Commit Graph

7362 Commits

Author SHA1 Message Date
Jiri Denemark
c7d5cdb15b xenapi: Convert to virMacAddr 2012-07-17 17:55:52 +02:00
Michal Privoznik
9d1938896c nwfilter: Convert to virMacAddrPtr not virMacAddrPtr*
My previous patch wasn't complete as it converted from
(unsigned char *) to (virMacAddrPtr *). It should be
(virMacAddrPtr) only.
2012-07-17 16:29:43 +02:00
Michal Privoznik
14197c7472 nwfilter: Convert to virMacAddrPtr completely
The previous commit (387117ad92) was incomplete leaving those
who does not use libpcap with uncompilable sources beacuse
of incomplete conversion of virNWFilterDHCPSnoopReq function.
2012-07-17 16:05:30 +02:00
Stefan Berger
387117ad92 Convert 'raw MAC address' usages to use virMacAddr
Introduce new members in the virMacAddr 'class'
- virMacAddrSet: set virMacAddr from a virMacAddr
- virMacAddrSetRaw: setting virMacAddr from raw 6 byte MAC address buffer
- virMacAddrGetRaw: writing virMacAddr into raw 6 byte MAC address buffer
- virMacAddrCmp: comparing two virMacAddr
- virMacAddrCmpRaw: comparing a virMacAddr with a raw 6 byte MAC address buffer

then replace raw MAC addresses by replacing

- 'unsigned char *' with virMacAddrPtr
- 'unsigned char ... [VIR_MAC_BUFLEN]' with virMacAddr

and introduce usage of above functions where necessary.
2012-07-17 08:07:59 -04:00
Jiri Denemark
87c8623161 qemu: Do not fail virConnectCompareCPU if host CPU is not known
When host CPU could not be properly detected, virConnectCompareCPU will
just report that any CPU is incompatible with host CPU instead of
failing.
2012-07-16 13:21:38 +02:00
Jiri Denemark
8e6fb68f1f qemu: Fix probing for guest capabilities
Even though qemu-kvm binaries can be used in TCG mode, libvirt would
only detect them if /dev/kvm was available. Thus, one would need to make
a /usr/bin/qemu symlink to be able to use TCG mode with qemu-kvm in an
environment without KVM support.

And even though QEMU is able to make use of KVM, libvirt would not
advertise KVM support unless there was a qemu-kvm symlink available.

This patch fixes both issues.
2012-07-16 11:45:37 +02:00
Daniel P. Berrange
1d9d5103b4 Wire up handling for QMP's BALLOON_EVENT
If QEMU supports the BALLOON_EVENT QMP event, then we can
avoid invoking 'query-balloon' when returning XML or the
domain info.

* src/qemu/qemu_capabilities.c, src/qemu/qemu_capabilities.h:
  Add QEMU_CAPS_BALLOON_EVENT
* src/qemu/qemu_driver.c: Skip query-balloon in
  qemudDomainGetInfo and qemuDomainGetXMLDesc if we have
  QEMU_CAPS_BALLOON_EVENT set
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Check
  for BALLOON_EVENT at connect to monitor. Add callback
  for balloon change notifications
* src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h:
  Add handling of BALLOON_EVENT and impl 'query-events'
  check

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-14 16:02:34 +08:00
Daniel P. Berrange
7ed6d7dda7 Define public API for receiving guest memory balloon events
When the guest changes its memory balloon applications may want
to know what the new value is, without having to periodically
poll on XML / domain info. Introduce a "balloon change" event
to let apps see this

* include/libvirt/libvirt.h.in: Define the
  virConnectDomainEventBalloonChangeCallback callback
  and VIR_DOMAIN_EVENT_ID_BALLOON_CHANGE constant
* python/libvirt-override-virConnect.py,
  python/libvirt-override.c: Wire up helpers for new event
* daemon/remote.c: Helper for serializing balloon event
* examples/domain-events/events-c/event-test.c,
  examples/domain-events/events-python/event-test.py: Add
  example of balloon event usage
* src/conf/domain_event.c, src/conf/domain_event.h: Handling
  of balloon events
* src/remote/remote_driver.c: Add handler of balloon events
* src/remote/remote_protocol.x: Define wire protocol for
  balloon events
* src/remote_protocol-structs: Likewise.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-14 16:02:26 +08:00
Chuck Short
db4eba91a7 ARMHF: CPU Support for armhf.
Adding CPU encoder/decoder for armhf to avoid runtime error messages.

Signed-off-by: Chuck Short <chuck.short@canonical.com>
2012-07-13 10:03:22 -06:00
Hu Tao
102c69414c fix failure when building with --disable-debug
When building with --disable-debug, VIR_DEBUG expands to a nop.
But parameters to VIR_DEBUG can be variables that are passed only
to VIR_DEBUG. In the case the building system complains about unused
variables.
2012-07-13 06:38:18 -06:00
Jiri Denemark
3189dfb163 Clarify direct migration
When --direct is used when migrating a domain running on a hypervisor
that does not support direct migration (such as QEMU), the caller would
get the following error message:

    this function is not supported by the connection driver:
    virDomainMigrateToURI2

which is a complete nonsense since qemu driver implements
virDomainMigrateToURI2. This patch would emit a more sensible error in
this case:

    Requested operation is not valid: direct migration is not supported
    by the connection driver
2012-07-13 09:15:18 +02:00
Christophe Fergeau
efe6c80211 Fix daemon auto-spawning
Commit 32a9aac switched libvirt to use the XDG base directories
to locate most of its data/config. In particular, the per-user socket
for qemu:///session is now stored in the XDG runtime directory.
This directory is located by looking at the XDG_RUNTIME_DIR environment
variable, with a fallback to ~/.cache/libvirt if this variable is not
set.

When the daemon is autospawned because a client application wants
to use qemu:///session, the daemon is ran in a clean environment
which does not contain XDG_RUNTIME_DIR. It will create its socket
in ~/.cache/libvirt. If the client application has XDG_RUNTIME_DIR
set, it will not look for the socket in the fallback place, and will
fail to connect to the autospawned daemon.

This patch adds XDG_RUNTIME_DIR to the daemon environment before
auto-starting it. I've done this in virNetSocketForkDaemon rather
than in virCommandAddEnvPassCommon as I wasn't sure we want to pass
these variables to other commands libvirt spawns. XDG_CACHE_HOME
and XDG_CONFIG_HOME are also added to the daemon env as it makes use
of those as well.
2012-07-12 13:52:36 +02:00
Daniel P. Berrange
1ffc78b54b Support creation of sparse LVM volumes
When calling 'lvcreate' if specifying both the '-L' and
'--virtualsize' options, the latter will be treated as
the capacity and the former as the allocation. This can
be used to support sparse volume creation. In addition,
when listing volumes it is necessary to include the 'size'
field in lvs output, so that we can detect sparse volume
allocation correctly.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-12 11:02:26 +01:00
Daniel P. Berrange
258e06c85b Remove all use of virRun in storage code
To make it easier to dynamically change the command line ARGV,
switch all storage code over to use virCommandPtr APIs for
running programs

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-12 11:02:09 +01:00
Sascha Peilicke
5079a7b3e2 Fix directory removal in filesystem storage driver
Fix the virStorageBackendFileSystemVolDelete method to not use
unlink() unconditionally. It must use rmdir() for volumes which
are directories. It should also raise an error if given a volume
which has the network/block type.
2012-07-11 16:42:06 +01:00
Osier Yang
8a544719aa storage: Default pool permission mode to 0755
Per the typical use of libvirt is to fork the qemu process with
qemu:qemu. Setting the pool permission mode as 0700 by default
will prevent the guest start with permission reason.

Define macro for the default pool and vol permission modes
incidentally.
2012-07-11 22:40:48 +08:00
Daniel P. Berrange
97d7f02dcc Fix shutdown of LXC controller
Since we are not yet using the virNetServerPtr object for running
the event loop, we can't use virNetServerQuit(). Instead set the
global 'quit' flag in libvirt_lxc
2012-07-11 14:46:24 +01:00
Peter Krempa
80533ca25d nodeinfo: Fix gathering of nodeinfo data structure
This patch changes the way data to fill the nodeinfo structure are
gathered. We've gathere the test data by iterating processors an sockets
separately from nodes. The reported data was based solely on information
about core id. Problems arise when eg cores in mulit-processor machines
don't have same id's on both processors or maybe one physical processor
contains more NUMA nodes.

This patch changes the approach how we detect processors and nodes. Now
we start at enumerating nodes and for each node processors, sockets and
threads are enumerated separately. This approach provides acurate data
that comply to docs about the nodeinfo structure. This also enables to
get rid of hacks: see commits 10d9038b74,
ac9dd4a676. (Those changes in nodeinfo.c
are efectively reverted by this patch).

This patch also changes output of one of the tests, as the processor
topology is now acquired more precisely.
2012-07-11 15:32:19 +02:00
Viktor Mihajlovski
d0304eaac7 S390: Add support for virtio-s390 devices.
The s390(x) architecture doesn't feature a PCI bus. For the purpose of
supporting virtio devices a virtual bus called virtio-s390 is used.
A new address type VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390 is used to
distinguish the virtio devices on s390 from PCI-based virtio devices.

V3 Change: updated QEMU_CAPS_VIRTIO_S390 to fit upstream.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-07-11 11:19:05 +02:00
Viktor Mihajlovski
f5dd58a608 qemu: Extended qemuDomainAssignAddresses to be callable from everywhere.
This is in preparation of the enablement of s390 guests with virtio devices.

The assignment of device addresses happens in different places, i.e. the
qemu driver and process modules as well as in the unit tests in slightly
different flavors. Currently, these are PPC spapr-vio and PCI
devices, virtio-s390 (not PCI based) will follow.

By optionally passing to qemuDomainAssignAddresses the domain
object and the capabilities it is now possible to call the function
from most of the places (except for hotplug) where address assignment
is done.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-07-11 11:19:05 +02:00
Guido Günther
31351c316f openvz: Handle domain obj hash map errors
This makes the driver fail with a clear error message in case of UUID
collisions (for example if somebody copied a container configuration
without updating the UUID) and also raises an error on other hash map
failures.

OpenVZ itself doesn't complain about duplicate UUIDs since this
parameter is only used by libvirt.
2012-07-11 10:40:03 +02:00
Christophe Fergeau
626dd5180e Fix /domain/features setting in qemuParseCommandLine
Commit 5e6ce1 moved down detection of the ACPI feature in
qemuParseCommandLine. However, when ACPI is detected, it clears
all feature flags in def->features to only set ACPI. This used to
be fine because this was the first place were def->features was set,
but after the move this is no longer necessarily true because this
block comes before the ACPI check:

if (strstr(def->emulator, "kvm")) {
    def->virtType = VIR_DOMAIN_VIRT_KVM;
    def->features |= (1 << VIR_DOMAIN_FEATURE_PAE);
}

Since def is allocated in qemuParseCommandLine using VIR_ALLOC, we
can always use |= when modifying def->features
2012-07-11 09:10:21 +02:00
Eric Blake
0867a87721 build: detect all improper uses of _("%s")
The only useful translation of "%s" as a format string is "%s" (I
suppose you could claim "%1$s" is also valid, but why bother).  So
it is not worth translating; fixing this exposes some instances
where we were failing to translate real error messages.  This makes
the fix of commit 097da1ab more generic, as well as ensuring no
future regressions.

* cfg.mk (sc_prohibit_useless_translation): New rule.
* src/lxc/lxc_driver.c (lxcSetVcpuBWLive): Fix offender.
* src/openvz/openvz_conf.c (openvzReadFSConf): Likewise.
* src/qemu/qemu_cgroup.c (qemuSetupCgroupForVcpu): Likewise.
* src/qemu/qemu_driver.c (qemuSetVcpusBWLive): Likewise.
* src/xenapi/xenapi_utils.c (xenapiSessionErrorHandle): Likewise.
2012-07-10 15:49:41 -06:00
Osier Yang
67d79ad7ff util: Use current uid and gid if they are passed as -1 for virDirCreate
All the callers of virDirCreate are updated incidentally.
2012-07-10 21:42:16 +08:00
Osier Yang
ea9509b9e8 virsh: Ensure the parents of the readline history path exists
Instead of changing the existed virFileMakePath to accept mode
argument and modifying a pile of its uses, this patch introduces
virFileMakePathWithMode, and use it instead of mkdir() to create
the readline history dir.
2012-07-10 21:37:13 +08:00
tangchen
097da1abbd Fix a string format bug in qemu_cgroup.c
Signed-off-by: Tang Chen <tangchen@cn.fujitsu.com>
2012-07-10 17:06:56 +08:00
Eric Blake
56f34e5573 build: fix typo that breaks non-Linux builds
Commit 9612e4b2 introduced a typo and unused variable that break
non-Linux builds.

* src/util/virfile.c (virFileLoopDeviceAssociate): Fix syntax error.
2012-07-09 15:50:59 -06:00
Peter Krempa
48b7851998 storage_backend_fs: Allocate entry for host before accessing it
Commit 122fa379de introduces option to
store more than one host entry in a storage pool source definition. That
commit causes a regression, where a check is added that only one host
entry should be present (that actualy is not present as the source
structure was just allocated and zeroed) instead of allocating memory
for the host entry.
2012-07-09 16:28:16 +02:00
Peter Krempa
ab9c72ae9e storage_backend_fs: Don't free a part of a structure on error
As the storage pool sources are stored in a list of structs, the pointer
returned by virStoragePoolSourceListNewSource() shouldn't be freed as it
points in the middle of a memory block. This combined with a regression
that takes the error path every time on caused a double-free abort on
the src struct in question.
2012-07-09 16:25:15 +02:00
Peter Krempa
73f4b30882 storage_conf: Break long line and polish coding style 2012-07-09 16:19:50 +02:00
Matthias Bolte
017edaf79a esx: Wrap libcurl multi handle 2012-07-08 11:28:44 +02:00
Daniel P. Berrange
6068754670 Only ummount /proc, /sys, /dev if the root source is '/'
Previous commits added code to unmount the existing /proc,
/sys and /dev hierarchies on the root filesystem of the
container. This should only have been done if the container's
root filesystem was the same as the host's root. ie if
the root source is '/'.   As it is, this causes LXC containersr
to fail to start if their root source is not '/'

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 17:40:52 +01:00
Daniel P. Berrange
9a4d0b5170 Switch to using virNetServer APIs for monitor socket
In preparation for introducing a full RPC protocol for
libvirt_lxc, switch over to using the virNetServer APIs
for the monitor connection

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
9612e4b2e7 Move loop device setup code into virfile.{c,h}
While it is not currently used elsewhere in libvirt, the code
for finding a free loop device & associating a file with it
is not LXC specific. Move it into the viffile.{c,h} file where
potentially shared code is more commonly kept.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
f547e8768d Move cgroup objects into virLXCControllerPtr
Move the cgroup object into virLXCControllerPtr and rename
all the setup methods to include 'Cgroup' in their name
if appropriate

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
deba8b0c4c Move monitor into virLXCControllerPtr
Move the monitor FDs into the virLXCControllerPtr object
removing the need for the 'struct lxcMonitor' object

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
4c87afe0ac Move /dev/pts setup out of virLXCControllerRun
The virLXCControllerRun method is getting a little too large,
and about 50% of its code is related to setting up a /dev/pts
mount. Move the latter out into a dedicated method

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
25aa053282 Move security manager into virLXCControllerPtr object
Move the security manager object into the virLXCControllerPtr
object. Also simplify the code creating it in the first place

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
37441d89d5 Move loop device FDs into virLXCControllerPtr object
Move the list of loop device FDs into the virLXCControllerPtr
object and make sure that virLXCControllerStopInit will
close them all

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
ef07d89f1f Move daemon handshake FD into virLXCControllerPtr
Keep the FD used to handshake with the libvirtd daemon in the
virLXCControllerPtr object.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
eddca75a14 Make console handling part of virLXCControllerPtr
Turn 'struct lxc_console' into virLXCControllerConsolePtr and make it
a part of virLXCControllerPtr

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:10 +01:00
Daniel P. Berrange
7a4bf9c39c Store the init PID in the virLXCController object
Keep a record of the init PID in the virLXCController object
and create a virLXCControllerStopInit method for killing this
process

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Daniel P. Berrange
ba797c73e6 Move veth device management into virLXCControllerPtr object
Move the veth device name state into the virLXCControllerPtr
object and stop passing it around. Also use size_t instead
of unsigned int for the array length parameters.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Daniel P. Berrange
d624ad6a3d Introduce a virLXCControllerPtr object to hold LXC controller state
The LXC controller code is having to pass around an ever increasing
number of parameters between methods. To make the code more managable
introduce a virLXCControllerPtr to hold all this state, starting with
the container name and virDomainDefPtr object

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Daniel P. Berrange
284143bbee Avoid build shared source files again for libvirt_lxc
Currently the build of libvirt_lxc will cause recompilation
of all sources under src/util, src/conf, src/security and
more. Switch the libvirt_lxc process to link against the
libtool convenience libraries that are already built as
part of the main libvirt.os & libvirtd build process

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Daniel P. Berrange
dff6d809fb Allow RPC server to run single threaded
Refactor the RPC server dispatcher code so that if 'max_workers==0'
the entire server will run single threaded. This is useful for
use cases where there will only ever be 1 client connected
which serializes its requests

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Daniel P. Berrange
c6b2d5d082 Add a opaque parameter to the RPC client init callback
The callback that is invoked when a new RPC client is
initialized does not have any opaque parameter. Add
one so that custom data can be passed into the callback

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-07-05 10:46:09 +01:00
Wido den Hollander
ccb9478500 qemu: Always set auth_supported for Ceph disks.
Recently the Ceph project defaulted auth_supported from 'none' to 'cephx'.

When no auth information was set for Ceph disks this would lead to librados defaulting to
'cephx', but there would be no additional authorization information.

We now explicitly set auth_supported to none when passing down arguments to Qemu.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2012-07-05 17:01:56 +08:00
Jean-Baptiste Rouault
fe04138ea0 vmware: detect when a domain was shut down from the inside
This patch adds an internal function vmwareUpdateVMStatus to
update the real state of the domain. This function is used in
various places in the driver, in particular to detect when
the domain has been shut down by the user with the "halt"
command.
2012-07-04 11:41:13 +02:00
Peter Krempa
d59e10338d remote: Fill remote parameters in remoteDomainListAllSnapshots()
This patch fills the domain argument that is sent to the remote side.
This caused a client segfault as the argument was NULL.
2012-07-04 11:16:47 +02:00
Peter Krempa
a4f74cd09a qemu: Mark domains as having managed state image only on managed save
QEMU domains were marked as having managed save image even if they were
saved using the regular save. With this patch, domains are marked so
only when using managed save API.
2012-07-04 11:06:51 +02:00
Hendrik Schwartke
a3389319ba Added the attribute vendor_id to the cpu model
Introducing the attribute vendor_id to force the CPUID instruction
in a kvm guest to return the specified vendor.
2012-07-03 12:06:38 +02:00
Josh Durgin
78290b1641 qemu: add rbd to whitelist of migration-safe formats
QEMU (and librbd) flush the cache on the source before the
destination starts, and the destination does not read any
changeable data before that, so live migration with rbd caching
is safe.

This makes 'virsh migrate' work with rbd and caching without the
--unsafe flag.

Reported-by: Vladimir Bashkirtsev <vladimir@bashkirtsev.com>
Signed-off-by: Josh Durgin <josh.durgin@inktank.com>
2012-07-02 14:52:27 -06:00
lvroyce
811cea18f3 fix key error for qemuMonitorGetBlockStatsInfo
virDomainBlockStatsFlags can't collect total_time_ns for read/write/flush
because of key typo when retriveing from qemu cmd result

Signed-off-by: lvroyce <lvroyce@linux.vnet.ibm.com>
2012-07-02 17:52:47 +08:00
Eric Blake
791d095235 build: use correct limit for unsigned long long
Reported by Jason Helfman as a build-breaker on FreeBSD.

* src/conf/domain_conf.c (virDomainFSDefParseXML): Use POSIX
spelling.
* src/openvz/openvz_conf.c (openvzReadFSConf): Likewise.
2012-06-29 15:14:01 -06:00
Stefan Berger
b1675bac67 nwfilter: Fix memory leak
Below patch fixes this coverity report:

/libvirt/src/conf/nwfilter_conf.c:382:
leaked_storage: Variable "varAccess" going out of scope leaks the storage it points to.
2012-06-29 14:36:15 -04:00
Daniel P. Berrange
5bb83236c9 Remove sub-mounts under /dev when starting an LXC container
Since we are mounting a new /dev in the container, we must
remove any sub-mounts like /dev/shm, /dev/mqueue, etc,
otherwise they'll be recorded in /proc/mounts, but not be
accessible to applications.
2012-06-29 16:29:33 +01:00
Eiichi Tsukata
0ac3baee2c Fix vm's outbound traffic control problem
Hello,

This is a patch to fix vm's outbound traffic control problem.

Currently, vm's outbound traffic control by libvirt doesn't go well.
This problem was previously discussed at libvir-list ML, however
it seems that there isn't still any answer to the problem.
http://www.redhat.com/archives/libvir-list/2011-August/msg00333.html

I measured Guest(with virtio-net) to Host TCP throughput with the
command "netperf -H".
Here are the outbound QoS parameters and the results.

outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s]
======================================================================
1024  (8Mbit/s)                    : 4.56
2048  (16Mbit/s)                   : 3.29
4096  (32Mbit/s)                   : 3.35
8192  (64Mbit/s)                   : 3.95
16384 (128Mbit/s)                  : 4.08
32768 (256Mbit/s)                  : 3.94
65536 (512Mbit/s)                  : 3.23

The outbound traffic goes down unreasonably and is even not controled.

The cause of this problem is too large mtu value in "tc filter" command run by
libvirt. The command uses burst value to set mtu and the burst is equal to
average rate value if it's not set. This value is too large. For example
if the average rate is set to 1024 kilobytes/s, the mtu value is set to 1024
kilobytes. That's too large compared to the size of network packets.
Here libvirt applies tc ingress filter to Host's vnet(tun) device.
Tc ingress filter is implemented with TBF(Token Buckets Filter) algorithm. TBF
uses mtu value to calculate the amount of token consumed by each packet. With too
large mtu value, the token consumption rate is set too large. This leads to
token starvation and deterioration of TCP throughput.

Then, should we use the default mtu value 2 kilobytes?
The anser is No, because Guest with virtio-net device uses 65536 bytes
as mtu to transmit packets to Host, and the tc filter with the default mtu
value 2k drops packets whose size is larger than 2k. So, the most packets
is droped and again leads to deterioration of TCP throughput.

The appropriate mtu value is 65536 bytes which is equal to the maximum value
of network interface device defined in <linux/netdevice.h>. The value is
not so large that it causes token starvation and not so small that it
drops most packets.
Therefore this patch set the mtu value to 64kb(== 65535 bytes).

Again, here are the outbound QoS parameters and the TCP throughput with
the libvirt patched.

outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s]
======================================================================
1024  (8Mbit/s)                    : 8.22
2048  (16Mbit/s)                   : 16.42
4096  (32Mbit/s)                   : 32.93
8192  (64Mbit/s)                   : 66.85
16384 (128Mbit/s)                  : 133.88
32768 (256Mbit/s)                  : 271.01
65536 (512Mbit/s)                  : 547.32

The outbound traffic conforms to the given limit.

Thank you,

Signed-off-by: Eiichi Tsukata <eiichi.tsukata.xh@hitachi.com>
2012-06-29 10:56:13 +02:00
Peter Krempa
96ebb4fe58 network_conf: Don't free uninitialized pointers while parsing DNS SRV
If the user specified invalid protocol type in a network's SRV record
the error path ended up in freeing uninitialized pointers causing a
daemon crash.

*network_conf.c: virNetworkDNSSrvDefParseXML(): initialize local
                                                variables
2012-06-28 23:42:50 +02:00
Peter Krempa
6117c35829 conf: Don't shadow error from virGetDomain()
virGetDomain() does a good job of reporting errors itself. This patch
removes shadowing of that error in virDomainListPopulate().
2012-06-28 17:56:46 +02:00
Peter Krempa
11bdab02c2 maint: include ignore-value in internal.h
The ignore_value macro is used across libvirt. This patch includes it in
the internal header and cleans all other includes.
2012-06-28 16:36:30 +02:00
Peter Krempa
f38df54b41 vbox: Add support for virConnectListAllDomains()
VirtualBox doesn't use the common virDomainObj implementation so this
patch adds a separate implementation using the VirtualBox API.

This driver implementation supports all currently defined flags. As
VirtualBox does not support transient guests, managed save images and
autostarting we assume all guests are persistent, don't have a managed
save image and are not autostarted. Filtering for existence of those
properities results in empty list.
2012-06-28 16:36:18 +02:00
Osier Yang
8116529409 storage: Error out if the target is already mounted for netfs pool
mnt_fsname can not be the same, as we check the duplicate pool
sources earlier before, means it can't be the same pool, moreover,
a pool can't be started if it's already active anyway. So no reason
to act as success.
2012-06-28 11:53:40 +08:00
Michal Privoznik
cd15303fd1 events: Don't fail on registering events for two different domains
virConnectDomainEventRegisterAny() takes a domain as an argument.
So it should be possible to register the same event (be it
VIR_DOMAIN_EVENT_ID_LIFECYCLE for example) for two different domains.
That is, we need to take domain into account when searching for
duplicate event being already registered.
2012-06-27 16:20:41 +02:00
Christophe Fergeau
0b7ad22ba6 doc: fix typo in virDomainDestroy API doc 2012-06-27 14:49:59 +02:00
Thang Pham
cdea24c56c S390: Added sysinfo for host on s390(x).
In order to retrieve some sysinfo data we need to parse /proc/sysinfo and
/proc/cpuinfo.

Signed-off-by: Thang Pham <thang.pham@us.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-06-25 16:43:18 +02:00
Viktor Mihajlovski
2abbffec6e S390: Fixed core identification for s390
For the s390x architecture the sysfs core_id alone is not unique. As a
result it can happen that libvirt thinks there are less host CPUs available
than really present.
Currently, a logical CPU is equivalent to a core for s390x. We therefore
produce a fake core id from the CPU number.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-06-25 16:43:18 +02:00
Thang Pham
bf2e40fac0 S390: Fixed Parser for /proc/cpuinfo needs to be adapted for your architecture
Minimal CPU "parser" for s390 to avoid compile time warning.

Signed-off-by: Thang Pham <thang.pham@us.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-06-25 16:43:18 +02:00
Thang Pham
c7c8080469 S390: CPU support for s390(x)
Adding CPU encoder/decoder for s390 to avoid runtime error messages.

Signed-off-by: Thang Pham <thang.pham@us.ibm.com>
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-06-25 16:43:18 +02:00
Viktor Mihajlovski
6a6c347118 S390: Override QEMU_CAPS_NO_ACPI for s390x
Starting a KVM guest on s390 fails immediately. This is because
"qemu --help" reports -no-acpi even for the s390(x) architecture but
-no-acpi isn't supported there.
Workaround is to remove QEMU_CAPS_NO_ACPI from the capability set
after the version/capability extraction.

Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
2012-06-25 16:43:18 +02:00
Wido den Hollander
97485bd0b5 storage backend rbd: Do not prefix rbd: on volume names.
We used to prefix 'rbd:' to volume names, this is not necessary.

Qemu takes RBD devices in this way, like: qemu -drive rbd:pool/image

When attaching a network disk like RBD to a guest we however do not use this prefix.

Currently you can't map a RBD volume name directly to a domain without removing the prefix.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2012-06-25 16:43:18 +02:00
Osier Yang
968b6c60e9 qemu: Improve error if setmem fails for lacking of balloon support
"cannot set memory of an active domain" is misleading, it sounds
like setting memory of active domain is not supported.
2012-06-25 21:34:22 +08:00
Daniel P. Berrange
d7f9d82753 Include the default listen address in the live guest XML
If no 'listen' attribute or <listen> element is set in the
guest XML, the default driver configured listen address is
used. There is no way to client applications to determine
what this address is though. When starting the guest, we
should update the live XML to include this default listen
address
2012-06-25 13:05:55 +01:00
Michal Privoznik
8d27005b50 storage: Introduce --inactive for pool-dumpxml
Storage is one of the last domains in libvirt where we don't fully
utilize inactive and live XML. Okay, it might be because we don't
have support for that. So implement such support. However, we need
to fallback when talking to old daemon which doesn't support this
new flag called VIR_STORAGE_XML_INACTIVE.
2012-06-25 13:23:28 +02:00
Michal Privoznik
803dc0a5ba storage: Switch to new def on pool-destroy
Currently, we share the idea of old & new def with domains. Users can
*-edit an object (domain, pool) which spawns a new internal
representation for them. This is referenced via
{domainObj,poolObj}->newDef [compared to ->def]. However, for pool we
were never overwriting def with newDef. This must be done on
pool-destroy (like we do analogically in domain detroy).
2012-06-25 13:03:44 +02:00
Michal Privoznik
85ce98250e sanlock: Properly indent
One of latest patches (0fce94fe) didn't properly indented #define
making syntax-check fail.
2012-06-25 12:46:21 +02:00
Daniel Veillard
0fce94fe1b Fix compilation on older sanlock
Temporary fix since compilation broke with older version of
sanlock following acbd4965c4
2012-06-25 18:36:28 +08:00
Daniel P. Berrange
9273e07f9e Remove stray debug fprintf in XML parser 2012-06-25 11:26:29 +01:00
Daniel J Walsh
465c055f4a Support bind mounting host files, as well as directories in LXC
Currently libvirt-lxc checks to see if the destination exists and is a
directory.  If it is not a directory then the mount fails.  Since
libvirt-lxc can bind mount files on an inode, this patch is needed to
allow us to bind mount files on files.  Currently we want to bind mount
on top of /etc/machine-id, and /etc/adjtime

If the destination of the mount point does not exists, it checks if the
src is a directory and then attempts to create a directory, otherwise it
creates an empty file for the destination.  The code will then bind mount
over the destination.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-06-25 10:56:38 +01:00
Daniel P. Berrange
931b7d194a winsock2.h must always be included before windows.h
Some GNULIB headers (eg unistd.h) will often need to include
winsock2.h for various symbols. There is a rule that winsock2.h
must be included before windows.h. This means that any file
which does

  #ifdef WIN32
  #include <windows.h>
  #endif
  #include <unistd.h>

is potentially broken. A simple rule is that /all/ includes of
windows.h must be matched with a preceding include of winsock2.h
regardless of whether unistd.h is used currently

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-06-25 10:41:10 +01:00
Daniel P. Berrange
acbd4965c4 Add support for shared sanlock leases
A sanlock lease can be marked as shared (rather
than exclusive)  using SANLK_RES_SHARED flag. This
adds support for that flag and ensures that in auto
disk mode, any shared disks use shared leases. This
also makes any read-only disks be completely
ignored.

These changes remove the need for the option

  ignore_readonly_and_shared_disks

so that is removed

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-06-25 10:17:56 +01:00
Daniel P. Berrange
3b1ddec1ef Add support for guest bind mounts with LXC
Currently you can configure LXC to bind a host directory to
a guest directory, but not to bind a guest directory to a
guest directory. While the guest container init could do
this itself, allowing it in the libvirt XML means a stricter
SELinux policy can be written
2012-06-25 10:17:56 +01:00
Daniel P. Berrange
76b644c362 Add support for RAM filesystems for LXC
Introduce a new syntax for filesystems to allow use of a RAM
filesystem

   <filesystem type='ram'>
      <source usage='10' units='MiB'/>
      <target dir='/mnt'/>
   </filesystem>

The usage units default to KiB to limit consumption of host memory.

* docs/formatdomain.html.in: Document new syntax
* docs/schemas/domaincommon.rng: Add new attributes
* src/conf/domain_conf.c: Parsing/formatting of RAM filesystems
* src/lxc/lxc_container.c: Mounting of RAM filesystems

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-06-25 10:17:56 +01:00
Hu Tao
9c77bf04b0 fix a bug of ref count in virnetserver.c
The test of ref count is not protected by lock, which is unsafe because
the ref count may have been changed by other threads during the test.

This patch fixes this.
2012-06-22 12:13:42 -06:00
Jim Fehlig
0dda594da9 Fix deadlock on libvirtd shutdown
When shutting down libvirtd, the virNetServer shutdown can deadlock
if there are in-flight jobs being handled by virNetServerHandleJob().
virNetServerFree() will acquire the virNetServer lock and call
virThreadPoolFree() to terminate the workers, waiting for the workers
to finish.  But in-flight workers will attempt to acquire the
virNetServer lock, resulting in deadlock.

Fix the deadlock by unlocking the virNetServer lock before calling
virThreadPoolFree().  This is safe since the virNetServerPtr object
is ref-counted and only decrementing the ref count needs to be
protected.  Additionally, there is no need to re-acquire the lock
after virThreadPoolFree() completes as all the workers have
terminated.
2012-06-21 11:38:51 -06:00
Gerd Hoffmann
fd4fd420b4 qemu: Add xhci support
qemu 1.1 features a xhci controller,
this patch adds support for it.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2012-06-21 16:33:00 +02:00
Osier Yang
fafb80a145 util: Fix the indention
src/util/util.c: virFileOpenAs.
2012-06-21 14:59:55 +08:00
Jim Fehlig
57349ffc10 Initialize random generator in lxc controller
The lxc contoller eventually makes use of virRandomBits(), which was
segfaulting since virRandomInitialize() is never invoked.

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff554d560 in random_r () from /lib64/libc.so.6
(gdb) bt
0  0x00007ffff554d560 in random_r () from /lib64/libc.so.6
1  0x0000000000469eaa in virRandomBits (nbits=32) at util/virrandom.c:80
2  0x000000000045bf69 in virHashCreateFull (size=256,
    dataFree=0x4aa2a2 <hashDataFree>, keyCode=0x45bd40 <virHashStrCode>,
    keyEqual=0x45bdad <virHashStrEqual>, keyCopy=0x45bdfa <virHashStrCopy>,
    keyFree=0x45be37 <virHashStrFree>) at util/virhash.c:134
3  0x000000000045c069 in virHashCreate (size=0, dataFree=0x4aa2a2 <hashDataFree>)
    at util/virhash.c:164
4  0x00000000004aa562 in virNWFilterHashTableCreate (n=0)
    at conf/nwfilter_params.c:686
5  0x00000000004aa95b in virNWFilterParseParamAttributes (cur=0x711d30)
    at conf/nwfilter_params.c:793
6  0x0000000000481a7f in virDomainNetDefParseXML (caps=0x702c90, node=0x7116b0,
    ctxt=0x7101b0, bootMap=0x0, flags=0) at conf/domain_conf.c:4589
7  0x000000000048cc36 in virDomainDefParseXML (caps=0x702c90, xml=0x710040,
    root=0x7103b0, ctxt=0x7101b0, expectedVirtTypes=16, flags=0)
    at conf/domain_conf.c:8658
8  0x000000000048f011 in virDomainDefParseNode (caps=0x702c90, xml=0x710040,
    root=0x7103b0, expectedVirtTypes=16, flags=0) at conf/domain_conf.c:9360
9  0x000000000048ee30 in virDomainDefParse (xmlStr=0x0,
    filename=0x702ae0 "/var/run/libvirt/lxc/x.xml", caps=0x702c90,
    expectedVirtTypes=16, flags=0) at conf/domain_conf.c:9310
10 0x000000000048ef00 in virDomainDefParseFile (caps=0x702c90,
    filename=0x702ae0 "/var/run/libvirt/lxc/x.xml", expectedVirtTypes=16, flags=0)
    at conf/domain_conf.c:9332
11 0x0000000000425053 in main (argc=5, argv=0x7fffffffe2b8)
    at lxc/lxc_controller.c:1773
2012-06-20 23:28:09 -06:00
Osier Yang
e4cfe5f699 storage: Set the perms if the pool target already exists for fs pools
The comment says:

/* Now create the final dir in the path with the uid/gid/mode
 * requested in the config. If the dir already exists, just set
 * the perms.
 */

However, virDirCreate is only invoked if the target path doesn't
exist yet (which is opposite with the comment), or the uid from
the config is not -1 (I don't understand why, think it's just
another mistake). And the result is the perms of the pool won't
be changed if one tries to build the pool with different perms
again.

Besides these logic error fix, if no uid and gid are specified in
the config, the practical used uid, gid are reflected.
2012-06-21 11:06:41 +08:00
Eric Blake
d4edc089f5 snapshot: implement new APIs for esx and vbox
The two new APIs are rather trivial; based on bits and pieces of
other existing APIs.  But rather than blindly return 0 or 1 for
HasMetadata, I chose to first validate that the snapshot in
question in fact exists.

* src/esx/esx_driver.c (esxDomainSnapshotIsCurrent)
(esxDomainSnapshotHasMetadata): New functions.
* src/vbox/vbox_tmpl.c (vboxDomainSnapshotIsCurrent)
(vboxDomainSnapshotHasMetadata): Likewise.
2012-06-20 11:18:48 -06:00
Eric Blake
e3fe4102c1 snapshot: require existence before returning success
Blindly returning success is misleading if the object no longer
exists; it is a bit better to check for existence up front before
returning information about that object.  This pattern matches the
fact that most of our other APIs check for existence as a side
effect prior to getting at the real piece of information being
queried.

* src/esx/esx_driver.c (esxDomainIsUpdated, esxDomainIsPersistent):
Add existence checks.
* src/vbox/vbox_tmpl.c (vboxDomainIsPersistent)
(vboxDomainIsUpdated): Likewise.
2012-06-20 10:27:57 -06:00
Peter Krempa
33dc8cf018 drivers: Implement virListAllDomains for drivers using virDomainObj
This patch adds support for listing all domains into drivers that use
the common virDomainObj implementation: libxl, lxc, openvz, qemu, test,
uml, vmware.

For drivers that don't support managed save images the guests are
treated as if they had none, so filtering guests that do have such an
image on this driver succeeds and produces 0 results.
2012-06-20 13:35:26 +02:00
Guido Günther
229773fcbd openvz: check pointer size instead of int
since int is 4 bytes on both i386 and amd64.
2012-06-20 08:06:57 +02:00
Dipankar Sarma
d1778b7148 Fix default USB controller for ppc64
Fix the default usb controller for pseries systems if none
specified.

Signed-off-by: Dipankar Sarma <dipankar@in.ibm.com>
2012-06-19 15:41:55 -06:00
Eric Blake
5488612eb0 list: add qemu snapshot list support
The two new functions are very similar to the existing functions;
just a matter of different arguments and a call to a different
helper function.

* src/qemu/qemu_driver.c (qemuDomainSnapshotListNames)
(qemuDomainSnapshotNum, qemuDomainSnapshotListChildrenNames)
(qemuDomainSnapshotNumChildren): Support new flags.
(qemuDomainListAllSnapshots): New functions.
2012-06-19 14:58:45 -06:00
Eric Blake
8548a9c501 list: new helper function to collect snapshots
Wraps the conversion from 'char *name' to virDomainSnapshotPtr in
a reusable manner.

* src/conf/virdomainlist.h (virDomainListSnapshots): New declaration.
* src/conf/virdomainlist.c (virDomainListSnapshots): Implement it.
* src/libvirt_private.syms (virdomainlist.h): Export it.
2012-06-19 14:51:54 -06:00
Eric Blake
dbb564f862 list: provide RPC call for snapshots
The generator doesn't handle lists of virDomainSnapshotPtr, so
this commit requires a bit more work than some RPC additions.

* src/remote/remote_protocol.x
(REMOTE_PROC_DOMAIN_LIST_ALL_SNAPSHOTS)
(REMOTE_PROC_DOMAIN_SNAPSHOT_LIST_ALL_CHILDREN): New RPC calls,
with corresponding structs.
* daemon/remote.c (remoteDispatchDomainListAllSnapshots)
(remoteDispatchDomainSnapshotListAllChildren): New functions.
* src/remote/remote_driver.c (remoteDomainListAllSnapshots)
(remoteDomainSnapshotListAllChildren): Likewise.
* src/remote_protocol-structs: Regenerate.
2012-06-19 13:50:03 -06:00
Eric Blake
37bb0447bb list: add virDomainListAllSnapshots API
There was an inherent race between virDomainSnapshotNum() and
virDomainSnapshotListNames(), where an additional snapshot could
be created in the meantime, or where a snapshot could be deleted
before converting the name back to a virDomainSnapshotPtr.  It
was also an awkward name: the function operates on domains, not
domain snapshots.  virDomainSnapshotListChildrenNames() suffered
from the same inherent race, although its naming was nicer.

This patch makes things nicer by grabbing a snapshot list
atomically, in the format most useful to the user.

* include/libvirt/libvirt.h.in (virDomainListAllSnapshots)
(virDomainSnapshotListAllChildren): New declarations.
* src/libvirt.c (virDomainSnapshotListNames)
(virDomainSnapshotListChildrenNames): Add cross-references.
(virDomainListAllSnapshots, virDomainSnapshotListAllChildren):
New functions.
* src/libvirt_public.syms (LIBVIRT_0.9.13): Export them.
* src/driver.h (virDrvDomainListAllSnapshots)
(virDrvDomainSnapshotListAllChildren): New callbacks.
* python/generator.py (skip_function): Prepare for later
hand-written versions.
2012-06-19 13:50:03 -06:00
Eric Blake
5873f2e2da snapshot: add additional filters when getting lists
It turns out that one-bit filtering makes it hard to select the inverse
set, so it is easier to provide filtering groups.  For back-compat,
omitting all bits within a group means the group is not used for
filtering, and by definition of a group (each snapshot matches exactly
one bit within the group, and the set of bits in the group covers all
snapshots), selecting all bits also makes the group useless.

Unfortunately, virDomainSnapshotListChildren defined the bit
VIR_DOMAIN_SNAPSHOT_LIST_DESCENDANTS as an expansion rather than a
filter, so we cannot make it part of a filter group, so that bit
(and its counterpart VIR_DOMAIN_SNAPSHOT_LIST_ROOTS for
virDomainSnapshotList) remains a single control bit.

* include/libvirt/libvirt.h.in (virDomainSnapshotListFlags): Add a
couple more flags.
* src/libvirt.c (virDomainSnapshotNum)
(virDomainSnapshotNumChildren): Document them.
(virDomainSnapshotListNames, virDomainSnapshotListChildrenNames):
Likewise, and add thread-safety caveats.
* src/conf/virdomainlist.h (VIR_DOMAIN_SNAPSHOT_FILTERS_*): New
convenience macros.
* src/conf/domain_conf.c (virDomainSnapshotObjListCopyNames)
(virDomainSnapshotObjListCount): Support the new flags.
2012-06-19 13:50:03 -06:00
Martin Kletzander
830d035ff5 domain_conf: fix possible memory leak
Until now, it was possible to crash libvirtd when defining domain with
channel device with missing source element.

When creating new virDomainChrDef, target.port is set to -1, but
unfortunately it is an union with addresses that virDomainChrDefFree
tries to free in case the deviceType is channel. Having the port set
to -1 is intended, however the cleanest way to get around the problems
with the crash seems to be renumbering the VIR_DOMAIN_CHR_CHANNEL_
target types to cover new NONE type (with value 0) being the default
(no target type yet).
2012-06-19 18:20:03 +02:00
Peter Krempa
fbc72a1d0b error: Fix typos in argument checking macros
Macro virCheckNullArgGoto is supposed to check for NULL argument but
checks non-NULL instead.

Macro virCheckNonNullArgReturn reports error as if the argument should
be NULL when it shouldn't.
2012-06-19 16:16:15 +02:00
Gao feng
00828bebda LXC: avoid useless duplicate memory free
when lxcContainerIdentifyCGroups failed, the memory it allocated
has been freed, so we should not free this memory again in
lxcContainerSetupPivortRoot and lxcContainerSetupExtraMounts.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-19 16:09:47 +08:00
Peter Krempa
cd639ec5ff driver: Clean up driver header to space indentation 2012-06-19 00:16:21 +02:00
Eric Blake
ec83c7163e snapshot: merge count and name collection
Another case where we can do the same amount of work with fewer
lines of redundant code, which will make adding new filters easier.

* src/conf/domain_conf.c (virDomainSnapshotNameData): Adjust
struct.
(virDomainSnapshotObjListCount): Delete, now taken care of...
(virDomainSnapshotObjListCopyNames): ...here.
(virDomainSnapshotObjListGetNames): Adjust caller to handle
counting.
(virDomainSnapshotObjListNum): Simplify.
2012-06-18 15:11:28 -06:00
Eric Blake
7e111c6fe6 snapshot: merge domain and snapshot computation
Now that domain listing is a thin wrapper around child listing,
it's easier to have a common entry point.  This restores the
hashForEach optimization lost in the previous patch when there
are no snapshots being filtered out of the entire list.

* src/conf/domain_conf.h (virDomainSnapshotObjListGetNames)
(virDomainSnapshotObjListNum): Add parameter.
(virDomainSnapshotObjListGetNamesFrom)
(virDomainSnapshotObjListNumFrom): Delete.
* src/libvirt_private.syms (domain_conf.h): Drop deleted functions.
* src/conf/domain_conf.c (virDomainSnapshotObjListGetNames):
Merge, and (re)add an optimization.
* src/qemu/qemu_driver.c (qemuDomainUndefineFlags)
(qemuDomainSnapshotListNames, qemuDomainSnapshotNum)
(qemuDomainSnapshotListChildrenNames)
(qemuDomainSnapshotNumChildren): Update callers.
* src/qemu/qemu_migration.c (qemuMigrationIsAllowed): Likewise.
* src/conf/virdomainlist.c (virDomainListPopulate): Likewise.
2012-06-18 15:11:28 -06:00
Eric Blake
06d4a1e429 snapshot: use metaroot node to simplify management
This idea was first suggested by Daniel Veillard here:
https://www.redhat.com/archives/libvir-list/2011-October/msg00353.html

Now that I am about to add more complexity to snapshot listing, it
makes sense to avoid code duplication and special casing for domain
listing (all snapshots) vs. snapshot listing (descendants); adding
a metaroot reduces the number of code lines by having the domain
listing turn into a descendant listing of the metaroot.

Note that this has one minor pessimization - if we are going to list
ALL snapshots without filtering, then virHashForeach is more efficient
than recursing through the child relationships; restoring that minor
optimization will occur in the next patch.

* src/conf/domain_conf.h (_virDomainSnapshotObj)
(_virDomainSnapshotObjList): Repurpose some fields.
(virDomainSnapshotDropParent): Drop unused parameter.
* src/conf/domain_conf.c (virDomainSnapshotObjListGetNames)
(virDomainSnapshotObjListCount): Simplify.
(virDomainSnapshotFindByName, virDomainSnapshotSetRelations)
(virDomainSnapshotDropParent): Match new field semantics.
* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateXML)
(qemuDomainSnapshotReparentChildren, qemuDomainSnapshotDelete):
Adjust clients.
2012-06-18 15:11:28 -06:00
Guido Günther
7dcee3f956 openvz: Fix wordsize on 64 bit architectures
The word size there is 64 bit not 8.
2012-06-18 23:04:20 +02:00
Peter Krempa
2c68080444 conf: Add helper for listing domains on drivers supporting virDomainObj
This patch adds common code to list domains in fashion used by
virListAllDomains with all currently supported flags. The header file
also contains macros that group filters together that are used to
shorten filter conditions.
2012-06-18 21:24:13 +02:00
Peter Krempa
bc8e15592c conf: Store managed save image existence in virDomainObj
This patch stores existence of the image in the object. At start of the
daemon the state is checked and then updated in key moments in domain
lifecycle.
2012-06-18 21:24:13 +02:00
Peter Krempa
9c9de4e64d remote: implement remote protocol for virConnectListAllDomains()
This patch wires up the RPC protocol handlers for
virConnectListAllDomains(). The RPC generator has no support for the way
how virConnectListAllDomains() returns the results so the handler code
had to be done manually.

The new api is handled by REMOTE_PROC_CONNECT_LIST_ALL_DOMAINS, with
number 273 and marked with high priority.
2012-06-18 21:24:13 +02:00
Peter Krempa
747f64eeaf lib: Add public api to enable atomic listing of guest
This patch adds a new public api that lists domains. The new approach is
different from those used before. There are key points to this:

1) The list is acquired atomically and contains both active and inactive
domains (guests). This eliminates the need to call two different list
APIs, where the state might change in between the calls.

2) The returned list consists of virDomainPtrs instead of names or ID's
that have to be converted to virDomainPtrs anyways using separate calls
for each one of them. This is more convenient and saves hypervisor calls.

3) The returned list is auto-allocated. This saves a lot of hassle for
the users.

4) Built in support for filtering. The API call supports various
filtering flags that modify the output list according to user needs.

Available filter groups:
    Domain status:
    VIR_CONNECT_LIST_DOMAINS_ACTIVE, VIR_CONNECT_LIST_DOMAINS_INACTIVE

    Domain persistence:
    VIR_CONNECT_LIST_DOMAINS_PERSISTENT,
    VIR_CONNECT_LIST_DOMAINS_TRANSIENT

    Domain state:
    VIR_CONNECT_LIST_DOMAINS_RUNNING, VIR_CONNECT_LIST_DOMAINS_PAUSED,
    VIR_CONNECT_LIST_DOMAINS_SHUTOFF, VIR_CONNECT_LIST_DOMAINS_OTHER

    Existence of managed save image:
    VIR_CONNECT_LIST_DOMAINS_MANAGEDSAVE,
    VIR_CONNECT_LIST_DOMAINS_NO_MANAGEDSAVE

    Auto-start option:
    VIR_CONNECT_LIST_DOMAINS_AUTOSTART,
    VIR_CONNECT_LIST_DOMAINS_NO_AUTOSTART

    Existence of snapshot:
    VIR_CONNECT_LIST_DOMAINS_HAS_SNAPSHOT,
    VIR_CONNECT_LIST_DOMAINS_NO_SNAPSHOT

5) The python binding returns a list of domain objects that is very neat
to work with.

The only problem with this approach is no support from code generators
so both RPC code and python bindings had to be written manually.

*include/libvirt/libvirt.h.in: - add API prototype
                               - clean up whitespace mistakes nearby
*python/generator.py: - inhibit generation of the bindings for the new
                        api
*src/driver.h: - add driver prototype
               - clean up some whitespace mistakes nearby
*src/libvirt.c: - add public implementation
*src/libvirt_public.syms: - export the new symbol
2012-06-18 21:24:13 +02:00
Gao feng
3477e6b0ab LXC: fix incorrect DEBUG info
print debug info "container support is enabled"
when host support the user or net namespace.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-18 10:21:27 -06:00
Gao feng
0896265cf7 LXC: fix memory leak in lxcContainerSetupExtraMounts
kill the "return 0;" code, it will cause memory leak.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-18 10:21:05 -06:00
Eric Blake
3c42abe661 build: fix whitespace damage
Introduced in commit 1f8c33b67.

* src/lxc/lxc_container.c (lxcContainerGetSubtree): Avoid TAB.
2012-06-18 10:13:57 -06:00
Gao feng
1f8c33b672 LXC: fix memory leak in lxcContainerGetSubtree
when libvirt_lxc trigger oom error in lxcContainerGetSubtree
we should free the alloced memory for mounts.

so when lxcContainerGetSubtree failed,we should do some
memory cleanup in lxcContainerUnmountSubtree.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-18 21:28:21 +08:00
Gao feng
73e2d646fb LXC: fix memory leak in lxcContainerMountFSBlockHelper
we alloc the memory for format in lxcContainerMountDetectFilesystem
but without free it in lxcContainerMountFSBlockHelper.

this patch just call VIR_FREE to free it.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-18 21:28:13 +08:00
Michal Privoznik
d97a234c62 qemu_agent: Wait for events instead of agent response
With latest changes to qemu-ga success on some commands is not reported
anymore, e.g. guest-shutdown or guest-suspend-*. However, errors are
still being reported. Therefore, we need to find different source of
indication if operation was successful. Events.
2012-06-16 09:06:57 +02:00
Michal Privoznik
c12d787eb0 qemu_agent: Add some more debug prints
for agent ref count and qemuProcessHandleAgentDestroy
2012-06-16 09:06:57 +02:00
Eric Blake
350583c859 build: hoist qemu dependence on yajl to configure
Commit 6e769eba made it a runtime error if libvirt was compiled
without yajl support but targets a new enough qemu.  But enough
users are hitting this on self-compiled libvirt that it is worth
erroring out at compilation time, rather than an obscure failure
when trying to use the built executable.

* configure.ac: If qemu is requested and -version works, require
yajl when qemu version is new enough.
* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags): Add
comment.
2012-06-15 19:49:00 -06:00
Jim Fehlig
cc004a6647 Check for errors when parsing bridge interface XML
The return status of virInterfaceDefParseBridge() was not being
checked, potentially resulting in the creation of a broken
interface.
2012-06-15 12:08:40 -06:00
Daniel P. Berrange
b9852862ea Fix launch of libvirtd when DHCP snooping support is not available.
When libpcap is not available, the NWFilter driver provides a
no-op stub for the DHCP snooping initialization. This was
mistakenly returning '-1' instead of '0', so the entire driver
initialization failed
2012-06-15 15:33:51 +01:00
Daniel P. Berrange
50312d4b91 Add more debug logging for libvirtd startup
To facilitate future troubleshooting add a bunch more debugging
statements into important startup parts of libvirt
2012-06-15 15:33:51 +01:00
Wen Congyang
cdef31c562 qemu: allow the client to choose the vmcore's format
This patch updates qemu driver to allow the client to choose the
vmcore's format: memory only or including device state.
2012-06-15 20:36:14 +08:00
Wen Congyang
6fe26d89cc qemu: implement qemu's dump-guest-memory
dump-guest-memory is a new dump mechanism, and it can work when the
guest uses host devices. This patch adds a API to use this new
monitor command.
We will always use json mode if qemu's version is >= 0.15, so I
don't implement the API for text mode.
2012-06-15 20:36:14 +08:00
Wen Congyang
5136c5799f qemu: fix potential dead lock
If we lock the qemu_driver, we should call qemuDomainObjBeginJobWithDriver()
not qemuDomainObjBeginJob().
2012-06-15 20:25:35 +08:00
Daniel P. Berrange
e9d8861e58 Always pivot_root event if the new root source is '/'
This reverts

  commit c16b4c43fc
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Fri May 11 15:09:27 2012 +0100

    Avoid LXC pivot root in the root source is still /

This commit broke setup of /dev, because the code which
deals with setting up a private /dev and /dev/pts only
works if you do a pivotroot.

The original intent of avoiding the pivot root was to
try and ensure the new root has a minimumal mount
tree. The better way todo this is to just unmount the
bits we don't want (ie old /proc & /sys subtrees.
So apply the logic from

  commit c529b47a75
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Fri May 11 11:35:28 2012 +0100

    Trim /proc & /sys subtrees before mounting new instances

to the pivot_root codepath as well
2012-06-14 12:02:03 -04:00
Daniel P. Berrange
92cbe7ae39 Improve error message diagnosing incorrect XML CPU mode
Tell the user what CPU mode value is wrong
2012-06-14 17:01:24 +01:00
Peter Krempa
e0f0131d33 qemu: Enable disconnecting SPICE clients without changing password
Libvirt updates the configuration of SPICE server only when something
changes. This is unfortunate when the user wants to disconnect a
existing spice session when the connected attribute is already
"disconnect".

This patch modifies the conditions for calling the password updater to
be called when nothing changes, but the connected attribute is already
"disconnect".
2012-06-14 15:14:20 +02:00
Peter Krempa
0f4660c878 qemu: Fix off-by-one error while unescaping monitor strings
While unescaping the commands the commands passed through to the monitor
function qemuMonitorUnescapeArg() initialized lenght of the input string
to strlen()+1 which is fine for alloc but not for iteration of the
string.

This patch fixes the off-by-one error and drops the pointless check for
a single trailing slash that is automaticaly handled by the default
branch of switch.
2012-06-14 10:29:36 +02:00
Laine Stump
1f145b2f0f network: fully support/use VIR_NETWORK_XML_INACTIVE flag
commit 52d064f42d added
VIR_NETWORK_XML_INACTIVE in order to allow suppressing the
auto-generated list of VFs in network definitions, and a --inactive
flag to virsh net-dumpxml to take advantage of the flag. However, it
missed out on two opportunities:

1) Use INACTIVE to get the current config of the network as it
   exists on disk, rather than the currently active config.

2) Add INACTIVE to the flags used for the virsh net-edit command, so
   that it won't include the forward-pool interfaces that were
   autogenerated, and so that a re-edit of the network prior to
   restarting it will show any other edits made since the last restart
   of the network. (prior to this patch, if you edited a network a 2nd
   time without restarting, all of the previous edits would magically
   disappear).

In order to fit with the new #define-based generic edit function in
virsh.c, a new function vshNetworkGetXMLDesc() was added. This
function first tries to call virNetworkGetXMLDesc with the INACTIVE
flag added, then retries without if the first attempt fails (in the
manner expected when the server doesn't support it).
2012-06-13 14:53:35 -04:00
Daniel P. Berrange
6510c97bf5 Add some missing hook functions
A core use case of the hook scripts is to be able to do things
to a guest's network configuration. It is possible to hook into
the 'start' operation for a QEMU guest which runs just before
the guest is started. The TAP devices will exist at this point,
but the QEMU process will not. It can be desirable to have a
'started' hook too, which runs once QEMU has started.

If libvirtd is restarted it will re-populate firewall rules,
but there is no QEMU hook to trigger for existing domains.
This is solved with a 'reconnect' hook.

Finally, if attaching to an external QEMU process there needs
to be an 'attach' hook script.

This all also applies to the LXC driver

* docs/hooks.html.in: Document new operations
* src/util/hooks.c, src/util/hooks.c: Add 'started', 'reconnect'
  and 'attach' operations for QEMU. Add 'prepare', 'started',
  'release' and 'reconnect' operations for LXC
* src/lxc/lxc_driver.c: Add hooks for 'prepare', 'started',
  'release' and 'reconnect' operations
* src/qemu/qemu_process.c: Add hooks for 'started', 'reconnect'
  and 'reconnect' operations
2012-06-13 18:23:00 +01:00
Daniel P. Berrange
5d490603a6 client rpc: Fix error checking after poll()
First 'poll' can't return EWOULDBLOCK, and second, we're checking errno
so far away from the poll() call that we've probably already trashed the
original errno value.
2012-06-13 16:01:27 +02:00
Jiri Denemark
4d971dc7ef client rpc: Send keepalive requests from IO event loop
In addition to keepalive responses, we also need to send keepalive
requests from client IO loop to properly detect dead connection in case
a libvirt API is called from the main loop, which prevents any timers to
be called.
2012-06-13 15:58:47 +02:00
Jiri Denemark
d9ad416698 server rpc: Remove APIs for manipulating filters on locked client
We don't need to add or remove filters when client object is already
locked anymore. There's no reason to keep the *Locked variants of those
APIs.
2012-06-13 15:56:41 +02:00
Jiri Denemark
0ec514b359 rpc: Remove unused parameter in virKeepAliveStopInternal
The previous commit removed the only usage of ``all'' parameter in
virKeepAliveStopInternal, which was actually the only reason for having
virKeepAliveStopInternal. This effectively reverts most of commit
6446a9e20c.
2012-06-13 15:53:09 +02:00
Jiri Denemark
bb85f2298e rpc: Do not use timer for sending keepalive responses
When a libvirt API is called from the main event loop (which seems to be
common in event-based glib apps), the client IO loop would properly
handle keepalive requests sent by a server but will not actually send
them because the main event loop is blocked with the API. This patch
gets rid of response timer and the thread which is processing keepalive
requests is also responsible for queueing responses for delivery.
2012-06-13 15:50:55 +02:00
Jiri Denemark
c57103e567 client rpc: Separate call creation from running IO loop
This makes it possible to create and queue new calls while we are
running IO loop.
2012-06-13 15:48:31 +02:00
Jiri Denemark
28c75382b0 rpc: Add APIs for direct triggering of keepalive timer
Add virKeepAliveTimeout and virKeepAliveTrigger APIs that can be used to
set poll timeouts and trigger keepalive timer. virKeepAliveTrigger
checks if it is called to early and does nothing in that case.
2012-06-13 15:46:07 +02:00
Jiri Denemark
a2ba868632 rpc: Refactor keepalive timer code
The code that needs to be run every keepalive interval of inactivity was
only called from a timer and thus from the main event loop. We will need
to call the code directly from another place.
2012-06-13 15:43:45 +02:00
Jiri Denemark
ca9b13e373 client rpc: Drop unused return value of virNetClientSendNonBlock
As we never drop non-blocking calls, the return value that used to
indicate a call was dropped is no longer needed.
2012-06-13 15:41:33 +02:00
Jiri Denemark
ef392614aa client rpc: Just queue non-blocking call if another thread has the buck
As non-blocking calls are no longer dropped, we don't really need to
care that much about their fate and wait for the thread with the buck
to process them. If another thread has the buck, we can just push a
non-blocking call to the queue and be done with it.
2012-06-13 15:39:20 +02:00
Jiri Denemark
78602c4e83 client rpc: Don't drop non-blocking calls
So far, we were dropping non-blocking calls whenever sending them would
block. In case a client is sending lots of stream calls (which are not
supposed to generate any reply), the assumption that having other calls
in a queue is sufficient to get a reply from the server doesn't work. I
tried to fix this in b1e374a7ac but
failed and reverted that commit.

With this patch, non-blocking calls are never dropped (unless the
connection is being closed) and will always be sent.
2012-06-13 15:35:31 +02:00
Jiri Denemark
9e747e5c50 client rpc: Use event loop for writing
Normally, when every call has a thread associated with it, the thread
may get the buck and be in charge of sending all calls until its own
call is done. When we introduced non-blocking calls, we had to add
special handling of new non-blocking calls. This patch uses event loop
to send data if there is no thread to get the buck so that any
non-blocking calls left in the queue are properly sent without having to
handle them specially. It also avoids adding even more cruft to client
IO loop in the following patches.

With this change in, non-blocking calls may see unpredictable delays in
delivery when the client has no event loop registered. However, the only
non-blocking calls we have are keepalives and we already require event
loop for them, which makes this a non-issue until someone introduces new
non-blocking calls.
2012-06-13 15:32:29 +02:00
Jiri Denemark
71689f95ce client rpc: Improve debug messages in virNetClientIO
When analyzing our debug log, I'm always confused about what each of the
pointers mean. Let's be explicit.
2012-06-13 15:24:18 +02:00
Eric Blake
9b5970c6c4 build: fix 'make dist' on virgin checkout
'make dist' was depending on *protocol-structs files, which are
stored in git but in turn depended on generated files.  We still
want to ship the protocol-structs files, but by renaming the
tests to something not matching a file name, we separate 'make
check' (which depends on the generated file) from 'make dist'
(which only depends on the git files).  After all, the tarball
should never depend on a generated file not stored in git.

I found one more case of a git file depending on a generated
file, in a bogus virkeycode.c listing; but at least this one
had no associated rules so it never broke 'make dist'.

Reported by Wen Congyang.  Latent bug has been present since
commit 62dee6f, but only recently exposed by commit 7bff56a.

* src/Makefile.am ($(srcdir)/util/virkeycode.c): Drop useless
dependency.
(BUILT_SOURCES): ...and build virkeymaps.h sooner.
(PROTOCOL_STRUCTS): Rather than depend on the struct file...
(check-local): ...convert things into a phony target of...
(check-protocol): ...a new check.
($(srcdir)/remote_protocol-struct): Rename to isolate the distributed
file from the conditional test.
(PDWTAGS): Deal with rename.  Swap to compare 'expected actual'.
2012-06-12 22:35:55 -06:00
Guido Günther
f5d61d397e openvz: wire up domainUpdateDeviceFlags
so we can update file system quota
2012-06-12 17:59:28 +02:00
Guido Günther
1d82540adf openvz: add persist parameter to openvzSetDiskQuota
with persist=false the domain config file will not be updated.
2012-06-12 17:59:28 +02:00
Guido Günther
0dde544c95 Introduce virDomainFSIndexByName
for containers matching virDomainDiskIndexByName.
2012-06-12 17:59:28 +02:00
Michal Privoznik
86032b2276 qemu: Don't overwrite security labels
Currently, if qemuProcessStart fail at some point, e.g. because
domain being started wants a PCI/USB device already assigned to
a different domain, we jump to cleanup label where qemuProcessStop
is performed. This unconditionally calls virSecurityManagerRestoreAllLabel
which is wrong because the other domain is still using those devices.

However, once we successfully label all devices/paths in
qemuProcessStart() from that point on, we have to perform a rollback
on failure - that is - we have to virSecurityManagerRestoreAllLabel.
2012-06-12 11:14:38 +02:00
Michal Privoznik
69dd77149c qemuProcessStop: Switch to flags
Currently, we are passing only one boolean (migrated) so there is
no real profit in this. But it creates starting position for
next patch.
2012-06-12 09:57:02 +02:00
Eric Blake
e3559a6e66 snapshot: implement new APIs for qemu
The two APIs are rather trivial; based on bits and pieces of other
existing APIs.  It leaves the door open for future extension to
qemu to report snapshots without metadata based on reading qcow2
internal snapshot names.

* src/qemu/qemu_driver.c (qemuDomainSnapshotIsCurrent)
(qemuDomainSnapshotHasMetadata): New functions.
2012-06-11 15:23:02 -06:00
Eric Blake
a2bc4a0c69 snapshot: RPC for new query APIs
Pretty straightforward.

* src/remote/remote_protocol.x
(remote_domain_snapshot_is_current_args)
(remote_domain_snapshot_is_current_ret)
(remote_domain_snapshot_has_metadata_args)
(remote_domain_snapshot_has_metadata_ret): New structs.
(REMOTE_PROC_DOMAIN_SNAPSHOT_IS_CURRENT)
(REMOTE_PROC_DOMAIN_SNAPSHOT_HAS_METADATA): New RPC calls.
* src/remote/remote_driver.c (remote_driver): Call them.
* src/remote_protocol-structs: Regenerate.
2012-06-11 12:04:12 -06:00
Eric Blake
2e13b9ab3c snapshot: new query APIs
Right now, starting from just a virDomainSnapshotPtr, and wanting to
know if it is the current snapshot for its respective domain, you have
to use virDomainSnapshotGetDomain(), then virDomainSnapshotCurrent(),
then compare the two names returned by virDomainSnapshotGetName().
It is a bit easier if we can directly query this information from the
snapshot itself.

Right now, it is possible to filter a snapshot listing based on
whether snapshots have metadata that would prevent domain deletion,
but the only way to learn if an individual snapshot has metadata is
to see if that snapshot appears in the list returned by a listing.
Additionally, I hope to expand the qemu driver in a future patch to
use qemu-img to reconstruct snapshot XML corresponding to internal
qcow2 snapshot names not otherwise tracked by libvirt (in part, so
that libvirt can guarantee that new snapshots are not created with
a name that would silently corrupt the existing portion of the qcow2
file); if I ever get that in, then it would no longer be an all-or-none
decision on whether snapshots have metadata, and becomes all the more
important to be able to directly determine that information from a
particular snapshot.

Other query functions (such as virDomainIsActive) do not have a flags
argument, but since virDomainHasCurrentSnapshot takes a flags argument,
I figured it was safer to provide a flags argument here as well.

* include/libvirt/libvirt.h.in (virDomainSnapshotIsCurrent)
(virDomainSnapshotHasMetadata): New declarations.
* src/libvirt.c (virDomainSnapshotIsCurrent)
(virDomainSnapshotHasMetadata): New functions.
* src/libvirt_public.syms (LIBVIRT_0.9.13): Export them.
* src/driver.h (virDrvDomainSnapshotIsCurrent)
(virDrvDomainSnapshotHasMetadata): New driver callbacks.
2012-06-11 10:43:03 -06:00
Eric Blake
9202f2c220 buf: support peeking at string contents
Right now, the only way to get at the contents of a virBuffer is
to destroy it.  But there are cases in my upcoming patches where
peeking at the contents makes life easier.  I suppose this does
open up the potential for bad code to dereference a stale pointer,
by disregarding the docs that the return value is invalid on the
next virBuf operation, but such is life.

* src/util/buf.h (virBufferCurrentContent): New declaration.
* src/util/buf.c (virBufferCurrentContent): Implement it.
* src/libvirt_private.syms (buf.h): Export it.
* tests/virbuftest.c (testBufAutoIndent): Test it.
2012-06-11 09:21:27 -06:00
Michal Privoznik
539e9b34b9 rpc: Fix memleak in virNetMessageEncodeHeader
My latest patch for RPC rework (a2c304f687) introduced a memory leak.
virNetMessageEncodeHeader() is calling VIR_ALLOC_N(msg->buffer, ...)
despite fact, that msg->buffer isn't VIR_FREE()'d on all paths calling
the function. Therefore, rather than injecting free statement switch to
VIR_REALLOC_N().
2012-06-11 17:02:49 +02:00
Gao feng
e49d792f29 LXC: fix memory leak in lxcContainerMountFSBlockAuto
we forgot to free fslist,just add VIR_FREE(fslist).

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-11 14:18:55 +08:00
Gao feng
0cb787bd3c LXC: fix incorrect parameter of mount in lxcContainerMountFSBind
when do remount,the source and target should be the same
values specified in the initial mount() call.

So change fs->dst to src.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-11 13:03:48 +08:00
Gao feng
a80bb970fc LXC: Delete unused variable src in lxcContainerMountBasicFS
There is no code use the variable "src" in lxcContainerMountBasicFS.
so delete it and VIR_FREE.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
2012-06-11 11:50:53 +08:00
Guido Günther
3ac8fb54f4 Only check for cluster fs if we're using a filesystem
otherwise migration fails for e.g. network filesystems like sheepdog
with:

   error: Invalid relative path 'virt-name': Invalid argument

while we should fail with:

    Migration may lead to data corruption if disks use cache != none

References:

    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676328
    https://www.redhat.com/archives/libvirt-users/2012-May/msg00088.html
2012-06-08 19:54:11 +02:00
Eric Blake
9d08debe88 snapshot: add virDomainSnapshotRef API
virDomainSnapshotPtr has a refcount member, but no one was able
to use it.  Furthermore, all of our other vir*Ptr objects have
a *Ref method to match their *Free method.  Thankfully, this is
client-side only, so we can use this new function regardless of
how old the server side is!  (I have future patches to virsh
that want to use it.)

* include/libvirt/libvirt.h.in (virDomainSnapshotRef): Declare.
* src/libvirt.c (virDomainSnapshotRef): Implement it.
* src/libvirt_public.syms (LIBVIRT_0.9.13): Export it.
2012-06-08 10:32:36 -06:00
Jiri Denemark
d581313acf util: Fix deadlock in virLogReset
When libvirtd forks off a new child, the child then calls virLogReset(),
which ends up closing file descriptors used as log outputs. However, we
recently started logging closed file descriptors, which means we need to
lock logging mutex which was already locked by virLogReset(). We don't
really want to log anything when we are in the process of closing log
outputs.
2012-06-08 10:09:54 +02:00
Cole Robinson
9ec6f818de Fix missing ) in 2 strings
https://bugzilla.redhat.com/show_bug.cgi?id=801656
2012-06-07 17:56:54 -04:00
Li Zhang
04a319ba4e Assign correct address type to spapr-vlan and spapr-vty.
For pseries guest, spapr-vlan and spapr-vty is based
on spapr-vio address. According to model of network
device, the address type should be assigned automatically.
For serial device, serial pty device is recognized as
spapr-vty device, which is also on spapr-vio.

So this patch is to correct the address type of
spapr-vlan and spapr-vty, and build correct
command line of spapr-vty.

Signed-off-by: Li Zhang <zhlcindy@linux.vnet.ibm.com>
Reviewed-by:   Michael Ellerman<michaele@au1.ibm.com>
2012-06-07 14:32:27 -06:00
Eric Blake
5e8ab3915b command: avoid potential deadlock on handshake
There is a theoretical problem of an extreme bug where we can get
into deadlock due to command handshaking.  Thanks to a pair of pipes,
we have a situation where the parent thinks the child reported an
error and is waiting for a message from the child to explain the
error; but at the same time the child thinks it reported success
and is waiting for the parent to acknowledge the success; so both
processes are now blocked.

Thankfully, I don't think this deadlock is possible without at
least one other bug in the code, but I did see exactly that sort
of situation prior to commit da831af - I saw a backtrace where a
double close bug in the parent caused the parent to read from the
wrong fd and assume the child failed, even though the child really
sent success.

This potential deadlock is not quite like commit 858c247 (a deadlock
due to multiple readers on one pipe preventing a write from completing),
although the solution is similar - always close unused pipe fds before
blocking, rather than after.

* src/util/command.c (virCommandHandshakeWait): Close unused fds
sooner.
2012-06-07 09:25:38 -06:00
Martin Kletzander
bda2f17d7e qemu: better detection of crashed domains
When libvirtd is started and there is an unusable/not-connectable
leftover from earlier started machine, it's more reasonable to say
that the machine "crashed" if we know it was started with
"-no-shutdown".
This patch fixes that and also changes the other result (when machine
was started without "-no-shutdown") to "unknown", because the previous
"failed" reason means (according to include/libvirt/libvirt.h.in:174),
that the machine failed to start.
2012-06-07 08:43:03 +02:00
Eric Blake
ca02b101d7 build: fix build of fresh checkout
Commit 7bff56a worked in an incremental build, but fails for a
fresh clone; apparently, if make sees both an actual file
spelling and an inference rule, only the exact spelling is used.

  CCLD   libvirt_driver_test.la
  CC     libvirt_driver_remote_la-remote_driver.lo
remote/remote_driver.c:4707:34: fatal error: remote_client_bodies.h: No such file or directory
compilation terminated.

BUILT_SOURCES to the rescue, instead of trying to mess with .lo
dependencies directly.

* src/Makefile.am (REMOTE_DRIVER_PREREQS, %remote_driver.lo): Drop...
(BUILT_SOURCES): ...and add here instead.
2012-06-06 14:49:27 -06:00
Eric Blake
3c3644d30f build: ensure storage driver is used
Commit 1c275e9a accidentally dropped the storage driver from
libvirtd, because it depended on a C preprocessor macro that
was not defined.  Furthermore, if you do './configure
--without-storage-dir --with-storage-disk' or any other combination
where you explicitly build a subset of storage backends excluding
the dir backend, then the build is broken.

Based on analysis by Osier Yang.

* configure.ac (WITH_STORAGE): Define top-level conditional.
* src/Makefile.am (mod_LTLIBRARIES): Build driver even when
storage_dir is disabled.
* daemon/libvirtd.c: Pick up storage driver for any backend, not
just dir.
* daemon/Makefile.am (libvirtd_LDADD): Likewise.
2012-06-06 12:16:07 +08:00
Michal Privoznik
eb635de1fe rpc: Size up RPC limits
Since we are allocating RPC buffer dynamically, we can increase limits
for max. size of RPC message and RPC string. This is needed to cover
some corner cases where libvirt is run on such huge machines that their
capabilities XML is 4 times bigger than our current limit. This leaves
users with inability to even connect.
2012-06-05 17:48:40 +02:00
Michal Privoznik
a2c304f687 rpc: Switch to dynamically allocated message buffer
Currently, we are allocating buffer for RPC messages statically.
This is not such pain when RPC limits are small. However, if we want
ever to increase those limits, we need to allocate buffer dynamically,
based on RPC message len (= the first 4 bytes). Therefore we will
decrease our mem usage in most cases and still be flexible enough in
corner cases.
2012-06-05 17:48:40 +02:00
Eric Blake
7bff56a0d1 build: fix 'make distcheck' issues
We had a distributed file (remote_protocol.h, which in turn was
a prereq to remote_driver.c) depending on a generated file
(libvirt_probes.h), which is a no-no for a VPATH build from a
read-only source tree (no wonder 'make distcheck' tests precisely
that situation):

     File `libvirt_driver_remote.la' does not exist.
       File `libvirt_driver_remote_la-remote_driver.lo' does not exist.
             Prerequisite `libvirt_probes.h' is newer than target `../../src/remote/remote_protocol.h'.
            Must remake target `../../src/remote/remote_protocol.h'.
Invoking recipe from Makefile:7464 to update target `../../src/remote/remote_protocol.h'.
make[3]: Entering directory `/home/remote/eblake/libvirt-tmp2/build/libvirt-0.9.12/_build/src'
  GEN    ../../src/remote/remote_protocol.h
cannot create ../../src/remote/remote_protocol.h: Permission denied at ../../src/rpc/genprotocol.pl line 31.
make[3]: *** [../../src/remote/remote_protocol.h] Error 13

Rather than making distributed .c files depend on generated files, we
really want to ensure that compilation into .lo files is not attempted
until the generated files are present, done by this patch.  Since there
were two different sets of conditionally generated files that both
feed the .lo file, I had to introduce a new variable REMOTE_DRIVER_PREREQS
to keep automake happy.

After that fix, the next issue was that make treats './foo' and 'foo'
differently in determining whether an implicit %foo rule is applicable,
with the result that locking/qemu-sanlock.conf wasn't properly being
built at the right times.  Also, the output for using the .aug test
files was a bit verbose.

After fixing the src directory, the next error is related to the docs
directory, where the tarball is missing a stamp file and thus tries to
regenerate files that are already present:

  GEN    ../../docs/apibuild.py.stamp
Traceback (most recent call last):
  File "../../docs/apibuild.py", line 2511, in <module>
    rebuild("libvirt")
  File "../../docs/apibuild.py", line 2495, in rebuild
    builder.serialize()
  File "../../docs/apibuild.py", line 2424, in serialize
    output = open(filename, "w")
IOError: [Errno 13] Permission denied: '../../docs/libvirt-api.xml'
make[5]: *** [../../docs/apibuild.py.stamp] Error 1

and fixing that exposed another case of a distributed file (generated
html) depending on a built file (libvirt.h), but only when doing an
in-tree build, because of a file glob.

* src/Makefile.am ($(srcdir)/remote/remote_driver.c): Change...
(libvirt_driver_remote_la-remote_driver.lo): ...to the real
dependency.
($(builddir)/locking/%-sanlock.conf): Drop $(builddir), so that
rule gets run in time for test_libvirt_sanlock.aug.
(test_libvir*.aug): Cater to silent build.
(conf_DATA): Don't ship qemu-sanlock.conf in the tarball, since it
is trivial to regenerate.
* docs/Makefile.am (EXTRA_DIST): Ship our stamp file.
($(APIBUILD_STAMP)): Don't depend on generated file.
2012-06-05 09:20:12 -06:00
Beat Jörg
7508338ff3 Fix for parallel port passthrough for QEMU
I came across a bug that the command line generated for passthrough
of the host parallel port /dev/parport0 by libvirt for QEMU is incorrect.

It currently produces:
-chardev tty,id=charparallel0,path=/dev/parport0
-device isa-parallel,chardev=charparallel0,id=parallel0

The first parameter is "tty". It sould be "parport".

If I launch qemu with -chardev parport,... it works as expected.

I have already filled a bug report (
https://bugzilla.redhat.com/show_bug.cgi?id=823879 ), the topic was
already on the list some months ago:

https://www.redhat.com/archives/libvirt-users/2011-September/msg00095.html

Signed-off-by: Eric Blake <eblake@redhat.com>
2012-06-04 16:46:23 -06:00
Eric Blake
a3bc393e3a maint: command.c whitespace cleanups
Noticed during the previous commit.

* src/util/command.c: Fix some spacing and break long lines.
2012-06-04 16:32:43 -06:00
Eric Blake
858c2476d9 command: avoid deadlock on EPIPE situation
It is possible to deadlock libvirt by having a domain with XML
longer than PIPE_BUF, and by writing a hook script that closes
stdin early.  This is because libvirt was keeping a copy of the
child's stdin read fd open, which means the write fd in the
parent will never see EPIPE (remember, libvirt should always be
run with SIGPIPE ignored, so we should never get a SIGPIPE signal).
Since there is no error, libvirt blocks waiting for a write to
complete, even though the only reader is also libvirt.  The
solution is to ensure that only the child can act as a reader
before the parent does any writes; and then dealing with the
fallout of dealing with EPIPE.

Thankfully, this is not a security hole - since the only way to
trigger the deadlock is to install a custom hook script, anyone
that already has privileges to install a hook script already has
privileges to do any number of other equally disruptive things
to libvirt; it would only be a security hole if an unprivileged
user could install a hook script to DoS a privileged user.

* src/util/command.c (virCommandRun): Close parent's copy of child
read fd earlier.
(virCommandProcessIO): Don't let EPIPE be fatal; the child may
be done parsing input.
* tests/commandhelper.c (main): Set up a SIGPIPE situation.
* tests/commandtest.c (test20): Trigger it.
* tests/commanddata/test20.log: New file.
2012-06-04 13:06:07 -06:00
Laine Stump
80e4b166e1 util: fix "make rpm" when viratomic.h is used
Although src/util/viratomic.h has been added to the repo, up until now
it hasn't been used. Stefan Berger is using it in his proposed dhcp
snooping patches, and an rpm build with those patches failed due to
viratomic.h not being packed up with the rest of the sources.
2012-06-04 14:46:32 -04:00
Jiri Denemark
dfd4584317 file: Log closing filedescriptors
EBADF errors are logged as warnings as they normally indicate a double
close bug. This patch also provides VIR_MASS_CLOSE helper to be user in
the only case of mass close after fork when EBADF should rather be
ignored.
2012-06-04 16:28:15 +02:00
Jiri Denemark
461ed4210f command: Fix debug message during handshake
Probably a result of copy&paste...
2012-06-04 16:25:57 +02:00
Radu Caragea
107f51b69c Fix sync issue in virNetClientStreamEventRemoveCallback
The stream lock is unlocked twice instead of being locked and then
unlocked. Probably a typo.
2012-06-04 09:32:37 +02:00
Stefan Berger
b92d52d3c0 nwfilter: Add multiple IP address support to DHCP snooping
With support for multiple IP addresses per interface in place, this patch
now adds support for multiple IP addresses per interface for the DHCP
snooping code.


Testing:

Since the infrastructure I tested this with does not provide multiple IP
addresses per MAC address (anymore), I either had to plug the VM's interface
from the virtual bride connected directly to the infrastructure to virbr0
to get a 2nd IP address from dnsmasq (kill and run dhclient inside the VM)
or changed the lease file  (/var/run/libvirt/network/nwfilter.leases) and
restart libvirtd to have a 2nd IP address on an existing interface.
Note that dnsmasq can take a lease timeout parameter as part of the --dhcp-range
command line parameter, so that timeouts can be tested that way
(--dhcp-range 192.168.122.2,192.168.122.254,120). So, terminating and restarting
dnsmasq with that parameter is another choice to watch an IP address disappear
after 120 seconds.

Regards,
   Stefan
2012-06-01 19:32:06 -04:00
Stefan Berger
797b47580a nwfilter: move code for IP address map into separate file
The goal of this patch is to prepare for support for multiple IP
addresses per interface in the DHCP snooping code.

Move the code for the IP address map that maps interface names to
IP addresses into their own file. Rename the functions on the way
but otherwise leave the code as-is. Initialize this new layer
separately before dependent layers (iplearning, dhcpsnooping)
and shut it down after them.
2012-06-01 19:32:06 -04:00
Stefan Berger
cec281fcaa nwfilter: add DHCP snooping
This patch adds DHCP snooping support to libvirt. The learning method for
IP addresses is specified by setting the "CTRL_IP_LEARNING" variable to one of
"any" [default] (existing IP learning code), "none" (static only addresses)
or "dhcp" (DHCP snooping).

Active leases are saved in a lease file and reloaded on restart or HUP.

The following interface XML activates and uses the DHCP snooping:

    <interface type='bridge'>
      <source bridge='virbr0'/>
      <filterref filter='clean-traffic'>
        <parameter name='CTRL_IP_LEARNING' value='dhcp'/>
      </filterref>
    </interface>

All filters containing the variable 'IP' are automatically adjusted when
the VM receives an IP address via DHCP. However, multiple IP addresses per
interface are silently ignored in this patch, thus only supporting one IP
address per interface. Multiple IP address support is added in a later
patch in this series.

Signed-off-by: David L Stevens <dlstevens@us.ibm.com>
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2012-06-01 19:32:06 -04:00
Marti Raudsepp
195fa214b6 qemu: move -name arg to be 1st in "ps x" output
Currently, monitoring QEMU virtual machines with standard Unix
sysadmin tools is harder than it has to be. The QEMU command line is
often miles long and mostly redundant, it's hard to tell which process
is which.

This patch reorders the QEMU -name argument to be the first, so it's
immediately visible in "ps x", htop and "atop -c" output.
2012-06-01 15:06:56 -06:00
Laine Stump
6734ce7bc8 qemu: fix netdev alias name assignment wrt type='hostdev'
This patch resolves:

   https://bugzilla.redhat.com/show_bug.cgi?id=827519

The problem is that an interface with type='hostdev' will have an
alias of the form "hostdev%d", while the function that looks through
existing netdevs to determine the name to use for a new addition will
fail if there's an existing entry that does not match the form
"net%d".

This is another of the handful of places that need an exception due to
the hybrid nature of <interface type='hostdev'> (which is not exactly
an <interface> or a <hostdev>, but is both at the same time).
2012-06-01 13:25:56 -04:00
Wen Congyang
b19c236d69 qemu: avoid closing fd more than once
If we migrate to fd, spec->fwdType is not MIGRATION_FWD_DIRECT,
we will close spec->dest.fd.local in qemuMigrationRun(). So we
should set spec->dest.fd.local to -1 in qemuMigrationRun().

Bug present since 0.9.5 (commit 326176179).
2012-05-30 21:41:46 -06:00
Wen Congyang
746ff701e8 command: check for fork error before closing fd
We should not set *outfd or *errfd if virExecWithHook() failed
because the caller may close these fds.

Bug present since v0.4.5 (commit 60ed1d2a).
2012-05-30 21:41:46 -06:00
Eric Blake
f3cfc7c884 fdstream: avoid double close bug
Wen Congyang reported that we have a double-close bug if we fail
virFDStreamOpenInternal, since childfd duplicated one of the fds[]
array contents.  In truth, since we always transfer both members
of fds to other variables, we should close the fds through those
other names, and just use fds[] for pipe().

Bug present since 0.9.0 (commit e886237a).

* src/fdstream.c (virFDStreamOpenFileInternal): Swap scope of
childfd and fds[], to avoid a double close.
2012-05-30 21:41:46 -06:00
Eric Blake
da831afcf2 command: avoid double close bugs
KAMEZAWA Hiroyuki reported a nasty double-free bug when virCommand
is used to convert a string into input to a child command.  The
problem is that the poll() loop of virCommandProcessIO would close()
the write end of the pipe in order to let the child see EOF, then
the caller virCommandRun() would also close the same fd number, with
the second close possibly nuking an fd opened by some other thread
in the meantime.  This in turn can have all sorts of bad effects.

The bug has been present since the introduction of virCommand in
commit f16ad06f.

This is based on his first attempt at a patch, at
https://bugzilla.redhat.com/show_bug.cgi?id=823716

* src/util/command.c (_virCommand): Drop inpipe member.
(virCommandProcessIO): Add argument, to avoid closing caller's fd
without informing caller.
(virCommandRun, virCommandNewArgs): Adjust clients.
2012-05-30 21:41:45 -06:00
Wen Congyang
655cffa0f2 avoid fd leak
virCommandRunAsync() will set errfd if it succeed. We should
close it if virFDStreamOpenInternal() fails.
2012-05-30 14:22:48 -06:00
Wen Congyang
0a045f01cf avoid closing uninitialized fd
If the system does not support bypass cache, we will close fd,
but it is uninitialized.
2012-05-30 13:55:49 -06:00
Martin Kletzander
730cc8d783 Fixes for check and rpm builds without sanlock (and qemu)
Apart from the non-sanlock check build, there is also a little fix for
qemu (EXTRA_DIST had qemu.conf and others inside even if the build was
supposed to be without qemu).
2012-05-30 18:57:50 +02:00
Wen Congyang
23292f7389 build: include augeas-gentest.pl into dist file
We generate *.aug from *.aug.in by augeas-gentest.pl, so this script
should be included in dist file.
2012-05-30 09:56:31 -06:00
Eric Blake
13af87f23c build: use same perl binary throughout build
Some of our rules used $(PERL), while others used 'perl'.  Always
using the variable allows a developer to point to a different (often
better) perl than the default one found on $PATH.

* daemon/Makefile.am ($(srcdir)/remote_dispatch.h): s/perl/$(PERL).
* src/Makefile.am ($(srcdir)/remote/remote_client_bodies.h)
(PDWTAGS, %protocol.c, %_probes.stp): Likewise.
2012-05-30 09:33:55 -06:00
Eric Blake
fb59cf7a58 build: fix testing of augeas files in VPATH builds
Without this fix, a VPATH build (such as used by ./autobuild.sh)
fails with messages like:

make[3]: Entering directory `/home/remote/eblake/libvirt-tmp2/build/daemon'
../../build-aux/augeas-gentest.pl libvirtd.conf ../../daemon/test_libvirtd.aug.in test_libvirtd.aug
cannot read libvirtd.conf: No such file or directory at ../../build-aux/augeas-gentest.pl line 38.

Since the test files are not part of the tarball, we can generate
them into the build dir, but rather than create a subdirectory
just for the test file, it is easier to test them directly in
libvirt.git/src.

* daemon/Makefile.am (AUG_GENTEST): Factor out definition.
(test_libvirtd.aug): Look for correct file.
* src/Makefile.am (AUG_GENTEST): Use $(PERL).
(qemu/test_libvirtd_qemu.aug, lxc/test_libvirtd_lxc.aug)
(locking/test_libvirt_sanlock.aug): Rename to avoid subdirectories.
(check-augeas-qemu, check-augeas-lxc, check-augeas-sanlock): Reflect
location of built tests.
* configure.ac (PERL): Substitute perl.
2012-05-30 09:29:32 -06:00
Michal Privoznik
7454849ec5 virCommand: Extend debug message for handshake
Currently, we are logging only one side of pipes we
create in virCommandRequireHandshake(); This is enough
in cases where pipe2() returns two consecutive FDs. However,
it is not guaranteed and it may return any FDs.
Therefore, it's wise to log the other ends as well.
2012-05-30 14:47:56 +02:00
Martin Kletzander
87dfdb0b92 lxc: return correct number of CPUs
When getting number of CPUs the host has assigned, there was always
number "1" returned. Even though all lxc domains with no pinning
launched by libvirt run on all pCPUs (by default, no matter what's the
number), we should at least return the same number as the user
specified when creating the domain.
2012-05-30 12:51:44 +02:00
Martin Kletzander
be6c46b1b4 build: Fixed generating of libvirt_qemu_probes.h
I added libvirt_qemu_probes.h into BUILT_SOURCES. That makes it
generated, but most probably it is not the clearest way how to do
that, but it fixes the build.
2012-05-30 12:13:13 +02:00
Eric Blake
620dda6661 build: don't lose probes.o files
The previous patch fixed an incremental build, but missed that on
a fresh checkout, we now have nothing left that stops make from
nuking libvirt_qemu_probes.o.

* src/Makefile.am ($(libvirt_driver_qemu_la_SOURCES)): Delete,
since this variable is empty.
(.PRECIOUS): Add %_probes.o, so they don't get nuked as an
intermediate by-product after creating %_probes.lo.
2012-05-29 15:09:01 -06:00
Eric Blake
fca009fd04 build: fix missing dependencies for libvirt-qemu.so
The moment you specify a _DEPENDENCIES, older automake (stupidly)
assumes that you will specify _all_ dependencies for that target.
This stupidity has been fixed in automake 1.12, but we cannot rely on
newer automake everywhere.  For libvirt_la_DEPENDENCIES, we took
care of providing the full list, but for libvirt_qemu_la_DEPENDENCIES,
we were missing the dependency on libvirt_qemu_impl.la, which resulted
in a failed build:

make[3]: Entering directory `/home/ajia/Workspace/libvirt/src'
   CCLD   libvirt_driver_qemu.la
libtool: link: `libvirt_qemu_probes.lo' is not a valid libtool object

* src/Makefile.am (libvirt_driver_qemu_la_DEPENDENCIES): Delete;
automake does a better job if it does the entire job.
2012-05-29 12:51:36 -06:00
Eric Blake
28dbf01d08 build: don't clean a file that belongs in the tarball
Otherwise, 'make rpm' fails with:

make[2]: *** No rule to make target `locking/test_libvirt_sanlock.aug.in', needed by `distdir'.  Stop.
make[2]: Leaving directory `/home/dipankar/src/powerpc/libvirt-ppc/src'
make[1]: *** [distdir] Error 1

Reported by Dipankar Sarma.

* src/Makefile.am (CLEANFILES): Clean only the generated file.
2012-05-29 10:54:50 -06:00
Stefan Berger
67dd486f20 leak_fix.diff
==3240== 23 bytes in 1 blocks are definitely lost in loss record 242 of 744
==3240==    at 0x4C2A4CD: malloc (vg_replace_malloc.c:236)
==3240==    by 0x8077537: __vasprintf_chk (vasprintf_chk.c:82)
==3240==    by 0x509C677: virVasprintf (stdio2.h:199)
==3240==    by 0x509C733: virAsprintf (util.c:1912)
==3240==    by 0x1906583A: qemudStartup (qemu_driver.c:679)
==3240==    by 0x511991D: virStateInitialize (libvirt.c:809)
==3240==    by 0x40CD84: daemonRunStateInit (libvirtd.c:751)
==3240==    by 0x5098745: virThreadHelper (threads-pthread.c:161)
==3240==    by 0x7953D8F: start_thread (pthread_create.c:309)
==3240==    by 0x805FF5C: clone (clone.S:115)
2012-05-29 06:25:59 -04:00
Stefan Berger
423bb74994 Introduce virMacAddr typedef 2012-05-29 06:25:59 -04:00
Daniel P. Berrange
d8199033d6 Fix typo in comment start
src/libvirt.c: s,//,/,
2012-05-28 17:23:16 +01:00
Daniel P. Berrange
d91f3ef497 Santize the reporting of VIR_ERR_INVALID_ERROR
To ensure consistent error reporting of invalid arguments,
provide a number of predefined helper methods & macros.

 - An arg which must not be NULL:

   virCheckNonNullArgReturn(argname, retvalue)
   virCheckNonNullArgGoto(argname, label)

 - An arg which must be NULL

   virCheckNullArgGoto(argname, label)

 - An arg which must be positive (ie 1 or greater)

   virCheckPositiveArgGoto(argname, label)

 - An arg which must not be 0

   virCheckNonZeroArgGoto(argname, label)

 - An arg which must be zero

   virCheckZeroArgGoto(argname, label)

 - An arg which must not be negative (ie 0 or greater)

   virCheckNonNegativeArgGoto(argname, label)

* src/libvirt.c, src/libvirt-qemu.c,
  src/nodeinfo.c, src/datatypes.c: Update to use
  virCheckXXXX macros
* po/POTFILES.in: Add libvirt-qemu.c and virterror_internal.h
* src/internal.h: Define macros for checking invalid args
* src/util/virterror_internal.h: Define macros for reporting
  invalid args

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 16:47:25 +01:00
Eric Blake
1d22ba953b build: silence libtool during tests
Libtool is picky about linking against a module library (aka a .so);
giving lots of warnings like this in the tests directory:

  CCLD   networkxml2argvtest

*** Warning: Linking the executable networkxml2argvtest against the loadable module
*** libvirt_driver_network.so is not portable!

Fix that by splitting things into a convenience library which can
be used directly by the tests, and making the real .so just wrap
the convenience library.

Based on a suggestion by Daniel P. Berrange.

* configure.ac (--with-driver-modules): Fix help test.
* src/Makefile.am (libvirt_driver_xen.la, libvirt_driver_libxl.la)
(libvirt_driver_qemu.la, libvirt_driver_lxc.la)
(libvirt_driver_uml.la): Factor into new convenience libraries.
* tests/Makefile.am (xen_LDADDS, qemu_LDADDS, lxc_LDADDS)
(networkxml2argvtest_LDADD): Link to convenience libraries, not
shared libraries.
2012-05-28 07:19:25 -06:00
Daniel P. Berrange
1e8ecfedeb Fix linking to DTrace probes file
There was no rule forcing libvirt_qemu_probes.o to be built
before libvirt_qemu_probes.lo was used. Also libvirtd was
still referencing the .o file, rather than the .lo file.

Both the .lo and .o file must be listed as DEPENDENCIES,
otherwise libtool will unhelpfully delete the .o file
once the .lo file is created.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 12:35:39 +01:00
Daniel P. Berrange
7cd77b6b2f Fix Win32 build by linking to ole32
The CoTaskMemFree function requires the ole32 DLL to be
linked against. Currently this is only done for the
VirtualBox driver. Also add it to libvirt_util.la

* configure.ac: Unconditionally add ole32 DLL to Win32
* src/Makefile.am: Link old32 to libvirt_util.la
2012-05-28 12:35:39 +01:00
Daniel P. Berrange
de9758ae9b Autogenerate augeas test case from default config files
When adding new config file parameters, the corresponding
additions to the augeas lens' are constantly forgotten.
Also there are augeas test cases, these don't catch the
error, since they too are never updated.

To address this, the augeas test cases need to be auto-generated
from the example config files.

* build-aux/augeas-gentest.pl: Helper to generate an
  augeas test file, substituting in elements from the
  example config files
* src/Makefile.am, daemon/Makefile.am: Switch to
  auto-generated augeas test cases
* daemon/test_libvirtd.aug, daemon/test_libvirtd.aug.in,
  src/locking/test_libvirt_sanlock.aug,
  src/locking/test_libvirt_sanlock.aug.in,
  src/lxc/test_libvirtd_lxc.aug,
  src/lxc/test_libvirtd_lxc.aug.in,
  src/qemu/test_libvirtd_qemu.aug,
  src/qemu/test_libvirtd_qemu.aug.in: Remove example
  config file data, replacing with a ::CONFIG:: placeholder

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 11:07:12 +01:00
Daniel P. Berrange
6c10c04c39 Re-order config options in qemu driver augeas lens
Currently all the config options are listed under a 'vnc_entry'
group. Create a bunch of new groups & move options to the
right place

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 11:02:10 +01:00
Daniel P. Berrange
a9c779caf3 Fix mistakes in augeas lens
Add nmissing 'host_uuid' entry to libvirtd.conf lens and
rename spice_passwd to spice_password in qemu.conf lens

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 11:00:01 +01:00
Daniel P. Berrange
c5c3278e9b Standardize whitespace used in example config files
Instead of doing

  # example_config

use

  #example_config

so it is possible to programatically uncomment example config
options, as distinct from their comment/descriptions

Also delete rogue trailing comma not allowed by lens

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 10:59:13 +01:00
Daniel P. Berrange
076f200689 Add impl of APIs to get user directories on Win32
Add an impl of +virGetUserRuntimeDirectory, virGetUserCacheDirectory
virGetUserConfigDirectory and virGetUserDirectory for Win32 platform.
Also create stubs for non-Win32 platforms which lack getpwuid_r()

In adding these two helpers were added virFileIsAbsPath and
virFileSkipRoot, along with some macros VIR_FILE_DIR_SEPARATOR,
VIR_FILE_DIR_SEPARATOR_S, VIR_FILE_IS_DIR_SEPARATOR,
VIR_FILE_PATH_SEPARATOR, VIR_FILE_PATH_SEPARATOR_S

All this code was adapted from GLib2 under terms of LGPLv2+ license.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 10:55:09 +01:00
Daniel P. Berrange
517368a377 Remove uid param from directory lookup APIs
Remove the uid param from virGetUserConfigDirectory,
virGetUserCacheDirectory, virGetUserRuntimeDirectory,
and virGetUserDirectory

These functions were universally called with the
results of getuid() or geteuid(). To make it practical
to port to Win32, remove the uid parameter and hardcode
geteuid()

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 10:55:06 +01:00
Daniel P. Berrange
54c4d9d90b Fix check for socket existance / daemon spawn
When you try to connect to a socket in the abstract namespace,
the error will be ECONNREFUSED for a non-listening daemon. With
the non-abstract namespace though, you instead get ENOENT. Add
a check for this extra errno when auto-spawning the daemon

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 10:43:09 +01:00
Daniel P. Berrange
ebbcc02639 Remove last usage of PATH_MAX and ban its future use
Remove a number of pointless checks against PATH_MAX and
add a syntax-check rule to prevent its use in future

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-28 10:43:01 +01:00
Eric Blake
0159295d29 build: silence libtool warning on probes.o
Libtool supports linking directly against .o files on some platforms
(such as Linux), which happens to be the only place where we are
actually doing that (for the dtrace-generated probes.o files).  However,
it raises a big stink about the non-portability, even though we don't
attempt it on platforms where it would actually fail:

  CCLD   libvirt_driver_qemu.la

*** Warning: Linking the shared library libvirt_driver_qemu.la against
the non-libtool
*** objects  libvirt_qemu_probes.o is not portable!

This shuts libtool up by creating a proper .lo file that matches
what libtool normally expects.

* src/Makefile.am (%_probes.lo): New rule.
(libvirt_probes.stp, libvirt_qemu_probes.stp): Simplify into...
(%_probes.stp): ...shorter rule.
(CLEANFILES): Clean new .lo files.
(libvirt_la_BUILT_LIBADD, libvirt_driver_qemu_la_LIBADD)
(libvirt_lxc_LDADD, virt_aa_helper_LDADD): Link against .lo file.
* tests/Makefile.am (PROBES_O, qemu_LDADDS): Likewise.
2012-05-25 12:00:05 -06:00
Douglas Schilling Landgraf
cdd762e425 qemu augeas: Add spice_tls/spice_tls_x509_cert_dir
If vdsm is installed and configured in Fedora 17, we add the following
items into qemu.conf:

spice_tls=1
spice_tls_x509_cert_dir="/etc/pki/vdsm/libvirt-spice"

However, after this changes, augtool cannot identify qemu.conf anymore.
2012-05-24 21:17:37 -06:00
Daniel P. Berrange
1cc2034a72 Add sentinel for virErrorDomain enum
Add a VIR_ERR_DOMAIN_LAST sentinel for virErrorDomain and
replace the virErrorDomainName function by a VIR_ENUM_IMPL

In the process the naming of error domains is sanitized

* src/util/virterror.c: Use VIR_ENUM_IMPL for converting
  error domains to strings
* include/libvirt/virterror.h: Add VIR_ERR_DOMAIN_LAST
2012-05-24 16:20:55 +01:00
Michal Privoznik
4ab0d6c48a security: Switch to C99-style struct initialization 2012-05-24 16:37:51 +02:00
Daniel P. Berrange
2d191e8e27 Add stub impl of virNetlinkEventServiceLocalPid for Win32
The libvirt_private.syms file exports virNetlinkEventServiceLocalPid
so there needs to be a no-op stub for Win32 to avoid linker errors

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:01 +01:00
Daniel P. Berrange
b47637261c Override default driver dir when running from GIT
* daemon/libvirtd.c: Set custom driver module dir if the current
  binary name is 'lt-libvirtd' (indicating execution directly
  from GIT checkout)
* src/driver.c, src/driver.h, src/libvirt_driver_modules.syms: Add
  virDriverModuleInitialize to allow driver module location to
  be changed

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:01 +01:00
Daniel P. Berrange
a4e45a06c0 Split QEMU dtrace probes into separate file
When building as driver modules, it is not possible for the QEMU
driver module to reference the DTrace/SystemTAP probes linked into
the main libvirt.so. Thus we need to move the QEMU probes into a
separate file 'libvirt_qemu_probes.d'. Also rename the existing
file from 'probes.d' to 'libvirt_probes.d' while we're at it

* daemon/Makefile.am, src/internal.h: Include libvirt_probes.h
  instead of probes.h
* src/Makefile.am: Add rules for libvirt_qemu_probes.d
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor_json.c,
  src/qemu/qemu_monitor_text.c: Include libvirt_qemu_probes.h
* src/libvirt_probes.d: Rename from probes.d
* src/libvirt_qemu_probes.d: QEMU specific probes formerly
  in probes.d

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:01 +01:00
Daniel P. Berrange
f5f1fe1b3a Replace RTLD_LOCAL with RTLD_GLOBAL
Since we have drivers which depend on each other (ie QEMU/LXC
depend on the network driver APIs), we need to use RTLD_GLOBAL
instead of RTLD_LOCAL. While this pollutes the calling binary
with many more symbols, this is no worse than if we directly
link to the drivers, and this only applies to libvirtd

* src/driver.c: s/RTLD_LOCAL/RTLD_GLOBAL/

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:00 +01:00
Daniel P. Berrange
ee53a8c8ec Ensure LXC driver links against libblkid explicitly.
Only libvirt_driver_storage.la links to libblkid currently. If
we are running in a scenario with driver modules, LXC must
directly link to it, since it can't assume the storage driver
is present

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:00 +01:00
Daniel P. Berrange
6cd4b1fe16 Remove libvirt_test.la library
The libvirt_test.la library was introduced to allow test suites
to reference internal-only symbols. These days, nearly every
symbol we care about is in src/libvirt_private.syms, so there
is no need for libvirt_test.la to continue to exist

* src/Makefile.am: Delete libvirt_test.la & add new .syms files
* src/libvirt_private.syms: Export symbols needed by test suite
* tests/Makefile.am: Link to libvirt_test.la. Ensure LXC tests link
  to network_driver.la
* src/libvirt_esx.syms, src/libvirt_openvz.syms: Add exports needed
  by test suite
2012-05-24 13:18:00 +01:00
Daniel P. Berrange
1e27f291b3 Fix broken linkage of libvirt_driver_nodedev.la
libvirt_driver_nodedev.la should not link against either
libvirt_util.la or gnulib.la, since libvirt.so brings
in those deps.

* src/Makefile.am: Fix broken linkage of libvirt_driver_nodedev.la

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:00 +01:00
Daniel P. Berrange
1c275e9afa Only build server side drivers as modules
The driver modules all use symbols which are defined in libvirt.so.
Thus for loading of modules to work, the binary that libvirt.so
is linked to must export its symbols back to modules. If the
libvirt.so itself is dlopen()d then the RTLD_GLOBAL flag must
be set. Unfortunately few, if any, programming languages use
the RTLD_GLOBAL flag when loading modules :-( This means is it
not practical to use driver modules for any libvirt client side
drivers (OpenVZ, VMWare, Hyper-V, Remote client, test).

This patch changes the build process so only server side drivers
are built as modules (Xen, QEMU, LXC, UML)

* daemon/libvirtd.c: Add missing load of 'interface' driver
* src/Makefile.am: Only build server side drivers as modules
* src/libvirt.c: Don't load any driver modules

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-24 13:18:00 +01:00
Guido Günther
e63845469e openvz: add quota argument when creating container 2012-05-24 11:35:02 +02:00
Guido Günther
680ac813a5 openvz: support file system quota reporting 2012-05-24 11:35:02 +02:00
Guido Günther
41f1db6a0c Introduce filesystem limits to virDomainFSDef 2012-05-24 11:35:02 +02:00
Guido Günther
b46e005459 Introduce virDomainParseScaledValue
and use it for virDomainParseMemory. This allows to parse arbitrary
scaled value, not only memory related values as needed for the
filesystem limits code following later in this series.
2012-05-24 11:35:01 +02:00
Jiri Denemark
63643f67ab Revert "rpc: Discard non-blocking calls only when necessary"
This reverts commit b1e374a7ac, which was
rather bad since I failed to consider all sides of the issue. The main
things I didn't consider properly are:

- a thread which sends a non-blocking call waits for the thread with
  the buck to process the call
- the code doesn't expect non-blocking calls to remain in the queue
  unless they were already partially sent

Thus, the reverted patch actually breaks more than what it fixes and
clients (which may even be libvirtd during p2p migrations) will likely
end up in a deadlock.
2012-05-22 23:33:11 +02:00
Peter Krempa
db19417fc0 qemu_hotplug: Don't free the PCI device structure after hot-unplug
The pciDevice structure corresponding to the device being hot-unplugged
was freed after it was "stolen" from activeList. The pointer was still
used for eg-inactive list. This patch removes the free of the structure
and frees it only if reset fails on the device.
2012-05-22 18:21:29 +02:00
Laine Stump
3404729e58 util: export virBufferTrim
This was forgotten in commit cdb87b1c4b.
2012-05-22 11:36:04 -04:00
Eric Blake
cdb87b1c4b virBuffer: add way to trim back extra text
I'm tired of writing:

bool sep = false;
while (...) {
    if (sep)
       virBufferAddChar(buf, ',');
    sep = true;
    virBufferAdd(buf, str);
}

This makes it easier, allowing one to write:

while (...)
    virBufferAsprintf(buf, "%s,", str);
virBufferTrim(buf, ",", -1);

to trim any remaining comma.

* src/util/buf.h (virBufferTrim): Declare.
* src/util/buf.c (virBufferTrim): New function.
* tests/virbuftest.c (testBufTrim): Test it.
2012-05-21 16:01:43 -06:00
Wido den Hollander
74951eadef storage backend: Add RBD (RADOS Block Device) support
This patch adds support for a new storage backend with RBD support.

RBD is the RADOS Block Device and is part of the Ceph distributed storage
system.

It comes in two flavours: Qemu-RBD and Kernel RBD, this storage backend only
supports Qemu-RBD, thus limiting the use of this storage driver to Qemu only.

To function this backend relies on librbd and librados being present on the
local system.

The backend also supports Cephx authentication for safe authentication with
the Ceph cluster.

For storing credentials it uses the built-in secret mechanism of libvirt.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2012-05-21 12:37:38 -06:00
Eric Blake
b8e6021e7b build: fix unused variable after last patch
The previous commit (2cb0899) left a dead variable behind.

* src/libxl/libxl_driver.c (libxlClose): Drop dead variable.
2012-05-21 12:36:50 -06:00
Daniel P. Berrange
2cb0899eec Fix potential events deadlock when unref'ing virConnectPtr
When the last reference to a virConnectPtr is released by
libvirtd, it was possible for a deadlock to occur in the
virDomainEventState functions. The virDomainEventStatePtr
holds a reference on virConnectPtr for each registered
callback. When removing a callback, the virUnrefConnect
function is run. If this causes the last reference on the
virConnectPtr to be released, then virReleaseConnect can
be run, which in turns calls qemudClose. This function has
a call to virDomainEventStateDeregisterConn which is intended
to remove all callbacks associated with the virConnectPtr
instance. This will try to grab a lock on virDomainEventState
but this lock is already held. Deadlock ensues

Thread 1 (Thread 0x7fcbb526a840 (LWP 23185)):

Since each callback associated with a virConnectPtr holds a
reference on virConnectPtr, it is impossible for the qemudClose
method to be invoked while any callbacks are still registered.
Thus the call to virDomainEventStateDeregisterConn must in fact
be a no-op. Thus it is possible to just remove all trace of
virDomainEventStateDeregisterConn and avoid the deadlock.

* src/conf/domain_event.c, src/conf/domain_event.h,
  src/libvirt_private.syms: Delete virDomainEventStateDeregisterConn
* src/libxl/libxl_driver.c, src/lxc/lxc_driver.c,
  src/qemu/qemu_driver.c, src/uml/uml_driver.c: Remove
  calls to virDomainEventStateDeregisterConn
2012-05-21 18:50:47 +01:00
Stefan Berger
a3f3ab4c9c nwfilter: Add support for ipset
This patch adds support for the recent ipset iptables extension
to libvirt's nwfilter subsystem. Ipset allows to maintain 'sets'
of IP addresses, ports and other packet parameters and allows for
faster lookup (in the order of O(1) vs. O(n)) and rule evaluation
to achieve higher throughput than what can be achieved with
individual iptables rules.

On the command line iptables supports ipset using

iptables ... -m set --match-set <ipset name> <flags> -j ...

where 'ipset name' is the name of a previously created ipset and
flags is a comma-separated list of up to 6 flags. Flags use 'src' and 'dst'
for selecting IP addresses, ports etc. from the source or
destination part of a packet. So a concrete example may look like this:

iptables -A INPUT -m set --match-set test src,src -j ACCEPT

Since ipset management is quite complex, the idea was to leave ipset 
management outside of libvirt but still allow users to reference an ipset.
The user would have to make sure the ipset is available once the VM is
started so that the iptables rule(s) referencing the ipset can be created.

Using XML to describe an ipset in an nwfilter rule would then look as
follows:

  <rule action='accept' direction='in'>
    <all ipset='test' ipsetflags='src,src'/>
  </rule>

The two parameters on the command line are also the two distinct XML attributes
'ipset' and 'ipsetflags'.

FYI: Here is the man page for ipset:

https://ipset.netfilter.org/ipset.man.html

Regards,
    Stefan
2012-05-21 06:26:34 -04:00
Eric Blake
e8314e78f9 build: fix virnetlink on glibc 2.11
We were being lazy - virnetlink.c was getting uint32_t as a
side-effect from glibc 2.14's <unistd.h>, but older glibc 2.11
does not provide uint32_t from <unistd.h>.  In fact, POSIX states
that <unistd.h> need only provide intptr_t, not all of <stdint.h>,
so the bug really is ours.  Reported by Jonathan Alescio.

* src/util/virnetlink.h: Include <stdint.h>.
2012-05-18 09:42:25 -06:00
Hu Tao
fe0aac0503 Adds support to param 'vcpu_time' in qemu_driver.
This involves setting the cpuacct cgroup to a per-vcpu granularity,
as well as summing the each vcpu accounting into a common array.
Now that we are reading more than one cgroup file, we double-check
that cpus weren't hot-plugged between reads to invalidate our
summing.

Signed-off-by: Eric Blake <eblake@redhat.com>
2012-05-18 08:53:49 -06:00
Marc-André Lureau
a7675a6ba5 qemu: honour sound <codec> sub-elements
With ICH6 audio device, allow to specify codecs.
By default, for compatibility reasons, if no codec is specified,
"hda-duplex" will be used.
2012-05-17 11:40:36 -06:00
Marc-André Lureau
988e85a51e domain: add <codec> sound sub-element
Allow specifying sound device codecs. See formatdomain.html for
more details.
2012-05-17 11:40:11 -06:00
Marc-André Lureau
0aaebd7abc qemu: test CAPS_HDA_MICRO 2012-05-17 11:12:40 -06:00
Michal Privoznik
9c484e3dc5 qemu: Don't delete USB device on failed qemuPrepareHostdevUSBDevices
If qemuPrepareHostdevUSBDevices fail it will roll back devices added
to the driver list of used devices. However, if it may fail because
the device is being used already. But then again - with roll back.
Therefore don't try to remove a usb device manually if the function
fail. Although, we want to remove the device if any operation
performed afterwards fail.
2012-05-17 13:40:52 +02:00
Daniel P. Berrange
e7df360d56 Add a virLogMessage alternative taking va_list args
Allow the logging APIs to be called with a va_list for format
args, instead of requiring var-args usage.

* src/util/logging.h, src/util/logging.c: Add virLogVMessage
2012-05-16 17:13:13 +01:00
Eric Blake
3337ba6dc7 build: fix recent syntax-check breakage
The use of readlink() in lxc_container.c is intentional; we don't
want an absolute pathname there.

* src/util/cgroup.h (VIR_CGROUP_SYSFS_MOUNT): Indent properly.
* cfg.mk (exclude_file_name_regexp--sc_prohibit_readlink): Add
exemption.
2012-05-16 09:52:44 -06:00
Michal Privoznik
2f5fdc886e qemu: Rollback on used USB devices
One of our latest USB device handling patches
05abd1507d introduced a regression.
That is, we first create a temporary list of all USB devices that
are to be used by domain just starting up. Then we iterate over and
check if a device from the list is in the global list of currently
assigned devices (activeUsbHostdevs). If not, we add it there and
continue with next iteration then. But if a device from temporary
list is either taken already or adding to the activeUsbHostdevs fails,
we remove all devices in temp list from the activeUsbHostdevs list.
Therefore, if a device is already taken we remove it from
activeUsbHostdevs even if we should not. Thus, next time we allow
the device to be assigned to another domain.
2012-05-16 17:10:28 +02:00
Daniel P. Berrange
7ba66ef285 Fix build compat with older libselinux for LXC
Most versions of libselinux do not contain the function
selinux_lxc_contexts_path() that the security driver
recently started using for LXC. We must add a conditional
check for it in configure and then disable the LXC security
driver for builds where libselinux lacks this function.

* configure.ac: Check for selinux_lxc_contexts_path
* src/security/security_selinux.c: Disable LXC security
  if selinux_lxc_contexts_path() is missing
2012-05-16 15:38:29 +01:00
Daniel P. Berrange
a8c0b2fed0 Remount cgroups controllers after setting up new /sys in LXC
Normal practice is for cgroups controllers to be mounted at
/sys/fs/cgroup. When setting up a container, /sys is mounted
with a new sysfs instance, thus we must re-mount all the
cgroups controllers. The complexity is that we must mount
them in the same layout as the host OS. ie if 'cpu' and 'cpuacct'
were mounted at the same location in the host we must preserve
this in the container. Also if any controllers are co-located
we must setup symlinks from the individual controller name to
the co-located mount-point

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-16 11:37:40 +01:00
Daniel P. Berrange
c529b47a75 Trim /proc & /sys subtrees before mounting new instances
Both /proc and /sys may have sub-mounts in them from the host
OS. We must explicitly unmount them all before mounting the
new instance over that location. If we don't then /proc/mounts
will show the sub-mounts as existing, even though nothing will
be able to access them, due to the over-mount.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-16 11:27:29 +01:00
Daniel P. Berrange
c16b4c43fc Avoid LXC pivot root in the root source is still /
If the LXC config has a filesystem

  <filesystem>
     <source dir='/'/>
     <target dir='/'/>
  </filesystem>

then there is no need to go down the pivot root codepath.
We can simply use the existing root as needed.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-05-16 10:05:47 +01:00