Commit Graph

4500 Commits

Author SHA1 Message Date
Eric Blake
b4d3434fc2 audit: prepare qemu for listing vm in cgroup audits
* src/qemu/qemu_cgroup.h (struct qemuCgroupData): New helper type.
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Drop unneeded prototypes.
(qemuSetupDiskCgroup, qemuTeardownDiskCgroup): Adjust prototype.
* src/qemu/qemu_cgroup.c
(qemuSetupDiskPathAllow, qemuSetupChardevCgroup)
(qemuTeardownDiskPathDeny): Mark static and use new type.
(qemuSetupHostUsbDeviceCgroup): Use new type.
(qemuSetupDiskCgroup): Alter signature.
(qemuSetupCgroup): Adjust caller.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostUsbDevice)
(qemuDomainDetachPciDiskDevice, qemuDomainDetachSCSIDiskDevice):
Likewise.
* src/qemu/qemu_driver.c (qemudDomainAttachDevice)
(qemuDomainUpdateDeviceFlags): Likewise.
2011-02-24 13:31:05 -07:00
Eric Blake
061738764d cgroup: determine when skipping non-devices
* src/util/cgroup.c (virCgroupAllowDevicePath)
(virCgroupDenyDevicePath): Don't fail with EINVAL for
non-devices.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update caller.
* src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
(qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
(qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.
2011-02-24 13:31:05 -07:00
Eric Blake
fd21ecfd49 virExec: avoid uninitialized memory usage
valgrind warns:

==21079== Syscall param rt_sigaction(act->sa_mask) points to uninitialised byte(s)
==21079==    at 0x329840F63E: __libc_sigaction (sigaction.c:67)
==21079==    by 0x4E5A8E7: __virExec (util.c:661)

Regression introduced in commit ab07533e.  Technically, sa_mask
shouldn't affect operation if sa_flags selects sa_handler, and
sa_handler selects SIG_IGN, but better safe than sorry.

* src/util/util.c (__virExec): Supply missing sigemptyset.
2011-02-24 13:12:52 -07:00
Daniel P. Berrange
4f2094a8a6 Allow 32-on-64 execution for LXC guests
Using the 'personality(2)' system call, we can make a container
on an x86_64 host appear to be i686. Likewise for most other
Linux 64bit arches.

* src/lxc/lxc_conf.c: Fill in 32bit capabilities for x86_64 hosts
* src/lxc/lxc_container.h, src/lxc/lxc_container.c: Add API to
  check if an arch has a 32bit alternative
* src/lxc/lxc_controller.c: Set the process personality when
  starting guest
2011-02-24 12:04:29 +00:00
Daniel P. Berrange
35416720c2 Put <stdbool.h> into internal.h so it is available everywhere
Remove the <stdbool.h> header from all source files / headers
and just put it into internal.h

* src/internal.h: Add <stdbool.h>
2011-02-24 12:04:06 +00:00
Jiri Denemark
9fc4b6a606 qemu: Switch over command line capabilities to virBitmap
This is done for two reasons:
- we are getting very close to 64 flags which is the maximum we can use
  with unsigned long long
- by using LL constants in enum we already violates C99 constraint that
  enum values have to fit into int
2011-02-24 12:10:00 +01:00
Jiri Denemark
23d935bd97 qemu: Rename qemud\?CmdFlags to qemuCaps
The new name complies more with the fact that it contains a set of
qemuCapsFlags.
2011-02-24 12:08:34 +01:00
Jiri Denemark
a96d08dc53 qemu: Use helper functions for handling cmd line capabilities
Three new functions (qemuCapsSet, qemuCapsClear, and qemuCapsGet) were
introduced replacing direct bit operations.
2011-02-24 12:07:06 +01:00
Jiri Denemark
21642e82b1 qemu: Rename QEMUD_CMD_FLAG_* to QEMU_CAPS_*
The new names comply more with the fact that they are all members of
enum qemuCapsFlags.
2011-02-24 12:05:39 +01:00
Jiri Denemark
40641f2a63 util: Add API for converting virBitmap into printable string 2011-02-24 12:03:04 +01:00
Jiri Denemark
533bee8249 util: Use unsigned long as a base type for virBitmap 2011-02-24 12:00:52 +01:00
Daniel P. Berrange
6704e3fdb3 Expose name + UUID to LXC containers via env variables
When spawning 'init' in the container, set

  LIBVIRT_LXC_UUID=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
  LIBVIRT_LXC_NAME=YYYYYYYYYYYY

to allow guest software to detect & identify that they
are in a container

* src/lxc/lxc_container.c: Set LIBVIRT_LXC_UUID and
  LIBVIRT_LXC_NAME env vars
2011-02-23 11:41:02 +00:00
Daniel P. Berrange
9f5bbe3b92 Fix off-by-1 in virFileAbsPath.
The virFileAbsPath was not taking into account the '/' directory
separator when allocating memory for combining cwd + path. Convert
to use virAsprintf to avoid this type of bug completely.

* src/util/util.c: Convert virFileAbsPath to use virAsprintf
2011-02-23 11:11:45 +00:00
Daniel P. Berrange
08fb2a9ce8 Fix group/mode for /dev/pts inside LXC container
Normal practice for /dev/pts is to have it mode=620,gid=5
but LXC was leaving mode=000,gid=0 preventing unprivilegd
users in the guest use of PTYs

* src/lxc/lxc_controller.c: Fix /dev/pts setup
2011-02-23 11:11:35 +00:00
Eric Blake
009fce98be security: avoid memory leak
Leak introduced in commit d6623003.

* src/qemu/qemu_driver.c (qemuSecurityInit): Avoid leak on failure.
* src/security/security_stack.c (virSecurityStackClose): Avoid
leaking component drivers.
2011-02-22 09:50:34 -07:00
Roopa Prabhu
dfd39ccda8 802.1Qbh: Delay IFF_UP'ing interface until migration final stage
Current code does an IFF_UP on a 8021Qbh interface immediately after a port
profile set. This is ok in most cases except when its the migration prepare
stage. During migration we want to postpone IFF_UP'ing the interface on the
destination host until the source host has disassociated the interface.
This patch moves IFF_UP of the interface to the final stage of migration.
The motivation for this change is to postpone any addr registrations on the
destination host until the source host has done the addr deregistrations.

While at it, for symmetry with associate move ifDown of a 8021Qbh interface
to before disassociate
2011-02-22 07:48:54 -05:00
Osier Yang
9f928af12b storage: make debug log more useful
"__func__" is useless there, as VIR_DEBUG will print the function
name.

* src/storage/storage_backend_mpath.c
2011-02-22 10:10:31 +08:00
Markus Groß
3e53c7f954 Renamed functions in xenxs 2011-02-21 11:15:08 -07:00
Markus Groß
2e69e66e38 Moved XM formatting functions to xenxs 2011-02-21 11:14:52 -07:00
Markus Groß
1556ced2de Moved XM parsing functions to xenxs 2011-02-21 11:11:22 -07:00
Markus Groß
2f2a88b998 Moved SEXPR formatting functions to xenxs 2011-02-21 11:07:43 -07:00
Markus Groß
07129039cc Moved SEXPR parsing functions to xenxs 2011-02-21 10:53:53 -07:00
Markus Groß
c71328b9aa Moved some SEXPR functions from xen-unified 2011-02-21 10:50:18 -07:00
Markus Groß
8606ca0d0b Moved SEXPR unit to utils 2011-02-21 10:48:02 -07:00
Wen Congyang
cf61114cee protect the scsi controller to be deleted when it is in use
Steps to reproduce this bug:
1. virsh attach-disk domain --source imagefile --target sdb --sourcetype file --driver qemu --subdriver raw
2. virsh detach-device controller.xml # remove scsi controller 0
3. virsh detach-disk domain sdb
   error: Failed to detach disk
   error: operation failed: detaching scsi0-0-1 device failed: Device 'scsi0-0-1' not found

I think we should not detach a controller when it is used by some other device.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-02-21 10:38:19 -07:00
Eric Blake
994e7567b6 maint: kill all remaining uses of old DEBUG macro
Done mechanically with:
$ git grep -l '\bDEBUG0\? *(' | xargs -L1 sed -i 's/\bDEBUG0\? *(/VIR_&/'

followed by manual deletion of qemudDebug in daemon/libvirtd.c, along
with a single 'make syntax-check' fallout in the same file, and the
actual deletion in src/util/logging.h.

* src/util/logging.h (DEBUG, DEBUG0): Delete.
* daemon/libvirtd.h (qemudDebug): Likewise.
* global: Change remaining clients over to VIR_DEBUG counterpart.
2011-02-21 08:46:52 -07:00
Eric Blake
03ba07cb73 hash: make virHashFree more free-like
Two-argument free functions are uncommon; match the style elsewhere
by caching the callback at creation.

* src/util/hash.h (virHashCreate, virHashFree): Move deallocator
argument to creation.
* cfg.mk (useless_free_options): Add virHashFree.
* src/util/hash.c (_virHashTable): Track deallocator.
(virHashCreate, virHashFree): Update to new signature.
* src/conf/domain_conf.c (virDomainObjListDeinit)
(virDomainObjListInit, virDomainDiskDefForeachPath)
(virDomainSnapshotObjListDeinit, virDomainSnapshotObjListInit):
Update callers.
* src/conf/nwfilter_params.c (virNWFilterHashTableFree)
(virNWFilterHashTableCreate): Likewise.
* src/conf/nwfilter_conf.c (virNWFilterTriggerVMFilterRebuild):
Likewise.
* src/cpu/cpu_generic.c (genericHashFeatures, genericBaseline):
Likewise.
* src/xen/xm_internal.c (xenXMOpen, xenXMClose): Likewise.
* src/nwfilter/nwfilter_learnipaddr.c (virNWFilterLearnInit)
(virNWFilterLearnShutdown): Likewise.
* src/qemu/qemu_command.c (qemuDomainPCIAddressSetCreate)
(qemuDomainPCIAddressSetFree): Likewise.
* src/qemu/qemu_process.c (qemuProcessWaitForMonitor): Likewise.
2011-02-21 08:27:02 -07:00
Daniel P. Berrange
2ff4c13754 Remove all object hashtable caches from virConnectPtr
The virConnectPtr struct will cache instances of all other
objects. APIs like virDomainLookupByUUID will return a
cached object, so if you do virDomainLookupByUUID twice in
a row, you'll get the same exact virDomainPtr instance.

This does not have any performance benefit, since the actual
logic in virDomainLookupByUUID (and other APIs returning
virDomainPtr, etc instances) is not short-circuited. All
it does is to ensure there is only one single virDomainPtr
in existance for any given UUID.

The caching has a number of downsides though, all relating
to stale data. If APIs aren't careful to always overwrite
the 'id' field in virDomainPtr it may become out of data.
Likewise for the name field, if a guest is renamed, or if
a guest is deleted, and then a new one created with the
same UUID but different name.

This has been an ongoing, endless source of bugs for all
applications using libvirt from languages with garbage
collection, causing them to get virDomainPtr instances
from long ago with stale data.

The caching is also a waste of memory resources, since
both applications, and language bindings often maintain
their own hashtable caches of object instances.

This patch removes all the hash table caching, so all
APIs return brand new virDomainPtr (etc) object instances.

* src/datatypes.h: Delete all hash tables.
* src/datatypes.c: Remove all object caching code
2011-02-21 11:50:46 +00:00
Stefan Berger
912d170f87 nwfilter: enable rejection of packets
This patch adds the possibility to not just drop packets, but to also have them rejected where iptables at least sends an ICMP msg back to the originator. On ebtables this again maps into dropping packets since rejecting is not supported.

I am adding 'since 0.8.9' to the docs assuming this will be the next version of libvirt.
2011-02-18 20:13:40 -05:00
Guido Günther
acab8a97ce Drop empty argument from dnsmasq call
since dnsmasq >= 2.56 now bails out with empty arguments. See
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=613944
for the Debian bug and
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=589885
for the upstream reasoning.
2011-02-18 22:23:15 +01:00
Eric Blake
7b6286b780 build: fix broken mingw cross-compilation
Two regressions:
Commit df1011ca broke builds for systems that lack devmapper
(non-Linux, as well as Linux with ./autogen.sh --without-libvirtd
and without the libraries present).
Commit ce6fd650 broke cross-compilation, due to a gnulib bug.

* .gnulib: Update to latest, for cross-compilation fix.
* src/util/util.c (virIsDevMapperDevice): Provide stub for
platforms not using storage driver.
* configure.ac (devmapper): Arrange to define HAVE_LIBDEVMAPPER_H.
devmapper issue reported by Wen Congyang.
2011-02-18 12:02:22 -07:00
Matthias Bolte
791da4e736 esx: Ignore malformed host UUID from BIOS
Etienne Gosset reported that libvirt fails to connect to his ESX
server because it failed to parse its malformed host UUID, that
contains an additional space and lacks one hexdigit in the last
group:

xxxxxxxx-xxxx-xxxx-xxxx- xxxxxxxxxxx

Don't treat this as a fatal error, just ignore it.
2011-02-18 17:59:05 +01:00
Michal Privoznik
595174aeb7 virsh: freecell --all getting wrong NUMA nodes count
Virsh freecell --all was not only getting wrong NUMA nodes count, but
even the NUMA nodes IDs. They doesn't have to be continuous, as I've
found out during testing this. Therefore a modification of
nodeGetCellsFreeMemory() error message.
2011-02-18 09:26:40 -07:00
Eric Blake
053013b0da build: recompute symbols after changing configure options
$ ./configure
...
$ make
...
  GEN    libvirt.syms
...
$ ./configure --with-driver-modules
...
$ make
...

libvirt.syms doesn't get regenerated but it should as it should
contain virDriverLoadModule now.

* src/Makefile.am (libvirt.syms): Depend on configure changes.
Reported by Matthias Bolte.
2011-02-18 08:58:36 -07:00
Jim Fehlig
efc2594b4e Do not add drive 'boot=on' param when a kernel is specified
libvirt-tck was failing several domain tests [1] with qemu 0.14, which
is now less tolerable of specifying 2 bootroms with the same boot index [2].

Drop the 'boot=on' param if kernel has been specfied.

[1] https://www.redhat.com/archives/libvir-list/2011-February/msg00559.html
[2] http://lists.nongnu.org/archive/html/qemu-devel/2011-02/msg01892.html
2011-02-17 20:32:48 -07:00
Christophe Fergeau
50daaa0a3e remove duplicated call to reportOOMError 2011-02-17 17:12:23 -07:00
Christophe Fergeau
787e38890e remove space between function name and (
There were several occurrences of an extra space inserted between
a function name and the ( opening the argument list in
datatypes.c. This is not consistent with the coding style used in
the rest of this file so removing this extra space makes the
code slightly more readable.
2011-02-17 17:10:27 -07:00
Christophe Fergeau
7b9a509953 don't check for NULL before calling virHashFree
virHashFree follows the convention described in HACKING that
XXXFree() functions can be called with a NULL argument.
2011-02-17 17:02:32 -07:00
Christophe Fergeau
9905c69e4f remove no longer needed calls to virReportOOMError
Now that the virHash handling functions call virReportOOMError by
themselves when needed, users of the virHash API no longer need to
do it by themselves. Since users of the virHash API were not
consistently calling virReportOOMError after memory failures from
the virHash code, this has the added benefit of making OOM
reporting from this code more consistent and reliable.
2011-02-17 16:59:14 -07:00
Christophe Fergeau
7f1c65e551 factor common code in virHashAddEntry and virHashUpdateEntry
The only difference between these 2 functions is that one errors
out when the entry is already present while the other modifies
the existing entry. Add an helper function with a boolean argument
indicating whether existing entries should be updated or not, and
use this helper in both functions.
2011-02-17 16:46:54 -07:00
Christophe Fergeau
5c5880e047 add hash table rebalancing in virHashUpdateEntry
The code in virHashUpdateEntry and virHashAddEntry is really
similar. However, the latter rebalances the hash table when
one of its buckets contains too many elements while the former
does not. Fix this discrepancy.
2011-02-17 16:45:25 -07:00
Eric Blake
aebe04d75e hash: modernize debug code
* src/util/hash.c (virHashGrow) [DEBUG_GROW]: Use modern logging.
Reported by Christophe Fergeau.
2011-02-17 16:33:12 -07:00
Wen Congyang
34c13d0d1a check more error info about whether drive_add failed
When we attach a disk, but we specify a wrong format of disk image,
qemu monitor command drive_add will fail, but libvirt does not detect
this error.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-02-17 14:10:26 -07:00
Eric Blake
bb904f45ff logging: make VIR_ERROR and friends preserve errno
Followup to commit 17e19add, and would have prevented the bug
independently fixed in commit 76c57a7c.

* src/util/logging.c (virLogMessage): Preserve errno, since
logging should be as unintrusive as possible.
2011-02-17 14:03:11 -07:00
Laine Stump
5754dbd56d Give each virtual network bridge its own fixed MAC address
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=609463

The problem was that, since a bridge always acquires the MAC address
of the connected interface with the numerically lowest MAC, as guests
are started and stopped, it was possible for the MAC address to change
over time, and this change in the network was being detected by
Windows 7 (it sees the MAC of the default route change), so on each
reboot it would bring up a dialog box asking about this "new network".

The solution is to create a dummy tap interface with a MAC guaranteed
to be lower than any guest interface's MAC, and attach that tap to the
bridge as soon as it's created. Since all guest MAC addresses start
with 0xFE, we can just generate a MAC with the standard "0x52, 0x54,
0" prefix, and it's guaranteed to always win (physical interfaces are
never connected to these bridges, so we don't need to worry about
competing numerically with them).

Note that the dummy tap is never set to IFF_UP state - that's not
necessary in order for the bridge to take its MAC, and not setting it
to UP eliminates the clutter of having an (eg) "virbr0-nic" displayed
in the output of the ifconfig command.

I chose to not auto-generate the MAC address in the network XML
parser, as there are likely to be consumers of that API that don't
need or want to have a MAC address associated with the
bridge.

Instead, in bridge_driver.c when the network is being defined, if
there is no MAC, one is generated. To account for virtual network
configs that already exist when upgrading from an older version of
libvirt, I've added a %post script to the specfile that searches for
all network definitions in both the config directory
(/etc/libvirt/qemu/networks) and the state directory
(/var/lib/libvirt/network) that are missing a mac address, generates a
random address, and adds it to the config (and a matching address to
the state file, if there is one).

docs/formatnetwork.html.in: document <mac address.../>
docs/schemas/network.rng: add nac address to schema
libvirt.spec.in: %post script to update existing networks
src/conf/network_conf.[ch]: parse and format <mac address.../>
src/libvirt_private.syms: export a couple private symbols we need
src/network/bridge_driver.c:
    auto-generate mac address when needed,
    create dummy interface if mac address is present.
tests/networkxml2xmlin/isolated-network.xml
tests/networkxml2xmlin/routed-network.xml
tests/networkxml2xmlout/isolated-network.xml
tests/networkxml2xmlout/routed-network.xml: add mac address to some tests
2011-02-17 13:36:32 -05:00
Laine Stump
13ae7a02b3 Allow brAddTap to create a tap device that is down
An upcoming patch has a use for a tap device to be created that
doesn't need to be actually put into the "up" state, and keeping it
"down" keeps the output of ifconfig from being unnecessarily cluttered
(ifconfig won't show down interfaces unless you add "-a").

bridge.[ch]: add "up" as an arg to brAddTap()
uml_conf.c, qemu_command.c: add "up" (set to "true") to brAddTap() call.
2011-02-17 13:36:22 -05:00
Laine Stump
e9bd5c0e24 Add txmode attribute to interface XML for virtio backend
This is in response to:

   https://bugzilla.redhat.com/show_bug.cgi?id=629662

Explanation

qemu's virtio-net-pci driver allows setting the algorithm used for tx
packets to either "bh" or "timer". This is done by adding ",tx=bh" or
",tx=timer" to the "-device virtio-net-pci" commandline option.

'bh' stands for 'bottom half'; when this is set, packet tx is all done
in an iothread in the bottom half of the driver. (In libvirt, this
option is called the more descriptive "iothread".)

'timer' means that tx work is done in qemu, and if there is more tx
data than can be sent at the present time, a timer is set before qemu
moves on to do other things; when the timer fires, another attempt is
made to send more data. (libvirt retains the name "timer" for this
option.)

The resulting difference, according to the qemu developer who added
the option is:

    bh makes tx more asynchronous and reduces latency, but potentially
    causes more processor bandwidth contention since the cpu doing the
    tx isn't necessarily the cpu where the guest generated the
    packets.

Solution

This patch provides a libvirt domain xml knob to change the option on
the qemu commandline, by adding a new attribute "txmode" to the
<driver> element that can be placed inside any <interface> element in
a domain definition. It's use would be something like this:

    <interface ...>
      ...
      <model type='virtio'/>
      <driver txmode='iothread'/>
      ...
    </interface>

I chose to put this setting as an attribute to <driver> rather than as
a sub-element to <tune> because it is specific to the virtio-net
driver, not something that is generally usable by all network drivers.
(note that this is the same placement as the "driver name=..."
attribute used to choose kernel vs. userland backend for the
virtio-net driver.)

Actually adding the tx=xxx option to the qemu commandline is only done
if the version of qemu being used advertises it in the output of

    qemu -device virtio-net-pci,?

If a particular txmode is requested in the XML, and the option isn't
listed in that help output, an UNSUPPORTED_CONFIG error is logged, and
the domain fails to start.
2011-02-17 11:07:58 -05:00
Laine Stump
b670a41206 Restructure domain struct interface "driver" data for easier expansion
When the <driver> element (and its "name" attribute) was added to the
domain XML's interface element, a "backend" enum was simply added to
the toplevel of the virDomainNetDef struct.

Ignoring the naming inconsistency ("name" vs. "backend"), this is fine
when there's only a single item contained in the driver element of the
XML, but doesn't scale well as we add more attributes that apply to
the backend of the virtio-net driver, or add attributes applicable to
other drivers.

This patch changes virDomainNetDef in two ways:

1) Rename the item in the struct from "backend" to "name", so that
   it's the same in the XML and in the struct, hopefully avoiding
   confusion for someone unfamiliar with the function of the
   attribute.

2) Create a "driver" union within virDomainNetDef, and a "virtio"
   struct in that struct, which contains the "name" enum value.

3) Move around the virDomainNetParse and virDomainNetFormat functions
   to allow for simple plugin of new attributes without disturbing
   existing code. (you'll note that this results in a seemingly
   redundant if() in the format function, but that will no longer be
   the case as soon as a 2nd attribute is added).

In the future, new attributes for the virtio driver backend can be
added to the "virtio" struct, and any other network device backend that
needs an attribute will have its own struct added to the "driver"
union.
2011-02-17 11:07:45 -05:00
Daniel P. Berrange
766de43533 Move all the QEMU migration code to a new file
The introduction of the v3 migration protocol, along with
support for migration cookies, will significantly expand
the size of the migration code. Move it all to a separate
file to make it more manageable

The functions are not moved 100%. The API entry points
remain in the main QEMU driver, but once the public
virDomainPtr is resolved to the internal virDomainObjPtr,
all following code is moved.

This will allow the new v3 API entry points to call into the
same shared internal migration functions

* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Add
  qemuDomainFormatXML helper method
* src/qemu/qemu_driver.c: Remove all migration code
* src/qemu/qemu_migration.c, src/qemu/qemu_migration.h: Add
  all migration code.
2011-02-17 12:56:10 +00:00
Daniel P. Berrange
48c2d6c65b Split all QEMU process mangement code into separate file
Move the qemudStartVMDaemon and qemudShutdownVMDaemon
methods into a separate file, renaming them to
qemuProcessStart, qemuProcessStop. All helper methods
called by these are also moved & renamed to match

* src/Makefile.am: Add qemu_process.c/.h
* src/qemu/qemu_command.c: Add qemuDomainAssignPCIAddresses
* src/qemu/qemu_command.h: Add VNC port min/max
* src/qemu/qemu_domain.c, src/qemu/qemu_domain.h: Add
  domain event queue helpers
* src/qemu/qemu_driver.c, src/qemu/qemu_driver.h: Remove
  all QEMU process startup/shutdown functions
* src/qemu/qemu_process.c, src/qemu/qemu_process.h: Add
  all QEMU process startup/shutdown functions
2011-02-17 12:48:55 +00:00
Osier Yang
df1011ca8e storage: Allow to delete device mapper disk partition
The name convention of device mapper disk is different, and 'parted'
can't be used to delete a device mapper disk partition. e.g.

Name                 Path
-----------------------------------------
3600a0b80005ad1d7000093604cae912fp1 /dev/mapper/3600a0b80005ad1d7000093604cae912fp1

Error: Expecting a partition number.

This patch introduces 'dmsetup' to fix it.

Changes:
  - New function "virIsDevMapperDevice" in "src/utils/utils.c"
  - remove "is_dm_device" in "src/storage/parthelper.c", use
    "virIsDevMapperDevice" instead.
  - Requires "device-mapper" for 'with-storage-disk" in "libvirt.spec.in"
  - Check "dmsetup" in 'configure.ac' for "with-storage-disk"
  - Changes on "src/Makefile.am" to link against libdevmapper
  - New entry for "virIsDevMapperDevice" in "src/libvirt_private.syms"

Changes from v1 to v3:
  - s/virIsDeviceMapperDevice/virIsDevMapperDevice/g
  - replace "virRun" with "virCommand"
  - sort the list of util functions in "libvirt_private.syms"
  - ATTRIBUTE_NONNULL(1) for virIsDevMapperDevice declaration.

e.g.

Name                 Path
-----------------------------------------
3600a0b80005ad1d7000093604cae912fp1 /dev/mapper/3600a0b80005ad1d7000093604cae912fp1

Vol /dev/mapper/3600a0b80005ad1d7000093604cae912fp1 deleted

Name                 Path
-----------------------------------------
2011-02-17 15:29:07 +08:00
Osier Yang
cd951ad2ec qemu: Error prompt when saving a shutoff domain
"qemudDomainSaveFlag" goto wrong label "endjob", which will cause
error when security manager trying to restore label (regression).

As it's more reasonable to check if vm is shutoff immediately, and
return right away if it is, remove the checking in "qemudDomainSaveFlag",
and add checking in "qemudDomainSave".

* src/qemu/qemu_driver.c
2011-02-17 11:18:47 +08:00
Eric Blake
76c57a7c1d cgroup: preserve correct errno on failure
* src/util/cgroup.c (virCgroupSetValueStr, virCgroupGetValueStr)
(virCgroupRemoveRecursively): VIR_DEBUG can clobber errno.
(virCgroupRemove): Use VIR_DEBUG rather than DEBUG.
2011-02-16 08:10:30 -07:00
Jiri Denemark
453d05dab9 qemu: Fix command line generation with faked host CPU
The code expected that host CPU architecture matches the architecture on
which libvirt runs. This is normally true but not in tests, where host
CPU is faked to produce consistent results.
2011-02-15 22:51:50 +01:00
Eric Blake
c106a83712 docs: fix typos
* docs/drvopenvz.html.in: Spell administrator correctly.
* docs/drvuml.html.in: Likewise.
* src/qemu/qemu.conf: Likewise.  Fix other typos, too.
2011-02-15 13:50:28 -07:00
Eric Blake
3db08aeaef build: address clang reports about virCommand
clang had 5 reports against virCommand; three were false positives
(a NULL deref in ProcessIO solved by sa_assert, and two uninitialized
memory operations solved by adding an initializer), but two were real.

* src/util/command.c (virCommandProcessIO): Fix real bug of
possible NULL dereference.  Teach clang that buf is never NULL.
(virCommandRun): Teach clang that infd is only ever accessed when
initialized.
2011-02-15 10:43:40 -07:00
Eric Blake
56152be578 qemu: don't mask real error with oom report
* src/qemu/qemu_command.c (qemuBuildCommandLine): Don't report oom
after qemuBuildControllerDevStr, which reported its own errors.
2011-02-15 10:43:39 -07:00
Eric Blake
abaa65605f qemu: avoid NULL derefs
The processWatchdogEvent fix is real, although it can only trigger
on OOM, since bad things happen if doCoreDump is called with a NULL
pathname argument.  The other fixes silence clang, but aren't a real
bug because virReportErrorHelper tolerates a NULL format string even
though *printf does not.

* src/qemu/qemu_driver.c (processWatchdogEvent): Exit on OOM.
(qemuDomainIsActive, qemuDomainIsPersistent, qemuDomainIsUpdated):
Provide valid message.
2011-02-15 09:55:45 -07:00
Eric Blake
ae891f956e virDomainMemoryStats: avoid null dereference
* src/libvirt.c (virDomainMemoryStats): Check domain before flags.
2011-02-15 09:43:05 -07:00
Daniel P. Berrange
dd50c0054c Fix leak of mutex attributes in POSIX threads impl
* src/util/threads-pthread.c: Fix mutex leak
2011-02-15 11:42:32 +00:00
Daniel P. Berrange
7020ffc0ed Fix leak in SCSI storage backend
The SCSI storage backend leaks a string containing the pathname
for each block device it discovers

* src/storage/storage_backend_scsi.c: Free the device name
2011-02-15 11:41:48 +00:00
Matthias Bolte
c7a6fc375a Output commandline on status != 0 in virCommandWait
This helps identifying which command exited with status != 0.
2011-02-15 11:46:16 +01:00
Christophe Fergeau
dad4a3f29a add missing error handling to virGetDomain
When creating the virDomain::snapshots hash table, virGetDomain
wasn't checking if the creation was successful. This would then
lead to failures in the vir*DomainSnapshot functions. Better to
report this error early and make virGetDomain fail if the
snapshots hash couldn't be created.
* src/datatypes.c: report failure to make a hash table
2011-02-15 11:05:38 +08:00
Christophe Fergeau
7adb3fb739 call virReportOOMError when appropriate in hash.c
A couple of allocation were not calling virReportOOMError on allocation
errors

* src/util/hash.c: add the needed call in virHashCreate and
  virHashAddOrUpdateEntry
2011-02-15 10:59:01 +08:00
Osier Yang
b958419534 storage: Create enough volumes for mpath pool
"virStorageBackendCreateVols":
  "names->next" serves as condition expression for "do...while",
however, "names" was shifted before, it then results in one less
loop, and thus, one less volume will be created for mpath pool,
the patch is to fix it.

* src/storage/storage_backend_mpath.c
2011-02-15 10:12:24 +08:00
Eric Blake
d4b230c8fc maint: kill dead assignments
* src/network/bridge_driver.c (networkStartNetworkDaemon): Delete
unused assignments.
2011-02-14 17:34:14 -07:00
Eric Blake
0cca53921d qemu: avoid NULL deref on error
* src/qemu/qemu_command.c (qemuParseCommandLineDisk): Report error
before cleaning def.
2011-02-14 17:34:05 -07:00
Eric Blake
bd6ea30384 build: silence false positive clang report
clang complained that STREQ(group->controllers[i].mountPoint,...)  was
a NULL dereference when i==VIR_CGROUP_CONTROLLER_CPUSET, because it
assumes the worst about virCgroupPathOfController.  Marking the
argument const doesn't yet have an effect, per this clang bug:
http://llvm.org/bugs/show_bug.cgi?id=7758

So, we use sa_assert, which was designed to shut up false positives
from tools like clang.

* src/util/cgroup.c (virCgroupMakeGroup): Teach clang that there
is no NULL dereference.
2011-02-14 15:37:32 -07:00
Eric Blake
e046d41f72 qemu: ignore failure of qemu -M ? on older qemu
https://bugzilla.redhat.com/show_bug.cgi?id=676563

Regression introduced in commit 2211518.

* src/qemu/qemu_capabilities.c (qemuCapsProbeMachineTypes): Allow
non-zero exit status.
2011-02-14 15:33:33 -07:00
Eric Blake
83a0489a21 xml: avoid compiler warning
Detected by clang.

* src/util/xml.c (virXPathStringLimit): Use %zd, not obsolete %Zd.
2011-02-14 13:39:03 -07:00
Stefan Berger
13e9ba7c2b nwfilter: reorder match extensions relative to state match
This patch reorders the connlimit and comment match extensions relative to the state match (-m state); connlimit being most useful if found after a -m state --state NEW and not before it.
2011-02-14 14:10:24 -05:00
Jiri Denemark
f7bec64913 conf: Fix XML generation for smartcards
When formatting XML for smartcard device with mode=host, libvirt
generates invalid XML if the device has address info associated:

<smartcard mode='host' <address type='ccid' controller='0' slot='1'/>
2011-02-14 19:42:29 +01:00
Daniel P. Berrange
41f551e25e Fix cleanup on VM state after failed QEMU startup
Commit 9962e406c6 introduced a
problem where if the VM failed to startup, it would not be
correctly cleaned up. Amongst other things the SELinux
security label would not be removed, which prevents the VM
from ever starting again.

The virDomainIsActive() check at the start of qemudShutdownVMDaemon
checks for vm->def->id not being -1. By moving the assignment of the
VM id to the start of qemudStartVMDaemon, we can ensure cleanup will
occur on failure

* src/qemu/qemu_driver.c: Move initialization of 'vm->def->id'
  so that qemudShutdownVMDaemon() will process the shutdown
2011-02-14 16:02:00 +00:00
Christophe Fergeau
9190f0b0a0 fix OOM handling in hash routines
* src/util/hash.c: virHashAddEntry and virHashUpdateEntry were missing NULL
  checks on strdup
* AUTHORS: add Christophe Fergeau
2011-02-14 13:36:06 +08:00
Matthias Bolte
eebf4dc343 Update src/README
Add missing subdirectories.
2011-02-12 17:10:30 +01:00
Matthias Bolte
1682bcf7d8 qemu: Report a more informative error for missing cgroup controllers
Also use VIR_ERR_OPERATION_INVALID instead of VIR_ERR_NO_SUPPORT, as
the operation could succeed when the cgroup controller was mounted.
2011-02-12 13:37:57 +01:00
Osier Yang
0e629db3bf xen: Prevent updating device when attaching a device
When attaching a device that already exists, xend driver updates
the device with "device_configure", it causes problems (e.g. for
disk device, 'device_configure' only can be used to update device
like CDROM), on the other hand, we provide additional API
(virDomainUpdateDevice) to update device, this fix is to raise up
errors instead of updating the existed device which is not CDROM
device.

Changes from v1 to v2:
  - allow to update CDROM

* src/xen/xend_internal.c
2011-02-12 14:29:09 +08:00
Eric Blake
699a5888b7 build: fix cygwin strerror_r failure
Building the 0.8.8 release candidate on cygwin produced this compiler
warning, which is indicative of catastrophic failure on any attempt to
print an error message with errno turned to a string:

  CC       strerror_r.lo
strerror_r.c: In function 'rpl_strerror_r':
strerror_r.c:67: warning: assignment makes integer from pointer without a cast

This has been fixed in gnulib.

* .gnulib: Update to latest, for strerror_r fix.
* src/util/memory.c (includes): Satisfy 'make syntax-check'.
2011-02-11 12:32:17 -07:00
Philipp Hahn
f370fc37f9 qemu: Fix escape_monitor(escape_shell(command))
Suspending a VM which contains shell meta characters doesn't work with
libvirt-0.8.7:
/var/log/libvirt/qemu/andreas_231-ne\ doch\ nicht.log:
  sh: -c: line 0: syntax error near unexpected token `doch'
  sh: -c: line 0: `cat | { dd bs=4096 seek=1 if=/dev/null && dd bs=1048576; }

Although target="andreas_231-ne doch nicht" contains shell meta
characters (here: blanks), they are not properly escaped by
src/qemu/qemu_monitor_{json,text}.c#qemuMonitor{JSON,Text}MigrateToFile()

First, the filename needs to be properly escaped for the shell, than
this command line has to be properly escaped for qemu again.

For this to work, remove the old qemuMonitorEscapeArg() wrapper, rename
qemuMonitorEscape() to it removing the handling for shell=TRUE, and
implement a new qemuMonitorEscapeShell() returning strings using single
quotes.

Using double quotes or escaping special shell characters with backslashes
would also be possible, but the set of special characters heavily
depends on the concrete shell (dsh, bash, zsh) and its setting (history
expansion, interactive use, ...)

Signed-off-by: Philipp Hahn <hahn@univention.de>
2011-02-11 12:07:35 -07:00
Daniel P. Berrange
cee61fc298 Imprint all logs with version + package build information
The logging functions are enhanced so that immediately prior to
the first log message being printed to any output channel, the
libvirt package version will be printed.

eg

 $ LIBVIRT_DEBUG=1 virsh
 18:13:28.013: 17536: info : libvirt version: 0.8.7
 18:13:28.013: 17536: debug : virInitialize:361 : register drivers
 ...

The 'configure' script gains two new arguments which can be
used as

   --with-packager="Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10"
   --with-packager-version="1.fc14"

to allow distros to append a custom string with package specific
data.

The RPM specfile is modified so that it appends the RPM version,
the build host, the build date and the packager name.

eg

 $ LIBVIRT_DEBUG=1 virsh
 18:14:52.086: 17551: info : libvirt version: 0.8.7, package: 1.fc13 (Fedora Project, x86-01.phx2.fedoraproject.org, 01-27-2011-18:00:10)
 18:14:52.086: 17551: debug : virInitialize:361 : register drivers

Thus when distro packagers receive bug reports they can clearly
see what version was in use, even if the bug reporter mistakenly
or intentionally lies about version/builds

* src/util/logging.c: Output version data prior to first log message
* libvirt.spec.in: Include RPM release, date, hostname & packager
* configure.ac: Add --with-packager & --with-packager-version args
2011-02-11 14:13:08 +00:00
Wen Congyang
6bf4788e86 qemu: fix attach-interface regression
QEMUD_CMD_FLAG_PCI_MULTIBUS should be set in the function
qemuCapsExtractVersionInfo()

The flag QEMUD_CMD_FLAG_PCI_MULTIBUS is used in the function
qemuBuildDeviceAddressStr(). All callers get qemuCmdFlags
by the function qemuCapsExtractVersionInfo() except that
testCompareXMLToArgvFiles() in qemuxml2argvtest.c.

So we should set QEMUD_CMD_FLAG_PCI_MULTIBUS in the function
qemuCapsExtractVersionInfo() instead of qemuBuildCommandLine()
because the function qemuBuildCommandLine() does not be called
when we attach a pci device.

tests: set QEMUD_CMD_FLAG_PCI_MULTIBUS in testCompareXMLToArgvFiles()

set QEMUD_CMD_FLAG_PCI_MULTIBUS before calling qemuBuildCommandLine()
as the flags is not set by qemuCapsExtractVersionInfo().

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-02-10 15:07:21 -07:00
Daniel P. Berrange
eacb3bb02a Reduce log level when cgroups aren't mounted
Quite a few hosts don't have cgroups mounted and so see warnings
from libvirt logged, which then cause bug reports, etc. Reduce
the log level to INFO so they're not visible by default

* src/qemu/qemu_driver.c: Reduce log level for cgroups
2011-02-10 14:30:02 +00:00
Daniel P. Berrange
525434dd60 Avoid warnings from nwfilter driver when run non-root
When run non-root the nwfilter driver logs error messages about
being unable to find iptables/ebtables commands (they are in
/sbin which isn't in $PATH). The nwfilter driver can't ever work
as non-root, so simply skip it entirely thus avoiding the error
messages

* src/conf/nwfilter_conf.h, src/nwfilter/nwfilter_driver.c,
  src/nwfilter/nwfilter_gentech_driver.c,
  src/nwfilter/nwfilter_gentech_driver.h: Pass 'bool privileged'
  flag down to final driver impl
* src/nwfilter/nwfilter_ebiptables_driver.c: Skip initialization
  if not privileged
2011-02-10 14:29:57 +00:00
Michal Privoznik
10713b1b98 Fix typo in parsing of spice 'auth' data
A typo s/spice/vnc/ caused parsing of the spice 'auth' data
to write into the wrong part of the struct, blowing away
other unrelated data.

* src/conf/domain_conf.c: s/vnc/spice/ in parsing spice auth
2011-02-10 10:54:15 +00:00
Daniel P. Berrange
7a4bc156c1 Adjust some log levels in udev driver
Most of te VIR_INFO calls in the udev driver are only relevant
to developers so can switch to VIR_DEBUG. Failure to initialize
libpciaccess though is a fatal error

* src/node_device/node_device_udev.c: Adjust log levels
2011-02-09 17:23:21 +00:00
Daniel P. Berrange
bf6a3825b5 Add check for binary existing in machine type probe
When probing machine types if the QEMU binary does not exist
we get a hard to diagnose error, due to the execve() in the
child failing

error: internal error Child process exited with status 1.

Add an explicit check so that we get

error: Cannot find QEMU binary /usr/libexec/qem3u-kvm: No such file or directory

* src/qemu/qemu_capabilities.c: Check for QEMU binary
2011-02-09 16:45:31 +00:00
Daniel P. Berrange
2222bd2459 Add a little more debugging for async events
To make it easier to investigate problems with async event
delivery, add two more debugging lines

* daemon/remote.c: Debug when an event is queued for dispatch
* src/remote/remote_driver.c: Debug when an event is received
  for processing
2011-02-09 16:45:05 +00:00
Daniel P. Berrange
8ce5d404be Move connection driver modules directory
When built as modules, the connection drivers live
in $LIBDIR/libvirt/drivers. Now we add lock manager
drivers, we need to distinguish. So move the existing
modules to 'connection-driver'

* src/Makefile.am: Move module install dir
* src/driver.c: Move module search dir
2011-02-09 16:22:06 +00:00
Daniel P. Berrange
88d04d170f Reset logging filter function when forking
To ensure child processes will log all error messages, reset
the logging filter function when forking

* src/util/util.c: Reset log filter in fork
2011-02-09 16:21:55 +00:00
Daniel P. Berrange
ab07533e76 Block SIGPIPE around virExec hook functions
Some functionality run in virExec hooks may do I/O which
can trigger SIGPIPE. Renable SIGPIPE blocking around the
hook function

* src/util/util.c: Block SIGPIPE around hooks
2011-02-09 16:21:06 +00:00
Daniel P. Berrange
cd782cc391 Support SCSI RAID type & lower log level for unknown types
The Linux kernel headers don't have a value for SCSI type 12,
but HAL source code shows this to be a 'raid'. Add workaround
for this type. Lower log level for unknown types since
this is not a fatal error condition. Include the device sysfs
path in the log output to allow identification of which device
has problems.

* src/node_device/node_device_udev.c: Add SCSI RAID type
2011-02-09 16:20:38 +00:00
Daniel P. Berrange
2215050edd Only initialize/cleanup libpciaccess once
libpciaccess has many bugs in its pci_system_init/cleanup
functions that makes calling them multiple times unwise.
eg it will double close() FDs, and leak other FDs.

* src/node_device/node_device_udev.c: Only initialize
  libpciaccess once
2011-02-09 16:20:27 +00:00
Serge E. Hallyn
28209ca05e Don't use CLONE_NEWUSER for now
Until now, user namespaces have not done much, but (for that
reason) have been innocuous to glob in with other CLONE_
flags.  Upcoming userns development, however, will make tasks
cloned with CLONE_NEWUSER far more restricted.  In particular,
for some time they will be unable to access files with anything
other than the world access perms.

This patch assumes that noone really needs the user namespaces
to be enabled.  If that is wrong, then we can try a more
baroque patch where we create a file owned by a test userid with
700 perms and, if we can't access it after setuid'ing to that
userid, then return 0.  Otherwise, assume we are using an
older, 'harmless' user namespace implementation.

Comments appreciated.  Is it ok to do this?

Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com>
2011-02-09 08:23:37 -07:00
Eric Blake
5ec8fb5662 sysinfo: implement qemu support
* src/qemu/qemu_driver.c (qemuGetSysinfo): New function.
(qemuDriver): Install it.
2011-02-08 19:38:49 -07:00
Eric Blake
cb5b5380c2 sysinfo: refactor xml formatting
* src/util/sysinfo.h (virSysinfoFormat): New prototype.
* src/conf/domain_conf.c (virDomainSysinfoDefFormat): Move guts...
* src/util/sysinfo.c (virSysinfoFormat): ...into new function.
* src/libvirt_private.syms: Export it.
2011-02-08 19:37:21 -07:00
Eric Blake
5c8dedddcc sysinfo: implement the remote protocol
Done by editing the first three files, then running
'make -C src rpcgen', then editing src/remote_protocol-structs
to match.

* daemon/remote.c (remoteDispatchGetSysinfo): New function.
* src/remote/remote_driver.c (remoteGetSysinfo, remote_driver):
Client side serialization.
* src/remote/remote_protocol.x (remote_get_sysinfo_args)
(remote_get_sysinfo_ret): New types.
(REMOTE_PROC_GET_SYSINFO): New enum value.
* daemon/remote_dispatch_args.h: Regenerate.
* daemon/remote_dispatch_prototypes.h: Likewise.
* daemon/remote_dispatch_ret.h: Likewise.
* daemon/remote_dispatch_table.h: Likewise.
* src/remote/remote_protocol.c: Likewise.
* src/remote/remote_protocol.h: Likewise.
* src/remote_protocol-structs: Likewise.
2011-02-08 19:29:46 -07:00
Eric Blake
addee8a096 sysinfo: implement the public API
* src/libvirt.c (virConnectGetSysinfo): New function.
* docs/formatdomain.html.in: Mention it.
2011-02-08 19:29:44 -07:00
Eric Blake
dec13a5a15 sysinfo: define internal driver API
* src/driver.h (virDrvGetSysinfo): New typedef.
(_virDriver): New callback member.
* src/esx/esx_driver.c (esxDriver): Add stub for driver.
* src/lxc/lxc_driver.c (lxcDriver): Likewise.
* src/opennebula/one_driver.c (oneDriver): Likewise.
* src/openvz/openvz_driver.c (openvzDriver): Likewise.
* src/phyp/phyp_driver.c (phypDriver): Likewise.
* src/qemu/qemu_driver.c (qemuDriver): Likewise.
* src/remote/remote_driver.c (remote_driver): Likewise.
* src/test/test_driver.c (testDriver): Likewise.
* src/uml/uml_driver.c (umlDriver): Likewise.
* src/vbox/vbox_tmpl.c (Driver): Likewise.
* src/vmware/vmware_driver.c (vmwareDriver): Likewise.
* src/xen/xen_driver.c (xenUnifiedDriver): Likewise.
* src/xenapi/xenapi_driver.c (xenapiDriver): Likewise.
2011-02-08 19:25:30 -07:00
Eric Blake
353b760953 sysinfo: expose new API
The new virConnectGetSysinfo() API allows one to get the system
information associated to a connection host, providing the same
data as a guest that uses <os><smbios mode='host'/></os>, and in
a format that can be pasted into the guest and edited when using
<os><smbios mode='sysinfo'/></os>.

* include/libvirt/libvirt.h.in (virConnectGetSysinfo): Declare.
* src/libvirt_public.syms: Export new symbol.
2011-02-08 19:21:26 -07:00
Gui Jianfeng
76d99efc44 LXC: LXC Blkio weight configuration support.
LXC Blkio weight configuration support.

Reviewed-by: "Nikunj A. Dadhania" <nikunj@linux.vnet.ibm.com>
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-02-08 11:43:54 -07:00
Gui Jianfeng
d9b28a319a qemu: Implement blkio tunable XML configuration and parsing.
Implement blkio tunable XML configuration and parsing.

Reviewed-by: "Nikunj A. Dadhania" <nikunj@linux.vnet.ibm.com>
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-02-08 11:43:45 -07:00
Gui Jianfeng
c3658ab543 cgroup: Implement blkio.weight tuning API.
Implement blkio.weight tuning API.

Acked-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-02-08 11:25:33 -07:00
Gui Jianfeng
b58241a690 cgroup: Enable cgroup hierarchy for blkio cgroup
Enable cgroup hierarchy for blkio cgroup

Acked-by: Daniel P. Berrange <berrange@redhat.com>
Signed-off-by: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
2011-02-08 10:42:14 -07:00
Eric Blake
5a3ec56ba3 spicevmc: support older -device spicevmc of qemu 0.13.0
qemu 0.13.0 (at least as built for Fedora 14, and also backported to
RHEL 6.0 qemu) supported an older syntax for a spicevmc channel; it's
not as flexible (it has an implicit name and hides the chardev
aspect), but now that we support spicevmc, we might as well target
both variants.

* src/qemu/qemu_capabilities.h (QEMUD_CMD_FLAG_DEVICE_SPICEVMC):
New flag.
* src/qemu/qemu_capabilities.c (qemuCapsParseDeviceStr): Set it
correctly.
* src/qemu/qemu_command.h (qemuBuildVirtioSerialPortDevStr): Drop
declaration.
* src/qemu/qemu_command.c (qemuBuildVirtioSerialPortDevStr): Alter
signature, check flag.
(qemuBuildCommandLine): Adjust caller and check flag.
* tests/qemuhelptest.c (mymain): Update test.
* tests/qemuxml2argvtest.c (mymain): New test.
* tests/qemuxml2argvdata/qemuxml2argv-channel-spicevmc-old.xml:
New file.
* tests/qemuxml2argvdata/qemuxml2argv-channel-spicevmc-old.args:
Likewise.
2011-02-04 09:17:01 -07:00
Eric Blake
79f9267f4b smartcard: add spicevmc support
Adds <smartcard mode='passthrough' type='spicevmc'/>, which uses the
new <channel name='smartcard'/> of <graphics type='spice'>.

* docs/schemas/domain.rng: Support new XML.
* docs/formatdomain.html.in: Document it.
* src/conf/domain_conf.h (virDomainGraphicsSpiceChannelName): New
enum value.
(virDomainChrSpicevmcName): New enum.
(virDomainChrSourceDef): Distinguish spicevmc types.
* src/conf/domain_conf.c (virDomainGraphicsSpiceChannelName): Add
smartcard.
(virDomainSmartcardDefParseXML): Parse it.
(virDomainChrDefParseXML, virDomainSmartcardDefParseXML): Set
spicevmc name.
(virDomainChrSpicevmc): New enum conversion functions.
* src/libvirt_private.syms: Export new functions.
* src/qemu/qemu_command.c (qemuBuildChrChardevStr): Conditionalize
name.
* tests/qemuxml2argvtest.c (domain): New test.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-passthrough-spicevmc.args:
New file.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-passthrough-spicevmc.xml:
Likewise.
2011-02-04 09:00:39 -07:00
Daniel P. Berrange
be87a1236e spicevmc: support new qemu chardev
Inspired by https://bugzilla.redhat.com/show_bug.cgi?id=615757

Add a new character device backend for virtio serial channels that
activates the QEMU spice agent on the main channel using the vdagent
spicevmc connection.  The <target> must be type='virtio', and supports
an optional name that specifies how the guest will see the channel
(for now, name must be com.redhat.spice.0).

<channel type='spicevmc'>
  <target type='virtio'/>
  <address type='virtio-serial' controller='1' bus='0' port='3'/>
</channel>

* docs/schemas/domain.rng: Support new XML.
* docs/formatdomain.html.in: Document it.
* src/conf/domain_conf.h (virDomainChrType): New enum value.
* src/conf/domain_conf.c (virDomainChr): Add spicevmc.
(virDomainChrDefParseXML, virDomainChrSourceDefParseXML)
(virDomainChrDefParseTargetXML): Parse and enforce proper use.
(virDomainChrSourceDefFormat, virDomainChrDefFormat): Format.
* src/qemu/qemu_command.c (qemuBuildChrChardevStr)
(qemuBuildCommandLine): Add qemu support.
* tests/qemuxml2argvtest.c (domain): New test.
* tests/qemuxml2argvdata/qemuxml2argv-channel-spicevmc.xml: New
file.
* tests/qemuxml2argvdata/qemuxml2argv-channel-spicevmc.args:
Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2011-02-03 21:14:50 -07:00
Eric Blake
f5fd9baac1 smartcard: turn on qemu support
* src/qemu/qemu_command.c (qemuBuildCommandLine): Emit smartcard
options.
(qemuAssignDeviceAliases): Assign an alias for smartcards.
(qemuBuildControllerDevStr): Manage the usb-ccid controller.
* tests/qemuxml2argvtest.c (mymain): Add new tests.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-host.args: New
file.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-host-certificates.args:
Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-passthrough.args:
Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-smartcard-controller.args:
Likewise.
2011-02-03 19:32:41 -07:00
Eric Blake
32e52134ff smartcard: enable SELinux support
* src/security/security_selinux.c
(SELinuxRestoreSecuritySmartcardCallback)
(SELinuxSetSecuritySmartcardCallback): New helper functions.
(SELinuxRestoreSecurityAllLabel, SELinuxSetSecurityAllLabel): Use
them.
2011-02-03 19:28:53 -07:00
Eric Blake
7a2f29e4f9 smartcard: check for qemu capability
Qemu smartcard/spicevmc support exists on branches (such as
http://cgit.freedesktop.org/~alon/qemu/commit/?h=usb_ccid.v15&id=024a37b)
but is not yet upstream.  The added -help output matches a scratch build
that will be close to the RHEL 6.1 qemu-kvm.

* src/qemu/qemu_capabilities.h (QEMUD_CMD_FLAG_CCID_EMULATED)
(QEMUD_CMD_FLAG_CCID_PASSTHRU, QEMUD_CMD_FLAG_CHARDEV_SPICEVMC):
New flags.
* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags)
(qemuCapsParseDeviceStr): Check for smartcard capabilities.
(qemuCapsExtractVersionInfo): Tweak comment.
* tests/qemuhelptest.c (mymain): New test.
* tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel61: New file.
* tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel61-device: Likewise.
2011-02-03 19:28:53 -07:00
Eric Blake
c1be1a2e0e smartcard: add domain conf support
* src/conf/domain_conf.h (virDomainSmartcardType): New enum.
(virDomainSmartcardDef, virDomainDeviceCcidAddress): New structs.
(virDomainDef): Include smartcards.
(virDomainSmartcardDefIterator): New typedef.
(virDomainSmartcardDefFree, virDomainSmartcardDefForeach): New
prototypes.
(virDomainControllerType, virDomainDeviceAddressType): Add ccid
enum values.
(virDomainDeviceInfo): Add ccid address type.
* src/conf/domain_conf.c (virDomainSmartcard): Convert between
enum and string.
(virDomainSmartcardDefParseXML, virDomainSmartcardDefFormat)
(virDomainSmartcardDefFree, virDomainDeviceCcidAddressParseXML)
(virDomainDefMaybeAddSmartcardController): New functions.
(virDomainDefParseXML): Parse the new XML.
(virDomainDefFormat): Convert back to XML.
(virDomainDefFree): Clean up.
(virDomainDeviceInfoIterate): Iterate over passthrough aliases.
(virDomainController, virDomainDeviceAddress)
(virDomainDeviceInfoParseXML, virDomainDeviceInfoFormat)
(virDomainDefAddImplicitControllers): Support new values.
* src/libvirt_private.syms (domain_conf.h): New exports.
* cfg.mk (useless_free_options): List new function.
2011-02-03 19:28:53 -07:00
Jiri Denemark
963a9460b6 qemu: Support booting from hostdev PCI devices 2011-02-03 22:20:30 +01:00
Jiri Denemark
83e335f9d2 Support booting from hostdev devices 2011-02-03 22:20:30 +01:00
Jiri Denemark
2169472ab6 qemu: Add shortcut for HMP pass through
Currently users who want to use virDomainQemuMonitorCommand() API or
it's virsh equivalent has to use the same protocol as libvirt uses for
communication to qemu. Since the protocol is QMP with current qemu and
HMP much more usable for humans, one ends up typing something like the
following:

    virsh qemu-monitor-command DOM \
'{"execute":"human-monitor-command","arguments":{"command-line":"info kvm"}}'

which is not a very convenient way of debugging qemu.

This patch introduces --hmp option to qemu-monitor-command, which says
that the provided command is in HMP. If libvirt uses QMP to talk with
qemu, the command will automatically be converted into QMP. So the
example above is simplified to just

    virsh qemu-monitor-command --hmp DOM "info kvm"

Also the result is converted from

    {"return":"kvm support: enabled\r\n"}

to just plain HMP:

    kvm support: enabled

If libvirt talks to qemu in HMP, --hmp flag is obviously a noop.
2011-02-03 22:20:30 +01:00
Stefan Berger
be23e2bd65 macvtap: fix 2 nla_put expressions (non-serious bug)
This patch fixes 2 occurrences of nla_put expression with a '!' in
front of them that basically prevented the detection that the buffer
is too small. However, code further below would then detect that the
buffer is too small when further parts are added to the netlink message.
2011-02-03 14:36:27 -05:00
Eric Blake
9962e406c6 qemu: avoid double shutdown
* src/qemu/qemu_driver.c (qemudShutdownVMDaemon): Check that vm is
still active.
Reported by Wen Congyang as follows:

Steps to reproduce this bug:

1. use gdb to debug libvirtd, and set breakpoint in the function
   qemuConnectMonitor()
2. start a vm, and the libvirtd will be stopped in qemuConnectMonitor()
3. kill -STOP $(cat /var/run/libvirt/qemu/<domain>.pid)
4. continue to run libvirtd in gdb, and libvirtd will be blocked in the
   function qemuMonitorSetCapabilities()
5. kill -9 $(cat /var/run/libvirt/qemu/<domain>.pid)

Here is log of the qemu:
=========
LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin ...
char device redirected to /dev/pts/3
2011-01-27 09:38:48.101: shutting down
2011-01-27 09:41:26.401: shutting down
=========

The vm is shut down twice. I do not know whether this behavior has
side effect, but I think we should shutdown the vm only once.
2011-02-03 09:00:35 -07:00
Davidlohr Bueso
de53effecc Fix conflicts with glibc globals
When compiling libvirt with GCC 3.4.6 the following warning is being triggered quite a lot:

util/memory.h:60: warning: declaration of 'remove' shadows a global declaration
/usr/include/stdio.h:175: warning: shadowed declaration is here

Fix this by renaming the parameter to 'toremove'.
2011-02-03 08:58:45 -07:00
Daniel Veillard
3028f51c38 Fix compilation when building without sasl
Use of saslDecoded field need to be guarded by #if HAVE_SASL/endif
* src/remote/remote_driver.c: fix remoteIOEventLoop accordingly
2011-02-03 22:13:24 +08:00
Eric Blake
0fa17ff52a docs: more on qemu locking patterns
* src/qemu/THREADS.txt: Improve documentation.
2011-02-02 09:19:31 -07:00
Niels de Vos
0b864eb103 qemuBuildDeviceAddressStr() checks for QEMUD_CMD_FLAG_PCI_MULTIBUS
Depending if the qemu binary supports multiple pci-busses, the device
options will contain "bus=pci" or "bus=pci.0".

Only x86_64 and i686 seem to have support for multiple PCI-busses. When
a guest of these architectures is started, set the
QEMUD_CMD_FLAG_PCI_MULTIBUS flag.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2011-02-02 09:00:46 -07:00
Daniel P. Berrange
68d2c3482f Don't sleep in poll() if there is existing SASL decoded data
In the SASL codepath we typically read far more data off the
wire than we immediately need. When using a connection from a
single thread this isn't a problem, since only our reply will
be pending (or an event we can handle directly). When using a
connection from multiple threads though, we may read the data
from replies from other threads. If those replies occur after
our own reply, they'll not be processed. The other thread will
then go into poll() and wait for its reply which has already
been received and decoded. The solution is to set poll() timeout
to 0 if there is pending SASL data.

* src/remote/remote_driver.c: Don't sleep in poll() if SASL
  data exists
2011-02-02 10:59:55 +00:00
Stefan Berger
c31e6cdc51 macvtap: fix variable in debugging output
This patch fixes a variable in the debugging output.
2011-02-01 12:02:01 -05:00
Osier Yang
16be54e898 qemu: Build command line for incoming tunneled migration
Command line building for incoming tunneled migration is missed,
as a result, all the tunneled migration will fail with "unknown
migration protocol".

* src/qemu/qemu_command.c
2011-02-01 16:33:34 +08:00
Paweł Krześniak
47969c055e bridge_driver: handle DNS over IPv6
* dnsmasq listens on all defined IPv[46] addresses for network
* Add ip6tables rules to allow DNS traffic to host
2011-01-31 20:25:48 -05:00
Osier Yang
ee3b030050 qemu: More clear error parsing domain def failure of tunneled migration
* src/qemu/qemu_driver.c
2011-01-31 17:12:46 +08:00
Wen Congyang
7ca5765b91 Initialization error of controller in QEmu SCSI hotplug
Bug manifests itself by:

1. # virsh attach-disk --target sdb ...
2. # virsh attach-disk --target sdh ...
   error: Failed to attach disk
   error: operation failed: target scsi:0 already exists

sdh uses scsi:1, rather than scsi:0.

* src/qemu/qemu_hotplug.c: properly set controller idx in
  qemuDomainFindOrCreateSCSIDiskController()
2011-01-31 15:55:40 +08:00
Eric Blake
030ce43b49 maint: reject raw close, popen in 'make syntax-check'
commit f1fe9671e was supposed to make sure we use files.h
macros to avoid double close, but it didn't work.

Meanwhile, virCommand is vastly superior to system(), fork(),
and popen() (also to virExec, but we haven't completed that
conversion), so enforce that, too.

* cfg.mk (sc_prohibit_close): Fix typo that excluded close, and
add pclose.
(sc_prohibit_fork_wrappers): New rule, for fork, system, and popen.
* .x-sc_prohibit_close: More exemptions.
* .x-sc_prohibit_fork_wrappers: New file.
* Makefile.am (syntax_check_exceptions): Ship new file.
* src/datatypes.c (virReleaseConnect): Tweak comment to avoid
false positive.
* src/util/files.h (VIR_CLOSE): Likewise.
2011-01-29 10:36:47 -07:00
Eric Blake
e67ae61991 build: avoid close, system
* src/fdstream.c (virFDStreamOpenFile, virFDStreamCreateFile):
Use VIR_FORCE_CLOSE instead of close.
* tests/commandtest.c (mymain): Likewise.
* tools/virsh.c (editFile): Use virCommand instead of system.
* src/util/util.c (__virExec): Special case preservation of std
file descriptors to child.
2011-01-29 10:36:45 -07:00
Matthias Bolte
dc52cab126 Prefer C style comments over C++ ones
Pure cosmetic change.
2011-01-29 00:59:45 +01:00
Matthias Bolte
8f4999b477 esx: Ensure max-memory has 4 megabyte granularity 2011-01-29 00:59:39 +01:00
Matthias Bolte
d9ad8ac392 Add VIR_DIV_UP to divide memory or storage request sizes with round up
Use it in all places where a memory or storage request size is converted
to a larger granularity. This avoids requesting too small memory or storage
sizes that could result from the truncation done by a simple division.

This extends the round up fix in 6002e0406c
to the whole codebase.

Instead of reporting errors for odd values in the VMX code round them up.

Update the QEMU Argv tests accordingly as the original memory size 219200
isn't a even multiple of 1024 and is rounded up to 215 megabyte now. Change
it to 219100 and 219136. Use two different values intentionally to make
sure that rounding up works.

Update virsh.pod accordingly, as rounding down and rejecting are replaced
by rounding up.
2011-01-29 00:42:10 +01:00
Eric Blake
6fc1159d94 qemu: fix augeas support for vnc_auto_unix_socket
Fixes test failure that was overlooked after commit 1e1f7a8950.

* daemon/Makefile.am (check-local): Let 'make check' fail on error.
* daemon/test_libvirtd.aug: Move qemu-specific option...
* src/qemu/test_libvirtd_qemu.aug: ...into correct test.
* src/qemu/libvirtd_qemu.aug: Parse new option.
2011-01-28 15:28:30 -07:00
Matthias Bolte
96f4986aca esx: Don't try to change max-memory of an active domain
Report an VIR_ERR_OPERATION_INVALID error in that case instead of letting
the SOAP call fail with an VIR_ERR_INTERNAL_ERROR error.
2011-01-28 21:22:56 +01:00
Eric Blake
819269c4f0 qemu aio: enable support
qemu allows the user to choose what io storage api should be used,
either the default (threads) or native (linux aio) which in the latter
case can result in better performance.

Based on a patch originally by Matthias Dahl.

Red Hat Bugzilla #591703
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-01-28 09:09:49 -07:00
Matthias Dahl
f19357ce37 qemu aio: parse aio support from qemu -help
Signed-off-by: Eric Blake <eblake@redhat.com>
2011-01-28 09:09:49 -07:00
Matthias Dahl
91ef4e05ea qemu aio: add XML parsing
Allows io={threads|native} as an optional attribute to <driver>.

Signed-off-by: Eric Blake <eblake@redhat.com>
2011-01-28 09:09:48 -07:00
Daniel P. Berrange
0095edaa06 Remove bogus log warning lines when launching QEMU
The refactoring of QEMU command startup was comitted with
a couple of VIR_WARN lines left in from debugging.

* src/qemu/qemu_driver.c: Remove log warning lines
2011-01-28 11:49:21 +00:00
Daniel P. Berrange
e85247e7c3 Remove double close of qemu monitor
When qemuMonitorSetCapabilities() fails, there is no need to
call qemuMonitorClose(), because the caller will already see
the error code and tear down the entire VM. The extra call to
qemuMonitorClose resulted in a double-free due to it removing
a ref count prematurely.

* src/qemu/qemu_driver.c: Remove premature close of monitor
2011-01-28 11:49:13 +00:00
Eric Blake
b96b6f4723 qemu: fix error messages
Regression in commit caa805ea let a lot of bad messages slip in.

* cfg.mk (msg_gen_function): Fix function name.
* src/qemu/qemu_cgroup.c (qemuRemoveCgroup): Fix fallout from
'make syntax-check'.
* src/qemu/qemu_driver.c (qemudDomainGetInfo)
(qemuDomainWaitForMigrationComplete, qemudStartVMDaemon)
(qemudDomainSaveFlag, qemudDomainAttachDevice)
(qemuDomainUpdateDeviceFlags): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachHostUsbDevice)
(qemuDomainDetachPciDiskDevice, qemuDomainDetachSCSIDiskDevice):
Likewise.
2011-01-27 20:41:26 -07:00
Hu Tao
cdbba1c496 qemu: Report more accurate error on failure to attach device.
When attaching device from a xml file and the device is mis-configured,
virsh gives mis-leading message "out of memory". This patch fixes this.

Signed-off-by: Eric Blake <eblake@redhat.com>
2011-01-27 20:27:05 -07:00
Eric Blake
3fdc7895ec qemu: use separate alias for chardev and associated device
* src/qemu/qemu_command.c (qemuBuildChrChardevStr): Alter the
chardev alias.
(qemuBuildCommandLine): Output an id for the chardev counterpart.
* tests/qemuxml2argvdata/*: Update tests to match.
Reported by Daniel P. Berrange.
2011-01-27 13:55:35 -07:00
Wen Congyang
d96431f910 avoid vm to be deleted if qemuConnectMonitor failed
Steps to reproduce this bug:
1. service libvirtd start
2. virsh start <domain>
3. kill -STOP $(cat /var/run/libvirt/qemu/<domain>.pid)
4. service libvirtd restart
5. kill -9 $(cat /var/run/libvirt/qemu/<domain>.pid)

Then libvirtd will core dump or be in deadlock state.

Make sure that json is built into libvirt and the version
of qemu is newer than 0.13.0.

The reason of libvirtd cores dump is that:
We add vm->refs when we alloc the memory, and decrease it
in the function qemuHandleMonitorEOF() in other thread.

We add vm->refs in the function qemuConnectMonitor() and
decrease it when the vm is inactive.

The libvirtd will block in the function qemuMonitorSetCapabilities()
because the vm is stopped by signal SIGSTOP. Now the vm->refs is 2.

Then we kill the vm by signal SIGKILL. The function
qemuMonitorSetCapabilities() failed, and then we will decrease vm->refs
in the function qemuMonitorClose().
In another thread, mon->fd is broken and the function
qemuHandleMonitorEOF() is called.

If qemuHandleMonitorEOF() decreases vm->refs before qemuConnectMonitor()
returns, vm->refs will be decrease to 0 and the memory is freed.

We will call qemudShutdownVMDaemon() as qemuConnectMonitor() failed.
The memory has been freed, so qemudShutdownVMDaemon() is too dangerous.

We will reference NULL pointer in the function virDomainConfVMNWFilterTeardown():
=============
void
virDomainConfVMNWFilterTeardown(virDomainObjPtr vm) {
    int i;

    if (nwfilterDriver != NULL) {
        for (i = 0; i < vm->def->nnets; i++)
            virDomainConfNWFilterTeardown(vm->def->nets[i]);
    }
}
============
vm->def->nnets is not 0 but vm->def->nets is NULL(We don't set vm->def->nnets
to 0 when we free vm).

We should add an extra reference of vm to avoid vm to be deleted if
qemuConnectMonitor() failed.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-27 13:38:29 -07:00
Osier Yang
31242565ae remote: Add extra parameter pkipath for URI
This new parameter allows user specifies where the client
cerficate, client key, CA certificate of x509 is, instead of
hardcoding it. If 'pkipath' is not specified, and the user
is not root, try to find files in $HOME/.pki/libvirt, as long
as one of client cerficate, client key, CA certificate can
not be found, use default global location (LIBVIRT_CACERT,
LIBVIRT_CLIENTCERT, LIBVIRT_CLIENTKEY, see
src/remote/remote_driver.h)

Example of use:

[root@Osier client]# virsh -c qemu+tls://10.66.93.111/system?pkipath=/tmp/pki/client
error: Cannot access CA certificate '/tmp/pki/client/cacert.pem': No such file
or directory
error: failed to connect to the hypervisor
[root@Osier client]# ls -l
total 24
-rwxrwxr-x. 1 root root 6424 Jan 24 21:35 a.out
-rw-r--r--. 1 root root 1245 Jan 23 19:04 clientcert.pem
-rw-r--r--. 1 root root  132 Jan 23 19:04 client.info
-rw-r--r--. 1 root root 1679 Jan 23 19:04 clientkey.pem

[root@Osier client]# cp /tmp/cacert.pem .
[root@Osier client]# virsh -c qemu+tls://10.66.93.111/system?pkipath=/tmp/pki/client
Welcome to virsh, the virtualization interactive terminal.

Type:  'help' for help with commands
'quit' to quit

virsh #

* src/remote/remote_driver.c: adds support for the new pkipath URI parameter
2011-01-27 16:34:54 +08:00
Osier Yang
6002e0406c storage: Round up capacity for LVM volume creation
If vol->capacity is odd, the capacity will be rounded down
by devision, this patch is to round it up instead of rounding
down, to be safer in case of one writes to the volume with the
size he used to create.

- src/storage/storage_backend_logical.c: make sure size is not rounded down
2011-01-27 16:28:19 +08:00
David Allan
8e28c5d402 Do not use virtio-serial port 0 for generic ports
Per the discussion in:

https://bugzilla.redhat.com/show_bug.cgi?id=670394

The port numbering should start from 1, not 0.  We assign maxport + 1,
so start maxport at 0.
2011-01-26 23:02:40 -05:00
Laine Stump
c9c794b52b Manually kill gzip if restore fails before starting qemu
If a guest image is saved in compressed format, and the restore fails
in some way after the intermediate process used to uncompress the
image has been started, but before qemu has been started to hook up to
the uncompressor, libvirt will endlessly wait for the uncompressor to
finish, but it never will because it's still waiting to have something
hooked up to drain its output.

The solution is to close the pipes on both sides of the uncompressor,
then send a SIGTERM before calling waitpid on it (only if the restore
has failed, of course).
2011-01-26 10:13:43 -05:00
Daniel P. Berrange
e0e4e4de7a Add check for poll error events in monitor
Handle poll errors in the same way as hangup event

* src/qemu/qemu_monitor.c: Handle error events
2011-01-26 14:54:23 +00:00
Daniel P. Berrange
b8786c0641 Filter out certain expected error messages from libvirtd
Add a hook to the error reporting APIs to allow specific
error messages to be filtered out. Wire up libvirtd to
remove VIR_ERR_NO_DOMAIN & similar error codes from the
logs. They are still logged at DEBUG level.

* daemon/libvirtd.c: Filter VIR_ERR_NO_DOMAIN and friends
* src/libvirt_private.syms, src/util/virterror.c,
  src/util/virterror_internal.h: Hook for changing error
  reporting level
2011-01-26 14:54:23 +00:00
Daniel P. Berrange
dbfca3ff70 Revert all previous error log priority hacks
This reverts the additions in commit

  abff683f78

taking us back to state where all errors are fully logged
in both libvirtd and normal clients.

THe intent was to stop VIR_ERR_NO_DOMAIN (No such domain
with UUID XXXX) messages from client apps polluting syslog
The change affected all error codes, but more seriously,
it also impacted errors from internal libvirtd infrastructure
For example guest autostart no longer logged errors. The
libvirtd network code no longer logged some errors. This
makes debugging incredibly hard

* daemon/libvirtd.c: Remove error log priority filter
* src/util/virterror.c, src/util/virterror_internal.h: Remove
  callback for overriding log priority
2011-01-26 14:54:23 +00:00
Daniel P. Berrange
2b7ac8838d Cleanup code style in logging APIs
Remove use of brackets around following return statement.
Fix indentation of two switch statements
2011-01-26 14:54:23 +00:00
Laine Stump
34a19dda1c Set SELinux context label of pipes used for qemu migration
This patch is a partial resolution to the following bug:

   https://bugzilla.redhat.com/show_bug.cgi?id=667756

(to complete the fix, an updated selinux-policy package is required,
to add the policy that allows libvirt to set the context of a fifo,
which was previously not allowed).

Explanation : When an incoming migration is over a pipe (for example,
if the image was compressed and is being fed through gzip, or was on a
root-squash nfs server, so needed to be opened by a child process
running as a different uid), qemu cannot read it unless the selinux
context label for the pipe has been set properly.

The solution is to check the fd used as the source of the migration
just before passing it to qemu; if it's a fifo (implying that it's a
pipe), we call the newly added virSecurityManagerSetFDLabel() function
to set the context properly.
2011-01-26 09:03:21 -05:00
Laine Stump
d89608f994 Add a function to the security driver API that sets the label of an open fd.
A need was found to set the SELinux context label on an open fd (a
pipe, as a matter of fact). This patch adds a function to the security
driver API that will set the label on an open fd to secdef.label. For
all drivers other than the SELinux driver, it's a NOP. For the SElinux
driver, it calls fsetfilecon().

If the return is a failure, it only returns error up to the caller if
1) the desired label is different from the existing label, 2) the
destination fd is of a type that supports setting the selinux context,
and 3) selinux is in enforcing mode. Otherwise it will return
success. This follows the pattern of the existing function
SELinuxSetFilecon().
2011-01-26 09:03:11 -05:00
Wen Congyang
75da8b8505 dispatch error before return
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-25 10:05:03 -07:00
Osier Yang
dbd63c4d63 qemu: Error prompt when managed save a shutoff domain
The problem was introduced by commit 4303c91, which removed the checking
of domain state, this patch is to fix it.

Otherwise, improper error will be thrown, e.g.

error: Failed to save domain rhel6 state
error: cannot resolve symlink /var/lib/libvirt/qemu/save/rhel6.save: No such
file or directory
2011-01-25 09:51:26 -07:00
Cole Robinson
6cabc0b0d0 qemu: sound: Support intel 'ich6' model
In QEMU, the card itself is a PCI device, but it requires a codec
(either -device hda-output or -device hda-duplex) to actually output
sound. Specifying <sound model='ich6'/> gives us -device intel-hda
-device hda-duplex I think it's important that a simple <sound model='ich6'/>
sets up a useful codec, to have consistent behavior with all other sound cards.

This is basically Dan's proposal of

    <sound model='ich6'>
        <codec type='output' slot='0'/>
        <codec type='duplex' slot='3'/>
    </sound>

without the codec bits implemented.

The important thing is to keep a consistent API here, we don't want some
<sound> devs require tweaking codecs but not others. Steps I see to
accomplishing this:

    - every <sound> device has a <codec type='default'/> (unless codecs are
        manually specified)
    - <codec type='none'/> is required to specify 'no codecs'
    - new audio settings like mic=on|off could then be exposed in
        <sound> or <codec> in a consistent manner for all sound models

v2:
    Use model='ich6'

v3:
    Use feature detection, from eblake
    Set codec id, bus, and cad values

v4:
    intel-hda isn't supported if -device isn't available

v5:
    Comment spelling fixes
2011-01-24 13:11:52 -05:00
Matthias Bolte
4a267912bf vmx: Use VIR_ERR_CONFIG_UNSUPPORTED when appropriated 2011-01-22 00:26:52 +01:00
Cole Robinson
1e1f7a8950 Push unapplied fixups for previous patch
- Add augeas tests
- Clarify vnc_auto_unix_socket precedence in qemu.conf
2011-01-21 16:18:54 -05:00
Cole Robinson
a942ea0692 qemu: Add conf option to auto setup VNC unix sockets
If vnc_auto_unix_socket is enabled, any VNC devices without a hardcoded
listen or socket value will be setup to serve over a unix socket in
/var/lib/libvirt/qemu/$vmname.vnc.

We store the generated socket path in the transient VM definition at
CLI build time.
2011-01-21 16:03:05 -05:00
Cole Robinson
1d9c0a08d9 qemu: Allow serving VNC over a unix domain socket
QEMU supports serving VNC over a unix domain socket rather than traditional
TCP host/port. This is specified with:

<graphics type='vnc' socket='/foo/bar/baz'/>

This provides better security access control than VNC listening on
127.0.0.1, but will cause issues with tools that rely on the lax security
(virt-manager in fedora runs as regular user by default, and wouldn't be
able to access a socket owned by 'qemu' or 'root').

Also not currently supported by any clients, though I have patches for
virt-manager, and virt-viewer should be simple to update.

v2:
    schema: Make listen vs. socket a <choice>
2011-01-21 16:03:04 -05:00
Cole Robinson
cb4c2694f1 qemu: Set domain def transient at beginning of startup process
This will allow us to record transient runtime state in vm->def, like
default VNC parameters. Accomplish this by adding an extra 'live' parameter
to SetDefTransient, with similar semantics to the 'live' flag for
AssignDef.
2011-01-21 16:03:03 -05:00
Jim Fehlig
4301b95af7 [v2] qemu: Retry JSON monitor cont cmd on MigrationExpected error
When restoring a saved qemu instance via JSON monitor, the vm is
left in a paused state.  Turns out the 'cont' cmd was failing with
"MigrationExpected" error class and "An incoming migration is
expected before this command can be executed" error description
due to migration (restore) not yet complete.

Detect if 'cont' cmd fails with "MigrationExpecte" error class and
retry 'cont' cmd.

V2: Fix potential double-free noted by Laine Stump
2011-01-21 09:35:57 -07:00
Osier Yang
af268f2a36 qemu: report more proper error for unsupported graphics
Report VIR_ERR_CONFIG_UNSUPPORTED instead of VIR_ERR_INTERNAL_ERROR,
as it's valid in our domain schema, just unsupported by hypervisor
here.

* src/qemu/qemu_command.c
2011-01-21 09:27:15 -07:00
Daniel P. Berrange
87a183f698 Fix startup with VNC password expiry on old QEMU
The code which set VNC passwords correctly had fallback for
the set_password command, but was lacking it for the
expire_password command. This made it impossible to start
a guest. It also failed to check whether QEMU was still
running after the initial 'set_password' command completed

* src/qemu/qemu_hotplug.c: Fix error handling when
  password expiry fails
* src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_text.c: Fix
  return code for missing expire_password command
2011-01-21 16:24:13 +00:00
Daniel P. Berrange
f0bbf96047 Fix error reporting when machine type probe fails
Avoid overwriting the real error message with a generic
OOM failure message, when machine type probe fails

* src/qemu/qemu_driver.c: Don't overwrite error
2011-01-21 16:08:28 +00:00
Daniel P. Berrange
31c698d76d Avoid crash in security driver if model is NULL
If the XML security model is NULL, it is assumed that the current
model will be used with dynamic labelling. The verify step is
meaningless and potentially crashes if dereferencing NULL

* src/security/security_manager.c: Skip NULL model on verify
2011-01-21 16:07:04 +00:00
Wen Congyang
bda57661b8 qemu: Fix a possible deadlock in p2p migration
The function virUnrefConnect() may call virReleaseConnect() to release
the dest connection, and the function virReleaseConnect() will call
conn->driver->close().

So the function virUnrefConnect() should be surrounded by
qemuDomainObjEnterRemoteWithDriver() and
qemuDomainObjExitRemoteWithDriver() to prevent possible deadlock between
two communicating libvirt daemons.

See commit f0c8e1cb37 for further details.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-21 08:21:12 -07:00
Jiri Denemark
15e7865893 qemu: Avoid sending STOPPED event twice
In some circumstances, libvirtd would issue two STOPPED events after it
stopped a domain. This was because an EOF event can arrive after a qemu
process is killed but before qemuMonitorClose() is called.

qemuHandleMonitorEOF() should ignore EOF when the domain is not running.

I wasn't able to reproduce this bug directly, only after adding an
artificial sleep() into qemudShutdownVMDaemon().
2011-01-19 15:01:52 +01:00
Jiri Denemark
45c02ee06f qemu: Fail if per-device boot is used but deviceboot is not supported 2011-01-19 15:01:52 +01:00
Daniel P. Berrange
f10d209585 Remove redundant brackets around return values
A large number of return values used 'return (0)' instead
of simply 'return 0'. Remove all these redundant brackets
so the style is consistent throughout the file

* src/libvirt.c: Remove redundant brackets
2011-01-19 12:42:23 +00:00
Daniel P. Berrange
921b3812e2 Increase size of driver table to make UML work again
The driver table only has 10 slots, but there are potentially
11 drivers that need activating. Improve the error message
when driver registration fails

* src/libvirt.c: Increase driver table size & improve errors
2011-01-19 12:42:23 +00:00
Daniel P. Berrange
19d931d290 Turn libvirt.c error reporting functions into macros
The virLibConnError() function (and related ones) do not correctly
report line number info. Turn them all into macros so line numbers
are reported correctly. Drop the connection object in all of them
since it is no longer used.

Also from the virLibConnWarning() equivalents completely. Now
that the Xen driver is running 100% inside libvirtd, those
codepaths for secondary drivers cannot be reached.

* src/libvirt.c: Replace error functions with macros
2011-01-19 12:42:18 +00:00
Eric Blake
c5b11b3cc4 build: use more gnulib modules for simpler code
* .gnulib: Update to latest, for sigpipe and sigaction modules.
* bootstrap.conf (gnulib_modules): Add siaction, sigpipe, strerror_r.
* tools/virsh.c (vshSetupSignals) [!SIGPIPE]: Delete, now that
gnulib guarantees it.
(SA_SIGINFO): Define for mingw fallback.
* src/util/virterror.c (virStrerror): Simplify, now that gnulib
guarantees the POSIX interface.
* configure.ac (AC_CHECK_FUNCS_ONCE): Drop redundant check.
(AM_PROG_CC_STDC): Move earlier, to keep autoconf happy.
2011-01-18 15:35:41 -07:00
Matthias Bolte
915bc7421e Remove two unused PATH_MAX-sized char arrays from the stack 2011-01-18 23:14:37 +01:00
Matthias Bolte
e065e1ea04 Use VIR_ERR_OPERATION_INVALID when appropriated
VIR_ERR_OPERATION_INVALID means that the operation is not valid
for the current state of the involved object.
2011-01-18 23:14:37 +01:00
Matthias Bolte
8c6d61162f Fix misuse of VIR_ERR_INVALID_* error code
VIR_ERR_INVALID_* is meant for invalid pointers only.
2011-01-18 23:14:37 +01:00
Matthias Bolte
2c0db5b5dc Simplify "NWFilterPool" to "NWFilter"
The public object is called NWFilter but the corresponding private
object is called NWFilterPool. I don't see compelling reasons for this
Pool suffix. One might argue that an NWFilter is a "pool" of rules, etc.

Remove the Pool suffix from NWFilterPool. No functional change included.
2011-01-18 23:14:37 +01:00
Matthias Bolte
f002e9218d datatypes: Fix outdated function names in the documentation 2011-01-18 23:14:37 +01:00
Matthias Bolte
6916cfd7dd datatypes: Get virSecretFreeName in sync with the other free functions 2011-01-18 23:14:37 +01:00
Eric Blake
93681a3683 qemu: don't fail capabilities check on 0.12.x
Fixes regression introduced in commit 2211518, where all qemu 0.12.x
fails to start, as does qemu 0.13.x lacking the pci-assign device.
Prior to 2211518, the code was just ignoring a non-zero exit status
from the qemu child, but the virCommand code checked this to avoid
masking any other issues, which means the real bug of provoking
non-zero exit status has been latent for a longer time.

* src/qemu/qemu_capabilities.c (qemuCapsExtractVersionInfo): Check
for -device driver,? support.
(qemuCapsExtractDeviceStr): Avoid failure if all probed devices
are unsupported.
Reported by Ken Congyang.
2011-01-18 14:45:53 -07:00
Eric Blake
1859939a74 qemu: use -incoming fd:n to avoid qemu holding fd indefinitely
https://bugzilla.redhat.com/show_bug.cgi?id=620363

When using -incoming stdio or -incoming exec:, qemu keeps the
stdin fd open long after the migration is complete.  Not to
mention that exec:cat is horribly inefficient, by doubling the
I/O and going through a popen interface in qemu.

The new -incoming fd: of qemu 0.12.0 closes the fd after using
it, and allows us to bypass an intermediary cat process for
less I/O.

* src/qemu/qemu_command.h (qemuBuildCommandLine): Add parameter.
* src/qemu/qemu_command.c (qemuBuildCommandLine): Support
migration via fd: when possible.  Consolidate migration handling
into one spot, now that it is more complex.
* src/qemu/qemu_driver.c (qemudStartVMDaemon): Update caller.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-restore-v2-fd.args: New file.
* tests/qemuxml2argvdata/qemuxml2argv-restore-v2-fd.xml: Likewise.
2011-01-17 09:24:41 -07:00
Jiri Denemark
3d44035824 qemu: Support per-device boot ordering
Support for this is included in qemu and seabios from upstream git.
2011-01-17 17:08:13 +01:00
Jiri Denemark
94234fa2f8 Introduce per-device boot element
Currently, boot order can be specified per device class but there is no
way to specify exact disk/NIC device to boot from.

This patch adds <boot order='N'/> element which can be used inside
<disk/> and <interface/>. This is incompatible with the older os/boot
element. Since not all hypervisors support per-device boot
specification, new deviceboot flag is included in capabilities XML for
hypervisors which understand the new boot element. Presence of the flag
allows (but doesn't require) users to use the new style boot order
specification.
2011-01-17 17:08:13 +01:00
Jiri Denemark
f5456ffd9d conf: Move boot parsing into a separate function 2011-01-17 17:08:13 +01:00
Nikunj A. Dadhania
d94a14f89d memtune: Let virsh know the unlimited value for memory tunables
Display or set unlimited values for memory parameters. Unlimited is
represented by INT64_MAX in memory cgroup.

Signed-off-by: Nikunj A. Dadhania <nikunj@linux.vnet.ibm.com>
Reported-by: Justin Clift <jclift@redhat.com>
2011-01-14 17:17:27 -07:00
Eric Blake
d9b0494779 datatypes: avoid redundant __FUNCTION__
virLibConnError already includes __FUNCTION__ in its output, so we
were redundant.  Furthermore, clang warns that __FUNCTION__ is not
a string literal (at least __FUNCTION__ will never contain %, so
it was not a security risk).

* src/datatypes.c: Replace __FUNCTION__ with a descriptive string.
2011-01-14 15:36:38 -07:00
Laine Stump
fe053dbea7 Enable tuning of qemu network tap device "sndbuf" size
This is in response to a request in:

   https://bugzilla.redhat.com/show_bug.cgi?id=665293

In short, under heavy load, it's possible for qemu's networking to
lock up due to the tap device's default 1MB sndbuf being
inadequate. adding "sndbuf=0" to the qemu commandline -netdevice
option will alleviate this problem (sndbuf=0 actually sets it to
0xffffffff).

Because we must be able to explicitly specify "0" as a value, the
standard practice of "0 means not specified" won't work here. Instead,
virDomainNetDef also has a sndbuf_specified, which defaults to 0, but
is set to 1 if some value was given.

The sndbuf value is put inside a <tune> element of each <interface> in
the domain. The intent is that further tunable settings will also be
placed inside this element.

     <interface type='network'>
       ...
       <tune>
         <sndbuf>0</sndbuf>
       ...
       </tune>
     </interface>
2011-01-14 14:46:38 -05:00
Laine Stump
175077fd70 Add XML config switch to enable/disable vhost-net support
This patch is in response to

  https://bugzilla.redhat.com/show_bug.cgi?id=643050

The existing libvirt support for the vhost-net backend to the virtio
network driver happens automatically - if the vhost-net device is
available, it is always enabled, otherwise the standard userland
virtio backend is used.

This patch makes it possible to force whether or not vhost-net is used
with a bit of XML. Adding a <driver> element to the interface XML, eg:

     <interface type="network">
       <model type="virtio"/>
       <driver name="vhost"/>

will force use of vhost-net (if it's not available, the domain will
fail to start). if driver name="qemu", vhost-net will not be used even
if it is available.

If there is no <driver name='xxx'/> in the config, libvirt will revert
to the pre-existing automatic behavior - use vhost-net if it's
available, and userland backend if vhost-net isn't available.
2011-01-14 14:46:21 -05:00
Marc-André Lureau
9d73efdbe3 Use the new set_password monitor command to set password.
We try to use that command first when setting a VNC/SPICE password. If
that doesn't work we fallback to the legacy VNC only password

Allow an expiry time to be set, if that doesn't work, throw an error
if they try to use SPICE.

Change since v1:
- moved qemuInitGraphicsPasswords to qemu_hotplug, renamed
  to qemuDomainChangeGraphicsPasswords.
- updated what looks like a typo (that appears to work anyway) in
  initial patch from Daniel:
    - ret = qemuInitGraphicsPasswords(driver, vm,
    -                                 VIR_DOMAIN_GRAPHICS_TYPE_SPICE,
    -                                 &vm->def->graphics[0]->data.vnc.auth,
    -                                 driver->vncPassword);
    + ret = qemuInitGraphicsPasswords(driver, vm,
    +                                 VIR_DOMAIN_GRAPHICS_TYPE_SPICE,
    +                                 &vm->def->graphics[0]->data.spice.auth,
    +                                 driver->spicePassword);

Based on patch by Daniel P. Berrange <berrange@redhat.com>.
2011-01-14 12:36:00 -07:00
Marc-André Lureau
4d099bc06c qemu: add set_password and expire_password monitor commands 2011-01-14 12:35:42 -07:00
Jim Fehlig
094c6f4a24 Fix 'make check' after commit 04197350
I broke 'make check' with commit 04197350 by unconditionally
emitting 'hap=' in xen xm driver.  Only emit 'hap=' if
xendConfigVersion >= 3.  I've tested sending 'hap=' to a Xen 3.2
machine without support for hap setting and verified that xend
silently drops the unrecognized setting.
2011-01-14 11:49:52 -07:00
Eric Blake
30b9e608c6 qemu: move monitor device out of domain_conf common code
* src/conf/domain_conf.h (virDomainChrDeviceType): Drop monitor.
* src/conf/domain_conf.c (virDomainChrDevice)
(virDomainChrDefParseTargetXML, virDomainChrDefFormat): Drop
monitor support.
* src/qemu/qemu_command.h (qemuBuildCommandLine): Alter signature.
* src/qemu/qemu_monitor.h (qemuMonitorOpen): Likewise.
* src/qemu/qemu_domain.h (_qemuDomainObjPrivate): Change type of
monConfig.
* src/qemu/qemu_domain.c (qemuDomainObjPrivateFree)
(qemuDomainObjPrivateXMLFormat, qemuDomainObjPrivateXMLParse):
Adjust to type change.
* src/qemu/qemu_command.c (qemuBuildCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemuPrepareMonitorChr)
(qemudStartVMDaemon, qemuDomainXMLToNative, qemuConnectMonitor)
(qemudShutdownVMDaemon): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/qemu/qemu_monitor.c (qemuMonitorOpen): Likewise.
* tests/qemuxml2argvtest.c (testCompareXMLToArgvFiles): Likewise.
2011-01-14 09:54:26 -07:00
Eric Blake
98334e7c3a domain_conf: split source data out from ChrDef
This opens up the possibility of reusing the smaller ChrSourceDef
for both qemu monitor and a passthrough smartcard device.

* src/conf/domain_conf.h (_virDomainChrDef): Factor host
details...
(_virDomainChrSourceDef): ...into new struct.
(virDomainChrSourceDefFree): New prototype.
* src/conf/domain_conf.c (virDomainChrDefFree)
(virDomainChrDefParseXML, virDomainChrDefFormat): Split...
(virDomainChrSourceDefClear, virDomainChrSourceDefFree)
(virDomainChrSourceDefParseXML, virDomainChrSourceDefFormat):
...into new functions.
(virDomainChrDefParseTargetXML): Update clients to reflect type
split.
* src/vmx/vmx.c (virVMXParseSerial, virVMXParseParallel)
(virVMXFormatSerial, virVMXFormatParallel): Likewise.
* src/xen/xen_driver.c (xenUnifiedDomainOpenConsole): Likewise.
* src/xen/xend_internal.c (xenDaemonParseSxprChar)
(xenDaemonFormatSxprChr): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainDumpXML, vboxAttachSerial)
(vboxAttachParallel): Likewise.
* src/security/security_dac.c (virSecurityDACSetChardevLabel)
(virSecurityDACSetChardevCallback)
(virSecurityDACRestoreChardevLabel)
(virSecurityDACRestoreChardevCallback): Likewise.
* src/security/security_selinux.c (SELinuxSetSecurityChardevLabel)
(SELinuxSetSecurityChardevCallback)
(SELinuxRestoreSecurityChardevLabel)
(SELinuxSetSecurityChardevCallback): Likewise.
* src/security/virt-aa-helper.c (get_files): Likewise.
* src/lxc/lxc_driver.c (lxcVmStart, lxcDomainOpenConsole):
Likewise.
* src/uml/uml_conf.c (umlBuildCommandLineChr): Likewise.
* src/uml/uml_driver.c (umlIdentifyOneChrPTY, umlIdentifyChrPTY)
(umlDomainOpenConsole): Likewise.
* src/qemu/qemu_command.c (qemuBuildChrChardevStr)
(qemuBuildChrArgStr, qemuBuildCommandLine)
(qemuParseCommandLineChr): Likewise.
* src/qemu/qemu_domain.c (qemuDomainObjPrivateXMLFormat)
(qemuDomainObjPrivateXMLParse): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupChardevCgroup): Likewise.
* src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
* src/qemu/qemu_driver.c (qemudFindCharDevicePTYsMonitor)
(qemudFindCharDevicePTYs, qemuPrepareChardevDevice)
(qemuPrepareMonitorChr, qemudShutdownVMDaemon)
(qemuDomainOpenConsole): Likewise.
* src/qemu/qemu_command.h (qemuBuildChrChardevStr)
(qemuBuildChrArgStr): Delete, now that they are static.
* src/libvirt_private.syms (domain_conf.h): New exports.
* cfg.mk (useless_free_options): Update list.
* tests/qemuxml2argvtest.c (testCompareXMLToArgvFiles): Update
tests.
2011-01-14 09:54:26 -07:00
Jiri Denemark
d4d5cccdf2 cpu: Add support for Westmere CPU model 2011-01-14 17:28:42 +01:00
Eric Blake
f892f5a562 qemu: improve device flag parsing
* src/qemu/qemu_capabilities.h (qemuCapsParseDeviceStr): New
prototype.
* src/qemu/qemu_capabilities.c (qemuCapsParsePCIDeviceStrs)
Rename and split...
(qemuCapsExtractDeviceStr, qemuCapsParseDeviceStr): ...to make it
easier to add and test device-specific checks.
(qemuCapsExtractVersionInfo): Update caller.
* tests/qemuhelptest.c (testHelpStrParsing): Also test parsing of
device-related flags.
(mymain): Update expected flags.
* tests/qemuhelpdata/qemu-0.12.1-device: New file.
* tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel60-device: New file.
* tests/qemuhelpdata/qemu-kvm-0.12.3-device: New file.
* tests/qemuhelpdata/qemu-kvm-0.13.0-device: New file.
2011-01-13 16:03:11 -07:00
Eric Blake
1ff03b28e9 util: add missing string->integer conversion functions
It was awkward having only int conversion in the virStrToLong family,
but only long conversion in the virXPath family.  Make both families
support both types.

* src/util/util.h (virStrToLong_l, virStrToLong_ul): New
prototypes.
* src/util/xml.h (virXPathInt, virXPathUInt): Likewise.
* src/util/util.c (virStrToLong_l, virStrToLong_ul): New
functions.
* src/util/xml.c (virXPathInt, virXPathUInt): Likewise.
* src/libvirt_private.syms (util.h, xml.h): Export them.
2011-01-13 15:10:40 -07:00
Eric Blake
221151813c qemu: convert capabilities to use virCommand
* src/qemu/qemu_capabilities.c (qemuCapsProbeMachineTypes)
(qemuCapsProbeCPUModels, qemuCapsParsePCIDeviceStrs)
(qemuCapsExtractVersionInfo): Use virCommand rather than virExec.
2011-01-13 11:05:36 -07:00
Jim Fehlig
af521a0182 Add HAP to xen hypervisor capabilities
xen-unstable c/s 16931 introduced a per-domain setting for hvm
guests to enable/disable hardware assisted paging.  If disabled,
software techniques such as shadow page tables are used.  If enabled,
and the feature exists in underlying hardware, hardware support for
paging is used.

Xen does not provide a mechanism to discover the HAP capability, so
we advertise its availability for hvm guests on Xen >= 3.3.
2011-01-13 09:30:26 -07:00
Jim Fehlig
041973504f Add support for HAP feature to xen drivers
xen-unstable c/s 16931 introduced a per-domain setting for hvm
guests to enable/disable hardware assisted paging.  If disabled,
software techniques such as shadow page tables are used.  If enabled,
and the feature exists in underlying hardware, hardware support for
paging is used.

This provides implementation for mapping HAP setting to/from
domxml/native formats in xen drivers.
2011-01-13 09:30:26 -07:00
Jim Fehlig
48a5dccda9 Add HAP to virDomainFeature enum
Extend the virDomainFeature enumeration to include HAP (hardware
assisted paging) feature.

Hardware features such as Extended Page Table and Nested Page
Table augment hypervisor software techniques such as shadow
page table.  Adding HAP to the virDomainFeature enumeration
allows users to select between hardware and software memory
management mechanisms for their guests.
2011-01-13 09:30:26 -07:00
Eric Blake
9ae992f243 virFindFileInPath: only find executable non-directory
Without this patch, at least tests/daemon-conf (which sticks
$builddir/src in the PATH) tries to execute the directory
$builddir/src/qemu rather than a real qemu binary.

* src/util/util.h (virFileExists): Adjust prototype.
(virFileIsExecutable): New prototype.
* src/util/util.c (virFindFileInPath): Reject non-executables and
directories.  Avoid huge stack allocation.
(virFileExists): Use lighter-weight syscall.
(virFileIsExecutable): New function.
* src/libvirt_private.syms (util.h): Export new function.
2011-01-13 08:10:55 -07:00
Matthias Bolte
c18df0b7c5 esx: Fix memory leak in HostSystem managed object free function 2011-01-12 22:38:42 +01:00
Wen Congyang
59d13aae32 report error when specifying wrong desturi
When we do peer2peer migration, the dest uri is an address of the
target host as seen from the source machine. So we must specify
the ip or hostname of target host in dest uri. If we do not specify
it, report an error to the user.

Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
2011-01-12 09:52:51 -07:00
Osier Yang
0444ce1b00 qemu: Reject SDL graphic if it's not supported by qemu
If the emulator doesn't support SDL graphic, we should reject
the use of SDL graphic xml with error messages, but not ignore
it silently, and pretend things are fine.

"-sdl" flag was exposed explicitly by qemu since 0.10.0, more detail:
http://www.redhat.com/archives/libvir-list/2011-January/msg00442.html

And we already have capability flag "QEMUD_CMD_FLAG_0_10", which
could be used to prevent the patch affecting the older versions
of QEMU.

* src/qemu/qemu_command.c
2011-01-12 09:52:51 -07:00
Matthias Bolte
e4570729ee vbox: Silently ignore missing registry key on Windows
Don't report an error when the VirtualBox registry key is missing,
as this just indicates that VirtualBox is not installed in general.

This matches the behavior of the XPCOM glue that silently ignores
a missing VBoxXPCOMC.so.
2011-01-11 20:56:25 +01:00
Richard W.M. Jones
feddaf1dc8 qemu: Watchdog IB700 is not a PCI device (RHBZ#667091).
Skip IB700 when assigning PCI slots.

Note: the I6300ESB watchdog _is_ a PCI device.

To test this: I applied this patch to libvirt-0.8.3-2.fc14 (rebasing
it slightly: qemu_command.c didn't exist in that version) and
installed this on my machine, then tested that I could successfully
add an ib700 watchdog device to a guest, start the guest, and the
ib700 was available to the guest.  I also added an i6300esb (PCI)
watchdog to another guest, and verified that libvirt assigned a PCI
device to it, that the guest could be started, and that i6300esb was
present in the guest.

Note that if you previously had a domain with a ib700 watchdog, it
would have had an <address type='pci' .../> clause added to it in the
libvirt configuration.  This patch does not attempt to remove this.
You cannot start such a domain -- qemu gives an error if you try.
With this patch you are able to remove the bogus address element
without libvirt adding it back.

Signed-off-by: Richard W.M. Jones <rjones@redhat.com>
2011-01-11 08:28:54 -07:00
Eric Blake
fae1b8aac4 cpu: plug memory leak
* src/cpu/cpu_x86.c (x86ModelLoad): Free data before overwriting.
2011-01-10 16:57:54 -07:00
Eric Blake
6e2bab80c8 network: plug memory leak
* src/conf/network_conf.c (virNetworkDefParseXML): Release ipNodes.
2011-01-10 15:35:37 -07:00
Eric Blake
243b7814c7 network: plug unininitialized read found by valgrind
* src/util/network.c (virSocketAddrMask): Zero out port, so that
iptables can initialize just the netmask then call
virSocketFormatAddr without an uninitialized read in getnameinfo.
2011-01-10 15:22:57 -07:00
Cole Robinson
1dd5c7f2df remote: Don't lose track of events when callbacks are slow
After the remote driver runs an event callback, it unconditionally disables the
loop timer, thinking it just flushed every queued event. This doesn't work
correctly though if an event is queued while a callback is running.

The events actually aren't being lost, it's just that the event loop didn't
think there was anything that needed to be dispatched. So all those 'lost
events' should actually get re-triggered if you manually kick the loop by
generating a new event (like creating a new guest).

The solution is to disable the dispatch timer _before_ we invoke any event
callbacks. Events queued while a callback is running will properly reenable the
timer.

More info at https://bugzilla.redhat.com/show_bug.cgi?id=624252
2011-01-10 14:44:03 -05:00
Daniel P. Berrange
d6623003c6 Refactor the security drivers to simplify usage
The current security driver usage requires horrible code like

    if (driver->securityDriver &&
        driver->securityDriver->domainSetSecurityHostdevLabel &&
        driver->securityDriver->domainSetSecurityHostdevLabel(driver->securityDriver,
                                                              vm, hostdev) < 0)

This pair of checks for NULL clutters up the code, making the driver
calls 2 lines longer than they really need to be. The goal of the
patchset is to change the calling convention to simply

  if (virSecurityManagerSetHostdevLabel(driver->securityDriver,
                                        vm, hostdev) < 0)

The first check for 'driver->securityDriver' being NULL is removed
by introducing a 'no op' security driver that will always be present
if no real driver is enabled. This guarentees driver->securityDriver
!= NULL.

The second check for 'driver->securityDriver->domainSetSecurityHostdevLabel'
being non-NULL is hidden in a new abstraction called virSecurityManager.
This separates the driver callbacks, from main internal API. The addition
of a virSecurityManager object, that is separate from the virSecurityDriver
struct also allows for security drivers to carry state / configuration
information directly. Thus the DAC/Stack drivers from src/qemu which
used to pull config from 'struct qemud_driver' can now be moved into
the 'src/security' directory and store their config directly.

* src/qemu/qemu_conf.h, src/qemu/qemu_driver.c: Update to
  use new virSecurityManager APIs
* src/qemu/qemu_security_dac.c,  src/qemu/qemu_security_dac.h
  src/qemu/qemu_security_stacked.c, src/qemu/qemu_security_stacked.h:
  Move into src/security directory
* src/security/security_stack.c, src/security/security_stack.h,
  src/security/security_dac.c, src/security/security_dac.h: Generic
  versions of previous QEMU specific drivers
* src/security/security_apparmor.c, src/security/security_apparmor.h,
  src/security/security_driver.c, src/security/security_driver.h,
  src/security/security_selinux.c, src/security/security_selinux.h:
  Update to take virSecurityManagerPtr object as the first param
  in all callbacks
* src/security/security_nop.c, src/security/security_nop.h: Stub
  implementation of all security driver APIs.
* src/security/security_manager.h, src/security/security_manager.c:
  New internal API for invoking security drivers
* src/libvirt.c: Add missing debug for security APIs
2011-01-10 18:10:52 +00:00
Osier Yang
92d6530106 conf: Report error if invalid type specified for character device
If invalid type is specified, e.g.
<serial type='foo'>
    <target port='0'/>
</serial>

We replace 'foo' with "null" type implicitly, without reporting an
error message to tell the user, and "start" or "edit" the domain
will be success.

It's not good to guess what the user wants, This patch is to fix
the problem.

* src/conf/domain_conf.c
2011-01-10 10:24:44 -07:00
Matthias Bolte
dd1f59a9e5 esx: Move occurrence check into esxVI_LookupObjectContentByType
This simplifies the callers of esxVI_LookupObjectContentByType.
2011-01-07 20:09:15 +01:00
Matthias Bolte
3d4f6eeeae esx: Add domain autostart support 2011-01-06 22:51:32 +01:00
Matthias Bolte
c2a6b26647 vmx: Add support for video device VRAM size
Update test suite accordingly.
2011-01-06 18:18:35 +01:00
Matthias Bolte
4283bcb0fd vbox: Use correct VRAM size unit
VirtualBox uses megabyte, libvirt uses kilobyte.
2011-01-06 18:18:35 +01:00
Osier Yang
a98d8f0d27 API: Improve log for domain related APIs
Add VM name/UUID in log for domain related APIs.
Format: "dom=%p, (VM: name=%s, uuid=%s), param0=%s, param1=%s

*src/libvirt.c (introduce two macros: VIR_DOMAIN_DEBUG, and
VIR_DOMAIN_DEBUG0)
2011-01-06 09:45:40 -07:00
Kay Schubert
a43c7338d8 bridge: Fix generation of dnsmasq's --dhcp-hostsfile option
I added a host definition to a network definition:

<network>
  <name>Lokal</name>
  <uuid>2074f379-b82c-423f-9ada-305d8088daaa</uuid>
  <bridge name='virbr1' stp='on' delay='0' />
  <ip address='192.168.180.1' netmask='255.255.255.0'>
    <dhcp>
      <range start='192.168.180.128' end='192.168.180.254' />
      <host mac='23:74:00:03:42:02' name='somevm' ip='192.168.180.10' />
    </dhcp>
  </ip>
</network>

But due to the wrong if-statement the argument --dhcp-hostsfile doesn't get
added to the dnsmasq command. The patch below fixes it for me.
2011-01-06 15:58:23 +01:00
Jiri Denemark
4684f478e4 qemu: Fix bogus warning about uninitialized saveptr
The warning is bogus since strtok_r doesn't use the value when it's
first called and initializes it for the following calls.
2011-01-06 09:25:34 +01:00
Laine Stump
a691cb88f2 Don't chown qemu saved image back to root after save if dynamic_ownership=0
When dynamic_ownership=0, saved images must be owned by the same uid
as is used to run the qemu process, otherwise restore won't work. To
accomplish this, qemuSecurityDACRestoreSavedStateLabel() needs to
simply return when it's called.

This fix is in response to:

  https://bugzilla.redhat.com/show_bug.cgi?id=661720
2011-01-05 20:22:19 -05:00
Laine Stump
cd6a8f9ce2 Log an error on attempts to add a NAT rule for non-IPv4 addresses
Although the upper-layer code protected against it, it was possible to
call iptablesForwardMasquerade() with an IPv6 address and have it
attempt to add a rule to the MASQUERADE chain of ip6tables (which
doesn't exist).

This patch changes that function to check the protocol of the given
address, generate an error log if it's not IPv4 (AF_INET), and finally
hardcodes all the family parameters sent down to lower-level functions.
2011-01-05 11:59:47 -05:00
Laine Stump
6741ca36bd Improve error reporting when parsing dhcp info for virtual networks
This is partially in response to

  https://bugzilla.redhat.com/show_bug.cgi?id=653300

The crash in that report was coincidentally fixed when we switched
from using inet_pton() to using virSocketParseAddr(), but the absence
of an ip address in a dhcp static host definition was still silently
ignored (and that entry discarded from the saved XML). This patch
turns that into a logged failure; likewise if the entry has neither a
mac address nor a name attribute (the entry is useless without at
least one of those, plus an ip address).

Since the network name is now pulled into this function in order for
those error logs to be more informative, the other error messages in
the function have also been changed to take advantage.
2011-01-05 11:59:34 -05:00
Stefan Berger
0922ff2fea qemu driver: fix positioning to end of log file
While doing some testing with Qemu and creating huge logfiles I encountered the case where the VM could not start anymore due to the lseek() to the end of the Qemu VM's log file failing. The patch below fixes the problem by replacing the previously used 'int' with 'off_t'.

To reproduce this error, you could do the following:

dd if=/dev/zero of=/var/log/libvirt/qemu/<name of VM>.log bs=1024 count=$((1024*2048))

and you should get an error like this:

error: Failed to start domain <name of VM>
error: Unable to seek to -2147482651 in /var/log/libvirt/qemu/<name of VM>.log: Success
2011-01-04 12:46:10 -05:00
Eric Blake
c685993d71 build: avoid compilation warnings
Detected on cygwin:
util/util.c: In function 'virSetUIDGID':
util/util.c:2824: warning: format '%d' expects type 'int', but argument 7 has type 'gid_t' [-Wformat]
(and three other lines)

* src/util/util.c (virSetUIDGID): Cast, as is done elsewhere in
this file, to avoid printf type mismatch warnings.
2011-01-03 15:26:33 -07:00
Hu Tao
b2dbc16044 threadpool: allow NULL jobdata
Don't require non-null jobdata to virThreadPoolSendJob().
2011-01-03 14:45:00 -07:00
Chris Wright
51798a5d1c node_device: udev driver does not handle SR-IOV devices
The udev driver does not update a PCI device with its SR-IOV capabilities,
when applicable, the way the hal driver does.  As a result, dumping the
device's XML will not include the relevant physical or virtual function
information.

With this patch, the XML is correct:

# virsh nodedev-dumpxml pci_0000_09_00_0
<device>
  <name>pci_0000_09_00_0</name>
  <parent>pci_0000_00_1c_0</parent>
  <driver>
    <name>vxge</name>
  </driver>
  <capability type='pci'>
    <domain>0</domain>
    <bus>9</bus>
    <slot>0</slot>
    <function>0</function>
    <product id='0x5833'>X3100 Series 10 Gigabit Ethernet PCIe</product>
    <vendor id='0x17d5'>Neterion Inc.</vendor>
    <capability type='virt_functions'>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x1'/>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x2'/>
      <address domain='0x0000' bus='0x0a' slot='0x00' function='0x3'/>
    </capability>
  </capability>
</device>

# virsh nodedev-dumpxml pci_0000_0a_00_1
<device>
  <name>pci_0000_0a_00_1</name>
  <parent>pci_0000_00_1c_0</parent>
  <driver>
    <name>vxge</name>
  </driver>
  <capability type='pci'>
    <domain>0</domain>
    <bus>10</bus>
    <slot>0</slot>
    <function>1</function>
    <product id='0x5833'>X3100 Series 10 Gigabit Ethernet PCIe</product>
    <vendor id='0x17d5'>Neterion Inc.</vendor>
    <capability type='phys_function'>
      <address domain='0x0000' bus='0x09' slot='0x00' function='0x0'/>
    </capability>
  </capability>
</device>

Cc: Dave Allan <dallan@redhat.com>
Signed-off-by: Chris Wright <chrisw@redhat.com>
2011-01-03 09:05:10 -07:00
Eric Blake
e80ed3fd3b virExec: fix logic bug
As pointed out in https://bugzilla.redhat.com/show_bug.cgi?id=659855#c9,
commit c3568ec2 introduced a regression where we no longer close any
fd's beyond FD_SETSIZE.

* src/util/util.c (__virExec): Continue to close fd's beyond
keepfd range.
Reported by Stefan Praszalowicz.
2010-12-31 10:12:10 -07:00
Laine Stump
77094eaf3a Improve virSocketAddrMask[ByPrefix] API
The original version of these functions would modify the address sent
in, meaning that the caller would usually need to copy the address
first. This change makes the original a const, and puts the resulting
masked address into a new arg (which could point to the same
virSocketAddr as the original, if the caller really wants to modify
it).

This also makes the API consistent with virSocketAddrBroadcast[ByPrefix].
2010-12-31 11:34:35 -05:00
Laine Stump
2eeeb60152 Set broadcast address for IPv4 addresses on virtual network bridges
Previously we used ioctl() to set the IP address and netmask of the
bridges used for virtual networks, and apparently the SIOCSIFNETMASK
ioctl implicitly set the broadcast address for the interface. The new
method of using the "ip" command requires broadcast address to be
explicitly specified though.
2010-12-31 11:34:24 -05:00
Laine Stump
86387878b0 Utility functions to produce an IPv4 broadcast address
These functions work only for IPv4, becasue IPv6 doesn't have the same
concept of "broadcast address" as IPv4. They merely OR the inverse of
the netmask with the given host address, thus turning on all the host
bits.
2010-12-31 11:34:12 -05:00
Matthias Bolte
6b6cb7ea15 esx: Fix "occurence" typo (again)
Also include some whitespace changes. No functional change included.
2010-12-30 12:56:55 +01:00
Matthias Bolte
8d2e24d6a8 vbox: Add support for VirtualBox 4.0
Add vboxArrayGetWithUintArg to handle new signature variations. Also
refactor vboxArrayGet* implementation to use a common helper function.

Deal with the incompatible changes in the VirtualBox 4.0 API. This
includes major changes in virtual machine and storage medium lookup,
in RDP server property handling, in session/lock handling and other
minor areas.

VirtualBox 4.0 also dropped the old event API and replaced it with a
completely new one. This is not fixed yet and will be addressed in
another patch. Therefore, currently the domain events are supported
for VirtualBox 3.x only.

Based on initial work from Jean-Baptiste Rouault.
2010-12-28 00:18:46 +01:00
Matthias Bolte
c4ce8333ac Fix misuse of VIR_ERR_INVALID_DOMAIN
VIR_ERR_INVALID_DOMAIN is meant for invalid domain pointers.
VIR_ERR_NO_DOMAIN is meant for non-existing domains.
2010-12-27 23:53:39 +01:00
Matthias Bolte
30a13736e4 vbox: Handle different IID representation in Version 2.2 on Windows
On Windows IID's are represented as GUID by value, instead of nsID
by reference on non-Windows platforms.

Patch the vbox_CAPI_v2_2.h header to deal with this difference.

Rewrite vboxIID abstraction that deals with the different IID
representations. Add support for the GUID representation. Also unify
the four context dependent free functions for vboxIIDs

  vboxIIDUnalloc, vboxIIDFree, vboxIIDUtf8Free, vboxIIDUtf16Free

into vboxIIDUnalloc that is now safe to be called (even multiple
times) on a vboxIID independent of the source and context of the
vboxIID.

The new vboxIID is designed to be used as a stack allocated variable.
It has a value member that represents the actual IID value.
2010-12-27 23:53:39 +01:00
Eric Blake
abff0290b1 qemu: add -incoming fd:n capability checking
* src/qemu/qemu_capabilities.h (QEMUD_CMD_FLAG_MIGRATE_QEMU_FD):
New enum value.
* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags): Populate
flags according to qemu version.
* tests/qemuhelptest.c (mymain): Adjust test.
2010-12-23 16:33:39 -07:00
Jiri Denemark
0ecac8aa54 bridge: Fix uninitialized variable 2010-12-23 23:13:05 +01:00
Laine Stump
f42cf7cb79 Replace setuid/setgid/initgroups with virSetUIDGID()
This patch fixes https://bugzilla.redhat.com/show_bug.cgi?id=664406

If qemu is run as a different uid, it has been unable to access mode
0660 files that are owned by a different user, but with a group that
the qemu is a member of (aside from the one group listed in the passwd
file), because initgroups() is not being called prior to the
exec. initgroups will change the group membership of the process (and
its children) to match the new uid.

To make this happen, the setregid()/setreuid() code in
qemuSecurityDACSetProcessLabel has been replaced with a call to
virSetUIDGID(), which does both of those, plus calls initgroups.

Similar, but not identical, code in qemudOpenAsUID() has been replaced
with virSetUIDGID(). This not only consolidates the functionality to a
single location, but also potentially fixes some as-yet unreported
bugs.
2010-12-23 16:48:37 -05:00
Laine Stump
d596c6dc9b new virSetUIDGID() utility function
virSetUIDGID() sets both the real and effective group and user of the
process, and additionally calls initgroups() to assure that the
process joins all the auxiliary groups that the given uid is a member
of.
2010-12-23 16:48:26 -05:00
Laine Stump
17e19adde2 Preserve errno across calls to error reporting functions & VIR_FREE
There are cases when we want log an error message, and possibly free
some memory as part of the cleanup, while still preserving errno for a
caller, but the functions that log errors, and virFree (VIR_FREE) make
system calls that will clear errno. This patch preserves errno during
those most basic functions (corresponding to virReportSystemError(),
virReportOOMError(), networkReportError(), etc, as well as
virStrError()). It does *not preserve errno across calls to higher
level items such as virDispatchError(), as it's assumed the caller is
all finished with any need for errno by the time it dispatches the
error.
2010-12-23 16:48:16 -05:00
Laine Stump
8090a56890 Run radvd for virtual networks with IPv6 addresses
Running an instance of the router advertisement daemon (radvd) allows
guests using the virtual network to automatically acquire an IPv6
address and default route. Note that acquiring an address only works
for networks with a prefix length of exactly 64 - radvd is still run
in other circumstances, and still advertises routes, but autoconf will
not work because it requires exactly 64 bits of address info from the
network prefix.

This patch avoids a race condition with the pidfile by manually
daemonizing radvd rather than allowing it to daemonize itself, then
creating our own pidfile (in addition to radvd's own file, which is
unnecessary, but there is no way to tell radvd to not create it). This
is accomplished by exec'ing it with "--debug 1" in the commandline,
and using virCommand's features to fork, create a pidfile, and detach
from the newly forked process.
2010-12-23 15:55:05 -05:00
Laine Stump
6ccce75240 Turn on IPv6 support in the bridge_driver.c virtual network driver
At this point everything is already in place to make IPv6 happen, we just
need to add a few rules, remove some checks for IPv4-only, and document
the changes to the XML on the website.
2010-12-23 15:54:46 -05:00
Laine Stump
537e65e7b7 Update iptables.c to also support ip6tables.
All of the iptables functions eventually call down to a single
bottom-level function, and fortunately, ip6tables syntax (for all the
args that we use) is identical to iptables format (except the
addresses), so all we need to do is:

1) Get an address family down to the lowest level function in each
   case, either implied through an address, or explicitly when no
   address is in the parameter list, and

2) At the lowest level, just decide whether to call "iptables" or
   "ip6tables" based on the family.

The location of the ip6tables binary is determined at build time by
autoconf. If a particular target system happens to not have ip6tables
installed, any attempts to run it will generate an error, but that
won't happen unless someone tries to define an IPv6 address for a
network. This is identical behavior to IPv4 addresses and iptables.
2010-12-23 15:54:32 -05:00
Laine Stump
ad48dfa15c Support multiple IP addresses on one network in bridge_driver.c
This patch reorganizes the code in bridge_driver.c to account for the
concept of a single network with multiple IP addresses, without adding
in the extra variable of IPv6. A small bit of code has been
temporarily added that checks all given addresses to verify they are
IPv4 - this will be removed when full IPv6 support is turned on.
2010-12-23 15:54:13 -05:00
Laine Stump
a950dd2a31 Change virtual network XML parsing/formatting to support IPv6
This commit adds support for IPv6 parsing and formatting to the
virtual network XML parser, including moving around data definitions
to allow for multiple <ip> elements on a single network, but only
changes the consumers of this API to accommodate for the changes in
API/structure, not to add any actual IPv6 functionality. That will
come in a later patch - this patch attempts to maintain the same final
functionality in both drivers that use the network XML parser - vbox
and "bridge" (the Linux bridge-based driver used by the qemu
hypervisor driver).

* src/libvirt_private.syms: Add new private API functions.
* src/conf/network_conf.[ch]: Change C data structure and
  parsing/formatting.
* src/network/bridge_driver.c: Update to use new parser/formatter.
* src/vbox/vbox_tmpl.c: update to use new parser/formatter
* docs/schemas/network.rng: changes to the schema -
  * there can now be more than one <ip> element.
  * ip address is now an ip-addr (ipv4 or ipv6) rather than ipv4-addr
  * new optional "prefix" attribute that can be used in place of "netmask"
  * new optional "family" attribute - "ipv4" or "ipv6"
    (will default to ipv4)
  * define data types for the above
* tests/networkxml2xml(in|out)/nat-network.xml: add multiple <ip> elements
  (including IPv6) to a single network definition to verify they are being
  correctly parsed and formatted.
2010-12-23 15:53:55 -05:00
Laine Stump
20718b8bcb Replace brSetInetAddress/brSetInetNetmask with brAddInetAddress
brSetInetAddress can only set a single IP address on the bridge, and
uses a method (ioctl(SIOCSETIFADDR)) that only works for IPv4. Replace
it and brSetInetNetmask with a single function that uses the external
"ip addr add" command to add an address/prefix to the interface - this
supports IPv6, and allows adding multiple addresses to the interface.

Although it isn't currently used in the code, we also add a
brDelInetAddress for completeness' sake.

Also, while we're modifying bridge.c, we change brSetForwardDelay and
brSetEnableSTP to use the new virCommand API rather than the
deprecated virRun, and also log an error message in bridge_driver.c if
either of those fail (previously the failure would be completely
silent).
2010-12-23 15:53:26 -05:00
Laine Stump
4713f074a5 Make virtual network netmasks optional
When a netmask isn't specified for an IPv4 address, one can be implied
based on what network class range the address is in. The
virNetworkDefPrefix function does this for us, so netmask isn't
required.
2010-12-23 15:53:04 -05:00
Laine Stump
b23d417cc7 Pass prefix rather than netmask into iptables functions
IPv6 will use prefix exclusively, and IPv4 will also optionally be
able to use it, and the iptables functions really need a prefix
anyway, so use the new virNetworkDefPrefix() function to send prefixes
into iptables functions instead of netmasks.

Also, in a couple places where a netmask is actually needed, use the
new private API function for it rather than getting it directly. This
will allow for cases where no netmask or prefix is specified (it
returns the default for the current class of network.)
2010-12-23 15:52:55 -05:00
Laine Stump
6e3e6db14f Consistently return 0 on success, -1 on failure in bridge_driver.c
Some functions in this file were returning 1 on success and 0 on
failure, and others were returning 0 on success and -1 on
failure. Switch them all to return the libvirt-preferred 0/-1.
2010-12-23 15:52:46 -05:00
Laine Stump
cf7311892a Fix logging of failed iptables commands
The functions in iptables.c all return -1 on failure, but all their
callers (which all happen to be in bridge_driver.c) assume that they
are returning an errno, and the logging is done accordingly. This
patch fixes all the error checking and logging to assume < 0 is an
error, and nothing else.
2010-12-23 15:52:28 -05:00
Laine Stump
8322863fd5 New virNetworkDef utility functions
Later patches will add the possibility to define a network's netmask
as a prefix (0-32, or 0-128 in the case of IPv6). To make it easier to
deal with definition of both kinds (prefix or netmask), add two new
functions:

virNetworkDefNetmask: return a copy of the netmask into a
virSocketAddr. If no netmask was specified in the XML, create a
default netmask based on the network class of the virNetworkDef's IP
address.

virNetworkDefPrefix: return the netmask as numeric prefix (or the
default prefix for the network class of the virNetworkDef's IP
address, if no netmask was specified in the XML)
2010-12-23 15:52:20 -05:00
Laine Stump
1ab80f32dd New virSocketAddr utility functions
virSocketPrefixToNetmask: Given a 'prefix', which is the number of 1
bits in a netmask, fill in a virSocketAddr object with a netmask as an
IP address (IPv6 or IPv4).

virSocketAddrMask: Mask off the host bits in one virSocketAddr
according to the netmask in another virSocketAddr.

virSocketAddrMaskByPrefix, Mask off the host bits in a virSocketAddr
according to a prefix (number of 1 bits in netmask).

VIR_SOCKET_FAMILY: return the family of a virSocketAddr
2010-12-23 15:52:11 -05:00
Matthias Bolte
2412babedb qemu: Reparent children when deleting a snapshot
Shorten qemuDomainSnapshotWriteSnapshotMetadata function name
and make it take a snapshot pointer instead of dealing with
the current snapshot. Update other functions accordingly.

Add a qemuDomainSnapshotReparentChildren hash iterator to
reparent the children of a snapshot that is being deleted. Use
qemuDomainSnapshotWriteMetadata to write updated metadata
to disk.

This fixes a problem where outdated parent information breaks
the snapshot tree and hinders the deletion of child snapshots.

Reported by Philipp Hahn.
2010-12-23 16:42:08 +01:00