend for virNetworkUpdate of dhcp range
The dhcp range element is contained in the <dhcp> element of one of a
network's <ip> elements. There can be multiple <range>
elements. Because there are only two attributes (start and end), and
those are exactly what you would use to identify a particular range,
it doesn't really make sense to modify an existing element, so
VIR_NETWORK_UPDATE_COMMAND_MODIFY isn't supported for this section,
only ADD_FIRST, ADD_LAST, and DELETE.

Since virsh already has support for understanding all the defined
sections, this new backend is automatically supported by virsh. You
would use it like this:

  virsh net-update mynet add ip-dhcp-range \
        "<range start='1.2.3.4' end='1.2.3.20'/>" --live --config

The bridge driver also already supports all sections, so it's doing
the correct thing in this case as well - since the dhcp range is
placed on the dnsmasq commandline, the bridge driver recreates the
dnsmasq commandline, and re-runs dnsmasq whenever a range is
added/deleted (and AFFECT_LIVE is specified in the flags).
2012-09-21 11:54:16 +08:00
Laine Stump
fe7872827f virsh: new net-update command
This command uses the new virNetworkUpdate() API to modify an existing
network definition, and optionally have those modifications take
effect immediately without restarting the network.

An example usage:

  virsh net-update mynet add-last ip-dhcp-host \
   "<host mac='00:11:22:33:44:55' ip='192.168.122.45'/>" \
   --live --config

If you like, you can instead put the xml into a file, and call like
this:

  virsh net-update mynet add ip-dhcp-host /tmp/myxml.xml
   --live --config

virsh will autodetect whether the argument is itself an xml element,
or if it's a file, by looking at the first character - the first
character of an xml element is always "<", and the first character of
a file is almost always *not* "<" (in the rare case that it is, the
user could specify "./<filename...").

A --parent-index option is also available (to give the index within a
list of parent objects, e.g. the index of the parent <ip> element when
updating ip-dhcp-host elements), but is optional and at least for now
will probably be used rarely.

--live, --config, and --current options - if you specify --live, only
the live state of the network will be updated. If you also specify
--config, then the persistent configuration will also be updated;
these two commands can be given separately, or both together. If you
don't specify either (you can optionally specify "--current" for the
same effect), then the "current" config will be updated (i.e. if the
network is active, then only its live config is affected, but if the
network is inactive, only the persistent config is affected).
2012-09-20 22:20:22 -04:00
Eric Blake
cd4f01ea86 docs: fix typo in filesystem docs
Noticed this by reading the page.  It would be so much nicer if our
tools could automatically flag things like this as part of 'make'.

* docs/formatdomain.html.in: Remove extra '>'.
2012-09-20 19:41:13 -06:00
Eric Blake
4ecb723b9e maint: fix up copyright notice inconsistencies
https://www.gnu.org/licenses/gpl-howto.html recommends that
the 'If not, see <url>.' phrase be a separate sentence.

* tests/securityselinuxhelper.c: Remove doubled line.
* tests/securityselinuxtest.c: Likewise.
* globally: s/;  If/.  If/
2012-09-20 16:30:55 -06:00
Marcelo Cerri
f743e0bf4b doc: include article about libvirt+audit in relatedlinks.html
This patch adds to relatedlinks.html a link to an article about libvirt
describing how the Linux audit subsystem can be used to track qemu
guest's life-cycle.
2012-09-20 15:47:21 -06:00
Daniel P. Berrange
d4170dfad3 Ensure autogen.sh exists if bootstrap fails
If any of the bootstrap tasks (autoconf/automake/etc) failed,
autogen.sh carried on running any pre-existing configure anyway.
Use 'set -e' to ensure autogen.sh immediately exists on error.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-09-20 15:58:29 +01:00
Martin Kletzander
3b72650181 tests: Add tests for dump-core option 2012-09-20 16:41:07 +02:00
Martin Kletzander
ff2d5a3d8a qemu: add support for dump-guest-core option
The "dump-guest-core' option is new option for the machine type
(-machine pc,dump-guest-core) that controls whether the guest memory
will be marked as dumpable.

While testing this, I've found out that the value for the '-M' options
is not parsed correctly when additional parameters are used. However,
when '-machine' is used for the same options, it gets parsed as
expected. That's why this patch also modifies the parsing and creating
of the command line, so both '-M' and '-machine' are recognized. In
QEMU's help there is only mention of the 'machine parameter now with
no sign of the older '-M'.
2012-09-20 16:41:07 +02:00
Martin Kletzander
78f3666fe9 Add support for limiting guest coredump
Sometimes when guest machine crashes, coredump can get huge due to the
guest memory. This can be limited using madvise(2) system call and is
being used in QEMU hypervisor. This patch adds an option for configuring
that in the domain XML and related documentation.
2012-09-20 16:41:07 +02:00
Martin Kletzander
ec62a602bb QEMU Tests for reboot-timeout 2012-09-20 16:41:02 +02:00
Martin Kletzander
94827a785d qemu: Add support for reboot-timeout
This patch adds support for "-boot reboot-timeout=rb_time" that is
added in QEMU.
2012-09-20 16:41:01 +02:00
Martin Kletzander
c33a922faa Add support for reboot-timeout
Whenever the guest machine fails to boot, new parameter (reboot-timeout)
controls whether it should reboot and after how many ms it should do so.

Docs included.
2012-09-20 16:41:01 +02:00
Peter Krempa
ede89aab64 security: Don't ignore errors when parsing DAC security labels
The DAC security driver silently ignored errors when parsing the DAC
label and used default values instead.

With a domain containing the following label definition:

<seclabel type='static' model='dac' relabel='yes'>
  <label>sdfklsdjlfjklsdjkl</label>
</seclabel>

the domain would start normaly but the disk images would be still owned
by root and no error was displayed.

This patch changes the behavior if the parsing of the label fails (note
that a not present label is not a failure and in this case the default
label should be used) the error isn't masked but is raised that causes
the domain start to fail with a descriptive error message:

virsh #  start tr
error: Failed to start domain tr
error: internal error invalid argument: failed to parse DAC seclabel
'sdfklsdjlfjklsdjkl' for domain 'tr'

I also changed the error code to "invalid argument" from "internal
error" and tweaked the various error messages to contain correct and
useful information.
2012-09-20 16:21:52 +02:00