Commit Graph

21474 Commits

Author SHA1 Message Date
Peter Krempa
d1242ba24a qemu: cgroup: Setup cgroups for bios/firmware images
oVirt wants to use OVMF images on top of lvm for their 'logical'
storage thus we should set up device ACLs for them so it will actually
work.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1305922
2016-02-17 12:29:00 +01:00
Peter Krempa
d6c91b3c03 qemu: cgroup: Extract guts of qemuSetupImageCgroupInternal
They will later be reused for setting cgroup for other image backed
devices.
2016-02-17 10:54:05 +01:00
Peter Krempa
2b15f2a196 qemu: cgroup: Split up qemuSetImageCgroupInternal
Separate the Teardown and Setup code paths into separate helpers.
2016-02-17 10:54:05 +01:00
Peter Krempa
5dd610d01d qemu: cgroup: Switch to qemu(Setup|Teardown)ImageCgroup
For other objects we use the two functions rather than one with a bool.
Convert qemuSetImageCgroup to the same approach.
2016-02-17 10:54:05 +01:00
Peter Krempa
4e22355ee1 qemu: cgroup: Avoid reporting errors from inaccessible NFS volumes
Rather than reporting it and then reseting the error, don't report it in
the first place.
2016-02-17 10:54:05 +01:00
Peter Krempa
cf113e8d54 util: cgroup: Allow ignoring EACCES in virCgroup(Allow|Deny)DevicePath
When adding disk images to ACL we may call those functions on NFS
shares. In that case we might get an EACCES, which isn't really relevant
since NFS would not hold a block device. This patch adds a flag that
allows to stop reporting an error on EACCES to avoid spaming logs.

Currently there's no functional change.
2016-02-17 10:54:05 +01:00
Peter Krempa
9cd5da710e util: cgroup: Drop virCgroup(Allow|Deny)DeviceMajor
Since commit 47e5b5ae virCgroupAllowDevice allows to pass -1 as either
the minor or major device number and it automatically uses '*' in place
of that. Reuse the new approach through the code and drop the duplicated
functions.
2016-02-17 10:54:05 +01:00
Peter Krempa
f42b5c327f util: cgroup: Instrument virCgroupDenyDevice to handle -1 device number as *
Similarly to commit 47e5b5ae virCgroupDenyDevice will handle -1 as *.
2016-02-17 10:54:05 +01:00
Peter Krempa
23087cfdbd qemu: migration: Refactor code now that we assume support for fd migration
After removing capability check for fd migration the code that was left
behind didn't make quite sense. The old exec migration would be used in
case when pipe() failed. Remove the old code and make failure of pipe()
a hard error.

This additionally removes usage of virCgroupAllowDevicePath outside of
qemu_cgroup.c.
2016-02-17 10:52:38 +01:00
Peter Krempa
21212fca13 qemu: cgroup: Remove abandoned function qemuAddToCgroup
This function doesn't do anything useful since 2049ef9942.
2016-02-17 10:28:34 +01:00
Andrea Bolognani
cda1cc170f conf: Use a temporary int variable to store GIC version
Since no value in the virGICVersion enumeration is negative, a clever
enough compiler can report an error such as

  src/conf/domain_conf.c:15337:75: error: comparison of unsigned enum
  expression < 0 is always false [-Werror,-Wtautological-compare]
    if ((def->gic_version = virGICVersionTypeFromString(tmp)) < 0 ||
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ ~

virGICVersionTypeFromString() can, however, return a negative value if
the input string is not part of the enumeration, so we definitely need
that check.

Work around the problem by storing the return value in a temporary int
variable.
2016-02-16 18:12:17 +01:00
John Ferlan
731ed05ce9 qemu: Move qemuDomainNetVLAN
Move function into qemu_domain.c.
2016-02-16 11:07:48 -05:00
John Ferlan
de71e0e500 qemu: Move qemuAssign*Alias* API's into their own module
Create a new module qemu_alias.c to handle the qemuAssign*Alias* APIs
and the qemuDomainDeviceAliasIndex
2016-02-16 11:07:48 -05:00
John Ferlan
aba930af15 qemu: Move qemuNetworkPrepareDevices
Move function to qemu_process.c, rename to qemuProcessNetworkPrepareDevices
and make it static.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:48 -05:00
John Ferlan
7edf0e5ef8 qemu: Move and rename qemuOpenVhostNet
Move function to qemu_interface.c and rename to qemuInterfaceOpenVhostNet

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
177db48734 qemu: Move qemuDomain*Address* functions
Create new modules qemu_domain_address.c and qemu_domain_address.h to
contain all the new functions and header data. Additionally move any
supporting static functions.

Make qemuDomainSupportsPCI non static.

Also, move and rename the following:

qemuSetSCSIControllerModel to qemuDomainSetSCSIControllerModel
qemuCollectPCIAddress to qemuDomainCollectPCIAddress
qemuValidateDevicePCISlotsPIIX3 to qemuDomainValidateDevicePCISlotsPIIX3
qemuAssignDevicePCISlots to qemuDomainAssignDevicePCISlots

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
a0824823b7 qemu: Move qemuDomainSupports* functions
Move qemuDomainSupportsNicdev and qemuDomainSupportsNetdev into qemu_domain.c
and expose from there.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
a1a1e44798 qemu: Move qemuNetworkIfaceConnect to qemu_interface.c and rename
Move the misplaced function from qemu_command.c to qemu_interface.c
since it's closer in functionality there and had less to do with building
the command line.

Rename function to qemuInterfaceBridgeConnect and modify callers.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
5937241328 qemu: Move qemuPhysIfaceConnect to qemu_interface.c and rename
Move the misplaced function from qemu_command.c to qemu_interface.c
since it's closer in functionality there and had less to do with building
the command line.

Rename function to qemuInterfaceDirectConnect and modify callers.

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
efc4080d47 qemu: Move qemuVirCommandGetDevSet
Move function closer to where it's used in qemuBuildTPMBackendStr

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
5df342d334 qemu: Move qemuBuildTPMDevStr
Move function closer to where it's used in qemuBuildTPMCommandLine

Also fix function header to match current coding practices

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
6d9dcc04d6 qemu: Move qemuVirCommandGetFDSet
Move function closer to where it's used in qemuBuildTPMCommandLine

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
John Ferlan
f677d10b23 qemu: Move qemuBuildTPMBackendStr
Move function closer to where it's called in qemuBuildTPMCommandLine

Also adjust function header to fit current coding guidelines

Signed-off-by: John Ferlan <jferlan@redhat.com>
2016-02-16 11:07:47 -05:00
Andrea Bolognani
998a936c4c tests: Add more GIC test cases
Test all kinds of scenarios, including guests asking for GIC but
failing to specify a version, guests specifying an invalid version
and guests trying to use GIC with non-virt or even non-ARM machines.
2016-02-16 15:42:20 +01:00
Andrea Bolognani
161a341850 tests: Reorganize and simplify GIC test cases
Unify the naming to prepare for new test cases that will be added
later on.

Convert a couple of output XML files for the qemuxml2xml test to
symlinks while at it, since they were identical to the corresponding
input XML files anyways.

Moreover, since we're only interested in testing GIC support here,
simplify XML files by getting rid of the unrelevant bits.
2016-02-16 15:39:57 +01:00
Andrea Bolognani
bd23695055 qemu: Always enable GIC on ARM virt machines
GIC is always available to ARM virt machines, and the domain XML should
reflect this fact.
2016-02-16 14:58:58 +01:00
Andrea Bolognani
5b2c2a1023 qemu: Default to GIC v2
When a domain is configured to use GIC but no version has been
specified by the user, default to GIC v2.
2016-02-16 14:58:58 +01:00
Andrea Bolognani
768b7ed2c8 conf: Use virGICVersion enumeration in virDomainDef
Instead of allowing any random positive number, restrict the possible
values to the ones that are part of the virGICVersion enumeration.
2016-02-16 14:58:58 +01:00
Andrea Bolognani
2a7b11eafb schema: List allowed GIC versions
This change allows to use "host" as a GIC version in the domain XML.

Since we'll need to update the virGICVersion enumeration to support
new GIC versions anyway, it makes sense to be a bit more strict in
the schema as well and reject values that are not in the enumeration.
2016-02-16 14:58:58 +01:00
Andrea Bolognani
e76bef7f7b gic: Introduce virGICVersion enumeration
We currently blindly accept any numeric value as a GIC version, even
though only GIC v2 and GIC v3 actually exist; on the other hand, we
reject "host", which is a perfectly legitimate value for QEMU guests.

This new enumeration contains all GIC versions libvirt is aware of.
2016-02-16 14:58:58 +01:00
Ludovic Beliveau
8fbdff1634 qemu: fix hot unplug of PCI devices with VFIO
Currently, on hot unplug of PCI devices with VFIO driver for QEMU, libvirt is
trying to restore the host devices to it's previous value (basically a chown
on the previous user/group).

However for devices with VFIO driver, when the device is unbinded it is
removed from the /dev/vfio file system causing the restore label to fail.

The fix is to not restore the label for those PCI devices since they are going
to be teared down anyway.

Signed-off-by: Ludovic Beliveau <ludovic.beliveau@windriver.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-16 13:14:04 +01:00
Ján Tomko
d616544077 Spell VMware with a lowercase w
Replace all occurrences of VMWare outside the news.
2016-02-15 15:35:48 +01:00
Peter Krempa
27fa42b24c vsh: Replace vshPrint macro with function
The macro would eat the first parameter. In some cases the format string
for vshPrint was eaten. In other cases the calls referenced variables
which did not exist in the given context. Avoid errors by doing compile
time checking.
2016-02-15 13:31:12 +01:00
Peter Krempa
018010f05c vsh: Simplify bailing out on OOM conditions
When we hit OOM it doesn't really make sense to format the error message
by attempting to allocate it. Introduce a simple helper that prints a
static message and terminates the execution.
2016-02-15 13:31:12 +01:00
Laine Stump
9cb8b0e5a4 util: clean up and expand 802.1QbX negotiation logging
The existing log messages for this have several problems; there are
two lines of log when one will suffice, they duplicate the function
name in log message (when it's already included by VIR_DEBUG), they're
missing some useful bits, they get logged even when the call is a NOP.

This patch cleans up the problems with those existing logs, and also
adds a new VIR_INFO-level log down at the function that is actually
creating and sending the netlink message that logs *everything* going
into the netlink message (which turns out to be much more useful in
practice for me; I didn't want to eliminate the logs at the existing
location though, in case they are useful in some scenario I'm
unfamiliar with; anyway those logs are remaining at debug level, so it
shouldn't be a bother to anyone).
2016-02-14 11:29:41 -05:00
Laine Stump
eb72bd63c1 network: consolidated info log for all network allocate/free operations
There are three functions that deal with allocating and freeing
devices from a networks netdev/pci device pool:
network(Allocate|Notify|Release)ActualDevice(). These functions also
maintain a counter of the number of domains currently using a network
(regardless of whether or not that network uses a device pool). Each
of these functions had multiple log messages (output using VIR_DEBUG)
that were in slightly different formats and gave varying amounts of
information.

This patch creates a single function to log the pertinent information
in a consistent manner for all three of these functions. Along with
assuring that all the functions produce a consistent form of output
(and making it simpler to change), it adds the MAC address of the
domain interface involved in the operation, making it possible to
verify which interface of which domain the operation is being done for
(assuming that all MAC addresses are unique, of course).

All of these messages are raised from DEBUG to INFO, since they don't
happen that often (once per interface per domain/libvirtd start or
domain stop), and can be very informative and helpful - eliminating
the need to log debug level messages makes it much easier to sort
these out.
2016-02-14 11:28:45 -05:00
Laine Stump
3ea8b8b87f network: consolidate connection count updates for device pool
networkReleaseActualDevice() and networkNotifyActualDevice() both were
updating the individual devices' connections count in two separate
places (unlike networkAllocateActualDevice() which does it in a single
unified place after success:). The code is correct, but prone to
confusion / later breakage. All of these updates are anyway located at
the end of if/else clauses that are (with the exception of a single
VIR_DEBUG() in each case) immediately followed by the success: label
anyway, so this patch replaces the duplicated ++/-- instructions with
a single ++/-- inside a qualifying "if (dev)" down below success:.
(NB: if dev != NULL, by definition we are using a device (either pci
or netdev, doesn't matter for these purposes) from the network's pool)

The VIR_DEBUG args (which will be replaced in a followup patch anyway)
were all adjusted to account for the connection count being out of
date at the time.
2016-02-14 11:27:27 -05:00
Wido den Hollander
98782f8899 rbd: Use RBD fast-diff for querying actual volume allocation
Since Ceph version Infernalis (9.2.0) the new fast-diff mechanism
of RBD allows for querying actual volume usage.

Prior to this version there was no easy and fast way to query how
much allocation a RBD volume had inside a Ceph cluster.

To use the fast-diff feature it needs to be enabled per RBD image
and is only supported by Ceph cluster running version Infernalis
(9.2.0) or newer.

Without the fast-diff feature enabled libvirt will report an allocation
identical to the image capacity. This is how libvirt behaves currently.

'virsh vol-info rbd/image2' might output for example:

  Name:           image2
  Type:           network
  Capacity:       1,00 GiB
  Allocation:     124,00 MiB

Newly created volumes will have the fast-diff feature enabled if the
backing Ceph cluster supports it.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2016-02-12 16:02:05 -05:00
Wido den Hollander
ab342e99f6 rbd: rbd_diff_iterate2() is available in librbd since 266
In commit 0b15f920 there is a #ifdef which requires LIBRBD_VERSION_CODE
266 or newer for rbd_diff_iterate2()

rbd_diff_iterate2() is available since 266, so this if-statement should
require anything newer than 265.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2016-02-12 15:51:37 -05:00
Wido den Hollander
b61871c06f rbd: Add volStorageBackendRBDGetFeatures() for internal calls
As more and more features are added to RBD volumes we will need to
call this method more often.

By moving it into a internal function we can re-use code inside the
storage backend.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2016-02-12 15:51:37 -05:00
Andrea Bolognani
9a457be18b domsuspend: Fix warning on mingw build
Commit d82170d introduced a workaround for domtop: in that example
program, we define a symbol called ERROR for our own use, but since
a symbol with the same name is already defined in one of mingw's
header files, we get a warning when using that compiler.

domsuspend defines the same problematic symbol, so the workaround
has been copied over.
2016-02-12 16:36:34 +01:00
Michal Privoznik
611a278fa4 storageVolCreateXMLFrom: Check if backend knows how to createVol
It is highly unlikely that a backend will know how to create a
volume from a different volume (buildVolFrom) and not know how to
create an empty volume (createVol). But:
1) we call the function without any prior check so if that's the
case we would SIGSEGV immediatelly
2) it's better to be safe than sorry.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-12 16:16:58 +01:00
Michal Privoznik
78490acc39 storageVolCreateXML: Swap order of two operations
Firstly, we realloc internal list to hold new item (=volume that
will be potentially created) and then we check whether we
actually know how to create it. If we don't we consume more
memory than we really need for no good reason.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-12 16:16:46 +01:00
Michal Privoznik
64e66d8ed6 virsh: Teach vol-create-as to --print-xml
We have the same argument to many other commands that produce an
XML based on what user typed. But unfortunately vol-create-as
was missing it. Maybe nobody had needed it yet. Well, I did
just now.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-12 16:16:09 +01:00
Michal Privoznik
bb0b8e5d67 cmdVolCreateAs: Rework to follow usual func pattern
The way we usually write functions is that we start the work and
if something goes bad we goto cleanup and roll back there. Or
just free resources that are no longer needed. Do the same here.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-12 16:16:09 +01:00
Michal Privoznik
26946f674e virportallocatortest: Run on linux only
After the rework of mocking of our tests there's the
virportallocator test failing to link on mingw. Well, it's the
mocking library actually:

../gnulib/lib/.libs/libgnu.a(bind.o): In function `rpl_bind':
/home/jenkins/libvirt-mingw/build32/gnulib/lib/../../../gnulib/lib/bind.c:33: multiple definition of `rpl_bind'
.libs/virportallocatormock_la-virportallocatormock.o:/home/jenkins/libvirt-mingw/build32/tests/../../tests/virportallocatormock.c:79: first defined here

I've no idea why this matters to mingw and does not to others.
Nevertheless, if we make the test linux only the problem goes
away.

Apparently, our test for RTLD_NEXT is not sufficient because
mingw32 defines it. Lets put aside for a while fact that it has
the same value as RTLD_DEFAULT which by description has different
meaning, shall we?

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2016-02-12 16:13:31 +01:00
Mikhail Feoktistov
9c14a9ab42 vz: fix race condition when adding domain to domains list
Race condition:
User calls defineXML to create new instance.
The main thread from vzDomainDefineXMLFlags() creates new instance by prlsdkCreateVm.
Then this thread calls prlsdkAddDomain to add new domain to domains list.
The second thread receives notification from hypervisor that new VM was created.
It calls prlsdkHandleVmAddedEvent() and also tries to add new domain to domains list.
These two threads call virDomainObjListFindByUUID() from prlsdkAddDomain() and don't find new domain.
So they add two domains with the same uuid to domains list.

This fix splits logic of prlsdkAddDomain() into two functions.
1. vzNewDomain() creates new empty domain in domains list with the specific uuid.
2. prlsdkLoadDomain() add data from VM to domain object.

New algorithm for creating an instance:
In vzDomainDefineXMLFlags() we add new domain to domain list by calling vzNewDomain()
and only after that we call CreateVm() to create VM.
It means that we "reserve" domain object with the specific uuid.
After creation of new VM we add info from this VM
to reserved domain object by calling prlsdkLoadDomain().

Before this patch prlsdkLoadDomain() worked in 2 different cases:
1. It creates and initializes new domain. Then updates it from sdk handle.
2. It updates existed domain from sdk handle.
In this patch we remove code which creates new domain from LoadDomain()
and move it to vzNewDomain().
Now prlsdkLoadDomain() only updates domain from skd handle.

In notification handler prlsdkHandleVmAddedEvent() we check
the existence of a domain and if it doesn't exist we add new domain by calling
vzNewDomain() and load info from sdk handle via prlsdkLoadDomain().
2016-02-12 13:32:03 +03:00
Mikhail Feoktistov
d5f0cf990b vz: fix notification subscription
Bug cause:
Update the domain that is subscribed to hypervisor notification.
LoadDomain() rewrites notifications fields in vzDomObj structure and makes domain as "unsubscribed".
Fix:
Initialize notification fields in vzDomObj only if we create a new domain.
And do not reinitialize these fields if we update domain (by calling LoadDomain with olddom argument)
2016-02-12 13:32:01 +03:00
Mikhail Feoktistov
a7b2257e9a vz: remove unused struct field
In commit 7039bb3c we have removed code that saves uuid to vzDomObj.uuid
So this field is no longer needed.
2016-02-12 13:31:58 +03:00
Mikhail Feoktistov
2286986a9c vz: make output arguments in prlsdkGetDomainIds as optional
prlsdkGetDomainIds() returns name and uuid for specified instance.
Now output arguments can be NULL.
It allows to get only necessary info(name or uuid).
2016-02-12 13:31:56 +03:00