22370 Commits

Author SHA1 Message Date
John Ferlan
d081665045 qemu: Introduce qemuDomainSecretHostdevPrepare and Destroy
Similar to the qemuDomainSecretDiskPrepare, generate the secret
for the Hostdev's prior to call qemuProcessLaunch which calls
qemuBuildCommandLine. Additionally, since the secret is not longer
added as part of building the command, the hotplug code will need
to make the call to add the secret in the hostdevPriv.

Since this then is the last requirement to pass a virConnectPtr
to qemuBuildCommandLine, we now can remove that as part of these
changes. That removal has cascading effects through various callers.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-02 06:10:19 -04:00
John Ferlan
27726d8c21 qemu: Introduce qemuDomainHostdevPrivatePtr
Modeled after the qemuDomainDiskPrivatePtr logic, create a privateData
pointer in the _virDomainHostdevDef to allow storage of private data
for a hypervisor in order to at least temporarily store auth/secrets
data for usage during qemuBuildCommandLine.

NB: Since the qemu_parse_command (qemuParseCommandLine) code is not
expecting to restore the auth/secret data, there's no need to add
code to handle this new structure there.

Updated copyrights for modules touched. Some didn't have updates in a
couple years even though changes have been made.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-02 06:10:19 -04:00
John Ferlan
40d8e2ba37 qemu: Introduce qemuDomainSecretPrepare and Destroy
Rather than needing to pass the conn parameter to various command
line building API's, add qemuDomainSecretPrepare just prior to the
qemuProcessLaunch which calls qemuBuilCommandLine. The function
must be called after qemuProcessPrepareHost since it's expected
to eventually need the domain masterKey generated during the prepare
host call. Additionally, future patches may require device aliases
(assigned during the prepare domain call) in order to associate
the secret objects.

The qemuDomainSecretDestroy is called after the qemuProcessLaunch
finishes in order to clear and free memory used by the secrets
that were recently prepared, so they are not kept around in memory
too long.

Placing the setup here is beneficial for future patches which will
need the domain masterKey in order to generate an encrypted secret
along with an initialization vector to be saved and passed (since
the masterKey shouldn't be passed around).

Finally, since the secret is not added during command line build,
the hotplug code will need to get the secret into the private disk data.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-02 06:10:19 -04:00
John Ferlan
48f56a9c5a qemu: Introduce qemuDomainSecretInfo
Introduce a new private structure to hold qemu domain auth/secret data.
This will be stored in the qemuDomainDiskPrivate as a means to store the
auth and fetched secret data rather than generating during building of
the command line.

The initial changes will handle the current username and secret values
for rbd and iscsi disks (in their various forms). The rbd secret is
stored as a base64 encoded value, while the iscsi secret is stored as
a plain text value. Future changes will store encoded/encrypted secret
data as well as an initialization vector needed to be given to qemu
in order to decrypt the encoded password along with the domain masterKey.
The inital assumption will be that VIR_DOMAIN_SECRET_INFO_PLAIN is
being used.

Although it's expected that the cleanup of the secret data will be
done immediately after command line generation, reintroduce the object
dispose function qemuDomainDiskPrivateDispose to handle removing
memory associated with the structure for "normal" cleanup paths.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-05-02 05:55:40 -04:00
Cédric Bosdonnat
0304a2a7ef Adapt augeas profile to handle negative int values.
Introducing keepalive_interval = -1 breaks to augeas lens. Fix the lens
by allowing signed ints in the regular expression.
2016-05-02 10:04:40 +02:00
Peter Krempa
7434eba7c7 qemu: monitor: Kill legacy PCI hotplug code 2016-05-02 09:12:14 +02:00
Peter Krempa
7212992034 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachControllerDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
b956512f6c qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainDetachNetDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
78bb0df8c9 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainDetachHostPCIDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
920e811f9f qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainDetachControllerDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
a0b38d6f9a qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainDetachVirtioDiskDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
62890fcf64 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachHostPCIDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
0a2cfaf3b1 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachNetDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
375a3d7585 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachVirtioDiskDevice
After killing one of the conditionals it's now guaranteed to have
@drivealias populated when calling the monitor, so the code attempting
to cleanup can be simplified.
2016-05-02 09:12:14 +02:00
Peter Krempa
c01f4e9e55 qemu: monitor: Kill legacy USB monitor code
Code was obsoleted by using -device.
2016-05-02 09:12:14 +02:00
Peter Krempa
dd3e9a0a7d qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachHostUSBDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
1cc2889f71 qemu: hotplug: Assume QEMU_CAPS_DEVICE in qemuDomainAttachUSBMassStorageDevice 2016-05-02 09:12:14 +02:00
Peter Krempa
3fbc7b781c qemu: remove default case from few typecasted enums
Commit 98c5c53d69b partially reverted the effort to use typecasted enums
for compiler notification. Turn it back.
2016-05-02 09:12:14 +02:00
Peter Krempa
22e464744d qemu: process: Don't needlesly clear the perf events in qemuDomainPerfRestart
At that point the perf events struct should not be allocated so there's
no use in clearing it.
2016-05-02 09:06:52 +02:00
Peter Krempa
edadd46c05 qemu: process: Fix failure semantics for perf events
For strange reasons if a perf event type was not supported or failed to
be enabled at VM start libvirt would ignore the failure.

On the other hand on restart if the event could not be re-enabled
libvirt would fail to reconnect to the VM and kill it.

Both don't make really sense. Fix it by failing to start the VM if the
event is not supported and change the event to disabled if it can't be
reconnected (unlikely).

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1329045
2016-05-02 09:06:52 +02:00
Peter Krempa
e64e394223 util: perf: Adhere to coding style of error checks in qemuDomainSetPerfEvents 2016-05-02 09:06:52 +02:00
Peter Krempa
bb9a80f9fc util: perf: Adhere to coding style of error checks in virPerfEventEnable 2016-05-02 09:06:52 +02:00
Peter Krempa
f7e7994b84 util: perf: Use 'error' label in virPerfCmtEnable
The label is used only for the error path, thus rename cleanup.
2016-05-02 09:06:52 +02:00
Peter Krempa
e08479efca qemu: perf: Don't ignore perf setup if allocation fails
Reject the VM startup if the perf event structure can't be allocated.
2016-05-02 09:06:52 +02:00
Peter Krempa
662862ec5f qemu: hotplug: Allow update of disk default snapshot location
Since the field is internal to libvirt we can allow the users to modify
it.
2016-05-02 09:03:02 +02:00
Peter Krempa
3b3debfb7f qemu: domain: Check few more fields for when changing disk source
Both disk->src->shared and disk->src->readonly can't be modified when
changing disk source for floppy and cdrom drives since both arguments
are passed as arguments of the disk rather than the image in qemu.

Historically these fields have only two possible values since they are
represented as XML thus we need to ignore if user did not provide them
and thus we are treating them as false.
2016-05-02 09:03:02 +02:00
Peter Krempa
a84d604db5 qemu: domain: Fix error message in qemuDomainDiskChangeSupported
disk->dst represents the <target> element in the XML.
2016-05-02 09:03:02 +02:00
Peter Krempa
833ae6b435 qemu: hotplug: Skip waiting for tray opening if qemu doesn't notify us
If qemu doesn't support DEVICE_TRAY_MOVED event the code that attempts
to change media would attempt to re-eject the tray even if it wouldn't
be notified when the tray opened. Add a capability bit and skip retrying
for old qemus.
2016-05-02 08:49:34 +02:00
Peter Krempa
a34faf3301 qemu: process: Refresh ejectable media tray state on VM start
Empty floppy drives start with tray in "open" state and libvirt did not
refresh it after startup. The code that inserts media into the tray then
waited until the tray was open before inserting the media and thus
floppies could not be inserted.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1326660
2016-05-02 08:49:34 +02:00
Michal Privoznik
809d02ca36 virStream{Recv,Send}All: Increase client buffer
These are wrappers over virStreamRecv and virStreamSend so that
users have to care about nothing but writing data into / reading
data from a sink (typically a file). Note, that these wrappers
are used exclusively on client side as the daemon has slightly
different approach. Anyway, the wrappers allocate this buffer and
use it for intermediate data storage until the data is passed to
stream to send, or to the client application. So far, we are
using 64KB buffer. This is enough, but suboptimal because server
can send messages up to VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX bytes
big (262120B, roughly 256KB). So if we make the buffer this big,
a single message containing the data is sent instead of four,
which is current situation. This means lower overhead, because
each message contains a header which needs to be processed, each
message is processed roughly same amount of time regardless of
its size, less bytes need to be sent through the wire, and so on.
Note that since server will never sent us a stream message bigger
than VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX there's no point in
sizing up the client buffer past this threshold.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-02 07:56:38 +02:00
Michal Privoznik
18944b7aea virnetclientstream: Process stream messages later
There are two functions on the client that handle incoming stream
data.  The first one virNetClientStreamQueuePacket() is a low
level function that just processes the incoming stream data from
the socket and stores it into an internal structure. This happens
in the client event loop therefore the shorter the callbacks are,
the better. The second function virNetClientStreamRecvPacket()
then handles copying data from internal structure into a client
provided buffer.
Change introduced in this commit makes just that: new queue for
incoming stream packets is introduced. Then instead of copying
data into intermediate internal buffer and then copying them into
user buffer, incoming stream messages are queue into the queue
and data is copied just once - in the upper layer function
virNetClientStreamRecvPacket(). In the end, there's just one
copying of data and therefore shorter event loop callback. This
should boost the performance which has proven to be the case in
my testing.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-02 07:56:38 +02:00
Michal Privoznik
435ee578a0 Revert "rpc: Fix slow volume download (virsh vol-download)"
This reverts commit d9c9e138f22c48626f719f880920e04c639e0177.

Unfortunately, things are going to be handled differently so this
commit must go.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-05-02 07:56:38 +02:00
Martin Kletzander
0c56d94318 tools: Fix connect command
The man page says: "(Re)-Connect to the hypervisor. When the shell is
first started, this is automatically run with the URI parameter
requested by the "-c" option on the command line."  However, if you run:

  virsh -c 'test://default' 'connect; uri'

the output will not be 'test://default'.  That's because the 'connect'
command does not care about any virsh-only related settings and if it is
run without parameters, it connects with @uri == NULL.  Not only that
doesn't comply to what the man page describes, but it also doesn't make
sense.  It also means you aren't able to reconnect to whatever you are
connected currently.

So let's fix that in both virsh and virt-admin add a test case for it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-05-02 07:18:25 +02:00
John Ferlan
c0730e4d12 Post-release version bump to 1.3.5 2016-05-01 08:28:34 -04:00
Daniel Veillard
52f1874602 Release of libvirt-1.3.4
* docs/news.html.in libvirt.spec.in: update for release
* po/*.po* : regenerated
v1.3.4
2016-05-01 09:50:21 +08:00
Yuri Chornoivan
50fc4b4bdd Fix minor typos in messages
Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>
2016-04-30 15:37:31 +02:00
Laine Stump
9b643ae824 Revert "qemu domain allow to set ip address, peer address and route"
This reverts commit 6e244c659fb004503fd2a94319dae8fa6fecf045, which
added support to qemu for the "peer" attribute in domain interface <ip>
elements.

It's being removed temporarily for the release of libvirt 1.3.4
because the feature doesn't work, and there are concerns that it may
need to be modified in an externally visible manner which could create
backward compatibility problems.

 Conflicts:
   tests/qemuxml2argvmock.c - a mock of virNetDevSetOnline() was added
   which may be assumed by other tests added since the original commit,
   so it isn't being reverted.
2016-04-29 12:46:30 -04:00
Laine Stump
70aa318b82 Revert "lxc domain allow to set peer address"
This reverts commit afee47d07c521b4bb10a12e253a29363d16ab8f0, which
added support to lxc for the "peer" attribute in domain interface <ip>
elements.

It's being removed temporarily for the release of libvirt 1.3.4
because the feature doesn't work, and there are concerns that it may
need to be modified in an externally visible manner which could create
backward compatibility problems.
2016-04-29 12:46:25 -04:00
Laine Stump
1d14b13f3b Revert "libvirt domain xml allow to set peer address"
This reverts commit 690969af9ccdf9b2012b97af0462bae8e312c9c9, which
added the domain config parts to support a "peer" attribute in domain
interface <ip> elements.

It's being removed temporarily for the release of libvirt 1.3.4
because the feature doesn't work, and there are concerns that it may
need to be modified in an externally visible manner which could create
backward compatibility problems.
2016-04-29 12:46:16 -04:00
Ben Gray
5ba48584fb rpc: Don't leak fd via CreateXMLWithFiles
FD passing APIs like CreateXMLWithFiles or OpenGraphicsFD will leak
file descriptors. The user passes in an fd, which is dup()'d in
virNetClientProgramCall. The new fd is what is transfered to the
server virNetClientIOWriteMessage.

Once all the fds have been written though, the parent msg->fds list
is immediately free'd, so the individual fds are never closed.

This closes each FD as its send to the server, so all fds have been
closed by the time msg->fds is free'd.

https://bugzilla.redhat.com/show_bug.cgi?id=1159766
2016-04-29 06:30:06 -04:00
Mikhail Feoktistov
cdbbb93a96 vz: fix disk enumeration
If we want to delete all disks for container or vm
we should make a loop from 0 to NumberOfDisks and always
use zero index in PrlVmCfg_GetHardDisk to get disk handle.
When we delete first disk after that numbers of other disks
will be changed, start from 0 to NumberOfDisks-1.
That's why we should always use zero index.
v1.3.4-rc2
2016-04-28 20:24:09 +02:00
Nikolay Shirokovskiy
4d28d0931f virsh: Fix support for 64 migration options
Add ULL suffix to all related operands of << or shift will give
all zeros instead of correct mask.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
2016-04-28 20:16:41 +02:00
Martin Kletzander
55320c23dd qemu: Regenerate VNC socket paths
Similarly to what commit 714080791778 did with some internal paths,
clear vnc socket paths that were generated by us.  Having such path in
the definition can cause trouble when restoring the domain.  The path is
generated to the per-domain directory that contains the domain ID.
However, that ID will be different upon restoration, so qemu won't be
able to create that socket because the directory will not be prepared.

To be able to migrate to older libvirt, skip formatting the socket path
in migratable XML if it was autogenerated.  And mark it as autogenerated
if it already exists and we're parsing live XML.

Best viewed with '-C'.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1326270

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-28 16:13:45 +02:00
Peter Krempa
b527e7c8e2 qemu: Error out if setting vcpu count would lead to invalid config
When the domain definition describes a machine with NUMA, setting the
maximum vCPU count via the API might lead to an invalid config.

Add a check that will forbid this until we add more advanced cpu config
capabilities.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1327499
2016-04-28 09:25:32 +02:00
Peter Krempa
63e2b766a5 qemu: conf: Set default logging approach in virQEMUDriverConfigNew
Instead of setting the default qemu stdio logging approach in
virQEMUDriverConfigLoadFile set it in virQEMUDriverConfigNew so that
it's properly set even when the config is not present.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1325075
2016-04-28 09:25:32 +02:00
Martin Kletzander
d294f6b0df Shorten domain name for automatic coredump
If the domain name is long enough, the timestamp can prolong the
filename for automatic coredump to more than the filesystem's limit.
Simply shorten it like we do in other places.  The timestamp helps with
the unification, but having the ID in the name won't hurt.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1289363

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-27 15:08:10 +02:00
Martin Kletzander
a042275a39 Unify domain name shortening
Add virDomainObjGetShortName() and use it.  For now that's used in one
place, but we should expose it so that future patches can use it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-27 15:07:10 +02:00
Martin Kletzander
d3d4fb4b18 qemu: Unref cfg in qemuDomainDefPostParse
Introduced by commit 15ad2ecf114d.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2016-04-27 15:06:09 +02:00
Cole Robinson
67f2b72723 conf: Drop restrictions on rng backend path
Currently we only allow /dev/random and /dev/hwrng as host input
for <rng><backend model='random'/> device. This was added after
various upstream discussions in commit 4932ef45

However this restriction has generated quite a few complaints over
the years, so a new discussion was initiated:

http://www.redhat.com/archives/libvir-list/2016-April/msg00987.html

Several people suggested removing the restriction, and nobody really
spoke up to defend it. So this patch drops the path restriction
entirely

https://bugzilla.redhat.com/show_bug.cgi?id=1074464
v1.3.4-rc1
2016-04-26 11:43:33 -04:00
Cole Robinson
84371303d8 remote: Don't reject remote polkit if client lacks support
If you compile a client --without-polkit, and connect to a URI that needs
polkit auth, the connection will fail with:

$ ./tools/virsh --connect qemu+ssh://crobinso@machine/system
error: failed to connect to the hypervisor
error: authentication failed: unsupported authentication type 2

This is because the client side portion of the polkit handling is
compiled out. However, nothing polkit specific is actually required
of the client.

Fix that error by unconditionally compiling the basic polkit client
handling.

https://bugzilla.redhat.com/show_bug.cgi?id=635529
2016-04-26 11:43:33 -04:00