[libvirt] [RFC PATCH v1 0/4] Add cpu hotplug support to libvirt.
It seems that libvirt is not cpu hotplug aware. Please refer to the following problem. 1. At first, we have 2 cpus. # cat /cgroup/cpuset/cpuset.cpus 0-1 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0-1 2. And we have a vm1 with following configuration. cputune vcpupin vcpu='0' cpuset='1'/ hypervisorpin cpuset='1'/ /cputune 3. Offline cpu1. # echo 0 /sys/devices/system/cpu/cpu1/online # cat /sys/devices/system/cpu/cpu1/online 0 # cat /cgroup/cpuset/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/lxc/cpuset.cpus 0 4. Online cpu1. # echo 1 /sys/devices/system/cpu/cpu1/online # cat /sys/devices/system/cpu/cpu1/online 1 # cat /cgroup/cpuset/cpuset.cpus 0-1 # cat /cgroup/cpuset/libvirt/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/lxc/cpuset.cpus 0 Here,cgroup updated cpuset.cpus,but not for libvirt directory,and also qemu and lxc directory. vm1 cannot be started again. # virsh start vm1 error: Failed to start domain vm1 error: Unable to set cpuset.cpus: Permission denied And libvird gave the following errors. 2012-07-17 07:30:22.478+: 3118: error : qemuSetupCgroupVcpuPin:498 : Unable to set cpuset.cpus: Permission denied These patches resolves this problem by listening on the netlink for cpu hotplug event. When the netlink service gets the cpu hotplug event, it will attract the cpuid in the message, and add it into cpuset.cpus in: /cgroup/cpuset/libvirt /cgroup/cpuset/libvirt/qemu /cgroup/cpuset/libvirt/lxc Tang Chen (4): Add cpu hotplug handler for netlink service. Register cpu hotplug netlink handler for libvirtd. Register cpu hotplug netlink handler for qemu driver. Register cpu hotplug netlink handler for lxc driver. daemon/libvirtd.c | 11 +++ include/libvirt/virterror.h |2 + src/Makefile.am |1 + src/libvirt_private.syms|5 + src/lxc/lxc_driver.c|8 ++ src/qemu/qemu_driver.c |8 ++ src/util/cgroup.c |6 +- src/util/cgroup.h |4 + src/util/hotplug.c | 221 +++ src/util/hotplug.h | 32 +++ src/util/virterror.c|3 +- 11 files changed, 297 insertions(+), 4 deletions(-) create mode 100644 src/util/hotplug.c create mode 100644 src/util/hotplug.h -- 1.7.10.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [RFC PATCH v1 3/4] Register cpu hotplug netlink handler for qemu driver.
Signed-off-by: Tang Chen tangc...@cn.fujitsu.com --- src/qemu/qemu_driver.c |8 1 file changed, 8 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 64c407d..509cdd7 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -92,6 +92,7 @@ #include virnodesuspend.h #include virtime.h #include virtypedparam.h +#include hotplug.h #define VIR_FROM_THIS VIR_FROM_QEMU @@ -710,6 +711,13 @@ qemudStartup(int privileged) { virStrerror(-rc, ebuf, sizeof(ebuf))); } +/* Register cpu hotplug netlink handler for qemu driver */ +if (virCpuHotplugRegisterCallback(qemu_driver-cgroup) 0) { +VIR_ERROR(_(Unable to register cpu hotplug netlink handler + for qemu driver)); +goto error; +} + if (qemudLoadDriverConfig(qemu_driver, driverConf) 0) { goto error; } -- 1.7.10.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [RFC PATCH v1 4/4] Register cpu hotplug netlink handler for lxc driver.
Signed-off-by: Tang Chen tangc...@cn.fujitsu.com --- src/lxc/lxc_driver.c |8 1 file changed, 8 insertions(+) diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index ff11c2c..45f6cc0 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -63,6 +63,7 @@ #include virtime.h #include virtypedparam.h #include viruri.h +#include hotplug.h #define VIR_FROM_THIS VIR_FROM_LXC @@ -1453,6 +1454,13 @@ static int lxcStartup(int privileged) */ } +/* Register cpu hotplug netlink handler for lxc driver */ +if (virCpuHotplugRegisterCallback(lxc_driver-cgroup) 0) { +VIR_ERROR(_(Unable to register cpu hotplug netlink handler + for lxc driver)); +goto cleanup; +} + /* Call function to load lxc driver configuration information */ if (lxcLoadDriverConfig(lxc_driver) 0) goto cleanup; -- 1.7.10.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [RFC PATCH v1 2/4] Register cpu hotplug netlink handler for libvirtd.
Signed-off-by: Tang Chen tangc...@cn.fujitsu.com --- daemon/libvirtd.c | 11 +++ 1 file changed, 11 insertions(+) diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c index 19dd26b..e71cd79 100644 --- a/daemon/libvirtd.c +++ b/daemon/libvirtd.c @@ -56,6 +56,8 @@ #include uuid.h #include viraudit.h #include locking/lock_manager.h +#include hotplug.h +#include cgroup.h #ifdef WITH_DRIVER_MODULES # include driver.h @@ -948,6 +950,7 @@ int main(int argc, char **argv) { bool implicit_conf = false; char *run_dir = NULL; mode_t old_umask; +virCgroupPtr rootgrp = NULL; struct option opts[] = { { verbose, no_argument, verbose, 1}, @@ -1324,6 +1327,13 @@ int main(int argc, char **argv) { goto cleanup; } +/* Register cpu hotplug netlink handler for libvirtd */ +if (virCgroupAppRoot(privileged, rootgrp, 0) != 0 || +virCpuHotplugRegisterCallback(rootgrp) 0) { +ret = VIR_DAEMON_ERR_NETWORK; +goto cleanup; +} + /* Run event loop. */ virNetServerRun(srv); @@ -1352,6 +1362,7 @@ cleanup: if (pid_file_fd != -1) virPidFileReleasePath(pid_file, pid_file_fd); +virCgroupFree(rootgrp); VIR_FREE(sock_file); VIR_FREE(sock_file_ro); VIR_FREE(pid_file); -- 1.7.10.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [RFC PATCH v1 1/4] Add cpu hotplug handler for netlink service.
This patch adds a callback for cpu hotplug event. The cpu hotplug netlink message is of the following format: {online|offline}@/devices/system/cpu/cpuxx (xx is cpuid) When a cpu online message is received, the callback will get the new added cpuid from the message, and adds it to the cpuset.cpus of a specific cgroup, such as libvirtd, qemu driver, or lxc driver's cpuset cgroup. When a cpu offline message is received, nothing to for now. Signed-off-by: Tang Chen tangc...@cn.fujitsu.com --- include/libvirt/virterror.h |2 + src/Makefile.am |1 + src/libvirt_private.syms|5 + src/util/cgroup.c |6 +- src/util/cgroup.h |4 + src/util/hotplug.c | 221 +++ src/util/hotplug.h | 32 +++ src/util/virterror.c|3 +- 8 files changed, 270 insertions(+), 4 deletions(-) create mode 100644 src/util/hotplug.c create mode 100644 src/util/hotplug.h diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h index 69c64aa..5e10338 100644 --- a/include/libvirt/virterror.h +++ b/include/libvirt/virterror.h @@ -114,6 +114,8 @@ typedef enum { VIR_FROM_SSH = 50, /* Error from libssh2 connection transport */ +VIR_FROM_HOTPLUG = 51, /* Error from Hotplug driver */ + # ifdef VIR_ENUM_SENTINELS VIR_ERR_DOMAIN_LAST # endif diff --git a/src/Makefile.am b/src/Makefile.am index 95e1bea..c65ee37 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -60,6 +60,7 @@ UTIL_SOURCES = \ util/event.c util/event.h \ util/event_poll.c util/event_poll.h \ util/hooks.c util/hooks.h \ + util/hotplug.c util/hotplug.h \ util/iptables.c util/iptables.h \ util/ebtables.c util/ebtables.h \ util/dnsmasq.c util/dnsmasq.h \ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 27eb43e..97f9c7b 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -64,6 +64,7 @@ virCgroupAddTaskController; virCgroupAllowDevice; virCgroupAllowDeviceMajor; virCgroupAllowDevicePath; +virCgroupAppRoot; virCgroupControllerTypeFromString; virCgroupControllerTypeToString; virCgroupDenyAllDevices; @@ -643,6 +644,10 @@ virHookInitialize; virHookPresent; +# hotplug.h +virCpuHotplugRegisterCallback; + + # interface_conf.h virInterfaceAssignDef; virInterfaceDefFormat; diff --git a/src/util/cgroup.c b/src/util/cgroup.c index 8541c7f..df5f31a 100644 --- a/src/util/cgroup.c +++ b/src/util/cgroup.c @@ -641,9 +641,9 @@ err: return rc; } -static int virCgroupAppRoot(int privileged, -virCgroupPtr *group, -int create) +int virCgroupAppRoot(int privileged, + virCgroupPtr *group, + int create) { virCgroupPtr rootgrp = NULL; int rc; diff --git a/src/util/cgroup.h b/src/util/cgroup.h index 68ac232..ef9b022 100644 --- a/src/util/cgroup.h +++ b/src/util/cgroup.h @@ -44,6 +44,10 @@ enum { VIR_ENUM_DECL(virCgroupController); +int virCgroupAppRoot(int privileged, + virCgroupPtr *group, + int create); + int virCgroupForDriver(const char *name, virCgroupPtr *group, int privileged, diff --git a/src/util/hotplug.c b/src/util/hotplug.c new file mode 100644 index 000..d5ffd67 --- /dev/null +++ b/src/util/hotplug.c @@ -0,0 +1,221 @@ +/* + * Copyright (C) 2012 FUJITSU, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; If not, see + * http://www.gnu.org/licenses/. + * + * Authors: + * Tang Chen tangc...@cn.fujitsu.com + */ + +#include sys/types.h +#include sys/socket.h +#include string.h +#include stdlib.h + +#include hotplug.h +#include cgroup.h +#include virterror_internal.h +#include virnetlink.h +#include logging.h +#include memory.h + +#define VIR_FROM_THIS VIR_FROM_HOTPLUG + +#ifdef __linux__ + +/** + * CPU hotplug message is of the following format: + * {online|offline}@/devices/system/cpu/cpuxx (xx is cpuid) + */ +# define CPU_ONLINE_MSG online@/devices/system/cpu/cpu +# define
[libvirt] [PATCH V4] implement offline migration
allow migration even domain isn't active by inserting some stubs to tunnel migration path. Signed-off-by: liguang lig.f...@cn.fujitsu.com --- src/qemu/qemu_driver.c|2 +- src/qemu/qemu_migration.c | 181 +++-- src/qemu/qemu_migration.h |3 +- 3 files changed, 178 insertions(+), 8 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index d74bf52..00ca211 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -9779,7 +9779,7 @@ qemuDomainMigratePrepareTunnel3(virConnectPtr dconn, virCheckFlags(QEMU_MIGRATION_FLAGS, -1); -if (!dom_xml) { +if (!dom_xml !(flags VIR_MIGRATE_OFFLINE)) { virReportError(VIR_ERR_INTERNAL_ERROR, %s, _(no domain XML passed)); goto cleanup; diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index 1b21ef6..991bcc5 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -70,6 +70,7 @@ enum qemuMigrationCookieFlags { QEMU_MIGRATION_COOKIE_FLAG_GRAPHICS, QEMU_MIGRATION_COOKIE_FLAG_LOCKSTATE, QEMU_MIGRATION_COOKIE_FLAG_PERSISTENT, +QEMU_MIGRATION_COOKIE_FLAG_OFFLINE, QEMU_MIGRATION_COOKIE_FLAG_LAST }; @@ -77,12 +78,13 @@ enum qemuMigrationCookieFlags { VIR_ENUM_DECL(qemuMigrationCookieFlag); VIR_ENUM_IMPL(qemuMigrationCookieFlag, QEMU_MIGRATION_COOKIE_FLAG_LAST, - graphics, lockstate, persistent); + graphics, lockstate, persistent, offline); enum qemuMigrationCookieFeatures { QEMU_MIGRATION_COOKIE_GRAPHICS = (1 QEMU_MIGRATION_COOKIE_FLAG_GRAPHICS), QEMU_MIGRATION_COOKIE_LOCKSTATE = (1 QEMU_MIGRATION_COOKIE_FLAG_LOCKSTATE), QEMU_MIGRATION_COOKIE_PERSISTENT = (1 QEMU_MIGRATION_COOKIE_FLAG_PERSISTENT), +QEMU_MIGRATION_COOKIE_OFFLINE = (1 QEMU_MIGRATION_COOKIE_FLAG_OFFLINE), }; typedef struct _qemuMigrationCookieGraphics qemuMigrationCookieGraphics; @@ -101,6 +103,10 @@ struct _qemuMigrationCookie { unsigned int flags; unsigned int flagsMandatory; +/*offline migration flag*/ +int offline; +char *mig_file; + /* Host properties */ unsigned char localHostuuid[VIR_UUID_BUFLEN]; unsigned char remoteHostuuid[VIR_UUID_BUFLEN]; @@ -139,6 +145,8 @@ static void qemuMigrationCookieFree(qemuMigrationCookiePtr mig) if (mig-flags QEMU_MIGRATION_COOKIE_GRAPHICS) qemuMigrationCookieGraphicsFree(mig-graphics); +if (mig-flags QEMU_MIGRATION_COOKIE_GRAPHICS) +VIR_FREE(mig-mig_file); VIR_FREE(mig-localHostname); VIR_FREE(mig-remoteHostname); @@ -439,6 +447,12 @@ qemuMigrationCookieXMLFormat(struct qemud_driver *driver, virBufferAdjustIndent(buf, -2); } +if (mig-flags QEMU_MIGRATION_COOKIE_OFFLINE) { +virBufferAsprintf(buf, offline mig_ol='%d' mig_file='% s'\n, + mig-offline, mig-mig_file); +virBufferAddLit(buf, /offline\n); +} + virBufferAddLit(buf, /qemu-migration\n); return 0; } @@ -662,6 +676,18 @@ qemuMigrationCookieXMLParse(qemuMigrationCookiePtr mig, VIR_FREE(nodes); } +if ((flags QEMU_MIGRATION_COOKIE_OFFLINE) +virXPathBoolean(count(./offline) 0, ctxt)) { +if (virXPathInt(string(./offline/@mig_ol), ctxt, mig-offline) 0) { +virReportError(VIR_ERR_INTERNAL_ERROR, + %s, _(missing mig_ol attribute in migration data)); +goto error; +} +mig-mig_file = virXPathString(string(./offline/@mig_file), ctxt); +if (mig-mig_file STREQ(mig-mig_file, )) +VIR_FREE(mig-mig_file); +} + return 0; error: @@ -721,6 +747,12 @@ qemuMigrationBakeCookie(qemuMigrationCookiePtr mig, qemuMigrationCookieAddPersistent(mig, dom) 0) return -1; +if (flags QEMU_MIGRATION_COOKIE_OFFLINE) { +mig-flags |= QEMU_MIGRATION_COOKIE_OFFLINE; +mig-offline = 1; +} + + if (!(*cookieout = qemuMigrationCookieXMLFormatStr(driver, mig))) return -1; @@ -1307,6 +1339,27 @@ qemuMigrationPrepareAny(struct qemud_driver *driver, /* Domain starts inactive, even if the domain XML had an id field. */ vm-def-id = -1; +if (tunnel) { +if (!(mig = qemuMigrationEatCookie(driver, vm, cookiein, cookieinlen, + QEMU_MIGRATION_COOKIE_OFFLINE))) +return ret; +else if (mig-offline) { +char *file, *str, *tmp = NULL; +ret = 0; +for (str = mig-mig_file; ; str = NULL) { +file = strtok_r(str, , tmp); +if (file == NULL) +break; +if (virFDStreamCreateFile(st, file, 0, 0, O_WRONLY, 0) 0) { +virReportSystemError(errno, %s, + _(cannot setup stream for tunnelled migration\n)); +ret = -1; +} +} +
Re: [libvirt] Heads up 0.10.1 release on Friday
On Fri, Aug 31, 2012 at 02:36:07PM +0800, Daniel Veillard wrote: On Thu, Aug 30, 2012 at 08:44:57PM +0200, Guido Günther wrote: On Wed, Aug 29, 2012 at 11:19:42PM +0800, Daniel Veillard wrote: I was a bit afraid of the .0 effect on release name, but we really have a number of problem with 0.10.0 that ought to be fixed in a brown paper bag release. I would urge people to report and try to fix the problem being raised in 0.10.0, let's try to get them fixed today or tomorrow and I will cut a new release on Friday, Sorry about that, but somehow we didn't managed to catch even serious problem during the freeze, at some point we need to fix the problem of testing the code that we push on git on a daily basis, we have many tools but we lack at doing the continuous testing :-\ Would setting up Jenkins to trigger libvirt-tck either on commit or nightly help? Definitely !!! I could try to find some free time to do this. To be honnest i was thinking for months of doing something like that but i don't have a good infrastructure. Where would Jenkins run ? what kind of hardware set would be needed etc ? It'd start simple with a single VM running jenkins and the builds: http://honk.sigxcpu.org:8001 We can then add build slaves for other distros and operating systems step by step. For the moment I have enough resources here. The above currently only does make, make check and make syntax-check. I'll try to add libvirt-tck during the next days. There's also some duning to be done. Cheers, -- Guido It's a bit tricky since we'd be testing libvirt, libvirt-tck, Sys-virt and Qemu at once but it might be worth a try to get us more continous testing. It is tricky. There is also libvirt testing being added to autotest in the kernel, there is also the libvirt-test-API regression suite, but most of that requires set of machines, which i don't really have on libvirt.org domain, i could do that at home but that would be behind my firewall ... What did you have in mind in terms of setup ? I'm all ears ! Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 1/3] Add per-guest S3/S4 state configuration
On 08/31/2012 07:42 PM, Eric Blake wrote: On 08/31/2012 07:59 AM, Martin Kletzander wrote: There is a new pm/ element implemented that can control what ACPI sleeping states will be advertised by BIOS and allowed to be switched to by libvirt. The default keeps defaults on hypervisor, otherwise forces chosen setting. The documentation of the pm element is added as well. --- +pre + ... + lt;pmgt; +lt;suspend-to-disk enabled='no'/gt; +lt;suspend-to-ram enabled='yes'/gt; 'no' and 'yes' here... + lt;/pmgt; + .../pre + +dl + dtcodepm/code/dt + ddThese elements enable ('on') or disable ('off') BIOS support 'on' and 'off' here... !-- + Control ACPI sleep states (dis)allowed for the domain + For each of the states the following rules apply: + on: the state will be forcefully enabled + off: the state will be forcefully disabled + not specified: hypervisor will be left to decide its defaults + define name=suspendChoices +interleave + optional +attribute name=enabled + choice +valueyes/value +valueno/value ...back to 'yes' and 'no' here. Fix the .html.in version to use the right naming. + /choice +/attribute + /optional +/interleave The interleave layer is not necessary here (you only have one sub-entry; furthermore, the sub-entry is an attribute which is already auto-interleaved; only element entries need interleaving). ACK with those tweaks. Fixed and pushed, thanks. Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 3/3] tests: Add tests for qemu S3/S4 state configuration
On 08/31/2012 08:01 PM, Eric Blake wrote: On 08/31/2012 07:59 AM, Martin Kletzander wrote: Few tests were added which are checking whether the parsing of the xml and command-line arguments is working and compatible with each other. --- tests/qemuargv2xmltest.c | 3 +++ .../qemuxml2argv-misc-disable-s3.args | 4 +++ .../qemuxml2argv-misc-disable-s3.xml | 29 + .../qemuxml2argv-misc-disable-suspends.args| 4 +++ .../qemuxml2argv-misc-disable-suspends.xml | 30 ++ .../qemuxml2argv-misc-enable-s4.args | 4 +++ .../qemuxml2argv-misc-enable-s4.xml| 29 + tests/qemuxml2argvtest.c | 4 +++ tests/qemuxml2xmltest.c| 3 +++ 9 files changed, 110 insertions(+) Always good to see stuff like this. ACK. Thanks, pushed. Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 2/3] qemu: Add support for S3/S4 state configuration
On 08/31/2012 07:49 PM, Eric Blake wrote: On 08/31/2012 07:59 AM, Martin Kletzander wrote: This patch adds support for running qemu guests with the required parameters to forcefully enable or disable BIOS advertising of S3 and S4 states. The support for this is added to capabilities and there is also a qemu command parameter parsing implemented. --- src/qemu/qemu_capabilities.c | 7 + src/qemu/qemu_capabilities.h | 2 ++ src/qemu/qemu_command.c | 62 src/qemu/qemu_driver.c | 17 4 files changed, 88 insertions(+) +++ b/src/qemu/qemu_command.c @@ -4782,6 +4782,32 @@ qemuBuildCommandLine(virConnectPtr conn, virCommandAddArg(cmd, -no-acpi); } +if (def-pm.s3) { +if (!qemuCapsGet(qemuCaps, QEMU_CAPS_DISABLE_S3)) { +virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + %s, _(setting ACPI S3 not supported)); +goto error; +} +virCommandAddArgList(cmd, + -global, + (def-pm.s3 == VIR_DOMAIN_PM_STATE_ENABLED ? + PIIX4_PM.disable_s3=0 : PIIX4_PM.disable_s3=1), + NULL); Fine as is, but I probably would have written: virCommandAddArg(cmd, -global); virCommandAddArgFormat(cmd, PIIX4_PM.disable_s3=%d, def-pm.s3 == VIR_DOMAIN_PM_STATE_ENABLED); for less typing. +++ b/src/qemu/qemu_driver.c @@ -13722,6 +13722,23 @@ qemuDomainPMSuspendForDuration(virDomainPtr dom, goto cleanup; } +if (vm-def-pm.s3 || vm-def-pm.s4) { +if (!vm-def-pm.s3 == VIR_DOMAIN_PM_STATE_DISABLED Logic bug. (!vm-def-pm.s3) means that you have flattened an enum into 0 or 1, before comparing it back to an enum value. I think you meant to drop the ! entirely. ACK with that fix. Yes, I've missed it after one fixing and haven't checked if it works after that. Fixed, checked and pushed now. Thanks for the review. Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Heads up 0.10.1 release on Friday
On Mon, Sep 03, 2012 at 08:37:13AM +0200, Guido Günther wrote: On Fri, Aug 31, 2012 at 02:36:07PM +0800, Daniel Veillard wrote: On Thu, Aug 30, 2012 at 08:44:57PM +0200, Guido Günther wrote: On Wed, Aug 29, 2012 at 11:19:42PM +0800, Daniel Veillard wrote: I was a bit afraid of the .0 effect on release name, but we really have a number of problem with 0.10.0 that ought to be fixed in a brown paper bag release. I would urge people to report and try to fix the problem being raised in 0.10.0, let's try to get them fixed today or tomorrow and I will cut a new release on Friday, Sorry about that, but somehow we didn't managed to catch even serious problem during the freeze, at some point we need to fix the problem of testing the code that we push on git on a daily basis, we have many tools but we lack at doing the continuous testing :-\ Would setting up Jenkins to trigger libvirt-tck either on commit or nightly help? Definitely !!! I could try to find some free time to do this. To be honnest i was thinking for months of doing something like that but i don't have a good infrastructure. Where would Jenkins run ? what kind of hardware set would be needed etc ? It'd start simple with a single VM running jenkins and the builds: http://honk.sigxcpu.org:8001 We can then add build slaves for other distros and operating systems step by step. For the moment I have enough resources here. The above currently only does make, make check and make syntax-check. I'll try to add libvirt-tck during the next days. There's also some duning to be done. Okay, I don't know how much resources you need. Can you run this on Centos 6.3 ? if yes head to r...@devel.libvirt.org , it's a different box, with virtualization capabilities and a quad CPU + 4G of RAM. Hopefully it is sufficient to run Jenkins, if you could give it a try that would be a good starting place, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ dan...@veillard.com | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [RFC PATCH v1 0/4] Add cpu hotplug support to libvirt.
On 09/03/2012 08:06 AM, Tang Chen wrote: It seems that libvirt is not cpu hotplug aware. Please refer to the following problem. 1. At first, we have 2 cpus. # cat /cgroup/cpuset/cpuset.cpus 0-1 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0-1 2. And we have a vm1 with following configuration. cputune vcpupin vcpu='0' cpuset='1'/ hypervisorpin cpuset='1'/ /cputune 3. Offline cpu1. # echo 0 /sys/devices/system/cpu/cpu1/online # cat /sys/devices/system/cpu/cpu1/online 0 # cat /cgroup/cpuset/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/lxc/cpuset.cpus 0 4. Online cpu1. # echo 1 /sys/devices/system/cpu/cpu1/online # cat /sys/devices/system/cpu/cpu1/online 1 # cat /cgroup/cpuset/cpuset.cpus 0-1 # cat /cgroup/cpuset/libvirt/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/qemu/cpuset.cpus 0 # cat /cgroup/cpuset/libvirt/lxc/cpuset.cpus 0 Here,cgroup updated cpuset.cpus,but not for libvirt directory,and also qemu and lxc directory. vm1 cannot be started again. # virsh start vm1 error: Failed to start domain vm1 error: Unable to set cpuset.cpus: Permission denied And libvird gave the following errors. 2012-07-17 07:30:22.478+: 3118: error : qemuSetupCgroupVcpuPin:498 : Unable to set cpuset.cpus: Permission denied These patches resolves this problem by listening on the netlink for cpu hotplug event. When the netlink service gets the cpu hotplug event, it will attract the cpuid in the message, and add it into cpuset.cpus in: /cgroup/cpuset/libvirt /cgroup/cpuset/libvirt/qemu /cgroup/cpuset/libvirt/lxc Hi, this approach requires that libvirtd keeps running through the entire lifecycle of a guest. That is something that cannot be safely assumed and therefore hotplug events can be missed. That means that libvirt must synchronize the hypervisors cpusets with the host's current CPU states. You could do that for instance when registering the callback. -- Mit freundlichen Grüßen/Kind Regards Viktor Mihajlovski IBM Deutschland Research Development GmbH Vorsitzender des Aufsichtsrats: Martin Jetter Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] pci: Save and restore each devices/functions behind the bus
Previously it refuses to do the secondary bus reset as long as there is(are) devices/functions behind the same bus, regardless of whether the devices/functions are being used or not. And it only save and restore the device itself's PCI config space. But later it was changed to allow the secondary bus reset as long as the devices/functions behind the same bus are not being used. Unfortunately, it still just saves and restores the device itself's PCI config space. It means we will lose the PCI config space for the devices share same bus when doing passthrough. Also, (hope my guess is right) as it assumes the secondary reset is allowed unless the device doesn't have devices/functions behind the same bus, so it only reads the bridge control register from the device, but not the parent. This patch fixes the problem by finding out all the devices/functions behind the same bus of the device to be reset, and save/restore PCI config space for all of them. And read the bridge control register from the device's parent (bridge) before resetting. * src/util/pci.c: - New helper pciSharesBus to check if two devices share same bus. - New helper pciDevicesShareBus to return a list containg all of the devices/functions which share same bus with the device - pciTrySecondaryBusReset: Save and restore PCI config space for all the devices/functions behind the same bus; Read the bridge control register from the device's parent instead before resetting. --- src/util/pci.c | 80 --- 1 files changed, 75 insertions(+), 5 deletions(-) diff --git a/src/util/pci.c b/src/util/pci.c index 0742d07..1a9777a 100644 --- a/src/util/pci.c +++ b/src/util/pci.c @@ -517,6 +517,39 @@ pciBusContainsActiveDevices(pciDevice *dev, return active; } +/* + * Check if the @dev and @check share bus. + */ +static int +pciSharesBus(pciDevice *dev, pciDevice *check, void *data ATTRIBUTE_UNUSED) +{ +if ((dev-domain == check-domain) +(dev-bus == check-bus) +(dev-slot == check-slot)) +return 1; + +return 0; +} + +/* + * Return all the devices/functions share same bus with @dev + * as a list. + */ +static pciDeviceList * +pciDevicesShareBus(pciDevice *dev) +{ +pciDevice *match = NULL; +pciDeviceList *pcis = NULL; + +if (!(pcis = pciDeviceListNew())) +return NULL; + +if (pciIterDevices(pciSharesBus, dev, match, NULL)) +pciDeviceListAdd(pcis, match); + +return pcis; +} + /* Is @check the parent of @dev ? */ static int pciIsParent(pciDevice *dev, pciDevice *check, void *data) @@ -604,6 +637,9 @@ pciTrySecondaryBusReset(pciDevice *dev, uint8_t config_space[PCI_CONF_LEN]; uint16_t ctl; int ret = -1; +pciDeviceList *list = NULL; +uint8_t (*config_spaces)[PCI_CONF_LEN]; +int i; /* Refuse to do a secondary bus reset if there are other * devices/functions behind the bus are used by the host @@ -628,10 +664,7 @@ pciTrySecondaryBusReset(pciDevice *dev, VIR_DEBUG(%s %s: doing a secondary bus reset, dev-id, dev-name); -/* Save and restore the device's config space; we only do this - * for the supplied device since we refuse to do a reset if there - * are multiple devices/functions - */ +/* Save the device's config space */ if (pciRead(dev, 0, config_space, PCI_CONF_LEN) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to read PCI config space for %s), @@ -639,10 +672,29 @@ pciTrySecondaryBusReset(pciDevice *dev, goto out; } +/* Save the config space of devices behind the same bus */ +if ((list = pciDevicesShareBus(dev))) { +if (VIR_ALLOC_N(config_spaces, list-count) 0) { +virReportOOMError(); +goto out; +} + +for (i = 0; i list-count; i++) { +pciDevice *pci = list-devs[i]; + +if (pciRead(pci, 0, config_spaces[i], PCI_CONF_LEN) 0) { +virReportError(VIR_ERR_INTERNAL_ERROR, + _(Failed to read PCI config space for %s), + pci-name); +goto out; +} +} +} + /* Read the control register, set the reset flag, wait 200ms, * unset the reset flag and wait 200ms. */ -ctl = pciRead16(dev, PCI_BRIDGE_CONTROL); +ctl = pciRead16(parent, PCI_BRIDGE_CONTROL); pciWrite16(parent, PCI_BRIDGE_CONTROL, ctl | PCI_BRIDGE_CTL_RESET); @@ -652,14 +704,32 @@ pciTrySecondaryBusReset(pciDevice *dev, usleep(200 * 1000); /* sleep 200ms */ +/* Restore the device's config space */ if (pciWrite(dev, 0, config_space, PCI_CONF_LEN) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to restore PCI config space for %s), dev-name); goto out; } + +/* Restore the config space of devices behind the same bus */ +
Re: [libvirt] [PATCH] pci: Read bridge control register from the bridge
On 2012年09月01日 02:16, Eric Blake wrote: On 08/31/2012 07:17 AM, Osier Yang wrote: Though I don't quite understand it well enough, but it looks wrong to read the control register from the device, and then write to its parent twice, while doing the secondary bus reset. --- src/util/pci.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/util/pci.c b/src/util/pci.c index 0742d07..c3f1b2b 100644 --- a/src/util/pci.c +++ b/src/util/pci.c @@ -642,7 +642,7 @@ pciTrySecondaryBusReset(pciDevice *dev, /* Read the control register, set the reset flag, wait 200ms, * unset the reset flag and wait 200ms. */ -ctl = pciRead16(dev, PCI_BRIDGE_CONTROL); +ctl = pciRead16(parent, PCI_BRIDGE_CONTROL); ACK. Unfortunately, I, like you, have no idea how to really test this, and am reviewing solely based on the code comments. Thanks, but I squashed this into a new patch, which is the full solution for the secondary bus reset problems: https://www.redhat.com/archives/libvir-list/2012-September/msg00023.html Regards, Osier -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [RFC PATCH v1 0/4] Add cpu hotplug support to libvirt.
On 09/03/2012 04:42 PM, Viktor Mihajlovski wrote: Hi, this approach requires that libvirtd keeps running through the entire lifecycle of a guest. That is something that cannot be safely assumed and therefore hotplug events can be missed. That means that libvirt must synchronize the hypervisors cpusets with the host's current CPU states. You could do that for instance when registering the callback. Yes, I will fix it soon in the next version. Thanks. :) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4 v2] conf: Parse and format disk wwn
On 2012年08月31日 22:37, Eric Blake wrote: On 08/31/2012 04:10 AM, Osier Yang wrote: Validates the wwn while parsing, error out if it's malformed. * src/util/util.h: Declare virValidateWWN * src/util/util.c: Implement virValidateWWN * src/libvirt_private.syms: Export virValidateWWN. * src/conf/domain_conf.h: New member 'wwn' for disk def. * src/conf/domain_conf.c: Parse and format diskwwn +#define WWN_REG_PATTERN[0-9a-zA-Z]{16} +bool +virValidateWWN(const char *wwn) { +regex_t re; +int err; +char error[100]; + +if ((err = regcomp(re, WWN_REG_PATTERN, REG_EXTENDED)) != 0) Do we really need regcomp() for this? I'm thinking it's much faster to just do something like: for (i = 0; wwn[i]; i++) if (!c_isxdigit(wwn[i])) break; if (i != 16 || wwn[i]) // error, return false; return true; Which is more compat, I posted a v3, thanks. Regards, Osier -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v3] conf: Parse and format disk wwn
Validates the wwn while parsing, error out if it's malformed. * src/util/util.h: Declare virValidateWWN * src/util/util.c: Implement virValidateWWN * src/libvirt_private.syms: Export virValidateWWN. * src/conf/domain_conf.h: New member 'wwn' for disk def. * src/conf/domain_conf.c: Parse and format disk wwn --- src/conf/domain_conf.c | 13 - src/conf/domain_conf.h |1 + src/libvirt_private.syms |1 + src/util/util.c | 17 + src/util/util.h |2 ++ 5 files changed, 33 insertions(+), 1 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 49327df..f83dfb7 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -950,6 +950,7 @@ void virDomainDiskDefFree(virDomainDiskDefPtr def) VIR_FREE(def-mirror); VIR_FREE(def-mirrorFormat); VIR_FREE(def-auth.username); +VIR_FREE(def-wwn); if (def-auth.secretType == VIR_DOMAIN_DISK_SECRET_TYPE_USAGE) VIR_FREE(def-auth.secret.usage); virStorageEncryptionFree(def-encryption); @@ -3372,7 +3373,6 @@ cleanup: goto cleanup; } - /* Parse the XML definition for a disk * @param node XML nodeset to parse for disk definition */ @@ -3421,6 +3421,7 @@ virDomainDiskDefParseXML(virCapsPtr caps, char *authUUID = NULL; char *usageType = NULL; char *tray = NULL; +char *wwn = NULL; if (VIR_ALLOC(def) 0) { virReportOOMError(); @@ -3723,6 +3724,12 @@ virDomainDiskDefParseXML(virCapsPtr caps, } else if (!serial xmlStrEqual(cur-name, BAD_CAST serial)) { serial = (char *)xmlNodeGetContent(cur); +} else if (!wwn + xmlStrEqual(cur-name, BAD_CAST wwn)) { +wwn = (char *)xmlNodeGetContent(cur); + +if (!virValidateWWN(wwn)) +goto error; } else if (xmlStrEqual(cur-name, BAD_CAST boot)) { /* boot is parsed as part of virDomainDeviceInfoParseXML */ } @@ -4019,6 +4026,8 @@ virDomainDiskDefParseXML(virCapsPtr caps, encryption = NULL; def-serial = serial; serial = NULL; +def-wwn = wwn; +wwn = NULL; if (!def-driverType caps-defaultDiskDriverType @@ -4073,6 +4082,7 @@ cleanup: VIR_FREE(copy_on_read); VIR_FREE(devaddr); VIR_FREE(serial); +VIR_FREE(wwn); virStorageEncryptionFree(encryption); VIR_FREE(startupPolicy); @@ -11586,6 +11596,7 @@ virDomainDiskDefFormat(virBufferPtr buf, if (def-transient) virBufferAddLit(buf, transient/\n); virBufferEscapeString(buf, serial%s/serial\n, def-serial); +virBufferEscapeString(buf, wwn%s/wwn\n, def-wwn); if (def-encryption) { virBufferAdjustIndent(buf, 6); if (virStorageEncryptionFormat(buf, def-encryption) 0) diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 034bebf..b91fa37 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -572,6 +572,7 @@ struct _virDomainDiskDef { virDomainBlockIoTuneInfo blkdeviotune; char *serial; +char *wwn; int cachemode; int error_policy; /* enum virDomainDiskErrorPolicy */ int rerror_policy; /* enum virDomainDiskErrorPolicy */ diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 6f14763..a8274d0 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1240,6 +1240,7 @@ virStrToLong_ull; virStrcpy; virStrncpy; virTrimSpaces; +virValidateWWN; virVasprintf; diff --git a/src/util/util.c b/src/util/util.c index 91eab72..8b1f0dc 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -3052,3 +3052,20 @@ bool virIsDevMapperDevice(const char *dev_name ATTRIBUTE_UNUSED) return false; } #endif + +bool +virValidateWWN(const char *wwn) { +int i; + +for (i = 0; wwn[i]; i++) +if (!c_isxdigit(wwn[i])) +break; + +if (i != 16 || wwn[i]) { +virReportError(VIR_ERR_INTERNAL_ERROR, %s, + _(Malformed wwn: %s)); +return false; +} + +return true; +} diff --git a/src/util/util.h b/src/util/util.h index a5d892d..0c0efad 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -277,4 +277,6 @@ int virBuildPathInternal(char **path, ...) ATTRIBUTE_SENTINEL; bool virIsDevMapperDevice(const char *dev_name) ATTRIBUTE_NONNULL(1); +bool virValidateWWN(const char *wwn); + #endif /* __VIR_UTIL_H__ */ -- 1.7.7.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-perl PATCH] Fix several APIs
On 2012年08月29日 14:44, Daniel P. Berrange wrote: On Wed, Aug 29, 2012 at 01:29:37AM -0400, Alex Jia wrote: ACK. -- Regards, Alex - Original Message - From: Osier Yangjy...@redhat.com To: libvir-list@redhat.com Sent: Tuesday, August 28, 2012 11:52:24 PM Subject: [libvirt] [libvirt-perl PATCH] Fix several APIs These APIs accept one more argument (flags), which was ignored in the XS implementations. --- Virt.xs | 46 ++ 1 files changed, 26 insertions(+), 20 deletions(-) ACK, if you also update the Domain.pm docs to mention the new flags parameters Thanks, Pushed with the doc and nits pointed out by gren updated (btw, most of the flags for APIs are not documented, and even some constants, such as constants for virTypedParameterFlags, could be later patch). Regards, Osier -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-tck PATCH] New test to test numa parameters tuning APIs
On 2012年08月29日 16:15, Guannan Ren wrote: On 08/29/2012 12:01 AM, Osier Yang wrote: To make sure the domain config is not broken after the API calls. --- This depends on https://www.redhat.com/archives/libvir-list/2012-August/msg01792.html --- scripts/domain/202-numa-set-parameters.t | 99 ++ 1 files changed, 99 insertions(+), 0 deletions(-) create mode 100644 scripts/domain/202-numa-set-parameters.t diff --git a/scripts/domain/202-numa-set-parameters.t b/scripts/domain/202-numa-set-parameters.t new file mode 100644 index 000..fd96866 --- /dev/null +++ b/scripts/domain/202-numa-set-parameters.t @@ -0,0 +1,99 @@ +# -*- perl -*- +# +# Copyright (C) 2009-2012 Red Hat, Inc. +# Copyright (C) 2012 Osier Yang +# +# This program is free software; You can redistribute it and/or modify +# it under the GNU General Public License as published by the Free +# Software Foundation; either version 2, or (at your option) any +# later version +# +# The file LICENSE distributed along with this file provides full +# details of the terms and conditions +# + +=pod + +=head1 NAME + +domain/212-set-numa-parameters.t - Set NUMA parameters + +=head1 DESCRIPTION + +The test case validates the internal data structure is consistent +after the API call to set NUMA parameters for a domain. + +=cut + +use strict; +use warnings; + +use Test::More tests = 10; + +use Sys::Virt::TCK; +use Test::Exception; + +my $tck = Sys::Virt::TCK-new(); +my $conn = eval { $tck-setup(); }; +BAIL_OUT failed to setup test harness: $@ if $@; +END { + $tck-cleanup if $tck; + unlink tck.img if -f tck.img; +} + + +my $xml = $tck-generic_domain(tck)-as_xml; + +diag Creating a new persistent domain; +my $dom; +ok_domain(sub { $dom = $conn-define_domain($xml) }, created persistent domain object); + +diag Starting inactive domain; +$dom-create; +ok($dom-get_id 0, running domain with ID 0); + +# NUMA mode can't be changed for a live domain +my %params = ( + Sys::Virt::Domain::NUMA_NODESET = '0', +); + +diag Set numa parameters, affects live config; +lives_ok(sub {$dom-set_numa_parameters(\%params, Sys::Virt::Domain::AFFECT_LIVE)}, set_numa_parameters); + +diag Destroy the domain; +$dom-destroy; + +diag Make sure the domain can be started after setting numa parameters; +$dom-create; +ok($dom-get_id 0, running domain with ID 0); + +diag Get numa parameters; +my $params = $dom-get_numa_parameters(Sys::Virt::Domain::AFFECT_LIVE); +ok($params-{Sys::Virt::Domain::NUMA_NODESET} eq '0', 'Check nodeset'); + +diag Destroy the domain; +$dom-destroy; + +$params{Sys::Virt::Domain::NUMA_MODE} = Sys::Virt::Domain::NUMATUNE_MEM_STRICT; + +diag Set numa parameters, affects next boot; +lives_ok(sub {$dom-set_numa_parameters(\%params, Sys::Virt::Domain::AFFECT_CONFIG)}, set_numa_parameters); + +diag Get numa parameters; +my $params = $dom-get_numa_parameters(Sys::Virt::Domain::AFFECT_LIVE); it should be Sys::Virt::Domain::AFFECT_CURRENT? ACK with this fixed Guannan Thanks, pushed. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] about open vswitch supporting?
Hi: i used to use linux bridge and specify interfaces by 'Generic ethernet connection' mode,after reading this page: http://libvirt.org/formatdomain.html#elementsNICS i am not sure if i need to change to another mode(eg:'virtual network') to specify interfaces when switching linux bridge to open vswitch? any suggestions? thanks! heuye -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v0] qemu: Add sandbox support.
QEMU (since 1.2-rc0) supports setting up a syscall whitelist through libseccomp on linux kernel from 3.5-rc1. This is enabled by specifying -sandbox on on qemu command line. This patch detects this capability by searching for -sandbox in qemu help output and runs qemu with -sandbox on if sandbox is set to non-zero in qemu.conf. --- Should this option be in qemu.conf, or would it be better to set it per-domain in the XML? --- src/qemu/qemu.conf |6 ++ src/qemu/qemu_capabilities.c |3 +++ src/qemu/qemu_capabilities.h |1 + src/qemu/qemu_command.c |3 +++ src/qemu/qemu_conf.c |5 + src/qemu/qemu_conf.h |1 + 6 files changed, 19 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index d3175fa..47e510e 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -375,3 +375,9 @@ # #keepalive_interval = 5 #keepalive_count = 5 + + + +# Enable this to use seccomp syscall whitelisting in QEMU. +# +#sandbox = 1 diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 2ba7956..b0728e8 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -176,6 +176,7 @@ VIR_ENUM_IMPL(qemuCaps, QEMU_CAPS_LAST, disable-s3, disable-s4, /* 105 */ + sandbox ); struct qemu_feature_flags { @@ -1139,6 +1140,8 @@ qemuCapsComputeCmdFlags(const char *help, } if (strstr(help, -smbios type)) qemuCapsSet(flags, QEMU_CAPS_SMBIOS_TYPE); +if (strstr(help, -sandbox)) +qemuCapsSet(flags, QEMU_CAPS_SANDBOX); if ((netdev = strstr(help, -netdev))) { /* Disable -netdev on 0.12 since although it exists, diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h index a7b3a06..0066901 100644 --- a/src/qemu/qemu_capabilities.h +++ b/src/qemu/qemu_capabilities.h @@ -141,6 +141,7 @@ enum qemuCapsFlags { QEMU_CAPS_IOLIMITS = 103, /* -device ...logical_block_size co */ QEMU_CAPS_DISABLE_S3 = 104, /* S3 BIOS Advertisement on/off */ QEMU_CAPS_DISABLE_S4 = 105, /* S4 BIOS Advertisement on/off */ +QEMU_CAPS_SANDBOX= 106, /* -sandbox */ QEMU_CAPS_LAST, /* this must always be the last item */ }; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index e739f34..737d4d9 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -6462,6 +6462,9 @@ qemuBuildCommandLine(virConnectPtr conn, ? qemucmd-env_value[i] : ); } +if (driver-sandbox qemuCapsGet(qemuCaps, QEMU_CAPS_SANDBOX)) +virCommandAddArgList(cmd, -sandbox, on, NULL); + return cmd; no_memory: diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index e9e15c5..a367fcd 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -129,6 +129,7 @@ int qemudLoadDriverConfig(struct qemud_driver *driver, driver-keepAliveInterval = 5; driver-keepAliveCount = 5; +driver-sandbox = false; /* Just check the file is readable before opening it, otherwise * libvirt emits an error. @@ -570,6 +571,10 @@ int qemudLoadDriverConfig(struct qemud_driver *driver, CHECK_TYPE(keepalive_count, VIR_CONF_LONG); if (p) driver-keepAliveCount = p-l; +p = virConfGetValue(conf, sandbox); +CHECK_TYPE(sandbox, VIR_CONF_LONG); +if (p) driver-sandbox = p-l; + virConfFree (conf); return 0; } diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index ac285f6..f1b6465 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -152,6 +152,7 @@ struct qemud_driver { int keepAliveInterval; unsigned int keepAliveCount; +bool sandbox; }; typedef struct _qemuDomainCmdlineDef qemuDomainCmdlineDef; -- 1.7.8.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Fwd: Compiling a simple code which include libvirt
I ran 'sudo make install' in /path/to/libvirt. But same error is coming. Maybe following will be helpful: - I extracted the libvirt.0.10.1 in ~/Downloads - And I am running the code in ~/Downloads/libvirt-0.10.1 - I ran 'sudo make install' in the above directory. On 2 September 2012 16:24, Michal Privoznik mpriv...@redhat.com wrote: On 02.09.2012 09:53, Rahul Bansal wrote: /* example ex1.c */ /* compile with: gcc -g -Wall ex1.c -o ex -lvirt */ #include stdio.h #include stdlib.h #include include/libvirt/libvirt.h since you are including this path assume you use -I/path/to/libvirt/source and don't have libvirt installed in your system. Hence you need to provide linker the path where it will find the library: gcc -I/path/to/libvirt -L/path/to/libvirt/src -lvirt ex1.c -o ex1 or just install libvirt ('sudo make install' in /path/to/libvirt) and then you can drop both -I and -L arguments. int main(int argc, char *argv[]) { virConnectPtr conn; conn = virConnectOpen(qemu:///system); if (conn == NULL) { fprintf(stderr, Failed to open connection to qemu:///system\n); return 1; } virConnectClose(conn); return 0; } -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Fwd: Compiling a simple code which include libvirt
On 09/03/2012 06:39 AM, Rahul Bansal wrote: [Please don't top-post on technical lists.] I ran 'sudo make install' in /path/to/libvirt. But same error is coming. Maybe following will be helpful: - I extracted the libvirt.0.10.1 in ~/Downloads - And I am running the code in ~/Downloads/libvirt-0.10.1 - I ran 'sudo make install' in the above directory. And what ./configure arguments did you use? If you didn't supply anything in particular, then this installed your copy of libvirt into /usr/local/, and depending on your setup, your compiler might not be looking into that directory by default. -- Eric Blake ebl...@redhat.com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] qemu: Don't update graphic definitions on password change failure
When the password change failed we updated the graphic definition anyways, which is not desired. --- src/qemu/qemu_hotplug.c | 5 + 1 file changed, 5 insertions(+) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 1251d6b..a8a904c 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1517,6 +1517,8 @@ qemuDomainChangeGraphics(struct qemud_driver *driver, VIR_DOMAIN_GRAPHICS_TYPE_VNC, dev-data.vnc.auth, driver-vncPassword); +if (ret 0) +return ret; /* Steal the new dev's char * reference */ VIR_FREE(olddev-data.vnc.auth.passwd); @@ -1576,6 +1578,9 @@ qemuDomainChangeGraphics(struct qemud_driver *driver, dev-data.spice.auth, driver-spicePassword); +if (ret 0) +return ret; + /* Steal the new dev's char * reference */ VIR_FREE(olddev-data.spice.auth.passwd); olddev-data.spice.auth.passwd = dev-data.spice.auth.passwd; -- 1.7.12 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] make check failure
Hello All, I wanted to ask a question regarding the tests that are run during make check. If a particular test fails when running make check, how do we which test failed and why? Is there a log that helps when debugging such errors? -- Many Thanks, Regards, Shradha Shah -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] None seclabel question
Hi, I was discussing with Jiri Denemark about the current behavior of none seclabels with multiple security drivers and I'd like to hear more opinions about how this should work. Currently, a none security label can be defined specifically to each enabled security driver. For example, using a default configuration (in which SELinux is enabled as default driver and DAC is enabled due to privileged mode), a guest definition can contain the following seclabel: seclabel type='none' model='selinux'/ This will disable SELinux labeling and will keep labeling enabled for any other security drivers (DAC in this case). So, my question is: should none seclabels affect specific drivers (as done now) or just one none seclabel should be accepted affecting all security drivers in use? Regards, Marcelo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] make check failure
On 09/03/2012 11:52 AM, Shradha Shah wrote: Hello All, I wanted to ask a question regarding the tests that are run during make check. If a particular test fails when running make check, how do we which test failed and why? The test(s) that failed can be found by searching through the make check output for FAIL. Once you've found the test that failed, you can get more detailed output from that test by doing the following: cd tests VIR_TEST_DEBUG=2 ./${testname} That should given enough information to figure out what's wrong. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v0] qemu: Add sandbox support.
On Mon, Sep 3, 2012 at 7:03 AM, Ján Tomko jto...@redhat.com wrote: QEMU (since 1.2-rc0) supports setting up a syscall whitelist through libseccomp on linux kernel from 3.5-rc1. This is enabled by specifying -sandbox on on qemu command line. snip There's a big push to not rely on -help scraping, please work with qemu upstream to get this exposed through the QMP and query for the capability that way. -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/4] Fixup some headers in virnetdevbridge.c, needed for OpenBSD.
--- src/util/virnetdevbridge.c |9 + 1 files changed, 9 insertions(+), 0 deletions(-) diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index 7b11bee..8559223 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -30,6 +30,15 @@ #include intprops.h #include sys/ioctl.h + +#ifdef HAVE_SYS_PARAM_H +# include sys/param.h +#endif + +#ifdef HAVE_SYS_SOCKET_H +# include sys/socket.h +#endif + #ifdef HAVE_NET_IF_H # include net/if.h #endif -- 1.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/4] Initial OpenBSD support
Hi, Here are some patches to get libvirt building on OpenBSD. I tested basic functionality with virt-manager though there appear to be some rough edges to fix/polish (could also be in virt-manager). At least basic libvirt usage should work on OpenBSD now. Jasper Lievisse Adriaanse (4): Define DYNLIB_NAME on OpenBSD. Fixup some headers in virnetdevbridge.c, needed for OpenBSD. Check for sys/ucred.h and adjust virnetsocket.c for OpenBSD compilation. There's no librt on OpenBSD. configure.ac | 10 -- src/rpc/virnetsocket.c | 10 ++ src/util/virnetdevbridge.c |9 + src/vbox/vbox_XPCOMCGlue.c |2 +- 4 files changed, 28 insertions(+), 3 deletions(-) -- 1.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/4] Define DYNLIB_NAME on OpenBSD.
--- src/vbox/vbox_XPCOMCGlue.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/vbox/vbox_XPCOMCGlue.c b/src/vbox/vbox_XPCOMCGlue.c index e7e9c37..63470ae 100644 --- a/src/vbox/vbox_XPCOMCGlue.c +++ b/src/vbox/vbox_XPCOMCGlue.c @@ -48,7 +48,7 @@ /*** * Defined Constants And Macros * ***/ -#if defined(__linux__) || defined(__linux_gnu__) || defined(__sun__) || defined(__FreeBSD__) +#if defined(__linux__) || defined(__linux_gnu__) || defined(__sun__) || defined(__FreeBSD__) || defined(__OpenBSD__) # define DYNLIB_NAMEVBoxXPCOMC.so #elif defined(__APPLE__) # define DYNLIB_NAMEVBoxXPCOMC.dylib -- 1.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/4] Check for sys/ucred.h and adjust virnetsocket.c for OpenBSD compilation.
--- configure.ac |2 +- src/rpc/virnetsocket.c | 10 ++ 2 files changed, 11 insertions(+), 1 deletions(-) diff --git a/configure.ac b/configure.ac index e0d00d5..7ba1e9c 100644 --- a/configure.ac +++ b/configure.ac @@ -197,7 +197,7 @@ dnl Availability of various common headers (non-fatal if missing). AC_CHECK_HEADERS([pwd.h paths.h regex.h sys/un.h \ sys/poll.h syslog.h mntent.h net/ethernet.h linux/magic.h \ sys/un.h sys/syscall.h netinet/tcp.h ifaddrs.h libtasn1.h \ - net/if.h execinfo.h]) + net/if.h execinfo.h sys/ucred.h]) dnl We need to decide at configure time if libvirt will use real atomic dnl operations (lock free) or emulated ones with a mutex. diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index 5a48300..0457710 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -31,6 +31,10 @@ #include fcntl.h #include netdb.h +#ifdef HAVE_SYS_UCRED_H +# include sys/ucred.h +#endif + #ifdef HAVE_NETINET_TCP_H # include netinet/tcp.h #endif @@ -999,9 +1003,15 @@ int virNetSocketGetUNIXIdentity(virNetSocketPtr sock, return -1; } +#if defined(__OpenBSD__) +*pid = getpid(); +*uid = cr.cr_uid; +*gid = cr.cr_gid; +#else *pid = cr.pid; *uid = cr.uid; *gid = cr.gid; +#endif virMutexUnlock(sock-lock); return 0; -- 1.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 4/4] There's no librt on OpenBSD.
--- configure.ac |8 +++- 1 files changed, 7 insertions(+), 1 deletions(-) diff --git a/configure.ac b/configure.ac index 7ba1e9c..701ab50 100644 --- a/configure.ac +++ b/configure.ac @@ -188,7 +188,13 @@ RT_LIBS= LIBS=$LIBS $LIB_PTHREAD -lrt AC_CHECK_FUNC([clock_gettime],[ AC_DEFINE([HAVE_CLOCK_GETTIME],[],[Defined if clock_gettime() exists in librt.so]) - RT_LIBS=-lrt + case $host in + *-*-openbsd*) + ;; + *) + RT_LIBS=-lrt +;; + esac ]) LIBS=$old_libs AC_SUBST(RT_LIBS) -- 1.7.6 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list