Commit Graph

20283 Commits

Author SHA1 Message Date
Guido Günther
fbb27088ee virNetSocketCheckProtocols: handle EAI_NONAME as IPv6 unavailable
When running the test suite using "unshare -n" we might have IPv6 but no
configured addresses. Due to AI_ADDRCONFIG getaddrinfo then fails with
EAI_NONAME which we should then treat as IPv6 unavailable.
2015-08-11 22:08:50 +02:00
Laine Stump
bfaaa2b681 util: don't overwrite stack when getting ethtool gfeatures
This fixes the crash described here:

 https://www.redhat.com/archives/libvir-list/2015-August/msg00162.html

In short, we were calling ioctl(SIOCETHTOOL) pointing to a too-short
object that was a local on the stack, resulting in the memory past the
end of the object being overwritten. This was because the struct used
by the ETHTOOL_GFEATURES command of SIOCETHTOOL ends with a 0-length
array, but we were telling ethtool that it could use 2 elements on the
array.

The fix is to allocate the necessary memory with VIR_ALLOC_VAR(),
including the extra length needed for a 2 element array at the end.
2015-08-11 15:29:14 -04:00
Andrea Bolognani
133c25c81c cpu: Fix segfault in the ppc64 driver
Commit adb865d introduced some changes in ppc64DriverNodeData()
that cause libvirtd to crash on startup unless this patch is
applied as well.
2015-08-11 18:05:04 +02:00
Michal Privoznik
b044e3257f qemu: Implement VIR_DOMAIN_BANDWIDTH_IN_FLOOR
Well, there are just two places that needs adjustment:

qemuDomainGetInterfaceParameters - to report the @floor
qemuDomainSetInterfaceParameters - now that the function has been
fixed, we can allow updating @floor too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
d7f5c88961 virsh: Implement VIR_DOMAIN_BANDWIDTH_IN_FLOOR
We have a function parseRateStr() that parses --inbound and
--outbound arguments to both attach-interface and domiftune.
Now that we have all virTypedParams macros needed for QoS,
lets parse even floor attribute. The extended format for the
arguments looks like this then:

  --inbound average[,peak[,burst[,floor]]]

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
55d0e859fd Introduce VIR_DOMAIN_BANDWIDTH_IN_FLOOR
This macro represents the single missing field we don't expose
yet within QoS: inbound.floor.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
6983d6d2c3 virsh: Rework parseRateStr
The function is used to parse a tuple delimited by commas into
virNetDevBandwidth structure. So far only three out of fore
fields are supported: average, peak and burst. The single missing
field is floor. Well, the parsing works, but I think we can do
better. Especially when we will need to parse floor too in very
close future.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
5ee6d243fc qemuDomainSetInterfaceParameters: Use new functions to update bandwidth
As sketched in previous commits, imagine the following scenario:

  virsh # domiftune gentoo vnet0
  inbound.average: 100
  inbound.peak   : 0
  inbound.burst  : 0
  outbound.average: 100
  outbound.peak  : 0
  outbound.burst : 0

  virsh # domiftune gentoo vnet0 --inbound 0

  virsh # shutdown gentoo
  Domain gentoo is being shutdown

  virsh # list --all
  error: Failed to list domains
  error: Cannot recv data: Connection reset by peer

  Program received signal SIGSEGV, Segmentation fault.
  0x00007fffe80ea221 in networkUnplugBandwidth (net=0x7fff9400c1a0, iface=0x7fff940ea3e0) at network/bridge_driver.c:4881
  4881            net->floor_sum -= ifaceBand->in->floor;

This is rather unfortunate. We should not SIGSEGV here. The
problem is, that while in the second step the inbound QoS was
cleared out, the network part of it was not updated (moreover, we
don't report that vnet0 had inbound.floor set). Internal
structure therefore still had some fragments left (e.g.
class_id). So when qemuProcessStop() started to clean up the
environment it got to networkUnplugBandwidth(). Here, class_id is
set therefore function assumes that there is an inbound QoS. This
actually is a fair assumption to make, there's no need for a
special QoS box in network's QoS when there's no QoS to set.
Anyway, the problem is not the networkUnplugBandwidth() rather
than qemuDomainSetInterfaceParameters() which completely forgot
about QoS being disperse (some parts are set directly on
interface itself, some on bridge the interface is plugged into).

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
812932bea2 bridge_driver: Introduce networkBandwidthUpdate
So, if a domain vNIC's bandwidth has been successfully set, it's
possible that because @floor is set on network's bridge, this
part may need updating too. And that's exactly what this function
does. While the previous commit introduced a function to check if
@floor can be satisfied, this does all the hard work. In general,
there may be three, well four possibilities:

  1) No change in @floor value (either it remain unset, or its
  value hasn't changed)

  2) The @floor value has changed from a non-zero to a non-zero
  value

  3) New @floor is to be set

  4) Old @floor must be cleared out

The difference between 2), 3) and 4) is, that while in 2) the QoS
tree on the network's bridge already has a special class for the
vNIC, in 3) the class must be created from scratch. In 4) it must
be removed. Fortunately, we have helpers for all three
interesting cases.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
41a1531de5 bridge_driver: Introduce networkBandwidthChangeAllowed
When a domain vNIC's bandwidth is to be changed (at runtime) it is
possible that guaranteed minimal bandwidth (@floor) will change too.
Well, so far it is, because we still don't have an implementation that
allows setting it dynamically, so it's effectively erased on:

    #virsh domiftune $dom vnet0 --inbound 0

However, that's slightly unfortunate. We do some checks on domain
startup to see if @floor can be guaranteed. We ought do the same if
QoS is changed at runtime.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
45090449c4 virNetDevBandwidthUpdateRate: turn class_id into integer
This is no functional change. It's just that later in the series we
will need to pass class_id as an integer.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Michal Privoznik
327bc16a05 virNetDevParseMcast: Avoid magic constant
There is no guarantee that an enum start it mapped onto a value
of zero. However, we are guaranteed that enum items are
consecutive integers. Moreover, it's a pity to define an enum to
avoid using magical constants but then using them anyway.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-11 16:10:32 +02:00
Martin Kletzander
1f24c1494a conf: Don't try formating non-existing addresses
Commit a6f9af8292 added checking for address colisions between
starting and ending addresses of forwarding addresses, but forgot that
there might be no addresses set at all.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-11 16:07:41 +02:00
Andrea Bolognani
818e68c5b4 tests: Add a bunch of cpu test case for ppc64
The test cases cover the cpuCompare(), cpuBaseline() and
cpuNodeData() implementation.
2015-08-11 15:25:28 +02:00
Andrea Bolognani
049df97504 tests: Re-enable ppc64 cpu tests
Now that all the changes have been implemented we can run the
test cases once again, after updating them to reflect the new
behaviour.
2015-08-11 15:25:28 +02:00
Andrea Bolognani
344d1675e8 cpu: Forbid model fallback in the ppc64 driver
Unlike what happens on x86, on ppc64 you can't mix and match CPU
features to obtain the guest CPU you want regardless of the host
CPU, so the concept of model fallback doesn't apply.

Make sure CPU definitions emitted by the driver, eg. as output of
the cpuBaseline() and cpuUpdate() calls, reflect this fact.
2015-08-11 15:25:28 +02:00
Andrea Bolognani
dee2247afa cpu: Implement backwards compatibility in the ppc64 driver
All previously recognized CPU models (POWER7_v2.1, POWER7_v2.3,
POWER7+_v2.1 and POWER8_v1.0) are internally converted to the
corrisponding generation name so that existing guests don't stop
working.
2015-08-11 15:25:24 +02:00
Andrea Bolognani
36300d2ba1 cpu: Add POWER8NVL information to CPU map XML
This is yet another variation of POWER8. The PVR information comes
from arch/powerpc/kernel/cputable.c in the Linux kernel tree.
2015-08-11 14:09:43 +02:00
Andrea Bolognani
5d0aa93c50 cpu: Parse and use PVR masks in the ppc64 driver
Instead of relying on a hard-coded mask value, read it from the CPU
map XML and use it when looking up models by PVR.
2015-08-11 14:09:37 +02:00
Andrea Bolognani
d87359af5e cpu: Simplify ppc64 part of CPU map XML
Use multiple PVRs per CPU model to reduce the number of models we
need to keep track of.

Remove specific CPU models (eg. POWER7+_v2.1): the corresponding
generic CPU model (eg. POWER7) should be used instead to ensure
the guest can be booted on any compatible host.

Get rid of all the entries that did not match any of the CPU
models supported by QEMU, like power8 and power8e.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1250977
2015-08-11 14:05:35 +02:00
Andrea Bolognani
59fcc96195 cpu: Support multiple PVRs in the ppc64 driver
This will allow us to perform PVR matching more broadly, eg. consider
both POWER8 and POWER8E CPUs to be the same even though they have
different PVR values.
2015-08-11 14:05:25 +02:00
Andrea Bolognani
adb865df85 cpu: Align ppc64 CPU data with x86
Use a typedef instead of the plain struct and heap allocation. This
will make it easier to extend the ppc64 specific CPU data later on.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
04f5a60d4b tests: Temporarily disable ppc64 cpu tests
The upcoming commits will make heavy modifications to the ppc64
driver, split so that it's easier to review the changes.

Instead of updating the test cases so that they pass, possibly
only to update them again with the following commit, disable them
for the time being.

Another commit will update them all in one go once all required
changes are in place.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
d574094d30 cpu: Use ppc64Compute() to implement ppc64DriverCompare()
This ensures comparison of two CPU definitions will be consistent
regardless of the fact that it is performed using cpuCompare() or
cpuGuestData(). The x86 driver uses the same exact code.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
96b2c7459c cpu: CPU model names have to match on ppc64
Limitations of the POWER architecture mean that you can't run
eg. a POWER7 guest on a POWER8 host when using KVM. This applies
to all guests, not just those using VIR_CPU_MATCH_STRICT in the
CPU definition; in fact, exact and strict CPU matching are
basically the same on ppc64.

This means, of course, that hosts using different CPUs have to be
considered incompatible as well.

Change ppc64Compute(), called by cpuGuestData(), to reflect this
fact and update test cases accordingly.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1250977
2015-08-11 11:04:57 +02:00
Andrea Bolognani
8382136d42 cpu: Never skip CPU model name check in ppc64 driver
ppc64Compute(), called by cpuNodeData(), is used not only to retrieve
the driver-specific data associated to a guest CPU definition, but
also to check whether said guest CPU is compatible with the host CPU.

If the user is not interested in the CPU data, it's perfectly fine
to pass a NULL pointer instead of a return location, and the
compatibility data returned should not be affected by this. One of
the checks, specifically the one on CPU model name, was however
only performed if the return location was non-NULL.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
e5ef51a4c0 tests: Improve result handling in cpuTestGuestData()
A test is considered successful if the obtained result matches
the expected result: if that's not the case, whether because a
test that was expected to succeed failed or because a test that
was supposed to fail succeeded, then something's not right and
we want the user to know about this.

On the other hand, if a failure that's unrelated to the bits
we're testing occurs, then the user should be notified even if
the test was expected to fail.

Use different values to tell these two situations apart.

Fix a test case that was wrongly expected to fail as well.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
81a925e0f9 tests: Remove unused file
No functional changes.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
cb8c0e1102 cpu: Remove ISA information from CPU map XML
The information is not used anywhere in libvirt.

No functional changes.
2015-08-11 11:04:57 +02:00
Andrea Bolognani
b85b51f2a5 cpu: Reorder functions in the ppc64 driver
Having the functions grouped together this way will avoid further
shuffling around down the line.

No functional changes.
2015-08-11 11:04:56 +02:00
Andrea Bolognani
c238d16af4 cpu: Simplify ppc64ModelFromCPU() 2015-08-11 11:04:56 +02:00
Andrea Bolognani
4590f0678f cpu: Simplify NULL handling in ppc64 driver
Use briefer checks, eg. (!model) instead of (model == NULL), and
avoid initializing to NULL a pointer that would be assigned in
the first line of the function anyway.

Also remove a pointless NULL assignment.

No functional changes.
2015-08-11 11:04:56 +02:00
Andrea Bolognani
2686bf2292 cpu: Mark driver functions in ppc64 driver
Use the ppc64Driver prefix for all functions that are used to
fill in the cpuDriverPPC64 structure, ie. those that are going
to be called by the generic CPU code.

This makes it clear which functions are exported and which are
implementation details; it also gets rid of the ambiguity that
affected the ppc64DataFree() function which, despite what the
name suggested, was not related to ppc64DataCopy() and could
not be used to release the memory allocated for a
virCPUppc64Data* instance.

No functional changes.
2015-08-11 11:04:56 +02:00
Erik Skultety
eefec56b47 admin: Drop 'internal.h' include from libvirt-admin.h
This is a public library, it shouldn't include anything that is
internal. Including the library in it's current state to an example
application fails the preprocessor phase.
2015-08-11 10:41:10 +02:00
Laine Stump
f4f1d18dc4 qemu: fail on attempts to use <filterref> for non-tap network connections
nwfilter uses iptables and ebtables, which only work properly on
tap-based network connections (*not* on macvtap, for example), but we
just ignore any <filterref> elements for other types of networks,
potentially giving users a false sense of security.

This patch checks the network type and fails/logs an error if any
domain <interface> has a <filterref> when the connection isn't using a
tap device.

This resolves:

  https://bugzilla.redhat.com/show_bug.cgi?id=1180011
2015-08-10 13:08:41 -04:00
Laine Stump
a6f9af8292 network: validate network NAT range
This patch modifies virSocketAddrGetRange() to function properly when
the containing network/prefix of the address range isn't known, for
example in the case of the NAT range of a virtual network (since it is
a range of addresses on the *host*, not within the network itself). We
then take advantage of this new functionality to validate the NAT
range of a virtual network.

Extra test cases are also added to verify that virSocketAddrGetRange()
works properly in both positive and negative cases when the network
pointer is NULL.

This is the *real* fix for:

https://bugzilla.redhat.com/show_bug.cgi?id=985653

Commits 1e334a and 48e8b9 had earlier been pushed as fixes for that
bug, but I had neglected to read the report carefully, so instead of
fixing validation for the NAT range, I had fixed validation for the
DHCP range. sigh.
2015-08-10 13:06:56 -04:00
Martin Kletzander
cf0404455c qemu: Enable ioeventfd usage for virtio-scsi controllers
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1150484

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 15:05:34 +02:00
Martin Kletzander
35eecddee3 conf: Add ioeventfd option for controllers
This will be used with a virtio-scsi controller later on.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 15:05:34 +02:00
Michal Privoznik
2a5d3f227d virNetDevBandwidthParseRate: Reject negative values
https://bugzilla.redhat.com/show_bug.cgi?id=1022292

The following XML really does not make any sense:

<inbound average="-1" burst="-2" peak="-3" floor="-4"/>

There can't be a negative packet rate. Well, so far we haven't
assigned any meaning to it. So reject it unless users harm themselves,
because otherwise we turn the negative numbers into really big values.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-10 13:47:48 +02:00
Cao jin
17cba9fb51 qemuMonitorOpenInternal: remove redundant code
There's no need to set mon->fd to a dummy value since
it's initialized to proper value just a few lines below.

Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
2015-08-10 13:47:33 +02:00
Martin Kletzander
a8743c3938 rpc: Remove keepalive_required option
Since its introduction in 2011 (particularly in commit f4324e3292),
the option doesn't work.  It just effectively disables all incoming
connections.  That's because the client private data that contain the
'keepalive_supported' boolean, are initialized to zeroes so the bool is
false and the only other place where the bool is used is when checking
whether the client supports keepalive.  Thus, according to the server,
no client supports keepalive.

Removing this instead of fixing it is better because a) apparently
nobody ever tried it since 2011 (4 years without one month) and b) we
cannot know whether the client supports keepalive until we get a ping or
pong keepalive packet.  And that won't happen until after we dispatched
the ConnectOpen call.

Another two reasons would be c) the keepalive_required was tracked on
the server level, but keepalive_supported was in private data of the
client as well as the check that was made in the remote layer, thus
making all other instances of virNetServer miss this feature unless they
all implemented it for themselves and d) we can always add it back in
case there is a request and a use-case for it.

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
2015-08-10 13:15:56 +02:00
Cao jin
b1ad57ecd2 fix typo in comments
Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
2015-08-10 09:39:13 +02:00
Michal Privoznik
bc359f77f3 virDomainCoreDumpWithFormat: Mention enum for @dumpformat
So the API takes @dumpformat argument. This is what makes it special
when compared to virDomainCoreDump. The argument is there so that
users can choose the format of resulting core dump file. And to ease
them the choosing process we even have an enum with supported values
across all the hypervisors. But we don't mention the enum in  the
function description anywhere. Fix it!

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2015-08-10 08:40:27 +02:00
Laine Stump
6a21bc119e network: verify proper address family in updates to <host> and <range>
By specifying parentIndex in a call to virNetworkUpdate(), it was
possible to direct libvirt to add a dhcp range or static host of a
non-matching address family to the <dhcp> element of an <ip>. For
example, given:

 <ip address='192.168.122.1' netmask='255.255.255.0'/>
 <ip family='ipv6' address='2001:db6:ca3:45::1' prefix='64'/>

you could provide a static host entry with an IPv4 address, and
specify that it be added to the 2nd <ip> element (index 1):

  virsh net-update default add ip-dhcp-host --parent-index 1 \
  '<host mac="52:54:00:00:00:01" ip="192.168.122.45"/>'

This would be happily added with no error (and no concern of any
possible future consequences).

This patch checks that any dhcp range or host element being added to a
network ip's <dhcp> subelement has addresses of the same family as the
ip element they are being added to.

This resolves:

  https://bugzilla.redhat.com/show_bug.cgi?id=1184736
2015-08-10 02:38:41 -04:00
Laine Stump
7d69387cd6 qemu: support new pci controller model "pcie-switch-downstream-port"
This is backed by the qemu device xio3130-downstream. It can only be
connected to a pcie-switch-upstream-port (x3130-upstream) on the
upstream side.
2015-08-09 22:32:00 -04:00
Laine Stump
76379a6ec1 conf: new pcie-controller model "pcie-switch-downstream-port"
This controller can be connected only to a port on a
pcie-switch-upstream-port. It provides a single hotpluggable port that
will accept any PCI or PCIe device, as well as any device requiring a
pcie-*-port (the only current example of such a device is the
pcie-switch-upstream-port).
2015-08-09 22:30:47 -04:00
Laine Stump
ad1748a1aa qemu: add capabilities bit for device xio3130-downstream
The downstream ports of an x3130-upstream switch can each have one of
these plugged into them (and that is the only place they can be
connected). Each xio3130-downstream provides a single PCIe port that
can have PCI or PCIe devices hotplugged into it. Apparently an entire
set of x3130-upstream + several xio3130-downstreams can be hotplugged
as a unit, but it's not clear to me yet how that would be done, since
qemu only allows attaching a single device at a time.

This device will be used to implement the
"pcie-switch-downstream-port" model of pci controller.
2015-08-09 22:29:25 -04:00
Laine Stump
cb99086d1b qemu: support new pci controller model "pcie-switch-upstream-port"
this is backed by the qemu device x3130-upstream. It can only plug
into a pcie-root-port or pcie-switch-downstream-port.
2015-08-09 22:16:10 -04:00
Laine Stump
38ea9515af conf: new pci controller model "pcie-switch-upstream-port"
This controller can be connected only to a pcie-root-port or a
pcie-switch-downstream-port (which will be added in a later patch),
which is the reason for the new connect type
VIR_PCI_CONNECT_TYPE_PCIE_PORT. A pcie-switch-upstream-port provides
32 ports (slot=0 to slot=31) on the downstream side, which can only
have pci controllers of model "pcie-switch-downstream-port" plugged
into them, which is the reason for the other new connect type
VIR_PCI_CONNECT_TYPE_PCIE_SWITCH.
2015-08-09 22:12:29 -04:00
Laine Stump
4cde758808 qemu: add capabilities bit for device x3130-upstream
This is the upstream part of a PCIe switch. It connects to a PCIe port
(but not PCI) on the upstream side, and can have up to 31
xio3130-downstream controllers (but no other types of devices)
connected to its downstream side.

This device will be used to implement the "pcie-switch-upstream-port"
model of pci controller.
2015-08-09 22:02:16 -04:00