Commit Graph

13155 Commits

Author SHA1 Message Date
Laine Stump
f9f9699f40 util: eliminate "use after free" in callers of virNetDevLinkDump
virNetDevLinkDump() gets a message from netlink into "resp", then
calls nlmsg_parse() to fill the table "tb" with pointers into resp. It
then returns tb to its caller, but not before freeing the buffer at
resp. That means that all the callers of virNetDevLinkDump() are
examining memory that has already been freed. This can be verified by
filling the buffer at resp with garbage prior to freeing it (or, I
suppose, just running libvirtd under valgrind) then performing some
operation that calls virNetDevLinkDump().

The code has been like this ever since virNetDevLinkDump() was written
- the original author didn't notice it, and neither did later
additional users of the function. It has only been pure luck (or maybe
a lack of heavy load, and/or maybe an allocation algorithm in malloc()
that delays re-use of just-freed memory) that has kept this from
causing errors, for example when configuring a PCI passthrough or
macvtap passthrough network interface.

The solution taken in this patch is the simplest - just return resp to
the caller along with tb, then have the caller free it after they are
finished using the data (pointers) in tb. I alternately could have
made a cleaner interface by creating a new struct that put tb and resp
together along with a vir*Free() function for it, but this function is
only used in a couple places, and I'm not sure there will be
additional new uses of virNetDevLinkDump(), so the value of adding a
new type, extra APIs, etc. is dubious.
2014-10-26 12:23:23 -04:00
Shanzhi Yu
22b185343d vbox: network: make sure driver is not NULL in virRegisterNetworkDriver
libvirtd will report below error if it does not make sure driver was not NULL
in virRegisterNetworkDriver

$ libvirtd
2014-10-24 09:24:36.443+0000: 28876: info : libvirt version: 1.2.10
2014-10-24 09:24:36.443+0000: 28876: error : virRegisterNetworkDriver:549 : driver in virRegisterNetworkDriver must not be NULL
2014-10-24 09:24:36.443+0000: 28876: error : virDriverLoadModule:99 : Failed module registration vboxNetworkRegister

Signed-off-by: Shanzhi Yu <shyu@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-24 11:16:19 -06:00
Daniel P. Berrange
e8656ce13c Add new driver-*.h files to DRIVER_SOURCES
The recently added driver-*.h files were not listed in the
Makefile.am causing them to be missed when creating dists.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-10-24 17:39:48 +01:00
Daniel P. Berrange
0d36a5d05a Fix indentation of sysinfo data
The <sysinfo> data block was indented by 2 spaces too many.
This was missed because we never had any test validating
the XML formatting.
2014-10-24 17:23:52 +01:00
Daniel P. Berrange
0399b188ac Move virConnect/virNode related APIs out of libvirt.c
Introduce a src/libvirt-host.c file to hold all the
methods related to the virConnect type.
2014-10-24 16:59:58 +01:00
Daniel P. Berrange
67c08fccdc Move virDomain related APIs out of libvirt.c
Introduce a src/libvirt-domain.c file to hold all the
methods related to the virDomain type.
2014-10-24 16:59:56 +01:00
Daniel P. Berrange
8444015446 Make virTypedParameterValidateSet non-static
The virTypedParameterValidateSet method will need to be used
from several libvirt-*.c files so must be non-static

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-10-24 16:54:48 +01:00
Daniel P. Berrange
36b5d006c1 Move virStorage{Pool,Vol} related APIs out of libvirt.c
Introduce a src/libvirt-storage.c file to hold all the
methods related to the virStorage{Pool,Vol} types.
2014-10-24 16:49:10 +01:00
Daniel P. Berrange
0c94d78bb5 Move virStream related APIs out of libvirt.c
Introduce a src/libvirt-stream.c file to hold all the
methods related to the virStream type.
2014-10-24 16:42:49 +01:00
Daniel P. Berrange
d83ccd6e61 Move virSecret related APIs out of libvirt.c
Introduce a src/libvirt-secret.c file to hold all the
methods related to the virSecret type.
2014-10-24 16:39:05 +01:00
Daniel P. Berrange
e33ed8cdfe Move virNodeDevice related APIs out of libvirt.c
Introduce a src/libvirt-nodedev.c file to hold all the
methods related to the virNodeDevice type.
2014-10-24 16:26:55 +01:00
Daniel P. Berrange
35ed98755f Move virNWFilter related APIs out of libvirt.c
Introduce a src/libvirt-nwfilter.c file to hold all the
methods related to the virNWFilter type.
2014-10-24 16:15:46 +01:00
Daniel P. Berrange
6e01ef230b Move virInterface related APIs out of libvirt.c
Introduce a src/libvirt-interface.c file to hold all the
methods related to the virInterface type.
2014-10-24 16:08:28 +01:00
Daniel P. Berrange
4e00b6bc6a Move virNetwork related APIs out of libvirt.c
Introduce a src/libvirt-network.c file to hold all the
methods related to the virNetwork type.
2014-10-24 16:00:21 +01:00
Daniel P. Berrange
62cf32d0c9 Move virDomainSnapshot related APIs out of libvirt.c
Introduce a src/libvirt-domain-snapshot.c file to hold all the
methods related to the virDomainSnapshot type.
2014-10-24 15:59:22 +01:00
Eric Blake
0be3403db6 hyperv: avoid query memleaks on failure
The function hypervEnumAndPull consumes query on success, but leaked
it on failure.  Rather than having to change all callers (many of
them indirect callers through the generated
hypervGetMsvmComputerSystemList), it was easier to just guarantee
that the buffer is cleaned on return from the function.

* src/hyperv/hyperv_wmi.c (hypervEnumAndPull): Don't leak query on
failure.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-23 17:11:56 -06:00
Daniel P. Berrange
d21d35e335 Split driver.h into multiple parts
With the large number of APIs in libvirt the driver.h file,
it is easy to get lost looking for things. Split each driver
into a separate header file based on the functional driver
groups.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-10-23 11:10:05 +01:00
Daniel P. Berrange
931dff992e Rename virDriver to virHypervisorDriver
To prepare for introducing a single global driver, rename the
virDriver struct to virHypervisorDriver and the registration
API to virRegisterHypervisorDriver()
2014-10-23 11:09:54 +01:00
Erik Skultety
43b67f2e71 qemu: Disallow NUMA/network tuning for session mode
Tuning NUMA or network interface parameters requires root
privileges to manage cgroups. Thus an attempt to set some of these
parameters in session mode on a running domain should be invalid
followed by an error. An example might be memory tuning which raises
an error in such case.

The following behavior in session mode will be present after applying
this patch:

  Tuning  |      SET      |   GET  |
----------|---------------|--------|
NUMA      | shut off only | always |
Memory    |     never     | never  |
Interface |     never     | always |

Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1126762
2014-10-22 14:35:06 -04:00
Peter Krempa
19b1ee42b4 qemu: migration: Make check for empty hook XML robust
Also consider whitespace only strings returned from the hook as empty
result.
2014-10-22 17:51:31 +02:00
Peter Krempa
e386779937 qemu: restore: Fix restoring of VM when the restore hook returns empty XML
The documentation for the restore hook states that returning an empty
XML is equivalent with copying the input. There was a bug in the code
checking the returned string by checking the string instead of the
contents. Use the new helper to check if the string is empty.
2014-10-22 17:51:31 +02:00
Peter Krempa
0eeafeedeb util: string: Add helper to check whether string is empty
The helper checks whether a string contains only whitespace or is NULL.
This will be helpful to skip cases where a user string is optional, but
may be provided empty with the same meaning.
2014-10-22 17:51:18 +02:00
Rick Harris
7e037f64c0 Add support for /run/initctl
Newer versions of Debian use '/run/initctl' instead of '/dev/initctl'.
This patch updates the code to search for the FIFO from a list of
well-known locations.
2014-10-22 13:09:49 +01:00
Roman Bogorodskiy
82e4f85ce0 Fix cast errors with clang
Build with clang fails with:

  CC       util/libvirt_util_la-virsocketaddr.lo
util/virsocketaddr.c:904:17: error: cast from 'struct sockaddr *' to
'struct sockaddr_in *' increases required alignment from 1 to 4
[-Werror,-Wcast-align]
        inet4 = (struct sockaddr_in*) res->ai_addr;
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
util/virsocketaddr.c:909:17: error: cast from 'struct sockaddr *' to
'struct sockaddr_in6 *' increases required alignment from 1 to 4
[-Werror,-Wcast-align]
        inet6 = (struct sockaddr_in6*) res->ai_addr;
                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.

Fix that by replacing virSocketAddrParseInternal() call with
virSocketAddrParse() in the virSocketAddrIsNumericLocalhost() function.
virSocketAddrParse stores an address in virSocketAddr.
virSocketAddr uses a union to store an address, so it doesn't
need casting.
2014-10-22 12:54:38 +04:00
Martin Kletzander
9661ac2f46 qemu: unref cfg after TerminateMachine has been called
Commit 4882618ed1 added the code that
requests driver cfg, but forgot to unref it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-21 13:54:09 +02:00
Lubomir Rintel
afe8f4200f qemu: x86_64 is good enough for i686
virt-manager on Fedora sets up i686 hosts with "/usr/bin/qemu-kvm" emulator,
which in turn unconditionally execs qemu-system-x86_64 querying capabilities
then fails:

Error launching details: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'

Traceback (most recent call last):
  File "/usr/share/virt-manager/virtManager/engine.py", line 748, in _show_vm_helper
    details = self._get_details_dialog(uri, vm.get_connkey())
  File "/usr/share/virt-manager/virtManager/engine.py", line 726, in _get_details_dialog
    obj = vmmDetails(conn.get_vm(connkey))
  File "/usr/share/virt-manager/virtManager/details.py", line 399, in __init__
    self.init_details()
  File "/usr/share/virt-manager/virtManager/details.py", line 784, in init_details
    domcaps = self.vm.get_domain_capabilities()
  File "/usr/share/virt-manager/virtManager/domain.py", line 518, in get_domain_capabilities
    self.get_xmlobj().os.machine, self.get_xmlobj().type)
  File "/usr/lib/python2.7/site-packages/libvirt.py", line 3492, in getDomainCapabilities
    if ret is None: raise libvirtError ('virConnectGetDomainCapabilities() failed', conn=self)
libvirtError: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'

Journal:

Oct 16 21:08:26 goatlord.localdomain libvirtd[1530]: invalid argument: architecture from emulator 'x86_64' doesn't match given architecture 'i686'
2014-10-21 13:36:25 +02:00
Zhou yimin
411cea638f qemu: move setting emulatorpin ahead of monitor showing up
If VM is configured with many devices(including passthrough devices)
and large memory, libvirtd will take seconds(in the worst case) to
wait for monitor. In this period the qemu process may run on any
PCPU though I intend to pin emulator to the specified PCPU in xml
configuration.

Actually qemu process takes high cpu usage during vm startup.
So this is not the strict CPU isolation in this case.

Signed-off-by: Zhou yimin <zhouyimin@huawei.com>
2014-10-21 12:26:38 +02:00
Maxime Leroy
302720742f conf: tests: fix virDomainNetDefFormat for vhost-user in client mode
The mode attribute is required for the source element of vhost-user.
Thus virDomainNetDefFormat should always generate a xml with it and not
only when the mode is server.

The commit fixes the issue. And it adds a vhostuser interface in
'client' mode to qemuxml2argv-net-vhostuser.(args|xml) to test this
usecase.

Signed-off-by: Maxime Leroy <maxime.leroy@6wind.com>
2014-10-20 08:58:09 +02:00
Jim Fehlig
793a91f8e1 libxl: add missing 'break' from commit 1298daca
Add missing 'break's from commit 1298daca, as noted by John Ferlan

https://www.redhat.com/archives/libvir-list/2014-October/msg00430.html
2014-10-16 12:42:13 -06:00
Peter Krempa
e9a1c4384c qemu: Convert qemuDomainUpdateDeviceConfig to typecasted enum 2014-10-15 12:39:30 +02:00
Peter Krempa
fa3701a94c qemu: Convert qemuDomainDetachDeviceConfig to typecasted enum 2014-10-15 12:39:30 +02:00
Peter Krempa
2536b1b952 qemu: Convert qemuDomainAttachDeviceConfig to typecasted enum 2014-10-15 12:39:29 +02:00
Peter Krempa
714dff938c qemu: Convert qemuDomainUpdateDeviceLive to typecasted enum 2014-10-15 12:39:29 +02:00
Peter Krempa
9bb21f4287 qemu: Convert qemuDomainDetachDeviceLive to typecasted enum 2014-10-15 12:39:29 +02:00
Chen Fan
fb41a3eee2 conf: fix an memory leak in virSocketAddrIsNumericLocalhost()
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-10-15 11:56:00 +02:00
Peter Krempa
3b9a26a325 conf: Move definition of virDomainParseMemory
Shove it to the top of the file so that it can be reused earlier.
2014-10-15 10:27:51 +02:00
Peter Krempa
0b73366945 Implement empty post parse callbacks for all drivers
To allow easy implementation of a callback check this patch adds empty
post parse callbacks to drivers that were missing them.
2014-10-15 10:27:51 +02:00
Peter Krempa
6908f8cab3 qemu: monitor: Add functions for object hot-add/remove
To allow live modification of device backends in qemu libvirt needs to
be able to hot-add/remove "objects". Add monitor backend functions to
allow this.

This function will be used for hot-add/remove of RNG backends,
IOThreads, memory backing objects, etc.
2014-10-15 10:27:50 +02:00
Peter Krempa
ddf52d01f8 util: json: Add option to skip adding a JSON object if it is NULL
Add a new option specifier that will optionally add a JSON key=value pair
containing a nested object if the added object isn't NULL.
2014-10-15 10:27:50 +02:00
Peter Krempa
81069ae3f5 util: json: Improve handling and docs for adding JSON objects
The JSON structure constructor has an option to add JSON arrays to the
constructed object. The description is inaccurate as it can add any json
object even a dict. Change the docs to cover this option and reject
adding NULL objects.
2014-10-15 10:27:50 +02:00
Peter Krempa
881c46595e util: json: Split out code to create json value objects
Our qemu monitor code has a converter from key-value pairs to a json
value object. I want to re-use the code later and having it part of the
monitor command generator is inflexible. Split it out into a separate
helper.
2014-10-15 10:27:50 +02:00
Peter Krempa
3444fdefb1 qemu: hotplug: Use typecasted switch statement when plugging new devices 2014-10-15 10:27:50 +02:00
Peter Krempa
3d6c07f7f8 conf: Add compile time check that devices were checked for ABI stability
As in the device info iterator add a switch that will force the compiler
to check that new device types are added to the ABI stability checker.
2014-10-15 10:27:50 +02:00
Peter Krempa
e7d67e7bad conf: shmem: Add ABI stability check
Although the device will probably inhibit migration add checks to make
sure that the configuration change gets caught.
2014-10-15 10:27:50 +02:00
Peter Krempa
ac5979edc4 conf: Improve adding of new address types
Use typecasted switch statement and note the type used to select the
address type in a comment.
2014-10-15 10:27:50 +02:00
Cole Robinson
fe6aff3b81 libvirt: Document UNDEFINE_NVRAM in UndefineFlags doc 2014-10-15 10:16:13 +02:00
Chen Fan
bcf54e600f conf: fix a wrong comment in virSocketAddrNumericFamily()
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-10-15 10:11:38 +02:00
Chen Fan
5e0561e115 conf: Check whether migration_address is localhost
When enabling the migration_address option, by default it is
set to "127.0.0.1", but it's not a valid address for migration.
so we should add verification and set the default migration_address
to "0.0.0.0".

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-10-15 09:25:33 +02:00
Chen Fan
24c1603762 conf: add check if migration_host is a localhost address
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-10-15 09:25:33 +02:00
Chen Fan
69f7b67d55 migration: add migration_host support for IPv6 address without brackets
if specifying migration_host to an Ipv6 address without brackets,
it was resolved to an incorrect address, such as:
    tcp:2001:0DB8::1428:4444,
but the correct address should be:
    tcp:[2001:0DB8::1428]:4444
so we should add brackets when parsing it.

Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-10-15 09:25:33 +02:00
Ján Tomko
6c31911a96 Introduce virStringStripIPv6Brackets
Helper function to strip the brackets from an IPv6 address.
Tested by viruritest.
2014-10-15 09:25:33 +02:00
Wang Rui
8adcc1bf5b conf: improve the comments for "xmlopt"
Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
2014-10-13 09:34:59 -06:00
Martin Kletzander
4d2a8a0a0c Fix leftover typo '&' -> '&&'
The actual origin of this so called typo are two commits.  The first one
was commit 72f8a7f that came up with the following condition:

if ((i == 8) & (flags & VIR_QEMU_PROCESS_KILL_FORCE))

Fortunately this succeeded thanks to bool being (int)1 and
VIR_QEMU_PROCESS_KILL_FORCE having the value of 1 << 0.  The check was
then moved and altered in 8fd3823117 to
current state:

if ((i == 50) & force)

that will work again (both sides of '&' being booleans), but since this
was missed so many times, it may pose a problem in the future in case it
gets copy-pasted again.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-12 13:41:47 +02:00
Stefan Bader
1298daca29 libxl: Implement basic video device selection
This started as an investigation into an issue where libvirt (using the
libxl driver) and the Xen host, like an old couple, could not agree on
who is responsible for selecting the VNC port to use.

Things usually (and a bit surprisingly) did work because, just like that
old couple, they had the same idea on what to do by default. However it
was possible that this ended up in a big argument.

The problem is that display information exists in two different places:
in the vfbs list and in the build info. And for launching the device model,
only the latter is used. But that never gets initialized from libvirt. So
Xen allows the device model to select a default port while libvirt thinks
it has told Xen that this is done by libvirt (though the vfbs config).

While fixing that, I made a stab at actually evaluating the configuration
of the video device. So that it is now possible to at least decide between
a Cirrus or standard VGA emulation and to modify the VRAM within certain
limits using libvirt.

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-10-10 15:08:45 -06:00
Jim Fehlig
c5a003508f libxl: Add function to determine device model type
This patch introduces a function to detect whether the specified
emulator is QEMU_XEN or QEMU_XEN_TRADITIONAL.  Detection is based on the
string "Options specific to the Xen version:" in '$qemu -help' output.
AFAIK, the only qemu containing that string in help output is the
old Xen fork (aka qemu-dm).

Note:
QEMU_XEN means a qemu that contains support for Xen.

QEMU_XEN_TRADITIONAL means Xen's old forked qemu 0.10.2

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-10-10 15:08:40 -06:00
Jim Fehlig
9320c3ff19 Xen: Defer setting default vram value to Xen drivers
Allow the Xen drivers to determine default vram values.  Sane
default vaules depend on the device model being used, so the
drivers are in the best position to determine the defaults.

For the legacy xen driver, it is best to maintain the existing
logic for setting default vram values to ensure there are no
regressions.  The libxl driver currently does not support
configuring a video device.  Support will be added in a
subsequent patch, where the benefit of this change will be
reaped.

Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-10-10 15:08:36 -06:00
Jim Fehlig
be28ae1658 libxl: Copy user-specified keymap to libxl build info struct
Commit 4dfc34c3 missed copying the user-specified keymap to
libxl_domain_build_info struct when creating a VFB device.

Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
2014-10-10 15:08:33 -06:00
Shanzhi Yu
566d5de7bf qemu: save domain status after set domain's numa parameters
After set domain's numa parameters for running domain, save the change,
save the change into live xml is needed to survive restarting the libvirtd,
same story with bug 1146511; meanwihle add call
qemuDomainObjBeginJob/qemuDomainObjEndJob in qemuDomainSetNumaParameters

Signed-off-by: Shanzhi Yu <shyu@redhat.com>
2014-10-09 11:50:51 +02:00
Shanzhi Yu
99fe8755b9 qemu: call qemuDomainObjBeginJob/qemuDomainObjEndJob in qemuDomainSetInterfaceParameters
add call qemuDomainObjBeginJob/qemuDomainObjEndJob in
qemuDomainSetInterfaceParameters

Signed-off-by: Shanzhi Yu <shyu@redhat.com>
2014-10-09 11:50:39 +02:00
Shanzhi Yu
bde879c184 qemu: save domain status after set the blkio parameters
After set the blkio parameters for running domain, save the change into
live xml is needed to survive restarting the libvirtd, same story with
bug 1146511, meanwhile add call qemuDomainObjBeginJob/qemuDomainObjEndJob
in qemuDomainSetBlkioParameters

Signed-off-by: Shanzhi Yu <shyu@redhat.com>
2014-10-09 11:50:26 +02:00
Jiri Denemark
b9f1f46470 Fix build-time pkg-config files in VPATH
The pkg-config files in src/ make it pretty easy to build language
bindings against an uninstalled libvirt, however, they don't work with
VPATH builds. The reason is that all *-api.xml files are generated in
source rather than build directory.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-10-09 08:03:54 +02:00
Michal Privoznik
ebc0526396 security_selinux: Don't relabel /dev/net/tun
https://bugzilla.redhat.com/show_bug.cgi?id=1147057

The code for relabelling the TAP FD is there due to a race. When
libvirt creates a /dev/tapN device it's labeled as
'system_u:object_r:device_t:s0' by default. Later, when
udev/systemd reacts to this device, it's relabelled to the
expected label 'system_u:object_r:tun_tap_device_t:s0'. Hence, we
have a code that relabels the device, to cut the race down. For
more info see ae368ebfcc.

But the problem is, the relabel function is called on all TUN/TAP
devices. Yes, on /dev/net/tun too. This is however a special kind
of device - other processes uses it too. We shouldn't touch it's
label then.

Ideally, there would an API in SELinux that would label just the
passed FD and not the underlying path. That way, we wouldn't need
to care as we would be not labeling /dev/net/tun but the FD
passed to the domain. Unfortunately, there's no such API so we
have to workaround until then.

Tested-by: Richard W.M. Jones <rjones@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-10-08 15:15:58 +02:00
Ján Tomko
eb39605166 Fix build with older libcurl
Add ATTRIBUTE_UNUSED marker to the unused timeout_ms option
in esxVI_MultiCURL_TimerCallback.

Introduced by commit 125007d.
2014-10-08 09:13:40 +02:00
Matthias Bolte
a0f19e2f5b esx: Implement virDomainScreenshot using libcurl stream driver
This implementation uses the https://esx-server/screen?id=<id> way to get
a screenshot of a running domain. Compared to the CreateScreenshot_Task
way this works since ESX 2.5 while CreateScreenshot_Task was added in
version 4.0.

The newly added libcurl stream driver is used to directly provide the
downloaded data without saving it to a temporary file first.
2014-10-07 22:29:30 +02:00
Matthias Bolte
125007d373 esx: Add libcurl based stream driver
This allows to implement libvirt functions that use streams, such as
virDoaminScreenshot, without the need to store the downloaded data in
a temporary file first. The stream driver directly interacts with
libcurl to send and receive data.

The driver uses the libcurl multi interface that allows to do a transfer
in multiple curl_multi_perform() calls. The easy interface would do the
whole transfer in a single curl_easy_perform() call. This doesn't work
with the libvirt stream API that is driven by multiple calls to the
virStreamSend() and virStreamRecv() functions.

The curl_multi_wait() function is used to do blocking operations. But it
was added in libcurl 7.28.0. For older versions it is emulated using the
socket callback of the multi interface.

The current driver only supports blocking operations. There is already
some code in place for non-blocking mode but it is not complete.
2014-10-07 22:05:49 +02:00
Laine Stump
db6b738dde qemu: change macvtap device MAC address in response to NIC_RX_FILTER_CHANGED
This patch fills in the functionality of
processNicRxFilterChangedEvent().  It now checks if it is appropriate
to respond to the NIC_RX_FILTER_CHANGED event (based on device type
and configuration) and takes appropriate action. Currently it checks
if the guest interface has been configured with
trustGuestRxFilters='yes', and if the host side device is macvtap. If
so, and the MAC address on the guest has changed, the MAC address of
the macvtap device is changed to match.

The result of this is that networking from the guest will continue to
work if the mac address of a macvtap-connected network device is
changed from within the guest, as long as trustGuestRxFilters='yes'
(previously changing the MAC address in the guest would break
networking).
2014-10-06 13:52:37 -04:00
Laine Stump
b6bdda458a qemu: setup infrastructure to handle NIC_RX_FILTER_CHANGED event
NIC_RX_FILTER_CHANGED is sent by qemu any time a NIC driver in the
guest modified the NIC's RX Filter (for example, if the MAC address of
the NIC is changed by the guest).

This patch doesn't do anything useful with that event; it just sets up
all the plumbing to get news of the event into a worker thread with
all proper locking/reference counting, and provide an easy place to
add in desired functionality.

See src/qemu/EVENTHANDLERS.txt for information/instructions on adding
a libvirt-internal handler for a qemu event (using
NIC_RX_FILTER_CHANGED as an example).
2014-10-06 13:50:57 -04:00
Laine Stump
ac4f8be422 qemu: add short document on qemu event handlers
This text was in the commit log for the patch that added the event
handler for NIC_RX_FILTER_CHANGED, and John Ferlan expressed a desire
that the information not be "lost", so I've put it into a file in the
qemu directory, hoping that it might catch the attention of future
writers of handlers for qemu events.
2014-10-06 13:50:57 -04:00
Laine Stump
ab989962d4 qemu: qemuMonitorQueryRxFilter - retrieve guest netdev rx-filter
This function can be called at any time to get the current status of a
guest's network device rx-filter. In particular it is useful to call
after libvirt recieves a NIC_RX_FILTER_CHANGED event - this event only
tells you that something has changed in the rx-filter, the details are
retrieved with the query-rx-filter monitor command (only available in
the json monitor). The command sent to the qemu monitor looks like this:

  {"execute":"query-rx-filter", "arguments": {"name":"net2"} }'

and the results will look something like this:

{
    "return": [
        {
            "promiscuous": false,
            "name": "net2",
            "main-mac": "52:54:00:98:2d:e3",
            "unicast": "normal",
            "vlan": "normal",
            "vlan-table": [
                42,
                0
            ],
            "unicast-table": [

            ],
            "multicast": "normal",
            "multicast-overflow": false,
            "unicast-overflow": false,
            "multicast-table": [
                "33:33:ff:98:2d:e3",
                "01:80:c2:00:00:21",
                "01:00:5e:00:00:fb",
                "33:33:ff:98:2d:e2",
                "01:00:5e:00:00:01",
                "33:33:00:00:00:01"
            ],
            "broadcast-allowed": false
        }
    ],
    "id": "libvirt-14"
}

This is all parsed from JSON into a virNetDevRxFilter object for
easier consumption. (unicast-table is usually empty, but is also an
array of mac addresses similar to multicast-table).

(NB: LIBNL_CFLAGS was added to tests/Makefile.am because virnetdev.h
now includes util/virnetlink.h, which includes netlink/msg.h when
appropriate. Without LIBNL_CFLAGS, gcc can't find that file (if
libnl/netlink isn't available, LIBNL_CFLAGS will be empty and
virnetlink.h won't try to include netlink/msg.h anyway).)
2014-10-06 13:32:38 -04:00
Laine Stump
aa7c595a31 util: define virNetDevRxFilter and basic utility functions
This same structure will be used to retrieve RX filter info for
interfaces on the host via netlink messages, and RX filter info for
interfaces on the guest via the qemu "query-rx-filter" command.
2014-10-06 13:30:53 -04:00
Laine Stump
cfddf59cee network: set interface actual trustGuestRxFilters from network/portgroup
As is done with other items such as vlan, virtualport, and bandwidth,
set the actual trustGuestRxFilters value to be used by a domain
interface according to a merge of the same attribute in the interface,
portgroup, and network in use. the interface setting always takes
precedence (if specified), followed by portgroup, and finally the
setting in the network is used if it's not specified in the interface
or portgroup.
2014-10-06 11:58:57 -04:00
Laine Stump
07450cd429 conf: add trustGuestRxFilters attribute to network and domain interface
This new attribute will control whether or not libvirt will pay
attention to guest notifications about changes to network device mac
addresses and receive filters. The default for this is 'no' (for
security reasons). If it is set to 'yes' *and* the specified device
model and connection support it (currently only macvtap+virtio) then
libvirt will watch for NIC_RX_FILTER_CHANGED events, and when it
receives one, it will issue a query-rx-filter command, retrieve the
result, and modify the host-side macvtap interface's mac address and
unicast/multicast filters accordingly.

The functionality behind this attribute will be in a later patch. This
patch merely adds the attribute to the top-level of a domain's
<interface> as well as to <network> and <portgroup>, and adds
documentation and schema/xml2xml tests. Rather than adding even more
test files, I've just added the net attribute in various applicable
places of existing test files.
2014-10-06 11:49:10 -04:00
John Ferlan
b7890a8c28 qemu: Remove possible NULL deref in debug output
Check for !dev->info.alias was done after a VIR_DEBUG() statement
that already tried to print - just flip sequence
2014-10-06 10:35:26 -04:00
John Ferlan
99186c4103 qemu: Remove need for virConnectPtr in hotunplug detach host, net
Prior patch removed the need for the virConnectPtr in the unplug
detach host path which caused ripple effect to remove in multiple
callers.  The previous patch just left things as ATTRIBUTE_UNUSED -
this patch will remove the variable.
2014-10-06 10:35:26 -04:00
John Ferlan
d2774e54cd qemu: Fix hot unplug of SCSI_HOST device
https://bugzilla.redhat.com/show_bug.cgi?id=1141732

Introduced by commit id '8f76ad99' the logic to detach a scsi_host
device (SCSI or iSCSI) fails when attempting to remove the 'drive'
because as I found in my investigation - the DelDevice takes care of
that for us.

The investigation turned up commits to adjust the logic for the
qemuMonitorDelDevice and qemuMonitorDriveDel processing for interfaces
(commit id '81f76598'), disk bus=VIRTIO,SCSI,USB (commit id '0635785b'),
and chr devices (commit id '55b21f9b'), but nothing with the host devices.

This commit uses the model for the previous set of changes and applies
it to the hostdev path. The call to qemuDomainDetachHostSCSIDevice will
return to qemuDomainDetachThisHostDevice handling either the audit of
the failure or the wait for the removal and then call into
qemuDomainRemoveHostDevice for the event, removal from the domain hostdev
list, and audit of the removal similar to other paths.

NOTE: For now the 'conn' param to +qemuDomainDetachHostSCSIDevice is left
as ATTRIBUTE_UNUSED.  Removing requires a cascade of other changes to be
left for a future patch.
2014-10-06 10:35:25 -04:00
Ján Tomko
16ca322630 Include .libs in libdir in source tree pkg-config files
This lets me build against an uninstalled source tree without
libtool.
2014-10-06 14:46:14 +02:00
Martin Kletzander
34f514778b minor shmem clean-ups
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-04 10:46:22 +02:00
Martin Kletzander
8f17d0eaae util: Prepare URI formatting for libxml2 >= 2.9.2
Since commit 8eb55d782a2b9afacc7938694891cc6fad7b42a5 libxml2 removes
two slashes from the URI when there is no server part.  This is fixed
with beb7281055dbf0ed4d041022a67c6c5cfd126f25, but only if the calling
application calls xmlSaveUri() on URI that xmlURIParse() parsed.  And
that is not the case in virURIFormat().  virURIFormat() accepts
virURIPtr that can be created without parsing it and we do that when we
format network storage paths for gluster for example.  Even though
virStorageSourceParseBackingURI() uses virURIParse(), it throws that data
structure right away.

Since we want to format URIs as URIs and not absolute URIs or opaque
URIs (see RFC 3986), we can specify that with a special hack thanks to
commit beb7281055dbf0ed4d041022a67c6c5cfd126f25, by setting port to -1.

This fixes qemuxml2argvtest test where the disk-drive-network-gluster
case was failing.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-03 22:43:09 +02:00
Martin Kletzander
0186885dac vbox: remove unused code that causes build failures
Since 87dea4fcff vboxGetDrivers() is not
used for getting the vbox network driver.  The only call the code does
is using NULL as the @networkDriver_ret param , but the code still used
vbox[0-9][0-9]NetworkDriver that didn't exist anymore.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-03 22:43:09 +02:00
Martin Kletzander
b90a9a6374 qemu: Build command line for ivshmem device
This patch implements support for the ivshmem device in QEMU.

Signed-off-by: Maxime Leroy <maxime.leroy@6wind.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-03 22:43:09 +02:00
Maxime Leroy
e3d478eb51 qemu: add capability probing for ivshmem device
Ivshmem is supported by QEMU since 0.13 release.

Signed-off-by: Maxime Leroy <maxime.leroy@6wind.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-03 22:43:08 +02:00
Martin Kletzander
540a84ec89 docs, conf, schema: add support for shmem device
This patch adds parsing/formatting code as well as documentation for
shared memory devices.  This will currently be only accessible in QEMU
using it's ivshmem device, but is designed as generic as possible to
allow future expansion for other hypervisors.

In the devices section in the domain XML users may specify:

- For shmem device using a server:

 <shmem name='shmem0'>
   <server path='/tmp/socket-ivshmem0'/>
   <size unit='M'>32</size>
   <msi vectors='32' ioeventfd='on'/>
 </shmem>

- For ivshmem device not using an ivshmem server:

 <shmem name='shmem1'>
   <size unit='M'>32</size>
 </shmem>

Most of the configuration is made optional so it also allows
specifications like:

 <shmem name='shmem1/>
 <shmem name='shmem2'>
   <server/>
 </shmem>

Signed-off-by: Maxime Leroy <maxime.leroy@6wind.com>
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-10-03 22:43:08 +02:00
Eric Blake
e9392e48d4 qemu: support nospace reason in io error event
Aeons ago (commit 34dcbbb4, v0.8.2), we added a new libvirt event
(VIR_DOMAIN_EVENT_ID_IO_ERROR_REASON) in order to tell the user WHY
the guest halted.  This is because at least VDSM wants to react
differently to ENOSPC events (resize the lvm partition to be larger,
and resume the guest as if nothing had happened) from all other events
(I/O is hosed, throw up our hands and flag things as broken).  At the
time this was done, downstream RHEL qemu added a vendor extension
'__com.redhat_reason', which would be exactly one of these strings:
"enospc", "eperm", "eio", and "eother".  In our stupidity, we exposed
those exact strings to clients, rather than an enum, and we also
return "" if we did not have access to a reason (which was the case
for upstream qemu).

Fast forward to now: upstream qemu commit c7c2ff0c (will be qemu 2.2)
FINALLY adds a 'nospace' boolean, after discussion with multiple
projects determined that VDSM really doesn't care about distinction
between any other error types.  So this patch converts 'nospace' into
the string "enospc" for compatibility with RHEL clients that were
already used to the downstream extension, while leaving the reason
blank for all other cases (no change from the status quo).

See also https://bugzilla.redhat.com/show_bug.cgi?id=1119784

* src/qemu/qemu_monitor_json.c (qewmuMonitorJSONHandleIOError):
Parse reason field from modern qemu.
* include/libvirt/libvirt.h.in
(virConnectDomainEventIOErrorReasonCallback): Document it.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-03 12:43:53 -06:00
Cole Robinson
445a09bdc9 qemu: Don't compare CPU against host for TCG
Right now when building the qemu command line, we try to do various
unconditional validations of the guest CPU against the host CPU. However
this checks are overly applied. The only time we should use the checks
are:

- The user requests host-model/host-passthrough, or

- When KVM is requsted. CPU features requested in TCG mode are always
  emulated by qemu and are independent of the host CPU, so no host CPU
  checks should be performed.

Right now if trying to specify a CPU for arm on an x86 host, it attempts
to do non-sensical validation and falls over.

Switch all the test cases that were intending to test CPU validation to
use KVM, so they continue to test the intended code.

Amend some aarch64 XML tests with a CPU model, to ensure things work
correctly.
2014-10-03 11:30:29 -04:00
Cole Robinson
3bc6dda6c5 qemu_command: Split qemuBuildCpuArgStr
Move the CPU mode/model handling to its own function. This is just
code movement and re-indentation.
2014-10-03 11:30:29 -04:00
Shanzhi Yu
a4771c5860 qemu: Improve domainSetTime error info report
check domain's status before call virQEMUCapsGet to report a accurate
error when domain is shut off

Resolve: https://bugzilla.redhat.com/show_bug.cgi?id=1147847
Signed-off-by: Shanzhi Yu <shyu@redhat.com>
2014-10-03 15:48:07 +02:00
Michal Privoznik
b4022de33a Makefile: Fix build without driver modules
After 87dea4fcf one can observe a build failure:

./autogen.sh --system --without-driver-modules && make

  CCLD     libvirtd
../src/.libs/libvirt_driver_vbox.a(libvirt_driver_vbox_impl_la-vbox_driver.o):
In function `vboxNetworkRegister':
/home/jtomko/work/libvirt/libvirt.git/src/vbox/vbox_driver.c:168: undefined
reference to `vboxGetNetworkDriver'
collect2: error: ld returned 1 exit status
make[3]: *** [libvirtd] Error 1

The problem is that when building without driver modules the VBOX
network driver is not linked into the the VBOX driver.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-10-03 13:59:12 +02:00
Taowei
87dea4fcff vbox: New network driver
This patch seperate the domain driver and the network driver.

libvirt_driver_vbox_impl.la has been linked in the network driver.
So that the version specified codes in vbox_V*.c would only be
compiled once.

The vboxGetNetworkDriver provides a simple interface to get vbox
network driver.
2014-10-03 10:43:04 +02:00
Taowei
bde0cb511d vbox: Rewrite vboxNetworkGetXMLDesc 2014-10-03 10:43:04 +02:00
Taowei
3b12eca667 vbox: Rewrite vboxNetworkCreate 2014-10-03 10:43:04 +02:00
Taowei
1f8b9882f1 vbox: Rewrite vboxNetworkUndefineDestroy
This patch rewrites two public APIs. They are vboxNetworkUndefine
and vboxNetworkDestroy. They use the same core function
vboxNetworkUndefineDestroy. I merged it in one patch.
2014-10-03 10:43:04 +02:00
Taowei
e8d999ada9 vbox: Rewrite vboxNetworkDefineCreateXML
This patch actually contains two public API, virNetworkDefineXML
and virNetworkCreateXML. They use the same core function
vboxNetworkDefineCreateXML. So I merged it together.
2014-10-03 10:43:04 +02:00
Taowei
ee951b9fe7 vbox: Rewrite vboxNetworkLookupByName 2014-10-03 10:43:04 +02:00
Taowei
e4f24f892f vbox: Rewrite vboxNetworkLookupByUUID 2014-10-03 10:43:04 +02:00
Taowei
85a3cd993a vbox: Rewrite vboxConnectListDefinedNetworks 2014-10-03 10:43:04 +02:00
Taowei
638afcf5c9 vbox: Rewrite vboxConnectNumOfDefinedNetworks 2014-10-03 10:43:03 +02:00
Taowei
ce1cef1c57 vbox: Rewrite vboxConnectListNetworks 2014-10-03 10:43:03 +02:00
Taowei
a8b1b043bf vbox: Rewrite vboxConnectNumOfNetworks 2014-10-03 10:43:03 +02:00
Taowei
9e0637997f vbox: Rewrite vboxNetworkClose 2014-10-03 10:43:03 +02:00
Taowei
cd7a5d8994 vbox: Rewrite vboxNetworkOpen 2014-10-03 10:43:03 +02:00
Taowei
fac5d061ed vbox: Interfaces for register per parties
The patch dbb4cbf532 by Michal has splited the vbox driver into
three parties. This modification brings a more suitable interface
to the previous patch.

The new function vboxGetDriver is introduced to get the
corresponding vbox domain driver directly thought the vbox version.

Functions like vboxGetNetworkDriver and vboxGetStorageDriver
will be introduced after rewriting it's drivers.

This patch, by the way, fixed the align problem for vbox in
Makefile.am
2014-10-03 10:43:03 +02:00
Erik Skultety
e3a7b8740f qemu: Fix updating balloon period in live XML
Up until now, we set memballoon period in monitor successfully, however
we did not update domain definition structure, thus dumpxml was omitting
period attribute in memballoon element

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1140960
2014-10-02 16:10:53 -04:00
Erik Skultety
f4ba3385ba qemu: Fix updating bandwidth limits in live XML
When trying to update bandwidth limits on a running domain, limits get
updated in our internal structures, however XML parser reads
bandwidth limits from network 'actual' definition. Committing this patch
it is now available to update bandwidth 'actual' definition as well,
thus updating domain runtime XML.
2014-10-02 16:10:53 -04:00
Ján Tomko
99b2b4571d Add virCgroupTerminateMachine stub
Fix the build on FreeBSD, broken by commit 4882618.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2014-10-02 11:11:10 +02:00
Eric Blake
4acc03ae8b build: fix build on non-Linux
A cygwin build of 1.2.9 fails with:

util/virprocess.c:87:27: fatal error: sys/syscall.h: No such file or directory
 #  include <sys/syscall.h>

But in reality, the ONLY user of setns() is lxc, which is Linux-only.
It's easiest to just limit the setns workarounds to Linux.

* src/util/virprocess.c (setns): Limit definition to Linux.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-01 21:23:09 -06:00
Guido Günther
4882618ed1 qemu: use systemd's TerminateMachine to kill all processes
If we don't properly clean up all processes in the
machine-<vmname>.scope systemd won't remove the cgroup and subsequent vm
starts fail with

  'CreateMachine: File exists'

Additional processes can e.g. be added via

  echo $PID > /sys/fs/cgroup/systemd/machine.slice/machine-${VMNAME}.scope/tasks

but there are other cases like

  http://bugs.debian.org/761521

Invoke TerminateMachine to be on the safe side since systemd tracks the
cgroup anyway. This is a noop if all processes have terminated already.
2014-10-01 20:17:46 +02:00
Peter Krempa
92427948b3 maint: Prohibit "devname" by a syntax check rules
and tweak the code to avoid using it.
2014-10-01 16:39:01 +02:00
Peter Krempa
72945c0629 qemu: monitor: Avoid shadowing variable "devname" on FreeBSD. Again.
FreeBSD's compiler complains that we shadow the symbol. Sigh.

s/devname/dev_name/
2014-10-01 14:39:23 +02:00
Peter Krempa
58699b77ee qemu: json: Fix missing break in error reporting function
Otherwise we'd report a different error.

Reported by John Ferlan's coverity run.
2014-10-01 14:33:09 +02:00
Francesco Romani
7557ddf8be qemu: bulk stats: add block allocation information
Management software wants to be able to allocate disk space on demand.
To support this they need keep track of the space occupation of the
block device.  This information is reported by qemu as part of block
stats.

This patch extend the block information in the bulk stats with the
allocation information.

To keep the same behaviour a helper is extracted from
qemuMonitorJSONGetBlockExtent in order to get per-device allocation
information.

Signed-off-by: Francesco Romani <fromani@redhat.com>
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
2014-10-01 10:58:33 +02:00
Peter Krempa
8caded6b8e qemu: monitor: Add helper function to fill physical/virtual image size
While our code gathers block stats via "query-blockstats" some
information need to be gathered via "query-block". Add a helper function
that will update the blockstats structure if requested.
2014-10-01 10:58:33 +02:00
Pavel Hrdina
fc22b2e748 domain_conf: fix domain deadlock
If you use public api virConnectListAllDomains() with second parameter
set to NULL to get only the number of domains you will lock out all
other operations with domains.

Introduced by commit 2c680804.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-10-01 16:22:02 +08:00
Chris St. Pierre
fe808d95bf Allow setting migration max downtime any time
This removes the artificial and unnecessary restriction that
virDomainSetMaxDowntime() only be called while a migration is in
progress.

https://bugzilla.redhat.com/show_bug.cgi?id=1146618

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-30 13:35:20 +02:00
Peter Krempa
bd2b0968c1 qemu: monitor: Avoid shadowing variable "devname" on FreeBSD
FreeBSD's compiler complains that we shadow the symbol. Sigh.

s/devname/dev_name/
2014-09-30 11:41:43 +02:00
Peter Krempa
96c0f57a82 qemu: monitor: return block stats data as a hash to avoid disk mixup
The current block stats code matched up the disk name with the actual
stats by the order in the data returned from qemu. This unfortunately
isn't right as qemu may return the disks in any order. Fix this by
returning a hash of stats and index them by the disk alias.
2014-09-30 11:01:55 +02:00
Ján Tomko
f53bb1af90 Also filter out non-migratable features out of host-passthrough
Commit de0aeaf filtered them out from the host-model features,
to allow host-model to be migratable by default.

Even though they are not passed to QEMU for host-passthrough,
(and not enabled by default) filter them out too
so the user does not think the domain has them.

https://bugzilla.redhat.com/show_bug.cgi?id=1147584
2014-09-30 10:51:08 +02:00
Ján Tomko
ec5f817f2e Don't verify CPU features with host-passthrough
Commit fba6bc4 introduced the non-migratable invtsc feature,
breaking save/migration with host-model and host-passthrough.

On hosts with this feature present it was automatically included
in the CPU definition, regardless of QEMU support.

Commit de0aeaf stopped including it by default for host-model,
but failed to fix host-passthrough.

This commit ignores checking of CPU features with host-passthrough,
since we don't pass them to QEMU (only -cpu host is passed),
allowing domains using host-passthrough that were saved with
the broken version of libvirtd to be restored.

https://bugzilla.redhat.com/show_bug.cgi?id=1147584
2014-09-30 10:47:02 +02:00
Ján Tomko
e26bbf49cc Fix crash cpu_shares change event crash on domain startup
Introduced by commit 0dce260.

qemuDomainEventQueue was called with qemuDomainObjPrivatePtr instead
of virQEMUDriverPtr.

https://bugzilla.redhat.com/show_bug.cgi?id=1147494
2014-09-29 13:58:43 +02:00
Guido Günther
9e159b521d qemu: remove capabilities.monitor.sock when done
Prompted by

   http://bugs.debian.org/761131
2014-09-26 19:01:16 +02:00
Jincheng Miao
e029088802 conf: report error in virCPUDefParseXML
When detected invalid 'memAccess', virCPUDefParseXML should report error.

Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1146334

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
2014-09-26 16:03:14 +02:00
Ján Tomko
b987c4c3f4 Check for NULL in qemu monitor event filter
When virConnectDomainQemuMonitorEventRegister is called with the
VIR_CONNECT_DOMAIN_QEMU_MONITOR_EVENT_REGISTER_REGEX flag,
ignore the flag instead of crashing.

https://bugzilla.redhat.com/show_bug.cgi?id=1144920
2014-09-26 13:35:51 +02:00
Daniel P. Berrange
42571dfa86 Fix typo s/EMULATORIN/EMULATORPIN/
Fix the typo in VIR_DOMAIN_TUNABLE_CPU_EMULATORIN

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-26 11:20:56 +01:00
Daniel P. Berrange
0778c0be8d Rename tunable event constants
For the new VIR_DOMAIN_EVENT_ID_TUNABLE event we have a bunch of
constants added

   VIR_DOMAIN_EVENT_CPUTUNE_<blah>
   VIR_DOMAIN_EVENT_BLKDEVIOTUNE_<blah>

This naming convention is bad for two reasons

  - There is no common prefix unique for the events to both
    relate them, and distinguish them from other event
    constants

  - The values associated with the constants were chosen
    to match the names used with virConnectGetAllDomainStats
    so having EVENT in the constant name is not applicable in
    that respect

This patch proposes renaming the constants to

    VIR_DOMAIN_TUNABLE_CPU_<blah>
    VIR_DOMAIN_TUNABLE_BLKDEV_<blah>

ie, given them a common VIR_DOMAIN_TUNABLE prefix.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-26 10:58:15 +01:00
Michal Privoznik
c99f66ac4c lxc_monitor_protocol: Redefine xdr_uint64_t if needed
https://bugzilla.redhat.com/show_bug.cgi?id=993411

On some systems (using libtirpc instead of glibc's
implementation), xdr_uint64_t exists rather under different name:
xdr_u_int64_t. This makes compilation fail then:

libvirt_lxc-lxc_monitor_protocol.o: In function `xdr_virLXCMonitorInitEventMsg':
/usr/local/src/libvirt/libvirt-1.1.1/src/./lxc/lxc_monitor_protocol.c:31: undefined reference to `xdr_uint64_t'

Therefore we rather mirror the d707c866 commit and redefine
xdr_uint64_t if needed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-26 10:15:03 +02:00
Michal Privoznik
3a3c3780b4 qemuPrepareNVRAM: Save domain after NVRAM path generation
On a domain startup, the variable store path is generated if needed.
The path is intended to be generated only once. However, the updated
domain definition is not saved into config dir rather than state XML
only. So later, whenever the domain is destroyed and the daemon is
restarted, the generated path is forgotten and the file may be left
behind on virDomainUndefine() call.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-26 10:14:34 +02:00
Michal Privoznik
f272928310 remoteNodeGetFreePages: Don't alloc args.pages.pages_val
There's no one to free() it anyway. Instead, we can just pass the
provided array pointer directly.

==20039== 48 bytes in 4 blocks are definitely lost in loss record 658 of 787
==20039==    at 0x4C2A700: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==20039==    by 0x4EA661F: virAllocN (viralloc.c:191)
==20039==    by 0x50386EF: remoteNodeGetFreePages (remote_driver.c:7625)
==20039==    by 0x5003504: virNodeGetFreePages (libvirt.c:21379)
==20039==    by 0x154625: cmdFreepages (virsh-host.c:374)
==20039==    by 0x12F718: vshCommandRun (virsh.c:1935)
==20039==    by 0x1339FB: main (virsh.c:3747)

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-26 10:02:21 +02:00
Tomoki Sekiyama
efafc9c1ce nodeinfo: fix version of nodeAllocPages
Fix comments about the version in which '.nodeAllocPages' are added.

Signed-off-by: Tomoki Sekiyama <tomoki.sekiyama@hds.com>
2014-09-26 09:58:01 +02:00
Peter Krempa
fe7ef7b112 qemu: Always re-detect backing chain
Since 363e9a68 we track backing chain metadata when creating snapshots
the right way even for the inactive configuration. As we did not yet
update other code paths that modify the backing chain (blockpull) the
newDef backing chain gets out of sync.

After stopping of a VM the new definition gets copied to the next start
one. The new VM then has incorrect backing chain info. This patch
switches the backing chain detector to always purge the existing backing
chain and forces re-detection to avoid this issue until we'll have full
backing chain tracking support.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1144922
2014-09-26 09:35:33 +02:00
Michal Privoznik
92b0577db2 virNodeAllocPages: Disallow RO connection
Due to a missing check the API can be successfully called even if
the connection is ReadOnly. Fortunately, the API hasn't been
released yet, so there's no need for a CVE.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 17:12:46 +02:00
Dmitry Guryanov
e7bb373fdf parallels: login to parallels SDK
Add files parallels_sdk.c and parallels_sdk.h for code
which works with SDK, so libvirt's code will not mix with
dealing with parallels SDK.

To use Parallels SDK you must first call PrlApi_InitEx function,
and then you will be able to connect to a server with
PrlSrv_LoginLocalEx function. When you've done you must call
PrlApi_Deinit. So let's call PrlApi_InitEx on first .connectOpen,
count number of connections and deinitialize, when this counter
becomes zero.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-09-25 15:42:32 +02:00
Dmitry Guryanov
64018e0c83 parallels: build with parallels SDK
Executing prlctl command is not an optimal way to interact with
Parallels Cloud Server (PCS), it's better to use parallels SDK,
which is a remote API to paralles dispatcher service.

We prepared opensource version of this SDK and published it on
github, it's distributed under LGPL license. Here is a git repo:
https://github.com/Parallels/parallels-sdk.

To build with parallels SDK user should get compiler and linker
options from pkg-config 'parallels-sdk' file. So fix checks in
configure script and build with parallels SDK, if that pkg-config
file exists and add gcc options to makefile.

Signed-off-by: Dmitry Guryanov <dguryanov@parallels.com>
2014-09-25 15:42:32 +02:00
Michal Privoznik
cb5de6552e virnetserver: Raise log level of max_clients related messages
We have these configuration knobs, like max_clients and
max_anonymous_clients. They limit the number of clients
connected.  Whenever the limit is reached, the daemon stops
accepting new ones and resumes if one of the connected clients
disconnects. If that's the case, a debug message is printed into
the logs. And when the daemon starts over to accept new clients
too. However, the problem is the messages have debug priority.
This may be unfortunate, because if the daemon stops accepting
new clients all of a sudden, and users don't have debug logs
enabled they have no idea what's going on. Raise the messages
level to INFO at least.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 13:45:29 +02:00
Pavel Hrdina
c4b4b13ccb polkit_driver: fix possible segfault
The changes in commit c7542573 introduced possible segfault. Looking
deeper into the code and the original code before the patch series were
applied I think that we should report error for each function failure
and also we shouldn't call some of the function twice.

Found by coverity.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-25 12:53:37 +02:00
Pavel Hrdina
18fc3199c2 blkdeviotune: trigger tunable event for blkdeviotune updates
Use the universal tunable event to report changes to user. All
blkdeviotune values are prefixed with "blkdeviotune".

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-25 11:50:13 +02:00
Pavel Hrdina
783fe9ca8c blkdeviotune: fix bug with saving values into live XML
When you updated some blkdeviotune values for running domain the values
were stored only internally, but not saved into the live XML so they
won't survive restarting the libvirtd.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-25 11:50:03 +02:00
Pavel Hrdina
dd0ce57386 Fix build without polkit
The commit 1b854c76 introduced a new function 'virPolkitCheckAuth' and
in the #else section when you don't have polkit all attributes should be
follwed by ATTRIBUTE_UNUSED.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-25 10:59:43 +02:00
Pavel Hrdina
ceb7c90e69 tunable_event: extend debug message and tweak limit for remote message
It would be nice to also print a params pointer and number of params in
the debug message and the previous limit for number of params in the rpc
message was too large. The 2048 params will be enough for future events.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-25 10:56:04 +02:00
Michal Privoznik
0228fa11c0 nodeinfo: Implement nodeAllocPages
And add stubs to other drivers like: lxc, qemu, uml and vbox.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 10:24:45 +02:00
Michal Privoznik
d1fd4a9b3b virnuma: Introduce virNumaSetPagePoolSize
This internal API can be used to allocate or free some pages in
the huge pages pool.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 10:24:45 +02:00
Michal Privoznik
fa5c5580d6 Introduce virNodeAllocPages
A long time ago in a galaxy far, far away it has been decided
that libvirt will manage not only domains but host as well. And
with my latest work on qemu driver supporting huge pages, we miss
the cherry on top: an API to allocate huge pages on the run.
Currently users are forced to log into the host and adjust the
huge pages pool themselves.  However, with this API the problem
is gone - they can both size up and size down the pool.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 10:24:44 +02:00
Michal Privoznik
4aa8a68faa nodeGetFreePages: Push forgotten change
In the previous patch I've changed the for loop bounds but forgot
to 'git add' changes that adapt the rest of the code.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-25 10:24:44 +02:00
Cole Robinson
d3489548b5 security: Fix labelling host devices (bz 1145968)
The check for ISCSI devices was missing a check of subsys type, which
meant we could skip labelling of other host devices as well. This fixes
USB hotplug on F21

https://bugzilla.redhat.com/show_bug.cgi?id=1145968
2014-09-24 17:04:28 -04:00
Daniel P. Berrange
308c0c5a95 Convert polkit code to use DBus API instead of CLI helper
Spawning the pkcheck program every time a permission check is
required is hugely expensive on CPU. The pkcheck program is just
a dumb wrapper for the DBus API, so rewrite the code to use the
DBus API directly. This also simplifies error handling a bit.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
88a2dc1f4c Support passing dict by reference for dbus messages
Currently DBus dict values must be passed inline

   virDBusMessageEncode("a{ss}",
                        3,
                        "key1", "val1",
                        "key2", "val2",
                        "key3", "val3");
   virDBusMessageDecode("a{ss}",
                        3,
                        &key1, &val1,
                        &key2, &val2,
                        &key3, &val3);

This allows them to be passed by reference

   const char **dictin = {
      "key1", "val1",
      "key2", "val2",
      "key3", "val3"
   };
   char **dictout;
   size_t ndictout;

   virDBusMessageEncode("a&{ss}",
                        ARRAY_CARDINALITY(dict) / 2,
                        dictin);
   virDBusMessageDecode("a&{ss}",
                        &ndictout,
                        &dictout);

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
c754257347 Convert remote daemon & acl code to use polkit API
Convert the remote daemon auth check and the access control
code to use the common polkit API for checking auth.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
64a5dc1b6a Convert callers to use typesafe APIs for getting identity attrs
Convert virAccessDriverPolkitFormatProcess to use typesafe API
for getting process ID attribute.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
5282ed8d1c Convert callers to use typesafe APIs for setting identity attrs
Update virNetServerClientCreateIdentity and virIdentityGetSystem
to use the new typesafe APIs for setting identity attributes

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
b4b41521fa Add typesafe APIs for virIdentity attributes
Instead of requiring the caller to format to/from strings,
add typesafe APIs todo this work.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Daniel P. Berrange
1b854c76c7 Add common API for doing polkit authentication
There are now two places in libvirt which use polkit. Currently
they use pkexec, which is set to be replaced by direct DBus API
calls. Add a common API which they will both be able to use for
this purpose.

No tests are added at this time, since the impl will be gutted
in favour of a DBus API call shortly.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-24 15:29:22 +01:00
Ján Tomko
2d79e1752a qemu: wire up virtio-net segment offloading options
Format the segment offloading options specified by
<driver>
  <host .../>
  <guest .../>
</driver>
on virtio-net command line.
2014-09-24 16:16:45 +02:00
Ján Tomko
5b3536ae90 conf: add options for disabling segment offloading
Add options for tuning segment offloading:
<driver>
  <host csum='off' gso='off' tso4='off' tso6='off'
        ecn='off' ufo='off'/>
  <guest csum='off' tso4='off' tso6='off' ecn='off' ufo='off'/>
</driver>
which control the respective host_ and guest_ properties
of the virtio-net device.
2014-09-24 16:16:45 +02:00
Jincheng Miao
8baf0f025f nodeinfo: fix nodeGetFreePages when max node is zero
In nodeGetFreePages, if startCell is given by '0',
and the max node number is '0' too. The for-loop
wouldn't be executed.
So convert it to while-loop.

Before:
> virsh freepages --cellno 0 --pagesize 4
error: internal error: no suitable info found

After:
> virsh freepages --cellno 0 --pagesize 4
4KiB: 472637

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-24 13:33:43 +02:00
Pavel Hrdina
a71f741ec5 Fix bug with loading bridge name for active domain during libvirtd start
If you have a bridge network in running domain and libvirtd is restarted
the information about host bridge interface is lost from live xml.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1140085

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-24 11:34:00 +02:00
Peter Krempa
eaf43e3755 storage: Improve error message when traversing backing chains
Report also the name of the parent file and uid/gid used to access it to
help debugging broken storage configurations.
2014-09-24 10:19:13 +02:00
Peter Krempa
639a00984a qemu: Report better errors from broken backing chains
Request erroring out from the backing chain traveller and drop qemu's
internal backing chain integrity tester.

The backing chain traveller reports errors by itself with possibly more
detail than qemuDiskChainCheckBroken ever could.

We also need to make sure that we reconnect to existing qemu instances
even at the cost of losing the backing chain info (this really should be
stored in the XML rather than reloaded from disk, but that needs some
work).
2014-09-24 10:18:47 +02:00
Peter Krempa
172ca0e748 qemu: Sanitize argument names and empty disk check in qemuDomainDetermineDiskChain
Reuse virStorageSourceIsEmpty and rename "force" argument to
"force_probe".
2014-09-24 09:30:12 +02:00
Peter Krempa
b8549877a1 util: storage: Allow metadata crawler to report useful errors
Add a new parameter to virStorageFileGetMetadata that will break the
backing chain detection process and report useful error message rather
than having to use virStorageFileChainGetBroken.

This patch just introduces the option, usage will be provided
separately.
2014-09-24 09:28:29 +02:00
Pavel Hrdina
0dce260cc8 cputune_event: queue the event for cputune updates
Now we have universal tunable event so we can use it for reporting
changes to user. The cputune values will be prefixed with "cputune" to
distinguish it from other tunable events.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-23 21:58:09 +02:00
Pavel Hrdina
e426718129 event: introduce new event for tunable values
This new event will use typedParameters to expose what has been actually
updated and the reason is that we can in the future extend any tunable
values or add new tunable values. With typedParameters we don't have to
worry about creating some other events, we will just use this universal
event to inform user about updates.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-23 21:49:57 +02:00
Jiri Denemark
ad56f86378 qemu: Fix memory leak in RDMA migration code
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 15:23:10 +02:00
Martin Kletzander
c58e7e78ce conf: sanitize tap and vhost paths
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2014-09-23 14:24:33 +02:00
Michal Privoznik
de31dcc89a qemuBuildNumaArgStr: Discard def->cpu check
In the function at one place we check if def->cpu is NULL prior
to accessing def->cpu->ncells. Then, later in the code,
def->cpu->ncells is accessed directly, without the check. This
makes coverity unhappy, because the first check makes it think
def->cpu can be NULL. However, the function is not called if
def->cpu is NULL. Therefore, remove the first check and hopefully
make coverity cheer again.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-23 13:08:39 +02:00
Michal Privoznik
f8857c8f88 nodeinfo: Prefer MIN in nodeGetFreePages
It's better to use a macro instead of if-else construct.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-23 11:34:06 +02:00
Pavel Hrdina
60c4ae454e domain_conf: separate structures from virDomainDef
Cleanup virDomanDef structure from other nested structure and create
separate type definition for them.

Fix a typo in virDomainHugePage.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-23 10:47:32 +02:00
Jincheng Miao
c46fa72e40 Fix typo of virNodeGetFreePages comment
Signed-off-by: Jincheng Miao <jmiao@redhat.com>
2014-09-23 10:23:20 +02:00
Jincheng Miao
7db1936642 nodeinfo: report error when given node is out of range
https://bugzilla.redhat.com/show_bug.cgi?id=1145050

Signed-off-by: Jincheng Miao <jmiao@redhat.com>
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-23 10:23:20 +02:00
Michael R. Hines
9cc1586d2b qemu: Memory pre-pinning support for RDMA migration
RDMA Live migration requires registering memory with the hardware, and
thus QEMU offers a new 'capability' to pre-register / mlock() the guest
memory in advance for higher RDMA performance before the migration
begins. This capability is disabled by default, which means QEMU will
register the memory with the hardware in an on-demand basis.

This patch exposes this capability with the following example usage:

virsh migrate --live --rdma-pin-all --migrateuri rdma://hostname domain qemu+ssh://hostname/system

Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 08:11:50 +02:00
Michael R. Hines
ed22a47434 qemu: RDMA migration support
This patch adds support for RDMA protocol in migration URIs.

USAGE: $ virsh migrate --live --migrateuri rdma://hostname domain qemu+ssh://hostname/system

Since libvirt runs QEMU in a pretty restricted environment, several
files needs to be added to cgroup_device_acl (in qemu.conf) for QEMU to
be able to access the host's infiniband hardware. Full documenation of
the feature can be found on QEMU wiki:
http://wiki.qemu.org/Features/RDMALiveMigration

Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 08:11:50 +02:00
Jiri Denemark
b3fd95e368 qemu: Add RDMA migration capabilities 2014-09-23 08:11:49 +02:00
Jiri Denemark
e16a39fcd3 qemu: Prepare support for arbitrary migration protocol
Currently we only support TCP protocol for native QEMU migration but
this is going to be changed. Let's make the code more general and remove
hardcoded TCP protocol from several places.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 08:11:49 +02:00
Jiri Denemark
1cffb25c16 qemu: Fix old tcp:host URIs more cleanly
For compatibility with old libvirt we need to support both tcp:host and
tcp://host migration URIs. Let's make the code that parses them a bit
cleaner.

Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 08:11:35 +02:00
Michael R. Hines
30b24df165 qemu: Expose additional migration statistics
RDMA migration uses the 'setup' state in QEMU to optionally lock
all memory before the migration starts. The total time spent in
this state is exposed as VIR_DOMAIN_JOB_SETUP_TIME.

Additionally, QEMU also exports migration throughput (mbps) for both
memory and disk, so let's add them too: VIR_DOMAIN_JOB_MEMORY_BPS,
VIR_DOMAIN_JOB_DISK_BPS.

Signed-off-by: Michael R. Hines <mrhines@us.ibm.com>
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
2014-09-23 08:10:30 +02:00
Chen Fan
1cd3765ead cpu: fix wrong single quote mark
Signed-off-by: Chen Fan <chen.fan.fnst@cn.fujitsu.com>
2014-09-22 21:55:34 -06:00
Daniel P. Berrange
d56c148dc6 cpu: remove repeated word in error message
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-09-22 16:41:42 +01:00
Giuseppe Scrivano
75d6f42f42 qemu: raise an error when trying to use readonly sata disks
commit 72f919f558 introduced an user
friendly error message when trying to use IDE disks as readonly.

Do the same thing for the SATA bus.

Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1112939

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2014-09-22 17:22:39 +02:00
Peter Krempa
4f3c2e39e5 qemu: hook: Provide hook when restoring a domain save image 2014-09-22 17:11:56 +02:00
Peter Krempa
3035123d65 qemu: save image: Split out checks done only when editing the save img
Move them to the single corresponding function rather than having them
in the common chunk of code.
2014-09-22 16:42:47 +02:00
Peter Krempa
4e215bcb2f qemu: save image: Split out new definition check/update
Split out the call to the update method only to places where it is
actually used rather than having a mega-method that does all the stuff.
2014-09-22 09:45:36 +02:00
Peter Krempa
eb9595b725 qemu: save image: Add possibility to return XML stored in the image
Add a new parameter that will allow to return the XML stored in the save
image for further manipulation and adjust the callers. This option will
be used in later patches.
2014-09-22 09:45:36 +02:00
Peter Krempa
92e1df2529 qemu: save image: Split out user provided XML checker
Extract code used to check save image XMLs provided by users to separate
use.
2014-09-22 09:45:36 +02:00
Jim Fehlig
c78923732d libxl: Drop driver lock in libxlDomainDefineXML
There is no need to acquire the driver-wide lock in
libxlDomainDefineXML.  When switching to jobs in the libxl
driver, most driver-wide locks were removed.  The locking here
was preserved since I mistakenly thought virDomainObjListAdd
needed protection.  This is not the case, so remove the
unnecessary locking.
2014-09-19 08:15:52 -06:00
John Ferlan
74eaa0918b qemu: Process the hostdev "rawio" setting
Mimic the "Disk" processing for 'rawio', but for a scsi_host hostdev
lun device.
2014-09-19 07:49:06 -04:00
John Ferlan
58abf1bb36 hostdev: Add "rawio" attribute to _virDomainHostdevSubsysSCSI
Add the 'rawio' attribute to match _virDomainDiskDef and process the
hostdev XML similarly to the disk XML for a lun which supports/requires rawio
2014-09-19 07:47:46 -04:00
John Ferlan
320825b4ca domain_conf: Change virDomainDiskDef 'rawio' to use virTristateBool
Adjust disk definition for 'rawio' to use the TristateBool logic
2014-09-19 05:59:36 -04:00
John Ferlan
8921d48868 qemu: Add missing goto on rawio
Commit id '9a2f36ec' added a build conditional of CAP_SYS_RAWIO
in order to determine whether or not a disk definition using rawio
should be allowed on platforms without CAP_SYS_RAWIO. If one was
found, virReportError was used but the code didn't goto cleanup.

This patch adds the goto.
2014-09-19 05:54:00 -04:00
Pavel Hrdina
da7799d879 Move the FIPS detection from capabilities
We are not detecting the presence of FIPS from QEMU, but from procfs and
that means it's not QEMU capability. It was decided that we will pass
this flag to QEMU even if it's not supported by old QEMU binaries.

This patch also reverts changes done by commit a21cfb0f to
qemucapabilitestest and implements a new test case in qemuxml2argvtest.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1135431

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
2014-09-19 09:08:23 +02:00
Michal Privoznik
ba7468dbb1 virSecuritySELinuxSetTapFDLabel: Temporarily revert to old behavior
https://bugzilla.redhat.com/show_bug.cgi?id=1141879

A long time ago I've implemented support for so called multiqueue
net.  The idea was to let guest network traffic be processed by
multiple host CPUs and thus increasing performance. However, this
behavior is enabled by QEMU via special ioctl() iterated over the
all tap FDs passed in by libvirt. Unfortunately, SELinux comes in
and disallows the ioctl() call because the /dev/net/tun has label
system_u:object_r:tun_tap_device_t:s0 and 'attach_queue' ioctl()
is not allowed on tun_tap_device_t type. So after discussion with
a SELinux developer we've decided that the FDs passed to the QEMU
should be labelled with svirt_t type and SELinux policy will
allow the ioctl(). Therefore I've made a patch
(cf976d9dcf) that does exactly this. The patch
was fixed then by a443193139 and
b635b7a1af. However, things are not
that easy - even though the API to label FD is called
(fsetfilecon_raw) the underlying file is labelled too! So
effectively we are mangling /dev/net/tun label. Yes, that broke
dozen of other application from openvpn, or boxes, to qemu
running other domains.

The best solution would be if SELinux provides a way to label an
FD only, which could be then labeled when passed to the qemu.
However that's a long path to go and we should fix this
regression AQAP. So I went to talk to the SELinux developer again
and we agreed on temporary solution that:

1) All the three patches are reverted
2) SELinux temporarily allows 'attach_queue' on the
tun_tap_device_t

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2014-09-18 19:02:47 +02:00
Roman Bogorodskiy
b4af40226d storage: zfs: implement pool build and delete
- Provide an implementation for buildPool and deletePool operations
   for the ZFS storage backend.
 - Add VIR_STORAGE_POOL_SOURCE_DEVICE flag to ZFS pool poolOptions
   as now we can specify devices to build pool from
 - storagepool.rng: add an optional 'sourceinfodev' to 'sourcezfs' and
   add an optional 'target' to 'poolzfs' entity
 - Add a couple of tests to storagepoolxml2xmltest
2014-09-18 18:08:29 +04:00
Ján Tomko
c1d55105a4 audit: fix memory leak without WITH_AUDIT
Free str unconditionally since we allocate it without WITH_AUDIT
too.
2014-09-18 14:49:01 +02:00
Ján Tomko
25d454803f audit: remove redundant NULL assignment
virVasprintf sets the output to NULL on failure.
2014-09-18 14:49:01 +02:00
Ján Tomko
c1480871bb Fixes for domains with no iothreads
Plug a memory leak and silence a warning.
2014-09-18 14:49:01 +02:00
Ján Tomko
5b5631dedf Fix leak in x86UpdateHostModel
Commit de0aeaf introduced a memory leak.
2014-09-18 14:49:01 +02:00
Erik Skultety
288c47406c Fix libvirtd crash when removing metadata
When trying to remove nonexistent metadata from XML, libvirt daemon
crashes due to dereferencing NULL pointer.

Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1143955
2014-09-18 14:46:40 +02:00
John Ferlan
15ee3c2511 qemu: Don't fail startup/attach for IOThreads if no JSON
If the qemu being used doesn't support JSON, then querying for IOThread
data would fail. In that case, ensure the *iothreads is NULL and return 0
as the count of iothreads available.
2014-09-18 06:24:49 -04:00
Roman Bogorodskiy
e29d28e7f2 Fix build in qemu_command
Currently, build with clang fails with:

  CC       qemu/libvirt_driver_qemu_impl_la-qemu_command.lo
qemu/qemu_command.c:6580:58: error: implicit conversion from enumeration type
'virMemAccess' to different enumeration type 'virTristateSwitch'
[-Werror,-Wenum-conversion]
        virTristateSwitch memAccess = def->cpu->cells[i].memAccess;
                          ~~~~~~~~~   ~~~~~~~~~~~~~~~~~~~^~~~~~~~~
1 error generated.

Fix that by using virMemAccess instead of virTristateSwitch.
2014-09-18 13:37:12 +04:00
Roman Bogorodskiy
3b3947ea37 Fix build in qemu_capabilities
Commit f05b6a91 added virQEMUDriverConfigPtr argument to the
virQEMUCapsFillDomainCaps function and it uses forward declaration
of virQEMUDriverConfig and virQEMUDriverConfigPtr that casues clang
build to fail:

gmake[3]: Entering directory `/usr/home/novel/code/libvirt/src'
  CC       qemu/libvirt_driver_qemu_impl_la-qemu_capabilities.lo
In file included from qemu/qemu_capabilities.c:43:
In file included from qemu/qemu_hostdev.h:27:
qemu/qemu_conf.h:63:37: error: redefinition of typedef 'virQEMUDriverConfig'
is a C11 feature [-Werror,-Wtypedef-redefinition]
typedef struct _virQEMUDriverConfig virQEMUDriverConfig;
                                    ^
qemu/qemu_capabilities.h:328:37: note: previous definition is here
typedef struct _virQEMUDriverConfig virQEMUDriverConfig;
                                    ^

Fix that by passing loader and nloader config attributes directly
instead of passing complete config.
2014-09-18 13:37:12 +04:00
Ján Tomko
540ee87249 qemu: fix crash with shared disks
Commit f36a94f introduced a double free on all success paths
in qemuSharedDeviceEntryInsert.

Only call qemuSharedDeviceEntryFree on the error path and
set entry to NULL before jumping there if the entry already
is in the hash table.

https://bugzilla.redhat.com/show_bug.cgi?id=1142722
2014-09-18 09:05:21 +02:00
Peter Krempa
434dd55194 qemu: Improve check for local storage
Now that we have a simple function to check locality of storage, reuse
it in qemuDomainCheckDiskPresence().

Also reuse check for empty storage source.
2014-09-17 22:00:08 +02:00
Peter Krempa
7c7981eb79 qemu: Drop unused formatting of uuid
The formatted UUID isn't used anywhere else in
qemuDomainCheckDiskStartupPolicy. Drop it.
2014-09-17 21:59:57 +02:00
Wang Yufei
18a6dc93e5 maint: clean up _virDomainMemoryStat
Clean up all _virDomainMemoryStat.

Signed-off-by: James <james.wangyufei@huawei.com>
Signed-off-by: Wang Rui <moon.wangrui@huawei.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-17 11:28:48 -06:00