[libvirt] [PATCH] Fix vm's outbound traffic control problem
Hello, This is a patch to fix vm's outbound traffic control problem. Currently, vm's outbound traffic control by libvirt doesn't go well. This problem was previously discussed at libvir-list ML, however it seems that there isn't still any answer to the problem. http://www.redhat.com/archives/libvir-list/2011-August/msg00333.html I measured Guest(with virtio-net) to Host TCP throughput with the command netperf -H. Here are the outbound QoS parameters and the results. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 4.56 2048 (16Mbit/s) : 3.29 4096 (32Mbit/s) : 3.35 8192 (64Mbit/s) : 3.95 16384 (128Mbit/s) : 4.08 32768 (256Mbit/s) : 3.94 65536 (512Mbit/s) : 3.23 The outbound traffic goes down unreasonably and is even not controled. The cause of this problem is too large mtu value in tc filter command run by libvirt. The command uses burst value to set mtu and the burst is equal to average rate value if it's not set. This value is too large. For example if the average rate is set to 1024 kilobytes/s, the mtu value is set to 1024 kilobytes. That's too large compared to the size of network packets. Here libvirt applies tc ingress filter to Host's vnet(tun) device. Tc ingress filter is implemented with TBF(Token Buckets Filter) algorithm. TBF uses mtu value to calculate the amount of token consumed by each packet. With too large mtu value, the token consumption rate is set too large. This leads to token starvation and deterioration of TCP throughput. Then, should we use the default mtu value 2 kilobytes? The anser is No, because Guest with virtio-net device uses 65536 bytes as mtu to transmit packets to Host, and the tc filter with the default mtu value 2k drops packets whose size is larger than 2k. So, the most packets is droped and again leads to deterioration of TCP throughput. The appropriate mtu value is 65536 bytes which is equal to the maximum value of network interface device defined in linux/netdevice.h. The value is not so large that it causes token starvation and not so small that it drops most packets. Therefore this patch set the mtu value to 64kb(== 65535 bytes). Again, here are the outbound QoS parameters and the TCP throughput with the libvirt patched. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 8.22 2048 (16Mbit/s) : 16.42 4096 (32Mbit/s) : 32.93 8192 (64Mbit/s) : 66.85 16384 (128Mbit/s) : 133.88 32768 (256Mbit/s) : 271.01 65536 (512Mbit/s) : 547.32 The outbound traffic conforms to the given limit. Thank you, Signed-off-by: Eiichi Tsukata eiichi.tsukata...@hitachi.com --- AUTHORS |1 + src/util/virnetdevbandwidth.c |2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/AUTHORS b/AUTHORS index b876ee6..375db24 100644 --- a/AUTHORS +++ b/AUTHORS @@ -246,6 +246,7 @@ Patches have also been contributed by: Gerd Hoffmannkra...@redhat.com Viktor Mihajlovski mihaj...@linux.vnet.ibm.com Thang Pham thang.p...@us.ibm.com + Eiichi Tsukata eiichi.tsukata...@hitachi.com [send patches to get your name here] diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c index b9bd2e3..93df5c1 100644 --- a/src/util/virnetdevbandwidth.c +++ b/src/util/virnetdevbandwidth.c @@ -136,7 +136,7 @@ virNetDevBandwidthSet(const char *ifname, virCommandAddArgList(cmd, filter, add, dev, ifname, parent, :, protocol, ip, u32, match, ip, src, 0.0.0.0/0, police, rate, average, - burst, burst, mtu, burst, drop, flowid, + burst, burst, mtu, 64kb, drop, flowid, :1, NULL); if (virCommandRun(cmd, NULL) 0) -- 1.7.4.4 -- Eiichi Tsukata Linux Technology Center Hitachi, Ltd., Yokohama Research Laboratory E-mail: eiichi.tsukata...@hitachi.com -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] build: define WITH_INTERFACE for the driver
On 2012年06月29日 07:57, Eric Blake wrote: Our code was mistakenly relying on an undefined macro, WITH_INTERFACE, for determining whether to load the interface driver which wraps the netcf library. Clean this situation up by having only one automake conditional for the driver, and having both WITH_NETCF (library detected) and WITH_INTERFACE (driver enabled) in C code, in case a future patch ever adds a network management via means other than the netcf library. Foresighted. :-) While at it, output more information at the conclusion of configure about the various drivers we enabled. * configure.ac: Enhance with_netcf, and add with_interface. Improve output to list final decisions. Replace WITH_NETCF with WITH_INTERFACE. * src/interface/netcf_driver.c: Rename... * src/interface/interface_driver.c: ...to this. * src/interface/interface_driver.h: Likewise. * daemon/Makefile.am (libvirtd_LDADD): Reflect better naming. * src/Makefile.am (libvirt_driver_interface_la_*): Likewise. (INTERFACE_DRIVER_SOURCES): Reflect file moves. * daemon/libvirtd.c (daemonInitialize): Likewise. * tools/virsh.c (vshShowVersion): Show both driver and library decisions. * libvirt.spec.in (with_interface): Tweak to deal with new usage as a real switch. --- I think this addresses the point that Osier raised here: https://www.redhat.com/archives/libvir-list/2012-June/msg01266.html but it is complex enough that I'd appreciate a careful review. configure.ac | 44 daemon/Makefile.am |2 +- daemon/libvirtd.c |6 +-- libvirt.spec.in| 10 +++-- src/Makefile.am|4 +- .../{netcf_driver.c = interface_driver.c} |4 +- .../{netcf_driver.h = interface_driver.h} |0 tools/virsh.c | 11 +++-- 8 files changed, 59 insertions(+), 22 deletions(-) rename src/interface/{netcf_driver.c = interface_driver.c} (99%) rename src/interface/{netcf_driver.h = interface_driver.h} (100%) diff --git a/configure.ac b/configure.ac index 6436885..a29b3b2 100644 --- a/configure.ac +++ b/configure.ac @@ -1755,6 +1755,7 @@ if test $with_network = yes ; then fi AM_CONDITIONAL([WITH_NETWORK], [test $with_network = yes]) +dnl check whether helper code is needed for above selections with_bridge=no if test $with_qemu:$with_lxc:$with_network != no:no:no; then with_bridge=yes @@ -1762,16 +1763,31 @@ if test $with_qemu:$with_lxc:$with_network != no:no:no; then fi AM_CONDITIONAL([WITH_BRIDGE], [test $with_bridge = yes]) -dnl netcf library +dnl check if the interface driver should be compiled + +AC_ARG_WITH([interface], + AC_HELP_STRING([--with-interface], +[with host interface driver @:@default=check@:@]),[], +[with_interface=check]) Do we have to expose with-interface? It will give the user a logic question, pick with-interface, or 'with-netcf', or both, even more when we have other implementations of interface driver in future. however, the logic is simple, and we do it inside actually: as long as one implementation of the interface driver is picked to compile, we have the WITH_INTERFACE. so IMHO no need to give the user the simple logic question. :-) + +dnl there's no use compiling the interface driver without the libvirt daemon +if test $with_libvirtd = no; then + with_interface=no +fi If we don't expose 'with-interface', we don't need this.. + +dnl The interface driver depends on the netcf library AC_ARG_WITH([netcf], AC_HELP_STRING([--with-netcf], [libnetcf support to configure physical host network interfaces @:@default=check@:@]), [], [with_netcf=check]) NETCF_CFLAGS= NETCF_LIBS= -if test $with_libvirtd = no ; then +if test $with_libvirtd = no || test $with_interface = no; then with_netcf=no fi +if test $with_interface:$with_netcf = yes:check; then + with_netcf=yes +fi if test $with_netcf = yes || test $with_netcf = check; then PKG_CHECK_MODULES(NETCF, netcf= $NETCF_REQUIRED, [with_netcf=yes], [ @@ -1792,11 +1808,21 @@ if test $with_netcf = yes || test $with_netcf = check; then fi fi fi -AM_CONDITIONAL([WITH_NETCF], [test $with_netcf = yes]) AC_SUBST([NETCF_CFLAGS]) AC_SUBST([NETCF_LIBS]) +dnl Final decision on the interface driver +if test $with_interface = check; then + with_interface=$with_netcf +fi + +if test $with_interface = yes ; then + AC_DEFINE_UNQUOTED([WITH_INTERFACE], [1], +[whether interface driver is enabled]) +fi +AM_CONDITIONAL([WITH_INTERFACE], [test $with_interface = yes]) And above changes, what we need is just: if test $with_netfs = yes || with_something_else = yes; then AC_DEFINE_UNQUOTED([WITH_INTERFACE], [1], [whether interface driver is enabled]) fi AM_CONDITIONAL([WITH_INTERFACE], [test $with_interface = yes]) +dnl Check whether the
Re: [libvirt] [PATCH] Fix vm's outbound traffic control problem
On 29.06.2012 08:09, Eiichi Tsukata wrote: Hello, This is a patch to fix vm's outbound traffic control problem. Currently, vm's outbound traffic control by libvirt doesn't go well. This problem was previously discussed at libvir-list ML, however it seems that there isn't still any answer to the problem. http://www.redhat.com/archives/libvir-list/2011-August/msg00333.html I measured Guest(with virtio-net) to Host TCP throughput with the command netperf -H. Here are the outbound QoS parameters and the results. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 4.56 2048 (16Mbit/s) : 3.29 4096 (32Mbit/s) : 3.35 8192 (64Mbit/s) : 3.95 16384 (128Mbit/s) : 4.08 32768 (256Mbit/s) : 3.94 65536 (512Mbit/s) : 3.23 The outbound traffic goes down unreasonably and is even not controled. The cause of this problem is too large mtu value in tc filter command run by libvirt. The command uses burst value to set mtu and the burst is equal to average rate value if it's not set. This value is too large. For example if the average rate is set to 1024 kilobytes/s, the mtu value is set to 1024 kilobytes. That's too large compared to the size of network packets. Here libvirt applies tc ingress filter to Host's vnet(tun) device. Tc ingress filter is implemented with TBF(Token Buckets Filter) algorithm. TBF uses mtu value to calculate the amount of token consumed by each packet. With too large mtu value, the token consumption rate is set too large. This leads to token starvation and deterioration of TCP throughput. Then, should we use the default mtu value 2 kilobytes? The anser is No, because Guest with virtio-net device uses 65536 bytes as mtu to transmit packets to Host, and the tc filter with the default mtu value 2k drops packets whose size is larger than 2k. So, the most packets is droped and again leads to deterioration of TCP throughput. The appropriate mtu value is 65536 bytes which is equal to the maximum value of network interface device defined in linux/netdevice.h. The value is not so large that it causes token starvation and not so small that it drops most packets. Therefore this patch set the mtu value to 64kb(== 65535 bytes). Again, here are the outbound QoS parameters and the TCP throughput with the libvirt patched. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 8.22 2048 (16Mbit/s) : 16.42 4096 (32Mbit/s) : 32.93 8192 (64Mbit/s) : 66.85 16384 (128Mbit/s) : 133.88 32768 (256Mbit/s) : 271.01 65536 (512Mbit/s) : 547.32 The outbound traffic conforms to the given limit. Thank you, Signed-off-by: Eiichi Tsukata eiichi.tsukata...@hitachi.com --- AUTHORS |1 + src/util/virnetdevbandwidth.c |2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/AUTHORS b/AUTHORS index b876ee6..375db24 100644 --- a/AUTHORS +++ b/AUTHORS @@ -246,6 +246,7 @@ Patches have also been contributed by: Gerd Hoffmannkra...@redhat.com Viktor Mihajlovski mihaj...@linux.vnet.ibm.com Thang Pham thang.p...@us.ibm.com + Eiichi Tsukata eiichi.tsukata...@hitachi.com [send patches to get your name here] diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c index b9bd2e3..93df5c1 100644 --- a/src/util/virnetdevbandwidth.c +++ b/src/util/virnetdevbandwidth.c @@ -136,7 +136,7 @@ virNetDevBandwidthSet(const char *ifname, virCommandAddArgList(cmd, filter, add, dev, ifname, parent, :, protocol, ip, u32, match, ip, src, 0.0.0.0/0, police, rate, average, - burst, burst, mtu, burst, drop, flowid, + burst, burst, mtu, 64kb, drop, flowid, :1, NULL); if (virCommandRun(cmd, NULL) 0) Yeah, this tc magic was the hardest part when I've introduced QoS feature. I tested it on small values where this has not fully showed. ACK and pushed. Thanks! Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Entering freeze for libvirt-0.9.13
On Mon, Jun 25, 2012 at 07:20:59PM +0800, Daniel Veillard wrote: I just tagged the git tree and I pushed the tarball for rc1: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc1.tar.gz the rpms I build are coming along soon. Please give it a try, the basic seems okay to me (kvm driver seems to need the qemu one now but otherwise, no surprize so far) Give it a try too, and let's find if there are portability issues too ! I think i would make an rc2 release on wed or thursday, and then if everything is fine the release next week-end or on Monday. Build looks good so far on the Debian Buildds: https://buildd.debian.org/status/package.php?p=libvirtsuite=experimental Cheers, -- Guido -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Intend to add fuse filesystem support for libvirt lxc
On Fri, Jun 29, 2012 at 11:05:33AM +0800, Gao feng wrote: Hi Everyone, Now I'm working on making the container's system info(such as /proc/meminfo,cpuinfo..) isolate from the host. I made a patch which implement showing the /proc/meminfo base on container's memcg, and sent it to the community.(http://marc.info/?l=linux-mmm=133826035821338w=2) but I found it's difficult to be accepted, because this way is ugly, and somebody gave me some suggestions. the first way is making another kernel file(just like memory.limit_in_bytes),and mount it to the container. I don't like this way,because there will be many redundance information between this new kernel file and the existing kernel file,some files such as memory.stat already contains memcg information. the other way is adding fuse filesystem support for libvirt lxc. with this way, we can simply collect information from cgroup in fuse_operations.read function, and mount this file to the container. we can impletment isolate meminfo in userspace without changing kernel codes. I have impletment fuse support for libvrit now, and ready to impletement the meminfo isolated. I want to know if you have any comment or another ideas? Having read that long thread you quote above, I tend to agree that creating a FUSE filesystem is probably the best option we have for dealing with /proc in the short term. I'd expect it to be provided either in the libvirt_lxc controller process that is forked per container, or even perhaps in a new process libvirt_lxc_fuse forked per container. I can see two ways todo it - Provide a FUSE filesystem that just contains the couple of files we need, and then bind them over the top of the files in /proc - Provide a FUSE filesystem that does a union-fs like layering on top of an existing /proc mount, avoiding the need for bind mounts Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix vm's outbound traffic control problem
On Fri, Jun 29, 2012 at 11:08:18AM +0200, Michal Privoznik wrote: On 29.06.2012 08:09, Eiichi Tsukata wrote: Hello, This is a patch to fix vm's outbound traffic control problem. Currently, vm's outbound traffic control by libvirt doesn't go well. This problem was previously discussed at libvir-list ML, however it seems that there isn't still any answer to the problem. http://www.redhat.com/archives/libvir-list/2011-August/msg00333.html I measured Guest(with virtio-net) to Host TCP throughput with the command netperf -H. Here are the outbound QoS parameters and the results. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 4.56 2048 (16Mbit/s) : 3.29 4096 (32Mbit/s) : 3.35 8192 (64Mbit/s) : 3.95 16384 (128Mbit/s) : 4.08 32768 (256Mbit/s) : 3.94 65536 (512Mbit/s) : 3.23 The outbound traffic goes down unreasonably and is even not controled. The cause of this problem is too large mtu value in tc filter command run by libvirt. The command uses burst value to set mtu and the burst is equal to average rate value if it's not set. This value is too large. For example if the average rate is set to 1024 kilobytes/s, the mtu value is set to 1024 kilobytes. That's too large compared to the size of network packets. Here libvirt applies tc ingress filter to Host's vnet(tun) device. Tc ingress filter is implemented with TBF(Token Buckets Filter) algorithm. TBF uses mtu value to calculate the amount of token consumed by each packet. With too large mtu value, the token consumption rate is set too large. This leads to token starvation and deterioration of TCP throughput. Then, should we use the default mtu value 2 kilobytes? The anser is No, because Guest with virtio-net device uses 65536 bytes as mtu to transmit packets to Host, and the tc filter with the default mtu value 2k drops packets whose size is larger than 2k. So, the most packets is droped and again leads to deterioration of TCP throughput. The appropriate mtu value is 65536 bytes which is equal to the maximum value of network interface device defined in linux/netdevice.h. The value is not so large that it causes token starvation and not so small that it drops most packets. Therefore this patch set the mtu value to 64kb(== 65535 bytes). Again, here are the outbound QoS parameters and the TCP throughput with the libvirt patched. outbound average rate[kilobytes/s] : Guest to Host throughput[Mbit/s] == 1024 (8Mbit/s): 8.22 2048 (16Mbit/s) : 16.42 4096 (32Mbit/s) : 32.93 8192 (64Mbit/s) : 66.85 16384 (128Mbit/s) : 133.88 32768 (256Mbit/s) : 271.01 65536 (512Mbit/s) : 547.32 The outbound traffic conforms to the given limit. Thank you, Signed-off-by: Eiichi Tsukata eiichi.tsukata...@hitachi.com --- AUTHORS |1 + src/util/virnetdevbandwidth.c |2 +- 2 files changed, 2 insertions(+), 1 deletions(-) diff --git a/AUTHORS b/AUTHORS index b876ee6..375db24 100644 --- a/AUTHORS +++ b/AUTHORS @@ -246,6 +246,7 @@ Patches have also been contributed by: Gerd Hoffmannkra...@redhat.com Viktor Mihajlovski mihaj...@linux.vnet.ibm.com Thang Pham thang.p...@us.ibm.com + Eiichi Tsukata eiichi.tsukata...@hitachi.com [send patches to get your name here] diff --git a/src/util/virnetdevbandwidth.c b/src/util/virnetdevbandwidth.c index b9bd2e3..93df5c1 100644 --- a/src/util/virnetdevbandwidth.c +++ b/src/util/virnetdevbandwidth.c @@ -136,7 +136,7 @@ virNetDevBandwidthSet(const char *ifname, virCommandAddArgList(cmd, filter, add, dev, ifname, parent, :, protocol, ip, u32, match, ip, src, 0.0.0.0/0, police, rate, average, - burst, burst, mtu, burst, drop, flowid, + burst, burst, mtu, 64kb, drop, flowid, :1, NULL); if (virCommandRun(cmd, NULL) 0) Yeah, this tc magic was the hardest part when I've introduced QoS feature. I tested it on small values where this has not fully showed. ACK and pushed. Thanks! And special thanks for a very detailed explanation :-), excellent ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ --
Re: [libvirt] Entering freeze for libvirt-0.9.13
On Fri, Jun 29, 2012 at 11:15:02AM +0200, Guido Günther wrote: On Mon, Jun 25, 2012 at 07:20:59PM +0800, Daniel Veillard wrote: I just tagged the git tree and I pushed the tarball for rc1: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc1.tar.gz the rpms I build are coming along soon. Please give it a try, the basic seems okay to me (kvm driver seems to need the qemu one now but otherwise, no surprize so far) Give it a try too, and let's find if there are portability issues too ! I think i would make an rc2 release on wed or thursday, and then if everything is fine the release next week-end or on Monday. Build looks good so far on the Debian Buildds: https://buildd.debian.org/status/package.php?p=libvirtsuite=experimental Thanks Guido ! at least the s390 patches didn't break code portability :-) Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/6 v3] Support forward mode='hostdev' and interface pools
This patch series supports the forward mode='hostdev'. The functionality of this mode is the same as interface type='hostdev' but with the added benefit of using interface pools. The patch series also contains a patch to support use of interface names and PCI device addresses interchangeably in a network xml, and return the appropriate one in actualDevice when networkAllocateActualDevice is called. At the top level managed attribute can be specified with identical results as when it's specified for a hostdev. Currently forward mode='hostdev' does not support USB devices. Shradha Shah (6): Prerequisite Patch. virDomainDevicePCIAddress and respective functions moved to a new file called conf/device_conf.ch Moved the code to create implicit interface pool from PF to a new function RNG updates, new xml parser/formatter code to support forward mode=hostdev Code to return interface name or pci_addr of the VF in actualDevice Forward Mode Hostdev network driver Implementation Forward Mode 'Hostdev' qemu driver implementation docs/formatnetwork.html.in | 62 ++ docs/schemas/network.rng | 82 - include/libvirt/virterror.h|1 + src/Makefile.am|7 +- src/conf/device_conf.c | 135 + src/conf/device_conf.h | 65 +++ src/conf/domain_conf.c | 114 ++-- src/conf/domain_conf.h | 25 +--- src/conf/network_conf.c| 126 +++-- src/conf/network_conf.h| 29 +++- src/libvirt_private.syms | 10 +- src/network/bridge_driver.c| 322 +--- src/qemu/qemu_command.c| 27 ++- src/qemu/qemu_hotplug.c|7 +- src/qemu/qemu_monitor.c| 14 +- src/qemu/qemu_monitor.h| 17 +- src/qemu/qemu_monitor_json.c | 14 +- src/qemu/qemu_monitor_json.h | 14 +- src/qemu/qemu_monitor_text.c | 16 +- src/qemu/qemu_monitor_text.h | 14 +- src/util/virnetdev.c | 29 ++-- src/util/virnetdev.h |4 +- src/xen/xend_internal.c|3 +- tests/networkxml2xmlin/hostdev-pf.xml | 11 + tests/networkxml2xmlin/hostdev.xml | 10 + tests/networkxml2xmlout/hostdev-pf.xml |7 + tests/networkxml2xmlout/hostdev.xml| 10 + tests/networkxml2xmltest.c |2 + 28 files changed, 890 insertions(+), 287 deletions(-) create mode 100644 src/conf/device_conf.c create mode 100644 src/conf/device_conf.h create mode 100644 tests/networkxml2xmlin/hostdev-pf.xml create mode 100644 tests/networkxml2xmlin/hostdev.xml create mode 100644 tests/networkxml2xmlout/hostdev-pf.xml create mode 100644 tests/networkxml2xmlout/hostdev.xml -- 1.7.4.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/6 v3] Prerequisite Patch. virDomainDevicePCIAddress and respective functions moved to a new file called conf/device_conf.ch
Refactoring existing code without causing any functional changes to prepare for new code. This patch makes the code reusable. Signed-off-by: Shradha Shah ss...@solarflare.com --- include/libvirt/virterror.h |1 + src/Makefile.am |7 ++- src/conf/device_conf.c | 135 ++ src/conf/device_conf.h | 65 src/conf/domain_conf.c | 114 --- src/conf/domain_conf.h | 25 +--- src/libvirt_private.syms | 10 ++- src/qemu/qemu_command.c | 13 ++-- src/qemu/qemu_hotplug.c |7 +- src/qemu/qemu_monitor.c | 14 ++-- src/qemu/qemu_monitor.h | 17 +++--- src/qemu/qemu_monitor_json.c | 14 ++-- src/qemu/qemu_monitor_json.h | 14 ++-- src/qemu/qemu_monitor_text.c | 16 +++--- src/qemu/qemu_monitor_text.h | 14 ++-- src/xen/xend_internal.c |3 +- 16 files changed, 289 insertions(+), 180 deletions(-) diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h index 0e0bc9c..7ad1201 100644 --- a/include/libvirt/virterror.h +++ b/include/libvirt/virterror.h @@ -97,6 +97,7 @@ typedef enum { VIR_FROM_URI = 45, /* Error from URI handling */ VIR_FROM_AUTH = 46, /* Error from auth handling */ VIR_FROM_DBUS = 47, /* Error from DBus */ +VIR_FROM_DEVICE = 48, /* Error from Device */ # ifdef VIR_ENUM_SENTINELS VIR_ERR_DOMAIN_LAST diff --git a/src/Makefile.am b/src/Makefile.am index 2309984..7ffb3c2 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -199,6 +199,9 @@ CONSOLE_CONF_SOURCES = \ DOMAIN_LIST_SOURCES = \ conf/virdomainlist.c conf/virdomainlist.h +DEVICE_CONF_SOURCES = \ + conf/device_conf.c conf/device_conf.h + CONF_SOURCES = \ $(NETDEV_CONF_SOURCES) \ $(DOMAIN_CONF_SOURCES) \ @@ -212,7 +215,8 @@ CONF_SOURCES = \ $(SECRET_CONF_SOURCES) \ $(CPU_CONF_SOURCES) \ $(CONSOLE_CONF_SOURCES) \ - $(DOMAIN_LIST_SOURCES) + $(DOMAIN_LIST_SOURCES) \ + $(DEVICE_CONF_SOURCES) # The remote RPC driver, covering domains, storage, networks, etc REMOTE_DRIVER_GENERATED = \ @@ -1526,6 +1530,7 @@ libvirt_lxc_SOURCES = \ $(ENCRYPTION_CONF_SOURCES) \ $(NETDEV_CONF_SOURCES) \ $(DOMAIN_CONF_SOURCES) \ + $(DEVICE_CONF_SOURCES) \ $(SECRET_CONF_SOURCES) \ $(CPU_CONF_SOURCES) \ $(SECURITY_DRIVER_SOURCES) \ diff --git a/src/conf/device_conf.c b/src/conf/device_conf.c new file mode 100644 index 000..d4eb764 --- /dev/null +++ b/src/conf/device_conf.c @@ -0,0 +1,135 @@ +/* + * device_conf.h: device XML handling + * + * Copyright (C) 2006-2012 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Author: Shradha Shah ss...@solarflare.com + */ + +#include config.h +#include virterror_internal.h +#include datatypes.h +#include memory.h +#include xml.h +#include uuid.h +#include util.h +#include buf.h +#include conf/device_conf.h + +#define VIR_FROM_THIS VIR_FROM_DEVICE + +#define virDeviceReportError(code, ...) \ +virReportErrorHelper(VIR_FROM_DEVICE, code, __FILE__,\ + __FUNCTION__, __LINE__, __VA_ARGS__) + +VIR_ENUM_IMPL(virDeviceAddressPciMulti, + VIR_DEVICE_ADDRESS_PCI_MULTI_LAST, + default, + on, + off) + +int virDevicePCIAddressIsValid(virDevicePCIAddressPtr addr) +{ +/* PCI bus has 32 slots and 8 functions
[libvirt] [PATCH 2/6 v3] Moved the code to create implicit interface pool from PF to a new function
Just code movement no functional changes here. This makes the code reusable Signed-off-by: Shradha Shah ss...@solarflare.com --- src/network/bridge_driver.c | 84 ++ 1 files changed, 52 insertions(+), 32 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 7e8de19..36afa1b 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -2730,6 +2730,56 @@ int networkRegister(void) { * backend function table. */ +/* networkCreateInterfacePool: + * @netdef: the original NetDef from the network + * + * Creates an implicit interface pool of VF's when a PF dev is given + */ +static int +networkCreateInterfacePool(virNetworkDefPtr netdef) { +unsigned int num_virt_fns = 0; +char **vfname = NULL; +int ret = -1, ii = 0; + +if ((virNetDevGetVirtualFunctions(netdef-forwardPfs-dev, + vfname, num_virt_fns)) 0) { +networkReportError(VIR_ERR_INTERNAL_ERROR, + _(Could not get Virtual functions on %s), + netdef-forwardPfs-dev); +goto finish; +} + +if (num_virt_fns == 0) { +networkReportError(VIR_ERR_INTERNAL_ERROR, + _(No Vf's present on SRIOV PF %s), + netdef-forwardPfs-dev); + goto finish; +} + +if ((VIR_ALLOC_N(netdef-forwardIfs, num_virt_fns)) 0) { +virReportOOMError(); +goto finish; +} + +netdef-nForwardIfs = num_virt_fns; + +for (ii = 0; ii netdef-nForwardIfs; ii++) { +netdef-forwardIfs[ii].dev = strdup(vfname[ii]); +if (!netdef-forwardIfs[ii].dev) { +virReportOOMError(); +goto finish; +} +netdef-forwardIfs[ii].usageCount = 0; +} + +ret = 0; +finish: +for (ii = 0; ii num_virt_fns; ii++) +VIR_FREE(vfname[ii]); +VIR_FREE(vfname); +return ret; +} + /* networkAllocateActualDevice: * @iface: the original NetDef from the domain * @@ -2748,8 +2798,6 @@ networkAllocateActualDevice(virDomainNetDefPtr iface) virNetworkObjPtr network; virNetworkDefPtr netdef; virPortGroupDefPtr portgroup; -unsigned int num_virt_fns = 0; -char **vfname = NULL; int ii; int ret = -1; @@ -2895,36 +2943,11 @@ networkAllocateActualDevice(virDomainNetDefPtr iface) */ if (netdef-forwardType == VIR_NETWORK_FORWARD_PASSTHROUGH) { if ((netdef-nForwardPfs 0) (netdef-nForwardIfs = 0)) { -if ((virNetDevGetVirtualFunctions(netdef-forwardPfs-dev, - vfname, num_virt_fns)) 0) { +if ((networkCreateInterfacePool(netdef)) 0) { networkReportError(VIR_ERR_INTERNAL_ERROR, - _(Could not get Virtual functions on %s), - netdef-forwardPfs-dev); + _(Could not Interface Pool)); goto cleanup; } - -if (num_virt_fns == 0) { -networkReportError(VIR_ERR_INTERNAL_ERROR, - _(No Vf's present on SRIOV PF %s), - netdef-forwardPfs-dev); -goto cleanup; -} - -if ((VIR_ALLOC_N(netdef-forwardIfs, num_virt_fns)) 0) { -virReportOOMError(); -goto cleanup; -} - -netdef-nForwardIfs = num_virt_fns; - -for (ii = 0; ii netdef-nForwardIfs; ii++) { -netdef-forwardIfs[ii].dev = strdup(vfname[ii]); -if (!netdef-forwardIfs[ii].dev) { -virReportOOMError(); -goto cleanup; -} -netdef-forwardIfs[ii].usageCount = 0; -} } /* pick first dev with 0 usageCount */ @@ -2976,9 +2999,6 @@ networkAllocateActualDevice(virDomainNetDefPtr iface) ret = 0; cleanup: -for (ii = 0; ii num_virt_fns; ii++) -VIR_FREE(vfname[ii]); -VIR_FREE(vfname); if (network) virNetworkObjUnlock(network); if (ret 0) { -- 1.7.4.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/6 v3] RNG updates, new xml parser/formatter code to support forward mode=hostdev
This patch introduces the new forward mode='hostdev' along with attribute managed Includes updates to the network RNG and new xml parser/formatter code. Signed-off-by: Shradha Shah ss...@solarflare.com --- docs/schemas/network.rng | 82 +++-- src/conf/network_conf.c| 126 src/conf/network_conf.h| 29 +++- src/network/bridge_driver.c| 18 ++-- tests/networkxml2xmlin/hostdev-pf.xml | 11 +++ tests/networkxml2xmlin/hostdev.xml | 10 +++ tests/networkxml2xmlout/hostdev-pf.xml |7 ++ tests/networkxml2xmlout/hostdev.xml| 10 +++ tests/networkxml2xmltest.c |2 + 9 files changed, 262 insertions(+), 33 deletions(-) diff --git a/docs/schemas/network.rng b/docs/schemas/network.rng index 2ae879e..d1297cd 100644 --- a/docs/schemas/network.rng +++ b/docs/schemas/network.rng @@ -82,17 +82,41 @@ valuepassthrough/value valueprivate/value valuevepa/value + valuehostdev/value +/choice + /attribute +/optional + +optional + attribute name=managed +choice + valueyes/value + valueno/value /choice /attribute /optional interleave - zeroOrMore -element name='interface' - attribute name='dev' -ref name='deviceName'/ - /attribute -/element - /zeroOrMore + choice +group + zeroOrMore +element name='interface' + attribute name='dev' +ref name='deviceName'/ + /attribute +/element + /zeroOrMore +/group +group + zeroOrMore +element name='address' + attribute name='type' +valuepci/value + /attribute + ref name=pciaddress/ +/element + /zeroOrMore +/group + /choice optional element name='pf' attribute name='dev' @@ -238,4 +262,48 @@ /interleave /element /define + define name=pciaddress +optional + attribute name=domain +ref name=pciDomain/ + /attribute +/optional +attribute name=bus + ref name=pciBus/ +/attribute +attribute name=slot + ref name=pciSlot/ +/attribute +attribute name=function + ref name=pciFunc/ +/attribute +optional + attribute name=multifunction +choice + valueon/value + valueoff/value +/choice + /attribute +/optional + /define + define name=pciDomain +data type=string + param name=pattern(0x)?[0-9a-fA-F]{1,4}/param +/data + /define + define name=pciBus +data type=string + param name=pattern(0x)?[0-9a-fA-F]{1,2}/param +/data + /define + define name=pciSlot +data type=string + param name=pattern(0x)?[0-1]?[0-9a-fA-F]/param +/data + /define + define name=pciFunc +data type=string + param name=pattern(0x)?[0-7]/param +/data + /define /grammar diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c index 515bc36..be37856 100644 --- a/src/conf/network_conf.c +++ b/src/conf/network_conf.c @@ -48,10 +48,14 @@ #define VIR_FROM_THIS VIR_FROM_NETWORK VIR_ENUM_DECL(virNetworkForward) - VIR_ENUM_IMPL(virNetworkForward, VIR_NETWORK_FORWARD_LAST, - none, nat, route, bridge, private, vepa, passthrough ) + none, nat, route, bridge, private, vepa, passthrough, hostdev) + +VIR_ENUM_DECL(virNetworkForwardHostdevDevice) +VIR_ENUM_IMPL(virNetworkForwardHostdevDevice, + VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_LAST, + none, pci) #define virNetworkReportError(code, ...)\ virReportErrorHelper(VIR_FROM_NETWORK, code, __FILE__, \ @@ -100,6 +104,12 @@ virPortGroupDefClear(virPortGroupDefPtr def) static void virNetworkForwardIfDefClear(virNetworkForwardIfDefPtr def) { +VIR_FREE(def-device.dev); +} + +static void +virNetworkForwardPfDefClear(virNetworkForwardPfDefPtr def) +{ VIR_FREE(def-dev); } @@ -163,12 +173,13 @@ void virNetworkDefFree(virNetworkDefPtr def) VIR_FREE(def-domain); for (ii = 0 ; ii def-nForwardPfs def-forwardPfs ; ii++) { -virNetworkForwardIfDefClear(def-forwardPfs[ii]); +virNetworkForwardPfDefClear(def-forwardPfs[ii]); } VIR_FREE(def-forwardPfs); for (ii = 0 ; ii def-nForwardIfs def-forwardIfs ; ii++) { -
[libvirt] [PATCH 4/6 v3] Code to return interface name or pci_addr of the VF in actualDevice
The network pool should be able to keep track of both, network device names nad PCI addresses, and return the appropriate one in the actualDevice when networkAllocateActualDevice is called. Signed-off-by: Shradha Shah ss...@solarflare.com --- src/network/bridge_driver.c | 33 +++-- src/util/virnetdev.c| 29 - src/util/virnetdev.h|4 +++- 3 files changed, 46 insertions(+), 20 deletions(-) diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 230012c..2f8a937 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -59,6 +59,7 @@ #include dnsmasq.h #include configmake.h #include virnetdev.h +#include pci.h #include virnetdevbridge.h #include virnetdevtap.h @@ -2739,10 +2740,11 @@ static int networkCreateInterfacePool(virNetworkDefPtr netdef) { unsigned int num_virt_fns = 0; char **vfname = NULL; +struct pci_config_address **virt_fns; int ret = -1, ii = 0; if ((virNetDevGetVirtualFunctions(netdef-forwardPfs-dev, - vfname, num_virt_fns)) 0) { + vfname, virt_fns, num_virt_fns)) 0) { networkReportError(VIR_ERR_INTERNAL_ERROR, _(Could not get Virtual functions on %s), netdef-forwardPfs-dev); @@ -2764,19 +2766,38 @@ networkCreateInterfacePool(virNetworkDefPtr netdef) { netdef-nForwardIfs = num_virt_fns; for (ii = 0; ii netdef-nForwardIfs; ii++) { -netdef-forwardIfs[ii].device.dev = strdup(vfname[ii]); -if (!netdef-forwardIfs[ii].device.dev) { -virReportOOMError(); -goto finish; +if (netdef-forwardType == VIR_NETWORK_FORWARD_PASSTHROUGH) { +if(vfname[ii]) { +netdef-forwardIfs[ii].device.dev = strdup(vfname[ii]); +if (!netdef-forwardIfs[ii].device.dev) { +virReportOOMError(); +goto finish; +} +} +else { +networkReportError(VIR_ERR_INTERNAL_ERROR, + _(Passthrough mode requires interface names)); +goto finish; +} +} +else if (netdef-forwardType == VIR_NETWORK_FORWARD_HOSTDEV) { +netdef-forwardIfs[ii].type = VIR_NETWORK_FORWARD_HOSTDEV_DEVICE_PCI; /*Assuming PCI as VF's are PCI devices */ +netdef-forwardIfs[ii].device.pci.domain = virt_fns[ii]-domain; +netdef-forwardIfs[ii].device.pci.bus = virt_fns[ii]-bus; +netdef-forwardIfs[ii].device.pci.slot = virt_fns[ii]-slot; +netdef-forwardIfs[ii].device.pci.function = virt_fns[ii]-function; } netdef-forwardIfs[ii].usageCount = 0; } ret = 0; finish: -for (ii = 0; ii num_virt_fns; ii++) +for (ii = 0; ii num_virt_fns; ii++) { VIR_FREE(vfname[ii]); +VIR_FREE(virt_fns[ii]); +} VIR_FREE(vfname); +VIR_FREE(virt_fns); return ret; } diff --git a/src/util/virnetdev.c b/src/util/virnetdev.c index d53352f..a59012f 100644 --- a/src/util/virnetdev.c +++ b/src/util/virnetdev.c @@ -983,18 +983,19 @@ virNetDevSysfsDeviceFile(char **pf_sysfs_device_link, const char *ifname, int virNetDevGetVirtualFunctions(const char *pfname, char ***vfname, + struct pci_config_address ***virt_fns, unsigned int *n_vfname) { int ret = -1, i; char *pf_sysfs_device_link = NULL; char *pci_sysfs_device_link = NULL; -struct pci_config_address **virt_fns; +//struct pci_config_address **virt_fns; char *pciConfigAddr; if (virNetDevSysfsFile(pf_sysfs_device_link, pfname, device) 0) return ret; -if (pciGetVirtualFunctions(pf_sysfs_device_link, virt_fns, +if (pciGetVirtualFunctions(pf_sysfs_device_link, virt_fns, n_vfname) 0) goto cleanup; @@ -1005,10 +1006,10 @@ virNetDevGetVirtualFunctions(const char *pfname, for (i = 0; i *n_vfname; i++) { -if (pciGetDeviceAddrString(virt_fns[i]-domain, - virt_fns[i]-bus, - virt_fns[i]-slot, - virt_fns[i]-function, +if (pciGetDeviceAddrString((*virt_fns)[i]-domain, + (*virt_fns)[i]-bus, + (*virt_fns)[i]-slot, + (*virt_fns)[i]-function, pciConfigAddr) 0) { virReportSystemError(ENOSYS, %s, _(Failed to get PCI Config Address String)); @@ -1021,20 +1022,21 @@ virNetDevGetVirtualFunctions(const char *pfname, } if
[libvirt] [PATCH 6/6 v3] Forward Mode 'Hostdev' qemu driver implementation
Signed-off-by: Shradha Shah ss...@solarflare.com --- src/qemu/qemu_command.c | 14 ++ 1 files changed, 14 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 93c018d..0f6b714 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5030,6 +5030,20 @@ qemuBuildCommandLine(virConnectPtr conn, * code here that adds the newly minted hostdev to the * hostdevs array). */ +if (qemuAssignDeviceHostdevAlias(def, + virDomainNetGetActualHostdev(net), + (def-nhostdevs-1)) 0) { +qemuReportError(VIR_ERR_INTERNAL_ERROR, %s, +_(Could not assign alias to Net Hostdev)); +goto error; +} + +if (virDomainHostdevInsert(def, + virDomainNetGetActualHostdev(net)) 0) { +qemuReportError(VIR_ERR_INTERNAL_ERROR, %s, +_(Hostdev not inserted into the array)); +goto error; +} continue; } -- 1.7.4.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 5/6 v3] Forward Mode Hostdev network driver Implementation
This patch updates the network driver to properly utilize the new attributes/elements that are now in virNetworkDef Signed-off-by: Shradha Shah ss...@solarflare.com --- docs/formatnetwork.html.in | 62 + src/network/bridge_driver.c | 213 --- 2 files changed, 240 insertions(+), 35 deletions(-) diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in index 7e8e991..96b9eb2 100644 --- a/docs/formatnetwork.html.in +++ b/docs/formatnetwork.html.in @@ -210,6 +210,37 @@ (usually either a domain start, or a hotplug interface attach to a domain).span class=sinceSince 0.9.4/span /dd + dtcodehostdev/code/dt + dd +This network facilitates PCI Passthrough of a network device. +A network device is chosen from the interface pool and +directly assigned to the guest using generic device +passthrough, after first optionally setting the device's MAC +address to the configured value, and associating the device with +an 802.1Qbh capable switch using an optionally specified +codelt;virtualportgt;/code element. +Note that - due to limitations in standard single-port PCI +ethernet card driver design - only SR-IOV (Single Root I/O +Virtualization) virtual function (VF) devices can be assigned +in this manner; to assign a standard single-port PCI or PCIe +ethernet card to a guest, use the traditional codelt; +hostdevgt;/code device definition and span class=since +Since 0.9.12/span + +pNote that this intelligent passthrough of network devices is +very similar to the functionality of a standard codelt; +hostdevgt;/code device, the difference being that this +method allows specifying a MAC address and codelt;virtualport +gt;/code for the passed-through device. If these capabilities +are not required, if you have a standard single-port PCI, PCIe, +or USB network card that doesn't support SR-IOV (and hence would +anyway lose the configured MAC address during reset after being +assigned to the guest domain), or if you are using a version of +libvirt older than 0.9.12, you should use standard +codelt;hostdevgt;/code to assign the device to the +guest instead of codelt;forward mode='hostdev'/gt;/code. +/p + /dd /dl As mentioned above, a codelt;forwardgt;/code element can have multiple codelt;interfacegt;/code subelements, each @@ -249,6 +280,37 @@ particular, 'passthrough' mode, and 'private' mode when using 802.1Qbh), libvirt will choose an unused physical interface or, if it can't find an unused interface, fail the operation./p + +span class=sincesince 0.9.12/span and when using forward mode +'hostdev' we specify the interface pool by using the +codelt;addressgt;/code element and codelt; +typegt;/code codelt;domaingt;/code codelt;busgt;/code +codelt;slotgt;/code and codelt;functiongt;/code +sub-elements. + +pre +... + lt;forward mode='hostdev' managed='yes'gt; +lt;address type='pci' domain='0' bus='4' slot='0' function='1'/gt; +lt;address type='pci' domain='0' bus='4' slot='0' function='2'/gt; +lt;address type='pci' domain='0' bus='4' slot='0' function='3'/gt; + lt;/forwardgt; +... +/pre + +Alternatively the interface pool can also be mentioned using a +single physical function codelt;pfgt;/code subelement to +call out the corresponding physical interface associated with +multiple virtual interfaces (similar to the passthrough mode): + +pre +... + lt;forward mode='hostdev' managed='yes'gt; +lt;pf dev='eth0'/gt; + lt;/forwardgt; +... +/pre + /dd /dl h5a name=elementQoSQuality of service/a/h5 diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c index 2f8a937..c2c763a 100644 --- a/src/network/bridge_driver.c +++ b/src/network/bridge_driver.c @@ -1938,7 +1938,7 @@ networkStartNetworkExternal(struct network_driver *driver ATTRIBUTE_UNUSED, virNetworkObjPtr network ATTRIBUTE_UNUSED) { /* put anything here that needs to be done each time a network of - * type BRIDGE, PRIVATE, VEPA, or PASSTHROUGH is started. On + * type BRIDGE, PRIVATE, VEPA, HOSTDEV or PASSTHROUGH is started. On * failure, undo anything you've done, and return -1. On success * return 0. */ @@ -1949,7 +1949,7 @@ static int networkShutdownNetworkExternal(struct network_driver *driver ATTRIBUT virNetworkObjPtr network ATTRIBUTE_UNUSED) { /* put anything here that needs to
Re: [libvirt] availability of release candidate 2 of 0.9.13
Daniel Veillard wrote: I just tagged the git tree and I pushed the tarball for rc2: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc2.tar.gz the rpms are being built and will be pushed soon too I didn't get any feedback on other platforms or OSes for rc1, hopefully this will get a bit of testing before the actual release, probably on Monday early next week. No problems noted with standard builds in the openSUSE build service https://build.opensuse.org/package/show?package=libvirtproject=home%3Ajfehlig Same for SLES builds on the internal build service, which includes more architectures. Regards, Jim -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu_agent: support guest-info command
On Fri, Jun 29, 2012 at 01:58:05PM +0900, MATSUDA, Daiki wrote: diff -uNrp libvirt-0.9.13.orig/daemon/remote.c libvirt-0.9.13/daemon/remote.c --- libvirt-0.9.13.orig/daemon/remote.c 2012-06-25 16:06:18.0 +0900 +++ libvirt-0.9.13/daemon/remote.c2012-06-29 12:50:03.752806682 +0900 @@ -3923,6 +3923,42 @@ cleanup: return rv; } + +static int +remoteDispatchDomainQemuAgentCommand(virNetServerPtr server ATTRIBUTE_UNUSED, + virNetServerClientPtr client ATTRIBUTE_UNUSED, + virNetMessagePtr msg ATTRIBUTE_UNUSED, + virNetMessageErrorPtr rerr, + remote_domain_qemu_agent_command_args *args, + remote_domain_qemu_agent_command_ret *ret) +{ +virDomainPtr dom = NULL; +int rv = -1; +struct daemonClientPrivate *priv = +virNetServerClientGetPrivateData(client); + +if (!priv-conn) { +virNetError(VIR_ERR_INTERNAL_ERROR, %s, _(connection not open)); +goto cleanup; +} + +if (!(dom = get_nonnull_domain(priv-conn, args-dom))) +goto cleanup; + +if (virDomainQemuAgentCommand(dom, args-cmd, ret-result, args-flags) 0) { +virNetError(VIR_ERR_INTERNAL_ERROR, %s, _(Guest Agent Error)); +goto cleanup; +} + +rv = 0; +cleanup: +if (rv 0) +virNetMessageSaveError(rerr); +if (dom) +virDomainFree(dom); +return rv; +} + /*- Helpers. -*/ /* get_nonnull_domain and get_nonnull_network turn an on-wire diff -uNrp libvirt-0.9.13.orig/daemon/remote_dispatch.h libvirt-0.9.13/daemon/remote_dispatch.h --- libvirt-0.9.13.orig/daemon/remote_dispatch.h 2012-06-25 19:48:08.0 +0900 +++ libvirt-0.9.13/daemon/remote_dispatch.h 2012-06-29 10:21:21.460454579 +0900 @@ -12889,6 +12889,28 @@ static int remoteDispatchSupportsFeature +static int remoteDispatchDomainQemuAgentCommand( +virNetServerPtr server, +virNetServerClientPtr client, +virNetMessagePtr msg, +virNetMessageErrorPtr rerr, +remote_domain_qemu_agent_command_args *args, +remote_domain_qemu_agent_command_ret *ret); +static int remoteDispatchDomainQemuAgentCommandHelper( +virNetServerPtr server, +virNetServerClientPtr client, +virNetMessagePtr msg, +virNetMessageErrorPtr rerr, +void *args, +void *ret) +{ + VIR_DEBUG(server=%p client=%p msg=%p rerr=%p args=%p ret=%p, server, client, msg, rerr, args, ret); + return remoteDispatchDomainQemuAgentCommand(server, client, msg, rerr, args, ret); +} +/* remoteDispatchDomainQemuAgentCommand body has to be implemented manually */ + + + virNetServerProgramProc remoteProcs[] = { { /* Unused 0 */ NULL, @@ -15374,5 +15396,14 @@ virNetServerProgramProc remoteProcs[] = true, 1 }, +{ /* Method DomainQemuAgentCommand = 276 */ + remoteDispatchDomainQemuAgentCommandHelper, + sizeof(remote_domain_qemu_agent_command_args), + (xdrproc_t)xdr_remote_qemu_agent_command_args, + sizeof(remote_domain_qemu_agent_command_ret), + (xdrproc_t)remote_domain_qemu_agent_command_ret, + true, + 0 +}, }; size_t remoteNProcs = ARRAY_CARDINALITY(remoteProcs); This is an auto-generated file. Instead of doing a diff against two unpacked tar.gz archives, developer against a git checkout, and use GIT to produce the patch without the auto-generated cruft. diff -uNrp libvirt-0.9.13.orig/include/libvirt/libvirt.h.in libvirt-0.9.13/include/libvirt/libvirt.h.in --- libvirt-0.9.13.orig/include/libvirt/libvirt.h.in 2012-06-25 21:42:32.0 +0900 +++ libvirt-0.9.13/include/libvirt/libvirt.h.in 2012-06-29 11:22:38.113455058 +0900 @@ -4132,6 +4132,9 @@ typedef struct _virTypedParameter virMem */ typedef virMemoryParameter *virMemoryParameterPtr; +int virDomainQemuAgentCommand(virDomainPtr domain, const char *cmd, + char **result, unsigned int flags); + #ifdef __cplusplus } #endif This should be in libvirt-qemu.h diff -uNrp libvirt-0.9.13.orig/src/libvirt.c libvirt-0.9.13/src/libvirt.c --- libvirt-0.9.13.orig/src/libvirt.c 2012-06-28 12:05:04.0 +0900 +++ libvirt-0.9.13/src/libvirt.c 2012-06-29 12:51:51.336454508 +0900 @@ -18973,3 +18973,44 @@ error: virDispatchError(dom-conn); return -1; } + +/** + * virDomainQemuAgentCommand: + * @domain: a domain object + * @cmd: execution command on domain's guest agent + * @result: returning strings + * @flags: execution flags + * + * Provide a list of Guest Agent's support command. + * Returns 0 if succeeded, -1 in failing. + */ +int +virDomainQemuAgentCommand(virDomainPtr domain, + const char *cmd, + char **result, + unsigned int flags) +{
[libvirt] [PATCHv3 1/5] qemu: Extended qemuDomainAssignAddresses to be callable from everywhere.
This is in preparation of the enablement of s390 guests with virtio devices. The assignment of device addresses happens in different places, i.e. the qemu driver and process modules as well as in the unit tests in slightly different flavors. Currently, these are PPC spapr-vio and PCI devices, virtio-s390 (not PCI based) will follow. By optionally passing to qemuDomainAssignAddresses the domain object and the capabilities it is now possible to call the function from most of the places (except for hotplug) where address assignment is done. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- src/qemu/qemu_command.c | 41 - src/qemu/qemu_command.h |6 -- src/qemu/qemu_driver.c | 14 +++--- src/qemu/qemu_process.c | 42 -- 4 files changed, 47 insertions(+), 56 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 6549f57..5edf915 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -942,16 +942,22 @@ cleanup: int -qemuDomainAssignPCIAddresses(virDomainDefPtr def) +qemuDomainAssignPCIAddresses(virDomainDefPtr def, virBitmapPtr qemuCaps, + virDomainObjPtr obj) { int ret = -1; -virBitmapPtr qemuCaps = NULL; +virBitmapPtr localCaps = NULL; qemuDomainPCIAddressSetPtr addrs = NULL; +qemuDomainObjPrivatePtr priv = NULL; -if (qemuCapsExtractVersionInfo(def-emulator, def-os.arch, - NULL, - qemuCaps) 0) -goto cleanup; +if (!qemuCaps) { +/* need to get information from real environment */ +if (qemuCapsExtractVersionInfo(def-emulator, def-os.arch, + NULL, + localCaps) 0) +goto cleanup; +qemuCaps = localCaps; +} if (qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) { if (!(addrs = qemuDomainPCIAddressSetCreate(def))) @@ -961,16 +967,33 @@ qemuDomainAssignPCIAddresses(virDomainDefPtr def) goto cleanup; } +if (obj obj-privateData) { +priv = obj-privateData; +if (addrs) { +/* if this is the live domain object, we persist the PCI addresses*/ +if (priv-pciaddrs) { +qemuDomainPCIAddressSetFree(priv-pciaddrs); +priv-pciaddrs = NULL; +} +priv-persistentAddrs = 1; +priv-pciaddrs = addrs; +addrs = NULL; +} else { +priv-persistentAddrs = 0; +} +} + ret = 0; cleanup: -qemuCapsFree(qemuCaps); +qemuCapsFree(localCaps); qemuDomainPCIAddressSetFree(addrs); return ret; } -int qemuDomainAssignAddresses(virDomainDefPtr def) +int qemuDomainAssignAddresses(virDomainDefPtr def, virBitmapPtr qemuCaps, + virDomainObjPtr obj) { int rc; @@ -978,7 +1001,7 @@ int qemuDomainAssignAddresses(virDomainDefPtr def) if (rc) return rc; -return qemuDomainAssignPCIAddresses(def); +return qemuDomainAssignPCIAddresses(def, qemuCaps, obj); } static void diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h index 1eafeb3..dd104d6 100644 --- a/src/qemu/qemu_command.h +++ b/src/qemu/qemu_command.h @@ -175,10 +175,12 @@ virDomainDefPtr qemuParseCommandLinePid(virCapsPtr caps, virDomainChrSourceDefPtr *monConfig, bool *monJSON); -int qemuDomainAssignAddresses(virDomainDefPtr def); +int qemuDomainAssignAddresses(virDomainDefPtr def, virBitmapPtr qemuCaps, + virDomainObjPtr); int qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def); -int qemuDomainAssignPCIAddresses(virDomainDefPtr def); +int qemuDomainAssignPCIAddresses(virDomainDefPtr def, virBitmapPtr qemuCaps, + virDomainObjPtr obj); qemuDomainPCIAddressSetPtr qemuDomainPCIAddressSetCreate(virDomainDefPtr def); int qemuDomainPCIAddressReserveFunction(qemuDomainPCIAddressSetPtr addrs, int slot, int function); diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 2f93404..ef9983c 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -1404,7 +1404,7 @@ static virDomainPtr qemudDomainCreate(virConnectPtr conn, const char *xml, if (qemudCanonicalizeMachine(driver, def) 0) goto cleanup; -if (qemuDomainAssignAddresses(def) 0) +if (qemuDomainAssignAddresses(def, NULL, NULL) 0) goto cleanup; if (!(vm = virDomainAssignDef(driver-caps, @@ -5070,7 +5070,7 @@ static virDomainPtr qemudDomainDefine(virConnectPtr conn, const char *xml) { if (qemudCanonicalizeMachine(driver, def) 0) goto cleanup; -if (qemuDomainAssignAddresses(def) 0) +if
[libvirt] [PATCHv3 0/5] Virtio support for S390
As 0.9.13 is stabilizing and I will not be available next week I am sending this reworked patch set already today, looking forward to comments. This series adds support for the s390 flavor of virtio devices. Since the s390 virtio devices are not implemented as PCI devices it is necessary to refactor some of the device address assignment code. v2 changes resent as thread v3 changes renumbered new virtio-s390 capability fixed incorrect whitespace fixed subject lines Viktor Mihajlovski (5): qemu: Extended qemuDomainAssignAddresses to be callable from everywhere. qemu: Change tests to use (modified) qemuDomainAssignAddresses S390: Add support for virtio-s390 devices. S390: Domain Schema for s390-virtio machines. S390: Adding testcases for s390 docs/schemas/domaincommon.rng | 20 +++ src/conf/domain_conf.c | 11 +- src/conf/domain_conf.h |1 + src/qemu/qemu_capabilities.c |7 + src/qemu/qemu_capabilities.h |1 + src/qemu/qemu_command.c| 139 ++-- src/qemu/qemu_command.h|6 +- src/qemu/qemu_driver.c | 14 +- src/qemu/qemu_process.c| 42 +-- .../qemuxml2argv-console-virtio-s390.args |9 ++ .../qemuxml2argv-console-virtio-s390.xml | 24 .../qemuxml2argv-disk-virtio-s390.args |5 + .../qemuxml2argv-disk-virtio-s390.xml | 22 +++ .../qemuxml2argv-minimal-s390.args |5 + .../qemuxml2argvdata/qemuxml2argv-minimal-s390.xml | 21 +++ .../qemuxml2argv-net-virtio-s390.args |5 + .../qemuxml2argv-net-virtio-s390.xml | 22 +++ tests/qemuxml2argvtest.c | 20 ++-- tests/qemuxmlnstest.c | 13 +-- tests/testutilsqemu.c | 31 + 20 files changed, 332 insertions(+), 86 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-s390.xml -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv3 2/5] qemu: Change tests to use (modified) qemuDomainAssignAddresses
Rewrote the device assignment parts in tests to use qemuDomainAssignAddresses. This way the tests will work for new device address types as they show up in the future (like s390 device types). Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- tests/qemuxml2argvtest.c | 12 +--- tests/qemuxmlnstest.c| 13 ++--- 2 files changed, 3 insertions(+), 22 deletions(-) diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 7b00ea2..cda32b6 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -149,21 +149,11 @@ static int testCompareXMLToArgvFiles(const char *xml, goto out; if (qemuCapsGet(extraFlags, QEMU_CAPS_DEVICE)) { -qemuDomainPCIAddressSetPtr pciaddrs; - -if (qemuDomainAssignSpaprVIOAddresses(vmdef)) { +if (qemuDomainAssignAddresses(vmdef, extraFlags, NULL)) { if (expectError) goto ok; goto out; } - -if (!(pciaddrs = qemuDomainPCIAddressSetCreate(vmdef))) -goto out; - -if (qemuAssignDevicePCISlots(vmdef, pciaddrs) 0) -goto out; - -qemuDomainPCIAddressSetFree(pciaddrs); } log = virtTestLogContentAndReset(); diff --git a/tests/qemuxmlnstest.c b/tests/qemuxmlnstest.c index 8eca466..0bc821d 100644 --- a/tests/qemuxmlnstest.c +++ b/tests/qemuxmlnstest.c @@ -95,17 +95,8 @@ static int testCompareXMLToArgvFiles(const char *xml, if (qemudCanonicalizeMachine(driver, vmdef) 0) goto fail; -if (qemuCapsGet(extraFlags, QEMU_CAPS_DEVICE)) { -qemuDomainPCIAddressSetPtr pciaddrs; -if (!(pciaddrs = qemuDomainPCIAddressSetCreate(vmdef))) -goto fail; - -if (qemuAssignDevicePCISlots(vmdef, pciaddrs) 0) -goto fail; - -qemuDomainPCIAddressSetFree(pciaddrs); -} - +if (qemuCapsGet(extraFlags, QEMU_CAPS_DEVICE)) +qemuDomainAssignAddresses(vmdef, extraFlags, NULL); log = virtTestLogContentAndReset(); VIR_FREE(log); -- 1.7.0.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv3 4/5] S390: Domain Schema for s390-virtio machines.
Added s390-virtio machine type to the XML schema for domains in order to not fail the domain schema tests. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- docs/schemas/domaincommon.rng | 20 1 files changed, 20 insertions(+), 0 deletions(-) diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 912a1a2..70c7d16 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -283,6 +283,7 @@ ref name=hvmsparc/ ref name=hvmppc/ ref name=hvmppc64/ + ref name=hvms390/ /choice /optional valuehvm/value @@ -369,6 +370,25 @@ /optional /group /define + define name=hvms390 +group + optional +attribute name=arch + choice +values390/value +values390x/value + /choice +/attribute + /optional + optional +attribute name=machine + choice +values390-virtio/value + /choice +/attribute + /optional +/group + /define define name=osexe element name=os element name=type -- 1.7.0.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv3 5/5] S390: Adding testcases for s390
Add minimal s390-virtio domain testcase and testcases for virtio serial, net, disk for the virtio-s390 bus. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- .../qemuxml2argv-console-virtio-s390.args |9 ++ .../qemuxml2argv-console-virtio-s390.xml | 24 +++ .../qemuxml2argv-disk-virtio-s390.args |5 +++ .../qemuxml2argv-disk-virtio-s390.xml | 22 ++ .../qemuxml2argv-minimal-s390.args |5 +++ .../qemuxml2argvdata/qemuxml2argv-minimal-s390.xml | 21 + .../qemuxml2argv-net-virtio-s390.args |5 +++ .../qemuxml2argv-net-virtio-s390.xml | 22 ++ tests/qemuxml2argvtest.c |8 + tests/testutilsqemu.c | 31 10 files changed, 152 insertions(+), 0 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-s390.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-s390.xml diff --git a/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.args b/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.args new file mode 100644 index 000..3388a35 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.args @@ -0,0 +1,9 @@ +LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu -S -M \ +s390-virtio -m 214 -smp 1 -nographic -nodefconfig -nodefaults -chardev \ +socket,id=charmonitor,path=/tmp/test-monitor,server,nowait -mon \ +chardev=charmonitor,id=monitor,mode=readline -no-acpi \ +-boot c -device virtio-serial-s390,id=virtio-serial0 \ +-drive file=/dev/HostVG/QEMUGuest1,if=none,id=drive-virtio-disk0 \ +-device virtio-blk-s390,drive=drive-virtio-disk0,id=virtio-disk0 \ +-chardev pty,id=charconsole0 \ +-device virtconsole,chardev=charconsole0,id=console0 -usb diff --git a/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.xml b/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.xml new file mode 100644 index 000..5a4a9d4 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-console-virtio-s390.xml @@ -0,0 +1,24 @@ +domain type='qemu' + nameQEMUGuest1/name + uuidc7a5fdbd-edaf-9455-926a-d65c16db1809/uuid + memory219100/memory + currentMemory219100/currentMemory + os +type arch='s390x' machine='s390-virtio'hvm/type +boot dev='hd'/ + /os + clock offset='utc'/ + on_poweroffdestroy/on_poweroff + on_rebootrestart/on_reboot + on_crashdestroy/on_crash + devices +emulator/usr/bin/qemu/emulator +disk type='block' device='disk' + source dev='/dev/HostVG/QEMUGuest1'/ + target dev='hda' bus='virtio'/ +/disk +console type='pty' + target type='virtio'/ +/console + /devices +/domain diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.args b/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.args new file mode 100644 index 000..66bdf1e --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.args @@ -0,0 +1,5 @@ +LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu -S \ +-M s390-virtio -m 214 -smp 1 -nographic -nodefaults \ +-monitor unix:/tmp/test-monitor,server,nowait -no-acpi -boot c \ +-drive file=/dev/HostVG/QEMUGuest1,if=none,id=drive-virtio-disk0 \ +-device virtio-blk-s390,drive=drive-virtio-disk0,id=virtio-disk0 -usb diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.xml b/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.xml new file mode 100644 index 000..9ce6c18 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-s390.xml @@ -0,0 +1,22 @@ +domain type='qemu' + nameQEMUGuest1/name + uuidc7a5fdbd-edaf-9455-926a-d65c16db1809/uuid + memory219136/memory + currentMemory219136/currentMemory + vcpu1/vcpu + os +type arch='s390x' machine='s390-virtio'hvm/type +boot dev='hd'/ + /os + clock offset='utc'/ + on_poweroffdestroy/on_poweroff + on_rebootrestart/on_reboot + on_crashdestroy/on_crash + devices +emulator/usr/bin/qemu/emulator +disk type='block' device='disk' + source dev='/dev/HostVG/QEMUGuest1'/ + target dev='hda' bus='virtio'/ +/disk + /devices +/domain diff --git a/tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.args b/tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.args new file mode 100644 index 000..4e7bf05 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-minimal-s390.args @@ -0,0 +1,5 @@ +LC_ALL=C PATH=/bin
[libvirt] [PATCHv3 3/5] S390: Add support for virtio-s390 devices.
The s390(x) architecture doesn't feature a PCI bus. For the purpose of supporting virtio devices a virtual bus called virtio-s390 is used. A new address type VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390 is used to distinguish the virtio devices on s390 from PCI-based virtio devices. V3 Change: updated QEMU_CAPS_VIRTIO_S390 to fit upstream. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- src/conf/domain_conf.c | 11 +++- src/conf/domain_conf.h |1 + src/qemu/qemu_capabilities.c |7 +++ src/qemu/qemu_capabilities.h |1 + src/qemu/qemu_command.c | 98 +++-- 5 files changed, 110 insertions(+), 8 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 4086dac..cf7c757 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -149,7 +149,8 @@ VIR_ENUM_IMPL(virDomainDeviceAddress, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_LAST, virtio-serial, ccid, usb, - spapr-vio) + spapr-vio, + virtio-s390) VIR_ENUM_IMPL(virDomainDeviceAddressPciMulti, VIR_DOMAIN_DEVICE_ADDRESS_PCI_MULTI_LAST, @@ -2132,7 +2133,8 @@ virDomainDeviceInfoFormat(virBufferPtr buf, virBufferAddLit(buf, /\n); } -if (info-type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) +if (info-type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE || +info-type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390) return 0; /* We'll be in domain/devices/[device type]/ so 3 level indent */ @@ -4123,6 +4125,7 @@ virDomainControllerDefParseXML(xmlNodePtr node, if (def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO +def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390 def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { virDomainReportError(VIR_ERR_INTERNAL_ERROR, %s, _(Controllers must use the 'pci' address type)); @@ -4676,6 +4679,7 @@ virDomainNetDefParseXML(virCapsPtr caps, * them we should make sure address type is correct */ if (def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO +def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390 def-info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { virDomainReportError(VIR_ERR_INTERNAL_ERROR, %s, _(Network interfaces must use 'pci' address type)); @@ -9078,7 +9082,8 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, def-memballoon = memballoon; VIR_FREE(nodes); -} else { +} else if (!STREQ(def-os.arch,s390x)) { +/* TODO: currently no balloon support on s390 - no default balloon */ if (def-virtType == VIR_DOMAIN_VIRT_XEN || def-virtType == VIR_DOMAIN_VIRT_QEMU || def-virtType == VIR_DOMAIN_VIRT_KQEMU || diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 7d5d60b..5e5374a 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -172,6 +172,7 @@ enum virDomainDeviceAddressType { VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCID, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_USB, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO, +VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_LAST }; diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 1e12a39..b6e5bd1 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -166,6 +166,7 @@ VIR_ENUM_IMPL(qemuCaps, QEMU_CAPS_LAST, hda-micro, /* 95 */ dump-guest-memory, nec-usb-xhci, + virtio-s390, ); @@ -1430,6 +1431,12 @@ qemuCapsParseDeviceStr(const char *str, virBitmapPtr flags) qemuCapsSet(flags, QEMU_CAPS_USB_HUB); if (strstr(str, name \ich9-ahci\)) qemuCapsSet(flags, QEMU_CAPS_ICH9_AHCI); +if (strstr(str, name \virtio-blk-s390\)) +qemuCapsSet(flags, QEMU_CAPS_VIRTIO_S390); +if (strstr(str, name \virtio-net-s390\)) +qemuCapsSet(flags, QEMU_CAPS_VIRTIO_S390); +if (strstr(str, name \virtio-serial-s390\)) +qemuCapsSet(flags, QEMU_CAPS_VIRTIO_S390); /* Prefer -chardev spicevmc (detected earlier) over -device spicevmc */ if (!qemuCapsGet(flags, QEMU_CAPS_CHARDEV_SPICEVMC) diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 83c135b..9b5ff30 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -133,6 +133,7 @@ enum qemuCapsFlags { QEMU_CAPS_HDA_MICRO = 95, /* -device hda-micro */ QEMU_CAPS_DUMP_GUEST_MEMORY = 96, /* dump-guest-memory command */ QEMU_CAPS_NEC_USB_XHCI = 97, /* -device nec-usb-xhci */ +QEMU_CAPS_VIRTIO_S390= 98, /* -device virtio-*-s390 */
[libvirt] [PATCH] Remove sub-mounts under /dev when starting an LXC container
From: Daniel P. Berrange berra...@redhat.com Since we are mounting a new /dev in the container, we must remove any sub-mounts like /dev/shm, /dev/mqueue, etc, otherwise they'll be recorded in /proc/mounts, but not be accessible to applications. --- src/lxc/lxc_container.c |7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 071d8d1..910e82b 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1416,10 +1416,11 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef, if (lxcContainerPivotRoot(root) 0) goto cleanup; -/* Gets rid of any existing stuff under /proc, since we need new - * namespace aware versions of those. We must do /proc second - * otherwise we won't find /proc/mounts :-) */ +/* Gets rid of any existing stuff under /proc, /sys /tmp + * We need new namespace aware versions of those. We must + * do /proc last otherwise we won't find /proc/mounts :-) */ if (lxcContainerUnmountSubtree(/sys, false) 0 || +lxcContainerUnmountSubtree(/dev, false) 0 || lxcContainerUnmountSubtree(/proc, false) 0) goto cleanup; -- 1.7.10.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Different mac address used in libvirtd
On Wed, Jun 20, 2012 at 07:01:17PM +0800, Yong Sheng Gong wrote: Hi, I found libvirtd will create vnet0 with a different mac other than the one defined in domain file. The mac in Domain file will be used by qemu-kvm. I want to know how libvirtd decides the mac for vnet0, Who can give me a hint about the location of the libvirtd codes which does this work? I cannot find how the libvirtd translates the mac from one defined in domain file to vnet0's one in src/util/bridge.c: brSetInterfaceMac() interface type='bridge' mac address='fa:16:3e:28:64:c2'/ source bridge='br100'/ target dev='vnet0'/ filterref filter='nova-instance-instance-0002-fa163e2864c2' parameter name='DHCPSERVER' value='10.0.1.1'/ parameter name='PROJNET' value='10.0.1.0'/ parameter name='PROJMASK' value='255.255.255.0'/ parameter name='IP' value='10.0.1.2'/ /filterref alias name='net0'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface The XML mac address config, sets the MAC address for the *guest* NIC, ie what the guest uses as its eth0. [root@robinlinux eclipsecdt]# ifconfig vnet0 vnet0 Link encap:Ethernet HWaddr FE:16:3E:28:64:C2 inet6 addr: fe80::fc16:3eff:fe28:64c2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:553 errors:0 dropped:0 overruns:0 frame:0 TX packets:1485 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:136360 (133.1 KiB) TX bytes:280590 (274.0 KiB) vnet0 is the backend of the guest NIC, and its MAC addr is more or less irrelevant to functioning of the guest itself, since traffic does not originate on this NIC. The only important thing is that this TAP device must have a high value MAC address, to avoid the bridge device using the TAP device's MAC as its own. Hence when creating the TAP Device libvirt takes the guest MAC addr and simply sets the top byte to 0xFE Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Remove sub-mounts under /dev when starting an LXC container
On 06/29/2012 09:30 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com Since we are mounting a new /dev in the container, we must remove any sub-mounts like /dev/shm, /dev/mqueue, etc, otherwise they'll be recorded in /proc/mounts, but not be accessible to applications. --- src/lxc/lxc_container.c |7 --- 1 file changed, 4 insertions(+), 3 deletions(-) ACK. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] build: define WITH_INTERFACE for the driver
On 06/29/2012 01:34 AM, Osier Yang wrote: On 2012年06月29日 07:57, Eric Blake wrote: Our code was mistakenly relying on an undefined macro, WITH_INTERFACE, for determining whether to load the interface driver which wraps the netcf library. Clean this situation up by having only one automake conditional for the driver, and having both WITH_NETCF (library detected) and WITH_INTERFACE (driver enabled) in C code, in case a future patch ever adds a network management via means other than s/network/interface/ the netcf library. Foresighted. :-) Trying to model after the storage driver, and how it has several backends. -dnl netcf library +dnl check if the interface driver should be compiled + +AC_ARG_WITH([interface], + AC_HELP_STRING([--with-interface], +[with host interface driver @:@default=check@:@]),[], +[with_interface=check]) Do we have to expose with-interface? It will give the user a logic question, pick with-interface, or 'with-netcf', or both, even more when we have other implementations of interface driver in future. however, the logic is simple, and we do it inside actually: as long as one implementation of the interface driver is picked to compile, we have the WITH_INTERFACE. so IMHO no need to give the user the simple logic question. :-) Good point. Looking at how storage did it, we have: --with-storage-dir --with-storage-fs ... but no top-level --with-storage. That is, you get WITH_STORAGE if any of the --with-storage-backends ended up as yes. At first, I was worried about back-compat (old builds were used to --with-netcf, and I didn't want to break that), but the more I think about it, the more I think that it's okay to break naming conventions for something that is easier to explain. I see two possible solutions, then: 1. Assume that like the storage driver, the interface driver will eventually have multiple backends. Then we would have: --with-interface-netcf as a way to select the netcf backend in the interface driver, and WITH_INTERFACE would be automatic if at least one backend (in this case, netcf being the only backend) is found. 2. Save the complexity of multiple backends for the day when we actually have multiple backends, and for now just have a single configure option --with-interface. Either way, I would completely ditch --with-netcf, and refactor the logic to be: if test $with_libvirtd = no; then with_interface_netcf=no fi if test $with_interface_netcf = yes || \ test $with_interface_netcf = check; then probe for netcf, fail if it was required fi if test $with_interface_netcf = yes; then set WITH_INTERFACE witness fi I'll go ahead and respin this patch along those lines. And above changes, what we need is just: if test $with_netfs = yes || with_something_else = yes; then AC_DEFINE_UNQUOTED([WITH_INTERFACE], [1], [whether interface driver is enabled]) fi AM_CONDITIONAL([WITH_INTERFACE], [test $with_interface = yes]) Yep, we're thinking on the same lines - probe for each backend, then make the driver decision based on the result of the backend probes, but only expose the backends as the configure options. @@ -2807,11 +2833,12 @@ AC_MSG_NOTICE([ ESX: $with_esx]) AC_MSG_NOTICE([ Hyper-V: $with_hyperv]) AC_MSG_NOTICE([Test: $with_test]) AC_MSG_NOTICE([ Remote: $with_remote]) -AC_MSG_NOTICE([ Network: $with_network]) AC_MSG_NOTICE([Libvirtd: $with_libvirtd]) -AC_MSG_NOTICE([ netcf: $with_netcf]) And no AC_MSG_NOTICE for $with_interface here, with keeping $with_netcf. -AC_MSG_NOTICE([ macvtap: $with_macvtap]) -AC_MSG_NOTICE([virtport: $with_virtualport]) +AC_MSG_NOTICE([ Network: $with_network]) +AC_MSG_NOTICE([ Iface: $with_interface]) +AC_MSG_NOTICE([ Secrets: $with_secrets]) +AC_MSG_NOTICE([ NodeDev: $with_nodedev]) +AC_MSG_NOTICE([NWfilter: $with_nwfilter]) Actually, no with_netcf here (this is the driver section, but with_netcf is already present in the library section), so we DO want a listing here of whether the with_interface driver was selected (whether by with_netcf or by some other backend). -%if %{with_netcf} -%define with_interface 1 -%else +%if !%{with_netcf} %define with_interface 0 %endif The logic here would be a bit different; just as the spec file has to know when to package the storage driver (if any of the storage backends were selected), we still have to package the interface driver, so this variable is still useful. @@ -1056,6 +1056,9 @@ of recent versions of Linux (and other OSes). %define _without_network --without-network %endif +%if ! %{with_interface} +%define _without_interface --without-interface +%endif %if ! %{with_storage_fs} %define _without_storage_fs --without-storage-fs %endif @@ -1171,6 +1174,7 @@ autoreconf -if %{?_without_hyperv} \ %{?_without_vmware} \ %{?_without_network} \ + %{?_without_interface} \
Re: [libvirt] [PATCH] build: define WITH_INTERFACE for the driver
On Fri, Jun 29, 2012 at 10:18:47AM -0600, Eric Blake wrote: On 06/29/2012 01:34 AM, Osier Yang wrote: On 2012年06月29日 07:57, Eric Blake wrote: Our code was mistakenly relying on an undefined macro, WITH_INTERFACE, for determining whether to load the interface driver which wraps the netcf library. Clean this situation up by having only one automake conditional for the driver, and having both WITH_NETCF (library detected) and WITH_INTERFACE (driver enabled) in C code, in case a future patch ever adds a network management via means other than s/network/interface/ the netcf library. Foresighted. :-) Trying to model after the storage driver, and how it has several backends. -dnl netcf library +dnl check if the interface driver should be compiled + +AC_ARG_WITH([interface], + AC_HELP_STRING([--with-interface], +[with host interface driver @:@default=check@:@]),[], +[with_interface=check]) Do we have to expose with-interface? It will give the user a logic question, pick with-interface, or 'with-netcf', or both, even more when we have other implementations of interface driver in future. however, the logic is simple, and we do it inside actually: as long as one implementation of the interface driver is picked to compile, we have the WITH_INTERFACE. so IMHO no need to give the user the simple logic question. :-) Good point. Looking at how storage did it, we have: --with-storage-dir --with-storage-fs ... but no top-level --with-storage. That is, you get WITH_STORAGE if any of the --with-storage-backends ended up as yes. At first, I was worried about back-compat (old builds were used to --with-netcf, and I didn't want to break that), but the more I think about it, the more I think that it's okay to break naming conventions for something that is easier to explain. I see two possible solutions, then: 1. Assume that like the storage driver, the interface driver will eventually have multiple backends. Then we would have: --with-interface-netcf as a way to select the netcf backend in the interface driver, and WITH_INTERFACE would be automatic if at least one backend (in this case, netcf being the only backend) is found. 2. Save the complexity of multiple backends for the day when we actually have multiple backends, and for now just have a single configure option --with-interface. Either way, I would completely ditch --with-netcf, and refactor the logic to be: if test $with_libvirtd = no; then with_interface_netcf=no fi if test $with_interface_netcf = yes || \ test $with_interface_netcf = check; then probe for netcf, fail if it was required fi if test $with_interface_netcf = yes; then set WITH_INTERFACE witness fi I'll go ahead and respin this patch along those lines. I'm not a fan of this, because you are too tightly associating use of the netcf library, with use of the interface drivers, and also presuming a 1-1 relationship between a logical driver, and an external library. THis breaks down if a module like the inteface driver needs to check for multiple external libraries, and if the external libraries are used by multiple different areas of the libvirt code. My view is that in the configure script, we have two types of checks and we must keep them strictly separated. - External modules (netcf, lvm, other libraries) - Logical modules (storage driver, network driver, interface driver) We should first do checks for the external modules. These checks can be disabled/forced using --with-netcf/--without-netcf The checks for logical modules, should just look to see if their all of their prerequisites are present, but again allow you to turn off the module using --with-interface/--without-interface My long term vision is that we one day refactor our enourmous configure script into a set of isolated modules. So, you'd be able to declare logical modules AC_DEFUN(LIBVIRT_LIBRARY_NETCF, [ ...code to check for netcf and CLI args to enable/disable ]) AC_DEFUN(LIBVIRT_DRIVER_INTERFACE, [ AC_REQUIRE([LIBVIRT_DEP_NETCF]) ...code to enable interface driver if netcf was present ]) AC_DEFUN(LIBVIRT_DRIVER_STORAGE, [ AC_REQUIRE([LIBVIRT_DEP_LVM]) AC_REQUIRE([LIBVIRT_DEP_QEMU_IMG]) AC_REQUIRE([LIBVIRT_DEP_ISCSI]) ...code to enable storage driver parts... ]) and each of these definitions be completely separate .m4 files. So the eventual libvirt configure.ac script would just be doing LIBVIRT_DRIVER_INTERFACE LIBVIRT_DRIVER_STORAGE and so on. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list
[libvirt] [Patch v2 2/3] Add -netdev bridge support
From: Richa Marwaha rmar...@linux.vnet.ibm.com This patch adds the support to run the QEMU network helper under unprivileged user. It also adds the support for attach-interface option in virsh to run under unprivileged user. Signed-off-by: Richa Marwaha rmar...@linux.vnet.ibm.com Signed-off-by: Corey Bryantcor...@linux.vnet.ibm.com --- v2 - This patch attach-interface option is tested on commit cd15303fd123146b0ba53e387d08ef22b707223 src/qemu/qemu_command.c | 61 +- src/qemu/qemu_command.h |2 + src/qemu/qemu_hotplug.c | 31 --- 3 files changed, 67 insertions(+), 27 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 6549f57..4eb8cd5 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -2851,6 +2851,8 @@ error: char * qemuBuildHostNetStr(virDomainNetDefPtr net, +struct qemud_driver *driver, +virBitmapPtr qemuCaps, char type_sep, int vlan, const char *tapfd, @@ -2859,6 +2861,7 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, bool is_tap = false; virBuffer buf = VIR_BUFFER_INITIALIZER; enum virDomainNetType netType = virDomainNetGetActualType(net); +const char *brname = NULL; if (net-script netType != VIR_DOMAIN_NET_TYPE_ETHERNET) { qemuReportError(VIR_ERR_CONFIG_UNSUPPORTED, @@ -2868,8 +2871,21 @@ qemuBuildHostNetStr(virDomainNetDefPtr net, } switch (netType) { -case VIR_DOMAIN_NET_TYPE_NETWORK: +/* + * If type='bridge', and we're running as privileged user + * or -netdev bridge is not supported then it will fall + * through, -net tap,fd + */ case VIR_DOMAIN_NET_TYPE_BRIDGE: +if (!driver-privileged +qemuCapsGet(qemuCaps, QEMU_CAPS_NETDEV_BRIDGE)) { +brname = virDomainNetGetActualBridgeName(net); +virBufferAsprintf(buf, bridge%cbr=%s, type_sep, brname); +type_sep = ','; +is_tap = true; +break; +} +case VIR_DOMAIN_NET_TYPE_NETWORK: case VIR_DOMAIN_NET_TYPE_DIRECT: virBufferAsprintf(buf, tap%cfd=%s, type_sep, tapfd); type_sep = ','; @@ -4997,7 +5013,7 @@ qemuBuildCommandLine(virConnectPtr conn, for (i = 0 ; i def-nnets ; i++) { virDomainNetDefPtr net = def-nets[i]; char *nic, *host; -char tapfd_name[50]; +char tapfd_name[50] = ; char vhostfd_name[50] = ; int vlan; int bootindex = bootNet; @@ -5034,17 +5050,26 @@ qemuBuildCommandLine(virConnectPtr conn, if (actualType == VIR_DOMAIN_NET_TYPE_NETWORK || actualType == VIR_DOMAIN_NET_TYPE_BRIDGE) { -int tapfd = qemuNetworkIfaceConnect(def, conn, driver, net, -qemuCaps); -if (tapfd 0) -goto error; - -last_good_net = i; -virCommandTransferFD(cmd, tapfd); - -if (snprintf(tapfd_name, sizeof(tapfd_name), %d, - tapfd) = sizeof(tapfd_name)) -goto no_memory; +/* + * If type='bridge' then we attempt to allocate the tap fd here only if + * running under a privilged user or -netdev bridge option is not + * supported. + */ + if (actualType == VIR_DOMAIN_NET_TYPE_NETWORK || + driver-privileged || + (!qemuCapsGet(qemuCaps, QEMU_CAPS_NETDEV_BRIDGE))) { + int tapfd = qemuNetworkIfaceConnect(def, conn, driver, net, + qemuCaps); + if (tapfd 0) + goto error; + + last_good_net = i; + virCommandTransferFD(cmd, tapfd); + + if (snprintf(tapfd_name, sizeof(tapfd_name), %d, + tapfd) = sizeof(tapfd_name)) + goto no_memory; + } } else if (actualType == VIR_DOMAIN_NET_TYPE_DIRECT) { int tapfd = qemuPhysIfaceConnect(def, driver, net, qemuCaps, vmop); @@ -5087,8 +5112,9 @@ qemuBuildCommandLine(virConnectPtr conn, if (qemuCapsGet(qemuCaps, QEMU_CAPS_NETDEV) qemuCapsGet(qemuCaps, QEMU_CAPS_DEVICE)) { virCommandAddArg(cmd, -netdev); -if (!(host = qemuBuildHostNetStr(net, ',', vlan, - tapfd_name, vhostfd_name))) +if (!(host = qemuBuildHostNetStr(net, driver, qemuCaps, + ',', vlan, tapfd_name, +
[libvirt] [Patch v2 3/3] apparmor: QEMU bridge helper policy updates
From: Richa Marwaha rmar...@linux.vnet.ibm.com This patch provides AppArmor policy updates for the QEMU bridge helper. The QEMU bridge helper is a SUID executable exec'd by QEMU that drops capabilities to CAP_NET_ADMIN and adds a tap device to a network bridge. Signed-off-by: Richa Marwaha rmar...@linux.vnet.ibm.com Signed-off-by: Corey Bryantcor...@linux.vnet.ibm.com --- examples/apparmor/libvirt-qemu | 21 - 1 files changed, 20 insertions(+), 1 deletions(-) diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu index 10cdd36..766a334 100644 --- a/examples/apparmor/libvirt-qemu +++ b/examples/apparmor/libvirt-qemu @@ -1,4 +1,4 @@ -# Last Modified: Mon Apr 5 15:11:27 2010 +# Last Modified: Fri Mar 9 14:43:22 2012 #include abstractions/base #include abstractions/consoles @@ -108,3 +108,22 @@ /bin/dash rmix, /bin/dd rmix, /bin/cat rmix, + + /usr/libexec/qemu-bridge-helper Cx, + # child profile for bridge helper process + profile /usr/libexec/qemu-bridge-helper { + #include abstractions/base + + capability setuid, + capability setgid, + capability setpcap, + capability net_admin, + + network inet stream, + + /dev/net/tun rw, + /etc/qemu/** r, + owner @{PROC}/*/status r, + + /usr/libexec/qemu-bridge-helper rmix, + } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [Patch v2 1/3] Add -netdev bridge capabilities
From: Richa Marwaha rmar...@linux.vnet.ibm.com This patch adds the capability in libvirt to check if -netdev bridge option is supported or not. Signed-off-by: Richa Marwaha rmar...@linux.vnet.ibm.com Signed-off-by: Corey Bryantcor...@linux.vnet.ibm.com --- v2 -This is a new patch that helps libvirt to check if -netdev bridge option is supported in the qemu version that is being used to run the guest. In v1 we didnot have the capability to check if qemu version we are using supported -netdev bridge or not. src/qemu/qemu_capabilities.c | 13 + src/qemu/qemu_capabilities.h |1 + 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 1e12a39..b2d7be2 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -166,6 +166,7 @@ VIR_ENUM_IMPL(qemuCaps, QEMU_CAPS_LAST, hda-micro, /* 95 */ dump-guest-memory, nec-usb-xhci, + bridge, ); @@ -1005,7 +1006,7 @@ qemuCapsComputeCmdFlags(const char *help, bool check_yajl ATTRIBUTE_UNUSED) { const char *p; -const char *fsdev; +const char *fsdev, *netdev; if (strstr(help, -no-kqemu)) qemuCapsSet(flags, QEMU_CAPS_KQEMU); @@ -1118,13 +1119,17 @@ qemuCapsComputeCmdFlags(const char *help, if (strstr(help, -smbios type)) qemuCapsSet(flags, QEMU_CAPS_SMBIOS_TYPE); -if (strstr(help, -netdev)) { +if ((netdev = strstr(help, -netdev))) { /* Disable -netdev on 0.12 since although it exists, * the corresponding netdev_add/remove monitor commands * do not, and we need them to be able to do hotplug. * But see below about RHEL build. */ -if (version = 13000) -qemuCapsSet(flags, QEMU_CAPS_NETDEV); +if (version = 13000) { +if (strstr (netdev, bridge)) +qemuCapsSet(flags, QEMU_CAPS_NETDEV_BRIDGE); +else +qemuCapsSet(flags, QEMU_CAPS_NETDEV); +} } if (strstr(help, -sdl)) diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index 83c135b..458a73e 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -133,6 +133,7 @@ enum qemuCapsFlags { QEMU_CAPS_HDA_MICRO = 95, /* -device hda-micro */ QEMU_CAPS_DUMP_GUEST_MEMORY = 96, /* dump-guest-memory command */ QEMU_CAPS_NEC_USB_XHCI = 97, /* -device nec-usb-xhci */ +QEMU_CAPS_NETDEV_BRIDGE = 98, /* bridge helper support */ QEMU_CAPS_LAST, /* this must always be the last item */ }; -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [Patch v2 0/3] Add QEMU network helper support
From: Richa Marwaha rmar...@linux.vnet.ibm.com QEMU has a new feature which allows QEMU to execute under an unprivileged user ID and still be able to add a tap device to a Linux network bridge. Below is the link to the QEMU patches for the bridge helper feature: http://lists.gnu.org/archive/html/qemu-devel/2012-01/msg03562.html The existing libvirt tap network device support for adding a tap device to a bridge (-netdev tap) works only when connected to a libvirtd instance running as the privileged system account 'root'. When connected to a libvirtd instance running as an unprivileged user (ie. using the session URI) creation of the tap device fails as follows: error: Failed to start domain F14_64 error: Unable to create tap device vnet%d: Operation not permitted With this support, creating a tap device in the above scenario will be possible. Additionally, hot attaching a tap device to a bridge while running when connected to a libvirtd instance running as an unprivileged user will be possible. Richa Marwaha (3): Add -netdev bridge capabilities Add -netdev bridge support apparmor: QEMU bridge helper policy updates examples/apparmor/libvirt-qemu | 21 +- src/qemu/qemu_capabilities.c | 13 ++-- src/qemu/qemu_capabilities.h |1 + src/qemu/qemu_command.c| 61 --- src/qemu/qemu_command.h|2 + src/qemu/qemu_hotplug.c| 31 ++-- 6 files changed, 97 insertions(+), 32 deletions(-) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] nwfilter: Fix memory leak
On 06/28/2012 09:41 PM, Eric Blake wrote: On 06/28/2012 06:38 PM, Stefan Berger wrote: Below patch fixes this coverity report: /libvirt/src/conf/nwfilter_conf.c:382: leaked_storage: Variable varAccess going out of scope leaks the storage it points to. --- src/conf/nwfilter_conf.c |1 + 1 file changed, 1 insertion(+) ACK. pushed -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] availability of release candidate 2 of 0.9.13
On Thu, Jun 28, 2012 at 5:36 AM, Daniel Veillard veill...@redhat.com wrote: I just tagged the git tree and I pushed the tarball for rc2: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc2.tar.gz Builds fine on OSX Lion. Regards, Ruben -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] availability of release candidate 2 of 0.9.13
On Fri, Jun 29, 2012 at 10:27:22PM +0200, Ruben Kerkhof thus spake: On Thu, Jun 28, 2012 at 5:36 AM, Daniel Veillard veill...@redhat.com wrote: I just tagged the git tree and I pushed the tarball for rc2: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc2.tar.gz Builds fine on OSX Lion. Regards, Ruben FreeBSD fails on this here: include-dirs -Wunused -Wunknown-pragmas -Wstrict-aliasing -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn -Wmissing-format-attribute -Wredundant-decls -Wnested-externs -Winline -Winvalid-pch -Wvolatile-register-var -Wdisabled-optimization -Wattributes -Wdeprecated-declarations -Wdiv-by-zero -Wendif-labels -Wextra -Wformat-extra-args -Wformat-zero-length -Wformat=2 -Wmultichar -Wnormalized=nfc -Woverflow -Wpointer-to-int-cast -Wpragmas -Wtrampolines -Wno-missing-field-initializers -Wno-sign-compare -Wno-format-nonliteral -fexceptions -fasynchronous-unwind-tables -fdiagnostics-show-option -funit-at-a-time -fipa-pure-const -O2 -pipe -fno-strict-aliasing -MT libvirt_conf_la-domain_conf.lo -MD -MP -MF .deps/libvirt_conf_la-domain_conf.Tpo -c conf/domain_conf.c -fPIC -DPIC -o .libs/libvirt_conf_la-domain_conf.o conf/domain_conf.c: In function 'virDomainDiskDefParseXML': conf/domain_conf.c:3662: warning: null format string [-Wformat] conf/domain_conf.c:3679: warning: null format string [-Wformat] conf/domain_conf.c: In function 'virDomainFSDefParseXML': conf/domain_conf.c:4252: error: 'ULONG_LONG_MAX' undeclared (first use in this function) conf/domain_conf.c:4252: error: (Each undeclared identifier is reported only once conf/domain_conf.c:4252: error: for each function it appears in.) conf/domain_conf.c:4314: warning: null format string [-Wformat] conf/domain_conf.c:4320: warning: null format string [-Wformat] conf/domain_conf.c: In function 'virDomainDefParseXML': conf/domain_conf.c:7982: warning: null format string [-Wformat] gmake[3]: *** [libvirt_conf_la-domain_conf.lo] Error 1 gmake[3]: Leaving directory `/usr/local/workspace/ports/devel/libvirt/work/libvirt-0.9.13/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/usr/local/workspace/ports/devel/libvirt/work/libvirt-0.9.13/src' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/local/workspace/ports/devel/libvirt/work/libvirt-0.9.13' gmake: *** [all] Error 2 *** Error code 1 -jgh -- Jason Helfman System Administrator experts-exchange.com http://www.experts-exchange.com/M_4830110.html E4AD 7CF1 1396 27F6 79DD 4342 5E92 AD66 8C8C FBA5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] availability of release candidate 2 of 0.9.13
On 06/29/2012 02:47 PM, Jason Helfman wrote: FreeBSD fails on this here: conf/domain_conf.c: In function 'virDomainFSDefParseXML': conf/domain_conf.c:4252: error: 'ULONG_LONG_MAX' undeclared (first use in this function) POSIX requires limits.h to spell it ULLONG_MAX, not ULONG_LONG_MAX. We've got a bug in our code for using the non-standard name; I'll propose a patch soon. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] build: use correct limit for unsigned long long
Reported by Jason Helfman as a build-breaker on FreeBSD. * src/conf/domain_conf.c (virDomainFSDefParseXML): Use POSIX spelling. * src/openvz/openvz_conf.c (openvzReadFSConf): Likewise. --- Pushing under the build-breaker rule. src/conf/domain_conf.c |8 +++- src/openvz/openvz_conf.c |4 ++-- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 4086dac..3fb90db 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -4248,14 +4248,12 @@ virDomainFSDefParseXML(xmlNodePtr node, if (virDomainParseScaledValue(./space_hard_limit[1], ctxt, def-space_hard_limit, 1, - ULONG_LONG_MAX, - false) 0) + ULLONG_MAX, false) 0) goto error; if (virDomainParseScaledValue(./space_soft_limit[1], ctxt, def-space_soft_limit, 1, - ULONG_LONG_MAX, - false) 0) + ULLONG_MAX, false) 0) goto error; cur = node-children; @@ -4335,7 +4333,7 @@ virDomainFSDefParseXML(xmlNodePtr node, } if (unit virScaleInteger(def-usage, unit, -1024, ULONG_LONG_MAX) 0) +1024, ULLONG_MAX) 0) goto error; } diff --git a/src/openvz/openvz_conf.c b/src/openvz/openvz_conf.c index bb61b13..ad27d37 100644 --- a/src/openvz/openvz_conf.c +++ b/src/openvz/openvz_conf.c @@ -455,8 +455,8 @@ openvzReadFSConf(virDomainDefPtr def, goto error; } else { /* Ensure that we can multiply by 1024 without overflowing. */ -if (barrier ULONG_LONG_MAX / 1024 || -limit ULONG_LONG_MAX / 1024 ) { +if (barrier ULLONG_MAX / 1024 || +limit ULLONG_MAX / 1024 ) { virReportSystemError(VIR_ERR_OVERFLOW, _(%s), Unable to parse quota); -- 1.7.10.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] build: use correct limit for unsigned long long
On Fri, Jun 29, 2012 at 03:11:41PM -0600, Eric Blake thus spake: Reported by Jason Helfman as a build-breaker on FreeBSD. Patch is good. It builds, now. Thanks! -jgh -- Jason Helfman System Administrator experts-exchange.com http://www.experts-exchange.com/M_4830110.html E4AD 7CF1 1396 27F6 79DD 4342 5E92 AD66 8C8C FBA5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] compile option: --without-gnutls
Hi libvirt-list, Full disclosure: this is the first open source project I've tried to contribute to and I'm still learning the process and tools. In any case, Mikhail Gusarov started a thread on this a while back and I've tried to take it to conclusion. I needed to remove tls for 0.8.4 so I coded up a --without-gnutls configure option using Mikhail's partial code as a template. Then I pulled down 0.9.12 and came up with a patch that I'd like to push out to the commununity. I'm not adding any new functionality other than the configure option. The tls calls/structs are just #ifdef'd for the most part. In a couple of places I had to flip the logic for if (!tls_struct) else, and also had to modify a few function calls to pass void * instead of tls pointers. I built --with-gnutls, --without-gnutls, and no option specified (defaults to --with-gnutls). make check is clean except for: TEST: libvirtdconftest .!!...! 39 FAIL ...which consists mostly of this sasl failure: 39) Test corruption ... libvir: Config File error : unsupported configuration: remoteReadConfigFile: /home/ubu/git/libvirt/tests/../daemon/libvirtd.conf: auth_tcp: unsupported auth sasl FAILED ...so I'm trying to track that down, and also need to run syntax-check and valgrind tests. Once I get the tests passing what's my next step? Are you okay with this approach? Do you want a preview of my diffs? Do I need to write additional tests for this new option or update any documentation? Thanks, Chris Van Heuveln -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] sanlock on F17
I just tried to set up sanlock on F17 using the instructions at http://libvirt.org/locking.html, but libvirtd refuses to start with the sanlock error in the logs: Jun 29 19:56:20 nienna sanlock[8423]: 19846 open error -13 /var/lib/libvirt/sanlock/__LIBVIRT__DISKS__ I confirmed that user sanlock can create, read and write files in /var/lib/libvirt/sanlock The only thing I can think of that's slightly odd about my setup is that I'm only concerned with the local machine, so that directory is not an NFS mount. Anybody have any thoughts on what's going wrong here? TIA, Dave -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] availability of release candidate 2 of 0.9.13
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, Jun 29, 2012 at 03:07:52PM -0600, Eric Blake thus spake: On 06/29/2012 02:47 PM, Jason Helfman wrote: FreeBSD fails on this here: conf/domain_conf.c: In function 'virDomainFSDefParseXML': conf/domain_conf.c:4252: error: 'ULONG_LONG_MAX' undeclared (first use in this function) POSIX requires limits.h to spell it ULLONG_MAX, not ULONG_LONG_MAX. We've got a bug in our code for using the non-standard name; I'll propose a patch soon. Here is a link to the build logs with the patch: https://redports.org/buildarchive/20120630004335-48297/ - -jgh - -- Jason Helfman System Administrator experts-exchange.com http://www.experts-exchange.com/M_4830110.html E4AD 7CF1 1396 27F6 79DD 4342 5E92 AD66 8C8C FBA5 -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (FreeBSD) iF4EAREIAAYFAk/uTW0ACgkQXpKtZoyM+6X4swD+Ib387L0WgF0VumhmWRxBHb6Y xXr3aYw6bheKGv0BopcA/jJjNhnBgXzeLUvbNmthcOt5n+uTTnXDKYQpd3eEDMvQ =sIXU -END PGP SIGNATURE- -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] availability of release candidate 2 of 0.9.13
On Wed, Jun 27, 2012 at 10:36 PM, Daniel Veillard veill...@redhat.com wrote: I just tagged the git tree and I pushed the tarball for rc2: ftp://libvirt.org/libvirt/libvirt-0.9.13-rc2.tar.gz the rpms are being built and will be pushed soon too I didn't get any feedback on other platforms or OSes for rc1, hopefully this will get a bit of testing before the actual release, probably on Monday early next week. thanks ! Daniel Build fine on Gentoo, however it fails a test. Here's the stdout from the overall run, I'll dig in deeper over the weekend. TEST: virdrivermoduletest !!. 7 FAIL -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] sanlock on F17
On Fri, Jun 29, 2012 at 08:06:34PM -0400, Dave Allan wrote: I just tried to set up sanlock on F17 using the instructions at http://libvirt.org/locking.html, but libvirtd refuses to start with the sanlock error in the logs: Jun 29 19:56:20 nienna sanlock[8423]: 19846 open error -13 /var/lib/libvirt/sanlock/__LIBVIRT__DISKS__ I confirmed that user sanlock can create, read and write files in /var/lib/libvirt/sanlock Also disabling selinux does not help. The only thing I can think of that's slightly odd about my setup is that I'm only concerned with the local machine, so that directory is not an NFS mount. Anybody have any thoughts on what's going wrong here? TIA, Dave -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list