Commit Graph

12854 Commits

Author SHA1 Message Date
Philipp Hahn
51ab5908a1 doc/schema: add ocfs2 for disk vol
Add ocfs2 for disk vol.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2013-03-20 21:46:53 +08:00
Daniel P. Berrange
f07f9733cb Fix typos s/HAVE_SELINUX/WITH_SELINUX/
The virNetSocket & virIdentity classes accidentally got some
conditionals using HAVE_SELINUX instead of WITH_SELINUX.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-20 13:23:40 +00:00
Gao feng
4dceffadc9 LXC: add cpuset cgroup support for lxc
This patch adds cpuset cgroup support for LXC.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2013-03-20 19:37:16 +08:00
Gao feng
45e9d27ad8 NUMA: cleanup for numa related codes
Intend to reduce the redundant code,use virNumaSetupMemoryPolicy
to replace virLXCControllerSetupNUMAPolicy and
qemuProcessInitNumaMemoryPolicy.

This patch also moves the numa related codes to the
file virnuma.c and virnuma.h

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2013-03-20 19:37:00 +08:00
Olivia Yin
4755e863d1 fix TLS error with virNetServerClientCreateIdentity
Compilation error when WITH_GNUTLS is 0, introduced in commit d5e83ad.
2013-03-19 20:57:08 -06:00
Gao feng
c9759a7b63 LXC: allow uses advisory nodeset from querying numad
Allow lxc using the advisory nodeset from querying numad,
this means if user doesn't specify the numa nodes that
the lxc domain should assign to, libvirt will automatically
bind the lxc domain to the advisory nodeset which queried from
numad.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2013-03-19 20:03:29 -06:00
Gao feng
763edb5ebe rename qemuGetNumadAdvice to virNumaGetAutoPlacementAdvice
qemuGetNumadAdvice will be used by LXC driver, rename
it to virNumaGetAutoPlacementAdvice and move it to virnuma.c

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2013-03-19 15:55:40 -06:00
Olivia Yin
26705e02c1 selinux: deal with dtb file 2013-03-19 15:48:59 -06:00
Olivia Yin
0b3509e245 qemu: add dtb option support
The "dtb" option sets the filename for the device tree.
If without this option support, "-dtb file" will be converted into
<qemu:commandline> in domain XML file.
For example, '-dtb /media/ram/test.dtb' will be converted into
  <qemu:commandline>
    <qemu:arg value='-dtb'/>
    <qemu:arg value='/media/ram/test.dtb'/>
  </qemu:commandline>

This is not very friendly.
This patchset add special <dtb> tag like <kernel> and <initrd>
which is easier for user to write domain XML file.
  <os>
    <type arch='ppc' machine='ppce500v2'>hvm</type>
    <kernel>/media/ram/uImage</kernel>
    <initrd>/media/ram/ramdisk</initrd>
    <dtb>/media/ram/test.dtb</dtb>
    <cmdline>root=/dev/ram rw console=ttyS0,115200</cmdline>
  </os>

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-19 15:48:58 -06:00
Olivia Yin
9545acd9f0 conf: support <dtb> tag in XML domain file 2013-03-19 15:48:58 -06:00
Doug Goldstein
52ad612c1e Fix --without-libvirtd builds
When building with --without-libvirtd and udev support is detected we
will fail to build with the following error:
    node_device/node_device_udev.c:1608:37: error: unknown type name
        'virStateInhibitCallback'
2013-03-19 16:02:06 -05:00
Gene Czarcinski
1cd2078c88 rename tests/conftest.c
To prevent confusion with configure's popular name
for a file, rename conftest.c to test_conf.c which
is consistent with the invoking test_conf.sh
Signed-off-by: Gene Czarcinski <gene@czarc.net>
2013-03-19 13:13:28 -06:00
Laine Stump
57f39e03ff storage: fix unlikely memory leak in rbd backend
virStorageBackendRBDRefreshPool() first allocates an array big enough
to hold 1024 names, then calls rbd_list(), which returns ERANGE if the
array isn't big enough. When that happens, the VIR_ALLOC_N is called
again with a larger size. Unfortunately, the original array isn't
freed before allocating a new one.
2013-03-19 12:10:42 -04:00
Christophe Fergeau
5ab0c045e3 Fix /pool/storage/name documentation
There was a 2 word sentence 'remote server' which is a left-over
from copy and paste.
2013-03-19 15:48:45 +01:00
Christophe Fergeau
ff1d26fae4 Fix /pool/storage/directory@path documentation
Because of a wrong copy and paste, the documentation was saying that
'path' is the path to a block device node while it's a path to a
directory.
2013-03-19 15:48:45 +01:00
Daniel P. Berrange
0a418355cc Do not prematurely close loop devices in LXC controller
The LXC controller is closing loop devices as soon as the
container has started. This is fine if the loop device
was setup as a mounted filesystem, but if we're just passing
through the loop device as a disk, nothing else is keeping
it open. Thus we must keep the loop device FDs open for as
long the libvirt_lxc process is running.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 14:46:40 +00:00
Daniel P. Berrange
1760258cc3 Setup LXC cgroups in two phases
Currently the LXC controller creates the cgroup, configures the
resources and adds the task all in one go. This is not sufficiently
flexible for the forthcoming NBD integration. We need to make sure
the NBD process gets into the right cgroup immediately, but we can
not have limits (in particular the device ACL) applied at the point
where we start qemu-nbd. So create a virLXCCgroupCreate method
which creates the cgroup and adds the current task to be called
early, and leave virLXCCgroupSetup to only do resource config.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 14:46:35 +00:00
Daniel P. Berrange
ebf78be4c2 Set the current client identity during API call dispatch
When dispatching an RPC API call, setup the current identity to
hold the identity of the network client associated with the
RPC message being dispatched. The setting is thread-local, so
only affects the API call in this thread

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:52:06 +00:00
Daniel P. Berrange
d5e83ad9b7 Add ability to get a virIdentity from a virNetServerClientPtr
Add APIs which allow creation of a virIdentity from the info
associated with a virNetServerClientPtr instance. This is done
based on the results of client authentication processes like
TLS, x509, SASL, SO_PEERCRED

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:52:02 +00:00
Daniel P. Berrange
8c5d28c1ad Add API to get the system identity
If no user identity is available, some operations may wish to
use the system identity. ie the identity of the current process
itself. Add an API to get such an identity.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:45:19 +00:00
Daniel P. Berrange
8726e91b3a Add APIs for associating a virIdentityPtr with the current thread
To allow any internal API to get the current identity, add APIs
to associate a virIdentityPtr with the current thread, via a
thread local

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:38:44 +00:00
Daniel P. Berrange
3aabe27247 Define internal APIs for managing identities
Introduce a local object virIdentity for managing security
attributes used to form a client application's identity.
Instances of this object are intended to be used as if they
were immutable, once created & populated with attributes

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:37:37 +00:00
Daniel P. Berrange
51997e50fa Add APIs to get at more client security data
A socket object has various pieces of security data associated
with it, such as the SELinux context, the SASL username and
the x509 distinguished name. Add new APIs to virNetServerClient
and related modules to access this data.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-19 13:11:46 +00:00
Jiri Denemark
ef3cd6473f qemu: Fix startupPolicy regression
Commit 82d5fe5437

    qemu: check backing chains even when cgroup is omitted

added backing file checks just before the code that removes optional
disks if they are not present. However, the backing chain code fails in
case the disk file does not exist, which makes qemuProcessStart fail
regardless on configured startupPolicy.

Note that startupPolicy implementation is still wrong after this patch
since it only check the first file in a possible chain. It should rather
check the complete backing chain. But this is an existing limitation
that can be solved later. After all, startupPolicy is most useful for
CDROM images and they won't make use of backing files in most cases.
2013-03-18 14:11:58 +01:00
Paolo Bonzini
eebbb232e6 qemu: support URI syntax for NBD
QEMU 1.3 and newer support an alternative URI-based syntax to specify
the location of an NBD server.  Libvirt can keep on using the old
syntax in general, but only the URI syntax supports IPv6 addresses.

The URI syntax also supports relative paths to Unix sockets.  These
should never be used but aren't explicitly blocked either by the parser,
so support it just in case.

The URI syntax is intentionally compatible with Gluster's, and the
code can be reused.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-15 15:47:50 -06:00
Paolo Bonzini
be2a15dd60 qemu: support NBD with Unix sockets
This reuses the XML format that was introduced for Gluster.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-15 15:27:56 -06:00
Paolo Bonzini
0aa9f522c4 qemu: support named nbd exports
These are supported by nbd-server and by the NBD server that QEMU
embeds for live image access.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-15 15:12:41 -06:00
Paolo Bonzini
db95213e59 qemu: rewrite NBD command-line builder and parser
Move the code to an external function, and structure it to prepare
the addition of new features in the next few patches.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-15 14:52:43 -06:00
Paolo Bonzini
b96e0c18e1 qemu: test NBD command-line builder and parser
Enable more testing of NBD parsing, to ensure rewrites work.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2013-03-15 14:42:45 -06:00
Eric Blake
7af86379ef util: portably check for unchanged uid
We've already scrubbed for comparisons of 'uid_t == -1' (which fail
on platforms where uid_t is a u16), but another one snuck in.

* src/util/virutil.c (virSetUIDGIDWithCaps): Correct uid comparison.
* cfg.mk (sc_prohibit_risky_id_promotion): New rule.
2013-03-15 10:55:51 -06:00
Paolo Bonzini
af9474557e qemu: do not support non-network disks without -drive
QEMU added -drive in 2007, and NBD in 2008.  Both appeared first in
release 0.10.0.  Thus the code to support network disks without -drive
is dead, and in fact it incorrectly escapes commas.  Drop it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-15 08:34:06 -06:00
Martin Kletzander
73cc87d161 Cleanup useless flags specifications
After we switched to C99 initialization, I noticed there were many
places where the specification of .flags parameter differed.  After
going through many options and deciding whether to unify the
initialization to be '.flags = 0' or '.flags = VSH_OFLAG_NONE', I
realized both can be removed and it makes the code easier to go
through.
2013-03-15 15:05:45 +01:00
Martin Kletzander
66f1bbc350 Fix snapshot-create-as syntax in help output
According to the man page, the memspec parameter should have the
'--memspec' option mandatory and this is as close as we can get to
that.  What this change does is explained below.

man virsh:

snapshot-create-as ... [[--live] [--memspec memspec]]

virsh help snapshot-create-as before this patch:

  SYNOPSIS
    snapshot-create-as ... [<memspec>] ...
...
  OPTIONS
    [--memspec] <string> ...

virsh help snapshot-create-as after this patch:

  SYNOPSIS
    snapshot-create-as ... [--memspec <string>] ...
...
  OPTIONS
    --memspec <string> ...
2013-03-15 15:05:44 +01:00
Martin Kletzander
abfff21006 Make vshDebug work when parsing parameters
The vshInit initializes ctl->debug by which vshDebug (which is also
called in vshParseArgv) decides whether to print out the message or
not.
2013-03-15 15:05:44 +01:00
Li Zhang
cc78d7ba0e Remove contiguous CPU indexes assumption
When getting CPUs' information, it assumes that CPU indexes
are not contiguous. But for ppc64 platform, CPU indexes are not
contiguous because SMT is needed to be disabled, so CPU information
is not right on ppc64 and vpuinfo, vcpupin can't work corretly.

This patch is to remove the assumption to be compatible with ppc64.

Test:
   4 vcpus are assigned to one VM and execute vcpuinfo command.

   Without patch: There is only one vcpu informaion can be listed.
   With patch: All vcpus' information can be listed correctly.

Signed-off-by: Li Zhang <zhlcindy@linux.vnet.ibm.com>
2013-03-15 17:56:17 +08:00
Christophe Fergeau
e5a632bb6f Update to COPYING.LIB to latest LGPLv2.1 copy
The text version
of LGPLv2.1 available at
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt is slightly
different from COPYING.LIB:
- several paragraphs were rewrapped
- the FSF address has changed, so the license has been changed to
  indicate the newer address

I've checked that there are no changes in the license text apart from
the updated address, which is what I want to fix with this commit.
2013-03-15 10:50:32 +01:00
Yanbing Du
8bf8a89ac1 Fix a copy & paste error for virsh dump help
Signed-off-by: Yanbing Du <ydu@redhat.com>
2013-03-15 16:22:49 +08:00
Peter Krempa
a71680fe92 audit: Audit resources used by VirtIO RNG
This patch adds auditing of resources used by Virtio RNG devices. Only
resources on the local filesystems are audited.

The audit logs look like:

For the 'random' backend:
type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'

For local character device source:
type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
2013-03-15 09:07:20 +01:00
Viktor Mihajlovski
53187afd81 S390: Testcases for virtio-scsi and virtio-rng
Adding test cases for virtio-scsi and virtio-rng. Since ccw is covering
the superset of the s390 bus handling, these are deemed to be sufficient.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-03-14 15:53:20 -06:00
Viktor Mihajlovski
4c1d1497e2 S390: Enable virtio-scsi and virtio-rng
Newer versions of QEMU support virtio-scsi and virtio-rng devices
on the virtio-s390 and ccw buses. Adding capability detection,
address assignment and command line generation for that.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-03-14 15:34:54 -06:00
Viktor Mihajlovski
6c92773256 qemu: Rename virtio-scsi capability
QEMU_CAPS_VIRTIO_SCSI_PCI implies that virtio-scsi is only supported
for the PCI bus, which is not the case. Remove the _PCI suffix.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2013-03-14 14:56:11 -06:00
Laine Stump
49fa91b3ee util: fix clear_emulator_capabilities=0
My commit 7a2e845a86 (and its
prerequisites) managed to effectively ignore the
clear_emulator_capabilities setting in qemu.conf (visible in the code
as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the
result that the capabilities are always cleared regardless of the
qemu.conf setting. This patch fixes it by passing the flag through to
virSetUIDGIDWithCaps(), which uses it to decide whether or not to
clear existing capabilities before adding in those that were
requested.

Note that the existing capabilities are *always* cleared if the new
process is going to run as non-root, since the whole point of running
non-root is to have the capabilities removed (it's still possible to
maintain individual capabilities as needed using the capBits argument
though).
2013-03-14 14:02:32 -04:00
Eric Blake
5ac846e42e qemu: detect multi-head qxl via more than version check
Multi-head QXL support is so useful that distros have started to
backport it to qemu earlier than 1.2.  After discussion with
Alon Levy, we determined that the existence of the qxl-vga.surfaces
property is a reliable indicator of whether '-device qxl-vga' works,
or whether we have to stick to the older '-vga qxl'.  I'm leaving
in the existing check for QEMU_CAPS_DEVICE_VIDEO_PRIMARY tied to
qemu 1.2 and newer (in case qemu is built without qxl support),
but for those distros that backport qxl, this additional capability
check will allow the correct command line for both RHEL 6.3 (which
lacks the feature) and RHEL 6.4 (where qemu still claims to be
version 0.12.2.x, but has backported multi-head qxl).

* src/qemu/qemu_capabilities.c (virQEMUCapsObjectPropsQxlVga): New
property test.
(virQEMUCapsExtractDeviceStr): Probe for backport of new
capability to qemu earlier than 1.2.
* tests/qemuhelpdata/qemu-kvm-1.2.0-device: Update test.
* tests/qemuhelpdata/qemu-1.2.0-device: Likewise.
* tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device:
Likewise.
2013-03-14 09:38:20 -06:00
Daniel P. Berrange
0946c5f5fc Fix deps for generating RPC dispatch code
The src/lxc/lxc_*_dispatch.h files only had deps on the
RPC generator script & the XDR definition file. So when
the Makefile.am args passed to the generator were change,
the disaptch code was not re-generated. This caused a
build failure

  CC       libvirt_lxc-lxc_controller.o
lxc/lxc_controller.c: In function 'virLXCControllerSetupServer':
lxc/lxc_controller.c:718:47: error: 'virLXCMonitorProcs' undeclared (first use in this function)
lxc/lxc_controller.c:718:47: note: each undeclared identifier is reported only once for each function it appears in
lxc/lxc_controller.c:719:47: error: 'virLXCMonitorNProcs' undeclared (first use in this function)
make[3]: *** [libvirt_lxc-lxc_controller.o] Error 1

For added fun, the generated files were not listed in
CLEANFILES, so only a 'git clean -f' would fix the build

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 14:55:43 +00:00
Ján Tomko
6e46477c23 Fix size probing for VDI images
Commit 027bf2ea used the wrong offset: the text field at the start
of the header has 64 bytes, not 68. [1]

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=921452

[1] https://forums.virtualbox.org/viewtopic.php?p=29267#p29267
2013-03-14 15:12:06 +01:00
Daniel P. Berrange
403594eb8c Fix generation of systemtap probes for RPC protocols
The naming used in the RPC protocols for the LXC monitor and
lock daemon confused the script used to generate systemtap
helper functions. Rename the LXC monitor protocol symbols to
reduce confusion. Adapt the gensystemtap.pl script to cope
with the LXC monitor / lock daemon naming conversions.

This has no functional impact on RPC wire protocol, since
names are only used in the C layer

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 12:42:22 +00:00
Daniel P. Berrange
ad9ea4a9fd Re-add DTrace probes on 'dispose' functions
When converting to virObject, the probes on the 'Free' functions
were removed on the basis that there is a probe on virObjectFree
that suffices. This puts a burden on people writing probe scripts
to identify which object is being dispose. This adds back probes
in the 'Dispose' functions and updates the rpc monitor systemtap
example to use them

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 12:42:21 +00:00
Daniel P. Berrange
1732c1c629 Fix parsing of SELinux ranges without a category
Normally libvirtd should run with a SELinux label

  system_u:system_r:virtd_t:s0-s0:c0.c1023

If a user manually runs libvirtd though, it is sometimes
possible to get into a situation where it is running

  system_u:system_r:init_t:s0

The SELinux security driver isn't expecting this and can't
parse the security label since it lacks the ':c0.c1023' part
causing it to complain

  internal error Cannot parse sensitivity level in s0

This updates the parser to cope with this, so if no category
is present, libvirtd will hardcode the equivalent of c0.c1023.

Now this won't work if SELinux is in Enforcing mode, but that's
not an issue, because the user can only get into this problem
if in Permissive mode. This means they can now start VMs in
Permissive mode without hitting that parsing error

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 12:42:21 +00:00
Daniel P. Berrange
4a92fe4413 Separate MCS range parsing from MCS range checking
Pull the code which parses the current process MCS range
out of virSecuritySELinuxMCSFind and into a new method
virSecuritySELinuxMCSGetProcessRange.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 12:42:21 +00:00
Daniel P. Berrange
f2d8190cfb Fix memory leak on OOM in virSecuritySELinuxMCSFind
The body of the loop in virSecuritySELinuxMCSFind would
directly 'return NULL' on OOM, instead of jumping to the
cleanup label. This caused a leak of several local vars.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-03-14 12:42:21 +00:00