[libvirt] [PATCH 1/1][RESEND] ppc64 cpu features

[Li Zhang]

From: Li Zhang 

This patch adds a CPU feature "powernv" identifying IBM Power
processor that supports native hypervisor e.g. KVM. This can
be used by virtualization management software to determine
the CPU capabilities. PVR doesn't indicate whether it a
host or a guest CPU. So, we use /proc/cpuinfo to get the
platform information (PowerNV) and use that to set the
"powernv" flag.

Signed-off-by: Dipankar Sarma 
Signed-off-by: Li Zhang 
---
 src/cpu/cpu_map.xml|9 ++
 src/cpu/cpu_powerpc.c  |  349 ++--
 src/cpu/cpu_ppc_data.h |4 +
 src/util/sysinfo.c |2 +-
 4 files changed, 294 insertions(+), 70 deletions(-)

diff --git a/src/cpu/cpu_map.xml b/src/cpu/cpu_map.xml
index eb69a34..6b1f9b9 100644
--- a/src/cpu/cpu_map.xml
+++ b/src/cpu/cpu_map.xml
@@ -587,14 +587,23 @@
   

 
+ 
+  
+

 
+  
+  
   
 
 
+  
+  
   
 
 
+  
+  
   
 
   
diff --git a/src/cpu/cpu_powerpc.c b/src/cpu/cpu_powerpc.c
index ac10789..2135944 100644
--- a/src/cpu/cpu_powerpc.c
+++ b/src/cpu/cpu_powerpc.c
@@ -33,6 +33,7 @@
 
 #include "cpu_map.h"
 #include "buf.h"
+#include "sysinfo.h"
 
 #define VIR_FROM_THIS VIR_FROM_CPU
 
@@ -44,16 +45,9 @@ struct cpuPowerPC {
 uint32_t pvr;
 };
 
-static const struct cpuPowerPC cpu_defs[] = {
-{"POWER7", "IBM", 0x003f0200},
-{"POWER7_v2.1", "IBM", 0x003f0201},
-{"POWER7_v2.3", "IBM", 0x003f0203},
-{NULL, NULL, 0x}
-};
-
-
 struct ppc_vendor {
 char *name;
+uint32_t pvr;
 struct ppc_vendor *next;
 };
 
@@ -64,64 +58,191 @@ struct ppc_model {
 struct ppc_model *next;
 };
 
+struct ppc_feature {
+char *name;
+union cpuData *data;
+struct ppc_feature *next;
+};
+
 struct ppc_map {
 struct ppc_vendor *vendors;
+struct ppc_feature *features;
 struct ppc_model *models;
 };
 
+static void
+ppcDataSubtract(union cpuData *data1,
+const union cpuData *data2)
+{
+data1->ppc.platform &= ~data2->ppc.platform;
+}
+
+static bool
+ppcDataIsSubset(const union cpuData *data,
+const union cpuData *subset)
+{
+if (subset->ppc.platform &&
+   (data->ppc.platform & subset->ppc.platform) == subset->ppc.platform)
+return true;
+
+return false;
+}
+
+static void
+PowerPCDataFree(union cpuData *data)
+{
+if (data == NULL)
+return;
+VIR_FREE(data);
+}
+
+
+static union cpuData *
+ppcDataCopy(const union cpuData *data)
+{
+union cpuData *copy = NULL;
+
+if (VIR_ALLOC(copy) < 0) {
+PowerPCDataFree(copy);
+return NULL;
+}
+copy->ppc = data->ppc;
+return copy;
+}
+
+
+/* also removes all detected features from data */
 static int
-ConvertModelVendorFromPVR(char ***model,
-  char ***vendor,
-  uint32_t pvr)
+ppcDataToCPUFeatures(virCPUDefPtr cpu,
+ int policy,
+ union cpuData *data,
+ const struct ppc_map *map)
 {
-int i;
+const struct ppc_feature *feature = map->features;
 
-for (i = 0; cpu_defs[i].name; i++) {
-if (cpu_defs[i].pvr == pvr) {
-**model = strdup(cpu_defs[i].name);
-**vendor = strdup(cpu_defs[i].vendor);
-return 0;
+while (feature != NULL) {
+if (ppcDataIsSubset(data, feature->data)) {
+ppcDataSubtract(data, feature->data);
+if (virCPUDefAddFeature(cpu, feature->name, policy) < 0)
+return -1;
 }
+feature = feature->next;
 }
 
-virReportError(VIR_ERR_INTERNAL_ERROR,
-   "%s", _("Missing the definition of this model"));
-return -1;
+return 0;
 }
 
-static int
-ConvertPVRFromModel(const char *model,
-uint32_t *pvr)
+static struct ppc_feature *
+ppcFeatureNew(void)
 {
-int i;
+struct ppc_feature *feature;
 
-for (i = 0; cpu_defs[i].name; i++) {
-if (STREQ(cpu_defs[i].name, model)) {
-*pvr = cpu_defs[i].pvr;
-return 0;
-}
+if (VIR_ALLOC(feature) < 0)
+return NULL;
+
+if (VIR_ALLOC(feature->data) < 0) {
+VIR_FREE(feature);
+return NULL;
+}
+
+return feature;
+}
+
+
+static void
+ppcFeatureFree(struct ppc_feature *feature)
+{
+if (feature == NULL)
+return;
+
+VIR_FREE(feature->name);
+PowerPCDataFree(feature->data);
+VIR_FREE(feature);
+}
+
+
+static struct ppc_feature *
+ppcFeatureFind(const struct ppc_map *map,
+   const char *name)
+{
+struct ppc_feature *feature;
+
+feature = map->features;
+while (feature != NULL) {
+if (STREQ(feature->name, name))
+return feature;
+
+feature = feature->next;
 }
 
-virReportError(VIR_ERR_INTERNAL_ERROR,
-   "%s", _("Missing the definition of this model"));
-return -1;
+return NULL;
 }
 
 static i

[libvirt] [PATCH 1/1][RESEND] Set legacy USB option with default for ppc64.

[Li Zhang]

From: Li Zhang 

Currently, -device xxx still can't work well for ppc64 platform.
It's better use legacy USB option with default for ppc64.

This patch is to legacy USB option with default for ppc64.

Signed-off-by: Li Zhang 
---
 src/qemu/qemu_command.c |3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 1c9bfc9..618dfb1 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -5783,7 +5783,8 @@ qemuBuildCommandLine(virConnectPtr conn,
 }
 } else if (cont->type == VIR_DOMAIN_CONTROLLER_TYPE_USB &&
cont->model == -1 &&
-   !virQEMUCapsGet(qemuCaps, 
QEMU_CAPS_PIIX3_USB_UHCI)) {
+   (!virQEMUCapsGet(qemuCaps, 
QEMU_CAPS_PIIX3_USB_UHCI) ||
+def->os.arch == VIR_ARCH_PPC64)) {
 if (usblegacy) {
 virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
_("Multiple legacy USB controllers are "
-- 
1.7.10.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 1/1][RESEND]Remove contiguous CPU indexes assumption

[Li Zhang]

From: Li Zhang 

When getting CPUs' information, it assumes that CPU indexes
are not contiguous. But for ppc64 platform, CPU indexes are not
contiguous because SMT is needed to be disabled, so CPU information
is not right on ppc64 and vpuinfo, vcpupin can't work corretly.

This patch is to remove the assumption to be compatible with ppc64.

Test:
   4 vcpus are assigned to one VM and execute vcpuinfo command.

   Without patch: There is only one vcpu informaion can be listed.
   With patch: All vcpus' information can be listed correctly.

Signed-off-by: Li Zhang 
---
 src/qemu/qemu_monitor_json.c |7 ---
 1 file changed, 7 deletions(-)

diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 9991a0a..e130f8c 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -1230,13 +1230,6 @@ qemuMonitorJSONExtractCPUInfo(virJSONValuePtr reply,
 goto cleanup;
 }
 
-if (cpu != i) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
-   _("unexpected cpu index %d expecting %d"),
-   i, cpu);
-goto cleanup;
-}
-
 threads[i] = thread;
 }
 
-- 
1.7.10.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCHv2 1/1][RESEND] Optimize machine option to set more options with it.

[Li Zhang]

From: Li Zhang 

Currently, -machine option is used only when dump-guest-core is used.

To use options defined in machine option for new version of QEMU,
it needs to use -machine xxx, and to be compatible with older version
 -M, this patch addes QEMU_CAPS_MACH_OPT capability, and assumes
 -machine is used for QEMU v1.0 onwards.

To avoid the collision for creating USB controllers when using USB
option and -device , it needs to set usb=off in machine option.
QEMU_CAPS_USB_OPT capability is added, and it will be for QEMU
v1.3.0-rc0 onwards which supports USB option.

Signed-off-by: Li Zhang 
---
 src/qemu/qemu_capabilities.c |   10 ++
 src/qemu/qemu_capabilities.h |2 ++
 src/qemu/qemu_command.c  |   36 +---
 tests/qemuxml2argvtest.c |4 ++--
 4 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 51fc9dc..79eb83f 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -205,6 +205,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
   "usb-serial", /* 125 */
   "usb-net",
   "add-fd",
+  "mach-opt",
+  "usb-opt",
 
 );
 
@@ -2416,6 +2418,14 @@ virQEMUCapsInitQMP(virQEMUCapsPtr qemuCaps,
 
 virQEMUCapsInitQMPBasic(qemuCaps);
 
+/* Assuming to use machine option v1.0 onwards*/
+if (qemuCaps->version >= 100)
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACH_OPT);
+
+/* USB option is supported v1.3.0-rc0 onwards */
+if (qemuCaps->version >= 1002090)
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_USB_OPT);
+
 if (!(archstr = qemuMonitorGetTargetArch(mon)))
 goto cleanup;
 
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index e69d558..06aaa68 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -166,6 +166,8 @@ enum virQEMUCapsFlags {
 QEMU_CAPS_DEVICE_USB_SERIAL  = 125, /* -device usb-serial */
 QEMU_CAPS_DEVICE_USB_NET = 126, /* -device usb-net */
 QEMU_CAPS_ADD_FD = 127, /* -add-fd */
+QEMU_CAPS_MACH_OPT   = 128, /* -machine */
+QEMU_CAPS_USB_OPT= 129, /* -machine ,usb=off*/
 
 QEMU_CAPS_LAST,   /* this must always be the last item */
 };
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 6c28123..e7dde21 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4614,6 +4614,8 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
const virDomainDefPtr def,
virQEMUCapsPtr qemuCaps)
 {
+virBuffer buf = VIR_BUFFER_INITIALIZER;
+
 /* This should *never* be NULL, since we always provide
  * a machine in the capabilities data for QEMU. So this
  * check is just here as a safety in case the unexpected
@@ -4621,27 +4623,39 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
 if (!def->os.machine)
 return 0;
 
-if (!def->mem.dump_core) {
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACH_OPT)) {
 /* if no parameter to the machine type is needed, we still use
  * '-M' to keep the most of the compatibility with older versions.
  */
 virCommandAddArgList(cmd, "-M", def->os.machine, NULL);
 } else {
-if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
-virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-   "%s", _("dump-guest-core is not available "
-   " with this QEMU binary"));
-return -1;
-}
 
 /* However, in case there is a parameter to be added, we need to
  * use the "-machine" parameter because qemu is not parsing the
  * "-M" correctly */
+
 virCommandAddArg(cmd, "-machine");
-virCommandAddArgFormat(cmd,
-   "%s,dump-guest-core=%s",
-   def->os.machine,
-   
virDomainMemDumpTypeToString(def->mem.dump_core));
+virBufferAsprintf(&buf, "%s", def->os.machine);
+
+/* To avoid the collision of creating USB controllers when calling
+ * machine->init in QEMU, it needs to set usb=off
+ */
+if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_USB_OPT))
+virBufferAsprintf(&buf, ",usb=off");
+
+if (def->mem.dump_core) {
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+   "%s", _("dump-guest-core is not available "
+" with this QEMU binary"));
+return -1;
+}
+
+virBufferAsprintf(&buf, ",dump-guest-core=%s",
+  
virDomainMemDumpTypeToString(def->mem.dump_core));
+}
+
+virCommandAddArg(cmd, virBufferContentAndReset(&buf));
 }
 
 

[libvirt] [PATCH v2 1/1][RESEND] Add NVRAM device

[Li Zhang]

From: Li Zhang 

For pSeries guest in QEMU, NVRAM is one kind of spapr-vio device.
Users are allowed to specify spapr-vio devices'address.
But NVRAM is not supported in libvirt. So this patch is to
add NVRAM device to allow users to specify its address.

In QEMU, NVRAM device's address is specified by
 "-global spapr-nvram.reg=x".

In libvirt, XML file is defined as the following:

  

  

Signed-off-by: Li Zhang 
---
 * v2 -> v1:
Add NVRAM parameters parsing in qemuParseCommandLine.

 src/conf/domain_conf.c  |   83 ++-
 src/conf/domain_conf.h  |   10 ++
 src/qemu/qemu_command.c |   48 +++
 src/qemu/qemu_command.h |2 ++
 4 files changed, 142 insertions(+), 1 deletion(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 10f361c..8c1e8ae 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -175,7 +175,8 @@ VIR_ENUM_IMPL(virDomainDevice, VIR_DOMAIN_DEVICE_LAST,
   "redirdev",
   "smartcard",
   "chr",
-  "memballoon")
+  "memballoon",
+  "nvram")
 
 VIR_ENUM_IMPL(virDomainDeviceAddress, VIR_DOMAIN_DEVICE_ADDRESS_TYPE_LAST,
   "none",
@@ -1442,6 +1443,16 @@ void 
virDomainMemballoonDefFree(virDomainMemballoonDefPtr def)
 VIR_FREE(def);
 }
 
+void virDomainNVRAMDefFree(virDomainNVRAMDefPtr def)
+{
+if (!def)
+return;
+
+virDomainDeviceInfoClear(&def->info);
+
+VIR_FREE(def);
+}
+
 void virDomainWatchdogDefFree(virDomainWatchdogDefPtr def)
 {
 if (!def)
@@ -1602,6 +1613,7 @@ void virDomainDeviceDefFree(virDomainDeviceDefPtr def)
 case VIR_DOMAIN_DEVICE_SMARTCARD:
 case VIR_DOMAIN_DEVICE_CHR:
 case VIR_DOMAIN_DEVICE_MEMBALLOON:
+case VIR_DOMAIN_DEVICE_NVRAM:
 case VIR_DOMAIN_DEVICE_LAST:
 break;
 }
@@ -1791,6 +1803,7 @@ void virDomainDefFree(virDomainDefPtr def)
 virDomainWatchdogDefFree(def->watchdog);
 
 virDomainMemballoonDefFree(def->memballoon);
+virDomainNVRAMDefFree(def->nvram);
 
 for (i = 0; i < def->nseclabels; i++)
 virSecurityLabelDefFree(def->seclabels[i]);
@@ -2342,6 +2355,12 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def,
 if (cb(def, &device, &def->memballoon->info, opaque) < 0)
 return -1;
 }
+if (def->nvram) {
+device.type = VIR_DOMAIN_DEVICE_NVRAM;
+device.data.nvram = def->nvram;
+if (cb(def, &device, &def->nvram->info, opaque) < 0)
+return -1;
+}
 device.type = VIR_DOMAIN_DEVICE_HUB;
 for (i = 0; i < def->nhubs ; i++) {
 device.data.hub = def->hubs[i];
@@ -7461,6 +7480,23 @@ error:
 goto cleanup;
 }
 
+static virDomainNVRAMDefPtr
+virDomainNVRAMDefParseXML(const xmlNodePtr node,
+   unsigned int flags)
+{
+   virDomainNVRAMDefPtr def;
+
+if (VIR_ALLOC(def) < 0) {
+virReportOOMError();
+return NULL;
+}
+
+if ( virDomainDeviceInfoParseXML(node, NULL, &def->info, flags) < 0 )
+return NULL;
+
+return def;
+}
+
 static virSysinfoDefPtr
 virSysinfoParseXML(const xmlNodePtr node,
   xmlXPathContextPtr ctxt)
@@ -10572,6 +10608,32 @@ virDomainDefParseXML(virCapsPtr caps,
 }
 }
 
+def->nvram = NULL;
+if ((n = virXPathNodeSet("./devices/nvram", ctxt, &nodes)) < 0) {
+goto error;
+}
+
+if (n > 1) {
+virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+   _("only a single nvram device is supported"));
+goto error;
+}
+
+if (n > 0) {
+virDomainNVRAMDefPtr nvram =
+virDomainNVRAMDefParseXML(nodes[0], flags);
+if (!nvram)
+goto error;
+def->nvram = nvram;
+VIR_FREE(nodes);
+} else {
+virDomainNVRAMDefPtr nvram;
+if (VIR_ALLOC(nvram) < 0)
+goto no_memory;
+nvram->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE;
+def->nvram = nvram;
+}
+
 /* analysis of the hub devices */
 if ((n = virXPathNodeSet("./devices/hub", ctxt, &nodes)) < 0) {
 goto error;
@@ -13547,6 +13609,21 @@ virDomainMemballoonDefFormat(virBufferPtr buf,
 }
 
 static int
+virDomainNVRAMDefFormat(virBufferPtr buf,
+ virDomainNVRAMDefPtr def,
+ unsigned int flags)
+{
+virBufferAsprintf(buf, "\n");
+if (virDomainDeviceInfoIsSet(&def->info, flags))
+if (virDomainDeviceInfoFormat(buf, &def->info, flags) < 0)
+return -1;
+
+ virBufferAddLit(buf, "\n");
+
+ return 0;
+}
+
+static int
 virDomainSysinfoDefFormat(virBufferPtr buf,
   virSysinfoDefPtr def)
 {
@@ -14787,6 +14864,9 @@ virDomainDefFormatInternal(virDomainDefPtr def,
 if (def->memballoon)
 virDomainMemballoonDefFormat(buf, def->memballoon, flags);
 
+if (def->nvram)
+virDomainNVRAMDefFormat(buf, 

Re: [libvirt] [PATCH] Daemonize fuse thread in libvirt_lxc

[Doug Goldstein]

On Thu, Mar 7, 2013 at 2:59 PM, Eric Blake  wrote:
> On 03/07/2013 12:02 PM, Daniel P. Berrange wrote:
>> From: "Daniel P. Berrange" 
>>
>> In some startup failure modes, the fuse thread may get itself
>> wedged. This will cause the entire libvirt_lxc process to
>> hang trying to the join the thread. There is no compelling
>> reason to wait for the thread to exit if the whole process
>> is exiting, so kust daemonize the fus thread instead.
>
> s/kust/just/; s/fus/fuse/
>
>>
>> Signed-off-by: Daniel P. Berrange 
>> ---
>>  src/lxc/lxc_fuse.c | 4 +---
>>  1 file changed, 1 insertion(+), 3 deletions(-)
>
> ACK.
>
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org

Backported to v1.0.3-maint.

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v5 3/3] selinux: deal with dtb file

[Olivia Yin]

---
 src/security/security_dac.c |8 
 src/security/security_selinux.c |8 
 src/security/virt-aa-helper.c   |4 
 3 files changed, 20 insertions(+), 0 deletions(-)

diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 0b274b7..35b90da 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -760,6 +760,10 @@ 
virSecurityDACRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
 virSecurityDACRestoreSecurityFileLabel(def->os.initrd) < 0)
 rc = -1;
 
+if (def->os.dtb &&
+virSecurityDACRestoreSecurityFileLabel(def->os.dtb) < 0)
+rc = -1;
+
 return rc;
 }
 
@@ -822,6 +826,10 @@ virSecurityDACSetSecurityAllLabel(virSecurityManagerPtr 
mgr,
 virSecurityDACSetOwnership(def->os.initrd, user, group) < 0)
 return -1;
 
+if (def->os.dtb &&
+virSecurityDACSetOwnership(def->os.dtb, user, group) < 0)
+return -1;
+
 return 0;
 }
 
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a042b26..0dbfd35 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -1720,6 +1720,10 @@ 
virSecuritySELinuxRestoreSecurityAllLabel(virSecurityManagerPtr mgr,
 virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.initrd) < 0)
 rc = -1;
 
+if (def->os.dtb &&
+virSecuritySELinuxRestoreSecurityFileLabel(mgr, def->os.dtb) < 0)
+rc = -1;
+
 return rc;
 }
 
@@ -2116,6 +2120,10 @@ 
virSecuritySELinuxSetSecurityAllLabel(virSecurityManagerPtr mgr,
 virSecuritySELinuxSetFilecon(def->os.initrd, data->content_context) < 
0)
 return -1;
 
+if (def->os.dtb &&
+virSecuritySELinuxSetFilecon(def->os.dtb, data->content_context) < 0)
+return -1;
+
 if (stdin_path) {
 if (virSecuritySELinuxSetFilecon(stdin_path, data->content_context) < 
0 &&
 virStorageFileIsSharedFSType(stdin_path,
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index c1a3ec9..f764f77 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -993,6 +993,10 @@ get_files(vahControl * ctl)
 if (vah_add_file(&buf, ctl->def->os.initrd, "r") != 0)
 goto clean;
 
+if (ctl->def->os.dtb)
+if (vah_add_file(&buf, ctl->def->os.dtb, "r") != 0)
+goto clean;
+
 if (ctl->def->os.loader && ctl->def->os.loader)
 if (vah_add_file(&buf, ctl->def->os.loader, "r") != 0)
 goto clean;
-- 
1.6.4


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v5 2/3] qemu: add dtb option supprt

[Olivia Yin]

The "dtb" option sets the filename for the device tree.
If without this option support, "-dtb file" will be converted into
 in domain XML file.
For example, '-dtb /media/ram/test.dtb' will be converted into
  


  

This is not very friendly.
This patchset add special  tag like  and 
which is easier for user to write domain XML file.
  
hvm
/media/ram/uImage
/media/ram/ramdisk
/media/ram/test.dtb
root=/dev/ram rw console=ttyS0,115200
  
---
 src/qemu/qemu_capabilities.c |8 -
 src/qemu/qemu_capabilities.h |1 +
 src/qemu/qemu_command.c  |6 
 tests/qemuhelptest.c |   30 +--
 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args |1 +
 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml  |   28 ++
 tests/qemuxml2argvtest.c |2 +
 tests/testutilsqemu.c|   33 ++
 8 files changed, 97 insertions(+), 12 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 79cfdb3..636608a 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -210,7 +210,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
 
   "rng-random", /* 130 */
   "rng-egd",
-  "virtio-ccw"
+  "virtio-ccw",
+  "dtb",
 );
 
 struct _virQEMUCaps {
@@ -1173,8 +1174,10 @@ virQEMUCapsComputeCmdFlags(const char *help,
 if (version >= 12000)
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_PCI_ROMBAR);
 
-if (version >= 11000)
+if (version >= 11000) {
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_CPU_HOST);
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_DTB);
+}
 
 if (version >= 1002000)
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_DEVICE_VIDEO_PRIMARY);
@@ -2299,6 +2302,7 @@ virQEMUCapsInitQMPBasic(virQEMUCapsPtr qemuCaps)
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_NETDEV_BRIDGE);
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_SECCOMP_SANDBOX);
 virQEMUCapsSet(qemuCaps, QEMU_CAPS_NO_KVM_PIT);
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_DTB);
 }
 
 
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 5c5dc5a..9f88593 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -172,6 +172,7 @@ enum virQEMUCapsFlags {
virtio rng */
 QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
 QEMU_CAPS_VIRTIO_CCW = 132, /* -device virtio-*-ccw */
+QEMU_CAPS_DTB= 133, /* -dtb file */
 
 QEMU_CAPS_LAST,   /* this must always be the last item */
 };
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index e7f2325..a95d41c 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -5984,6 +5984,8 @@ qemuBuildCommandLine(virConnectPtr conn,
 virCommandAddArgList(cmd, "-initrd", def->os.initrd, NULL);
 if (def->os.cmdline)
 virCommandAddArgList(cmd, "-append", def->os.cmdline, NULL);
+if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_DTB) && def->os.dtb)
+virCommandAddArgList(cmd, "-dtb", def->os.dtb, NULL);
 } else {
 virCommandAddArgList(cmd, "-bootloader", def->os.bootloader, NULL);
 }
@@ -9161,6 +9163,10 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr qemuCaps,
 WANT_VALUE();
 if (!(def->os.cmdline = strdup(val)))
 goto no_memory;
+} else if (STREQ(arg, "-dtb")) {
+WANT_VALUE();
+if (!(def->os.dtb = strdup(val)))
+goto no_memory;
 } else if (STREQ(arg, "-boot")) {
 const char *token = NULL;
 WANT_VALUE();
diff --git a/tests/qemuhelptest.c b/tests/qemuhelptest.c
index 720a188..460c5fd 100644
--- a/tests/qemuhelptest.c
+++ b/tests/qemuhelptest.c
@@ -339,7 +339,8 @@ mymain(void)
 QEMU_CAPS_NO_ACPI,
 QEMU_CAPS_VIRTIO_BLK_SG_IO,
 QEMU_CAPS_CPU_HOST,
-QEMU_CAPS_VNC);
+QEMU_CAPS_VNC,
+QEMU_CAPS_DTB);
 DO_TEST("qemu-kvm-0.12.1.2-rhel60", 12001, 1, 0,
 QEMU_CAPS_VNC_COLON,
 QEMU_CAPS_NO_REBOOT,
@@ -397,7 +398,8 @@ mymain(void)
 QEMU_CAPS_DEVICE_CIRRUS_VGA,
 QEMU_CAPS_DEVICE_VMWARE_SVGA,
 QEMU_CAPS_DEVICE_USB_SERIAL,
-QEMU_CAPS_DEVICE_USB_NET);
+QEMU_CAPS_DEVICE_USB_NET,
+QEMU_CAPS_DTB);
 DO_TEST("qemu-kvm-0.12.3", 12003, 1, 0,
 QEMU_CAPS_VNC_COLON,
 QEMU_CAPS_NO_REBOOT,
@@ -440,7 +442,8 @@ mymain(void)
 QEMU_CAPS_NO_ACPI,
 QEMU_CAPS_VIRTIO_BLK_SG_IO,
 QEMU_CAPS_CPU_HOST,
-QEMU_CAPS_VNC);
+

[libvirt] [PATCH v5 0/3] qemu: -dtb option support

[Olivia Yin]

Since v1.1 QEMU provides -dtb option to support loading device tree binary 
images.
These patches update qemu commands/capabilities for dtb and provide docs/tests.

Olivia Yin (3):
  conf: support  tag in XML domain file
  qemu: add dtb option supprt
  selinux: deal with dtb file

 docs/formatdomain.html.in|5 +++
 docs/schemas/domaincommon.rng|6 
 src/conf/domain_conf.c   |4 ++
 src/conf/domain_conf.h   |1 +
 src/qemu/qemu_capabilities.c |8 -
 src/qemu/qemu_capabilities.h |1 +
 src/qemu/qemu_command.c  |6 
 src/security/security_dac.c  |8 +
 src/security/security_selinux.c  |8 +
 src/security/virt-aa-helper.c|4 ++
 tests/qemuhelptest.c |   30 +--
 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args |1 +
 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml  |   28 ++
 tests/qemuxml2argvtest.c |2 +
 tests/testutilsqemu.c|   33 ++
 15 files changed, 133 insertions(+), 12 deletions(-)
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args
 create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v5 1/3] conf: support tag in XML domain file

[Olivia Yin]

---
 docs/formatdomain.html.in |5 +
 docs/schemas/domaincommon.rng |6 ++
 src/conf/domain_conf.c|4 
 src/conf/domain_conf.h|1 +
 4 files changed, 16 insertions(+), 0 deletions(-)

diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 35b47f2..b38a668 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -232,6 +232,7 @@
 /root/f8-i386-vmlinuz
 /root/f8-i386-initrd
 console=ttyS0 
ks=http://example.com/f8-i386/os/;
+/root/ppc.dtb
   
   ...
 
@@ -253,6 +254,10 @@
 the kernel (or installer) at boottime. This is often used to
 specify an alternate primary console (eg serial port), or the
 installation media source / kickstart file
+  dtb
+  The contents of this element specify the fully-qualified path
+to the (optional) device tree binary (dtb) image in the host OS.
+Since 1.0.4
 
 
 Container boot
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index c40263c..687f026 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -367,6 +367,7 @@
 g3beige
 mac99
 prep
+ppce500v2
   
 
   
@@ -835,6 +836,11 @@
   
 
   
+  
+
+  
+
+  
 
   
   
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 95d2ff2..0981a5e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -1849,6 +1849,7 @@ void virDomainDefFree(virDomainDefPtr def)
 VIR_FREE(def->os.kernel);
 VIR_FREE(def->os.initrd);
 VIR_FREE(def->os.cmdline);
+VIR_FREE(def->os.dtb);
 VIR_FREE(def->os.root);
 VIR_FREE(def->os.loader);
 VIR_FREE(def->os.bootloader);
@@ -10234,6 +10235,7 @@ virDomainDefParseXML(virCapsPtr caps,
 def->os.kernel = virXPathString("string(./os/kernel[1])", ctxt);
 def->os.initrd = virXPathString("string(./os/initrd[1])", ctxt);
 def->os.cmdline = virXPathString("string(./os/cmdline[1])", ctxt);
+def->os.dtb = virXPathString("string(./os/dtb[1])", ctxt);
 def->os.root = virXPathString("string(./os/root[1])", ctxt);
 def->os.loader = virXPathString("string(./os/loader[1])", ctxt);
 }
@@ -14856,6 +14858,8 @@ virDomainDefFormatInternal(virDomainDefPtr def,
   def->os.initrd);
 virBufferEscapeString(buf, "%s\n",
   def->os.cmdline);
+virBufferEscapeString(buf, "%s\n",
+  def->os.dtb);
 virBufferEscapeString(buf, "%s\n",
   def->os.root);
 
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 0fe43c5..1c0b238 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1550,6 +1550,7 @@ struct _virDomainOSDef {
 char *kernel;
 char *initrd;
 char *cmdline;
+char *dtb;
 char *root;
 char *loader;
 char *bootloader;
-- 
1.6.4


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 1/2] qemu: add support for dtb option

[Yin Olivia-R63875]

> -Original Message-
> From: Eric Blake [mailto:ebl...@redhat.com]
> Sent: Thursday, March 14, 2013 6:48 AM
> To: Yin Olivia-R63875
> Cc: libvir-list@redhat.com
> Subject: Re: [libvirt] [PATCH v4 1/2] qemu: add support for dtb option
> 
> On 03/12/2013 10:35 PM, Olivia Yin wrote:
> > Signed-off-by: Olivia Yin 
> 
> Libvirt does not (currently) require Signed-off-by lines (but someday, we
> may decide to have a flag day where we declare that all future
> contributions follow the same developer certificate of origin as what the
> qemu and kernel projects currently use).  But if you are going to include
> one, it is typical to put it...
> 
> >
> > The "dtb" option sets the filename for the device tree.
> > If without this option support, "-dtb file" will be converted into
> >  in domain XML file.
> > For example, '-dtb /media/ram/test.dtb' will be converted into
> >   
> > 
> > 
> >   
> >
> > This is not very friendly.
> > This patchset add special  tag like  and  which
> > is easier for user to write domain XML file.
> >   
> > hvm
> > /media/ram/uImage
> > /media/ram/ramdisk
> > /media/ram/test.dtb
> > root=/dev/ram rw console=ttyS0,115200
> >   
> 
> ...here, at the bottom of the commit message.
> 
> > ---
> >  src/qemu/qemu_capabilities.c |6 
> >  src/qemu/qemu_capabilities.h |1 +
> >  src/qemu/qemu_command.c  |6 
> >  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args |1 +
> >  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml  |   28
> ++
> >  tests/qemuxml2argvtest.c |2 +
> >  6 files changed, 44 insertions(+), 0 deletions(-)  create mode 100644
> > tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args
> >  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml
> 
> Even after applying patch 2/2 and fixing the RNG to accept the new machine
> type of your new .xml file, this patch fails 'make check'
> because you forgot to update existing tests:

Yes, I need also add testQemuAddPPCGuest() in tests/testutilsqemu.c.

> 259) QEMU XML-2-ARGV ppc-dtb
> ... libvirt: Domain Config error : internal error No guest options
> available for arch 'ppc'
> FAILED
> FAIL: qemuxml2argvtest
> 
> ...
> 17) QEMU Help String Parsing qemu-kvm-1.2.0 ... qemu-kvm-1.2.0: computed
> flags do not match: got 0x00106fb4bff2f1bffdeffd76fffdfd6e,
> expected 0x6fb4bff2f1bffdeffd76fffdfd6e
> Extra flag 132
> FAILED
> FAIL: qemuhelptest

Thanks for the detail information.
It needs add QEMU_CAPS_DTB flags in the newer versions.

> At this point, I gave up - it looks like you are the first person to
> attempt arch='ppc' in the testsuite, and that we haven't prepped the
> testsuite to handle this yet. 

I'll add testQemuAddPPCGuest() in tests/testutilsqemu.c which handle the 
testsuite for ppc arch.

 Can you please repost your patches, and this
> time ensure that 'make check' passes after each patch is applies?


I'll make sure pass 'make syntax-check' and 'make check' before post next 
version.


> Reorder things so that domain_conf is edited before the qemu files, and
> make sure the subject lines are accurate (2/2 was about XML and not QEMU,
> and only 1/2 added qemu support for the new XML).

OK.

  Also, don't forget Dan's
> comment to tweak the security managers to allow SELinux labeling of the dtb
> file.

The new patchset includes:
1/3  conf: support  tag in XML domain file
2/3  qemu: add dtb option supprt
3/3  selinux: deal with dtb file


Thanks a lot.

Best Regards,
Olivia
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 0/2] qemu: -dtb option support

[Yin Olivia-R63875]

Hi Daniel,

Thank you very much for the guide.

Best Regards,
Olivia

> -Original Message-
> From: Daniel P. Berrange [mailto:berra...@redhat.com]
> Sent: Thursday, March 14, 2013 12:56 AM
> To: Yin Olivia-R63875
> Cc: libvir-list@redhat.com
> Subject: Re: [libvirt] [PATCH v4 0/2] qemu: -dtb option support
> 
> On Wed, Mar 13, 2013 at 12:35:53PM +0800, Olivia Yin wrote:
> > Sometime QEMU need load specific device tree binary images.
> > These patches provide -dtb option support and update docs/tests.
> >
> > Olivia Yin (2):
> >   qemu: add support for dtb option
> >   conf: Add support for dtb option in QEMU
> 
> I'm guessing you're running without apparmour/selinux enabled. You need to
> update the files in src/security to deal with the new dtb files, since
> they'll need labelling for the security policy. Just grep for 'os.initrd'
> in src/security and add the equivalent code for os.dtb. This can be done as
> a 3rd patch - no need to change the current 2 patches you have here
> 
> 
> Daniel
> --
> |: http://berrange.com  -o-
> http://www.flickr.com/photos/dberrange/ :|
> |: http://libvirt.org  -o- http://virt-
> manager.org :|
> |: http://autobuild.org   -o-
> http://search.cpan.org/~danberr/ :|
> |: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-
> vnc :|


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 1/2] util: fix a integer boundary error

[Doug Goldstein]

On Tue, Mar 5, 2013 at 10:50 AM, Eric Blake  wrote:
> On 03/05/2013 09:29 AM, Guannan Ren wrote:
>> A value which is equal to a integer maximum such as LLONG_MAX is
>> a valid integer value.
>>
>> The patch fix the following error:
>> 1, virsh memtune vm --swap-hard-limit -1
>> 2, virsh start vm
>> In debug mode, it shows error like:
>> virScaleInteger:1813 : numerical overflow:\
>>value too large: 9007199254740991KiB
>> ---
>>  src/util/virutil.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> ACK.
>
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org

Backported to v1.0.3-maint.

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 2/2] qemu: update domain live xml for virsh memtune with --live flag

[Doug Goldstein]

On Tue, Mar 5, 2013 at 10:51 AM, Eric Blake  wrote:
> On 03/05/2013 09:29 AM, Guannan Ren wrote:
>> virsh subcommand memtune forgot updating domain live xml
>> after setting cgroup value.
>> ---
>>  src/qemu/qemu_driver.c | 36 +---
>>  1 file changed, 21 insertions(+), 15 deletions(-)
>
> ACK.
>
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org


Backported to v1.0.3-maint.

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] lxc: Init activeUsbHostdevs

[Doug Goldstein]

On Sun, Mar 10, 2013 at 8:56 PM, Osier Yang  wrote:
> On 2013年03月09日 23:08, Guido Günther wrote:
>>
>> otherwise we crash with
>>
>>   #0  virUSBDeviceListFind (list=0x0, dev=dev@entry=0x8193d70) at
>> util/virusb.c:526
>>   #1  0xb1a4995b in virLXCPrepareHostdevUSBDevices
>> (driver=driver@entry=0x815d9a0, name=0x815dbf8 "debian-700267",
>> list=list@entry=0x81d8f08) at lxc/lxc_hostdev.c:88
>>   #2  0xb1a49fce in virLXCPrepareHostUSBDevices (def=0x8193af8,
>> driver=0x815d9a0) at lxc/lxc_hostdev.c:261
>>   #3  virLXCPrepareHostDevices (driver=driver@entry=0x815d9a0,
>> def=0x8193af8) at lxc/lxc_hostdev.c:328
>>   #4  0xb1a4c5b1 in virLXCProcessStart (conn=0x817d3f8,
>> driver=driver@entry=0x815d9a0, vm=vm@entry=0x8190908,
>> autoDestroy=autoDestroy@entry=false,
>> reason=reason@entry=VIR_DOMAIN_RUNNING_BOOTED)
>>   at lxc/lxc_process.c:1068
>>   #5  0xb1a57e00 in lxcDomainStartWithFlags (dom=dom@entry=0x815e460,
>> flags=flags@entry=0) at lxc/lxc_driver.c:1014
>>   #6  0xb1a57fc3 in lxcDomainStart (dom=0x815e460) at
>> lxc/lxc_driver.c:1046
>>   #7  0xb79c8375 in virDomainCreate (domain=domain@entry=0x815e460) at
>> libvirt.c:8450
>>   #8  0x08078959 in remoteDispatchDomainCreate (args=0x81920a0,
>> rerr=0xb65c21d0, client=0xb0d00490, server=, msg=> out>) at remote_dispatch.h:1066
>>   #9  remoteDispatchDomainCreateHelper (server=0x80c4928,
>> client=0xb0d00490, msg=0xb0d005b0, rerr=0xb65c21d0, args=0x81920a0,
>> ret=0x815d208) at remote_dispatch.h:1044
>>   #10 0xb7a36901 in virNetServerProgramDispatchCall (msg=0xb0d005b0,
>> client=0xb0d00490, server=0x80c4928, prog=0x80c6438) at
>> rpc/virnetserverprogram.c:432
>>   #11 virNetServerProgramDispatch (prog=0x80c6438,
>> server=server@entry=0x80c4928, client=0xb0d00490, msg=0xb0d005b0) at
>> rpc/virnetserverprogram.c:305
>>   #12 0xb7a300a7 in virNetServerProcessMsg (msg=,
>> prog=, client=, srv=0x80c4928) at
>> rpc/virnetserver.c:162
>>   #13 virNetServerHandleJob (jobOpaque=0xb0d00510, opaque=0x80c4928) at
>> rpc/virnetserver.c:183
>>   #14 0xb7924f98 in virThreadPoolWorker (opaque=opaque@entry=0x80a94b0) at
>> util/virthreadpool.c:144
>>   #15 0xb7924515 in virThreadHelper (data=0x80a9440) at
>> util/virthreadpthread.c:161
>>   #16 0xb7887c39 in start_thread (arg=0xb65c2b70) at pthread_create.c:304
>>   #17 0xb77eb78e in clone () at
>> ../sysdeps/unix/sysv/linux/i386/clone.S:130
>>
>> when adding a domain with a usb device. This is Debian bug
>>
>>  http://bugs.debian.org/700267
>> ---
>>   src/lxc/lxc_driver.c |4 
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
>> index f136df2..338b8eb 100644
>> --- a/src/lxc/lxc_driver.c
>> +++ b/src/lxc/lxc_driver.c
>> @@ -1469,6 +1469,9 @@ static int lxcStartup(bool privileged,
>>   if (lxcSecurityInit(lxc_driver)<  0)
>>   goto cleanup;
>>
>> +if ((lxc_driver->activeUsbHostdevs = virUSBDeviceListNew()) == NULL)
>> +goto cleanup;
>> +
>>   if ((lxc_driver->caps = lxcCapsInit(lxc_driver)) == NULL)
>>   goto cleanup;
>>
>> @@ -1559,6 +1562,7 @@ static int lxcShutdown(void)
>>
>>   virLXCProcessAutoDestroyShutdown(lxc_driver);
>>
>> +virObjectUnref(lxc_driver->activeUsbHostdevs);
>>   virObjectUnref(lxc_driver->caps);
>>   virObjectUnref(lxc_driver->securityManager);
>>   VIR_FREE(lxc_driver->configDir);
>
>
> ACK.
>

Pushed to v1.0.3-maint

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] virsh: fix snapshot-create with no xmlfile

[Doug Goldstein]

On Mon, Mar 11, 2013 at 7:48 AM, Peter Krempa  wrote:
> On 03/11/13 13:40, Ján Tomko wrote:
>>
>> Properly check the return value of vshCommandOptStringReq for xmlfile:
>> * error out on incorrect input (--xmlfile '')
>> * use default XML  with no --xmlfile specified
>>
>> (Broken by commit b2e8585)
>>
>> Bug: https://bugzilla.redhat.com/show_bug.cgi?id=919826
>> ---
>>   tools/virsh-snapshot.c | 4 +++-
>>   1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/tools/virsh-snapshot.c b/tools/virsh-snapshot.c
>> index ed41014..d994fd9 100644
>> --- a/tools/virsh-snapshot.c
>> +++ b/tools/virsh-snapshot.c
>> @@ -211,7 +211,9 @@ cmdSnapshotCreate(vshControl *ctl, const vshCmd *cmd)
>>   if (!(dom = vshCommandOptDomain(ctl, cmd, NULL)))
>>   goto cleanup;
>>
>> -if (vshCommandOptStringReq(ctl, cmd, "xmlfile", &from) < 0) {
>> +if (vshCommandOptStringReq(ctl, cmd, "xmlfile", &from) < 0)
>> +goto cleanup;
>> +if (!from) {
>>   buffer = vshStrdup(ctl, "");
>
>
> This fallback code is really weird. We should have rejected missing XML name
> by default and encourage to use "snapshot-create-as".
>
>
>>   } else {
>>   if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0) {
>>
>
> ACK to this patch, though. We probably have to support that code forever now
> :(.
>
> Peter

Pushed to v1.0.3-maint

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] lxc: include sys/{types,stat}.h

[Doug Goldstein]

On Fri, Mar 8, 2013 at 12:02 PM, Eric Blake  wrote:
> On 03/08/2013 09:40 AM, Guido Günther wrote:
>> This fixes the build on Debian Wheezy which otherwise fails with:
>>
>>   CC libvirt_driver_lxc_impl_la-lxc_process.lo
>>   lxc/lxc_process.c: In function 'virLXCProcessGetNsInode':
>>   lxc/lxc_process.c:648:5: error: implicit declaration of function 'stat' 
>> [-Werror=implicit-function-declaration]
>>   lxc/lxc_process.c:648:5: error: nested extern declaration of 'stat' 
>> [-Werror=nested-externs]
>>   cc1: all warnings being treated as errors
>> ---
>>  src/lxc/lxc_process.c |2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
>> index 0d5a070..ecfac50 100644
>> --- a/src/lxc/lxc_process.c
>> +++ b/src/lxc/lxc_process.c
>> @@ -21,6 +21,8 @@
>>
>>  #include 
>>
>> +#include 
>
> Pointless.  POSIX guarantees that headers are self-contained without
> needing .
>
>> +#include 
>
> Required - ACK to this one line addition.
>
> --
> Eric Blake   eblake redhat com+1-919-301-3266
> Libvirt virtualization library http://libvirt.org

Pushed the ACK'd part to v1.0.3-maint

Thanks.
-- 
Doug Goldstein

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 2/6] LXC: introduce virLXCControllerSetupUserns and lxcContainerSetUserns

[Gao feng]

On 2013/03/13 18:57, Daniel P. Berrange wrote:
> On Mon, Mar 11, 2013 at 02:26:48PM +0800, Gao feng wrote:
>> This patch introduces new helper function
>> virLXCControllerSetupUserns, in this function,
>> we set the files uid_map and gid_map of process
>> libvirt_lxc.
>>
>> lxcContainerSetUserns is used for creating cred for
>> tasks running in container. Since after setuid/setgid,
>> we may be a new user. This patch calls lxcContainerSetUserns
>> at first to make sure the new created files belong to
>> right user.
>>
>> Signed-off-by: Gao feng 
>> ---
>>  src/lxc/lxc_container.c  | 55 ++--
>>  src/lxc/lxc_controller.c | 66 
>> 
>>  2 files changed, 107 insertions(+), 14 deletions(-)
>>
>> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
>> index 1d7bc1e..5c66ae3 100644
>> --- a/src/lxc/lxc_container.c
>> +++ b/src/lxc/lxc_container.c
>> @@ -329,6 +329,29 @@ int lxcContainerWaitForContinue(int control)
>>  
>>  
>>  /**
>> + * lxcContainerSetUserns:
>> + *
>> + * This function calls setuid and setgid to create proper
>> + * cred for tasks running in container.
>> + *
>> + * Returns 0 on success or -1 in case of error
>> + */
>> +static int lxcContainerSetUserns(virDomainDefPtr def)
>> +{
>> +if (def->os.userns != VIR_DOMAIN_USER_NS_ENABLED)
>> +return 0;
>> +
>> +if (virSetUIDGID(def->os.uidmap.first,
>> + def->os.gidmap.first) < 0) {
>> +virReportSystemError(errno, "%s",
>> + _("setuid or setgid failed"));
>> +return -1;
>> +}
>> +
>> +return 0;
>> +}
> 
> I don't see why we should force the init process to have the first
> UID in the map. The init process should always start as uid:gid 0:0
> regardless of mapping IMHO. If we want a capability to start the
> init process as a different uid:gid, then that should involve separate
> XML configuration.
> 

Yes,kernel provides flexible interface.but we can force the [u,g]ser id of
init process to 0:0.

>> @@ -2221,6 +2244,24 @@ static int lxcContainerChild(void *data)
>>  }
>>  }
>>  
>> +if (!virFileExists(vmDef->os.init)) {
>> +virReportSystemError(errno,
>> +_("cannot find init path '%s' relative to container 
>> root"),
>> +vmDef->os.init);
>> +goto cleanup;
>> +}
>> +
>> +/* Wait for interface devices to show up */
>> +if (lxcContainerWaitForContinue(argv->monitor) < 0) {
>> +virReportSystemError(errno, "%s",
>> + _("Failed to read the container continue 
>> message"));
>> +goto cleanup;
>> +}
>> +VIR_DEBUG("Received container continue message");
> 
> I don't really see why you're moving these lines - they are unrelated
> to user namespaces.
> 

This change ensure the init process has new cred first.
see lxcContainerSetUserns below.
>> +
>> +if (lxcContainerSetUserns(vmDef) < 0)
>> +goto cleanup;
>> +
>>  VIR_DEBUG("Container TTY path: %s", ttyPath);
>>  
>>  ttyfd = open(ttyPath, O_RDWR|O_NOCTTY);
>> @@ -2236,20 +2277,6 @@ static int lxcContainerChild(void *data)
>>  argv->securityDriver) < 0)
>>  goto cleanup;
>>  
>> -if (!virFileExists(vmDef->os.init)) {
>> -virReportSystemError(errno,
>> -_("cannot find init path '%s' relative to container 
>> root"),
>> -vmDef->os.init);
>> -goto cleanup;
>> -}
>> -
>> -/* Wait for interface devices to show up */
>> -if (lxcContainerWaitForContinue(argv->monitor) < 0) {
>> -virReportSystemError(errno, "%s",
>> - _("Failed to read the container continue 
>> message"));
>> -goto cleanup;
>> -}
>> -VIR_DEBUG("Received container continue message");
>>  
>>  /* rename and enable interfaces */
>>  if (lxcContainerRenameAndEnableInterfaces(!!(vmDef->features &
>> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
>> index 15aa334..f17142f 100644
>> --- a/src/lxc/lxc_controller.c
>> +++ b/src/lxc/lxc_controller.c
>> @@ -1028,6 +1028,69 @@ cleanup2:
>>  }
>>  
>>  
>> +/**
>> + * virLXCControllerSetupUserns
>> + *
>> + * Set proc files for user namespace
>> + *
>> + * Returns 0 on success or -1 in case of error
>> + */
>> +static int virLXCControllerSetupUserns(virLXCControllerPtr ctrl)
>> +{
>> +char *uid_map = NULL;
>> +char *gid_map = NULL;
>> +char *uidmap_value = NULL;
>> +char *gidmap_value = NULL;
>> +int ret = -1;
>> +
>> +if (ctrl->def->os.userns != VIR_DOMAIN_USER_NS_ENABLED)
>> +return 0;
>> +
>> +if (virAsprintf(&uid_map, "/proc/%d/uid_map", ctrl->initpid) < 0)
>> +goto cleanup;
>> +
>> +if (virAsprintf(&gid_map, "/proc/%d/gid_map", ctrl->initpid) < 0)
>> +goto cleanup;
>> +
>> +if (virAsprintf(&uidmap_value, "%u %u %u",
>> +   

Re: [libvirt] [RFC PATCH 1/6] LXC: New XML element for user namespace

[Gao feng]

On 2013/03/13 18:51, Daniel P. Berrange wrote:
> On Mon, Mar 11, 2013 at 02:26:47PM +0800, Gao feng wrote:
>> This patch introduces three new elements in  for
>> user namespace. for example
>> 
>> 
>> 
>> 
>> 
>>
>> this new element userns is used for controlling if enable
>> userns for the domain.
> 
> We've previously used the  block to control whether
> namespaces are enabled. So I'd prefer to see that we use
> a '' feature flag for this purpose.
> 

Yes, this is more reasonable.
Will do it.
>> the other two elements uidmap and gidmap are used for
>> setting proc files /proc//{uid_map,gid_map}.
> 
> There can be many entries per maps, so we should be grouping
> them in some way. I don't think they belong inside  since
> that is about the guest boot mechanism.
> 
> Instead we want something like
> 
>
>   
>   
>   
>   
>
> 
> 
> If a  element is present, then we should automatically
> set the  feature flag during parsing, if not already
> set by the user.
> 

Get it.
Thanks!

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 5/6] LXC: create tty device with proper permission for container

[Gao feng]

On 2013/03/13 19:08, Daniel P. Berrange wrote:
> On Mon, Mar 11, 2013 at 02:26:51PM +0800, Gao feng wrote:
>> Since the root user of container may be a normal
>> user on host, we should make sure the container
>> has rights to use the tty device.
>>
>> Signed-off-by: Gao feng 
>> ---
>>  src/lxc/lxc_controller.c | 8 ++--
>>  1 file changed, 6 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
>> index c6f8c3b..4715f84 100644
>> --- a/src/lxc/lxc_controller.c
>> +++ b/src/lxc/lxc_controller.c
>> @@ -1311,6 +1311,7 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
>>  char *opts = NULL;
>>  char *devpts = NULL;
>>  int ret = -1;
>> +uid_t uid = 0;
>>  
>>  if (!root) {
>>  if (ctrl->nconsoles != 1) {
>> @@ -1367,10 +1368,13 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
>>  goto cleanup;
>>  }
>>  
>> +if (ctrl->def->os.userns == VIR_DOMAIN_USER_NS_ENABLED)
>> +uid = ctrl->def->os.uidmap.low_first;
>> +
>>  /* XXX should we support gid=X for X!=5 for distros which use
>>   * a different gid for tty?  */
>> -if (virAsprintf(&opts, "newinstance,ptmxmode=0666,mode=0620,gid=5%s",
>> -(mount_options ? mount_options : "")) < 0) {
>> +if (virAsprintf(&opts, 
>> "newinstance,ptmxmode=0666,mode=0620,uid=%d,gid=5%s",
>> +uid, (mount_options ? mount_options : "")) < 0) {
>>  virReportOOMError();
>>  goto cleanup;
>>  }
> 
> This is bogus, if no 'uid' parameter is set for devpts, then the
> PTYs that are created automatically get given the uid associated
> with the calling process, which is what you want. With this change,
> you are hardcoding the 'uid' regardless of what UID the process in
> the container is running as, which will break things if any container
> process changes its uid. 
> 

Thanks for teaching me this!
What we should do is change the owner of /dev/pts/x to the low_first user.
I am right?

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] qemu: detect multi-head qxl via more than version check

[Eric Blake]

Multi-head QXL support is so useful that distros have started to
backport it to qemu earlier than 1.2.  After discussion with
Alon Levy, we determined that the existence of the qxl-vga.surfaces
property is a reliable indicator of whether '-device qxl-vga' works,
or whether we have to stick to the older '-vga qxl'.  I'm leaving
in the existing check for QEMU_CAPS_DEVICE_VIDEO_PRIMARY tied to
qemu 1.2 and newer (in case qemu is built without qxl support),
but for those distros that backport qxl, this additional capability
check will allow the correct command line for both RHEL 6.3 (which
lacks the feature) and RHEL 6.4 (where qemu still claims to be
version 0.12.2.x, but has backported multi-head qxl).

* src/qemu/qemu_capabilities.c (virQEMUCapsObjectPropsQxlVga): New
property test.
(virQEMUCapsExtractDeviceStr): Probe for backport of new
capability to qemu earlier than 1.2.
* tests/qemuhelpdata/qemu-kvm-1.2.0-device: Update test.
* tests/qemuhelpdata/qemu-1.2.0-device: Likewise.
* tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device:
Likewise.
---
 src/qemu/qemu_capabilities.c|  7 +++
 tests/qemuhelpdata/qemu-1.2.0-device| 16 
 tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device | 10 ++
 tests/qemuhelpdata/qemu-kvm-1.2.0-device| 16 
 4 files changed, 49 insertions(+)

diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 79cfdb3..17747c1 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -1383,6 +1383,10 @@ static struct virQEMUCapsStringFlags 
virQEMUCapsObjectPropsUsbHost[] = {
 { "bootindex", QEMU_CAPS_USB_HOST_BOOTINDEX },
 };

+static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsQxlVga[] = {
+{ "surfaces", QEMU_CAPS_DEVICE_VIDEO_PRIMARY },
+};
+
 struct virQEMUCapsObjectTypeProps {
 const char *type;
 struct virQEMUCapsStringFlags *props;
@@ -1416,6 +1420,8 @@ static struct virQEMUCapsObjectTypeProps 
virQEMUCapsObjectProps[] = {
   ARRAY_CARDINALITY(virQEMUCapsObjectPropsUsbRedir) },
 { "usb-host", virQEMUCapsObjectPropsUsbHost,
   ARRAY_CARDINALITY(virQEMUCapsObjectPropsUsbHost) },
+{ "qxl-vga", virQEMUCapsObjectPropsQxlVga,
+  ARRAY_CARDINALITY(virQEMUCapsObjectPropsQxlVga) },
 };


@@ -1613,6 +1619,7 @@ virQEMUCapsExtractDeviceStr(const char *qemu,
  "-device", "usb-redir,?",
  "-device", "ide-drive,?",
  "-device", "usb-host,?",
+ "-device", "qxl-vga,?",
  NULL);
 /* qemu -help goes to stdout, but qemu -device ? goes to stderr.  */
 virCommandSetErrorBuffer(cmd, &output);
diff --git a/tests/qemuhelpdata/qemu-1.2.0-device 
b/tests/qemuhelpdata/qemu-1.2.0-device
index 5613e00..027d99a 100644
--- a/tests/qemuhelpdata/qemu-1.2.0-device
+++ b/tests/qemuhelpdata/qemu-1.2.0-device
@@ -208,3 +208,19 @@ usb-host.bootindex=int32
 usb-host.pipeline=on/off
 usb-host.port=string
 usb-host.full-path=on/off
+qxl-vga.ram_size=uint32
+qxl-vga.vram_size=uint32
+qxl-vga.revision=uint32
+qxl-vga.debug=uint32
+qxl-vga.guestdebug=uint32
+qxl-vga.cmdlog=uint32
+qxl-vga.ram_size_mb=uint32
+qxl-vga.vram_size_mb=uint32
+qxl-vga.vram64_size_mb=uint32
+qxl-vga.vgamem_mb=uint32
+qxl-vga.surfaces=int32
+qxl-vga.addr=pci-devfn
+qxl-vga.romfile=string
+qxl-vga.rombar=uint32
+qxl-vga.multifunction=on/off
+qxl-vga.command_serr_enable=on/off
diff --git a/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device 
b/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device
index ee0fd78..5eab539 100644
--- a/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device
+++ b/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device
@@ -118,3 +118,13 @@ virtio-net-pci.addr=pci-devfn
 virtio-net-pci.romfile=string
 virtio-net-pci.rombar=uint32
 virtio-net-pci.multifunction=on/off
+qxl-vga.ram_size=uint32
+qxl-vga.vram_size=uint32
+qxl-vga.revision=uint32
+qxl-vga.debug=uint32
+qxl-vga.guestdebug=uint32
+qxl-vga.cmdlog=uint32
+qxl-vga.addr=pci-devfn
+qxl-vga.romfile=string
+qxl-vga.rombar=uint32
+qxl-vga.multifunction=on/off
diff --git a/tests/qemuhelpdata/qemu-kvm-1.2.0-device 
b/tests/qemuhelpdata/qemu-kvm-1.2.0-device
index 879a049..ebc27f0 100644
--- a/tests/qemuhelpdata/qemu-kvm-1.2.0-device
+++ b/tests/qemuhelpdata/qemu-kvm-1.2.0-device
@@ -220,3 +220,19 @@ usb-host.bootindex=int32
 usb-host.pipeline=on/off
 usb-host.port=string
 usb-host.full-path=on/off
+qxl-vga.ram_size=uint32
+qxl-vga.vram_size=uint32
+qxl-vga.revision=uint32
+qxl-vga.debug=uint32
+qxl-vga.guestdebug=uint32
+qxl-vga.cmdlog=uint32
+qxl-vga.ram_size_mb=uint32
+qxl-vga.vram_size_mb=uint32
+qxl-vga.vram64_size_mb=uint32
+qxl-vga.vgamem_mb=uint32
+qxl-vga.surfaces=int32
+qxl-vga.addr=pci-devfn
+qxl-vga.romfile=string
+qxl-vga.rombar=uint32
+qxl-vga.multifunction=on/off
+qxl-vga.command_serr_enable=on/off
-- 
1.8.1.4

--
libvir-list mailing li

Re: [libvirt] [RFC PATCH 4/6] LXC: Creating devices for container on host side

[Gao feng]

On 2013/03/13 19:02, Daniel P. Berrange wrote:
> On Mon, Mar 11, 2013 at 02:26:50PM +0800, Gao feng wrote:
>> user namespace doesn't allow to create devices in
>> uninit userns. We should create devices on host side.
>>
>> Signed-off-by: Gao feng 
>> ---
>>  src/lxc/lxc_container.c  | 47 +++
>>  src/lxc/lxc_controller.c | 83 
>> 
>>  2 files changed, 94 insertions(+), 36 deletions(-)
> 
> We actually need this change independently of user namespaces. Currently
> the cgroup devices setup we do allows 'mknod' permission, when it really
> ought to be blocked. If we move the setup code into the controller then
> we can fix the cgroup devices setup to block mknod too.
> 

Yes, Agree with you.

I will add this one into my patchset.

>> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
>> index 92af3e5..58d6ee5 100644
>> --- a/src/lxc/lxc_container.c
>> +++ b/src/lxc/lxc_container.c
>> @@ -681,22 +681,10 @@ static int lxcContainerMountFSDevPTS(virDomainFSDefPtr 
>> root)
>>  return rc;
>>  }
>>  
>> -static int lxcContainerPopulateDevices(char **ttyPaths, size_t nttyPaths)
>> +static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths)
>>  {
>>  size_t i;
>>  const struct {
>> -int maj;
>> -int min;
>> -mode_t mode;
>> -const char *path;
>> -} devs[] = {
>> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/dev/null" },
>> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/dev/zero" },
>> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/dev/full" },
>> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/dev/random" },
>> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/dev/urandom" },
>> -};
>> -const struct {
>>  const char *src;
>>  const char *dst;
>>  } links[] = {
>> @@ -706,18 +694,6 @@ static int lxcContainerPopulateDevices(char **ttyPaths, 
>> size_t nttyPaths)
>>  { "/proc/self/fd", "/dev/fd" },
>>  };
>>  
>> -/* Populate /dev/ with a few important bits */
>> -for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) {
>> -dev_t dev = makedev(devs[i].maj, devs[i].min);
>> -if (mknod(devs[i].path, S_IFCHR, dev) < 0 ||
>> -chmod(devs[i].path, devs[i].mode)) {
>> -virReportSystemError(errno,
>> - _("Failed to make device %s"),
>> - devs[i].path);
>> -return -1;
>> -}
>> -}
>> -
>>  for (i = 0 ; i < ARRAY_CARDINALITY(links) ; i++) {
>>  if (symlink(links[i].src, links[i].dst) < 0) {
>>  virReportSystemError(errno,
>> @@ -737,15 +713,6 @@ static int lxcContainerPopulateDevices(char **ttyPaths, 
>> size_t nttyPaths)
>>   _("Failed to bind /dev/pts/ptmx on to 
>> /dev/ptmx"));
>>  return -1;
>>  }
>> -} else {
>> -/* Legacy devpts, so we need to just use shared one */
>> -dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX);
>> -if (mknod("/dev/ptmx", S_IFCHR, dev) < 0 ||
>> -chmod("/dev/ptmx", 0666)) {
>> -virReportSystemError(errno, "%s",
>> - _("Failed to make device /dev/ptmx"));
>> -return -1;
>> -}
>>  }
>>  
>>  for (i = 0 ; i < nttyPaths ; i++) {
>> @@ -1988,8 +1955,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr 
>> vmDef,
>>  if (lxcContainerMountFSDevPTS(root) < 0)
>>  goto cleanup;
>>  
>> -/* Populates device nodes in /dev/ */
>> -if (lxcContainerPopulateDevices(ttyPaths, nttyPaths) < 0)
>> +/* Setup device nodes in /dev/ */
>> +if (lxcContainerSetupDevices(ttyPaths, nttyPaths) < 0)
>>  goto cleanup;
>>  
>>  /* Sets up any non-root mounts from guest config */
>> @@ -2306,6 +2273,14 @@ static int lxcContainerChild(void *data)
>>  goto cleanup;
>>  }
>>  
>> +/* Wait for controller creating devices for container */
>> +if (lxcContainerWaitForContinue(argv->monitor) < 0) {
>> +virReportSystemError(errno, "%s",
>> + _("Failed to read the container continue 
>> message"));
>> +goto cleanup;
>> +}
>> +VIR_DEBUG("Received container continue message, create devices 
>> success.");
>> +
>>  ret = 0;
>>  cleanup:
>>  VIR_FREE(ttyPath);
>> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
>> index f17142f..c6f8c3b 100644
>> --- a/src/lxc/lxc_controller.c
>> +++ b/src/lxc/lxc_controller.c
>> @@ -1092,6 +1092,79 @@ cleanup:
>>  }
>>  
>>  
>> +static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
>> +{
>> +size_t i;
>> +char *ptmx = NULL;
>> +const struct {
>> +int maj;
>> +int min;
>> +mode_t mode;
>> +const char *path;
>> +} devs[] = {
>> +{ LXC_DEV_MAJ_MEMORY, LXC_D

Re: [libvirt] [PATCH] v1:Support for adding a static route to a bridge

[Gene Czarcinski]

On 03/13/2013 04:04 PM, Gene Czarcinski wrote:

This patch adds support for adding a static route for
a network.  The "via" specifies the gateway's IP
address.  Both IPv4 and IPv6 static routes are
supported although it is expected that this
functionality will have more use with IPv6.

Extensive tests are done to validate that the input
definitions are correct.  For example, for a static
route ip definition, the address must be for a network
and not a host.
I have been doing some thinking about the submitted patch and, while it 
works when everything is as it should be, I believe that there should be 
some additional checks to ensure that no unexpected code paths are taken 
(such as if someone would edit a network xml file with vi rather than 
using virsh net-nedit).


Gene

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 3/6] LXC: only mount cgroupfs when userns is disabled

[Gao feng]

On 2013/03/13 18:59, Daniel P. Berrange wrote:
> On Mon, Mar 11, 2013 at 02:26:49PM +0800, Gao feng wrote:
>> Since we can't mount cgroupfs in uninit user namespace
>> now. only mount cgroupfs when userns is disabled.
>>
>> Signed-off-by: Gao feng 
>> ---
>>  src/lxc/lxc_container.c | 6 --
>>  1 file changed, 4 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
>> index 5c66ae3..92af3e5 100644
>> --- a/src/lxc/lxc_container.c
>> +++ b/src/lxc/lxc_container.c
>> @@ -1979,7 +1979,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr 
>> vmDef,
>>  
>>  /* Now we can re-mount the cgroups controllers in the
>>   * same configuration as before */
>> -if (lxcContainerMountCGroups(mounts, nmounts,
>> +if (vmDef->os.userns != VIR_DOMAIN_USER_NS_ENABLED &&
>> +lxcContainerMountCGroups(mounts, nmounts,
>>   cgroupRoot, sec_mount_options) < 0)
>>  goto cleanup;
>>  
>> @@ -2087,7 +2088,8 @@ static int 
>> lxcContainerSetupExtraMounts(virDomainDefPtr vmDef,
>>  
>>  /* Now we can re-mount the cgroups controllers in the
>>   * same configuration as before */
>> -if (lxcContainerMountCGroups(mounts, nmounts,
>> +if (vmDef->os.userns != VIR_DOMAIN_USER_NS_ENABLED &&
>> +lxcContainerMountCGroups(mounts, nmounts,
>>   cgroupRoot, sec_mount_options) < 0)
>>  goto cleanup;
> 
> I'm not sure that this is the right approach for this. If we can't mount
> the cgroups filesystems, then we need preserve the existing mounts from
> the host in some way, rather than unmounting them.
> 

I wonder if we should use mount --bind to set cgroupfs for container.
we can mount the directory /sys/fs/cgroup/memory/libvirt/lxc/domain
of host to the directory /sys/fs/cgroup/memory of container.

This can also resolve the cgroup configuration leak problem,
and can also resolve the "failed to mount cgroup" problem reported
by Yin Olivia.

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv4 3/5] S390: QEMU driver support for CCW addresses

[Eric Blake]

On 03/13/2013 09:40 AM, Daniel P. Berrange wrote:
> On Tue, Mar 05, 2013 at 04:44:21PM +0100, Viktor Mihajlovski wrote:
>> This commit adds the QEMU driver support for CCW addresses. The
>> current QEMU only allows virtio devices to be attached to the
>> CCW bus. We named the new capability indicating that support
>> QEMU_CAPS_VIRTIO_CCW accordingly.
>>
>> The fact that CCW devices can only be assigned to domains with a
>> machine type of s390-ccw-virtio requires a few extra checks for
>> machine type in qemu_command.c on top of querying
>> QEMU_CAPS_VIRTIO_{CCW|S390}.
>>

>> +struct _qemuDomainCCWAddressSet {
>> +virHashTablePtr defined;
> 
> Too much whitespace   

I cleaned this up,

> 
>> +virDomainDeviceCCWAddress next;
>> +};
>> +
>> +static char*
>> +qemuCCWAddressAsString(virDomainDeviceCCWAddressPtr addr)
>> +{
>> +char *addrstr = NULL;
>> +
>> +if (virAsprintf(&addrstr, "%x.%x.%04x",
> 
> Should we zero-pad the first two fields too, or is it common
> to only pad the last field in ccw addresses ?

but left this alone.  You can submit a followup patch if it is necessary.

>> -static void
>> -qemuDomainAssignS390Addresses(virDomainDefPtr def, virQEMUCapsPtr qemuCaps)
>> +static int
>> +qemuDomainCCWAddressAllocate(virDomainDefPtr def ATTRIBUTE_UNUSED,
>> + virDomainDeviceDefPtr dev ATTRIBUTE_UNUSED,
>> + virDomainDeviceInfoPtr info,
>> + void * data)
>> +{
>> +return qemuDomainCCWAddressAssign(info,
>> +  (qemuDomainCCWAddressSetPtr)data,
> 
> You don't need to cast  'void *' in C.

I cleaned this up as well.

> ACK, since there's no bugs in my comments, just style issues.

I'll push this, along with the other ACK'd patches in the series, shortly.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 1/2] qemu: add support for dtb option

[Eric Blake]

On 03/12/2013 10:35 PM, Olivia Yin wrote:
> Signed-off-by: Olivia Yin 

Libvirt does not (currently) require Signed-off-by lines (but someday,
we may decide to have a flag day where we declare that all future
contributions follow the same developer certificate of origin as what
the qemu and kernel projects currently use).  But if you are going to
include one, it is typical to put it...

> 
> The "dtb" option sets the filename for the device tree.
> If without this option support, "-dtb file" will be converted into
>  in domain XML file.
> For example, '-dtb /media/ram/test.dtb' will be converted into
>   
> 
> 
>   
> 
> This is not very friendly.
> This patchset add special  tag like  and 
> which is easier for user to write domain XML file.
>   
> hvm
> /media/ram/uImage
> /media/ram/ramdisk
> /media/ram/test.dtb
> root=/dev/ram rw console=ttyS0,115200
>   

...here, at the bottom of the commit message.

> ---
>  src/qemu/qemu_capabilities.c |6 
>  src/qemu/qemu_capabilities.h |1 +
>  src/qemu/qemu_command.c  |6 
>  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args |1 +
>  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml  |   28 
> ++
>  tests/qemuxml2argvtest.c |2 +
>  6 files changed, 44 insertions(+), 0 deletions(-)
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml

Even after applying patch 2/2 and fixing the RNG to accept the new
machine type of your new .xml file, this patch fails 'make check'
because you forgot to update existing tests:

259) QEMU XML-2-ARGV ppc-dtb
... libvirt: Domain Config error : internal error No guest options
available for arch 'ppc'
FAILED
FAIL: qemuxml2argvtest

...
17) QEMU Help String Parsing qemu-kvm-1.2.0
... qemu-kvm-1.2.0: computed flags do not match: got
0x00106fb4bff2f1bffdeffd76fffdfd6e, expected
0x6fb4bff2f1bffdeffd76fffdfd6e
Extra flag 132
FAILED
FAIL: qemuhelptest

At this point, I gave up - it looks like you are the first person to
attempt arch='ppc' in the testsuite, and that we haven't prepped the
testsuite to handle this yet.  Can you please repost your patches, and
this time ensure that 'make check' passes after each patch is applies?
Reorder things so that domain_conf is edited before the qemu files, and
make sure the subject lines are accurate (2/2 was about XML and not
QEMU, and only 1/2 added qemu support for the new XML).  Also, don't
forget Dan's comment to tweak the security managers to allow SELinux
labeling of the dtb file.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 3/3] Fix parsing of SELinux ranges without a category

[Eric Blake]

On 03/13/2013 12:04 PM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> Normally libvirtd should run with a SELinux label
> 
>   system_u:system_r:virtd_t:s0-s0:c0.c1023
> 
> If a user manually runs libvirtd though, it is sometimes
> possible to get into a situation where it is running
> 
>   system_u:system_r:init_t:s0
> 
> The SELinux security driver isn't expecting this and can't
> parse the security label since it lacks the ':c0.c1023' part
> causing it to complain
> 
>   internal error Cannot parse sensitivity level in s0
> 
> This updates the parser to cope with this, so if no category
> is present, libvirtd will hardcode the equivalent of c0.c1023.
> 
> Now this won't work if SELinux is in Enforcing mode, but that's
> not an issue, because the user can only get into this problem
> if in Permissive mode. This means they can now start VMs in
> Permissive mode without hitting that parsing error
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/security/security_selinux.c | 38 +-
>  tests/securityselinuxtest.c | 12 
>  2 files changed, 41 insertions(+), 9 deletions(-)

ACK.


> + *
> + * In the first two cases, we'll assume c0.c1023 for
> + * the category part, since that's what we're really
> + * interested in. This won't work in Enforcing mode,
> + * but will prevent libvirtd breaking in Permissive
> + * mode when run with a wierd procss label.

s/wierd procss/weird process/

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 2/3] Separate MCS range parsing from MCS range checking

[Eric Blake]

On 03/13/2013 12:04 PM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> Pull the code which parses the current process MCS range
> out of virSecuritySELinuxMCSFind and into a new method
> virSecuritySELinuxMCSGetProcessRange.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/security/security_selinux.c | 135 
> 
>  1 file changed, 80 insertions(+), 55 deletions(-)
> 

ACK.

> +for (;;) {
> +int c1 = virRandomInt(catRange);
> +int c2 = virRandomInt(catRange);
> +
> +VIR_DEBUG("Try cat %s:c%d,c%d", sens, c1+catMin, c2+catMin);

Cosmetic: spaces around '+'

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Prevent streams from becoming libvirtd controlling TTY

[Eric Blake]

On 03/13/2013 11:24 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> When opening a stream to a device which is a TTY, that device
> may become the controlling TTY of libvirtd, if libvirtd was
> daemonized. This in turn means when the other end of the stream
> closes, libvirtd gets SIGHUP, causing it to reload its config.
> Prevent this by forcing O_NOCTTY on all streams that are opened
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/fdstream.c | 2 ++
>  1 file changed, 2 insertions(+)

ACK.  Bet you had fun tracking down that dark corner of POSIX.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Avoid closing uninitialized FDs when LXC startup fails

[Eric Blake]

On 03/13/2013 11:32 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> If an LXC domain failed to start because of a bogus SELinux
> label, virLXCProcessStart would call VIR_CLOSE(0) by mistake.
> This is because the code which initializes the member of the
> ttyFDs array to -1 got moved too far away from the place where
> the array is first allocated.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/lxc/lxc_process.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)

ACK.

> +for (i = 0 ; i < vm->def->nconsoles ; i++)
> +ttyFDs[i] = -1;

Is it any more efficient to write:

memset(ttyFDs, -1, sizeof(ttyFDs[0]) * vm->def->nconsoles);

But it's probably not a critical path, and I'm not sure the rewrite adds
any legibility, so it is probably just a premature micro-optimization.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH 1/3] Fix memory leak on OOM in virSecuritySELinuxMCSFind

[Eric Blake]

On 03/13/2013 12:04 PM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> The body of the loop in virSecuritySELinuxMCSFind would
> directly 'return NULL' on OOM, instead of jumping to the
> cleanup label. This caused a leak of several local vars.
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/security/security_selinux.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

ACK, and a bit surprised Coverity hasn't called us on it.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 2/2] conf: Add support for dtb option in QEMU

[Eric Blake]

On 03/13/2013 03:58 PM, Eric Blake wrote:
> On 03/12/2013 10:35 PM, Olivia Yin wrote:
>> Signed-off-by: Olivia Yin 
>>
>> This patch adds support to set the device trees file.
>> ---
> 
>> +  dtb
>> +  The contents of this element specify the fully-qualified path
>> +to the (optional) device tree binary (dtb) image in the host OS.
>> +Since 1.0.4
> 
> I've added markup that we use in other "since ..." notations, for
> consistency.

Also, I had to squash this in, to keep 'make check' happy:

diff --git i/docs/schemas/domaincommon.rng w/docs/schemas/domaincommon.rng
index 88e89dd..4d97892 100644
--- i/docs/schemas/domaincommon.rng
+++ w/docs/schemas/domaincommon.rng
@@ -367,6 +367,7 @@
 g3beige
 mac99
 prep
+ppce500v2
   
 
   

I didn't see anywhere else in our code where we validated against
g3beige or mac99; so for now, I didn't feel too bad adding yet another
unchecked string.  But it seems like someday, we will need to add code
in src/conf/domain_conf.* that lists the entire set of ppc architecture
machine names that we are willing to pass on to qemu, and/or relax the
RNG grammar to support an arbitrary set of machine names the way we do
for arch='x86'.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Re-add DTrace probes on 'dispose' functions

[Eric Blake]

On 03/13/2013 01:21 PM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> When converting to virObject, the probes on the 'Free' functions
> were removed on the basis that there is a probe on virObjectFree
> that suffices. This puts a burden on people writing probe scripts
> to identify which object is being dispose. This adds back probes

I'm guessing you personally experienced that burden :)

> in the 'Dispose' functions and updates the rpc monitor systemtap
> example to use them
> 
> Signed-off-by: Daniel P. Berrange 
> ---

ACK.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Fix generation of systemtap probes for RPC protocols

[Eric Blake]

On 03/13/2013 01:21 PM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> The naming used in the RPC protocols for the LXC monitor and
> lock daemon confused the script used to generate systemtap
> helper functions. Rename the LXC monitor protocol symbols to
> reduce confusion. Adapt the gensystemtap.pl script to cope
> with the LXC monitor / lock daemon naming conversions.
> 
> This has no functional impact on RPC wire protocol, since
> names are only used in the C layer

ACK.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] util: fix clear_emulator_capabilities=0

[Eric Blake]

On 03/13/2013 01:37 PM, Laine Stump wrote:
> My commit 7a2e845a865dc7fa82d2393ea2a770cfc8cf00b4 (and its
> prerequisites) managed to effectively ignore the
> clear_emulator_capabilities setting in qemu.conf (visible in the code
> as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the
> result that the capabilities are always cleared regardless of the
> qemu.conf setting. This patch fixes it by passing the flag through to
> virSetUIDGIDWithCaps(), which uses it to decide whether or not to
> clear existing capabilities before adding in those that were
> requested.
> 
> Note that the existing capabilities are *always* cleared if the new
> process is going to run as non-root, since the whole point of running
> non-root is to have the capabilities removed (it's still possible to
> add back individual capabilities as needed though).
> ---
> This will need to be backported to v1.0.3-maint.

Yeah, now that Fedora 19 has branched and settled on 1.0.3 as its
starting point, it looks like v1.0.3-maint will be getting lots of fixes :)

> +if (virSetUIDGIDWithCaps(cmd->uid, cmd->gid, cmd->capabilities,
> + (cmd->flags & VIR_EXEC_CLEAR_CAPS)) < 0) {

While gnulib guarantees that we have , it also states that we
cannot rely on C99 rules for slamming random integers into 1 when
converting into a bool context (especially true for C89 compilers using
gnulib's emulation, but apparently there are also buggy C99 compilers
that miscompile things).  This should use '(cmd->flags &
VIR_EXEC_CLEAR_CAPS) != 0' (or !! if you don't like != 0), just to be safe.

> +/* First drop all caps (unless the requested uid is "unchanged" or
> + * root and clearExistingCaps wasn't requested), then add back
> + * those in capBits + the extra ones we need to change uid/gid and
> + * change the capabilities bounding set.
>   */
>  
> -capng_clear(CAPNG_SELECT_BOTH);
> +if (clearExistingCaps || (uid != 1 && uid != 0))

Did you mean uid != 0?

ACK with those problems addressed.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 2/2] conf: Add support for dtb option in QEMU

[Eric Blake]

On 03/12/2013 10:35 PM, Olivia Yin wrote:
> Signed-off-by: Olivia Yin 
> 
> This patch adds support to set the device trees file.
> ---

> +  dtb
> +  The contents of this element specify the fully-qualified path
> +to the (optional) device tree binary (dtb) image in the host OS.
> +Since 1.0.4

I've added markup that we use in other "since ..." notations, for
consistency.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] v1:Support for adding a static route to a bridge

[Gene Czarcinski]

This patch adds support for adding a static route for
a network.  The "via" specifies the gateway's IP
address.  Both IPv4 and IPv6 static routes are
supported although it is expected that this
functionality will have more use with IPv6.

Extensive tests are done to validate that the input
definitions are correct.  For example, for a static
route ip definition, the address must be for a network
and not a host.
Signed-off-by: Gene Czarcinski 
---
 docs/formatnetwork.html.in |  32 ++-
 docs/schemas/network.rng   |   3 +
 src/conf/network_conf.c| 104 -
 src/conf/network_conf.h|   2 +
 src/libvirt_private.syms   |   1 +
 src/network/bridge_driver.c|  38 
 src/util/virnetdev.c   |  47 ++
 src/util/virnetdev.h   |   5 +
 .../networkxml2xmlin/dhcp6host-routed-network.xml  |   4 +
 .../networkxml2xmlout/dhcp6host-routed-network.xml |   4 +
 10 files changed, 236 insertions(+), 4 deletions(-)

diff --git a/docs/formatnetwork.html.in b/docs/formatnetwork.html.in
index 4dd0415..f0cadf0 100644
--- a/docs/formatnetwork.html.in
+++ b/docs/formatnetwork.html.in
@@ -537,7 +537,9 @@
   associated with the virtual network, and optionally enable DHCP
   services. These elements are only valid for isolated networks
   (no forward element specified), and for those with
-  a forward mode of 'route' or 'nat'.
+  a forward mode of 'route' or 'nat'. Another optional addressing
+  element via can be used to establish a static
+  route for IPv4 or IPv6 networks.
 
 
 
@@ -560,6 +562,7 @@
   
 
 
+
   
 
 
@@ -633,7 +636,10 @@
 IPv6, multiple addresses on a single network, family, and
 prefix are support Since 0.8.7.
 Similar to IPv4, one IPv6 address per network can also have
-a dhcp definition.  Since 1.0.1
+a dhcp definition.  Since 
1.0.1 The via
+can be used to establish a static route for IPv4 or IPv6 networks.  It 
is an error
+to specify via and dhcp for the same IP 
address.
+Since 1.0.4
 
 
   tftp
@@ -809,6 +815,28 @@
 
   
 
+
+  Below is yet another IPv6 variation.  This variation has only IPv6
+  defined with DHCPv6 on the primary IPv6 network.  A second IPv6
+  network has a static link to a host on the first (virtual) IPv6
+  network.  Since 1.0.4
+
+
+
+  
+net7
+
+
+
+  
+
+
+  
+
+
+
+  
+
 Isolated network config
 
 
diff --git a/docs/schemas/network.rng b/docs/schemas/network.rng
index 6c3fae2..c1cca23 100644
--- a/docs/schemas/network.rng
+++ b/docs/schemas/network.rng
@@ -262,6 +262,9 @@
   
 
 
+  
+
+
   
 
   
diff --git a/src/conf/network_conf.c b/src/conf/network_conf.c
index c022fe4..a5f7be2 100644
--- a/src/conf/network_conf.c
+++ b/src/conf/network_conf.c
@@ -1149,8 +1149,10 @@ virNetworkIPDefParseXML(const char *networkName,
 
 xmlNodePtr cur, save;
 char *address = NULL, *netmask = NULL;
-unsigned long prefix;
+char *gateway = NULL;
+unsigned long prefix = 0;
 int result = -1;
+virSocketAddr testAddr;
 
 save = ctxt->node;
 ctxt->node = node;
@@ -1162,6 +1164,7 @@ virNetworkIPDefParseXML(const char *networkName,
 def->prefix = 0;
 else
 def->prefix = prefix;
+gateway = virXPathString("string(./@via)", ctxt);
 
 netmask = virXPathString("string(./@netmask)", ctxt);
 
@@ -1175,7 +1178,17 @@ virNetworkIPDefParseXML(const char *networkName,
 
 }
 
-/* validate family vs. address */
+if (gateway) {
+if (virSocketAddrParse(&def->gateway, gateway, AF_UNSPEC) < 0) {
+virReportError(VIR_ERR_XML_ERROR,
+   _("Bad gateway address '%s' in definition of 
network '%s'"),
+   gateway, networkName);
+goto cleanup;
+}
+
+}
+
+/* validate family vs. address (and gateway address too) */
 if (def->family == NULL) {
 

[libvirt] [PATCH] util: fix clear_emulator_capabilities=0

[Laine Stump]

My commit 7a2e845a865dc7fa82d2393ea2a770cfc8cf00b4 (and its
prerequisites) managed to effectively ignore the
clear_emulator_capabilities setting in qemu.conf (visible in the code
as the VIR_EXEC_CLEAR_CAPS flag when qemu is being exec'ed), with the
result that the capabilities are always cleared regardless of the
qemu.conf setting. This patch fixes it by passing the flag through to
virSetUIDGIDWithCaps(), which uses it to decide whether or not to
clear existing capabilities before adding in those that were
requested.

Note that the existing capabilities are *always* cleared if the new
process is going to run as non-root, since the whole point of running
non-root is to have the capabilities removed (it's still possible to
add back individual capabilities as needed though).
---
This will need to be backported to v1.0.3-maint.

 src/util/vircommand.c |  4 +++-
 src/util/virutil.c| 16 ++--
 src/util/virutil.h|  3 ++-
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/src/util/vircommand.c b/src/util/vircommand.c
index f672101..08d3d29 100644
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@@ -639,8 +639,10 @@ virExec(virCommandPtr cmd)
 cmd->capabilities || (cmd->flags & VIR_EXEC_CLEAR_CAPS)) {
 VIR_DEBUG("Setting child uid:gid to %d:%d with caps %llx",
   (int)cmd->uid, (int)cmd->gid, cmd->capabilities);
-if (virSetUIDGIDWithCaps(cmd->uid, cmd->gid, cmd->capabilities) < 0)
+if (virSetUIDGIDWithCaps(cmd->uid, cmd->gid, cmd->capabilities,
+ (cmd->flags & VIR_EXEC_CLEAR_CAPS)) < 0) {
 goto fork_error;
+}
 }
 
 if (cmd->pwd) {
diff --git a/src/util/virutil.c b/src/util/virutil.c
index 4605c78..634b7e3 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -2998,18 +2998,21 @@ virGetGroupName(gid_t gid ATTRIBUTE_UNUSED)
  * errno).
  */
 int
-virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits)
+virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits,
+ bool clearExistingCaps)
 {
 int ii, capng_ret, ret = -1;
 bool need_setgid = false, need_setuid = false;
 bool need_prctl = false, need_setpcap = false;
 
-/* First drop all caps except those in capBits + the extra ones we
- * need to change uid/gid and change the capabilities bounding
- * set.
+/* First drop all caps (unless the requested uid is "unchanged" or
+ * root and clearExistingCaps wasn't requested), then add back
+ * those in capBits + the extra ones we need to change uid/gid and
+ * change the capabilities bounding set.
  */
 
-capng_clear(CAPNG_SELECT_BOTH);
+if (clearExistingCaps || (uid != 1 && uid != 0))
+   capng_clear(CAPNG_SELECT_BOTH);
 
 for (ii = 0; ii <= CAP_LAST_CAP; ii++) {
 if (capBits & (1ULL << ii)) {
@@ -3095,7 +3098,8 @@ cleanup:
 
 int
 virSetUIDGIDWithCaps(uid_t uid, gid_t gid,
- unsigned long long capBits ATTRIBUTE_UNUSED)
+ unsigned long long capBits ATTRIBUTE_UNUSED,
+ bool clearExistingCaps ATTRIBUTE_UNUSED)
 {
 return virSetUIDGID(uid, gid);
 }
diff --git a/src/util/virutil.h b/src/util/virutil.h
index 2dc3403..665ad78 100644
--- a/src/util/virutil.h
+++ b/src/util/virutil.h
@@ -54,7 +54,8 @@ int virPipeReadUntilEOF(int outfd, int errfd,
 char **outbuf, char **errbuf);
 
 int virSetUIDGID(uid_t uid, gid_t gid);
-int virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits);
+int virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits,
+ bool clearExistingCaps);
 
 int virFileReadLimFD(int fd, int maxlen, char **buf) ATTRIBUTE_RETURN_CHECK;
 
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] Fix generation of systemtap probes for RPC protocols

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

The naming used in the RPC protocols for the LXC monitor and
lock daemon confused the script used to generate systemtap
helper functions. Rename the LXC monitor protocol symbols to
reduce confusion. Adapt the gensystemtap.pl script to cope
with the LXC monitor / lock daemon naming conversions.

This has no functional impact on RPC wire protocol, since
names are only used in the C layer

Signed-off-by: Daniel P. Berrange 
---
 src/Makefile.am|  8 +---
 src/lxc/lxc_controller.c   | 26 +-
 src/lxc/lxc_monitor.c  | 26 +-
 src/lxc/lxc_monitor.h  |  2 +-
 src/lxc/lxc_monitor_protocol.x | 24 
 src/lxc/lxc_process.c  |  8 
 src/rpc/gensystemtap.pl|  6 +++---
 7 files changed, 51 insertions(+), 49 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index a6cc839..0c0dfb3 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -460,12 +460,12 @@ LXC_MONITOR_PROTOCOL = 
$(srcdir)/lxc/lxc_monitor_protocol.x
 $(srcdir)/lxc/lxc_monitor_dispatch.h: $(srcdir)/rpc/gendispatch.pl \
$(LXC_MONITOR_PROTOCOL)
$(AM_V_GEN)$(PERL) -w $(srcdir)/rpc/gendispatch.pl \
- -k virLXCProtocol VIR_LXC_MONITOR_PROTOCOL $(LXC_MONITOR_PROTOCOL) > 
$@
+ -k virLXCMonitor VIR_LXC_MONITOR $(LXC_MONITOR_PROTOCOL) > $@
 
 $(srcdir)/lxc/lxc_controller_dispatch.h: $(srcdir)/rpc/gendispatch.pl \
$(REMOTE_PROTOCOL)
$(AM_V_GEN)$(PERL) -w $(srcdir)/rpc/gendispatch.pl \
- -b virLXCProtocol VIR_LXC_MONITOR_PROTOCOL $(LXC_MONITOR_PROTOCOL) > 
$@
+ -b virLXCMonitor VIR_LXC_MONITOR $(LXC_MONITOR_PROTOCOL) > $@
 
 EXTRA_DIST += \
$(LXC_MONITOR_PROTOCOL) \
@@ -1591,7 +1591,9 @@ RPC_PROBE_FILES = $(srcdir)/rpc/virnetprotocol.x \
  $(srcdir)/rpc/virkeepaliveprotocol.x \
  $(srcdir)/remote/remote_protocol.x \
  $(srcdir)/remote/lxc_protocol.x \
- $(srcdir)/remote/qemu_protocol.x
+ $(srcdir)/remote/qemu_protocol.x \
+ $(srcdir)/lxc/lxc_monitor_protocol.x \
+ $(srcdir)/locking/lock_protocol.x
 
 libvirt_functions.stp: $(RPC_PROBE_FILES) $(srcdir)/rpc/gensystemtap.pl
$(AM_V_GEN)$(PERL) -w $(srcdir)/rpc/gensystemtap.pl $(RPC_PROBE_FILES) 
> $@
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 5e422ad..becf811 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -713,10 +713,10 @@ static int 
virLXCControllerSetupServer(virLXCControllerPtr ctrl)
 virObjectUnref(svc);
 svc = NULL;
 
-if (!(ctrl->prog = virNetServerProgramNew(VIR_LXC_PROTOCOL_PROGRAM,
-  VIR_LXC_PROTOCOL_PROGRAM_VERSION,
-  virLXCProtocolProcs,
-  virLXCProtocolNProcs)))
+if (!(ctrl->prog = virNetServerProgramNew(VIR_LXC_MONITOR_PROGRAM,
+  VIR_LXC_MONITOR_PROGRAM_VERSION,
+  virLXCMonitorProcs,
+  virLXCMonitorNProcs)))
 goto error;
 
 virNetServerUpdateServices(ctrl->server, true);
@@ -1415,25 +1415,25 @@ static int
 virLXCControllerEventSendExit(virLXCControllerPtr ctrl,
   int exitstatus)
 {
-virLXCProtocolExitEventMsg msg;
+virLXCMonitorExitEventMsg msg;
 
 VIR_DEBUG("Exit status %d (client=%p)", exitstatus, ctrl->client);
 memset(&msg, 0, sizeof(msg));
 switch (exitstatus) {
 case 0:
-msg.status = VIR_LXC_PROTOCOL_EXIT_STATUS_SHUTDOWN;
+msg.status = VIR_LXC_MONITOR_EXIT_STATUS_SHUTDOWN;
 break;
 case 1:
-msg.status = VIR_LXC_PROTOCOL_EXIT_STATUS_REBOOT;
+msg.status = VIR_LXC_MONITOR_EXIT_STATUS_REBOOT;
 break;
 default:
-msg.status = VIR_LXC_PROTOCOL_EXIT_STATUS_ERROR;
+msg.status = VIR_LXC_MONITOR_EXIT_STATUS_ERROR;
 break;
 }
 
 virLXCControllerEventSend(ctrl,
-  VIR_LXC_PROTOCOL_PROC_EXIT_EVENT,
-  (xdrproc_t)xdr_virLXCProtocolExitEventMsg,
+  VIR_LXC_MONITOR_PROC_EXIT_EVENT,
+  (xdrproc_t)xdr_virLXCMonitorExitEventMsg,
   (void*)&msg);
 
 if (ctrl->client) {
@@ -1451,15 +1451,15 @@ static int
 virLXCControllerEventSendInit(virLXCControllerPtr ctrl,
   pid_t initpid)
 {
-virLXCProtocolInitEventMsg msg;
+virLXCMonitorInitEventMsg msg;
 
 VIR_DEBUG("Init pid %llu", (unsigned long long)initpid);
 memset(&msg, 0, sizeof(msg));
 msg.initpid = initpid;
 
 virLXCControllerEventSend(ctrl,
-  VIR_LXC_PROTOCOL_PROC_INIT_EVENT,
-   

[libvirt] [PATCH] Re-add DTrace probes on 'dispose' functions

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

When converting to virObject, the probes on the 'Free' functions
were removed on the basis that there is a probe on virObjectFree
that suffices. This puts a burden on people writing probe scripts
to identify which object is being dispose. This adds back probes
in the 'Dispose' functions and updates the rpc monitor systemtap
example to use them

Signed-off-by: Daniel P. Berrange 
---
 examples/systemtap/rpc-monitor.stp | 32 +---
 src/libvirt_probes.d   | 10 ++
 src/rpc/virkeepalive.c |  3 +++
 src/rpc/virnetclient.c |  3 +++
 src/rpc/virnetserverclient.c   |  3 +++
 src/rpc/virnetsocket.c |  4 +++-
 src/rpc/virnettlscontext.c |  6 ++
 7 files changed, 37 insertions(+), 24 deletions(-)

diff --git a/examples/systemtap/rpc-monitor.stp 
b/examples/systemtap/rpc-monitor.stp
index 4695c10..c8d5c17 100644
--- a/examples/systemtap/rpc-monitor.stp
+++ b/examples/systemtap/rpc-monitor.stp
@@ -117,11 +117,9 @@ probe libvirt.rpc.socket_new {
remoteAddrs[pid(), sock] = remoteAddr;
 }
 
-probe libvirt.rpc.socket_free {
-   if (refs == 1) {
-  delete localAddrs[pid(), sock];
-  delete remoteAddrs[pid(), sock];
-  }
+probe libvirt.rpc.socket_dispose {
+   delete localAddrs[pid(), sock];
+   delete remoteAddrs[pid(), sock];
 }
 
 
@@ -131,13 +129,11 @@ probe libvirt.rpc.client_new {
print_ts(sprintf("C + %-16p local=%s remote=%s", client, localAddrs[pid(), 
sock], remoteAddrs[pid(), sock]));
 }
 
-probe libvirt.rpc.client_free {
-   if (refs == 1) {
- print_ts(sprintf("C - %-16p local=%s remote=%s", client,
-  localAddrs[pid(), clientSocks[pid(), client]],
- remoteAddrs[pid(), clientSocks[pid(), client]]));
- delete clientSocks[pid(), client];
-   }
+probe libvirt.rpc.client_dispose {
+   print_ts(sprintf("C - %-16p local=%s remote=%s", client,
+localAddrs[pid(), clientSocks[pid(), client]],
+   remoteAddrs[pid(), clientSocks[pid(), client]]));
+   delete clientSocks[pid(), client];
 }
 
 
@@ -147,13 +143,11 @@ probe libvirt.rpc.server_client_new {
print_ts(sprintf("+ S %-16p local=%s remote=%s", client, localAddrs[pid(), 
sock], remoteAddrs[pid(), sock]));
 }
 
-probe libvirt.rpc.server_client_free {
-   if (refs == 1) {
- print_ts(sprintf("- S %-16p local=%s remote=%s", client,
-  localAddrs[pid(), serverSocks[pid(), client]],
-  remoteAddrs[pid(), serverSocks[pid(), client]]));
- delete serverSocks[pid(), client];
-   }
+probe libvirt.rpc.server_client_dispose {
+   print_ts(sprintf("- S %-16p local=%s remote=%s", client,
+localAddrs[pid(), serverSocks[pid(), client]],
+remoteAddrs[pid(), serverSocks[pid(), client]]));
+   delete serverSocks[pid(), client];
 }
 
 
diff --git a/src/libvirt_probes.d b/src/libvirt_probes.d
index 9343fa4..340d665 100644
--- a/src/libvirt_probes.d
+++ b/src/libvirt_probes.d
@@ -26,6 +26,7 @@ provider libvirt {
# file: src/rpc/virnetsocket.c
# prefix: rpc
probe rpc_socket_new(void *sock, int fd, int errfd, pid_t pid, const 
char *localAddr, const char *remoteAddr);
+   probe rpc_socket_dispose(void *sock);
probe rpc_socket_send_fd(void *sock, int fd);
probe rpc_socket_recv_fd(void *sock, int fd);
 
@@ -33,7 +34,7 @@ provider libvirt {
# file: src/rpc/virnetserverclient.c
# prefix: rpc
probe rpc_server_client_new(void *client, void *sock);
-
+   probe rpc_server_client_dispose(void *client);
probe rpc_server_client_msg_tx_queue(void *client, int len, int prog, 
int vers, int proc, int type, int status, int serial);
probe rpc_server_client_msg_rx(void *client, int len, int prog, int 
vers, int proc, int type, int status, int serial);
 
@@ -41,7 +42,7 @@ provider libvirt {
# file: src/rpc/virnetclient.c
# prefix: rpc
probe rpc_client_new(void *client, void *sock);
-
+   probe rpc_client_dispose(void *client);
probe rpc_client_msg_tx_queue(void *client, int len, int prog, int 
vers, int proc, int type, int status, int serial);
probe rpc_client_msg_rx(void *client, int len, int prog, int vers, int 
proc, int type, int status, int serial);
 
@@ -57,14 +58,14 @@ provider libvirt {
# prefix: rpc
probe rpc_tls_context_new(void *ctxt, const char *cacert, const char 
*cacrl,
  const char *cert, const char *key, int 
sanityCheckCert, int requireValidCert, int isServer);
-
+   probe rpc_tls_context_dispose(void *ctxt);
probe rpc_tls_context_session_allow(void *ctxt, void *sess, const char 
*dname);
probe rpc_tls_context_session_deny(void *ctxt, void *sess, const char 
*dname);
probe rpc_tls_context_session_fail(void *ctxt, void *sess);
 
 
probe rpc_tls_session_new(void *sess, void *ctxt, const char *hostname, 
int isServer);
-
+   probe

Re: [libvirt] Race/broken mutex when closing a connection

[Viktor Mihajlovski]

On 03/12/2013 06:15 PM, Viktor Mihajlovski wrote:

At the same time the event loop will call remoteClientCloseFunc
which waits for the mutex while the connection is unrefed.
It will obtain the (now invalid but non-error checking) mutex,
copy the closeCallback pointer (shorty before the connection object is
destroyed) and will die upon trying to call closeFreeCallback (NULL
by now).


Minor correction: the closeFreeCallback was NULL from the beginning
but that was actually a blessing, because it indirectly helped
to uncover this race.

One thought would be to increase the refcount of the connection
object in remoteClientCloseFunc before calling the closeCallback.


Increasing the refcount there is too late. I have experimentally
increased the refcount before registering remoteClientCloseFunc
and decreased it on deregistering, but that leads to the dreaded
virsh "leaked reference(s)" message because virConnectClose is always
the first to happen.
My next attempt would be to reset the closeCallback in virConnectDispose
but I need to sleep over it first :-).

--

Mit freundlichen Grüßen/Kind Regards
   Viktor Mihajlovski

IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martina Köderitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 3/3] Fix parsing of SELinux ranges without a category

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

Normally libvirtd should run with a SELinux label

  system_u:system_r:virtd_t:s0-s0:c0.c1023

If a user manually runs libvirtd though, it is sometimes
possible to get into a situation where it is running

  system_u:system_r:init_t:s0

The SELinux security driver isn't expecting this and can't
parse the security label since it lacks the ':c0.c1023' part
causing it to complain

  internal error Cannot parse sensitivity level in s0

This updates the parser to cope with this, so if no category
is present, libvirtd will hardcode the equivalent of c0.c1023.

Now this won't work if SELinux is in Enforcing mode, but that's
not an issue, because the user can only get into this problem
if in Permissive mode. This means they can now start VMs in
Permissive mode without hitting that parsing error

Signed-off-by: Daniel P. Berrange 
---
 src/security/security_selinux.c | 38 +-
 tests/securityselinuxtest.c | 12 
 2 files changed, 41 insertions(+), 9 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index bfbb006..ced2b12 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -159,6 +159,20 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr,
 return mcs;
 }
 
+
+/*
+ * This needs to cope with several styles of range
+ *
+ * system_u:system_r:virtd_t:s0
+ * system_u:system_r:virtd_t:s0-s0
+ * system_u:system_r:virtd_t:s0-s0:c0.c1023
+ *
+ * In the first two cases, we'll assume c0.c1023 for
+ * the category part, since that's what we're really
+ * interested in. This won't work in Enforcing mode,
+ * but will prevent libvirtd breaking in Permissive
+ * mode when run with a wierd procss label.
+ */
 static int
 virSecuritySELinuxMCSGetProcessRange(char **sens,
  int *catMin,
@@ -166,7 +180,8 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
 {
 security_context_t ourSecContext = NULL;
 context_t ourContext = NULL;
-char *cat, *tmp;
+char *cat = NULL;
+char *tmp;
 int ret = -1;
 
 if (getcon_raw(&ourSecContext) < 0) {
@@ -186,20 +201,25 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
 goto cleanup;
 }
 
-/* Find and blank out the category part */
-if (!(tmp = strchr(*sens, ':'))) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
-   _("Cannot parse sensitivity level in %s"),
-   *sens);
-goto cleanup;
+/* Find and blank out the category part (if any) */
+tmp = strchr(*sens, ':');
+if (tmp) {
+*tmp = '\0';
+cat = tmp + 1;
 }
-*tmp = '\0';
-cat = tmp + 1;
 /* Find and blank out the sensitivity upper bound */
 if ((tmp = strchr(*sens, '-')))
 *tmp = '\0';
 /* sens now just contains the sensitivity lower bound */
 
+/* If there was no category part, just assume c0.c1024 */
+if (!cat) {
+*catMin = 0;
+*catMax = 1024;
+ret = 0;
+goto cleanup;
+}
+
 /* Find & extract category min */
 tmp = cat;
 if (tmp[0] != 'c') {
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index ba00010..da8a12f 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -297,6 +297,18 @@ mymain(void)
 } while (0)
 
 DO_TEST_GEN_LABEL("dynamic unconfined, s0, c0.c1023",
+  "unconfined_u:unconfined_r:unconfined_t:s0",
+  true, NULL, NULL,
+  "unconfined_u", "unconfined_r", "object_r",
+  "svirt_t", "svirt_image_t",
+  0, 0, 0, 1023);
+DO_TEST_GEN_LABEL("dynamic unconfined, s0, c0.c1023",
+  "unconfined_u:unconfined_r:unconfined_t:s0-s0",
+  true, NULL, NULL,
+  "unconfined_u", "unconfined_r", "object_r",
+  "svirt_t", "svirt_image_t",
+  0, 0, 0, 1023);
+DO_TEST_GEN_LABEL("dynamic unconfined, s0, c0.c1023",
   "unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023",
   true, NULL, NULL,
   "unconfined_u", "unconfined_r", "object_r",
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 1/3] Fix memory leak on OOM in virSecuritySELinuxMCSFind

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

The body of the loop in virSecuritySELinuxMCSFind would
directly 'return NULL' on OOM, instead of jumping to the
cleanup label. This caused a leak of several local vars.

Signed-off-by: Daniel P. Berrange 
---
 src/security/security_selinux.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index a042b26..f1399af 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -214,7 +214,7 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
 if (c1 == c2) {
 if (virAsprintf(&mcs, "%s:c%d", sens, catMin + c1) < 0) {
 virReportOOMError();
-return NULL;
+goto cleanup;
 }
 } else {
 if (c1 > c2) {
@@ -224,7 +224,7 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
 }
 if (virAsprintf(&mcs, "%s:c%d,c%d", sens, catMin + c1, catMin + 
c2) < 0) {
 virReportOOMError();
-return NULL;
+goto cleanup;
 }
 }
 
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH 2/3] Separate MCS range parsing from MCS range checking

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

Pull the code which parses the current process MCS range
out of virSecuritySELinuxMCSFind and into a new method
virSecuritySELinuxMCSGetProcessRange.

Signed-off-by: Daniel P. Berrange 
---
 src/security/security_selinux.c | 135 
 1 file changed, 80 insertions(+), 55 deletions(-)

diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index f1399af..bfbb006 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -105,16 +105,69 @@ virSecuritySELinuxMCSRemove(virSecurityManagerPtr mgr,
 
 
 static char *
-virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
+virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr,
+  const char *sens,
+  int catMin,
+  int catMax)
 {
 virSecuritySELinuxDataPtr data = virSecurityManagerGetPrivateData(mgr);
-int c1 = 0;
-int c2 = 0;
+int catRange;
 char *mcs = NULL;
+
+/* +1 since virRandomInt range is exclusive of the upper bound */
+catRange = (catMax - catMin) + 1;
+
+if (catRange < 8) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+   _("Category range c%d-c%d too small"),
+   catMin, catMax);
+return NULL;
+}
+
+VIR_DEBUG("Using sensitivity level '%s' cat min %d max %d range %d",
+  sens, catMin, catMax, catRange);
+
+for (;;) {
+int c1 = virRandomInt(catRange);
+int c2 = virRandomInt(catRange);
+
+VIR_DEBUG("Try cat %s:c%d,c%d", sens, c1+catMin, c2+catMin);
+
+if (c1 == c2) {
+if (virAsprintf(&mcs, "%s:c%d", sens, catMin + c1) < 0) {
+virReportOOMError();
+return NULL;
+}
+} else {
+if (c1 > c2) {
+int t = c1;
+c1 = c2;
+c2 = t;
+}
+if (virAsprintf(&mcs, "%s:c%d,c%d", sens, catMin + c1, catMin + 
c2) < 0) {
+virReportOOMError();
+return NULL;
+}
+}
+
+if (virHashLookup(data->mcs, mcs) == NULL)
+break;
+
+VIR_FREE(mcs);
+}
+
+return mcs;
+}
+
+static int
+virSecuritySELinuxMCSGetProcessRange(char **sens,
+ int *catMin,
+ int *catMax)
+{
 security_context_t ourSecContext = NULL;
 context_t ourContext = NULL;
-char *sens = NULL, *cat, *tmp;
-int catMin, catMax, catRange;
+char *cat, *tmp;
+int ret = -1;
 
 if (getcon_raw(&ourSecContext) < 0) {
 virReportSystemError(errno, "%s",
@@ -128,22 +181,22 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
 goto cleanup;
 }
 
-if (!(sens = strdup(context_range_get(ourContext {
+if (!(*sens = strdup(context_range_get(ourContext {
 virReportOOMError();
 goto cleanup;
 }
 
 /* Find and blank out the category part */
-if (!(tmp = strchr(sens, ':'))) {
+if (!(tmp = strchr(*sens, ':'))) {
 virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse sensitivity level in %s"),
-   sens);
+   *sens);
 goto cleanup;
 }
 *tmp = '\0';
 cat = tmp + 1;
 /* Find and blank out the sensitivity upper bound */
-if ((tmp = strchr(sens, '-')))
+if ((tmp = strchr(*sens, '-')))
 *tmp = '\0';
 /* sens now just contains the sensitivity lower bound */
 
@@ -156,7 +209,7 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
 goto cleanup;
 }
 tmp++;
-if (virStrToLong_i(tmp, &tmp, 10, &catMin) < 0) {
+if (virStrToLong_i(tmp, &tmp, 10, catMin) < 0) {
 virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
cat);
@@ -186,60 +239,21 @@ virSecuritySELinuxMCSFind(virSecurityManagerPtr mgr)
 goto cleanup;
 }
 tmp++;
-if (virStrToLong_i(tmp, &tmp, 10, &catMax) < 0) {
+if (virStrToLong_i(tmp, &tmp, 10, catMax) < 0) {
 virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
cat);
 goto cleanup;
 }
 
-/* +1 since virRandomInt range is exclusive of the upper bound */
-catRange = (catMax - catMin) + 1;
-
-if (catRange < 8) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
-   _("Category range c%d-c%d too small"),
-   catMin, catMax);
-goto cleanup;
-}
-
-VIR_DEBUG("Using sensitivity level '%s' cat min %d max %d range %d",
-  sens, catMin, catMax, catRange);
-
-for (;;) {
-c1 = virRandomInt(catRange);
-c2 = virRandomInt(catRange);
-VIR_DEBUG("Try cat %s:c%d,c%d", sens, c1+catMin, c2+catMin);
-
-if (c1 == c2) {
- 

[libvirt] [PATCH 0/3] Make parsing of SELinux labels more robust

[Daniel P. Berrange]

This series fixes a problem parsing SELinux labels which can
prevent libvirtd starting VMs when in permissive mode.

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v6 2/3] qom: pass original path to unparent method

[Michael S. Tsirkin]

We need to know the original path since unparenting loses this state.

Signed-off-by: Michael S. Tsirkin 
---
 hw/qdev.c| 4 ++--
 include/qom/object.h | 3 ++-
 qom/object.c | 4 +++-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/hw/qdev.c b/hw/qdev.c
index bebc44d..50bf2e6 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -436,7 +436,7 @@ static void qbus_realize(BusState *bus, DeviceState 
*parent, const char *name)
 }
 }
 
-static void bus_unparent(Object *obj)
+static void bus_unparent(Object *obj, const char *path)
 {
 BusState *bus = BUS(obj);
 BusChild *kid;
@@ -756,7 +756,7 @@ static void device_class_base_init(ObjectClass *class, void 
*data)
 klass->props = NULL;
 }
 
-static void device_unparent(Object *obj)
+static void device_unparent(Object *obj, const char *path)
 {
 DeviceState *dev = DEVICE(obj);
 DeviceClass *dc = DEVICE_GET_CLASS(dev);
diff --git a/include/qom/object.h b/include/qom/object.h
index cf094e7..f0790d4 100644
--- a/include/qom/object.h
+++ b/include/qom/object.h
@@ -330,11 +330,12 @@ typedef struct ObjectProperty
 /**
  * ObjectUnparent:
  * @obj: the object that is being removed from the composition tree
+ * @path: canonical path that object had if any
  *
  * Called when an object is being removed from the QOM composition tree.
  * The function should remove any backlinks from children objects to @obj.
  */
-typedef void (ObjectUnparent)(Object *obj);
+typedef void (ObjectUnparent)(Object *obj, const char *path);
 
 /**
  * ObjectFree:
diff --git a/qom/object.c b/qom/object.c
index 3d638ff..21c9da4 100644
--- a/qom/object.c
+++ b/qom/object.c
@@ -362,14 +362,16 @@ static void object_property_del_child(Object *obj, Object 
*child, Error **errp)
 
 void object_unparent(Object *obj)
 {
+gchar *path = object_get_canonical_path(obj);
 object_ref(obj);
 if (obj->parent) {
 object_property_del_child(obj->parent, obj, NULL);
 }
 if (obj->class->unparent) {
-(obj->class->unparent)(obj);
+(obj->class->unparent)(obj, path);
 }
 object_unref(obj);
+g_free(path);
 }
 
 static void object_deinit(Object *obj, TypeImpl *type)
-- 
MST

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v6 1/3] qdev: DEVICE_DELETED event

[Michael S. Tsirkin]

libvirt has a long-standing bug: when removing the device,
it can request removal but does not know when the
removal completes. Add an event so we can fix this in a robust way.

Signed-off-by: Michael S. Tsirkin 
---
 QMP/qmp-events.txt| 16 
 hw/qdev.c | 12 
 include/monitor/monitor.h |  1 +
 monitor.c |  1 +
 qapi-schema.json  |  4 +++-
 5 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/QMP/qmp-events.txt b/QMP/qmp-events.txt
index b2698e4..24cf3e8 100644
--- a/QMP/qmp-events.txt
+++ b/QMP/qmp-events.txt
@@ -136,6 +136,22 @@ Example:
 Note: The "ready to complete" status is always reset by a BLOCK_JOB_ERROR
 event.
 
+DEVICE_DELETED
+-
+
+Emitted whenever the device removal completion is acknowledged
+by the guest.
+At this point, it's safe to reuse the specified device ID.
+Device removal can be initiated by the guest or by HMP/QMP commands.
+
+Data:
+
+- "device": device name (json-string, optional)
+
+{ "event": "DEVICE_DELETED",
+  "data": { "device": "virtio-net-pci-0" },
+  "timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
+
 DEVICE_TRAY_MOVED
 -
 
diff --git a/hw/qdev.c b/hw/qdev.c
index 689cd54..bebc44d 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -29,6 +29,7 @@
 #include "sysemu/sysemu.h"
 #include "qapi/error.h"
 #include "qapi/visitor.h"
+#include "qapi/qmp/qjson.h"
 
 int qdev_hotplug = 0;
 static bool qdev_hot_added = false;
@@ -760,6 +761,7 @@ static void device_unparent(Object *obj)
 DeviceState *dev = DEVICE(obj);
 DeviceClass *dc = DEVICE_GET_CLASS(dev);
 BusState *bus;
+QObject *event_data;
 
 while (dev->num_child_bus) {
 bus = QLIST_FIRST(&dev->child_bus);
@@ -778,6 +780,16 @@ static void device_unparent(Object *obj)
 object_unref(OBJECT(dev->parent_bus));
 dev->parent_bus = NULL;
 }
+
+if (dev->id) {
+event_data = qobject_from_jsonf("{ 'device': %s }", dev->id);
+} else {
+event_data = NULL;
+}
+monitor_protocol_event(QEVENT_DEVICE_DELETED, event_data);
+if (event_data) {
+qobject_decref(event_data);
+}
 }
 
 static void device_class_init(ObjectClass *class, void *data)
diff --git a/include/monitor/monitor.h b/include/monitor/monitor.h
index 87fb49c..b868760 100644
--- a/include/monitor/monitor.h
+++ b/include/monitor/monitor.h
@@ -39,6 +39,7 @@ typedef enum MonitorEvent {
 QEVENT_BLOCK_JOB_CANCELLED,
 QEVENT_BLOCK_JOB_ERROR,
 QEVENT_BLOCK_JOB_READY,
+QEVENT_DEVICE_DELETED,
 QEVENT_DEVICE_TRAY_MOVED,
 QEVENT_SUSPEND,
 QEVENT_SUSPEND_DISK,
diff --git a/monitor.c b/monitor.c
index 32a6e74..2a5e7b6 100644
--- a/monitor.c
+++ b/monitor.c
@@ -457,6 +457,7 @@ static const char *monitor_event_names[] = {
 [QEVENT_BLOCK_JOB_CANCELLED] = "BLOCK_JOB_CANCELLED",
 [QEVENT_BLOCK_JOB_ERROR] = "BLOCK_JOB_ERROR",
 [QEVENT_BLOCK_JOB_READY] = "BLOCK_JOB_READY",
+[QEVENT_DEVICE_DELETED] = "DEVICE_DELETED",
 [QEVENT_DEVICE_TRAY_MOVED] = "DEVICE_TRAY_MOVED",
 [QEVENT_SUSPEND] = "SUSPEND",
 [QEVENT_SUSPEND_DISK] = "SUSPEND_DISK",
diff --git a/qapi-schema.json b/qapi-schema.json
index 28b070f..bb361e1 100644
--- a/qapi-schema.json
+++ b/qapi-schema.json
@@ -2354,7 +2354,9 @@
 # Notes: When this command completes, the device may not be removed from the
 #guest.  Hot removal is an operation that requires guest cooperation.
 #This command merely requests that the guest begin the hot removal
-#process.
+#process.  Completion of the device removal process is signaled with a
+#DEVICE_DELETED event. Guest reset will automatically complete removal
+#for all devices.
 #
 # Since: 0.14.0
 ##
-- 
MST

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v6 3/3] qmp: add path to device_deleted event

[Michael S. Tsirkin]

Add QOM path to device deleted event.

Signed-off-by: Michael S. Tsirkin 
---
 QMP/qmp-events.txt | 4 +++-
 hw/qdev.c  | 9 -
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/QMP/qmp-events.txt b/QMP/qmp-events.txt
index 24cf3e8..dcc826d 100644
--- a/QMP/qmp-events.txt
+++ b/QMP/qmp-events.txt
@@ -147,9 +147,11 @@ Device removal can be initiated by the guest or by HMP/QMP 
commands.
 Data:
 
 - "device": device name (json-string, optional)
+- "path": device path (json-string)
 
 { "event": "DEVICE_DELETED",
-  "data": { "device": "virtio-net-pci-0" },
+  "data": { "device": "virtio-net-pci-0",
+"path": "/machine/peripheral/virtio-net-pci-0" },
   "timestamp": { "seconds": 1265044230, "microseconds": 450486 } }
 
 DEVICE_TRAY_MOVED
diff --git a/hw/qdev.c b/hw/qdev.c
index 50bf2e6..2c861c1 100644
--- a/hw/qdev.c
+++ b/hw/qdev.c
@@ -782,14 +782,13 @@ static void device_unparent(Object *obj, const char *path)
 }
 
 if (dev->id) {
-event_data = qobject_from_jsonf("{ 'device': %s }", dev->id);
+event_data = qobject_from_jsonf("{ 'device': %s, 'path': %s }",
+dev->id, path);
 } else {
-event_data = NULL;
+event_data = qobject_from_jsonf("{ 'path': %s }", path);
 }
 monitor_protocol_event(QEVENT_DEVICE_DELETED, event_data);
-if (event_data) {
-qobject_decref(event_data);
-}
+qobject_decref(event_data);
 }
 
 static void device_class_init(ObjectClass *class, void *data)
-- 
MST

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v6 0/3] DEVICE_DELETED event

[Michael S. Tsirkin]

libvirt has a long-standing bug: when removing the device,
it can request removal but does not know when the
removal completes. Add an event so we can fix this in a robust way.

First patch only adds the event with ID, second patch adds a path field.
Split this way for ease of backport (stable downstreams without QOM
would want to only take the first patch).
Event without fields is still useful as management can use it to
poll device list to figure out which device was removed.

Signed-off-by: Michael S. Tsirkin 

Changes from v5:
- Emit an empty event on unnamed devices in patch 1/3, as suggested by 
Markus

Changes from v4:
- Add extra triggers and extra fields as requested by Markus

Changes from v3:
- Document that we only emit events for devices with
  and ID, as suggested by Markus
Changes from v2:
- move event toward the end of device_unparent,
  so that parents are reported after their children,
  as suggested by Paolo
Changes from v1:
- move to device_unparent
- address comments by Andreas and Eric


-- 
Anthony Liguori


Michael S. Tsirkin (3):
  qdev: DEVICE_DELETED event
  qom: pass original path to unparent method
  qmp: add path to device_deleted event

 QMP/qmp-events.txt| 18 ++
 hw/qdev.c | 15 +--
 include/monitor/monitor.h |  1 +
 include/qom/object.h  |  3 ++-
 monitor.c |  1 +
 qapi-schema.json  |  4 +++-
 qom/object.c  |  4 +++-
 7 files changed, 41 insertions(+), 5 deletions(-)

-- 
MST

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] Avoid closing uninitialized FDs when LXC startup fails

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

If an LXC domain failed to start because of a bogus SELinux
label, virLXCProcessStart would call VIR_CLOSE(0) by mistake.
This is because the code which initializes the member of the
ttyFDs array to -1 got moved too far away from the place where
the array is first allocated.

Signed-off-by: Daniel P. Berrange 
---
 src/lxc/lxc_process.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index cad6402..942d375 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -1077,6 +1077,8 @@ int virLXCProcessStart(virConnectPtr conn,
 virReportOOMError();
 goto cleanup;
 }
+for (i = 0 ; i < vm->def->nconsoles ; i++)
+ttyFDs[i] = -1;
 
 /* If you are using a SecurityDriver with dynamic labelling,
then generate a security label for isolation */
@@ -1096,9 +1098,6 @@ int virLXCProcessStart(virConnectPtr conn,
   vm->def, NULL) < 0)
 goto cleanup;
 
-for (i = 0 ; i < vm->def->nconsoles ; i++)
-ttyFDs[i] = -1;
-
 for (i = 0 ; i < vm->def->nconsoles ; i++) {
 char *ttyPath;
 if (vm->def->consoles[i]->source.type != VIR_DOMAIN_CHR_TYPE_PTY) {
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 1/2] qemu: add support for dtb option

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 12:35:54PM +0800, Olivia Yin wrote:
> Signed-off-by: Olivia Yin 
> 
> The "dtb" option sets the filename for the device tree.
> If without this option support, "-dtb file" will be converted into
>  in domain XML file.
> For example, '-dtb /media/ram/test.dtb' will be converted into
>   
> 
> 
>   
> 
> This is not very friendly.
> This patchset add special  tag like  and 
> which is easier for user to write domain XML file.
>   
> hvm
> /media/ram/uImage
> /media/ram/ramdisk
> /media/ram/test.dtb
> root=/dev/ram rw console=ttyS0,115200
>   
> ---
>  src/qemu/qemu_capabilities.c |6 
>  src/qemu/qemu_capabilities.h |1 +
>  src/qemu/qemu_command.c  |6 
>  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args |1 +
>  tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml  |   28 
> ++
>  tests/qemuxml2argvtest.c |2 +
>  6 files changed, 44 insertions(+), 0 deletions(-)
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-ppc-dtb.xml

ACK


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] Prevent streams from becoming libvirtd controlling TTY

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

When opening a stream to a device which is a TTY, that device
may become the controlling TTY of libvirtd, if libvirtd was
daemonized. This in turn means when the other end of the stream
closes, libvirtd gets SIGHUP, causing it to reload its config.
Prevent this by forcing O_NOCTTY on all streams that are opened

Signed-off-by: Daniel P. Berrange 
---
 src/fdstream.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/fdstream.c b/src/fdstream.c
index cc2dfe9..9a6f042 100644
--- a/src/fdstream.c
+++ b/src/fdstream.c
@@ -582,6 +582,8 @@ virFDStreamOpenFileInternal(virStreamPtr st,
 VIR_DEBUG("st=%p path=%s oflags=%x offset=%llu length=%llu mode=%o",
   st, path, oflags, offset, length, mode);
 
+oflags |= O_NOCTTY;
+
 if (oflags & O_CREAT)
 fd = open(path, oflags, mode);
 else
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 2/2] conf: Add support for dtb option in QEMU

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 12:35:55PM +0800, Olivia Yin wrote:
> Signed-off-by: Olivia Yin 
> 
> This patch adds support to set the device trees file.
> ---
>  docs/formatdomain.html.in |5 +
>  docs/schemas/domaincommon.rng |5 +
>  src/conf/domain_conf.c|4 
>  src/conf/domain_conf.h|1 +
>  4 files changed, 15 insertions(+), 0 deletions(-)

ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH v4 0/2] qemu: -dtb option support

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 12:35:53PM +0800, Olivia Yin wrote:
> Sometime QEMU need load specific device tree binary images.
> These patches provide -dtb option support and update docs/tests.
> 
> Olivia Yin (2):
>   qemu: add support for dtb option
>   conf: Add support for dtb option in QEMU

I'm guessing you're running without apparmour/selinux enabled. You
need to update the files in src/security to deal with the new dtb
files, since they'll need labelling for the security policy. Just
grep for 'os.initrd' in src/security and add the equivalent code
for os.dtb. This can be done as a 3rd patch - no need to change
the current 2 patches you have here


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [Qemu-devel] [PATCHv5 0/3] DEVICE_DELETED event

[Michael S. Tsirkin]

On Wed, Mar 13, 2013 at 08:45:51AM +0100, Markus Armbruster wrote:
> Anthony asked for a space between "PATCH" and "v" in the subject.
> Please try to remember next time.
> 
> "Michael S. Tsirkin"  writes:
> 
> > libvirt has a long-standing bug: when removing the device,
> > it can request removal but does not know when the
> > removal completes. Add an event so we can fix this in a robust way.
> >
> > First patch only adds the event for devices with ID, second path adds it
> > for all devices and adds a path fields. Split this way for ease of
> > backport (stable downstreams without QOM would want to only take the
> > first patch),
> 
> I'd *strongly* advice downstreams to take the first patch plus the part
> of the third patch that changes the event trigger.
> 
> Let's compare the difference to upstream for both approaches.
> 
> Just the first patch: event fires only when device has an ID.
> Upstream: event fires always.
> Subtle semantic difference.
> 
> First patch + changed trigger: event doesn't have member path.
> Upstream: event has member path.
> Blatantly obvious syntactic difference.
> 
> I'd take syntactic over semantic any day.
> 
> Note that even without member path a QMP client can still find which
> device is gone, by polling.  Any client designed to keep track of state
> accurately across disconnect/reconnect (such as libvirt) needs such
> polling code anyway.

Ah, good point. Empty event seemed useless to me, now I see it isn't.

> If you want to make backporters' lives easier, move the event trigger
> change from patch 3 to patch 1.
> >and also because the 2nd/3rd patches might turn out to be
> > more controversial - if they really turn
> > out such I'd like just the 1st one to get applied while we discuss 2 and
> > 3.
> 
> I don't expect more controversy.  If I'm wrong, I don't want just patch
> 1 applied while we discuss, because that creates an longer stretch in
> git where the event is there, but doesn't work like we want it to, for
> no appreciable gain.  We're in no particular hurry here, so let's do it
> right.
> 
> > Signed-off-by: Michael S. Tsirkin 
> 
> Options in decreasing order of preference, pick one that suits you:
> 
> 1. Go the extra mile for backporters, and move the event trigger change
>from PATCH 3 into 1.

OK will do.

> 2. Squash PATCH 1 into 3.  Backporting trouble is obvious and easy to
>resolve: just drop member path.  Feel free to point that out in the
>commit message.
> 
> 3. Let the series stand as is.  Backporting trouble is subtle and easy
>to miss: backporting just PATCH 1 is tempting, but screws up the
>event trigger.  I wouldn't do it that way myself, but I'm not going
>to NAK usable upstream work because of such downstream concerns.
> 
> In case you pick 3:
> 
> Acked-by: Markus Armbruster 

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 6/6] Add test case for TPM passthrough

[Stefan Berger]

Signed-off-by: Stefan Berger 

---
 tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.args |6 +++
 tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.xml  |   29 +++
 tests/qemuxml2argvtest.c |3 +
 tests/qemuxml2xmltest.c  |2 +
 4 files changed, 40 insertions(+)

Index: libvirt/tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.args
===
--- /dev/null
+++ libvirt/tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.args
@@ -0,0 +1,6 @@
+LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test \
+/usr/bin/qemu -S -M pc-0.12 -m 2048 -smp 1 -nographic -nodefaults \
+-monitor unix:/tmp/test-monitor,server,nowait -boot c -usb \
+-tpmdev 
passthrough,id=tpm-tpm0,path=/dev/tpm0,cancel-path=/sys/class/misc/tpm0/device/cancel
 \
+-device tpm-tis,tpmdev=tpm-tpm0,id=tpm0 \
+-device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3
Index: libvirt/tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.xml
===
--- /dev/null
+++ libvirt/tests/qemuxml2argvdata/qemuxml2argv-tpm-passthrough.xml
@@ -0,0 +1,29 @@
+
+  TPM-VM
+  11d7cd22-da89-3094-6212-079a48a309a1
+  2097152
+  512288
+  1
+  
+hvm
+
+
+  
+  
+
+  
+  
+  destroy
+  restart
+  destroy
+  
+/usr/bin/qemu
+
+
+  
+
+  
+
+
+  
+
Index: libvirt/tests/qemuxml2argvtest.c
===
--- libvirt.orig/tests/qemuxml2argvtest.c
+++ libvirt/tests/qemuxml2argvtest.c
@@ -898,6 +898,9 @@ mymain(void)
 DO_TEST("add-fd", QEMU_CAPS_ADD_FD,
 QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_DRIVE);
 
+DO_TEST("tpm-passthrough", QEMU_CAPS_DEVICE,
+QEMU_CAPS_DEVICE_TPM_PASSTHROUGH, QEMU_CAPS_DEVICE_TPM_TIS);
+
 virObjectUnref(driver.config);
 virObjectUnref(driver.caps);
 VIR_FREE(map);
Index: libvirt/tests/qemuxml2xmltest.c
===
--- libvirt.orig/tests/qemuxml2xmltest.c
+++ libvirt/tests/qemuxml2xmltest.c
@@ -261,6 +261,8 @@ mymain(void)
 
 DO_TEST_DIFFERENT("metadata");
 
+DO_TEST("tpm-passthrough");
+
 virObjectUnref(driver.caps);
 
 return ret==0 ? EXIT_SUCCESS : EXIT_FAILURE;

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] if_bridge.h: include in6.h for struct in6_addr use

[Kumar Gala]

On Jan 14, 2013, at 5:57 PM, Eric Blake wrote:

> On 01/13/2013 01:05 PM, Thomas Backlund wrote:
>> Thomas Backlund skrev 13.1.2013 20:38:
>>> patch both inline and attached as thunderbird tends to mess up ...
>> 
>>> -
>>> 
>>> if_bridge.h uses struct in6_addr ip6; but does not include the in6.h
>>> header.
>>> 
>>> Found by trying to build libvirt and connman against 3.8-rc3 headers.
>>> 
>> 
>> Ok,
>> ignore this patch, it's not the correct fix as it introduces
>> redefinitions...
>> 
>> Btw, the error that I hit that made me suggest this fix was libvirt
>> config check bailing out:
>> 
>> config.log:/usr/include/linux/if_bridge.h:173:20: error: field 'ip6' has
>> incomplete type
> 
> Hmm, just now noticing this thread, after independently hitting and and
> having to work around the same problem in libvirt:
> https://www.redhat.com/archives/libvir-list/2013-January/msg00930.html
> https://bugzilla.redhat.com/show_bug.cgi?id=895141
> 
>>> --- linux-3.8-rc3/include/uapi/linux/if_bridge.h2013-01-13
>>> 20:09:54.257271755 +0200
>>> +++ linux-3.8-rc3.fix/include/uapi/linux/if_bridge.h2013-01-13
>>> 20:15:04.153676151 +0200
>>> @@ -14,6 +14,7 @@
>>>  #define _UAPI_LINUX_IF_BRIDGE_H
>>> 
>>>  #include 
>>> +#include 
>>> 

Did this ever get resolved ?

- k

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 2/6] Parse TPM in domain XML

[Stefan Berger]

Parse the domain XML with TPM support.

Convert the strings from QEMU's QMP TPM commands into
capability flags.

Signed-off-by: Stefan Berger 

---
 docs/schemas/domaincommon.rng |   43 ++
 src/conf/domain_conf.c|  268 ++
 src/conf/domain_conf.h|   34 +
 src/libvirt_private.syms  |5 
 src/qemu/qemu_capabilities.c  |   59 +
 5 files changed, 409 insertions(+)

Index: libvirt/docs/schemas/domaincommon.rng
===
--- libvirt.orig/docs/schemas/domaincommon.rng
+++ libvirt/docs/schemas/domaincommon.rng
@@ -2814,6 +2814,48 @@
   
 
   
+
+  
+
+  
+
+  
+tpm-tis
+  
+
+  
+  
+  
+
+  
+
+  
+
+  
+
+   
+ 
+   
+  passthrough
+   
+   
+ 
+   
+
+  
+
+  
+
+  
+
+  
+
+  
+
+  
+   
+  
+
   
 
   
@@ -3111,6 +3153,7 @@
 
 
 
+
   
 
 
Index: libvirt/src/conf/domain_conf.c
===
--- libvirt.orig/src/conf/domain_conf.c
+++ libvirt/src/conf/domain_conf.c
@@ -709,6 +709,13 @@ VIR_ENUM_IMPL(virDomainRNGBackend,
   "random",
   "egd");
 
+VIR_ENUM_IMPL(virDomainTPMModel, VIR_DOMAIN_TPM_MODEL_LAST,
+  "tpm-tis")
+
+VIR_ENUM_IMPL(virDomainTPMBackend, VIR_DOMAIN_TPM_TYPE_LAST,
+  "passthrough")
+
+
 #define VIR_DOMAIN_XML_WRITE_FLAGS  VIR_DOMAIN_XML_SECURE
 #define VIR_DOMAIN_XML_READ_FLAGS   VIR_DOMAIN_XML_INACTIVE
 
@@ -1515,6 +1522,24 @@ void virDomainHostdevDefClear(virDomainH
 }
 }
 
+void virDomainTPMDefFree(virDomainTPMDefPtr def)
+{
+if (!def)
+return;
+
+switch (def->type) {
+case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
+VIR_FREE(def->data.passthrough.path);
+VIR_FREE(def->data.passthrough.cancel_path);
+break;
+case VIR_DOMAIN_TPM_TYPE_LAST:
+break;
+}
+
+virDomainDeviceInfoClear(&def->info);
+VIR_FREE(def);
+}
+
 void virDomainHostdevDefFree(virDomainHostdevDefPtr def)
 {
 if (!def)
@@ -1776,6 +1801,8 @@ void virDomainDefFree(virDomainDefPtr de
 
 virDomainRNGDefFree(def->rng);
 
+virDomainTPMDefFree(def->tpm);
+
 VIR_FREE(def->os.type);
 VIR_FREE(def->os.machine);
 VIR_FREE(def->os.init);
@@ -6312,6 +6339,192 @@ error:
 goto cleanup;
 }
 
+/*
+ * Check whether the given base path, e.g.,  /sys/class/misc/tpm0/device,
+ * is the sysfs entry of a TPM. A TPM sysfs entry should be uniquely
+ * recognizable by the file entries 'pcrs' and 'cancel'.
+ * Upon success 'true' is returned and the basebath buffer has '/cancel'
+ * appended.
+ */
+static bool
+virDomainTPMCheckSysfsCancel(char *basepath, size_t bufsz)
+{
+char *path = NULL;
+struct stat statbuf;
+
+if (virAsprintf(&path, "%s/pcrs", basepath) < 0) {
+virReportOOMError();
+goto error;
+}
+if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode))
+goto error;
+
+VIR_FREE(path);
+
+if (virAsprintf(&path, "%s/cancel", basepath) < 0) {
+virReportOOMError();
+goto error;
+}
+
+if (stat(path, &statbuf) == -1 || !S_ISREG(statbuf.st_mode))
+goto error;
+
+if (!virStrncpy(basepath, path, strlen(path) + 1, bufsz)) {
+virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+   _("Basepath buffer is too small"));
+goto error;
+}
+
+VIR_FREE(path);
+
+return true;
+
+error:
+VIR_FREE(path);
+return false;
+}
+
+
+static char *
+virDomainTPMFindCancelPath(void)
+{
+unsigned int idx;
+int len;
+DIR *pnp_dir;
+char path[100], *p;
+struct dirent entry, *result;
+bool found = false;
+
+snprintf(path, sizeof(path), "/sys/class/misc");
+pnp_dir = opendir(path);
+if (pnp_dir != NULL) {
+while (readdir_r(pnp_dir, &entry, &result) == 0 &&
+   result != NULL) {
+if (sscanf(entry.d_name, "tpm%u%n", &idx, &len) < 1 ||
+len <= strlen("tpm") ||
+len != strlen(entry.d_name)) {
+continue;
+}
+snprintf(path, sizeof(path), "/sys/class/misc/%s/device",
+ entry.d_name);
+if (!virDomainTPMCheckSysfsCancel(path, sizeof(path))) {
+continue;
+}
+
+found = true;
+break;
+}
+closedir(pnp_dir);
+}
+
+if (found) {
+if (!(p = strdup(path)))
+virReportOOMError();
+return p;
+}
+
+return NULL;
+}
+
+
+/* Parse the XML definition for a TPM device
+ *
+ * The XML looks like this:
+ *
+ * 
+ *   
+ * 
+ *   
+ * 
+ *
+ */
+static virDomainTPMDefPtr
+virDomainTPMD

Re: [libvirt] if_bridge.h: include in6.h for struct in6_addr use

[Eric Blake]

On 03/13/2013 09:17 AM, Kumar Gala wrote:


 if_bridge.h uses struct in6_addr ip6; but does not include the in6.h
 header.

 Found by trying to build libvirt and connman against 3.8-rc3 headers.

>>>

> Did this ever get resolved ?

Libvirt has managed to work around the kernel issue in the meantime.
But just today, I hit the same issue with the latest
kernel-headers-3.8.2-206.fc18.x86_64 on Fedora 18 when backporting to an
older libvirt branch that did not have the workaround.  A kernel person
would have to speak up for certain, but I think it is still a problem.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 3/6] Add documentation for TPM in domain XML

[Stefan Berger]

Signed-off-by: Stefan Berger 

---
 docs/formatdomain.html.in |   57 ++
 1 file changed, 57 insertions(+)

Index: libvirt/docs/formatdomain.html.in
===
--- libvirt.orig/docs/formatdomain.html.in
+++ libvirt/docs/formatdomain.html.in
@@ -4336,6 +4336,63 @@ qemu-kvm -net nic,model=? /dev/null
 
 
 
+TPM device
+
+
+  The TPM device enables a QEMU guest to have access to TPM
+  functionality.
+
+
+  The TPM passthrough device type provides access to the host's TPM
+  for one QEMU guest. No other software may be is using the TPM device,
+  typically /dev/tpm0, at the time the QEMU guest is started.
+  'passthrough' since 1.0.4
+
+
+
+ Example: usage of the TPM passthrough device
+
+
+  ...
+  
+
+  
+
+  
+
+  
+
+
+  model
+  
+
+  The model attribute specifies what device
+  model QEMU provides to the guest. If no model name is provided,
+  tpm-tis will automatically be chosen.
+
+  
+  backend
+  
+
+  The backend element specifies the type of
+  TPM device. The following types are supported:
+
+
+  'passthrough' — use the hosts's TPM device.
+
+  
+  backend type='passthrough'
+  
+
+  This backend type requires exclusive access to a TPM device on
+  the host.
+  An example for such a device is /dev/tpm0. The filename is
+  specified as path attribute of the source element.
+  If no file name is specified then /dev/tpm0 is automatically used.
+
+  
+
+
 Security label
 
 

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 4/6] Add SELinux labeling support for TPM

[Stefan Berger]

Signed-off-by: Stefan Berger 

---
 src/security/security_selinux.c |   90 
 1 file changed, 90 insertions(+)

Index: libvirt/src/security/security_selinux.c
===
--- libvirt.orig/src/security/security_selinux.c
+++ libvirt/src/security/security_selinux.c
@@ -76,6 +76,12 @@ struct _virSecuritySELinuxCallbackData {
 #define SECURITY_SELINUX_VOID_DOI   "0"
 #define SECURITY_SELINUX_NAME "selinux"
 
+static int
+virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainTPMDefPtr tpm);
+
+
 /*
  * Returns 0 on success, 1 if already reserved, or -1 on fatal error
  */
@@ -1017,6 +1023,80 @@ err:
 return rc;
 }
 
+
+static int
+virSecuritySELinuxSetSecurityTPMFileLabel(virSecurityManagerPtr mgr,
+  virDomainDefPtr def,
+  virDomainTPMDefPtr tpm)
+{
+int rc;
+virSecurityLabelDefPtr seclabel;
+
+seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
+if (seclabel == NULL)
+return -1;
+
+switch (tpm->type) {
+case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
+rc = virSecuritySELinuxSetFilecon(tpm->data.passthrough.path,
+  seclabel->imagelabel);
+if (rc < 0)
+return -1;
+
+if (tpm->data.passthrough.cancel_path) {
+rc = virSecuritySELinuxSetFilecon(
+ tpm->data.passthrough.cancel_path,
+ seclabel->imagelabel);
+if (rc < 0) {
+virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
+ tpm);
+return -1;
+}
+} else {
+virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+   _("Cannot start guest without TPM "
+   "cancel path"));
+return -1;
+}
+break;
+case VIR_DOMAIN_TPM_TYPE_LAST:
+break;
+}
+
+return 0;
+}
+
+
+static int
+virSecuritySELinuxRestoreSecurityTPMFileLabelInt(virSecurityManagerPtr mgr,
+ virDomainDefPtr def,
+ virDomainTPMDefPtr tpm)
+{
+int rc = 0;
+virSecurityLabelDefPtr seclabel;
+
+seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
+if (seclabel == NULL)
+return -1;
+
+switch (tpm->type) {
+case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
+rc = virSecuritySELinuxRestoreSecurityFileLabel(
+ mgr, tpm->data.passthrough.path);
+
+if (tpm->data.passthrough.cancel_path) {
+rc = virSecuritySELinuxRestoreSecurityFileLabel(mgr,
+  tpm->data.passthrough.cancel_path);
+}
+break;
+case VIR_DOMAIN_TPM_TYPE_LAST:
+break;
+}
+
+return rc;
+}
+
+
 static int
 virSecuritySELinuxRestoreSecurityImageLabelInt(virSecurityManagerPtr mgr,
virDomainDefPtr def,
@@ -1685,6 +1765,12 @@ virSecuritySELinuxRestoreSecurityAllLabe
 if (secdef->norelabel || data->skipAllLabel)
 return 0;
 
+if (def->tpm) {
+if (virSecuritySELinuxRestoreSecurityTPMFileLabelInt(mgr, def,
+ def->tpm) < 0)
+rc = -1;
+}
+
 for (i = 0 ; i < def->nhostdevs ; i++) {
 if (virSecuritySELinuxRestoreSecurityHostdevLabel(mgr,
   def,
@@ -2095,6 +2181,11 @@ virSecuritySELinuxSetSecurityAllLabel(vi
   NULL) < 0)
 return -1;
 }
+if (def->tpm) {
+if (virSecuritySELinuxSetSecurityTPMFileLabel(mgr, def,
+  def->tpm) < 0)
+return -1;
+}
 
 if (virDomainChrDefForeach(def,
true,

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 5/6] TPM support for QEMU command line

[Stefan Berger]

Signed-off-by: Stefan Berger 

---
 src/qemu/qemu_command.c |  249 
 1 file changed, 249 insertions(+)

Index: libvirt/src/qemu/qemu_command.c
===
--- libvirt.orig/src/qemu/qemu_command.c
+++ libvirt/src/qemu/qemu_command.c
@@ -856,6 +856,10 @@ qemuAssignDeviceAliases(virDomainDefPtr
 if (virAsprintf(&def->rng->info.alias, "rng%d", 0) < 0)
 goto no_memory;
 }
+if (def->tpm) {
+if (virAsprintf(&def->tpm->info.alias, "tpm%d", 0) < 0)
+goto no_memory;
+}
 
 return 0;
 
@@ -4437,6 +4441,111 @@ cleanup:
 }
 
 
+static char *qemuBuildTPMBackendStr(virCommandPtr cmd,
+virQEMUDriverPtr driver,
+const virDomainDefPtr def,
+virQEMUCapsPtr qemuCaps,
+virFdSetPtr fdset,
+const char *emulator)
+{
+const char *path;
+const virDomainTPMDefPtr tpm = def->tpm;
+virBuffer buf = VIR_BUFFER_INITIALIZER;
+const char *type = virDomainTPMBackendTypeToString(tpm->type);
+virDomainDeviceInfo info = { 0, };
+
+virBufferAsprintf(&buf, "%s,id=tpm-%s", type, tpm->info.alias);
+
+switch (tpm->type) {
+case VIR_DOMAIN_TPM_TYPE_PASSTHROUGH:
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_PASSTHROUGH))
+goto no_support;
+
+if (qemuCreatePathForFilePath(driver, &buf,
+  ",path=", tpm->data.passthrough.path,
+  (int[]){O_RDWR, -1},
+  cmd, fdset, &tpm->info,
+  qemuCaps) < 0)
+goto error;
+
+path = tpm->data.passthrough.cancel_path;
+if (!path) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+_("TPM cancel path could not be determined"));
+ goto error;
+}
+
+if (virAsprintf(&info.alias, "%s-cancel", tpm->info.alias) < 0) {
+virReportOOMError();
+goto error;
+}
+
+if (qemuCreatePathForFilePath(driver, &buf,
+ ",cancel-path=", path,
+ (int[]){O_WRONLY, -1},
+ cmd, fdset, &info,
+ qemuCaps) < 0)
+goto error;
+
+break;
+case VIR_DOMAIN_TPM_TYPE_LAST:
+goto error;
+}
+
+if (virBufferError(&buf)) {
+virReportOOMError();
+goto error;
+}
+
+VIR_FREE(info.alias);
+
+return virBufferContentAndReset(&buf);
+
+ no_support:
+virReportError(VIR_ERR_INTERNAL_ERROR,
+   _("The QEMU executable %s does not support TPM "
+ "backend type %s"),
+   emulator, type);
+
+ error:
+virBufferFreeAndReset(&buf);
+VIR_FREE(info.alias);
+return NULL;
+}
+
+
+static char *qemuBuildTPMDevStr(const virDomainDefPtr def,
+virQEMUCapsPtr qemuCaps,
+const char *emulator)
+{
+virBuffer buf = VIR_BUFFER_INITIALIZER;
+const virDomainTPMDefPtr tpm = def->tpm;
+const char *model = virDomainTPMModelTypeToString(tpm->model);
+
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_TPM_TIS)) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+   _("The QEMU executable %s does not support TPM "
+   "model %s"),
+   emulator, model);
+goto error;
+}
+
+virBufferAsprintf(&buf, "%s,tpmdev=tpm-%s,id=%s",
+  model, tpm->info.alias, tpm->info.alias);
+
+if (virBufferError(&buf)) {
+virReportOOMError();
+goto error;
+}
+
+return virBufferContentAndReset(&buf);
+
+ error:
+virBufferFreeAndReset(&buf);
+return NULL;
+}
+
+
 static char *qemuBuildSmbiosBiosStr(virSysinfoDefPtr def)
 {
 virBuffer buf = VIR_BUFFER_INITIALIZER;
@@ -6779,6 +6888,23 @@ qemuBuildCommandLine(virConnectPtr conn,
 }
 }
 
+if (def->tpm) {
+char *optstr;
+
+if (!(optstr = qemuBuildTPMBackendStr(cmd, driver, def,
+  qemuCaps, fdset, emulator)))
+goto error;
+
+virCommandAddArgList(cmd, "-tpmdev", optstr, NULL);
+VIR_FREE(optstr);
+
+if (!(optstr = qemuBuildTPMDevStr(def, qemuCaps, emulator)))
+goto error;
+
+virCommandAddArgList(cmd, "-device", optstr, NULL);
+VIR_FREE(optstr);
+}
+
 for (i = 0 ; i < def->ninputs ; i++) {
 virDomainInputDefPtr input = def->inputs[i];
 
@@ -8632,6 +8758,125 @@ error:
 
 
 static int
+qemuParseCommandLineTPM(virDomainDefPtr dom,
+const char *val)
+{
+int

[libvirt] [PATCH V1 0/6] Add support for guests with TPM passthrough device

[Stefan Berger]

Hello!

The following set of patches adds support to libvirt for 
adding a TPM passthrough device to a QEMU guest. Support for
this was recently accepted into QEMU.

This set of patches borrows a lot from the recently added support
for rng's.

This patch series builds on top of the patches for adding
support for file descriptor sets.

Regards,
Stefan


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH V1 1/6] Add QMP probing for TPM

[Stefan Berger]

Probe for QEMU's QMP TPM support by querying the lists of
supported TPM models (query-tpm-models) and backend types
(query-tpm-types). 

The setting of the capability flags following the strings
returned from the commands above is only provided in the
patch where domain_conf.c gets TPM support due to dependencies
on functions only introduced there. 

Signed-off-by: Stefan Berger 

---
 src/libvirt_private.syms |1 
 src/qemu/qemu_capabilities.c |   61 
 src/qemu/qemu_capabilities.h |3 +
 src/qemu/qemu_monitor.c  |   44 
 src/qemu/qemu_monitor.h  |6 ++
 src/qemu/qemu_monitor_json.c |   91 +++
 src/qemu/qemu_monitor_json.h |8 +++
 src/util/virutil.c   |   14 ++
 src/util/virutil.h   |3 +
 9 files changed, 231 insertions(+)

Index: libvirt/src/qemu/qemu_capabilities.c
===
--- libvirt.orig/src/qemu/qemu_capabilities.c
+++ libvirt/src/qemu/qemu_capabilities.c
@@ -210,6 +210,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAS
 
   "rng-random", /* 130 */
   "rng-egd",
+  "tpm-passthrough",
+  "tpm-tis",
 );
 
 struct _virQEMUCaps {
Index: libvirt/src/qemu/qemu_capabilities.h
===
--- libvirt.orig/src/qemu/qemu_capabilities.h
+++ libvirt/src/qemu/qemu_capabilities.h
@@ -171,6 +171,8 @@ enum virQEMUCapsFlags {
 QEMU_CAPS_OBJECT_RNG_RANDOM  = 130, /* the rng-random backend for
virtio rng */
 QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
+QEMU_CAPS_DEVICE_TPM_PASSTHROUGH = 132, /* -tpmdev passthrough */
+QEMU_CAPS_DEVICE_TPM_TIS = 133, /* -device tpm_tis */
 
 QEMU_CAPS_LAST,   /* this must always be the last item */
 };
@@ -252,4 +254,5 @@ int virQEMUCapsParseDeviceStr(virQEMUCap
 VIR_ENUM_DECL(virQEMUCaps);
 
 bool virQEMUCapsUsedQMP(virQEMUCapsPtr qemuCaps);
+
 #endif /* __QEMU_CAPABILITIES_H__*/
Index: libvirt/src/qemu/qemu_monitor.c
===
--- libvirt.orig/src/qemu/qemu_monitor.c
+++ libvirt/src/qemu/qemu_monitor.c
@@ -3522,3 +3522,47 @@ int qemuMonitorNBDServerStop(qemuMonitor
 
 return qemuMonitorJSONNBDServerStop(mon);
 }
+
+
+int qemuMonitorGetTPMModels(qemuMonitorPtr mon,
+char ***tpmmodels)
+{
+VIR_DEBUG("mon=%p tpmmodels=%p",
+  mon, tpmmodels);
+
+if (!mon) {
+virReportError(VIR_ERR_INVALID_ARG, "%s",
+   _("monitor must not be NULL"));
+return -1;
+}
+
+if (!mon->json) {
+virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+   _("JSON monitor is required"));
+return -1;
+}
+
+return qemuMonitorJSONGetTPMModels(mon, tpmmodels);
+}
+
+
+int qemuMonitorGetTPMTypes(qemuMonitorPtr mon,
+   char ***tpmtypes)
+{
+VIR_DEBUG("mon=%p tpmtypes=%p",
+  mon, tpmtypes);
+
+if (!mon) {
+virReportError(VIR_ERR_INVALID_ARG, "%s",
+   _("monitor must not be NULL"));
+return -1;
+}
+
+if (!mon->json) {
+virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
+   _("JSON monitor is required"));
+return -1;
+}
+
+return qemuMonitorJSONGetTPMTypes(mon, tpmtypes);
+}
Index: libvirt/src/qemu/qemu_monitor.h
===
--- libvirt.orig/src/qemu/qemu_monitor.h
+++ libvirt/src/qemu/qemu_monitor.h
@@ -683,6 +683,12 @@ int qemuMonitorNBDServerAdd(qemuMonitorP
 const char *deviceID,
 bool writable);
 int qemuMonitorNBDServerStop(qemuMonitorPtr);
+int qemuMonitorGetTPMModels(qemuMonitorPtr mon,
+char ***tpmmodels);
+
+int qemuMonitorGetTPMTypes(qemuMonitorPtr mon,
+   char ***tpmtypes);
+
 /**
  * When running two dd process and using <> redirection, we need a
  * shell that will not truncate files.  These two strings serve that
Index: libvirt/src/qemu/qemu_monitor_json.c
===
--- libvirt.orig/src/qemu/qemu_monitor_json.c
+++ libvirt/src/qemu/qemu_monitor_json.c
@@ -4707,3 +4707,94 @@ qemuMonitorJSONNBDServerStop(qemuMonitor
 virJSONValueFree(reply);
 return ret;
 }
+
+
+static int
+qemuMonitorJSONGetStringArray(qemuMonitorPtr mon, const char *qmpCmd,
+  char ***array)
+{
+int ret;
+virJSONValuePtr cmd;
+virJSONValuePtr reply = NULL;
+virJSONValuePtr data;
+char **list = NULL;
+int n = 0;
+size_t i;
+
+*array = NULL;
+
+if (!(cmd = qemuMonitorJSONMakeCommand(qmpCmd, NULL)))
+return -1;
+
+ret 

Re: [libvirt] [PATCHv4 5/5] S390: Testcases for virtio-ccw machines

[Daniel P. Berrange]

On Tue, Mar 05, 2013 at 04:44:23PM +0100, Viktor Mihajlovski wrote:
> This adds and corrects testcases for virtio devices on s390
> guests.
> 
> Signed-off-by: Viktor Mihajlovski 
> ---
> V2 Changes
>  - adapt the testcase XML files to use the new attributes
>  - use different variations for the values: hex, decimal, leading zeroes...
> 
> V3 Changes
>  - add virtio-s390 caps to all ccw tests to reflect reality
> 
> V4 Changes
>  - replace schid with devno in xml files
> 
>  .../qemuxml2argv-console-virtio-ccw.args   |   10 +
>  .../qemuxml2argv-console-virtio-ccw.xml|   27 +
>  .../qemuxml2argv-console-virtio-s390.args  |4 +-
>  .../qemuxml2argv-console-virtio-s390.xml   |2 +-
>  .../qemuxml2argv-disk-virtio-ccw-many.args |   12 ++
>  .../qemuxml2argv-disk-virtio-ccw-many.xml  |   40 
> 
>  .../qemuxml2argv-disk-virtio-ccw.args  |8 
>  .../qemuxml2argv-disk-virtio-ccw.xml   |   30 +++
>  .../qemuxml2argv-net-virtio-ccw.args   |8 
>  .../qemuxml2argv-net-virtio-ccw.xml|   30 +++
>  tests/qemuxml2argvtest.c   |   12 +-
>  tests/testutilsqemu.c  |3 +-
>  12 files changed, 181 insertions(+), 5 deletions(-)
>  create mode 100644 
> tests/qemuxml2argvdata/qemuxml2argv-console-virtio-ccw.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-console-virtio-ccw.xml
>  create mode 100644 
> tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-ccw-many.args
>  create mode 100644 
> tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-ccw-many.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-ccw.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-virtio-ccw.xml
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-ccw.args
>  create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-virtio-ccw.xml
> 

ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv4 4/5] S390: Add hotplug support for s390 virtio devices

[Daniel P. Berrange]

On Tue, Mar 05, 2013 at 04:44:22PM +0100, Viktor Mihajlovski wrote:
> From: "J.B. Joret" 
> 
> We didn't yet expose the virtio device attach and detach functionality
> for s390 domains as the device hotplug was very limited with the old
> virtio-s390 bus. With the CCW bus there's full hotplug support for
> virtio devices in QEMU, so we are adding this to libvirt too.
> 
> Since the virtio hotplug isn't limited to PCI anymore, we change the
> function names from xxxPCIyyy to xxxVirtioyyy, where we handle all
> three virtio bus types.
> 
> Signed-off-by: J.B. Joret 
> Signed-off-by: Viktor Mihajlovski 
> ---
> V2 Changes
>  - rebase, mainly addressing the rename of qemuCapsXXX to virQEMUCapsXXX 
> 
> V3 Changes
>  - check whether machine type is s390-ccw
> 
> V4 Changes
>  - rebase to current upstream
> 
>  src/qemu/qemu_driver.c  |6 +-
>  src/qemu/qemu_hotplug.c |  152 
> +--
>  src/qemu/qemu_hotplug.h |   14 ++---
>  3 files changed, 116 insertions(+), 56 deletions(-)

ACK, though I would have preferred the funtion rename to be a separate
patch.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv4 3/5] S390: QEMU driver support for CCW addresses

[Daniel P. Berrange]

On Tue, Mar 05, 2013 at 04:44:21PM +0100, Viktor Mihajlovski wrote:
> This commit adds the QEMU driver support for CCW addresses. The
> current QEMU only allows virtio devices to be attached to the
> CCW bus. We named the new capability indicating that support
> QEMU_CAPS_VIRTIO_CCW accordingly.
> 
> The fact that CCW devices can only be assigned to domains with a
> machine type of s390-ccw-virtio requires a few extra checks for
> machine type in qemu_command.c on top of querying
> QEMU_CAPS_VIRTIO_{CCW|S390}.
> 
> The majority of the new functions deals with CCW address generation
> and management.
> 
> Signed-off-by: Viktor Mihajlovski 
> ---
> V2 Changes
>  - rebase, mainly addressing the rename of qemuCapsXXX to virQEMUCapsXXX 
> 
> V3 Changes
>  - revert machine based capability detection
>  - check the machine type in conjunction with s390-specific capability
>tests in qemu_command.c
>  - remove useless paranoia check in qemu_command.c
> 
> V4 Changes
>  - replace CCW address field name 'schid' with 'devno'
> 
>  src/qemu/qemu_capabilities.c |7 +-
>  src/qemu/qemu_capabilities.h |1 +
>  src/qemu/qemu_command.c  |  279 
> +++---
>  src/qemu/qemu_command.h  |6 +
>  src/qemu/qemu_domain.c   |1 +
>  src/qemu/qemu_domain.h   |3 +
>  src/qemu/qemu_process.c  |3 +
>  7 files changed, 280 insertions(+), 20 deletions(-)
> 
> diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
> index 40022c1..79cfdb3 100644
> --- a/src/qemu/qemu_capabilities.c
> +++ b/src/qemu/qemu_capabilities.c
> @@ -210,6 +210,7 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
>  
>"rng-random", /* 130 */
>"rng-egd",
> +  "virtio-ccw"
>  );
>  
>  struct _virQEMUCaps {
> @@ -1318,6 +1319,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] 
> = {
>  { "usb-hub", QEMU_CAPS_USB_HUB },
>  { "ich9-ahci", QEMU_CAPS_ICH9_AHCI },
>  { "virtio-blk-s390", QEMU_CAPS_VIRTIO_S390 },
> +{ "virtio-blk-ccw", QEMU_CAPS_VIRTIO_CCW },
>  { "sclpconsole", QEMU_CAPS_SCLP_S390 },
>  { "lsi53c895a", QEMU_CAPS_SCSI_LSI },
>  { "virtio-scsi-pci", QEMU_CAPS_VIRTIO_SCSI_PCI },
> @@ -1338,7 +1340,6 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] 
> = {
>  { "rng-egd", QEMU_CAPS_OBJECT_RNG_EGD },
>  };
>  
> -
>  static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBlk[] = {
>  { "multifunction", QEMU_CAPS_PCI_MULTIFUNCTION },
>  { "bootindex", QEMU_CAPS_BOOTINDEX },
> @@ -1393,6 +1394,10 @@ static struct virQEMUCapsObjectTypeProps 
> virQEMUCapsObjectProps[] = {
>ARRAY_CARDINALITY(virQEMUCapsObjectPropsVirtioBlk) },
>  { "virtio-net-pci", virQEMUCapsObjectPropsVirtioNet,
>ARRAY_CARDINALITY(virQEMUCapsObjectPropsVirtioNet) },
> +{ "virtio-blk-ccw", virQEMUCapsObjectPropsVirtioBlk,
> +  ARRAY_CARDINALITY(virQEMUCapsObjectPropsVirtioBlk) },
> +{ "virtio-net-ccw", virQEMUCapsObjectPropsVirtioNet,
> +  ARRAY_CARDINALITY(virQEMUCapsObjectPropsVirtioNet) },
>  { "virtio-blk-s390", virQEMUCapsObjectPropsVirtioBlk,
>ARRAY_CARDINALITY(virQEMUCapsObjectPropsVirtioBlk) },
>  { "virtio-net-s390", virQEMUCapsObjectPropsVirtioNet,
> diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
> index a895867..5c5dc5a 100644
> --- a/src/qemu/qemu_capabilities.h
> +++ b/src/qemu/qemu_capabilities.h
> @@ -171,6 +171,7 @@ enum virQEMUCapsFlags {
>  QEMU_CAPS_OBJECT_RNG_RANDOM  = 130, /* the rng-random backend for
> virtio rng */
>  QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
> +QEMU_CAPS_VIRTIO_CCW = 132, /* -device virtio-*-ccw */
>  
>  QEMU_CAPS_LAST,   /* this must always be the last item */
>  };
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 201fac1..cc64c17 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -799,6 +799,100 @@ no_memory:
>  return -1;
>  }
>  
> +/* S390 ccw bus support */
> +
> +struct _qemuDomainCCWAddressSet {
> +virHashTablePtr defined;

Too much whitespace   

> +virDomainDeviceCCWAddress next;
> +};
> +
> +static char*
> +qemuCCWAddressAsString(virDomainDeviceCCWAddressPtr addr)
> +{
> +char *addrstr = NULL;
> +
> +if (virAsprintf(&addrstr, "%x.%x.%04x",

Should we zero-pad the first two fields too, or is it common
to only pad the last field in ccw addresses ?

> +addr->cssid,
> +addr->ssid,
> +addr->devno) < 0) {
> +virReportOOMError();
> +return NULL;
> +}
> +
> +return addrstr;
> +}
> +

> -static void
> -qemuDomainAssignS390Addresses(virDomainDefPtr def, virQEMUCapsPtr qemuCaps)
> +static int
> +qemuDomainCCWAddressAllocate(virDomainDefPtr def ATTRIBUTE_UNUSED,
> +   

Re: [libvirt] [PATCHv4 2/5] S390: domain_conf support for CCW

[Daniel P. Berrange]

On Tue, Mar 05, 2013 at 04:44:20PM +0100, Viktor Mihajlovski wrote:
> Add necessary handling code for the new s390 CCW address type to
> virDomainDeviceInfo. Further, introduce  memory management, XML
> parsing, output formatting and range validation for the new
> virDomainDeviceCCWAddress type.
> 
> Signed-off-by: Viktor Mihajlovski 
> ---
> V2 Changes
>  - adapted virDomainDeviceCCWAddressParseXML to handle the new
>set of CCW address attributes
> 
> V4 Changes
>  - replace attribute 'schid' with 'devno', same for CCW address
>field name
> 
>  src/conf/domain_conf.c   |  107 
> +-
>  src/conf/domain_conf.h   |   16 +++
>  src/libvirt_private.syms |1 +
>  3 files changed, 123 insertions(+), 1 deletion(-)

ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv4 1/5] S390: Documentation for CCW address type

[Daniel P. Berrange]

On Tue, Mar 05, 2013 at 04:44:19PM +0100, Viktor Mihajlovski wrote:
> The native bus for s390 I/O is called CCW (channel command word).
> As QEMU has added basic support for the CCW bus, i.e. the
> ability to assign CCW devnos (bus addresses) to devices.
> Domains with the new machine type s390-ccw-virtio can use the
> CCW bus. Currently QEMU will only allow to define virtio
> devices on the CCW bus.
> Here we add the new machine type and the new device address to the
> schema definition and add a new paragraph to the domain XML
> documentation.
> 
> Signed-off-by: Viktor Mihajlovski 
> ---
> V2 Changes
>  - replace single devno attribute with cssid, ssid, schid triple
>in documentation section
>  - add new data ranges for cssid, ssid and schid to domain schema
> 
> V4 Changes
>  - replace attribute 'schid' with 'devno', as this is the technically
>correct term for a user-configurable device bus id.
> 
>  docs/formatdomain.html.in |   14 +++
>  docs/schemas/domaincommon.rng |   52 
> +
>  2 files changed, 66 insertions(+)

ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] Re: understanding managedsave

[Nicolas Sebrecht]

The 13/03/13, Eric Blake wrote:

> TCP QMP connections don't allow you to pass an fd via SCM_RIGHTS; that
> is only possible with a Unix socket.  If you insist on controlling your
> qemu with TCP instead of using libvirt, you'll have to use a slightly
> different approach (such as the exec: protocol instead of the fd:
> protocol as the destination for the qemu migration).

Ah, indeed! I'll switch to the Unix socket, then. :-)

> > Why do a migration instead of QMP stop/memsave?
> 
> Because memsave doesn't save enough information - to restore a guest
> from the same point, qemu needs to save device state in addition to
> memory contents.  The only qemu commands that do this are migration and
> savevm; but savevm has some severe limitations on usability, so our only
> option was to use migration to file.

Ok.

> You can ask libvirt to trace the exact sequence of QMP monitor commands
> that it issues, if that helps.  Run libvirtd with
> LIBVIRT_LOG_FILTERS=1:monitor set in the environment, or with
> log_filters defined in /etc/libvirt/libvirtd.conf (restart libvirtd to
> pick up on conf file changes), and the logs will then include details.
> 
> But in short, libvirt is using 'addfd' to pass a named fd to qemu, then
> using 'migrate' with type 'fd:name' to use that named fd as the target,
> on the save side.  On the restore side, libvirt uses the -incoming
> fd:nnn argument to tell qemu to read the incoming data from a stream.

This is usefull informations. I'll use the libvirt log trick to
trace what's happening.

Thank you very much Eric!

-- 
Nicolas Sebrecht

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v2 4/6] Add API to get the system identity

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

If no user identity is available, some operations may wish to
use the system identity. ie the identity of the current process
itself. Add an API to get such an identity.

Signed-off-by: Daniel P. Berrange 
---
 src/util/viridentity.c | 71 ++
 src/util/viridentity.h |  2 ++
 2 files changed, 73 insertions(+)

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index acb0cb9..1c43081 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -21,6 +21,11 @@
 
 #include 
 
+#include 
+#if HAVE_SELINUX
+# include 
+#endif
+
 #include "internal.h"
 #include "viralloc.h"
 #include "virerror.h"
@@ -28,6 +33,7 @@
 #include "virlog.h"
 #include "virobject.h"
 #include "virthread.h"
+#include "virutil.h"
 
 #define VIR_FROM_THIS VIR_FROM_IDENTITY
 
@@ -116,6 +122,71 @@ int virIdentitySetCurrent(virIdentityPtr ident)
 
 
 /**
+ * virIdentityGetSystem:
+ *
+ * Returns an identity that represents the system itself.
+ * This is the identity that the process is running as
+ *
+ * Returns a reference to the system identity, or NULL
+ */
+virIdentityPtr virIdentityGetSystem(void)
+{
+char *username = NULL;
+char *groupname = NULL;
+char *seccontext = NULL;
+virIdentityPtr ret = NULL;
+gid_t gid = getgid();
+uid_t uid = getuid();
+#if HAVE_SELINUX
+security_context_t con;
+#endif
+
+if (!(username = virGetUserName(uid)))
+goto cleanup;
+if (!(groupname = virGetGroupName(gid)))
+goto cleanup;
+
+#if HAVE_SELINUX
+if (getcon(&con) < 0) {
+virReportSystemError(errno, "%s",
+ _("Unable to lookup SELinux process context"));
+goto cleanup;
+}
+seccontext = strdup(con);
+freecon(con);
+if (!seccontext) {
+virReportOOMError();
+goto cleanup;
+}
+#endif
+
+if (!(ret = virIdentityNew()))
+goto cleanup;
+
+if (username &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_USER_NAME, username) < 
0)
+goto error;
+if (groupname &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, groupname) 
< 0)
+goto error;
+if (seccontext &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_SECURITY_CONTEXT, 
seccontext) < 0)
+goto error;
+
+cleanup:
+VIR_FREE(username);
+VIR_FREE(groupname);
+VIR_FREE(seccontext);
+return ret;
+
+error:
+virObjectUnref(ret);
+ret = NULL;
+goto cleanup;
+}
+
+
+/**
  * virIdentityNew:
  *
  * Creates a new empty identity object. After creating, one or
diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index a13f5ea..b337031 100644
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -41,6 +41,8 @@ typedef enum {
 virIdentityPtr virIdentityGetCurrent(void);
 int virIdentitySetCurrent(virIdentityPtr ident);
 
+virIdentityPtr virIdentityGetSystem(void);
+
 virIdentityPtr virIdentityNew(void);
 
 int virIdentitySetAttr(virIdentityPtr ident,
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v2 2/6] Define internal APIs for managing identities

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

Introduce a local object virIdentity for managing security
attributes used to form a client application's identity.
Instances of this object are intended to be used as if they
were immutable, once created & populated with attributes

Signed-off-by: Daniel P. Berrange 
---
 .gitignore  |   1 +
 include/libvirt/virterror.h |   2 +
 po/POTFILES.in  |   1 +
 src/Makefile.am |   1 +
 src/libvirt_private.syms|   7 ++
 src/util/virerror.c |   7 ++
 src/util/viridentity.c  | 178 
 src/util/viridentity.h  |  60 +++
 tests/Makefile.am   |   5 ++
 tests/viridentitytest.c | 176 +++
 10 files changed, 438 insertions(+)
 create mode 100644 src/util/viridentity.c
 create mode 100644 src/util/viridentity.h
 create mode 100644 tests/viridentitytest.c

diff --git a/.gitignore b/.gitignore
index c918372..68030d5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -180,6 +180,7 @@
 /tests/virdrivermoduletest
 /tests/virendiantest
 /tests/virhashtest
+/tests/viridentitytest
 /tests/virkeyfiletest
 /tests/virlockspacetest
 /tests/virnet*test
diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h
index 4d79620..13b0abf 100644
--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@@ -115,6 +115,7 @@ typedef enum {
 VIR_FROM_SSH = 50,  /* Error from libssh2 connection transport */
 VIR_FROM_LOCKSPACE = 51,/* Error from lockspace */
 VIR_FROM_INITCTL = 52,  /* Error from initctl device communication */
+VIR_FROM_IDENTITY = 53, /* Error from identity code */
 
 # ifdef VIR_ENUM_SENTINELS
 VIR_ERR_DOMAIN_LAST
@@ -288,6 +289,7 @@ typedef enum {
 VIR_ERR_AGENT_UNRESPONSIVE = 86,/* guest agent is unresponsive,
not running or not usable */
 VIR_ERR_RESOURCE_BUSY = 87, /* resource is already in use */
+VIR_ERR_INVALID_IDENTITY = 88,  /* Invalid identity pointer */
 } virErrorNumber;
 
 /**
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 5b5c3c2..07e241f 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -151,6 +151,7 @@ src/util/vireventpoll.c
 src/util/virfile.c
 src/util/virhash.c
 src/util/virhook.c
+src/util/viridentity.c
 src/util/virinitctl.c
 src/util/viriptables.c
 src/util/virjson.c
diff --git a/src/Makefile.am b/src/Makefile.am
index a6cc839..6ba00e8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -83,6 +83,7 @@ UTIL_SOURCES =
\
util/virhash.c util/virhash.h   \
util/virhashcode.c util/virhashcode.h   \
util/virhook.c util/virhook.h   \
+   util/viridentity.c util/viridentity.h   \
util/virinitctl.c util/virinitctl.h \
util/viriptables.c util/viriptables.h   \
util/virjson.c util/virjson.h   \
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 3243416..e636e75 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1287,6 +1287,13 @@ virHookInitialize;
 virHookPresent;
 
 
+# util/viridentity.h
+virIdentityGetAttr;
+virIdentityIsEqual;
+virIdentityNew;
+virIdentitySetAttr;
+
+
 # util/virinitctl.h
 virInitctlSetRunLevel;
 
diff --git a/src/util/virerror.c b/src/util/virerror.c
index 40c3b25..8cb8548 100644
--- a/src/util/virerror.c
+++ b/src/util/virerror.c
@@ -118,6 +118,7 @@ VIR_ENUM_IMPL(virErrorDomain, VIR_ERR_DOMAIN_LAST,
   "SSH transport layer", /* 50 */
   "Lock Space",
   "Init control",
+  "Identity",
 )
 
 
@@ -1213,6 +1214,12 @@ virErrorMsg(virErrorNumber error, const char *info)
 else
 errmsg = _("resource busy %s");
 break;
+case VIR_ERR_INVALID_IDENTITY:
+if (info == NULL)
+errmsg = _("invalid identity");
+else
+errmsg = _("invalid identity %s");
+break;
 }
 return errmsg;
 }
diff --git a/src/util/viridentity.c b/src/util/viridentity.c
new file mode 100644
index 000..7ebf851
--- /dev/null
+++ b/src/util/viridentity.c
@@ -0,0 +1,178 @@
+/*
+ * viridentity.c: helper APIs for managing user identities
+ *
+ * Copyright (C) 2012-2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser G

[libvirt] [PATCH v2 6/6] Set the current client identity during API call dispatch

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

When dispatching an RPC API call, setup the current identity to
hold the identity of the network client associated with the
RPC message being dispatched. The setting is thread-local, so
only affects the API call in this thread

Signed-off-by: Daniel P. Berrange 
---
 src/rpc/virnetserverprogram.c | 12 
 1 file changed, 12 insertions(+)

diff --git a/src/rpc/virnetserverprogram.c b/src/rpc/virnetserverprogram.c
index 414b978..b80923d 100644
--- a/src/rpc/virnetserverprogram.c
+++ b/src/rpc/virnetserverprogram.c
@@ -375,6 +375,7 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
 virNetServerProgramProcPtr dispatcher;
 virNetMessageError rerr;
 size_t i;
+virIdentityPtr identity = NULL;
 
 memset(&rerr, 0, sizeof(rerr));
 
@@ -419,6 +420,12 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr 
prog,
 if (virNetMessageDecodePayload(msg, dispatcher->arg_filter, arg) < 0)
 goto error;
 
+if (!(identity = virNetServerClientGetIdentity(client)))
+goto error;
+
+if (virIdentitySetCurrent(identity) < 0)
+goto error;
+
 /*
  * When the RPC handler is called:
  *
@@ -431,6 +438,9 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
  */
 rv = (dispatcher->func)(server, client, msg, &rerr, arg, ret);
 
+if (virIdentitySetCurrent(NULL) < 0)
+goto error;
+
 /*
  * If rv == 1, this indicates the dispatch func has
  * populated 'msg' with a list of FDs to return to
@@ -481,6 +491,7 @@ virNetServerProgramDispatchCall(virNetServerProgramPtr prog,
 VIR_FREE(arg);
 VIR_FREE(ret);
 
+virObjectUnref(identity);
 /* Put reply on end of tx queue to send out  */
 return virNetServerClientSendMessage(client, msg);
 
@@ -491,6 +502,7 @@ error:
 
 VIR_FREE(arg);
 VIR_FREE(ret);
+virObjectUnref(identity);
 
 return rv;
 }
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v2 5/6] Add ability to get a virIdentity from a virNetServerClientPtr

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

Add APIs which allow creation of a virIdentity from the info
associated with a virNetServerClientPtr instance. This is done
based on the results of client authentication processes like
TLS, x509, SASL, SO_PEERCRED

Signed-off-by: Daniel P. Berrange 
---
 src/libvirt_private.syms |   1 +
 src/rpc/virnetserverclient.c | 112 +++
 src/rpc/virnetserverclient.h |   3 ++
 3 files changed, 116 insertions(+)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index e636e75..6aae909 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -851,6 +851,7 @@ virNetServerClientClose;
 virNetServerClientDelayedClose;
 virNetServerClientGetAuth;
 virNetServerClientGetFD;
+virNetServerClientGetIdentity;
 virNetServerClientGetPrivateData;
 virNetServerClientGetReadonly;
 virNetServerClientGetSecurityContext;
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 40c8173..850f388 100644
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -74,6 +74,9 @@ struct _virNetServerClient
 int sockTimer; /* Timer to be fired upon cached data,
 * so we jump out from poll() immediately */
 
+
+virIdentityPtr identity;
+
 /* Count of messages in the 'tx' queue,
  * and the server worker pool queue
  * ie RPC calls in progress. Does not count
@@ -642,6 +645,113 @@ int 
virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
 }
 
 
+static virIdentityPtr
+virNetServerClientCreateIdentity(virNetServerClientPtr client)
+{
+char *processid = NULL;
+char *username = NULL;
+char *groupname = NULL;
+#if WITH_SASL
+char *saslname = NULL;
+#endif
+char *x509dname = NULL;
+char *seccontext = NULL;
+virIdentityPtr ret = NULL;
+
+if (client->sock && virNetSocketIsLocal(client->sock)) {
+gid_t gid;
+uid_t uid;
+pid_t pid;
+if (virNetSocketGetUNIXIdentity(client->sock, &uid, &gid, &pid) < 0)
+goto cleanup;
+
+if (!(username = virGetUserName(uid)))
+goto cleanup;
+if (!(groupname = virGetGroupName(gid)))
+goto cleanup;
+if (virAsprintf(&processid, "%d", (int)pid) < 0)
+goto cleanup;
+}
+
+#if WITH_SASL
+if (client->sasl) {
+const char *identity = virNetSASLSessionGetIdentity(client->sasl);
+if (identity &&
+!(saslname = strdup(identity))) {
+virReportOOMError();
+goto cleanup;
+}
+}
+#endif
+
+if (client->tls) {
+const char *identity = virNetTLSSessionGetX509DName(client->tls);
+if (identity &&
+!(x509dname = strdup(identity))) {
+virReportOOMError();
+goto cleanup;
+}
+}
+
+if (client->sock &&
+virNetSocketGetSecurityContext(client->sock, &seccontext) < 0)
+goto cleanup;
+
+if (!(ret = virIdentityNew()))
+goto cleanup;
+
+if (username &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_USER_NAME, username) < 
0)
+goto error;
+if (groupname &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_GROUP_NAME, groupname) 
< 0)
+goto error;
+if (processid &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, processid) 
< 0)
+goto error;
+#if HAVE_SASL
+if (saslname &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_SASL_USER_NAME, saslname) < 
0)
+goto error;
+#endif
+if (x509dname &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_X509_DISTINGUISHED_NAME, 
x509dname) < 0)
+goto error;
+if (seccontext &&
+virIdentitySetAttr(ret, VIR_IDENTITY_ATTR_SECURITY_CONTEXT, 
seccontext) < 0)
+goto error;
+
+cleanup:
+VIR_FREE(username);
+VIR_FREE(groupname);
+VIR_FREE(processid);
+VIR_FREE(seccontext);
+#if HAVE_SASL
+VIR_FREE(saslname);
+#endif
+VIR_FREE(x509dname);
+return ret;
+
+error:
+virObjectUnref(ret);
+ret = NULL;
+goto cleanup;
+}
+
+
+virIdentityPtr virNetServerClientGetIdentity(virNetServerClientPtr client)
+{
+virIdentityPtr ret = NULL;
+virObjectLock(client);
+if (!client->identity)
+client->identity = virNetServerClientCreateIdentity(client);
+if (client->identity)
+ret = virObjectRef(client->identity);
+virObjectUnlock(client);
+return ret;
+}
+
+
 int virNetServerClientGetSecurityContext(virNetServerClientPtr client,
  char **context)
 {
@@ -750,6 +860,8 @@ void virNetServerClientDispose(void *obj)
 {
 virNetServerClientPtr client = obj;
 
+virObjectUnref(client->identity);
+
 if (client->privateData &&
 client->privateDataFreeFunc)
 client->privateDataFreeFunc(client->privateData);
diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index f8643f5..b3b8df0 100644
--- a/src/rpc/v

[libvirt] [PATCH v2 3/6] Add APIs for associating a virIdentityPtr with the current thread

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

To allow any internal API to get the current identity, add APIs
to associate a virIdentityPtr with the current thread, via a
thread local

Signed-off-by: Daniel P. Berrange 
---
 src/util/viridentity.c | 59 ++
 src/util/viridentity.h |  3 +++
 2 files changed, 62 insertions(+)

diff --git a/src/util/viridentity.c b/src/util/viridentity.c
index 7ebf851..acb0cb9 100644
--- a/src/util/viridentity.c
+++ b/src/util/viridentity.c
@@ -39,6 +39,7 @@ struct _virIdentity {
 };
 
 static virClassPtr virIdentityClass;
+static virThreadLocal virIdentityCurrent;
 
 static void virIdentityDispose(void *obj);
 
@@ -50,11 +51,69 @@ static int virIdentityOnceInit(void)
  virIdentityDispose)))
 return -1;
 
+if (virThreadLocalInit(&virIdentityCurrent,
+   (virThreadLocalCleanup)virObjectUnref) < 0) {
+virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+   _("Cannot initialize thread local for current 
identity"));
+return -1;
+}
+
 return 0;
 }
 
 VIR_ONCE_GLOBAL_INIT(virIdentity)
 
+/**
+ * virIdentityGetCurrent:
+ *
+ * Get the current identity associated with this thread. The
+ * caller will own a reference to the returned identity, but
+ * must not modify the object in any way, other than to
+ * release the reference when done with virObjectUnref
+ *
+ * Returns: a reference to the current identity, or NULL
+ */
+virIdentityPtr virIdentityGetCurrent(void)
+{
+virIdentityPtr ident;
+
+if (virIdentityOnceInit() < 0)
+return NULL;
+
+ident = virThreadLocalGet(&virIdentityCurrent);
+return virObjectRef(ident);
+}
+
+
+/**
+ * virIdentitySetCurrent:
+ *
+ * Set the new identity to be associated with this thread.
+ * The caller should not modify the passed identity after
+ * it has been set, other than to release its own reference.
+ *
+ * Returns 0 on success, or -1 on error
+ */
+int virIdentitySetCurrent(virIdentityPtr ident)
+{
+virIdentityPtr old;
+
+if (virIdentityOnceInit() < 0)
+return -1;
+
+old = virThreadLocalGet(&virIdentityCurrent);
+virObjectUnref(old);
+
+if (virThreadLocalSet(&virIdentityCurrent,
+  virObjectRef(ident)) < 0) {
+virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+   _("Unable to set thread local identity"));
+return -1;
+}
+
+return 0;
+}
+
 
 /**
  * virIdentityNew:
diff --git a/src/util/viridentity.h b/src/util/viridentity.h
index 5992b1a..a13f5ea 100644
--- a/src/util/viridentity.h
+++ b/src/util/viridentity.h
@@ -38,6 +38,9 @@ typedef enum {
   VIR_IDENTITY_ATTR_LAST,
 } virIdentityAttrType;
 
+virIdentityPtr virIdentityGetCurrent(void);
+int virIdentitySetCurrent(virIdentityPtr ident);
+
 virIdentityPtr virIdentityNew(void);
 
 int virIdentitySetAttr(virIdentityPtr ident,
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH v2 1/6] Add APIs to get at more client security data

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

A socket object has various pieces of security data associated
with it, such as the SELinux context, the SASL username and
the x509 distinguished name. Add new APIs to virNetServerClient
and related modules to access this data.

Signed-off-by: Daniel P. Berrange 
---
 src/libvirt_gnutls.syms  |  2 ++
 src/libvirt_private.syms |  3 +++
 src/libvirt_sasl.syms|  1 +
 src/rpc/virnetserverclient.c | 46 
 src/rpc/virnetserverclient.h |  7 +++
 src/rpc/virnetsocket.c   | 44 ++
 src/rpc/virnetsocket.h   |  2 ++
 src/rpc/virnettlscontext.c   | 18 +
 src/rpc/virnettlscontext.h   |  2 ++
 9 files changed, 125 insertions(+)

diff --git a/src/libvirt_gnutls.syms b/src/libvirt_gnutls.syms
index bd4f950..6eb6741 100644
--- a/src/libvirt_gnutls.syms
+++ b/src/libvirt_gnutls.syms
@@ -13,6 +13,7 @@ virNetServerSetTLSContext;
 
 # rpc/virnetserverclient.h
 virNetServerClientGetTLSKeySize;
+virNetServerClientGetTLSSession;
 virNetServerClientHasTLSSession;
 
 
@@ -33,6 +34,7 @@ virNetTLSContextNewServerPath;
 virNetTLSInit;
 virNetTLSSessionGetHandshakeStatus;
 virNetTLSSessionGetKeySize;
+virNetTLSSessionGetX509DName;
 virNetTLSSessionHandshake;
 virNetTLSSessionNew;
 virNetTLSSessionRead;
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index fbd540a..3243416 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -853,11 +853,13 @@ virNetServerClientGetAuth;
 virNetServerClientGetFD;
 virNetServerClientGetPrivateData;
 virNetServerClientGetReadonly;
+virNetServerClientGetSecurityContext;
 virNetServerClientGetUNIXIdentity;
 virNetServerClientImmediateClose;
 virNetServerClientInit;
 virNetServerClientInitKeepAlive;
 virNetServerClientIsClosed;
+virNetServerClientIsLocal;
 virNetServerClientIsSecure;
 virNetServerClientLocalAddrString;
 virNetServerClientNeedAuth;
@@ -922,6 +924,7 @@ virNetSocketClose;
 virNetSocketDupFD;
 virNetSocketGetFD;
 virNetSocketGetPort;
+virNetSocketGetSecurityContext;
 virNetSocketGetUNIXIdentity;
 virNetSocketHasCachedData;
 virNetSocketHasPassFD;
diff --git a/src/libvirt_sasl.syms b/src/libvirt_sasl.syms
index beb8825..1241884 100644
--- a/src/libvirt_sasl.syms
+++ b/src/libvirt_sasl.syms
@@ -26,6 +26,7 @@ virNetSASLSessionServerStep;
 
 
 # rpc/virnetserverclient.h
+virNetServerClientGetSASLSession;
 virNetServerClientSetSASLSession;
 
 
diff --git a/src/rpc/virnetserverclient.c b/src/rpc/virnetserverclient.c
index 9e519e6..40c8173 100644
--- a/src/rpc/virnetserverclient.c
+++ b/src/rpc/virnetserverclient.c
@@ -587,6 +587,16 @@ bool virNetServerClientHasTLSSession(virNetServerClientPtr 
client)
 return has;
 }
 
+
+virNetTLSSessionPtr virNetServerClientGetTLSSession(virNetServerClientPtr 
client)
+{
+virNetTLSSessionPtr tls;
+virObjectLock(client);
+tls = client->tls;
+virObjectUnlock(client);
+return tls;
+}
+
 int virNetServerClientGetTLSKeySize(virNetServerClientPtr client)
 {
 int size = 0;
@@ -608,6 +618,18 @@ int virNetServerClientGetFD(virNetServerClientPtr client)
 return fd;
 }
 
+
+bool virNetServerClientIsLocal(virNetServerClientPtr client)
+{
+bool local = false;
+virObjectLock(client);
+if (client->sock)
+local = virNetSocketIsLocal(client->sock);
+virObjectUnlock(client);
+return local;
+}
+
+
 int virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
   uid_t *uid, gid_t *gid, pid_t *pid)
 {
@@ -619,6 +641,20 @@ int 
virNetServerClientGetUNIXIdentity(virNetServerClientPtr client,
 return ret;
 }
 
+
+int virNetServerClientGetSecurityContext(virNetServerClientPtr client,
+ char **context)
+{
+int ret = 0;
+*context = NULL;
+virObjectLock(client);
+if (client->sock)
+ret = virNetSocketGetSecurityContext(client->sock, context);
+virObjectUnlock(client);
+return ret;
+}
+
+
 bool virNetServerClientIsSecure(virNetServerClientPtr client)
 {
 bool secure = false;
@@ -651,6 +687,16 @@ void 
virNetServerClientSetSASLSession(virNetServerClientPtr client,
 client->sasl = virObjectRef(sasl);
 virObjectUnlock(client);
 }
+
+
+virNetSASLSessionPtr virNetServerClientGetSASLSession(virNetServerClientPtr 
client)
+{
+virNetSASLSessionPtr sasl;
+virObjectLock(client);
+sasl = client->sasl;
+virObjectUnlock(client);
+return sasl;
+}
 #endif
 
 
diff --git a/src/rpc/virnetserverclient.h b/src/rpc/virnetserverclient.h
index 31414bc..f8643f5 100644
--- a/src/rpc/virnetserverclient.h
+++ b/src/rpc/virnetserverclient.h
@@ -81,21 +81,28 @@ bool virNetServerClientGetReadonly(virNetServerClientPtr 
client);
 
 # ifdef WITH_GNUTLS
 bool virNetServerClientHasTLSSession(virNetServerClientPtr client);
+virNetTLSSessionPtr virNetServerClientGetTLSSession(virNetServerClientPtr 
client);
 int virNetServerClientGetTLS

[libvirt] [PATCH v2 0/6] Identity management APIs for RBAC

[Daniel P. Berrange]

An update of

  https://www.redhat.com/archives/libvir-list/2013-March/msg00186.html

The first two patches are merged and fixes for the other patches
applied.

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Fix query of LXC security label

[Eric Blake]

On 03/12/2013 11:35 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> The virDomainGetSecurityLabel method is currently (mistakenly)
> showing the label of the libvirt_lxc process:
> 
> ...snip...
> Security model: selinux
> Security DOI:   0
> Security label: system_u:system_r:virtd_t:s0-s0:c0.c1023 (permissive)
> 
> when it should be showing the init process label
> 
> ...snip...
> Security model: selinux
> Security DOI:   0
> Security label: system_u:system_r:svirt_t:s0:c724,c995 (permissive)
> ---
>  src/lxc/lxc_driver.c | 10 +-
>  1 file changed, 9 insertions(+), 1 deletion(-)

ACK.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Apply security label when entering LXC namespaces

[Daniel P. Berrange]

On Tue, Mar 12, 2013 at 01:06:59PM -0600, Eric Blake wrote:
> On 03/12/2013 11:28 AM, Daniel P. Berrange wrote:
> > From: "Daniel P. Berrange" 
> > 
> > Add a new virDomainLxcEnterSecurityLabel() function as a
> > counterpart to virDomainLxcEnterNamespaces(), which can
> > change the current calling process to have a new security
> > context. This call runs client side, not in libvirtd
> > so we can't use the security driver infrastructure.
> > 
> > When entering a namespace, the process spawned from virsh
> > will default to running with the security label of virsh.
> > The actual desired behaviour is to run with the security
> > label of the container most of the time. So this changes
> > virsh lxc-enter-namespace command to invoke the
> > virDomainLxcEnterSecurityLabel method.
> > 
> 
> >  include/libvirt/libvirt-lxc.h |  4 ++
> >  python/generator.py   |  1 +
> >  src/libvirt-lxc.c | 96 
> > +++
> >  tools/virsh-domain.c  | 32 +++
> >  4 files changed, 133 insertions(+)
> 
> Missing an entry in src/libvirt_lxc.syms to actually expose the new
> function in the .so.

Applying the following:

diff --git a/src/libvirt_lxc.syms b/src/libvirt_lxc.syms
index b5be18b..ccf1be9 100644
--- a/src/libvirt_lxc.syms
+++ b/src/libvirt_lxc.syms
@@ -15,3 +15,8 @@ LIBVIRT_LXC_1.0.2 {
 virDomainLxcEnterNamespace;
 virDomainLxcOpenNamespace;
 };
+
+LIBVIRT_LXC_1.0.4 {
+global:
+virDomainLxcEnterSecurityLabel;
+} LIBVIRT_LXC_1.0.2;




Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] understanding managedsave

[Eric Blake]

On 03/13/2013 05:32 AM, Nicolas Sebrecht wrote:
> 
> Hi,
> 
> I'm trying to understand how the managedsave and restoration features
> work at the libvirt/qemu level.
> 
> I'd like to write a little python script to reproduce the feature to
> learn how it works. So, I start a kvm guest by hand with
> 
>   qemu-kvm [...] -qmp tcp:localhost:,server
> 
> and connect to the QMP with telnet or the qemu qmp-shell for my tests.

TCP QMP connections don't allow you to pass an fd via SCM_RIGHTS; that
is only possible with a Unix socket.  If you insist on controlling your
qemu with TCP instead of using libvirt, you'll have to use a slightly
different approach (such as the exec: protocol instead of the fd:
protocol as the destination for the qemu migration).

> 
>>From what I've read, libvirt internally does a migration to a file:
> qemuDomainSaveMemory() -> qemuMonitorToFile() -> qemuMonitorMigrateToFd(). 
> 
> 
> Why do a migration instead of QMP stop/memsave?

Because memsave doesn't save enough information - to restore a guest
from the same point, qemu needs to save device state in addition to
memory contents.  The only qemu commands that do this are migration and
savevm; but savevm has some severe limitations on usability, so our only
option was to use migration to file.

> 
> What whould be the whole QMP/Monitor sequence of commands to handle the
> process?

You can ask libvirt to trace the exact sequence of QMP monitor commands
that it issues, if that helps.  Run libvirtd with
LIBVIRT_LOG_FILTERS=1:monitor set in the environment, or with
log_filters defined in /etc/libvirt/libvirtd.conf (restart libvirtd to
pick up on conf file changes), and the logs will then include details.

But in short, libvirt is using 'addfd' to pass a named fd to qemu, then
using 'migrate' with type 'fd:name' to use that named fd as the target,
on the save side.  On the restore side, libvirt uses the -incoming
fd:nnn argument to tell qemu to read the incoming data from a stream.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv5] virtio-rng: Add rate limiting options for virtio-RNG

[Daniel P. Berrange]

On Thu, Mar 07, 2013 at 02:09:50PM +0100, Peter Krempa wrote:
> Qemu's implementation of virtio RNG supports rate limiting of the
> entropy used. This patch exposes the option to tune this functionality.
> 
> This patch is based on qemu commit 904d6f588063fb5ad2b61998acdf1e73fb4
> 
> The rate limiting is exported in the XML as:
> 
>   ...
>   
> 4321

I find it wierd that we're mixing use of attributes with text
content here. I'd expect one style, or the other

eg

  

or

  
1234
5432
  

I prefer the style using attributes myself.

> diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> index 2509193..e19b5c0 100644
> --- a/src/conf/domain_conf.h
> +++ b/src/conf/domain_conf.h
> @@ -1721,6 +1721,8 @@ enum virDomainRNGBackend {
>  struct _virDomainRNGDef {
>  int model;
>  int backend;
> +unsigned int rate; /* bits per period */

Why are we using bits instead of bytes ?  Do we really need to
be able to control this rate with a granularity of bits? It seems
overkill to me

> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 201fac1..c0f8dd2 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -4255,6 +4255,15 @@ qemuBuildRNGDeviceArgs(virCommandPtr cmd,
> 
>  virBufferAsprintf(&buf, "virtio-rng-pci,rng=%s", dev->info.alias);
> 
> +if (dev->rate > 0) {
> +/* qemu uses bytes */
> +virBufferAsprintf(&buf, ",max-bytes=%u", dev->rate / 8);

I expect we need to use  VIR_DIV_UP here ? Though we can avoid
it if we just store bytes ourselves.


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] Use separate symbol file for GNUTLS symbols

[Eric Blake]

On 03/13/2013 07:38 AM, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" 
> 
> A number of symbols are only present when GNUTLS is enabled.
> Thus we must use a separate libvirt_gnutls.syms file for them
> instead of libvirt_private.syms
> 
> Signed-off-by: Daniel P. Berrange 
> ---
>  src/Makefile.am  |  7 +++
>  src/libvirt_gnutls.syms  | 46 ++
>  src/libvirt_private.syms | 23 ---
>  3 files changed, 53 insertions(+), 23 deletions(-)
>  create mode 100644 src/libvirt_gnutls.syms

ACK.

-- 
Eric Blake   eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org



signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv5] virtio-rng: Add rate limiting options for virtio-RNG

[Peter Krempa]

On 03/07/13 14:09, Peter Krempa wrote:

Qemu's implementation of virtio RNG supports rate limiting of the
entropy used. This patch exposes the option to tune this functionality.

This patch is based on qemu commit 904d6f588063fb5ad2b61998acdf1e73fb4

The rate limiting is exported in the XML as:

   ...
   
 4321
 
   
   ...
---


Ping?

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] Use separate symbol file for GNUTLS symbols

[Daniel P. Berrange]

From: "Daniel P. Berrange" 

A number of symbols are only present when GNUTLS is enabled.
Thus we must use a separate libvirt_gnutls.syms file for them
instead of libvirt_private.syms

Signed-off-by: Daniel P. Berrange 
---
 src/Makefile.am  |  7 +++
 src/libvirt_gnutls.syms  | 46 ++
 src/libvirt_private.syms | 23 ---
 3 files changed, 53 insertions(+), 23 deletions(-)
 create mode 100644 src/libvirt_gnutls.syms

diff --git a/src/Makefile.am b/src/Makefile.am
index 60935f4..a6cc839 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1458,6 +1458,12 @@ else
 SYM_FILES += $(srcdir)/libvirt_sasl.syms
 endif
 
+if WITH_GNUTLS
+USED_SYM_FILES += $(srcdir)/libvirt_gnutls.syms
+else
+SYM_FILES += $(srcdir)/libvirt_gnutls.syms
+endif
+
 if WITH_SSH2
 USED_SYM_FILES += $(srcdir)/libvirt_libssh2.syms
 else
@@ -1481,6 +1487,7 @@ EXTRA_DIST += \
   libvirt_openvz.syms  \
   libvirt_qemu.syms\
   libvirt_sasl.syms\
+  libvirt_gnutls.syms  \
   libvirt_vmx.syms \
   libvirt_xenxs.syms   \
   libvirt_libssh2.syms
diff --git a/src/libvirt_gnutls.syms b/src/libvirt_gnutls.syms
new file mode 100644
index 000..bd4f950
--- /dev/null
+++ b/src/libvirt_gnutls.syms
@@ -0,0 +1,46 @@
+#
+# GNUTLS-specific symbols
+#
+
+# rpc/virnetclient.h
+virNetClientGetTLSKeySize;
+virNetClientSetTLSSession;
+
+
+# rpc/virnetserver.h
+virNetServerSetTLSContext;
+
+
+# rpc/virnetserverclient.h
+virNetServerClientGetTLSKeySize;
+virNetServerClientHasTLSSession;
+
+
+# rpc/virnetserverservice.h
+virNetServerServiceGetTLSContext;
+
+
+# rpc/virnetsocket.h
+virNetSocketSetTLSSession;
+
+
+# rpc/virnettlscontext.h
+virNetTLSContextCheckCertificate;
+virNetTLSContextNewClient;
+virNetTLSContextNewClientPath;
+virNetTLSContextNewServer;
+virNetTLSContextNewServerPath;
+virNetTLSInit;
+virNetTLSSessionGetHandshakeStatus;
+virNetTLSSessionGetKeySize;
+virNetTLSSessionHandshake;
+virNetTLSSessionNew;
+virNetTLSSessionRead;
+virNetTLSSessionSetIOCallbacks;
+virNetTLSSessionWrite;
+
+
+# Let emacs know we want case-insensitive sorting
+# Local Variables:
+# sort-fold-case: t
+# End:
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 0e8fcbf..fbd540a 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -762,7 +762,6 @@ virNetClientAddStream;
 virNetClientClose;
 virNetClientDupFD;
 virNetClientGetFD;
-virNetClientGetTLSKeySize;
 virNetClientHasPassFD;
 virNetClientIsEncrypted;
 virNetClientIsOpen;
@@ -784,7 +783,6 @@ virNetClientSendNoReply;
 virNetClientSendWithReply;
 virNetClientSendWithReplyStream;
 virNetClientSetCloseCallback;
-virNetClientSetTLSSession;
 
 
 # rpc/virnetclientprogram.h
@@ -844,7 +842,6 @@ virNetServerPreExecRestart;
 virNetServerQuit;
 virNetServerRemoveShutdownInhibition;
 virNetServerRun;
-virNetServerSetTLSContext;
 virNetServerUpdateServices;
 
 
@@ -856,9 +853,7 @@ virNetServerClientGetAuth;
 virNetServerClientGetFD;
 virNetServerClientGetPrivateData;
 virNetServerClientGetReadonly;
-virNetServerClientGetTLSKeySize;
 virNetServerClientGetUNIXIdentity;
-virNetServerClientHasTLSSession;
 virNetServerClientImmediateClose;
 virNetServerClientInit;
 virNetServerClientInitKeepAlive;
@@ -910,7 +905,6 @@ virNetServerServiceClose;
 virNetServerServiceGetAuth;
 virNetServerServiceGetMaxRequests;
 virNetServerServiceGetPort;
-virNetServerServiceGetTLSContext;
 virNetServerServiceIsReadonly;
 virNetServerServiceNewFD;
 virNetServerServiceNewPostExecRestart;
@@ -952,27 +946,10 @@ virNetSocketRemoteAddrString;
 virNetSocketRemoveIOCallback;
 virNetSocketSendFD;
 virNetSocketSetBlocking;
-virNetSocketSetTLSSession;
 virNetSocketUpdateIOCallback;
 virNetSocketWrite;
 
 
-# rpc/virnettlscontext.h
-virNetTLSContextCheckCertificate;
-virNetTLSContextNewClient;
-virNetTLSContextNewClientPath;
-virNetTLSContextNewServer;
-virNetTLSContextNewServerPath;
-virNetTLSInit;
-virNetTLSSessionGetHandshakeStatus;
-virNetTLSSessionGetKeySize;
-virNetTLSSessionHandshake;
-virNetTLSSessionNew;
-virNetTLSSessionRead;
-virNetTLSSessionSetIOCallbacks;
-virNetTLSSessionWrite;
-
-
 # security/security_driver.h
 virSecurityDriverLookup;
 
-- 
1.8.1.4

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] qemu_driver: Try KVM_CAP_MAX_VCPUS only if defined

[Michal Privoznik]

On 13.03.2013 11:42, Peter Krempa wrote:
> On 03/13/13 11:35, Michal Privoznik wrote:
>> With our recent patch (1715c83b5f) we thrive to get the correct
>> number of maximal VCPUs. However, we are using a constant from
>> linux/kvm.h which may be not defined in every distro. Hence, we
>> should guard usage of the constant with ifdef preprocessor
>> directive.
>> ---
>>   src/qemu/qemu_driver.c | 2 ++
>>   1 file changed, 2 insertions(+)
>>
>> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
>> index de53a1b..c3a8f24 100644
>> --- a/src/qemu/qemu_driver.c
>> +++ b/src/qemu/qemu_driver.c
>> @@ -1122,9 +1122,11 @@ kvmGetMaxVCPUs(void) {
>>   return -1;
>>   }
>>
>> +#ifdef KVM_CAP_MAX_VCPUS
>>   /* at first try KVM_CAP_MAX_VCPUS to determine the maximum count */
>>   if ((ret = ioctl(fd, KVM_CHECK_EXTENSION, KVM_CAP_MAX_VCPUS)) > 0)
>>   goto cleanup;
>> +#endif /* KVM_CAP_MAX_VCPUS */
> 
> Bah. This feature was introduced not so long ago in the linux tree.
> 
> commit 8c3ba334f8588e1d5099f8602cf01897720e0eca
> Author: Sasha Levin 
> Date:   Mon Jul 18 17:17:15 2011 +0300
> 
> KVM: x86: Raise the hard VCPU count limit
> 
> The patch raises the hard limit of VCPU count to 254.
> 
> This will allow developers to easily work on scalability
> and will allow users to test high VCPU setups easily without
> patching the kernel.
> 
> To prevent possible issues with current setups, KVM_CAP_NR_VCPUS
> now returns the recommended VCPU limit (which is still 64) - this
> should be a safe value for everybody, while a new KVM_CAP_MAX_VCPUS
> returns the hard limit which is now 254.
> 
> $ git desc 8c3ba334f
> v3.1-rc7-48-g8c3ba33
>>
>>   /* as a fallback get KVM_CAP_NR_VCPUS (the recommended maximum
>> number of
>>* vcpus). Note that on most machines this is set to 160. */
>>
> 
> ACK the fallback paths are designed gracefully in the function.
> 
> Peter
> 

I've appended the kernel commit message just for case somebody wants to
trace how many kernel releases back we've broken things down and pushed.
:) Thanks!

Michal

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv3 26/27] virCaps: get rid of emulatorRequired

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 02:01:42PM +0100, Peter Krempa wrote:
> On 03/12/13 13:50, Daniel P. Berrange wrote:
> >On Mon, Mar 11, 2013 at 04:06:37PM +0100, Peter Krempa wrote:
> >>This patch removes the emulatorRequired field and associated
> >>infrastructure from the virCaps object. Instead the driver specific
> >>callbacks are used as this field isn't enforced by all drivers.
> >>
> >>This patch implements the appropriate callbacks in the qemu and lxc
> >>driver and moves to check to that location.
> >>---
> >>  src/conf/capabilities.c  | 10 --
> >>  src/conf/capabilities.h  |  7 ---
> >>  src/conf/domain_conf.c   | 16 ++--
> >>  src/conf/domain_conf.h   |  2 ++
> >>  src/libvirt_private.syms |  3 +--
> >>  src/lxc/lxc_conf.c   |  7 +++
> >>  src/lxc/lxc_domain.c | 17 +
> >>  src/lxc/lxc_domain.h |  1 +
> >>  src/qemu/qemu_capabilities.c |  3 ---
> >>  src/qemu/qemu_domain.c   | 15 +++
> >>  tests/lxcxml2xmldata/lxc-hostdev.xml |  1 +
> >>  tests/lxcxml2xmldata/lxc-systemd.xml |  1 +
> >>  12 files changed, 47 insertions(+), 36 deletions(-)
> >>
> 
> [...]
> 
> >>diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> >>index ab66707..0dac95e 100644
> >>--- a/src/conf/domain_conf.h
> >>+++ b/src/conf/domain_conf.h
> >>@@ -2471,4 +2471,6 @@ int virDomainObjListExport(virDomainObjListPtr doms,
> >>  virDomainVcpuPinDefPtr virDomainLookupVcpuPin(virDomainDefPtr def,
> >>int vcpuid);
> >>
> >>+char *virDomainDefDefaultEmulator(virDomainDefPtr def, virCapsPtr caps);
> >
> >s/virDomainDefDefaultEmulator/virDomainDefSetDefaultEmulator) to make it
> >clear that this is a setter function.
> 
> Um, it returns the default emulator as string that is then used to
> fill a field in the domain definition struct. Do you still consider
> that as a setter?

Opps, my mistake.  Add the word 'Get' in there to clarify that instead.


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv3 26/27] virCaps: get rid of emulatorRequired

[Peter Krempa]

On 03/12/13 13:50, Daniel P. Berrange wrote:

On Mon, Mar 11, 2013 at 04:06:37PM +0100, Peter Krempa wrote:

This patch removes the emulatorRequired field and associated
infrastructure from the virCaps object. Instead the driver specific
callbacks are used as this field isn't enforced by all drivers.

This patch implements the appropriate callbacks in the qemu and lxc
driver and moves to check to that location.
---
  src/conf/capabilities.c  | 10 --
  src/conf/capabilities.h  |  7 ---
  src/conf/domain_conf.c   | 16 ++--
  src/conf/domain_conf.h   |  2 ++
  src/libvirt_private.syms |  3 +--
  src/lxc/lxc_conf.c   |  7 +++
  src/lxc/lxc_domain.c | 17 +
  src/lxc/lxc_domain.h |  1 +
  src/qemu/qemu_capabilities.c |  3 ---
  src/qemu/qemu_domain.c   | 15 +++
  tests/lxcxml2xmldata/lxc-hostdev.xml |  1 +
  tests/lxcxml2xmldata/lxc-systemd.xml |  1 +
  12 files changed, 47 insertions(+), 36 deletions(-)



[...]


diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index ab66707..0dac95e 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2471,4 +2471,6 @@ int virDomainObjListExport(virDomainObjListPtr doms,
  virDomainVcpuPinDefPtr virDomainLookupVcpuPin(virDomainDefPtr def,
int vcpuid);

+char *virDomainDefDefaultEmulator(virDomainDefPtr def, virCapsPtr caps);


s/virDomainDefDefaultEmulator/virDomainDefSetDefaultEmulator) to make it
clear that this is a setter function.


Um, it returns the default emulator as string that is then used to fill 
a field in the domain definition struct. Do you still consider that as a 
setter?


Also it was called like this before, I just exported it. Should I still 
change the name?


Peter

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] Adding and Clearing bridge addresses

[Gene Czarcinski]

On 03/12/2013 03:23 PM, Daniel P. Berrange wrote:

On Tue, Mar 12, 2013 at 03:11:56PM -0400, Laine Stump wrote:

On 03/12/2013 01:45 PM, Gene Czarcinski wrote:

I have been working on this patch to have libvirt optionally set
static routes.

So I found the function that adds both IPv4 and IPv6 addresses to the
bridge in virnetdev.c. I found that besides the
virNetDevAddIPv4Address() there is also virNetDevCleanIPv4Address().
I patterned my virNetDevAddGateway() after the
virNetDevAddIPv4Address() function.

What I am puzzled about is that it appears that nobody calls the Clear
function.  What don't I understand?

Probably it's there just for completeness of API.

The thing that I find strange is that these functions include "IPv4" in
their names, in spite of working just as well for IPv6. It's very likely
that if I dig back through the blame history (which won't be simple
since the code has been moved into different files), I'll find that I
originally wrote it (I have a vague memory of it), but don't think I
would purposefully add IPv4 to the names... :-/

The virNetDevGetIPv4Address method uses an ioctl to get the address
and this only works on IPv4 addrs. The intent was to turn the other
two calls into ioctl() calls too, to kill off shell commands.

Setting IPv6 addresses would require netlink usage instead IIRC

I seem to recall some comments in some source code I have browsed in the 
last couple days which stated that ioctl was NOT to be used because it 
could not be guaranteed long term ... I think it was in libvert code but 
it may have been in NetworkManager code.  When you jump around to 
different projects, the details get confusing.


Anyway, I like the way /usr/sbin/ip works because things just seem to 
work.  A couple of things I have learned:


1.  For IPv6 addr and route, the order does not seem to matter and the 
bridge can be offline.


2.  Both IPv4 and IPv6 addr can be done on the offline bridge.

3.  To set an IPv4 static route, the addresses need to be defined and 
the bridge online (IPv6 is not so picky).


4.  You better have the unmasked portion of the address specified zero 
for the route ... that is, it better be a network address rather than a 
host address [I need to add some checks for this rather than letter the 
system issue a cryptic error message]


5.  I have yet to figure out how to test for dhcp, etc. when via is 
defined so that I can issue an error message when it is created/defined 
[the xml is being parsed and read in].


6.  When the xml is being written for an IP definition, I currently 
error out.  A better approach might be to issue an error message and 
suppress writing the xml.  This needs further thought.


7.  I have not come up with any tests.  The only thing that might be 
meaningful is if a bad network definition was created so that it would 
get errors.  I am not sure how to do this with the tests. There might be 
something in the networkxml2xmltest.


I should have something with works real soon and will send the patch up 
for review.


Gene


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] understanding managedsave

[Nicolas Sebrecht]

Hi,

I'm trying to understand how the managedsave and restoration features
work at the libvirt/qemu level.

I'd like to write a little python script to reproduce the feature to
learn how it works. So, I start a kvm guest by hand with

  qemu-kvm [...] -qmp tcp:localhost:,server

and connect to the QMP with telnet or the qemu qmp-shell for my tests.

>From what I've read, libvirt internally does a migration to a file:
qemuDomainSaveMemory() -> qemuMonitorToFile() -> qemuMonitorMigrateToFd(). 


Why do a migration instead of QMP stop/memsave?

What whould be the whole QMP/Monitor sequence of commands to handle the
process?


-- 
Nicolas Sebrecht

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 5/6] LXC: create tty device with proper permission for container

[Daniel P. Berrange]

On Mon, Mar 11, 2013 at 02:26:51PM +0800, Gao feng wrote:
> Since the root user of container may be a normal
> user on host, we should make sure the container
> has rights to use the tty device.
> 
> Signed-off-by: Gao feng 
> ---
>  src/lxc/lxc_controller.c | 8 ++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index c6f8c3b..4715f84 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -1311,6 +1311,7 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
>  char *opts = NULL;
>  char *devpts = NULL;
>  int ret = -1;
> +uid_t uid = 0;
>  
>  if (!root) {
>  if (ctrl->nconsoles != 1) {
> @@ -1367,10 +1368,13 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
>  goto cleanup;
>  }
>  
> +if (ctrl->def->os.userns == VIR_DOMAIN_USER_NS_ENABLED)
> +uid = ctrl->def->os.uidmap.low_first;
> +
>  /* XXX should we support gid=X for X!=5 for distros which use
>   * a different gid for tty?  */
> -if (virAsprintf(&opts, "newinstance,ptmxmode=0666,mode=0620,gid=5%s",
> -(mount_options ? mount_options : "")) < 0) {
> +if (virAsprintf(&opts, 
> "newinstance,ptmxmode=0666,mode=0620,uid=%d,gid=5%s",
> +uid, (mount_options ? mount_options : "")) < 0) {
>  virReportOOMError();
>  goto cleanup;
>  }

This is bogus, if no 'uid' parameter is set for devpts, then the
PTYs that are created automatically get given the uid associated
with the calling process, which is what you want. With this change,
you are hardcoding the 'uid' regardless of what UID the process in
the container is running as, which will break things if any container
process changes its uid. 


Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 3/6] LXC: only mount cgroupfs when userns is disabled

[Daniel P. Berrange]

On Mon, Mar 11, 2013 at 02:26:49PM +0800, Gao feng wrote:
> Since we can't mount cgroupfs in uninit user namespace
> now. only mount cgroupfs when userns is disabled.
> 
> Signed-off-by: Gao feng 
> ---
>  src/lxc/lxc_container.c | 6 --
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index 5c66ae3..92af3e5 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -1979,7 +1979,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr 
> vmDef,
>  
>  /* Now we can re-mount the cgroups controllers in the
>   * same configuration as before */
> -if (lxcContainerMountCGroups(mounts, nmounts,
> +if (vmDef->os.userns != VIR_DOMAIN_USER_NS_ENABLED &&
> +lxcContainerMountCGroups(mounts, nmounts,
>   cgroupRoot, sec_mount_options) < 0)
>  goto cleanup;
>  
> @@ -2087,7 +2088,8 @@ static int lxcContainerSetupExtraMounts(virDomainDefPtr 
> vmDef,
>  
>  /* Now we can re-mount the cgroups controllers in the
>   * same configuration as before */
> -if (lxcContainerMountCGroups(mounts, nmounts,
> +if (vmDef->os.userns != VIR_DOMAIN_USER_NS_ENABLED &&
> +lxcContainerMountCGroups(mounts, nmounts,
>   cgroupRoot, sec_mount_options) < 0)
>  goto cleanup;

I'm not sure that this is the right approach for this. If we can't mount
the cgroups filesystems, then we need preserve the existing mounts from
the host in some way, rather than unmounting them.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [RFC PATCH 4/6] LXC: Creating devices for container on host side

[Daniel P. Berrange]

On Mon, Mar 11, 2013 at 02:26:50PM +0800, Gao feng wrote:
> user namespace doesn't allow to create devices in
> uninit userns. We should create devices on host side.
> 
> Signed-off-by: Gao feng 
> ---
>  src/lxc/lxc_container.c  | 47 +++
>  src/lxc/lxc_controller.c | 83 
> 
>  2 files changed, 94 insertions(+), 36 deletions(-)

We actually need this change independently of user namespaces. Currently
the cgroup devices setup we do allows 'mknod' permission, when it really
ought to be blocked. If we move the setup code into the controller then
we can fix the cgroup devices setup to block mknod too.

> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index 92af3e5..58d6ee5 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -681,22 +681,10 @@ static int lxcContainerMountFSDevPTS(virDomainFSDefPtr 
> root)
>  return rc;
>  }
>  
> -static int lxcContainerPopulateDevices(char **ttyPaths, size_t nttyPaths)
> +static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths)
>  {
>  size_t i;
>  const struct {
> -int maj;
> -int min;
> -mode_t mode;
> -const char *path;
> -} devs[] = {
> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/dev/null" },
> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/dev/zero" },
> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/dev/full" },
> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/dev/random" },
> -{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_URANDOM, 0666, "/dev/urandom" },
> -};
> -const struct {
>  const char *src;
>  const char *dst;
>  } links[] = {
> @@ -706,18 +694,6 @@ static int lxcContainerPopulateDevices(char **ttyPaths, 
> size_t nttyPaths)
>  { "/proc/self/fd", "/dev/fd" },
>  };
>  
> -/* Populate /dev/ with a few important bits */
> -for (i = 0 ; i < ARRAY_CARDINALITY(devs) ; i++) {
> -dev_t dev = makedev(devs[i].maj, devs[i].min);
> -if (mknod(devs[i].path, S_IFCHR, dev) < 0 ||
> -chmod(devs[i].path, devs[i].mode)) {
> -virReportSystemError(errno,
> - _("Failed to make device %s"),
> - devs[i].path);
> -return -1;
> -}
> -}
> -
>  for (i = 0 ; i < ARRAY_CARDINALITY(links) ; i++) {
>  if (symlink(links[i].src, links[i].dst) < 0) {
>  virReportSystemError(errno,
> @@ -737,15 +713,6 @@ static int lxcContainerPopulateDevices(char **ttyPaths, 
> size_t nttyPaths)
>   _("Failed to bind /dev/pts/ptmx on to 
> /dev/ptmx"));
>  return -1;
>  }
> -} else {
> -/* Legacy devpts, so we need to just use shared one */
> -dev_t dev = makedev(LXC_DEV_MAJ_TTY, LXC_DEV_MIN_PTMX);
> -if (mknod("/dev/ptmx", S_IFCHR, dev) < 0 ||
> -chmod("/dev/ptmx", 0666)) {
> -virReportSystemError(errno, "%s",
> - _("Failed to make device /dev/ptmx"));
> -return -1;
> -}
>  }
>  
>  for (i = 0 ; i < nttyPaths ; i++) {
> @@ -1988,8 +1955,8 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr 
> vmDef,
>  if (lxcContainerMountFSDevPTS(root) < 0)
>  goto cleanup;
>  
> -/* Populates device nodes in /dev/ */
> -if (lxcContainerPopulateDevices(ttyPaths, nttyPaths) < 0)
> +/* Setup device nodes in /dev/ */
> +if (lxcContainerSetupDevices(ttyPaths, nttyPaths) < 0)
>  goto cleanup;
>  
>  /* Sets up any non-root mounts from guest config */
> @@ -2306,6 +2273,14 @@ static int lxcContainerChild(void *data)
>  goto cleanup;
>  }
>  
> +/* Wait for controller creating devices for container */
> +if (lxcContainerWaitForContinue(argv->monitor) < 0) {
> +virReportSystemError(errno, "%s",
> + _("Failed to read the container continue 
> message"));
> +goto cleanup;
> +}
> +VIR_DEBUG("Received container continue message, create devices 
> success.");
> +
>  ret = 0;
>  cleanup:
>  VIR_FREE(ttyPath);
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index f17142f..c6f8c3b 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -1092,6 +1092,79 @@ cleanup:
>  }
>  
>  
> +static int virLXCControllerPopulateDevices(virLXCControllerPtr ctrl)
> +{
> +size_t i;
> +char *ptmx = NULL;
> +const struct {
> +int maj;
> +int min;
> +mode_t mode;
> +const char *path;
> +} devs[] = {
> +{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_NULL, 0666, "/dev/null" },
> +{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_ZERO, 0666, "/dev/zero" },
> +{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_FULL, 0666, "/dev/full" },
> +{ LXC_DEV_MAJ_MEMORY, LXC_DEV_MIN_RANDOM, 0666, "/dev/ran

Re: [libvirt] [RFC PATCH 2/6] LXC: introduce virLXCControllerSetupUserns and lxcContainerSetUserns

[Daniel P. Berrange]

On Mon, Mar 11, 2013 at 02:26:48PM +0800, Gao feng wrote:
> This patch introduces new helper function
> virLXCControllerSetupUserns, in this function,
> we set the files uid_map and gid_map of process
> libvirt_lxc.
> 
> lxcContainerSetUserns is used for creating cred for
> tasks running in container. Since after setuid/setgid,
> we may be a new user. This patch calls lxcContainerSetUserns
> at first to make sure the new created files belong to
> right user.
> 
> Signed-off-by: Gao feng 
> ---
>  src/lxc/lxc_container.c  | 55 ++--
>  src/lxc/lxc_controller.c | 66 
> 
>  2 files changed, 107 insertions(+), 14 deletions(-)
> 
> diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
> index 1d7bc1e..5c66ae3 100644
> --- a/src/lxc/lxc_container.c
> +++ b/src/lxc/lxc_container.c
> @@ -329,6 +329,29 @@ int lxcContainerWaitForContinue(int control)
>  
>  
>  /**
> + * lxcContainerSetUserns:
> + *
> + * This function calls setuid and setgid to create proper
> + * cred for tasks running in container.
> + *
> + * Returns 0 on success or -1 in case of error
> + */
> +static int lxcContainerSetUserns(virDomainDefPtr def)
> +{
> +if (def->os.userns != VIR_DOMAIN_USER_NS_ENABLED)
> +return 0;
> +
> +if (virSetUIDGID(def->os.uidmap.first,
> + def->os.gidmap.first) < 0) {
> +virReportSystemError(errno, "%s",
> + _("setuid or setgid failed"));
> +return -1;
> +}
> +
> +return 0;
> +}

I don't see why we should force the init process to have the first
UID in the map. The init process should always start as uid:gid 0:0
regardless of mapping IMHO. If we want a capability to start the
init process as a different uid:gid, then that should involve separate
XML configuration.

> @@ -2221,6 +2244,24 @@ static int lxcContainerChild(void *data)
>  }
>  }
>  
> +if (!virFileExists(vmDef->os.init)) {
> +virReportSystemError(errno,
> +_("cannot find init path '%s' relative to container 
> root"),
> +vmDef->os.init);
> +goto cleanup;
> +}
> +
> +/* Wait for interface devices to show up */
> +if (lxcContainerWaitForContinue(argv->monitor) < 0) {
> +virReportSystemError(errno, "%s",
> + _("Failed to read the container continue 
> message"));
> +goto cleanup;
> +}
> +VIR_DEBUG("Received container continue message");

I don't really see why you're moving these lines - they are unrelated
to user namespaces.

> +
> +if (lxcContainerSetUserns(vmDef) < 0)
> +goto cleanup;
> +
>  VIR_DEBUG("Container TTY path: %s", ttyPath);
>  
>  ttyfd = open(ttyPath, O_RDWR|O_NOCTTY);
> @@ -2236,20 +2277,6 @@ static int lxcContainerChild(void *data)
>  argv->securityDriver) < 0)
>  goto cleanup;
>  
> -if (!virFileExists(vmDef->os.init)) {
> -virReportSystemError(errno,
> -_("cannot find init path '%s' relative to container 
> root"),
> -vmDef->os.init);
> -goto cleanup;
> -}
> -
> -/* Wait for interface devices to show up */
> -if (lxcContainerWaitForContinue(argv->monitor) < 0) {
> -virReportSystemError(errno, "%s",
> - _("Failed to read the container continue 
> message"));
> -goto cleanup;
> -}
> -VIR_DEBUG("Received container continue message");
>  
>  /* rename and enable interfaces */
>  if (lxcContainerRenameAndEnableInterfaces(!!(vmDef->features &
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index 15aa334..f17142f 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -1028,6 +1028,69 @@ cleanup2:
>  }
>  
>  
> +/**
> + * virLXCControllerSetupUserns
> + *
> + * Set proc files for user namespace
> + *
> + * Returns 0 on success or -1 in case of error
> + */
> +static int virLXCControllerSetupUserns(virLXCControllerPtr ctrl)
> +{
> +char *uid_map = NULL;
> +char *gid_map = NULL;
> +char *uidmap_value = NULL;
> +char *gidmap_value = NULL;
> +int ret = -1;
> +
> +if (ctrl->def->os.userns != VIR_DOMAIN_USER_NS_ENABLED)
> +return 0;
> +
> +if (virAsprintf(&uid_map, "/proc/%d/uid_map", ctrl->initpid) < 0)
> +goto cleanup;
> +
> +if (virAsprintf(&gid_map, "/proc/%d/gid_map", ctrl->initpid) < 0)
> +goto cleanup;
> +
> +if (virAsprintf(&uidmap_value, "%u %u %u",
> +ctrl->def->os.uidmap.first,
> +ctrl->def->os.uidmap.low_first,
> +ctrl->def->os.uidmap.count) < 0)
> +goto cleanup;
> +
> +if (virAsprintf(&gidmap_value, "%u %u %u",
> +ctrl->def->os.gidmap.first,
> +ctrl->def->os.gidmap.low_first,
> +ctrl->def->os.gidmap.count) < 0

Re: [libvirt] [RFC PATCH 1/6] LXC: New XML element for user namespace

[Daniel P. Berrange]

On Mon, Mar 11, 2013 at 02:26:47PM +0800, Gao feng wrote:
> This patch introduces three new elements in  for
> user namespace. for example
> 
> 
> 
> 
> 
> 
> this new element userns is used for controlling if enable
> userns for the domain.

We've previously used the  block to control whether
namespaces are enabled. So I'd prefer to see that we use
a '' feature flag for this purpose.

> the other two elements uidmap and gidmap are used for
> setting proc files /proc//{uid_map,gid_map}.

There can be many entries per maps, so we should be grouping
them in some way. I don't think they belong inside  since
that is about the guest boot mechanism.

Instead we want something like

   
  
  
  
  
   


If a  element is present, then we should automatically
set the  feature flag during parsing, if not already
set by the user.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] failed to mount cgroup

[Yin Olivia-R63875]

Exactly, the mount point could also be /cgroup. The difference is the mount 
type.

Scenario 1 could work with both libvirt-0.10.x and higher version.
Scenario 2 could work with libvirt-0.10.x but failed with higher version.

What's limitation with 'mount -t cgroup cgroup /cgroup'?

1.
# mount -t tmpfs cgroup /cgroup
# mkdir /cgroup/{freezer,devices,memory,cpuacct,cpuset}
# mount -t cgroup -ofreezer cgroup /cgroup/freezer
# mount -t cgroup -odevices cgroup /cgroup/devices
# mount -t cgroup -omemory cgroup /cgroup/memory
# mount -t cgroup -ocpuacct cgroup /cgroup/cpuacct
# mount -t cgroup -ocpuset cgroup /cgroup/cpuset

# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / ext2 rw,relatime 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /dev tmpfs rw,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
tmpfs /var/volatile tmpfs rw,relatime 0 0
tmpfs /media/ram tmpfs rw,relatime 0 0
cgroup /cgroup tmpfs rw,relatime 0 0
cgroup /cgroup/freezer cgroup rw,relatime,freezer 0 0
cgroup /cgroup/devices cgroup rw,relatime,devices 0 0
cgroup /cgroup/memory cgroup rw,relatime,memory 0 0
cgroup /cgroup/cpuacct cgroup rw,relatime,cpuacct 0 0
cgroup /cgroup/cpuset cgroup rw,relatime,cpuset 0 0

# mount
rootfs on / type rootfs (rw)
/dev/root on / type ext2 (rw,relatime)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev type tmpfs (rw,relatime,mode=755)
devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /var/volatile type tmpfs (rw,relatime)
tmpfs on /media/ram type tmpfs (rw,relatime)
cgroup on /cgroup type tmpfs (rw,relatime)
cgroup on /cgroup/freezer type cgroup (rw,relatime,freezer)
cgroup on /cgroup/devices type cgroup (rw,relatime,devices)
cgroup on /cgroup/memory type cgroup (rw,relatime,memory)
cgroup on /cgroup/cpuacct type cgroup (rw,relatime,cpuacct)
cgroup on /cgroup/cpuset type cgroup (rw,relatime,cpuset)

# cat /proc/cgroups
#subsys_namehierarchy   num_cgroups enabled
cpuset  6   1   1
cpuacct 5   1   1
memory  4   1   1
devices 3   1   1
freezer 2   1   1


2. 
# mkdir /cgroup
# mount -t cgroup cgroup /cgroup

# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / ext2 rw,relatime 0 0
proc /proc proc rw,relatime 0 0
sysfs /sys sysfs rw,relatime 0 0
none /dev tmpfs rw,relatime,mode=755 0 0
devpts /dev/pts devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
tmpfs /var/volatile tmpfs rw,relatime 0 0
tmpfs /media/ram tmpfs rw,relatime 0 0
cgroup /cgroup cgroup rw,relatime,freezer,devices,memory,cpuacct,cpuset 0 0

# mount
rootfs on / type rootfs (rw)
/dev/root on / type ext2 (rw,relatime)
proc on /proc type proc (rw,relatime)
sysfs on /sys type sysfs (rw,relatime)
none on /dev type tmpfs (rw,relatime,mode=755)
devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /var/volatile type tmpfs (rw,relatime)
tmpfs on /media/ram type tmpfs (rw,relatime)
cgroup on /cgroup type cgroup 
(rw,relatime,freezer,devices,memory,cpuacct,cpuset)

# cat /proc/cgroups
#subsys_namehierarchy   num_cgroups enabled
cpuset  1   1   1
cpuacct 1   1   1
memory  1   1   1
devices 1   1   1
freezer 1   1   1

Best Regards,
Olivia

> -Original Message-
> From: Gao feng [mailto:gaof...@cn.fujitsu.com]
> Sent: Thursday, March 07, 2013 4:58 PM
> To: Yin Olivia-R63875
> Cc: libvir-list@redhat.com
> Subject: Re: [libvirt] failed to mount cgroup
> 
> On 2013/03/07 16:45, Yin Olivia-R63875 wrote:
> > cgroup on /sys/fs/cgroup type cgroup
> (rw,relatime,freezer,devices,memory,cpuacct,cpuset)
> 
> If you prefer to mount these subsystems together.
> you should try below steps:
> 
> mkdir /sys/fs/cgroup/freezer,devices,memory,cpuacct,cpuset
> 
> mount -t cgroup -ofreezer,devices,memory,cpuacct,cpuset cgroup
> /sys/fs/cgroup/freezer,devices,memory,cpuacct,cpuset
> 
> Key is the name of mount point should equal to the cgroup subsystems.



--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCH] qemu_driver: Try KVM_CAP_MAX_VCPUS only if defined

[Peter Krempa]

On 03/13/13 11:35, Michal Privoznik wrote:

With our recent patch (1715c83b5f) we thrive to get the correct
number of maximal VCPUs. However, we are using a constant from
linux/kvm.h which may be not defined in every distro. Hence, we
should guard usage of the constant with ifdef preprocessor
directive.
---
  src/qemu/qemu_driver.c | 2 ++
  1 file changed, 2 insertions(+)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index de53a1b..c3a8f24 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1122,9 +1122,11 @@ kvmGetMaxVCPUs(void) {
  return -1;
  }

+#ifdef KVM_CAP_MAX_VCPUS
  /* at first try KVM_CAP_MAX_VCPUS to determine the maximum count */
  if ((ret = ioctl(fd, KVM_CHECK_EXTENSION, KVM_CAP_MAX_VCPUS)) > 0)
  goto cleanup;
+#endif /* KVM_CAP_MAX_VCPUS */


Bah. This feature was introduced not so long ago in the linux tree.

commit 8c3ba334f8588e1d5099f8602cf01897720e0eca
Author: Sasha Levin 
Date:   Mon Jul 18 17:17:15 2011 +0300

KVM: x86: Raise the hard VCPU count limit

The patch raises the hard limit of VCPU count to 254.

This will allow developers to easily work on scalability
and will allow users to test high VCPU setups easily without
patching the kernel.

To prevent possible issues with current setups, KVM_CAP_NR_VCPUS
now returns the recommended VCPU limit (which is still 64) - this
should be a safe value for everybody, while a new KVM_CAP_MAX_VCPUS
returns the hard limit which is now 254.

$ git desc 8c3ba334f
v3.1-rc7-48-g8c3ba33


  /* as a fallback get KVM_CAP_NR_VCPUS (the recommended maximum number of
   * vcpus). Note that on most machines this is set to 160. */



ACK the fallback paths are designed gracefully in the function.

Peter

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

[libvirt] [PATCH] qemu_driver: Try KVM_CAP_MAX_VCPUS only if defined

[Michal Privoznik]

With our recent patch (1715c83b5f) we thrive to get the correct
number of maximal VCPUs. However, we are using a constant from
linux/kvm.h which may be not defined in every distro. Hence, we
should guard usage of the constant with ifdef preprocessor
directive.
---
 src/qemu/qemu_driver.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index de53a1b..c3a8f24 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -1122,9 +1122,11 @@ kvmGetMaxVCPUs(void) {
 return -1;
 }
 
+#ifdef KVM_CAP_MAX_VCPUS
 /* at first try KVM_CAP_MAX_VCPUS to determine the maximum count */
 if ((ret = ioctl(fd, KVM_CHECK_EXTENSION, KVM_CAP_MAX_VCPUS)) > 0)
 goto cleanup;
+#endif /* KVM_CAP_MAX_VCPUS */
 
 /* as a fallback get KVM_CAP_NR_VCPUS (the recommended maximum number of
  * vcpus). Note that on most machines this is set to 160. */
-- 
1.8.1.5

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] Consultation of the patch "util: Prepare helpers for unpriv_sgio setting"

[yuxh]

On 03/13/2013 03:41 PM, Osier Yang wrote:

On 2013年03月13日 15:38, Osier Yang wrote:

On 2013年03月13日 15:20, yuxh wrote:

On 03/13/2013 11:33 AM, Osier Yang wrote:

On 2013年03月13日 11:04, yuxh wrote:

To Osier Yang

Sorry for disturbing you on the working time, but I really need your
help.
I met a problem when I do the virtualization test on the 
environment of

(Host: RHEL6.4GA. Guest: RHEL6.4GA) and it seems to have relationship
with your patch of "util: Prepare helpers for unpriv_sgio setting".


Never mind, it's the bug I produced. :(



I added a disk to virtio-scsi bus through the VM's XML file like 
this:








Then when I started the VM, I met the error.
[root@build SOURCES]# virsh start pan64ga
error: Failed to start domain pan64ga
error: Unable to get minor number of device '/mnt/test.raw': Invalid
argument

[root@build SOURCES]#

I tried other source files and other way of using if and I found:
1). If we use the files which format is raw, qed and qcow2 as the 
disk

this error occur again.
2). If we use partition(such as /dev/sdb1) or whole disk(such as
/dev/sdb) this error doesn't occur.
3). If we delete the "" then files, partition and disk 
all

can be used correctly.

And I investigate the error msg. it is returned by 
qemuGetSharedDiskKey

fuction.
char *
qemuGetSharedDiskKey(const char *disk_path)
{
...
// error occur here. return value is -22
if ((rc = virGetDeviceID(disk_path, &maj, &min)) < 0) {
virReportSystemError(-rc,
_("Unable to get minor number of device '%s'"),
disk_path);
return NULL;
}
...
}

Go on the virGetDeviceID fuction:
int
virGetDeviceID(const char *path, int *maj, int *min)
{
...

if (!S_ISBLK(sb.st_mode)) {
VIR_FREE(canonical_path);
return -EINVAL; // error occur here and it return -22
}
...
}

So the error occur place is "S_ISBLK(sb.st_mode)" and I tried 
compiled
the libvirt with these lines deleted and the error didn't happen 
again.

Also I checked the disk if VM and it worked well.
I found this fuction virGetDeviceID is come from your patch of "util:
Prepare helpers for unpriv_sgio setting". But I am not familiar with
libvirt.
So I have to consult with you about whether this "S_ISBLK" check is
vital and If we can delete it or
find out some method to avoid this error so we can use the file as
shared disk in VM.



Sorry, I have tried the the libvirt's upstream code and it still have
this error.
According to the code, if we use " "
and " " to set the disk's configuration in VM's XML 
file, it

will go through like below:

int
qemuAddSharedDisk(virQEMUDriverPtr driver,
virDomainDiskDefPtr disk,
const char *name)
{ ...
if (!(key = qemuGetSharedDiskKey(disk->src)))
goto cleanup;
...
}

char *
qemuGetSharedDiskKey(const char *disk_path)
{
...
if ((rc = virGetDeviceID(disk_path, &maj, &min)) < 0) {
virReportSystemError(-rc,
_("Unable to get minor number of device '%s'"),
disk_path);
return NULL;
}
...
}

int
virGetDeviceID(const char *path, int *maj, int *min)
{
struct stat sb;

if (stat(path, &sb) < 0)
return -errno;

if (!S_ISBLK(sb.st_mode))
return -EINVAL;

if (maj)
*maj = major(sb.st_rdev);
if (min)
*min = minor(sb.st_rdev);

return 0;
}

To make a long story short, the virGetDeviceID fuction want to get the
maj and min number of the source file which we provided as the VM's
disk. But the file such as /mnt/test.raw doesn't have the maj and min
number.
So virGetDeviceID return " -EINVAL" and qemuGetSharedDiskKey print the
error message of "Unable to get minor number of device /mnt/test.raw".
That's the reason the VM can't be started.
So I just want to know now, if the way I used a file to act as VM's 
disk

and set "" , " " at the
same time is reasonable.


Hum, sorry I didn't read your problem carefully. But...

It's not reasonable. As the disk source you use is /mnt/test.raw, I
believe it's not a block device. However, you used disk type='block'.
Libvirt honors what you specified, and tries to grab the device IDs
of the disk source (it expects the disk source is block, but it's not).

Regards,
Osier

Thank you for your explanation.
But I can use the disk source of /mnt/test.raw when disk type='block' 
when the " " is not set. And the error come only when 
" " is set at the same time.
So if when type='block' is set, the disk source mush be block device, I 
think there need to add some
code in high level to implement this restrict not only when 
" " is set.



Thanks
yuxh


--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list






--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [PATCHv3] audit: Audit resources used by VirtIO RNG

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote:
> This patch adds auditing of resources used by Virtio RNG devices. Only
> resources on the local filesystems are audited.
> 
> The audit logs look like:
> 
> For the 'random' backend:
> type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 
> auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start 
> vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" 
> new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" 
> hostname=? addr=? terminal=pts/0 res=success'
> 
> For local character device source:
> type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 
> auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start 
> vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" 
> new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" 
> hostname=? addr=? terminal=pts/0 res=success'
> ---
> 
> Notes:
> Version 3:
> - don't log non-local resources for EGD backend
> - change order of blocks of code to optimize
> 
> Version 2:
> - log also EGD backends
> - add example of audit message to commit message
> 
>  src/conf/domain_audit.c | 120 
> 
>  1 file changed, 120 insertions(+)


ACK, but wait 1 more day to give Steve Grubb a chance to
raise any issues before pushing.

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list

Re: [libvirt] [libvirt-sandbox][PATCH] docs: correct libvirt sandbox command naming

[Daniel P. Berrange]

On Wed, Mar 13, 2013 at 04:51:14PM +0800, Alex Jia wrote:
> 
> Signed-off-by: Alex Jia 
> ---
>  docs/testing.txt |   12 ++--
>  1 files changed, 6 insertions(+), 6 deletions(-)

ACK

Daniel
-- 
|: http://berrange.com  -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org  -o- http://virt-manager.org :|
|: http://autobuild.org   -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org   -o-   http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list