Commit Graph

6815 Commits

Author SHA1 Message Date
Peter Krempa
3d3de46a67 qemu: Fix deadlock when qemuDomainOpenConsole cleans up a connection
The new safe console handling introduced a possibility to deadlock the
qemu driver when a new console connection forcibly disconnects a
previous console stream that belongs to an already closed connection.

The virStreamFree function calls subsequently a the virReleaseConnect
function that tries to lock the driver while discarding the connection,
but the driver was already locked in qemuDomainOpenConsole.

Backtrace of the deadlocked thread:
0  0x00007f66e5aa7f14 in __lll_lock_wait () from /lib64/libpthread.so.0
1  0x00007f66e5aa3411 in _L_lock_500 () from /lib64/libpthread.so.0
2  0x00007f66e5aa322a in pthread_mutex_lock () from/lib64/libpthread.so.0
3  0x0000000000462bbd in qemudClose ()
4  0x00007f66e6e178eb in virReleaseConnect () from/usr/lib64/libvirt.so.0
5  0x00007f66e6e19c8c in virUnrefStream () from /usr/lib64/libvirt.so.0
6  0x00007f66e6e3d1de in virStreamFree () from /usr/lib64/libvirt.so.0
7  0x00007f66e6e09a5d in virConsoleHashEntryFree () from/usr/lib64/libvirt.so.0
8  0x00007f66e6db7282 in virHashRemoveEntry () from/usr/lib64/libvirt.so.0
9  0x00007f66e6e09c4e in virConsoleOpen () from /usr/lib64/libvirt.so.0
10 0x00000000004526e9 in qemuDomainOpenConsole ()
11 0x00007f66e6e421f1 in virDomainOpenConsole () from/usr/lib64/libvirt.so.0
12 0x00000000004361e4 in remoteDispatchDomainOpenConsoleHelper ()
13 0x00007f66e6e80375 in virNetServerProgramDispatch () from/usr/lib64/libvirt.so.0
14 0x00007f66e6e7ae11 in virNetServerHandleJob () from/usr/lib64/libvirt.so.0
15 0x00007f66e6da897d in virThreadPoolWorker () from/usr/lib64/libvirt.so.0
16 0x00007f66e6da7ff6 in virThreadHelper () from/usr/lib64/libvirt.so.0
17 0x00007f66e5aa0c5c in start_thread () from /lib64/libpthread.so.0
18 0x00007f66e57e7fcd in clone () from /lib64/libc.so.6

* src/qemu/qemu_driver.c: qemuDomainOpenConsole()
        -- unlock the qemu driver right after acquiring the domain
        object
2012-04-11 10:45:53 +02:00
Jiri Denemark
6eede368bc qemu: Warn on possibly incorrect usage of EnterMonitor*
qemuDomainObjEnterMonitor{,WithDriver} should not be called from async
jobs, only EnterMonitorAsync variant is allowed.
2012-04-11 09:57:39 +02:00
Jiri Denemark
08ec1d787f qemu: Track job owner for better debugging
In case an API fails with "cannot acquire state change lock", searching
for the API that possibly forgot to end its job is not always easy.
Let's keep track of the job owner and print it out for easier
identification.
2012-04-11 09:57:39 +02:00
Jiri Denemark
31796e2c1c qemu: Avoid excessive calls to qemuDomainObjSaveJob()
As reported by Daniel Berrangé, we have a huge performance regression
for virDomainGetInfo() due to the change which makes virDomainEndJob()
save the XML status file every time it is called. Previous to that
change, 2000 calls to virDomainGetInfo() took ~2.5 seconds. After that
change, 2000 calls to virDomainGetInfo() take 2 *minutes* 45 secs.

We made the change to be able to recover from libvirtd restart in the
middle of a job. However, only destroy and async jobs are taken care of.
Thus it makes more sense to only save domain state XML when these jobs
are started/stopped.
2012-04-11 09:57:21 +02:00
Eric Blake
9011a494ac build: avoid s390 compiler warnings
I noticed these compiler warnings when building for the s390 architecture.

* src/node_device/node_device_udev.c (udevDeviceMonitorStartup):
Mark unused variable.
* src/nodeinfo.c (linuxNodeInfoCPUPopulate): Avoid unused variable.
2012-04-10 09:51:51 -06:00
Daniel P. Berrange
ddf2dfa1f7 Wire up <loader> to set the QEMU BIOS path
* src/qemu/qemu_command.c: Wire up -bios with <loader>
* tests/qemuxml2argvdata/qemuxml2argv-bios.args,
  tests/qemuxml2argvdata/qemuxml2argv-bios.xml: Expand
  existing BIOS test case to cover <loader>
2012-04-10 16:34:39 +01:00
Daniel P. Berrange
20171c8dc0 Fix comment about GNUTLS initialization/cleanup 2012-04-10 13:42:22 +01:00
MATSUDA, Daiki
257191c9e4 UML: fix iteration over consoles
I found typo in UML driver.

MATSUDA Daiki
2012-04-09 10:21:07 -06:00
Eric Blake
1413560966 snapshot: fix memory leak on error
Leak introduced in commit 0436d32.  If we allocate an actions array,
but fail early enough to never consume it with the qemu monitor
transaction call, we leaked memory.

But our semantics of making the transaction command free the caller's
memory is awkward; avoiding the memory leak requires making every
intermediate function in the call chain check for error.  It is much
easier to fix things so that the function that allocates also frees,
while the call chain leaves the caller's data intact.  To do that,
I had to hack our JSON data structure to make it easy to protect a
portion of an arbitrary JSON tree from being freed.

* src/util/json.h (virJSONType): Name the enum.
(_virJSONValue): New field.
* src/util/json.c (virJSONValueFree): Use it to protect a portion
of an array.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONTransaction): Avoid
freeing caller's data.
* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive):
Free actions array on failure.
2012-04-06 08:39:34 -06:00
Michal Privoznik
650da0e99c qemu_ga: Don't overwrite errors on FSThaw
We can tell qemuDomainSnapshotFSThaw if we want it to report errors or
not. However, if we don't want to and an error has been already set by
previous qemuReportError() we must keep copy of that error not just a
pointer to it. Otherwise, it get overwritten if FSThaw reports an error.
2012-04-06 13:42:04 +02:00
Stefan Bader
fb98da0050 xen config: No vfb in HVM guest configuration
This causes an implicit vkbd device to be added which takes
6min to finally fail being initialized in the guest.

http://lists.xen.org/archives/html/xen-devel/2012-04/msg00409.html

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
2012-04-06 12:54:16 +08:00
Guido Günther
4eb1c2560d virURIParse: don't forget to copy the user part
This got dropped with 300e60e15b

Cheers,
 -- Guido
2012-04-06 11:26:52 +08:00
Alex Jia
80d476a92f conf: Plug memory leaks on virDomainDiskDefParseXML
Detected by valgrind. Leaks are introduced in commit b22eaa7.

* src/conf/domain_conf.c (virDomainDiskDefParseXML): fix memory leaks.

How to reproduce?

% make && make -C tests check TESTS=qemuxml2argvtest
% cd tests && valgrind -v --leak-check=full ./qemuxml2argvtest

actual result:

==2143== 12 bytes in 2 blocks are definitely lost in loss record 74 of 179
==2143==    at 0x4A05FDE: malloc (vg_replace_malloc.c:236)
==2143==    by 0x39D90A67DD: xmlStrndup (xmlstring.c:45)
==2143==    by 0x4F5EC0: virDomainDiskDefParseXML (domain_conf.c:3438)
==2143==    by 0x502F00: virDomainDefParseXML (domain_conf.c:8304)
==2143==    by 0x505FE3: virDomainDefParseNode (domain_conf.c:9080)
==2143==    by 0x5069AE: virDomainDefParse (domain_conf.c:9030)
==2143==    by 0x41CBF4: testCompareXMLToArgvHelper (qemuxml2argvtest.c:105)
==2143==    by 0x41E5DD: virtTestRun (testutils.c:145)
==2143==    by 0x416FA3: mymain (qemuxml2argvtest.c:399)
==2143==    by 0x41DCB7: virtTestMain (testutils.c:700)
==2143==    by 0x39CF01ECDC: (below main) (libc-start.c:226)

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-04-05 17:41:05 +08:00
Ilja Livenson
37075dfe6c openvz: support vzctl 3.1
https://bugzilla.redhat.com/show_bug.cgi?id=809895

Basically, openvz dropped strict version numbering (3.1 vs 3.1.0),
which caused parsing to fail.
2012-04-04 14:32:15 -06:00
Daniel P. Berrange
06180ca433 Add linuxNodeInfoCPUPopulate to src/libvirt_linux.syms
This symbol is used in the test suites

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-04-04 14:33:27 +01:00
Michal Privoznik
ea3bc548ac qemu: Build activeUsbHostdevs list on process reconnect
If the daemon is restarted it will lose list of active
USB devices assigned to active domains. Therefore we need
to rebuild this list on qemuProcessReconnect().
2012-04-04 15:09:41 +02:00
Michal Privoznik
e2f5dd6134 qemu: Delete USB devices used by domain on stop
To prevent assigning one USB device to two domains,
we keep a list of assigned USB devices. On domain
startup - qemuProcessStart() - we insert devices
used by domain into the list but remove them only
on detach-device. Devices are, however, released
on qemuProcessStop() as well.
2012-04-04 15:09:41 +02:00
Michal Privoznik
b2c7b9ee0e qemu: Don't leak temporary list of USB devices
and add debug message when adding USB device
to the list of active devices.
2012-04-04 15:09:41 +02:00
Jiri Denemark
66cab01ae1 qemu: Start nested job in qemuDomainCheckEjectableMedia
Originally, qemuDomainCheckEjectableMedia was entering monitor with qemu
driver lock. Commit 2067e31bf9, which I
made to fix that, revealed another issue we had (but didn't notice it
since the driver was locked): we didn't set nested job when
qemuDomainCheckEjectableMedia is called during migration. Thus the
original fix I made was wrong.
2012-04-02 21:44:27 +02:00
Philipp Hahn
11ec6bd891 Xen: Fix <clock> handling
XenD-3.1 introduced managed domains. HV-domains have rtc_timeoffset
(hgd24f37b31030 from 2007-04-03), which tracks the offset between the
hypervisors clock and the domains RTC, and is persisted by XenD.
In combination with localtime=1 this had a bug until XenD-3.4
(hg5d701be7c37b from 2009-04-01) (I'm not 100% sure how that bug
manifests, but at least for me in TZ=Europe/Berlin I see the previous
offset relative to utc being applied to localtime again, which manifests
in an extra hour being added)

XenD implements the following variants for clock/@offset:
- PV domains don't have a RTC → 'localtime' | 'utc'
- <3.1: no managed domains → 'localtime' | 'utc'
- ≥3.1: the offset is tracked for HV → 'variable'
        due to the localtime=1 bug → 'localtime' | 'utc'
- ≥3.4: the offset is tracked for HV → 'variable'

Current libvirtd still thinks XenD only implements <clock offset='utc'/>
and <clock offset='localtime'/>, which is wrong, since the semantic of
'utc' and 'localtime' specifies, that the offset will be reset on
domain-restart, while with 'variable' the offset is kept. (keeping the
offset over "virsh edit" is important, since otherwise the clock might
jump, which confuses certain guest OSs)

xendConfigVersion was last incremented to 4 by the xen-folks for
xen-3.1.0. I know of no way to reliably detect the version of XenD
(user space tools), which may be different from the version of the
hypervisor (kernel) version! Because of this only the change from
'utc'/'localtime' to 'variable' in XenD-3.1 is handled, not the buggy
behaviour of XenD-3.1 until XenD-3.4.

For backward compatibility with previous versions of libvirt Xen-HV
still accepts 'utc' and 'localtime', but they are returned as 'variable'
on the next read-back from Xend to libvirt, since this is what XenD
implements: The RTC is NOT reset back to the specified time on next
restart, but the previous offset is kept.
This behaviour can be turned off by adding the additional attribute
adjustment='reset', in which case libvirt will report an error instead
of doing the conversion. The attribute can also be used as a shortcut to
offset='variable' with basis='...'.

With these changes, it is also necessary to adjust the xen tests:

"localtime = 0" is always inserted, because otherwise on updates the
value is not changed within XenD.

adjustment='reset' is inserted for all cases, since they're all <
XEND_CONFIG_VERSION_3_1_0, only 3.1 introduced persistent
rtc_timeoffset.

Some statements change their order because code was moved around.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2012-04-02 09:33:54 -06:00
Philipp Hahn
b8bf79aad7 Support clock=variable relative to localtime
Since Xen 3.1 the clock=variable semantic is supported. In addition to
qemu/kvm Xen also knows about a variant where the offset is relative to
'localtime' instead of 'utc'.

Extends the libvirt structure with a flag 'basis' to specify, if the
offset is relative to 'localtime' or 'utc'.

Extends the libvirt structure with a flag 'reset' to force the reset
behaviour of 'localtime' and 'utc'; this is needed for backward
compatibility with previous versions of libvirt, since they report
incorrect XML.

Adapt the only user 'qemu' to the new name.
Extend the RelaxNG schema accordingly.
Document the new 'basis' attribute in the HTML documentation.
Adapt test for the new attribute.

Signed-off-by: Philipp Hahn <hahn@univention.de>
2012-04-02 09:08:31 -06:00
Yuri Chornoivan
867ed7bb9e Fix typos and spacing in messages. 2012-04-02 08:45:56 -06:00
Laine Stump
a4650316d1 qemu: fix memory leak in virDomainGetVcpus
https://bugzilla.redhat.com/show_bug.cgi?id=808979

The leak is really in virProcessInfoGetAffinity, as shown in the
valgrind output given in the above bug report - it calls CPU_ALLOC(),
but then fails to call CPU_FREE().

This leak has existed in every version of libvirt since 0.7.5.
2012-04-02 01:56:02 -04:00
Eric Blake
d400b8fb18 conf: allow fuzz in XML with cur balloon > max
Commit 1b1402b introduced a regression.  Since older libvirt versions
would silently round memory up (until the previous patch), but populated
current memory based on querying the guest, it was possible to have
dumpxml show cur > max by the amount of the rounding.  For example, if
a user requested 1048570 KiB memory (just shy of 1GiB), the qemu
driver would actually run with 1048576 KiB, and libvirt 0.9.10 would
output a current that was 6KiB larger than the maximum.  Situations
where this could have an impact include, but are not limited to,
migration from old to new libvirt, managedsave in old libvirt and
start in new libvirt, snapshot creation in old libvirt and revert in
new libvirt - without this patch, the new libvirt would reject the
VM because of the rounding discrepancy.

Fix things by adding a fuzz factor, and silently clamp current down to
maximum in that case, rather than failing to reparse XML for an existing
VM.  From a practical standpoint, this has no user impact: 'virsh
dumpxml' will continue to query the running guest rather than rely on
the incoming xml, which will see the currect current value, and even if
clamping down occurs during parsing, it will be by at most the fuzz
factor of a megabyte alignment, and rounded back up when passed back to
the hypervisor.

Meanwhile, we continue to reject cur > max if the difference is beyond
the fuzz factor of nearest megabyte.  But this is not a real change in
behavior, since with 0.9.10, even though the parser allowed it, later
in the processing stream we would reject it at the qemu layer; so
rejecting it in the parser just moves error detection to a nicer place.

* src/conf/domain_conf.c (virDomainDefParseXML): Don't reject
existing XML.
Based on a report by Zhou Peng.
2012-03-31 09:33:46 -06:00
Eric Blake
095b0bc46a qemu: reflect any memory rounding back to xml
If we round up a user's memory request, we should update the XML
to reflect the actual value in use by the VM, rather than giving
an artificially small value back to the user.

* src/qemu/qemu_command.c (qemuBuildNumaArgStr)
(qemuBuildCommandLine): Reflect rounding back to XML.
2012-03-31 09:17:35 -06:00
Hendrik Schwartke
2711ac8716 qemu: support live change of the bridge used by a guest network device
This patch was created to resolve this upstream bug:

  https://bugzilla.redhat.com/show_bug.cgi?id=784767

and is at least a partial solution to this RHEL RFE:

  https://bugzilla.redhat.com/show_bug.cgi?id=805071

Previously the only attribute of a network device that could be
modified by virUpdateDeviceFlags() ("virsh update-device") was the
link state; attempts to change any other attribute would log an error
and fail.

This patch adds recognition of a change in bridge device name, and
supports reconnecting the guest's interface to the new device.
Standard audit logs for detaching and attaching a network device are
also generated. Although the current auditing function doesn't log the
bridge being attached to, this will later be changed in a separate
patch.
2012-03-30 20:14:36 -04:00
Eric Blake
8768149545 build: fix build on cygwin
Regression introduced when we changed types in commit 3e2c3d8f6.

We've done this sort of cleanup before (see commit c685993d7).

* src/conf/storage_conf.c (virStoragePoolDefFormat)
(virStorageVolTargetDefFormat): Cast gid_t and uid_t.
2012-03-30 16:51:41 -06:00
Eric Blake
1012dc2933 build: fix mingw ssize_t, syntax check
We are so close to a release that we don't want to pull in a
gnulib submodule update and risk regressions, since there has
been a lot of other gnulib churn upstream.  However, there are
a couple of gnulib issues that are worth fixing in isolation,
by applying local patches to gnulib.

There was an upstream gnulib bug in maint.mk that rendered most
of our syntax checks ineffective (and fixing it flushed out a
minor bug in our code):
https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00194.html

There is still an upstream bug where gnulib uses the wrong type
for ssize_t on mingw; we need the fix now even though it has not
yet been accepted into gnulib:
https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00188.html

* gnulib/local/top/maint.mk.diff: Pick up upstream gnulib
maint.mk.
* gnulib/local/m4/ssize_t.m4.diff: Work around gnulib bug.
* src/libvirt.c: Remove unused header.
* cfg.mk
(exclude_file_name_regexp--sc_prohibit_empty_lines_at_EOF): Exempt
gnulib local files.
2012-03-30 11:10:54 -06:00
Laine Stump
ecde15910a qemu: eliminate nested switch, simplify code
qemuBuildHostNetStr had a switch-within-a-switch where both were
looking at the same variable. This was apparently to take advantage of
code common to three different cases (while also taking care of some
code that was different). However, there were only 2 lines common to
all, one of those can be eliminated by merging it into the
virAsprintfs that are in each case. On top of that, all the extra
empty cases cause Coverity complaints (because they are unreachable),
but absence of the empty cases causes a compile error due to
"enumeration value not handled in switch".

The solution is to just make each toplevel case independent, folding
in the common code to each.
2012-03-30 12:41:18 -04:00
Laine Stump
1133ee2b38 Revert "Set default name for SPICE agent channel"
This patch reverts commit b0e2bb3. Its functionality has been replaced
by commit 3269ee6.
2012-03-30 12:38:52 -04:00
Laine Stump
3269ee657c qemu: set default name for SPICE agent channel when generating command
commit b0e2bb33 set a default value for the SPICE agent channel by
inserting it during parsing of the channel XML. That method of setting
a default is problematic because it makes a format/parse roundtrip
unclean, and experience with setting other values as a side effect of
parsing has led to headaches (e.g. automatically setting a MAC address
in the parser when one isn't specified in the input XML).

This patch does not revert commit b0e2bb33 (it will be reverted in a
separate patch) but adds the alternate implementation of simply
inserting the default value in the appropriate place on the qemu
commandline when no value is provided.
2012-03-30 12:37:52 -04:00
Michal Privoznik
075c8518c6 qemu_agent: Issue guest-sync prior to every command
If we issue guest command and GA is not running, the issuing thread
will block endlessly. We can check for GA presence by issuing
guest-sync with unique ID (timestamp). We don't want to issue real
command as even if GA is not running, once it is started, it process
all commands written to GA socket.
2012-03-30 18:16:17 +02:00
Michal Privoznik
cde3c054fb virnetdevtap: Don't check for flags in virNetDevTapCreateFlags
With latest gnulib we are checking even the lowest level functions
whether they check flags. Moreover, we are shadowing the real error
on system without TUNSETIFF support.
2012-03-30 15:28:59 +02:00
Daniel P. Berrange
454b927630 Fix typo in previous patch
* src/remote/remote_driver.c: s/sizeof(ret)2/sizeof(ret2)/
2012-03-30 12:44:28 +01:00
Daniel P. Berrange
ec8cae93db Consistent style for usage of sizeof operator
The code is splattered with a mix of

  sizeof foo
  sizeof (foo)
  sizeof(foo)

Standardize on sizeof(foo) and add a syntax check rule to
enforce it

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-30 11:47:24 +01:00
Daniel P. Berrange
5d7929af46 Fix some format specifiers for size_t vs ssize_t
A handful of places used %zd for format specifiers even
though the args was size_t, not ssize_t.

* src/remote/remote_driver.c, src/util/xml.c: s/%zd/%zu/

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-30 11:46:56 +01:00
Alex Jia
814fcb9e08 conf: Prevent crash of libvirtd without channel target name
* src/conf/domain_conf.c (virDomainChannelDefCheckABIStability): avoid
  crashing libvirtd due to derefing a NULL pointer.

For details, please see bug:
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=808371

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-03-30 18:10:56 +08:00
Wen Congyang
ff68d6eeb5 fix a deadlock when qemu cannot start
When qemu cannot start, we may call qemuProcessStop() twice.
We have check whether the vm is running at the beginning of
qemuProcessStop() to avoid libvirt deadlock. We call
qemuProcessStop() with driver and vm locked. It seems that
we can avoid libvirt deadlock. But unfortunately we may
unlock driver and vm in the function qemuProcessKill() while
vm->def->id is not -1. So qemuProcessStop() will be run twice,
and monitor will be freed unexpectedly. So we should set
vm->def->id to -1 at the beginning of qemuProcessStop().
2012-03-30 14:21:49 +08:00
Eric Blake
e8aa5a16c9 build: silence recent syntax check violations
An upstream gnulib bug[1] meant that some of our syntax checks
weren't being run.  Fix up our offenders before we upgrade to
a newer gnulib.

[1] https://lists.gnu.org/archive/html/bug-gnulib/2012-03/msg00194.html

* src/util/virnetdevtap.c (virNetDevTapCreate): Use flags.
* tests/lxcxml2xmltest.c (mymain): Strip useless ().
2012-03-29 21:23:59 -06:00
Zhou Peng
a1e50e820b private.syms: Add virNetDevMacVLanRestartWithVPortProfile
virNetDevMacVLanRestartWithVPortProfile is omitted in src/libvirt_private.syms,
which causes link err.
2012-03-29 17:03:37 +02:00
Christian Benvenuti
a02500d010 qemu: Make migration fail when port profile association fails on the dst host
In the current V3 migration protocol, Libvirt does not
check the result of the function

  qemuMigrationVPAssociatePortProfiles

This means that it is possible for a migration to complete
successfully even when the VM loses network connectivity on
the destination host.

With this change libvirt aborts the migration
(during the "finish" step) when the above function fails, that
is to say when at least one of the port profile associations fails.

Signed-off by: Christian Benvenuti <benve@cisco.com>
2012-03-28 10:45:22 -06:00
Christophe Fergeau
b0e2bb33d8 Set default name for SPICE agent channel
libvirt documentation for channels with type 'spicevmc' says that the
'target' child node has:
"an optional attribute name controls how the guest will have access
 to the channel, and defaults to name='com.redhat.spice.0'."

However, this default value is never set in libvirt code base,
there's only a check in qemu_command.c to error out if the name
attribute doesn't have the expected value (if it's set).

This commit sets a default target name for spicevmc channels during
the domain configuration parsing so that the code agrees with the
documentation.
2012-03-28 18:33:32 +02:00
Eric Blake
a14eda311e snapshot: don't pass NULL to QMP command creation
Commit d42a2ff caused a regression in creating a disk-only snapshot
of a qcow2 disk; by passing the wrong variable to the monitor call,
libvirt ended up creating JSON that looked like "format":null instead
of the intended "format":"qcow2".

To make it easier to diagnose this in the future, make JSON creation
error out if "s:arg" is paired with NULL (it is still possible to
use "n:arg" in the rare cases where qemu will accept a null).

* src/qemu/qemu_driver.c
(qemuDomainSnapshotCreateSingleDiskActive): Pass correct value.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMakeCommandRaw):
Improve error message.
2012-03-27 09:34:07 -06:00
Daniel P. Berrange
c91cff255f Add support for setting init argv for LXC
Pass argv to the init binary of LXC, using a new <initarg> element.

* docs/formatdomain.html.in: Document <os> usage for containers
* docs/schemas/domaincommon.rng: Add <initarg> element
* src/conf/domain_conf.c, src/conf/domain_conf.h: parsing and
  formatting of <initarg>
* src/lxc/lxc_container.c: Setup LXC argv
* tests/Makefile.am, tests/lxcxml2xmldata/lxc-systemd.xml,
  tests/lxcxml2xmltest.c, tests/testutilslxc.c,
  tests/testutilslxc.h: Test parsing/formatting of LXC related
  XML parts
2012-03-27 15:52:25 +01:00
Daniel P. Berrange
eb8f31c16b Detect location fo selinux mount point
The SELinux mount point moved from /selinux to /sys/fs/selinux
when systemd came along.

* configure.ac: Probe for SELinux mount point
* src/lxc/lxc_container.c: Use SELinux mount point determined
  by configure.ac
2012-03-27 15:52:25 +01:00
D. Herrendoerfer
bd6b0a052e qemu,util: on restart of libvirt restart vepa callbacks
When libvirtd is restarted, also restart the netlink event
message callbacks for existing VEPA connections and send
a message to lldpad for these existing links, so it learns
the new libvirtd pid.

Signed-off-by: D. Herrendoerfer <d.herrendoerfer@herrendoerfer.name>
2012-03-27 10:48:39 -04:00
Jiri Denemark
2067e31bf9 qemu: Avoid entering monitor with locked driver
This avoids possible deadlock of the qemu driver in case a domain is
begin migrated (in Begin phase) and unrelated connection to qemu driver
is closed at the right time.

I checked all callers of qemuDomainCheckEjectableMedia() and they are
calling this function with qemu driver locked.
2012-03-27 14:18:12 +02:00
Laine Stump
ecb4d92d57 build: fix "missing initializer" error in qemu_process.c
Found when attempting to build on Fedora 17 alpha with:

   ./autogen.sh --system --enable-compile-warnings=error

(this same build command works without problem on Fedora 16). Since
the consumer of the qemuProcessReconnectData doesn't assume that the
other fields of the struct are initialized (although it uses them
internally), the simpler solution is to just switch to C99-style
struct initialization (which doesn't require specification of all
fields).
2012-03-26 17:08:30 -04:00
Laine Stump
cf57d345b5 build: avoid frame size error when building without -O2
libvirt always adds -Werror-frame-larger-than=4096 to the flags when
it builds. When building on Fedora 17, two functions with multiple
1024 buffers declared inside if {} blocks would generate frame size
errors; apparently the version of gcc on Fedora 16 will merge these
multiple buffers into a single buffer even when optimization is off,
but Fedora 17 won't.

The fix is to declare a single 1024 buffer at the top of the two
offending functions, and reuse the single buffer throughout the
functions.
2012-03-26 17:08:30 -04:00
Martin Kletzander
9943276fd2 Cleanup for a return statement in source files
Return statements with parameter enclosed in parentheses were modified
and parentheses were removed. The whole change was scripted, here is how:

List of files was obtained using this command:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$'

Found files were modified with this command:
sed -i -e                                                                 \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'

Then checked for nonsense.

The whole command looks like this:
git grep -l -e '\<return\s*([^()]*\(([^()]*)[^()]*\)*)\s*;' |             \
grep -e '\.[ch]$' -e '\.py$' | xargs sed -i -e                            \
's_^\(.*\<return\)\s*(\(\([^()]*([^()]*)[^()]*\)*\))\s*\(;.*$\)_\1 \2\4_' \
-e 's_^\(.*\<return\)\s*(\([^()]*\))\s*\(;.*$\)_\1 \2\3_'
2012-03-26 14:45:22 -06:00
Eric Blake
70c07e01de Fix and test round-trip of query parameters
When qparams support was dropped in commit bc1ff160, we forgot
to add tests to ensure that viruri can do the same round trip
handling of a URI. This round trip was broken, due to use
of the old 'query' field of xmlUriPtr, instead of the new
'query_raw'

Also, we forgot to report an OOM error.

* tests/viruritest.c (mymain): Add tests based on just-deleted
qparamtest.
(testURIParse): Allow difference in input and expected output.
* src/util/viruri.c (virURIFormat): Add missing error. Use
  query_raw, instead of query for xmlUriPtr object.
2012-03-26 11:23:45 +01:00
Osier Yang
beb76e3742 spec: Add missed dependancy for numad
numad is available since Fedora 17 and RHEL6.X. And it's not supported
on s390[x] and ARM.
2012-03-24 09:35:20 +08:00
Eric Blake
d42a2ffc07 snapshot: improve qemu handling of reused snapshot targets
The oVirt developers have stated that the real reasons they want
to have qemu reuse existing volumes when creating a snapshot are:
1. the management framework is set up so that creation has to be
done from a central node for proper resource tracking, and having
libvirt and/or qemu create things violates the framework, and
2. qemu defaults to creating snapshots with an absolute path to
the backing file, but oVirt wants to manage a backing chain that
uses just relative names, to allow for easier migration of a chain
across storage locations.

When 0.9.10 added VIR_DOMAIN_SNAPSHOT_CREATE_REUSE_EXT (commit
4e9953a4), it only addressed point 1, but libvirt was still using
O_TRUNC which violates point 2.  Meanwhile, the new qemu
'transaction' monitor command includes a new optional mode argument
that will force qemu to reuse the metadata of the file it just
opened (with the burden on the caller to have valid metadata there
in the first place).  So, this tweaks the meaning of the flag to
cover both points as intended for use by oVirt.  It is not strictly
backward-compatible to 0.9.10 behavior, but it can be argued that
the O_TRUNC of 0.9.10 was a bug.

Note that this flag is all-or-nothing, and only selects between
'existing' and the default 'absolute-paths'.  A more flexible
approach that would allow per-disk selections, as well as adding
support for the 'no-backing-file' mode, would be possible by
extending the <domainsnapshot> xml to have a per-disk mode, but
until we have a management application expressing a need for that
additional complexity, it is not worth doing.

* src/libvirt.c (virDomainSnapshotCreateXML): Tweak documentation.
* src/qemu/qemu_monitor.h (qemuMonitorDiskSnapshot): Add
parameters.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONDiskSnapshot):
Likewise.
* src/qemu/qemu_monitor.c (qemuMonitorDiskSnapshot): Pass them
through.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONDiskSnapshot): Use
new monitor command arguments.
* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive)
(qemuDomainSnapshotCreateSingleDiskActive): Adjust callers.
(qemuDomainSnapshotDiskPrepare): Allow qed, modify rules on reuse.
2012-03-23 16:38:20 -06:00
Eric Blake
0436d328f5 snapshot: wire up qemu transaction command
The hardest part about adding transactions is not using the new
monitor command, but undoing the partial changes we made prior
to a failed transaction.

* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive): Use
transaction when available.
(qemuDomainSnapshotUndoSingleDiskActive): New function.
(qemuDomainSnapshotCreateSingleDiskActive): Pass through actions.
(qemuDomainSnapshotCreateXML): Adjust caller.
2012-03-23 16:38:20 -06:00
Eric Blake
64d5e815b7 snapshot: add support for qemu transaction command
QEmu 1.1 is adding a 'transaction' command to the JSON monitor.
Each element of a transaction corresponds to a top-level command,
with the additional guarantee that the transaction flushes all
pending I/O, then guarantees that all actions will be successful
as a group or that failure will roll back the state to what it
was before the monitor command.  The difference between a
top-level command:

{ "execute": "blockdev-snapshot-sync", "arguments":
  { "device": "virtio0", ... } }

and a transaction:

{ "execute": "transaction", "arguments":
  { "actions": [
    { "type": "blockdev-snapshot-sync", "data":
      { "device": "virtio0", ... } } ] } }

is just a couple of changed key names and nesting the shorter
command inside a JSON array to the longer command.  This patch
just adds the framework; the next patch will actually use a
transaction.

* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMakeCommand): Move
guts...
(qemuMonitorJSONMakeCommandRaw): ...into new helper.  Add support
for array element.
(qemuMonitorJSONTransaction): New command.
(qemuMonitorJSONDiskSnapshot): Support use in a transaction.
* src/qemu/qemu_monitor_json.h (qemuMonitorJSONDiskSnapshot): Add
argument.
(qemuMonitorJSONTransaction): New declaration.
* src/qemu/qemu_monitor.h (qemuMonitorTransaction): Likewise.
(qemuMonitorDiskSnapshot): Add argument.
* src/qemu/qemu_monitor.c (qemuMonitorTransaction): New wrapper.
(qemuMonitorDiskSnapshot): Pass argument on.
* src/qemu/qemu_driver.c
(qemuDomainSnapshotCreateSingleDiskActive): Update caller.
2012-03-23 16:38:20 -06:00
Eric Blake
4c4cc1b96d snapshot: rudimentary qemu support for atomic disk snapshot
Taking an external snapshot of just one disk is atomic, without having
to pause and resume the VM.  This also paves the way for later patches
to interact with the new qemu 'transaction' monitor command.

The various scenarios when requesting atomic are:
online, 1 disk, old qemu - safe, allowed by this patch
online, more than 1 disk, old qemu - failure, this patch
offline snapshot - safe, once a future patch implements offline disk snapshot
online, 1 or more disks, new qemu - safe, once future patch uses transaction

Taking an online system checkpoint snapshot is atomic, since it is
done via a single 'savevm' monitor command.  Taking an offline system
checkpoint snapshot is atomic, thanks to the previous patch.

* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateXML): Support
new flag for single-disk setups.
(qemuDomainSnapshotDiskPrepare): Check for atomic here.
(qemuDomainSnapshotCreateDiskActive): Skip pausing the VM when
atomic supported.
(qemuDomainSnapshotIsAllowed): Use bool instead of int.
2012-03-23 16:38:20 -06:00
Eric Blake
922d498e1c snapshot: make offline qemu snapshots atomic
Offline internal snapshots can be rolled back with just a little
bit of refactoring, meaning that we are now automatically atomic.

* src/qemu/qemu_domain.c (qemuDomainSnapshotForEachQcow2): Move
guts...
(qemuDomainSnapshotForEachQcow2Raw): ...to new helper, to allow
rollbacks.
2012-03-23 16:38:20 -06:00
Eric Blake
4d5533ca87 snapshot: add atomic create flag
Right now, it is appallingly easy to cause qemu disk snapshots
to alter a domain then fail; for example, by requesting a two-disk
snapshot where the second disk name resides on read-only storage.
In this failure scenario, libvirt reports failure, but modifies
the live domain XML in-place to record that the first disk snapshot
was taken; and places a difficult burden on the management app
to grab the XML and reparse it to see which disks, if any, were
altered by the partial snapshot.

This patch adds a new flag where implementations can request that
the hypervisor make snapshots atomically; either no changes to
XML occur, or all disks were altered as a group.  If you request
the flag, you either get outright failure up front, or you take
advantage of hypervisor abilities to make an atomic snapshot. Of
course, drivers should prefer the atomic means even without the
flag explicitly requested.

There's no way to make snapshots 100% bulletproof - even if the
hypervisor does it perfectly atomic, we could run out of memory
during the followup tasks of updating our in-memory XML, and report
a failure.  However, these sorts of catastrophic failures are rare
and unlikely, and it is still nicer to know that either all
snapshots happened or none of them, as that is an easier state to
recover from.

* include/libvirt/libvirt.h.in
(VIR_DOMAIN_SNAPSHOT_CREATE_ATOMIC): New flag.
* src/libvirt.c (virDomainSnapshotCreateXML): Document it.
* tools/virsh.c (cmdSnapshotCreate, cmdSnapshotCreateAs): Expose it.
* tools/virsh.pod (snapshot-create, snapshot-create-as): Document
it.
2012-03-23 16:38:20 -06:00
Eric Blake
311357d9e3 snapshot: add qemu capability for 'transaction' command
We need a capability bit to gracefully error out if some of the
additions in future patches can't be implemented by the running qemu.

* src/qemu/qemu_capabilities.h (QEMU_CAPS_TRANSACTION): New cap.
* src/qemu/qemu_capabilities.c (qemuCaps): Name it.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONCheckCommands): Set
it.
2012-03-23 16:38:19 -06:00
Eric Blake
9b6860f5ce build: fix incorrect enum declaration
Recent changes have caused build failures on systems where pdwtags works:
commit a26a196 mistakenly exported a public variable
commits a26a196, 57ddcc2, 487c063 all had copy-paste bugs in
hand-updating the golden API rather than rerunning pdwtags

* include/libvirt/libvirt.h.in (virDomainEventTrayChangeReason):
Make this a typedef, not external storage.
* src/remote_protocol-structs (remote_procedure): Fix spelling.
2012-03-23 14:29:00 -06:00
Daniel P. Berrange
0ceced5868 Fix typo s/virURIFormatQuery/virURIFormatParams/ 2012-03-23 14:27:32 +00:00
Osier Yang
7c5a0c94e4 qemu: Update domain status to running while wakeup event is emitted
This introduces a new running reason VIR_DOMAIN_RUNNING_WAKEUP,
and new suspend event type VIR_DOMAIN_EVENT_STARTED_WAKEUP.

While a wakeup event is emitted, the domain which entered into
VIR_DOMAIN_PMSUSPENDED will be transferred to "running"
with reason VIR_DOMAIN_RUNNING_WAKEUP, and a new domain lifecycle
event emitted with type VIR_DOMAIN_EVENT_STARTED_WAKEUP.
2012-03-23 23:12:29 +08:00
Osier Yang
321fa64bf5 qemu: Update domain state to pmsuspended while suspend event occurs 2012-03-23 23:12:26 +08:00
Osier Yang
54d9026a2c New domain state pmsuspended
This introduces a new domain state pmsuspended to represent
the domain which has been suspended by guest power management,
e.g. (entered itno s3 state). Because a "running" state could
be confused in this case, one will see the guest is paused
actually while playing. And state "paused" is for the domain
which was paused by virDomainSuspend.
2012-03-23 23:12:22 +08:00
Osier Yang
487c063381 Add support for the suspend event
This patch introduces a new event type for the QMP event
SUSPEND:

    VIR_DOMAIN_EVENT_ID_PMSUSPEND

The event doesn't take any data, but considering there might
be reason for wakeup in future, the callback definition is:

typedef void
(*virConnectDomainEventSuspendCallback)(virConnectPtr conn,
                                        virDomainPtr dom,
                                        int reason,
                                        void *opaque);

"reason" is unused currently, always passes "0".
2012-03-23 23:12:18 +08:00
Osier Yang
57ddcc235a Add support for the wakeup event
This patch introduces a new event type for the QMP event
WAKEUP:

    VIR_DOMAIN_EVENT_ID_PMWAKEUP

The event doesn't take any data, but considering there might
be reason for wakeup in future, the callback definition is:

typedef void
(*virConnectDomainEventWakeupCallback)(virConnectPtr conn,
                                       virDomainPtr dom,
                                       int reason,
                                       void *opaque);

"reason" is unused currently, always passes "0".
2012-03-23 23:12:14 +08:00
Osier Yang
2d19e33f97 qemu: Update tray status while tray moved event is emitted
With this patch, libvirt won't start the guest with the medium
source which already ejected by guest when doing migration, or
saving/restoring.
2012-03-23 23:12:09 +08:00
Osier Yang
7fcf943bcd qemu: Prohibit setting tray status as open for block type disk 2012-03-23 23:12:02 +08:00
Osier Yang
ad7db43913 qemu: Do not start with source for removable disks if tray is open
This is similiar with physical world, one will be surprised if the
box starts with medium exists while the tray is open.

New tests are added, tests disk-{cdrom,floppy}-tray are for the qemu
supports "-device" flag, and disk-{cdrom,floppy}-no-device-cap are
for old qemu, i.e. which doesn't support "-device" flag.
2012-03-23 23:11:54 +08:00
Osier Yang
b22eaa7538 conf: Parse and for the tray attribute
The "tray" is only allowed for removable disks, i.e. CDROM and
Floppy disks.
2012-03-23 23:10:34 +08:00
Osier Yang
a26a1969c3 Add support for event tray moved of removable disks
This patch introduces a new event type for the QMP event
DEVICE_TRAY_MOVED, which occurs when the tray of a removable
disk is moved (i.e opened or closed):

    VIR_DOMAIN_EVENT_ID_TRAY_CHANGE

The event's data includes the device alias and the reason
for tray status' changing, which indicates why the tray
status was changed. Thus the callback definition for the event
is:

enum {
    VIR_DOMAIN_EVENT_TRAY_CHANGE_OPEN = 0,
    VIR_DOMAIN_EVENT_TRAY_CHANGE_CLOSE,

\#ifdef VIR_ENUM_SENTINELS
    VIR_DOMAIN_EVENT_TRAY_CHANGE_LAST
\#endif
} virDomainEventTrayChangeReason;

typedef void
(*virConnectDomainEventTrayChangeCallback)(virConnectPtr conn,
                                           virDomainPtr dom,
                                           const char *devAlias,
                                           int reason,
                                           void *opaque);
2012-03-23 23:10:26 +08:00
Prerna Saxena
25d3a2e01f Implement sysinfo on PowerPC.
Libvirt on x86 parses 'dmidecode' to gather characteristics of host
system. On PowerPC, this is now implemented by reading /proc/cpuinfo
NOTE: memory-DIMM information is not presently implemented.

Acked-by: Daniel Veillard <veillard@redhat.com>
Acked-by: Daniel P Berrange <berrange@redhat.com>
Signed-off-by: Prerna Saxena <prerna@linux.vnet.ibm.com>
2012-03-23 21:56:20 +08:00
Daniel P. Berrange
4445e16bfa Lookup auth credentials in config file before prompting
When SASL requests auth credentials, try to look them up in the
config file first. If any are found, remove them from the list
that the user is prompted for

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:07 +00:00
Daniel P. Berrange
c6c66615c2 Refactor code prompting for SASL credentials
SASL may prompt for credentials after either a 'start' or 'step'
invocation. In both cases the code to handle this is the same.
Refactor this code into a separate method to reduce the duplication,
since the complexity is about to grow

* src/remote/remote_driver.c: Refactor interaction with SASL

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:07 +00:00
Daniel P. Berrange
a4fb88b5c9 Add helper API for finding auth file path
* src/util/virauth.c, src/util/virauth.h: Add virAuthGetConfigFilePath
* include/libvirt/virterror.h, src/util/virterror.c: Add
  VIR_FROM_AUTH error domain

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:07 +00:00
Daniel P. Berrange
4262e34eb5 Rename virRequest{Username,Password} to virAuthGet{Username,Password}
Ensure that the functions in virauth.h have names matching the file
prefix, by renaming  virRequest{Username,Password} to
virAuthGet{Username,Password}

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:06 +00:00
Daniel P. Berrange
c8aa3862b1 Rename src/util/authhelper.[ch] to src/util/virauth.[ch]
To follow latest naming conventions, rename src/util/authhelper.[ch]
to src/util/virauth.[ch].

* src/util/authhelper.[ch]: Rename to src/util/virauth.[ch]
* src/esx/esx_driver.c, src/hyperv/hyperv_driver.c,
  src/phyp/phyp_driver.c, src/xenapi/xenapi_driver.c: Update
  for renamed include files

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:06 +00:00
Daniel P. Berrange
f6632f6b7f Add a virKeyfilePtr object for parsing '.ini' files
The '.ini' file format is a useful alternative to the existing
config file style, when you need to have config files which
are hashes of hashes. The 'virKeyFilePtr' object provides a
way to parse these file types.

* src/Makefile.am, src/util/virkeyfile.c,
  src/util/virkeyfile.h: Add .ini file parser
* tests/Makefile.am, tests/virkeyfiletest.c: Test
  basic parsing capabilities

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:06 +00:00
Daniel P. Berrange
bc1ff1600e Convert drivers over to use virURIPtr for query params
Convert drivers currently using the qparams APIs, to instead
use the virURIPtr query parameters directly.

* src/esx/esx_util.c, src/hyperv/hyperv_util.c,
  src/remote/remote_driver.c, src/xenapi/xenapi_utils.c: Remove
  use of qparams
* src/util/qparams.h, src/util/qparams.c: Delete
* src/Makefile.am, src/libvirt_private.syms: Remove qparams

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:24:06 +00:00
Daniel P. Berrange
4ae4ae4ba4 Store parsed query parameters directly in the virURIPtr struct
Avoid the need for each driver to parse query parameters itself
by storing them directly in the virURIPtr struct. The parsing
code is a copy of that from src/util/qparams.c  The latter will
be removed in a later patch

* src/util/viruri.h: Add query params to virURIPtr
* src/util/viruri.c: Parse query parameters when creating virURIPtr
* tests/viruritest.c: Expand test to cover params

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 13:23:12 +00:00
Daniel P. Berrange
300e60e15b Use a libvirt custom struct for virURIPtr
Instead of just typedef'ing the xmlURIPtr struct for virURIPtr,
use a custom libvirt struct. This allows us to fix various
problems with libxml2. This initially just fixes the query vs
query_raw handling problems.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:22 +00:00
Daniel P. Berrange
1f66c18f79 Centralize error reporting for URI parsing/formatting problems
Move error reporting out of the callers, into virURIParse
and virURIFormat, to get consistency.

* include/libvirt/virterror.h, src/util/virterror.c: Add VIR_FROM_URI
* src/util/viruri.c, src/util/viruri.h: Add error reporting
* src/esx/esx_driver.c, src/libvirt.c, src/libxl/libxl_driver.c,
  src/lxc/lxc_driver.c, src/openvz/openvz_driver.c,
  src/qemu/qemu_driver.c, src/qemu/qemu_migration.c,
  src/remote/remote_driver.c, src/uml/uml_driver.c,
  src/vbox/vbox_tmpl.c, src/vmx/vmx.c, src/xen/xen_driver.c,
  src/xen/xend_internal.c, tests/viruritest.c: Remove error
  reporting

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:21 +00:00
Daniel P. Berrange
94410848e1 s/xmlURIPtr/virURIPtr/ in virURIFormat impl
The parameter in the virURIFormat impl mistakenly used the
xmlURIPtr type, instead of virURIPtr. Since they will soon
cease to be identical, this needs fixing

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:21 +00:00
Daniel P. Berrange
c33dae3175 Use virURIFree instead of xmlFreeURI
Since we defined a custom virURIPtr type, we should use a
virURIFree method instead of assuming it will always be
a typedef for xmlURIPtr

* src/util/viruri.c, src/util/viruri.h, src/libvirt_private.syms:
  Add a virURIFree method
* src/datatypes.c, src/esx/esx_driver.c, src/libvirt.c,
  src/qemu/qemu_migration.c, src/vmx/vmx.c, src/xen/xend_internal.c,
  tests/viruritest.c: s/xmlFreeURI/virURIFree/

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2012-03-23 12:59:20 +00:00
Jiri Denemark
1fdc53c385 qemu: Avoid dangling migration-out job when client dies
When a client which started non-p2p migration dies in a bad time, the
source libvirtd never clears the migration job and almost nothing can be
done with the domain without restarting the daemon. This patch makes use
of connection close callbacks and ensures that migration job is properly
discarded when the client disconnects.
2012-03-21 17:31:09 +01:00
Jiri Denemark
527d867a94 qemu: Make autodestroy utilize connection close callbacks 2012-03-21 17:31:09 +01:00
Jiri Denemark
791273603e qemu: Add connection close callbacks
Add support for registering arbitrary callback to be called for a domain
when a connection gets closed.
2012-03-21 17:31:09 +01:00
Jiri Denemark
4f061ea641 qemu: Avoid dangling migration-in job on shutoff domains
Destination daemon should not rely on the client or source daemon
(depending on the type of migration) to call Finish when migration
fails, because the client may crash before it can do so. The domain
prepared for incoming migration is set to be destroyed (and migration
job cleaned up) when connection with the client closes but this is not
enough. If the associated qemu process crashes after Prepare step and
the domain is cleaned up before the connection gets closed, autodestroy
is not called for the domain and migration jobs remains set. In case the
domain is defined on destination host (i.e., it is not completely
removed once destroyed) we keep the job set for ever. To fix this, we
register a cleanup callback which is responsible to clean migration-in
job when a domain dies anywhere between Prepare and Finish steps. Note
that we can't blindly clean any job when spotting EOF on monitor since
normally an API is running at that time.
2012-03-21 17:31:09 +01:00
Jiri Denemark
bf9f0a9726 qemu: Add support for domain cleanup callbacks
Add support for registering cleanup callbacks to be run when a domain
transitions to shutoff state.
2012-03-21 17:31:08 +01:00
Jiri Denemark
9f71368d06 qemu: Use unlimited speed when migrating to file
This reverts commit 61f2b6ba5f and most of
commit d8916dc8e2, which effectively
brings back commit ef1065cf5a written by
Jim Fehlig:

The qemu migration speed default is 32MiB/s as defined in migration.c

/* Migration speed throttling */
static int64_t max_throttle = (32 << 20);

There's no need to throttle migration when targeting a file, so set
migration speed to unlimited prior to migration, and restore to libvirt
default value after migration.

Default units is MB for migrate_set_speed monitor command, so
(INT64_MAX / (1024 * 1024)) is used for unlimited migration speed.

This was reverted because migration to file could not be canceled and
even monitored since qemu was not processing any monitor commands until
the migration finished. This is now different as we make sure the
file descriptor we pass to qemu is able to properly report EAGAIN.
Recent qemu changes might have helped as well.

I tested managedsave with this patch in and indeed, it is 10x faster
while I can still monitor its progress.
2012-03-21 17:26:20 +01:00
Laine Stump
0007237301 conf: forbid use of multicast mac addresses
A few times libvirt users manually setting mac addresses have
complained of a networking failure that ends up being due to a multicast
mac address being used for a guest interface. This patch prevents that
by logging an error and failing if a multicast mac address is
encountered in each of the three following cases:

1) domain xml <interface> mac address.
2) network xml bridge mac address.
3) network xml dhcp/host mac address.

There are several other places where a mac address can be input that
aren't controlled in this manner because failure to do so has no
consequences (e.g., if the address will be used to search through
existing interfaces for a match).

The RNG has been updated to add multiMacAddr and uniMacAddr along with
the existing macAddr, and macAddr was switched to uniMacAddr where
appropriate.
2012-03-19 20:33:30 -04:00
Laine Stump
43d635caf3 conf: return immediately on error in dhcp host element
If an error was encountered parsing a dhcp host entry mac address or
name, parsing would continue and log a less descriptive error that
might make it more difficult to notice the true nature of the problem.

This patch returns immediately on logging the first error.
2012-03-19 20:33:30 -04:00
Laine Stump
5d57104538 util: fail attempts to use same mac address for guest and tap
This patch is in response to:

  https://bugzilla.redhat.com/show_bug.cgi?id=798467

If a guest's tap device is created using the same MAC address the
guest uses for its own network card (which connects to the tap
device), the Linux kernel will log the following message and traffic
will not pass:

 kernel: vnet9: received packet with own address as source address

This patch disallows MAC addresses with a first byte of 0xFE, but only in
the case that the MAC address is used for a guest interface that's
connected by way of a standard tap device. (In other words, the
validation is done at runtime at the same place the MAC address is
modified for the tap device, rather than when mac address is parsed,
the idea being that it is then we know for sure the address will be
problematic.)
2012-03-19 20:33:30 -04:00
Martin Kletzander
d675a922b5 Cpu mapping cleanup
Using inheritance, this patch cleans up the cpu_map.xml file and also
sorts all CPU features according to the feature and registry
values. Model features are sorted the same way as foeatures in the
specification.
Also few models that are related were organized together and parts of
the XML are marked with comments
2012-03-19 11:20:38 -06:00
Eric Blake
7c736bab06 snapshot: make quiesce a bit safer
If a guest is paused, we were silently ignoring the quiesce flag,
which results in unclean snapshots, contrary to the intent of the
flag.  Since we can't quiesce without guest agent support, we should
instead fail if the guest is not running.

Meanwhile, if we attempt a quiesce command, but the guest agent
doesn't respond, and we time out, we may have left the command
pending on the guest's queue, and when the guest resumes parsing
commands, it will freeze even though our command is no longer
around to issue a thaw.  To be safe, we must _always_ pair every
quiesce call with a counterpart thaw, even if the quiesce call
failed due to a timeout, so that if a guest wakes up and starts
processing a command backlog, it will not get stuck in a frozen
state.

* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateDiskActive):
Always issue thaw after a quiesce, even if quiesce failed.
(qemuDomainSnapshotFSThaw): Add a parameter.
2012-03-19 10:58:18 -06:00
Martin Kletzander
3992cfdd79 virConfGetValue: Fixed NULL pointer check
This patch fixes a NULL pointer check that was causing SegFault on
some specific configurations. It also reverts commit 59d0c9801c
that was checking for this value in one place.
2012-03-19 11:42:24 +01:00
Daniel P. Berrange
f987d17511 Fix handling of blkio deviceWeight empty string
A common coding pattern for changing blkio parameters is

  1. virDomainGetBlkioParameters

  2. change one or more params

  3. virDomainSetBlkioParameters

For this to work, it must be possible to roundtrip through
the methods without error. Unfortunately virDomainGetBlkioParameters
will return "" for the deviceWeight parameter for guests by default,
which virDomainSetBlkioParameters will then reject as invalid.

This fixes the handling of "" to be a no-op, and also improves the
error message to tell you what was invalid
2012-03-16 15:05:05 +00:00
Osier Yang
b569c1abc1 remote: Fix migration leaks
How to reproduce:

% valgrind -v --leak-check=full virsh migrate mig \
  qemu+ssh://$dest/system --unsafe

== 8 bytes in 1 blocks are definitely lost in loss record 1 of 28
==    at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==    by 0x3EB7115FB8: xdr_reference (in /lib64/libc-2.12.so)
==    by 0x3EB7115F10: xdr_pointer (in /lib64/libc-2.12.so)
==    by 0x4D1EA84: xdr_remote_string (remote_protocol.c:40)
==    by 0x4D1EAD8: xdr_remote_domain_migrate_prepare3_ret (remote_protocol.c:4772)
==    by 0x4D2FFD2: virNetMessageDecodePayload (virnetmessage.c:382)
==    by 0x4D2789C: virNetClientProgramCall (virnetclientprogram.c:382)
==    by 0x4D0707D: callWithFD (remote_driver.c:4549)
==    by 0x4D070FB: call (remote_driver.c:4570)
==    by 0x4D12AEE: remoteDomainMigratePrepare3 (remote_driver.c:4138)
==    by 0x4CF7BE9: virDomainMigrateVersion3 (libvirt.c:4815)
==    by 0x4CF9432: virDomainMigrate2 (libvirt.c:5454)
==
== LEAK SUMMARY:
==    definitely lost: 8 bytes in 1 blocks
==    indirectly lost: 0 bytes in 0 blocks
==      possibly lost: 0 bytes in 0 blocks
==    still reachable: 126,995 bytes in 1,343 blocks
==         suppressed: 0 bytes in 0 blocks

This patch also fixes the leaks in remoteDomainMigratePrepare and
remoteDomainMigratePrepare2.
2012-03-16 19:52:43 +08:00
Alex Jia
8233dcc79b libvirt: fix comment typo
* src/libvirt.c (virStorageVolResize): correct comment typo according to
  virStorageVolResizeFlags enum definition.

Signed-off-by: Alex Jia <ajia@redhat.com>
2012-03-16 17:59:41 +08:00
Daniel P. Berrange
10a8b1f958 Add support for forcing a private network namespace for LXC guests
If no <interface> elements are included in an LXC guest XML
description, then the LXC guest will just see the host's
network interfaces. It is desirable to be able to hide the
host interfaces, without having to define any guest interfaces.

This patch introduces a new feature flag <privnet/> to allow
forcing of a private network namespace for LXC. In the future
I also anticipate that we will add <privuser/> to force a
private user ID namespace.

* src/conf/domain_conf.c, src/conf/domain_conf.h: Add support
  for <privnet/> feature. Auto-set <privnet> if any <interface>
  devices are defined
* src/lxc/lxc_container.c: Honour request for private network
  namespace
2012-03-15 17:00:39 +00:00