Commit Graph

24265 Commits

Author SHA1 Message Date
Peter Krempa
133be0a9e2 qemu: domain: Prepare for VCPUs vanishing while libvirt is not running
Similarly to devices the guest may allow unplug of the VCPU if libvirt
is down. To avoid problems, refresh the vcpu state on reconnect. Don't
mess with the vcpu state otherwise.
2016-08-24 15:44:47 -04:00
Peter Krempa
6b4a23ff6c qemu: domain: Extract cpu-hotplug related data
Now that the monitor code gathers all the data we can extract it to
relevant places either in the definition or the private data of a vcpu.

As only thread id is broken for TCG guests we may extract the rest of
the data and just skip assigning of the thread id. In case where qemu
would allow cpu hotplug in TCG mode this will make it work eventually.
2016-08-24 15:44:47 -04:00
Peter Krempa
04fce1d496 tests: cpu-hotplug: Add data for ppc64 without threads enabled
The reported data is unusual so add it to the test suite.
2016-08-24 15:44:47 -04:00
Peter Krempa
1c455c4743 tests: cpu-hotplug: Add data for ppc64 out-of-order hotplug
Test the algorithm that extracts the order in which the vcpu entries
were plugged in on a sample of data created by plugging in vcpus
arbitrarily.
2016-08-24 15:44:47 -04:00
Peter Krempa
d1145aad0b tests: cpu-hotplug: Add data for ppc64 platform including hotplug
Power 8 platform's basic hotpluggable unit is a core rather than a
thread for x86_64 family. This introduces most of the complexity of the
matching code and thus needs to be tested.

The test data contain data captured from in-order cpu hotplug and
unplug operations.
2016-08-24 15:44:47 -04:00
Peter Krempa
22e3bb332e tests: cpu-hotplug: Add data for x86 hotplug with 11+ vcpus
During review it was reported that adding at least 11 vcpus creates a
collision of prefixes in the monitor matching algorithm. Add a test case
to verify that the problem won't happen.
2016-08-24 15:44:47 -04:00
Peter Krempa
f8638471d7 tests: Add test infrastructure for qemuMonitorGetCPUInfo
As the combination algorithm is rather complex and ugly it's necessary
to make sure it works properly. Add test suite infrastructure for
testing it along with a basic test based on x86_64 platform.
2016-08-24 15:44:47 -04:00
Peter Krempa
9bbbc88a8f qemu: monitor: Add algorithm for combining query-(hotpluggable-)-cpus data
For hotplug purposes it's necessary to retrieve data using
query-hotpluggable-cpus while the old query-cpus API report thread IDs
and order of hotplug.

This patch adds code that merges the data using a rather non-trivial
algorithm and fills the data to the qemuMonitorCPUInfo structure for
adding to appropriate place in the domain definition.
2016-08-24 15:44:47 -04:00
Peter Krempa
1213f0f8a5 qemu: monitor: Add support for calling query-hotpluggable-cpus
Add support for retrieving information regarding hotpluggable cpu units
supported by qemu. Data returned by the command carries information
needed to figure out the granularity of hotplug, the necessary cpu type
name and the topology information.

Note that qemu doesn't specify any particular order of the entries thus
it's necessary sort them by socket_id, core_id and thread_id to the
order libvirt expects.
2016-08-24 15:44:47 -04:00
Peter Krempa
c91be16b9f qemu: monitor: Extract QOM path from query-cpus reply
To allow matching up the data returned by query-cpus to entries in the
query-hotpluggable-cpus reply for CPU hotplug it's necessary to extract
the QOM path as it's the only link between the two.
2016-08-24 15:44:47 -04:00
Peter Krempa
920bbe5c15 qemu: capabilities: Extract availability of new cpu hotplug for machine types
QEMU reports whether 'query-hotpluggable-cpus' is supported for a given
machine type. Extract and cache the information using the capability
cache.

When copying the capabilities for a new start of qemu, mask out the
presence of QEMU_CAPS_QUERY_HOTPLUGGABLE_CPUS if the machine type
doesn't support hotpluggable cpus.
2016-08-24 15:44:47 -04:00
Peter Krempa
ffa536e0f8 qemu: Forbid config when topology based cpu count doesn't match the config
As of qemu commit:
commit a32ef3bfc12c8d0588f43f74dcc5280885bbdb30
Author: Thomas Huth <thuth@redhat.com>
Date:   Wed Jul 22 15:59:50 2015 +0200

    vl: Add another sanity check to smp_parse() function

v2.4.0-952-ga32ef3b

configuration where the maximum CPU count doesn't match the topology is
rejected. Prior to that only configurations where the topology would
contain more cpus than the maximum count would be rejected.

Use QEMU_CAPS_QUERY_HOTPLUGGABLE_CPUS as a relevant recent enough
witness to avoid breaking old configs.
2016-08-24 15:44:47 -04:00
Peter Krempa
f17ddfeee3 qemu: Add capability for query-hotpluggable-cpus command 2016-08-24 15:44:47 -04:00
Peter Krempa
b3180425ce qemu: monitor: Return struct from qemuMonitor(Text|Json)QueryCPUs
Prepare to extract more data by returning an array of structs rather than
just an array of thread ids. Additionally report fatal errors separately
from qemu not being able to produce data.
2016-08-24 15:44:47 -04:00
Peter Krempa
5b5f494a1b qemu: monitor: Return structures from qemuMonitorGetCPUInfo
The function will gradually add more returned data. Return a struct for
every vCPU containing the data.
2016-08-24 15:44:47 -04:00
Chen Hanxiao
6de1d22cca storage_backend_rbd: fix typos
s/failed/failed to

Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
2016-08-24 21:25:17 +02:00
Pino Toscano
4362ff4337 virsh: use vshError consistently after virBufferError checks
If virBufferError() reports an error, then vshError() is needed to
report the error situation instead of a simple vshError().
2016-08-24 17:43:29 +02:00
Pino Toscano
a144f28467 virsh: avoid i18n puzzle
Use the full versions of the message, instead of composing a base
message with what was updated; the change makes the messages properly
translatable, since different parts of a sentence might need different
declensions for example.
2016-08-24 17:43:29 +02:00
Pino Toscano
b620bdee14 virsh: respect -q/--quiet more
Turn various vshPrint() informative messages into vshPrintExtra(), so
they are not printed when requesting the quiet mode; neither XML/info
outputs nor the results of commands are affected.
Also change the expected outputs of the virsh-undefine test, since virsh
is invoked in quiet mode there.

Some informative messages might still be converted (and thus silenced
when in quiet mode), but this is an improvements nonetheless.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1358179
2016-08-24 17:43:29 +02:00
Peter Krempa
c74cae234e Fix remote_protocol-structs after recent commit
Commit 0adc9d26ae broke the build since
remote_protocol-structs was not updated.
2016-08-23 15:47:10 -04:00
Nikolay Shirokovskiy
018b4ae14b vz: add ACL checks to API calls
vzDomainMigrateConfirm3Params is whitelisted. Otherwise we need to
move removing domain from domain list from perform to confirm
step. This would further imply adding a flag and check that migration
is in progress to prohibit mistakenly (maliciously) removing domains
on confirm step. vz version of p2p also need to be fixed to include confirm step.
One would also need to add means to cleanup pending migration
on client disconnect as now is has state across several API
calls.

  On the other hand current version of confirm step is totaly
harmless thus it is easier to whitelist it at the moment.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
0adc9d26ae remote: rename protocol names for close callbacks
This way we make naming consistent to API calls and make subsequent
ACL checks possible (otherwise ACL check would discover name
discrepancies).

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
5a435726ef vz: prepare migration for ACL checks
ACL check on perform step should be in API call itself to make ACL
checking script pass. Thus we need to reorganize code to obtain
domain object in perform API itself. Most of this is straight
forward, the only nuance is dropping locks on lengthy remote
operations.
  The other motivation is to have only perform step ACL checks for
p2p migration instead of both begin in perform if we can leave
ACL check in vzDomainMigratePerformStep.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
5a78ef91fa vz: expand setting memory API calls
We need it to prepare the calls for ACL checks otherwise ACL checking
script will fail.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
a041ae571d vz: add missing flagged versions of API functions
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
1a28c5e007 vz: factor out converting block stats to params
This action deserves its own function and makes main API call
structure much cleaner.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
1b2673e2b0 vz: factor out block stats impl
Now we can use intended ACL check for both API calls.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
4cdf203263 vz: implement plain create API thru createFlags instead of visa versa
Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-08-23 19:48:01 +03:00
Nikolay Shirokovskiy
db66c35e2e vz: expand start/stop/... APIs for ACL checks
The original motivation is to expand API calls like start/stop etc so that
the ACL checks could be added. But this patch has its own befenits.

1. functions like prlsdkStart/Stop use common routine to wait for
job without domain lock. They become more self contained and do
not return intermediate PRL_RESULT.

2. vzDomainManagedSave do not update cache twice.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-23 19:48:01 +03:00
John Ferlan
02483b1dca network: Need to free formatted addr in networkDnsmasqConfContents
Commit id '0b6336c2' formatted the 'addr', but didn't VIR_FREE it.

Found by Coverity.
2016-08-22 13:14:15 -04:00
JieWang
f9edff30fe remove the dead code this patch is to remove the dead code Signed-off-by: JieWang <wangjie88@huawei.com>
Signed-off-by: JieWang <wangjie88@huawei.com>
2016-08-22 13:20:43 +01:00
John Ferlan
b4478c16c0 qemu: Fix crash hot plugging luks volume
https://bugzilla.redhat.com/show_bug.cgi?id=1367259

Crash occurs because 'secrets' is being dereferenced in call:

        if (qemuDomainSecretSetup(conn, priv, secinfo, disk->info.alias,
                                  VIR_SECRET_USAGE_TYPE_VOLUME, NULL,
                                  &src->encryption->secrets[0]->seclookupdef,
                                  true) < 0)

(gdb) p *src->encryption
$1 = {format = 2, nsecrets = 0, secrets = 0x0, encinfo = {cipher_size = 0,
    cipher_name = 0x0, cipher_mode = 0x0, cipher_hash = 0x0, ivgen_name = 0x0,
    ivgen_hash = 0x0}}
(gdb) bt
    priv=priv@entry=0x7fffc03be160, disk=disk@entry=0x7fffb4002ae0)
    at qemu/qemu_domain.c:1087
    disk=0x7fffb4002ae0, vm=0x7fffc03a2580, driver=0x7fffc02ca390,
    conn=0x7fffb00009a0) at qemu/qemu_hotplug.c:355

Upon entry to qemuDomainAttachVirtioDiskDevice, src->encryption points
at a valid 'secret' buffer w/ nsecrets == 1; however, the call to
qemuDomainDetermineDiskChain will call virStorageFileGetMetadata
and eventually virStorageFileGetMetadataInternal where the src->encryption
was overwritten when probing the volume.

Commit id 'a48c7141' added code to virStorageFileGetMetadataInternal
to determine if the disk/volume would use/need encryption and allocated
a meta->encryption. This overwrote an existing encryption buffer
already provided by the XML

This patch adds a check for meta->encryption already present before
just allocating and overwriting an existing buffer. It then checks the
existing encryption data to ensure the XML provided format for the
disk matches the expected format read from the disk and errors if there
is a mismatch.
2016-08-20 08:21:19 -04:00
Laine Stump
0b6336c2d9 network: allow limiting a <forwarder> element to certain domains
For some unknown reason the original implementation of the <forwarder>
element only took advantage of part of the functionality in the
dnsmasq feature it exposes - it allowed specifying the ip address of a
DNS server which *all* DNS requests would be forwarded to, like this:

   <forwarder addr='192.168.123.25'/>

This is a frontend for dnsmasq's "server" option, which also allows
you to specify a domain that must be matched in order for a request to
be forwarded to a particular server. This patch adds support for
specifying the domain. For example:

   <forwarder domain='example.com' addr='192.168.1.1'/>
   <forwarder domain='www.example.com'/>
   <forwarder domain='travesty.org' addr='10.0.0.1'/>

would forward requests for bob.example.com, ftp.example.com and
joe.corp.example.com all to the DNS server at 192.168.1.1, but would
forward requests for travesty.org and www.travesty.org to
10.0.0.1. And due to the second line, requests for www.example.com,
and odd.www.example.com would be resolved by the libvirt network's own
DNS server (i.e. thery wouldn't be immediately forwarded) even though
they also match 'example.com' - the match is given to the entry with
the longest matching domain. DNS requests not matching any of the
entries would be resolved by the libvirt network's own DNS server.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1331796
2016-08-19 21:34:51 -04:00
Laine Stump
9065cfaa88 network: allow disabling dnsmasq's DNS server
If you define a libvirt virtual network with one or more IP addresses,
it starts up an instance of dnsmasq. It's always been possible to
avoid dnsmasq's dhcp server (simply don't include a <dhcp> element),
but until now it wasn't possible to avoid having the DNS server
listening; even if the network has no <dns> element, it is started
using default settings.

This patch adds a new attribute to <dns>: enable='yes|no'. For
backward compatibility, it defaults to 'yes', but if you don't want a
DNS server created for the network, you can simply add:

   <dns enable='no'/>

to the network configuration, and next time the network is started
there will be no dns server created (if there is dhcp configuration,
dnsmasq will be started with "port=0" which disables the DNS server;
if there is no dhcp configuration, dnsmasq won't be started at all).
2016-08-19 21:10:34 -04:00
Laine Stump
25e8112d7c network: new network forward mode 'open'
The new forward mode 'open' is just like mode='route', except that no
firewall rules are added to assure that any traffic does or doesn't
pass. It is assumed that either they aren't necessary, or they will be
setup outside the scope of libvirt.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=846810
2016-08-19 21:05:15 -04:00
Michal Privoznik
5dd3aa2d1c networkxml2conftest: Don't leak dnsmasq capabilities
==18324== 32 bytes in 1 blocks are still reachable in loss record 41 of 114
==18324==    at 0x4C2C070: calloc (vg_replace_malloc.c:623)
==18324==    by 0x4EA479B: virAlloc (viralloc.c:144)
==18324==    by 0x4EA674A: virBitmapNewQuiet (virbitmap.c:77)
==18324==    by 0x4EA67F7: virBitmapNew (virbitmap.c:106)
==18324==    by 0x4EC777D: dnsmasqCapsNewEmpty (virdnsmasq.c:801)
==18324==    by 0x4EC781B: dnsmasqCapsNewFromBuffer (virdnsmasq.c:815)
==18324==    by 0x407CF4: mymain (networkxml2conftest.c:99)
==18324==    by 0x409CF0: virTestMain (testutils.c:982)
==18324==    by 0x4080EA: main (networkxml2conftest.c:136)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-08-19 11:14:14 +02:00
Mikhail Feoktistov
72abe56448 vz: add validation callbacks
This patch fixes a bug which occurs when we check a bus and unit number
for a new attached disk. We should do this check in ValidadionCallback,
not in PostParse callback. Because in PostParse we have not initialized
disk->info.addr.drive struct yet.
Move part of code from domainPostParseCallback to domainValidateCallback
and part from devicesPostParseCallback to deviceValidateCallback.
PostParse callbacks are for modification data.
ValidateCallbacks are only for checks.
2016-08-18 20:37:09 +03:00
Olga Krishtal
b880ff42dd vz: fixed race in vzDomainAttach/DettachDevice
While dettaching/attaching device in OpenStack, nova
calls vzDomainDettachDevice twice, because the update of the internal
configuration of the ct comes a bit latter than the update event.
As the result, we suffer from the second call to dettach the same device.

Signed-off-by: Olga Krishtal <okrishtal@virtuozzo.com>
2016-08-18 20:37:09 +03:00
Maxim Nestratov
0970a066d1 vz: specify VIR_DOMAIN_NET_TYPE_NETWORK for routed networks
Somehow we lost this during recent refactoring

Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-18 20:37:09 +03:00
Maxim Nestratov
0f13dc81d7 vz: reset errors after ignoring return values
If we are going to ignore return value of a functions
that can raise an error, it's not enough to use ignore_value
construction. We should explicitly call virResetLastError

Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-18 20:37:08 +03:00
Maxim Nestratov
d9e0d4ecbb vz: don't fail query domain info in case we don't have valid stats handle
Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-18 20:37:08 +03:00
Maxim Nestratov
9e8cbe185d vz: get additional error information from job correctly
First, make function logPrlEventErrorHelper be void and only
print information (if any) from an event.
Second, don't rewrite original error with any errors we get
during parsing event info.
Third, ignore PRL_ERR_NO_DATA at all.

Signed-off-by: Maxim Nestratov <mnestratov@virtuozzo.com>
2016-08-18 20:37:08 +03:00
Ján Tomko
f9785569de cfg.mk: join not_streq and not_strneq tests
The marginally nicer error message is not worth the extra lines in
cfg.mk.

Also drop the excludes since there was only one offender in the tests.
2016-08-18 13:37:08 +02:00
Ján Tomko
b3e3fc3257 cfg.mk: drop redundant sc_prohibit_gethostby
Both gethostbyaddr and gethostbyname* are already checked
by sc_prohibit_nonreentrant.
2016-08-18 13:37:08 +02:00
Ján Tomko
1fe77f9f7f cfg.mk: use subst instead of tr
GNU make is able to replace characters, no need to call tr.
2016-08-18 13:37:08 +02:00
Ján Tomko
5e045eca90 tests: fix the return value of test-wrap-argv
The script was returning success unless it failed on the last file.
This went unnoticed because sc_prohibit_long_lines forbids lines
longer than 90 characters in .arg[sv] files.
2016-08-18 13:37:08 +02:00
Ján Tomko
212564a0d1 maint: update to latest gnulib
Pick up the new syntax-check speedups.
2016-08-18 13:36:39 +02:00
Ján Tomko
41f5c2ca27 Introduce QEMU_CAPS_VIRTIO_PCI_DISABLE_LEGACY
Check whether the disable-legacy property is present on the following
devices:
  virtio-balloon-pci
  virtio-blk-pci
  virtio-scsi-pci
  virtio-serial-pci
  virtio-9p-pci
  virtio-net-pci
  virtio-rng-pci
  virtio-gpu-pci
  virtio-input-host-pci
  virtio-keyboard-pci
  virtio-mouse-pci
  virtio-tablet-pci

Assuming that if QEMU knows other virtio devices where this property
is applicable, it will have at least one of these devices.

Added in QEMU by:
commit e266d421490e0ae83044bbebb209b2d3650c0ba6
    virtio-pci: add flags to enable/disable legacy/modern
2016-08-17 18:13:06 +02:00
John Ferlan
d53d465083 qemu: Fix the command line generation for rbd auth using aes secrets
https://bugzilla.redhat.com/show_bug.cgi?id=1182074

Since libvirt still uses a legacy qemu arg format to add a disk, the
manner in which the 'password-secret' argument is passed to qemu needs
to change to prepend a 'file.' If in the future, usage of the more
modern disk format, then the prepended 'file.' can be removed.

Fix based on Jim Fehlig <jfehlig@suse.com> posting and subsequent
upstream list followups, see:

http://www.redhat.com/archives/libvir-list/2016-August/msg00777.html

for details. Introduced by commit id 'a1344f70'.
2016-08-17 08:03:48 -04:00
Chen Hanxiao
9cc871718f qemu_driver: update comments for qemuDomainSaveInternal
s/libvirt.c/libvirt-domain.c

Signed-off-by: Chen Hanxiao <chenhanxiao@gmail.com>
2016-08-17 13:55:49 +02:00