Commit Graph

187 Commits

Author SHA1 Message Date
Michal Privoznik
bde75a895d event-test: Use goto cleanup instead of if else jungle
Like in the rest of our code we tend to prefer 'goto' and
'cleanup' over 'if else' code structure. Do the same here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-03-24 10:49:39 +01:00
Jiri Denemark
5a9cbc6265 Add event and state details for post-copy
VIR_DOMAIN_EVENT_SUSPENDED_POSTCOPY and VIR_DOMAIN_PAUSED_POSTCOPY are
used on the source host once migration enters post-copy mode (which
means the domain gets paused on the source. After the destination host
takes over the execution of the domain, its virtual CPUs are resumed and
the domain enters VIR_DOMAIN_RUNNING_POSTCOPY state and
VIR_DOMAIN_EVENT_RESUMED_POSTCOPY event is emitted.

In case migration fails during post-copy mode and none of the hosts have
complete state of the domain, both domains will remain paused with
VIR_DOMAIN_PAUSED_POSTCOPY_FAILED reason and an upper layer may decide
what to do.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2016-03-21 15:15:46 +01:00
Dmitry Andreev
8047d45704 Introduce new VIR_DOMAIN_EVENT_DEFINED_FROM_SNAPSHOT sub-event
VIR_DOMAIN_EVENT_DEFINED_FROM_SNAPSHOT event should be emitted
when domain configuration was changed on revert to snapshot.
2016-03-15 14:57:26 -04:00
Andrea Bolognani
9a457be18b domsuspend: Fix warning on mingw build
Commit d82170d introduced a workaround for domtop: in that example
program, we define a symbol called ERROR for our own use, but since
a symbol with the same name is already defined in one of mingw's
header files, we get a warning when using that compiler.

domsuspend defines the same problematic symbol, so the workaround
has been copied over.
2016-02-12 16:36:34 +01:00
Michal Privoznik
8c67ab6684 Expand $(wildcard) correctly
So after da176bf6b7 and friend we have switched to $(wildcard
some/path/*.xml) instead of enumerating the files explicitly.
This is nice, however it makes distcheck build from VPATH fail.
The reason is that it's is not obvious to what does the wildcard
refer to: srcdir or builddir?

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-01-12 17:16:33 +01:00
Cole Robinson
da176bf6b7 examples: Use one top level makefile
Using one Makefile per example subdirectory essentially serializes 'make'
calls. Convert to one example/Makefile that builds and distributes
all the subdir files. This reduces example/ rebuild time from about 5.8
seconds to 1.5 seconds on my machine.

One slight difference is that we no longer ship Makefile.am with the
examples in the rpm. This was virtually useless anyways since the Makefile
was very specific to libvirt infrastructure, so wasn't generically
reusable anyways.

Tested with 'make distcheck' and 'make rpm'
2016-01-09 21:14:12 -05:00
Guido Günther
d8ca0cbd4b apparmor: add missing qemu binaries
This adds the qemu binaries as of 1.2.4 in Debian. It also removes a
duplicate sparc64 entry.
2015-11-25 08:35:06 +01:00
Martin Kletzander
e755186c5c Add example that renames domain there and back
And in the middle it prints out its name to demonstrate changes in later
patch(es).

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-09-04 18:55:01 +02:00
Jiri Denemark
29b5167417 examples: Add example polkit ACL rules
Creating ACL rules is not exactly easy and existing examples are pretty
simple. This patch adds a somewhat complex example which defines several
roles. Admins can do everything, operators can do basic operations
on any domain and several groups of users who act as operators but only
on a limited set of domains.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2015-09-04 17:26:04 +02:00
Tomas Meszaros
9877d8406c Introduce new VIR_DOMAIN_EVENT_DEFINED_RENAMED event
This should be emitted whenever a domain is renamed.

Signed-off-by: Tomas Meszaros <exo@tty.sk>
2015-08-14 10:50:20 +02:00
Cédric Bosdonnat
ec5c1dcb53 Apparmor: allow reading block-rbd.so 2015-04-24 10:47:42 +02:00
Michal Privoznik
498d7b2bf5 domtop: Properly free cpu status
So, in the example the cpu stats are collected within a function
called do_top. At the beginning of the function we ask the daemon for
how much vCPUs can we get stats, and how many stats for a vCPU can we
get. This is because it's how our API works - users are required to
preallocate a chunk of memory for the results. Now, at the end, we try
to free the allocated array, but we are not doing it correctly.
There's this virTypedParamsFree() function which gets a pointer to the
array and the length of the array. However, if there was an error in
getting vCPU stats we pass a negative number instead of the originally
computed value. This flaw results in SIGSEGV:

libvirt: QEMU Driver error : Requested operation is not valid: domain is not running
ERROR do_top:333 : Unable to get cpu stats
==29201== Invalid read of size 4
==29201==    at 0x4F1DF8B: virTypedParamsClear (virtypedparam.c:1145)
==29201==    by 0x4F1DFEB: virTypedParamsFree (virtypedparam.c:1165)
==29201==    by 0x4023C3: do_top (domtop.c:349)
==29201==    by 0x40260B: main (domtop.c:386)
==29201==  Address 0x131cd7c0 is 16 bytes after a block of size 768 alloc'd
==29201==    at 0x4C2C070: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==29201==    by 0x401FF1: do_top (domtop.c:295)
==29201==    by 0x40260B: main (domtop.c:386)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-04-21 10:56:50 +02:00
Cédric Bosdonnat
e4725cdb12 Apparmor: removed duplicate nscd rules 2015-04-20 09:32:04 +02:00
Ján Tomko
a809c4749e Add an example for EVENT_ID_DEVICE_ADDED 2015-04-15 17:06:01 +02:00
Cédric Bosdonnat
9e7b1e646d Apparmor qemu abstraction fixes for SLES
SLES 11 has legacy qemu-kvm package, /usr/bin/qemu-kvm and
/usr/share/qemu-kvm need to be accessed to domains.
2015-04-09 11:18:16 +02:00
Martin Kletzander
0e7457e501 Fix common misspellings
Wikipedia's list of common misspellings [1] has a machine-readable
version.  This patch fixes those misspellings mentioned in the list
which don't have multiple right variants (as e.g. "accension", which can
be both "accession" and "ascension"), such misspellings are left
untouched.  The list of changes was manually re-checked for false
positives.

[1] https://en.wikipedia.org/wiki/Wikipedia:Lists_of_common_misspellings/For_machines

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-03-23 09:01:30 +01:00
Mike Latimer
338b07afa9 Grant access to helpers
Apparmor must not prevent access to required helper programs. The following
helpers should be allowed to run in unconfined execution mode:

 - libvirt_parthelper
 - libvirt_iohelper
2015-01-23 11:12:44 +01:00
Mike Latimer
c0273cd6f2 Fix apparmor issues for tck
The network and nwfilter tests contained in the libvirt-TCK testkit can fail
unless access to raw network packets is granted. Without this access, the
following apparmor error can be seen while running the tests:

  apparmor="DENIED" operation="create" parent=1 profile="/usr/sbin/libvirtd"
  pid=94731 comm="libvirtd" family="packet" sock_type="raw" protocol=768
2015-01-23 11:12:04 +01:00
Mike Latimer
b61fb8e8af Fix apparmor issues for Xen
In order for apparmor to work properly in Xen environments, the following
access rights need to be allowed:

 - Allow CAP_SYS_PACCT, which is required when resetting some multi-port
   Broadcom cards by writting to the PCI config space

 - Allow CAP_IPC_LOCK, which is required to lock/unlock memory. Without
   this setting, an error 'Resource temporarily unavailable' can be seen
   while attempting to mmap memory. At the same time, the following
   apparmor message is seen:

   apparmor="DENIED" operation="capable" parent=1 profile="/usr/sbin/libvirtd"
   pid=2097 comm="libvirtd" pid=2097 comm="libvirtd" capability=14
   capname="ipc_lock"

 - Allow access to distribution specific directories:
     /usr/{lib,lib64}/xen/bin
2015-01-23 11:11:53 +01:00
Cedric Bosdonnat
30c6aecc44 Teach AppArmor, that /usr/lib64 may exist.
The apparmor profiles forgot about /usr/lib64 folders, just add lib64
as a possible alternative to lib in the paths
2015-01-05 09:46:35 +01:00
Peter Krempa
4ca2744e8b examples: Add support for the guest agent lifecycle event
Add code to support the event in the object-event example.
2014-11-24 15:47:01 +01:00
Martin Kletzander
cfd9c02802 Remove unnecessary curly brackets in daemon/ and examples/
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-14 17:13:00 +01:00
Martin Kletzander
4480cd2837 examples: add systemtap script to ease lock debugging
As discussed before, this simple script should help with debugging
deadlocks, although there are still some caveats.  RWLocks are not
handled by this and if your deadlock if very racy, it may not lock
up when running with this script due to the slowdown.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-11-03 16:43:23 +01:00
Pavel Hrdina
f06a6257d5 event_example: cleanup example code for tunable event
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-26 09:33:58 +02:00
Pavel Hrdina
b8b3c56566 Fix MinGW build
When building on mingw the format string for long long/unsigned long
long have to be I64d/I64u instead of lld/llu.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-24 17:16:32 +02:00
Pavel Hrdina
9e734ab73e add an example how to use tunable event
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-23 21:55:31 +02:00
Felix Geyer
2311e5c4ea apparmor: allow reading cap_last_cap
libcap-ng >= 0.7.4 fails when it can't read /sys/kernel/cap_last_cap
and thus running a qemu guest fails.

Allow reading cap_last_cap in the libvirt-qemu apparmor abstraction.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-04 14:24:47 +02:00
Michal Privoznik
66eaa887e9 Fix spacing around commas
On some places in the libvirt code we have:

  f(a,z)

instead of

  f(a, z)

This trivial patch fixes couple of such occurrences.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-08-22 15:03:39 +02:00
Peter Krempa
d88f9027ae examples: test: Kill unsupported maxMemory element
The "maxMemory" element was never supported by libvirt. Remove it from
the test XMLs. (Found while actually trying to add support for a
identically named element).
2014-08-20 15:27:18 +02:00
Michal Privoznik
dc64be90b5 domtop: Remove unused variable
The variable 'k' in the print_cpu_usage function is not used anywhere
and can fire a warning on some compilers.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-08-04 14:40:52 +02:00
Michal Privoznik
859aa405e1 domtop: Turn parse_argv into void
Currently, the function follows the usual pattern used in our code:

  int ret = -1;
  ...
  ret = 0;
 cleanup:
  return ret;

However, the function always call exit() on error, so the cleanup
label is never jumped onto. Therefore, it doesn't make any sense to
have the parse_argv function return an integer value, if it
effectively can return only value of zero.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-08-04 14:37:14 +02:00
Michal Privoznik
d82170d757 domtop: Fix build on mingw
Firstly, there's no sigaction() nor struct sigaction on mingw. We have
to use the one implemented by gnulib (and hence link with gnulib).
Then, for some reason one header file from windows defines ERROR
symbol. Yes it does. Sigh.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-22 09:53:18 +02:00
Peter Krempa
ba2b4da02d examples: domtop: Avoid leaking memory
Use the virTypedParamsFree unconditionally as it handles NULL well and
has the benefit of freeing a typed parameter array even if it wasn't yet
assigned, but only allocated.
2014-07-21 15:20:59 +02:00
Peter Krempa
abab113bd2 examples: domtop: Fix uninitialized variable use
max_id could be used uninitialized in the cleanup section after the
domain wasn't found.

Discovered by Coverity.
2014-07-21 15:20:59 +02:00
Michal Privoznik
28d54aab05 examples: Introduce domtop
There's this question on the list that is asked over and over again.
How do I get {cpu, memory, ...} usage in percentage? Or its modified
version: How do I plot nice graphs like virt-manager does?

It would be nice if we have an example to inspire people. And that's
what domtop should do. Yes, it could be written in different ways, but
I've chosen this one as I think it show explicitly what users need to
implement in order to imitate virt-manager's graphing.

Note: The usage is displayed from host perspective. That is, how much
host CPUs the domain is using. But it should be fairly simple to
switch do just guest CPU usage if needed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-07-18 16:39:54 +02:00
Cédric Bosdonnat
9265f8ab67 Rework lxc apparmor profile
Rework the apparmor lxc profile abstraction to mimic ubuntu's container-default.
This profile allows quite a lot, but strives to restrict access to
dangerous resources.

Removing the explicit authorizations to bash, systemd and cron files,
forces them to keep the lxc profile for all applications inside the
container. PUx permissions where leading to running systemd (and others
tasks) unconfined.

Put the generic files, network and capabilities restrictions directly
in the TEMPLATE.lxc: this way, users can restrict them on a per
container basis.
2014-07-15 12:57:05 -06:00
Cédric Bosdonnat
dba3432b88 virt-lxc-convert: make free return values in bytes
Tiny fix for virt-lxc-convert: we are setting memory values in bytes, while
free may give us values in a different unit by default: force free to output
bytes with -b flag.
2014-07-07 12:37:23 +02:00
Cédric Bosdonnat
b73aafd6dd Added example script on how to convert LXC container config 2014-06-17 22:08:13 -06:00
Sahid Orentino Ferdjaoui
b21795bb5b Add a new example to illustrate domain migration
This commit adds a new example to illustrate peer to
peer domain migration with virDomainMigrateToURI.

Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@cloudwatt.com>
2014-04-30 14:29:07 +01:00
Cédric Bosdonnat
74e86b6b25 Fix apparmor profile to make vfio pci passthrough work
See lp#1276719 for the bug description. As virt-aa-helper doesn't know
the VFIO groups to use for the guest, allow access to all
/dev/vfio/[0-9]* and /dev/vfio/vfio files if there is a potential need
for vfio

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-03-27 09:09:23 -06:00
Ján Tomko
56e5a9177e Indent top-level labels by one space in examples/ 2014-03-25 14:58:38 +01:00
Martin Kletzander
95aed7febc Use K&R style for curly braces in remaining files
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-03-20 17:27:17 +01:00
Cédric Bosdonnat
ef7dc7d429 add support for apparmor in lxc-enter-namespace 2014-03-04 11:15:47 +00:00
Cédric Bosdonnat
43c030f046 LXC driver: generate apparmor profiles for guests
use_apparmor() was first designed to be called from withing libvirtd,
but libvirt_lxc also uses it. in libvirt_lxc, there is no need to check
whether to use apparmor or not: just use it if possible.
2014-03-04 11:07:05 +00:00
Cédric Bosdonnat
4f20084b12 AppArmor: Fix the place where the template should be installed
The security driver expects /etc/apparmor.d/libvirt/TEMPLATE but we
installed it to /etc/apparmor.d/libvirtd/TEMPLATE. Move the template to
the expected place since that code was here long before.
2014-02-12 06:34:32 -07:00
Felix Geyer
f88a3d9b0c apparmor: Improve profiles
Tested on Debian unstable.
The profile updates are partly taken from the Ubuntu trusty libvirt package.

Signed-off-by: Guido Günther <agx@sigxcpu.org>
2014-02-07 19:16:51 +01:00
Thorsten Behrens
721949059b maint: align whitespaces with project conventions. 2014-01-20 14:35:08 +01:00
Guido Günther
37705c12be Allow to install apparmor profiles
Make it easy to install the shipped examples. The aim is to have
reasonably working templates so that distros only need to minimally
patch these and can feed things upstream more easily.

This was prompted by http://bugs.debian.org/725144
2014-01-07 23:10:24 +01:00
Michal Privoznik
f7fee15ae8 event-test: Unregister close callback
When registering a close callback, the connection refcount is increased
as the connection object is passed to the callback and hence we must
prevent deleting it too soon. However, when closing the connection, the
connection object is just unrefed. So whenever a connection with a close
callback is closed, we end up with the connection object which has
exactly one reference. Leaving the code as-is doesn't mean the end of
the world as we know it, but why give a bad example?

==14531== 288 bytes in 1 blocks are still reachable in loss record 695 of 762
==14531==    at 0x4C2BDE4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==14531==    by 0x4E9FE09: virAllocVar (viralloc.c:558)
==14531==    by 0x4EDBE45: virObjectNew (virobject.c:190)
==14531==    by 0x4F71AAC: virGetConnect (datatypes.c:116)
==14531==    by 0x4F78511: do_open (libvirt.c:1136)
==14531==    by 0x4F7B3AC: virConnectOpenAuth (libvirt.c:1481)
==14531==    by 0x4011D2: main (event-test.c:499)

(and other leaks tied to virGetConnect())

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-12-24 17:18:34 +01:00
Michal Privoznik
e26cae6b85 examples: Resurrect domsuspend example
This partially reverts 5eb4b04211 and 62774afb6b.

Rewrite the domsuspend example from scratch. This time do it right.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2013-12-24 17:17:35 +01:00