[libvirt] [libvirt-sandbox][PATCH] Docs: fix typos in IPv6 address
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c |2 +- libvirt-sandbox/libvirt-sandbox-config.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 9becd07..69d1e62 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -352,7 +352,7 @@ specifies the broadcast address. Some examples address=192.168.122.1/24 address=192.168.122.1/24%192.168.122.255 - address=2001:212::204.2/64 + address=2001:212::204:2/64 =item route=IP-NETWORK/PREFIX%GATEWAY diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..90217f1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -825,7 +825,7 @@ GList *gvir_sandbox_config_get_networks(GVirSandboxConfig *config) * * dhcp * address=192.168.122.1/24%192.168.122.255; - * address=192.168.122.1/24%192.168.122.255;address=2001:212::204.2/64 + * address=192.168.122.1/24%192.168.122.255;address=2001:212::204:2/64 * route=192.168.122.255/24%192.168.1.1 */ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Fix a copypaste error for virsh dump help
Signed-off-by: Yanbing Du y...@redhat.com
---
tools/virsh-domain.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index ab90f58..aa45e72 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -4358,7 +4358,7 @@ static const vshCmdOptDef opts_dump[] = {
{.name = bypass-cache,
.type = VSH_OT_BOOL,
.flags = 0,
- .help = N_(avoid file system cache when saving)
+ .help = N_(avoid file system cache when dumping)
},
{.name = reset,
.type = VSH_OT_BOOL,
--
1.7.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix a copypaste error for virsh dump help
On 2013年03月15日 15:40, Yanbing Du wrote:
Signed-off-by: Yanbing Duy...@redhat.com
---
tools/virsh-domain.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index ab90f58..aa45e72 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -4358,7 +4358,7 @@ static const vshCmdOptDef opts_dump[] = {
{.name = bypass-cache,
.type = VSH_OT_BOOL,
.flags = 0,
- .help = N_(avoid file system cache when saving)
+ .help = N_(avoid file system cache when dumping)
},
{.name = reset,
.type = VSH_OT_BOOL,
ACK and pushed.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: fix typos in IPv6 address
On 2013年03月15日 15:23, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c |2 +- libvirt-sandbox/libvirt-sandbox-config.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 9becd07..69d1e62 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -352,7 +352,7 @@ specifies the broadcast address. Some examples address=192.168.122.1/24 address=192.168.122.1/24%192.168.122.255 - address=2001:212::204.2/64 + address=2001:212::204:2/64 =item route=IP-NETWORK/PREFIX%GATEWAY diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..90217f1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -825,7 +825,7 @@ GList *gvir_sandbox_config_get_networks(GVirSandboxConfig *config) * * dhcp * address=192.168.122.1/24%192.168.122.255; - * address=192.168.122.1/24%192.168.122.255;address=2001:212::204.2/64 + * address=192.168.122.1/24%192.168.122.255;address=2001:212::204:2/64 * route=192.168.122.255/24%192.168.1.1 */ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, ACK, Please push. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2 2/2] json: add test for virJSONValueFromStream function
Signed-off-by: Dmitry Guryanov dgurya...@parallels.com
---
tests/jsontest.c | 205 -
1 files changed, 201 insertions(+), 4 deletions(-)
diff --git a/tests/jsontest.c b/tests/jsontest.c
index 98a6069..107d772 100644
--- a/tests/jsontest.c
+++ b/tests/jsontest.c
@@ -4,14 +4,23 @@
#include stdlib.h
#include string.h
#include time.h
+#include unistd.h
+#include poll.h
+#include signal.h
+#include sched.h
#include internal.h
#include virjson.h
#include testutils.h
+#include vircommand.h
+#include virprocess.h
+#include virtime.h
+#include virfile.h
struct testInfo {
const char *doc;
bool pass;
+size_t chunk;
};
@@ -53,21 +62,185 @@ cleanup:
return ret;
}
+ATTRIBUTE_NORETURN static int
+testJSONReadProcess(int fd, int finishFd)
+{
+int n = 0;
+int exitcode = EXIT_FAILURE;
+virJSONValuePtr v;
+virJSONStreamParserState state;
+int x;
+
+if (safewrite(finishFd, , 1) != 1) {
+if (virTestGetVerbose())
+perror(write);
+_exit(exitcode);
+}
+/* There must be exactly two objects, each must have valid
+ * field with integer value */
+
+memset(state, 0, sizeof(state));
+while (1) {
+v = virJSONValueFromStream(fd, state);
+
+if (v == (void *)-1) {
+if (virTestGetVerbose())
+fprintf(stderr, virJSONValueFromStream returned error\n);
+goto cleanup;
+}
+
+if (v == 0)
+break;
+
+n++;
+
+if (virJSONValueObjectGetNumberInt(v, valid, x) 0) {
+if (virTestGetVerbose())
+fprintf(stderr, Parsed value in object %d doesn't have
+'valid' integer field\n, n);
+goto cleanup;
+}
+}
+
+if (n != 2) {
+if (virTestGetVerbose())
+fprintf(stderr, Invalid number of objects: %d, must be 2\n, n);
+} else {
+exitcode = EXIT_SUCCESS;
+}
+
+cleanup:
+if (safewrite(finishFd, , 1) != 1) {
+if (virTestGetVerbose())
+perror(write);
+_exit(exitcode);
+}
+
+VIR_FORCE_CLOSE(fd);
+VIR_FORCE_CLOSE(finishFd);
+_exit(exitcode);
+}
+
+/*
+ * This test creates a separate process, which reads JSON data
+ * from a pipe with help of virJSONValueFromStream function. It expects
+ * 2 objects, each must have 'valid' integer key. Parent process writes
+ * data to the pipe and handles child exit code.
+ */
+static int
+testJSONFromStream(const void *data)
+{
+struct testInfo *info = (struct testInfo *)data;
+int ret = -1;
+int pret;
+int pipefd[2];
+int wpipefd[2];
+ssize_t w;
+pid_t pid;
+struct pollfd pollfd;
+int status;
+size_t docLen, i;
+char c;
+
+if (pipe(pipefd) 0) {
+if (virTestGetVerbose())
+perror(pipe);
+return -1;
+}
+
+if (pipe(wpipefd) 0) {
+if (virTestGetVerbose())
+perror(pipe);
+goto cleanup;
+}
+
+if (virFork(pid) 0) {
+if (virTestGetVerbose())
+perror(fork);
+goto cleanup2;
+}
+
+if (pid == 0) {
+VIR_FORCE_CLOSE(pipefd[1]);
+VIR_FORCE_CLOSE(wpipefd[0]);
+testJSONReadProcess(pipefd[0], wpipefd[1]);
+/* couldn't be reached */
+}
+
+/* write test data */
+docLen = strlen(info-doc);
+
+if (read(wpipefd[0], c, 1) 0) {
+if (virTestGetVerbose())
+perror(read);
+goto cleanup2;
+}
+
+for (i = 0; i docLen; i += info-chunk) {
+size_t len = i + info-chunk = docLen ? info-chunk : docLen %
info-chunk;
+
+w = safewrite(pipefd[1], info-doc + i * info-chunk, len);
+if (w 0) {
+if (virTestGetVerbose())
+perror(write);
+goto cleanup2;
+}
+
+if (w len) {
+if (virTestGetVerbose())
+fprintf(stderr, Couldn't write entire json string to the
pipe\n);
+goto cleanup2;
+}
+
+sched_yield();
+}
+
+VIR_FORCE_CLOSE(pipefd[1]);
+
+/* wait for read process */
+pollfd.fd = wpipefd[0];
+pollfd.events = POLLIN;
+
+pret = poll(pollfd, 1, 1000);
+if (pret 0) {
+if (virTestGetVerbose())
+perror(poll);
+goto cleanup2;
+}
+
+if (pret == 0) {
+if (virTestGetVerbose())
+fprintf(stderr, timeout reached\n);
+virProcessKill(pid, SIGTERM);
+}
+
+if (virProcessWait(pid, status) == 0 !WIFSIGNALED(status)
+ WEXITSTATUS(status) == 0)
+ret = 0;
+
+cleanup2:
+VIR_FORCE_CLOSE(wpipefd[0]);
+VIR_FORCE_CLOSE(wpipefd[1]);
+cleanup:
+VIR_FORCE_CLOSE(pipefd[0]);
+VIR_FORCE_CLOSE(pipefd[1]);
+return ret;
+}
static int
mymain(void)
{
int ret = 0;
-#define DO_TEST_FULL(name, cmd, doc, pass) \
+#define DO_TEST_FULL(name, cmd, doc, pass,
[libvirt] [PATCH v2 1/2] json: add stream parser
Add function virJSONValueFromStream, which reads data from
a stream and passes it to json parser. When end of the object
is reached, it returns this object.
To avoid reading from the stream by single bytes it reads to
a buffer (in a structure virJSONStreamParserState), which should
be passed to a consequent call of this function. So if the end
of one object and the beginning of the next object have been
read by a single system call - virJSONValueFromStream handle
it correctly.
example of usage:
virJSONValuePtr v;
virJSONStreamParserState state;
memset(state, 0, sizeof(state));
while (1) {
v = virJSONValueFromStream(mon-fd, state);
if (v == (void *)-1)
/* error */
break;
if (v == NULL)
/* file descriptor has been closed */
break;
/* handle object 'v' */
}
I need such function for the parallels driver. It caches info
about domains and needs some mechanism to update this cache.
There is a prlsrvctl monitor command which waits for events
forever and prints info about events to stdout in json format.
So parallels driver could start separate thread which will
read from prlsrvctl's stdout and update cache accordingly.
There is the same task in qemu_monitor_json, but each json object
is printed in a separate line there. It's not possible in my case,
because some fields could have line endings.
Signed-off-by: Dmitry Guryanov dgurya...@parallels.com
---
Changes:
* add function to virJSONValueFromStream
* fix bug with returning object which ends just
before end of file
* fix bug with handling objects without any characters
between then, when each read returns data for one entire
object.
src/libvirt_private.syms |1 +
src/util/virjson.c | 110 ++
src/util/virjson.h |8 +++
3 files changed, 119 insertions(+), 0 deletions(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5cad990..567055c 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1320,6 +1320,7 @@ virJSONValueArrayGet;
virJSONValueArraySize;
virJSONValueFree;
virJSONValueFromString;
+virJSONValueFromStream;
virJSONValueGetBoolean;
virJSONValueGetNumberDouble;
virJSONValueGetNumberInt;
diff --git a/src/util/virjson.c b/src/util/virjson.c
index e6a3b1b..731293f 100644
--- a/src/util/virjson.c
+++ b/src/util/virjson.c
@@ -990,6 +990,116 @@ cleanup:
return ret;
}
+/*
+ * Read single JSON object from the stream. Store data, which
+ * have already been read from the stream, but belongs to the
+ * next object to the virJSONStreamParserState structure. So that
+ * consequent call to this function will parse it and return that
+ * object.
+ *
+ * @fd: file descriptor, opened for reading
+ * @state: pointer to the structure with buffer for data, read from fd.
+ *
+ * Return (void *)-1 in case of error, NULL when eof reached,
+ * pointer to the virJSONValuePtr in case of success.
+ */
+
+virJSONValuePtr virJSONValueFromStream(int fd, virJSONStreamParserStatePtr
state)
+{
+yajl_handle hand;
+virJSONParser parser = { NULL, NULL, 0 };
+virJSONValuePtr value = (void *)-1;
+# ifndef WITH_YAJL2
+yajl_parser_config cfg = { 1, 1 };
+# endif
+ssize_t len;
+int ret = 0;
+bool done = false;
+
+# ifdef WITH_YAJL2
+hand = yajl_alloc(parserCallbacks, NULL, parser);
+if (hand) {
+yajl_config(hand, yajl_allow_comments, 1);
+yajl_config(hand, yajl_dont_validate_strings, 0);
+yajl_config(hand, yajl_allow_trailing_garbage, 1);
+}
+# else
+hand = yajl_alloc(parserCallbacks, cfg, NULL, parser);
+# endif
+if (!hand) {
+virReportError(VIR_ERR_INTERNAL_ERROR, %s,
+ _(Unable to create JSON parser));
+goto cleanup;
+}
+
+do {
+if (strlen(state-buf[state-pos]) == 0) {
+state-pos = 0;
+memset(state-buf, 0, sizeof(state-buf));
+len = read(fd, state-buf, sizeof(state-buf) - 1);
+
+if (len 0) {
+virReportSystemError(errno, _(cannot read from fd '%d'), fd);
+virJSONValueFree(parser.head);
+goto cleanup;
+}
+
+if (len == 0) {
+value = parser.head;
+goto cleanup;
+}
+}
+
+for (;state-pos strlen(state-buf); state-pos++) {
+unsigned char *buf = (unsigned char *)state-buf[state-pos];
+/*
+ * New yaml library has useful function yajl_get_bytes_consumed
+ * which allows parsing by larger chunks. But rhel-6 has 1.0.7
+ * version, which doesn't have it.
+ */
+ret = yajl_parse(hand, buf, 1);
+# ifdef WITH_YAJL2
+if (ret == 0 yajl_get_bytes_consumed(hand) == 0) {
+done = true;
+/* state-pos points to the first symbol after current
+ * object */
+
Re: [libvirt] [PATCHv3] audit: Audit resources used by VirtIO RNG
On 03/13/13 11:21, Daniel P. Berrange wrote: On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote: This patch adds auditing of resources used by Virtio RNG devices. Only resources on the local filesystems are audited. The audit logs look like: For the 'random' backend: type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm=qcow-test uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng=? new-rng=/dev/random: exe=/home/pipo/libvirt/daemon/.libs/libvirtd hostname=? addr=? terminal=pts/0 res=success' For local character device source: type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm=qcow-test uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng=? new-rng=/tmp/unix.sock: exe=/home/pipo/libvirt/daemon/.libs/libvirtd hostname=? addr=? terminal=pts/0 res=success' --- Notes: Version 3: - don't log non-local resources for EGD backend - change order of blocks of code to optimize Version 2: - log also EGD backends - add example of audit message to commit message src/conf/domain_audit.c | 120 1 file changed, 120 insertions(+) ACK, but wait 1 more day to give Steve Grubb a chance to raise any issues before pushing. As Steve didn't respond I'm pushing the patch now. Thanks. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/4] rename qemuGetNumadAdvice to virGetNumadAdvice
On 2013年03月01日 14:52, Gao feng wrote:
qemuGetNumadAdvice will be used by LXC driver,rename
it to virGetNumaAdvice and move it to virnuma.c
s/virGetNumaAdvice/virGetNumadAdvice/,
Signed-off-by: Gao fenggaof...@cn.fujitsu.com
---
po/POTFILES.in | 1 +
src/Makefile.am | 1 +
src/libvirt_private.syms | 3 +++
src/qemu/qemu_process.c | 33 ++
src/util/virnuma.c | 60
src/util/virnuma.h | 28 ++
6 files changed, 95 insertions(+), 31 deletions(-)
create mode 100644 src/util/virnuma.c
create mode 100644 src/util/virnuma.h
diff --git a/po/POTFILES.in b/po/POTFILES.in
index bd2c02e..ee8ff86 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -164,6 +164,7 @@ src/util/virnetdevtap.c
src/util/virnetdevvportprofile.c
src/util/virnetlink.c
src/util/virnodesuspend.c
+src/util/virnuma.c
src/util/virobject.c
src/util/virpci.c
src/util/virpidfile.c
diff --git a/src/Makefile.am b/src/Makefile.am
index c1659a4..21eb84a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -103,6 +103,7 @@ UTIL_SOURCES =
\
util/virnetdevvportprofile.h util/virnetdevvportprofile.c \
util/virnetlink.c util/virnetlink.h \
util/virnodesuspend.c util/virnodesuspend.h \
+ util/virnuma.c util/virnuma.h \
Please use tab to align the \.
util/virobject.c util/virobject.h \
util/virpci.c util/virpci.h \
util/virpidfile.c util/virpidfile.h \
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index ed46479..6aee6fa 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1565,6 +1565,9 @@ nodeSuspendForDuration;
virNodeSuspendGetTargetMask;
+# util/virnuma.h
+virGetNumadAdvice;
+
# util/virobject.h
virClassForObject;
virClassForObjectLockable;
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index db95d6e..20d41e3 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -70,6 +70,7 @@
#include virnetdevtap.h
#include virbitmap.h
#include viratomic.h
+#include virnuma.h
#define VIR_FROM_THIS VIR_FROM_QEMU
@@ -1981,36 +1982,6 @@ qemuProcessInitNumaMemoryPolicy(virDomainObjPtr vm,
}
#endif
-#if HAVE_NUMAD
-static char *
-qemuGetNumadAdvice(virDomainDefPtr def)
-{
-virCommandPtr cmd = NULL;
-char *output = NULL;
-
-cmd = virCommandNewArgList(NUMAD, -w, NULL);
-virCommandAddArgFormat(cmd, %d:%llu, def-vcpus,
- VIR_DIV_UP(def-mem.cur_balloon, 1024));
-
-virCommandSetOutputBuffer(cmd,output);
-
-if (virCommandRun(cmd, NULL) 0)
-virReportError(VIR_ERR_INTERNAL_ERROR, %s,
- _(Failed to query numad for the
- advisory nodeset));
-
-virCommandFree(cmd);
-return output;
-}
-#else
-static char *
-qemuGetNumadAdvice(virDomainDefPtr def ATTRIBUTE_UNUSED)
-{
-virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
- _(numad is not available on this host));
-return NULL;
-}
-#endif
/* Helper to prepare cpumap for affinity setting, convert
* NUMA nodeset into cpuset if @nodemask is not NULL, otherwise
@@ -3721,7 +3692,7 @@ int qemuProcessStart(virConnectPtr conn,
VIR_DOMAIN_CPU_PLACEMENT_MODE_AUTO) ||
(vm-def-numatune.memory.placement_mode ==
VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO)) {
-nodeset = qemuGetNumadAdvice(vm-def);
+nodeset = virGetNumadAdvice(vm-def-vcpus, vm-def-mem.cur_balloon);
if (!nodeset)
goto cleanup;
diff --git a/src/util/virnuma.c b/src/util/virnuma.c
new file mode 100644
index 000..37931fe
--- /dev/null
+++ b/src/util/virnuma.c
@@ -0,0 +1,60 @@
+/*
+ * virnuma.c: helper APIS for managing numa
s/APIS/APIs/,
+ *
+ * Copyright (C) 2011-2013 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ *http://www.gnu.org/licenses/.
+ *
+ */
+
+#includeconfig.h
+
+#include virnuma.h
+#include vircommand.h
+#include virerror.h
+
+#define VIR_FROM_THIS VIR_FROM_NONE
+
+#if HAVE_NUMAD
+char *virGetNumadAdvice(unsigned short vcpus,
+unsigned long long balloon)
Re: [libvirt] [PATCH] remote: Prevent race when closing a connection
On 03/15/2013 12:28 AM, Eric Blake wrote:
-if (conn-closeFreeCallback)
+if (conn-closeCallback)
+conn-closeCallback = NULL;
The if is pointless. Just blindly set conn-closeCallback to NULL.
agreed
+
+if (conn-closeFreeCallback) {
conn-closeFreeCallback(conn-closeOpaque);
+conn-closeFreeCallback = NULL;
+conn-closeOpaque = NULL;
Clearing conn-closeOpaque is pointless; it is only ever used depending
on conn-closeFreeCallback, and leaving it non-NULL doesn't hurt.
I know, and didn't do it initially, but then wanted to make it common
with the callback deregistering code. And a small portion of paranoia
doesn't hurt as I have come to learn.
...Wouldn't it be better to stash a copy of the callback pointer while
the mutex is held, but avoid calling the callback until after the mutex
is unlocked? Something like:
TYPE cb = NULL;
void* opaque;
virMutexLock(conn-lock);
conn-closeDispatch = false;
if (conn-closeUnregisterCount != closeUnregisterCount) {
cb = closeFreeCallback;
opaque = closeOpaque;
}
virMutexUnlock(conn-lock);
if (cb)
cb(opaque);
maybe, but this is again common to the other places where the
freeing callback is invoked, i.e. within the lock.
Waiting for Dan's comments...
--
Mit freundlichen Grüßen/Kind Regards
Viktor Mihajlovski
IBM Deutschland Research Development GmbH
Vorsitzender des Aufsichtsrats: Martina Köderitz
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4] LXC: allow uses advisory nodeset from querying numad
On 2013年03月01日 14:52, Gao feng wrote:
Allow lxc using the advisory nodeset from querying numad,
this means if user doesn't specify the numa nodes that
the lxc domain should assign to, libvirt will automatically
bind the lxc domain to the advisory nodeset which queried from
numad.
Signed-off-by: Gao fenggaof...@cn.fujitsu.com
---
src/lxc/lxc_controller.c | 84 ++--
1 file changed, 74 insertions(+), 10 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 15aa334..b6c1fe8 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -69,6 +69,7 @@
#include nodeinfo.h
#include virrandom.h
#include virprocess.h
+#include virnuma.h
#include rpc/virnetserver.h
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -409,7 +410,8 @@ cleanup:
}
#if WITH_NUMACTL
-static int virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl)
+static int virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl,
+ virBitmapPtr nodemask)
{
nodemask_t mask;
int mode = -1;
@@ -418,9 +420,22 @@ static int
virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl)
int i = 0;
int maxnode = 0;
bool warned = false;
-
-if (!ctrl-def-numatune.memory.nodemask)
+virDomainNumatuneDef numatune = ctrl-def-numatune;
+virBitmapPtr tmp_nodemask = NULL;
+
+if (numatune.memory.placement_mode ==
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_STATIC) {
+if (!numatune.memory.nodemask)
+return 0;
+VIR_DEBUG(Set NUMA memory policy with specified nodeset);
+tmp_nodemask = numatune.memory.nodemask;
+} else if (numatune.memory.placement_mode ==
+ VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO) {
+VIR_DEBUG(Set NUMA memory policy with advisory nodeset from numad);
+tmp_nodemask = nodemask;
+} else {
return 0;
+}
VIR_DEBUG(Setting NUMA memory policy);
@@ -435,7 +450,7 @@ static int
virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl)
/* Convert nodemask to NUMA bitmask. */
nodemask_zero(mask);
i = -1;
-while ((i = virBitmapNextSetBit(ctrl-def-numatune.memory.nodemask, i))=
0) {
+while ((i = virBitmapNextSetBit(tmp_nodemask, i))= 0) {
if (i NUMA_NUM_NODES) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_(Host cannot support NUMA node %d), i);
@@ -488,7 +503,8 @@ cleanup:
return ret;
}
#else
-static int virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl)
+static int virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl,
+ virBitmapPtr nodemask
ATTRIBUTE_UNUSED)
{
if (ctrl-def-numatune.memory.nodemask) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
@@ -549,6 +565,40 @@ static int
virLXCControllerSetupCpuAffinity(virLXCControllerPtr ctrl)
}
+static int virLXCControllerGetNumadAdvice(virLXCControllerPtr ctrl,
+ virBitmapPtr *mask)
+{
+virBitmapPtr nodemask = NULL;
+char *nodeset;
+int ret = -1;
+
+/* Get the advisory nodeset from numad if 'placement' of
+ * eithervcpu ornumatune is 'auto'.
+ */
+if ((ctrl-def-placement_mode ==
+ VIR_DOMAIN_CPU_PLACEMENT_MODE_AUTO) ||
+(ctrl-def-numatune.memory.placement_mode ==
+ VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO)) {
+nodeset = virGetNumadAdvice(ctrl-def-vcpus,
+ctrl-def-mem.cur_balloon);
+if (!nodeset)
+goto cleanup;
+
+VIR_DEBUG(Nodeset returned from numad: %s, nodeset);
+
+ret = virBitmapParse(nodeset, 0,nodemask, VIR_DOMAIN_CPUMASK_LEN);
+if (ret 0)
+goto cleanup;
+}
+ret = 0;
+*mask = nodemask;
+
+cleanup:
+VIR_FREE(nodeset);
+return ret;
+}
+
+
/**
* virLXCControllerSetupResourceLimits
* @ctrl: the controller state
@@ -560,14 +610,28 @@ static int
virLXCControllerSetupCpuAffinity(virLXCControllerPtr ctrl)
*/
static int virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl)
{
+virBitmapPtr nodemask = NULL;
+int ret;
int ret = -1;
-if (virLXCControllerSetupCpuAffinity(ctrl) 0)
-return -1;
+ret = virLXCControllerGetNumadAdvice(ctrl,nodemask);
+if (ret 0)
+goto cleanup;
And thus this can be simplified as:
if (virLXCControllerGetNumadAdvice(ctrl, nodemask) 0)
goto cleanup;
-if (virLXCControllerSetupNUMAPolicy(ctrl) 0)
-return -1;
+ret = virLXCControllerSetupCpuAffinity(ctrl);
+if (ret 0)
+goto cleanup;
Likewise.
+
+ret = virLXCControllerSetupNUMAPolicy(ctrl, nodemask);
+if (ret 0)
+goto cleanup;
Likewise. And I'd like keep this together with GetNumadAdvice. I.E.
if (virLXCControllerGetNumadAdvice(ctrl, nodemask)
Re: [libvirt] [PATCHv3 3/3] S390: Testcases for virtio-scsi and virtio-rng
On 03/14/2013 11:05 PM, Eric Blake wrote: ACK, and pushed. Big thanks, again. -- Mit freundlichen Grüßen/Kind Regards Viktor Mihajlovski IBM Deutschland Research Development GmbH Vorsitzender des Aufsichtsrats: Martina Köderitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 3/4] remove the redundant codes
On 2013年03月01日 14:52, Gao feng wrote:
Intend to reduce the redundant code,use virSetupNumaMemoryPolicy
to replace virLXCControllerSetupNUMAPolicy and
qemuProcessInitNumaMemoryPolicy.
Signed-off-by: Gao fenggaof...@cn.fujitsu.com
---
src/conf/domain_conf.h | 23 +
src/libvirt_private.syms | 1 +
src/lxc/lxc_controller.c | 114 +---
src/qemu/qemu_process.c | 121 +--
src/util/virnuma.c | 114
src/util/virnuma.h | 24 ++
6 files changed, 143 insertions(+), 254 deletions(-)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 5828ae2..2a8dff3 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -47,6 +47,7 @@
# include device_conf.h
# include virbitmap.h
# include virstoragefile.h
+# include virnuma.h
/* forward declarations of all device types, required by
* virDomainDeviceDef
@@ -1589,14 +1590,6 @@ enum virDomainCpuPlacementMode {
VIR_DOMAIN_CPU_PLACEMENT_MODE_LAST
};
-enum virDomainNumatuneMemPlacementMode {
-VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_DEFAULT = 0,
-VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_STATIC,
-VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO,
-
-VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_LAST
-};
-
Given that you move this into virnuma.h, VIR_ENUM_DECL and
VIR_ENUM_IMPL also need to be moved. And I don't see changes
on things like this:
virDomainNumatuneMemPlacementModeTypeFromString
in domain_conf.c, I bet the domain conf parsing and formating
are now broken with this patch applied.
typedef struct _virDomainTimerCatchupDef virDomainTimerCatchupDef;
typedef virDomainTimerCatchupDef *virDomainTimerCatchupDefPtr;
struct _virDomainTimerCatchupDef {
@@ -1685,18 +1678,6 @@ virDomainVcpuPinDefPtr
virDomainVcpuPinFindByVcpu(virDomainVcpuPinDefPtr *def,
int nvcpupin,
int vcpu);
-typedef struct _virDomainNumatuneDef virDomainNumatuneDef;
-typedef virDomainNumatuneDef *virDomainNumatuneDefPtr;
-struct _virDomainNumatuneDef {
-struct {
-virBitmapPtr nodemask;
-int mode;
-int placement_mode; /* enum virDomainNumatuneMemPlacementMode */
-} memory;
-
-/* Future NUMA tuning related stuff should go here. */
-};
-
typedef struct _virBlkioDeviceWeight virBlkioDeviceWeight;
typedef virBlkioDeviceWeight *virBlkioDeviceWeightPtr;
struct _virBlkioDeviceWeight {
@@ -1784,7 +1765,7 @@ struct _virDomainDef {
virDomainVcpuPinDefPtr emulatorpin;
} cputune;
-virDomainNumatuneDef numatune;
+virNumaTuneParams numatune;
A bad new name, why not virNumatuneDef? the new name can be confused,
because we use params for other meaning in the project.
/* These 3 are based on virDomainLifeCycleAction enum flags */
int onReboot;
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 6aee6fa..56c466a 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1567,6 +1567,7 @@ virNodeSuspendGetTargetMask;
# util/virnuma.h
virGetNumadAdvice;
+virSetupNumaMemoryPolicy;
Generally we want to use virNuma As the prefix for the helpers. This
applies to virGetNumadAdvice too (I didn't realized it when reviewing
1/4).
# util/virobject.h
virClassForObject;
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index b6c1fe8..3db0a88 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -46,11 +46,6 @@
# includecap-ng.h
#endif
-#if WITH_NUMACTL
-# define NUMA_VERSION1_COMPATIBILITY 1
-# includenuma.h
-#endif
-
#include virerror.h
#include virlog.h
#include virutil.h
@@ -409,113 +404,6 @@ cleanup:
return ret;
}
-#if WITH_NUMACTL
-static int virLXCControllerSetupNUMAPolicy(virLXCControllerPtr ctrl,
- virBitmapPtr nodemask)
-{
-nodemask_t mask;
-int mode = -1;
-int node = -1;
-int ret = -1;
-int i = 0;
-int maxnode = 0;
-bool warned = false;
-virDomainNumatuneDef numatune = ctrl-def-numatune;
-virBitmapPtr tmp_nodemask = NULL;
-
-if (numatune.memory.placement_mode ==
-VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_STATIC) {
-if (!numatune.memory.nodemask)
-return 0;
-VIR_DEBUG(Set NUMA memory policy with specified nodeset);
-tmp_nodemask = numatune.memory.nodemask;
-} else if (numatune.memory.placement_mode ==
- VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO) {
-VIR_DEBUG(Set NUMA memory policy with advisory nodeset from numad);
-tmp_nodemask = nodemask;
-} else {
-return 0;
-}
-
-VIR_DEBUG(Setting NUMA memory policy);
-
-if (numa_available() 0) {
-virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- %s, _(Host kernel is not aware of
Re: [libvirt] [PATCH] Update to COPYING.LIB to latest LGPLv2.1 copy
Ping? On Mon, Mar 11, 2013 at 12:43:13PM +0100, Christophe Fergeau wrote: The text version of LGPLv2.1 available at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt is slightly different from COPYING.LIB: - several paragraphs were rewrapped - the FSF address has changed, so the license has been changed to indicate the newer address I've checked that there are no changes in the license text apart from the updated address, which is what I want to fix with this commit. --- COPYING.LIB | 82 - 1 file changed, 38 insertions(+), 44 deletions(-) diff --git a/COPYING.LIB b/COPYING.LIB index 89d4489..4362b49 100644 --- a/COPYING.LIB +++ b/COPYING.LIB @@ -1,9 +1,8 @@ - GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -23,8 +22,7 @@ specially designated software packages--typically libraries--of the Free Software Foundation and other authors who decide to use it. You can use it too, but we suggest you first think carefully about whether this license or the ordinary General Public License is the better -strategy to use in any particular case, based on the explanations -below. +strategy to use in any particular case, based on the explanations below. When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that @@ -57,7 +55,7 @@ modified by someone else and passed on, the recipients should know that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. -^L + Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a @@ -89,9 +87,9 @@ libraries. However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to -encourage the widest possible use of a certain library, so that it -becomes a de-facto standard. To achieve this, non-free programs must -be allowed to use the library. A more frequent case is that a free +encourage the widest possible use of a certain library, so that it becomes +a de-facto standard. To achieve this, non-free programs must be +allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries. In this case, there is little to gain by limiting the free library to free software only, so we use the Lesser General Public License. @@ -113,7 +111,7 @@ modification follow. Pay close attention to the difference between a work based on the library and a work that uses the library. The former contains code derived from the library, whereas the latter must be combined with the library in order to run. -^L + GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION @@ -138,8 +136,8 @@ included without limitation in the term modification.) Source code for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated -interface definition files, plus the scripts used to control -compilation and installation of the library. +interface definition files, plus the scripts used to control compilation +and installation of the library. Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of @@ -218,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. -^L + Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. @@ -269,7 +267,7 @@ Library will still fall under Section 6.) distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself. -^L + 6. As an exception to the Sections above, you may also combine or link a work that uses the Library with the Library to
Re: [libvirt] [[PATCHv2]] Add support for qxl.revision in domain XML
ping?
On Thu, Feb 21, 2013 at 04:49:53PM +0100, Christophe Fergeau wrote:
QXL devices have an associated 'revision' which is raised when
new features have been introduced which would break migration
to older versions. This commit makes it possible to set this
revision as QEMU sometimes support newer QXL revisions than what
it defaults to.
---
docs/formatdomain.html.in| 4 +++-
docs/schemas/domaincommon.rng| 5 +
src/conf/domain_conf.c | 20
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 8
.../qemuxml2argv-graphics-spice-compression.args | 3 ++-
.../qemuxml2argv-graphics-spice-compression.xml | 4 ++--
.../qemuxml2argv-graphics-spice-qxl-vga.args | 3 ++-
.../qemuxml2argv-graphics-spice-qxl-vga.xml | 4 ++--
.../qemuxml2argv-graphics-spice.args | 3 ++-
.../qemuxml2argvdata/qemuxml2argv-graphics-spice.xml | 4 ++--
11 files changed, 49 insertions(+), 10 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index a9003d7..bcdd90f 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -3584,7 +3584,9 @@ qemu-kvm -net nic,model=? /dev/null
1.0.2/span) is allowed for qxl type only and specifies
the size of the primary bar, while codevram/code specifies the
secondary bar size. If ram or vram are not supplied a default
-value is used.
+value is used. The optional attribute coderevision/code (span
+class=sincesince 1.0.3/span) specifies the revision of
+the QXL device, newer revisions provide more functionality.
/dd
dtcodemodel/code/dt
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 63be4aa..57128ab 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -2283,6 +2283,11 @@
ref name=unsignedInt/
/attribute
/optional
+ optional
+attribute name=revision
+ ref name=unsignedInt/
+/attribute
+ /optional
/group
/choice
optional
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 0c75838..f4f273c 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -7646,6 +7646,7 @@ virDomainVideoDefParseXML(const xmlNodePtr node,
char *vram = NULL;
char *ram = NULL;
char *primary = NULL;
+char *revision = NULL;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -7661,6 +7662,7 @@ virDomainVideoDefParseXML(const xmlNodePtr node,
ram = virXMLPropString(cur, ram);
vram = virXMLPropString(cur, vram);
heads = virXMLPropString(cur, heads);
+revision = virXMLPropString(cur, revision);
if ((primary = virXMLPropString(cur, primary)) != NULL) {
if (STREQ(primary, yes))
@@ -7713,6 +7715,19 @@ virDomainVideoDefParseXML(const xmlNodePtr node,
def-vram = virDomainVideoDefaultRAM(dom, def-type);
}
+if (revision) {
+if (def-type != VIR_DOMAIN_VIDEO_TYPE_QXL) {
+virReportError(VIR_ERR_XML_ERROR, %s,
+ _(revision attribute only supported for type of
qxl));
+goto error;
+}
+if (virStrToLong_ui(revision, NULL, 10, def-revision) 0) {
+virReportError(VIR_ERR_XML_ERROR,
+ _(cannot parse video revision '%s'), revision);
+goto error;
+}
+}
+
if (heads) {
if (virStrToLong_ui(heads, NULL, 10, def-heads) 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
@@ -7730,6 +7745,7 @@ virDomainVideoDefParseXML(const xmlNodePtr node,
VIR_FREE(ram);
VIR_FREE(vram);
VIR_FREE(heads);
+VIR_FREE(revision);
return def;
@@ -7739,6 +7755,8 @@ error:
VIR_FREE(ram);
VIR_FREE(vram);
VIR_FREE(heads);
+VIR_FREE(revision);
+
return NULL;
}
@@ -13632,6 +13650,8 @@ virDomainVideoDefFormat(virBufferPtr buf,
virBufferAsprintf(buf, heads='%u', def-heads);
if (def-primary)
virBufferAddLit(buf, primary='yes');
+if (def-revision)
+virBufferAsprintf(buf, revision='%u', def-revision);
if (def-accel) {
virBufferAddLit(buf, \n);
virDomainVideoAccelDefFormat(buf, def-accel);
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 4ffa4aa..1d7951b 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1174,6 +1174,7 @@ struct _virDomainVideoDef {
unsigned int ram; /* kibibytes (multiples of 1024) */
unsigned int
Re: [libvirt] [PATCH V1 4/6] Add SELinux labeling support for TPM
On Thu, Mar 14, 2013 at 08:00:21PM -0400, Stefan Berger wrote: On 03/14/2013 06:34 PM, Daniel P. Berrange wrote: On Thu, Mar 14, 2013 at 04:24:27PM -0400, Stefan Berger wrote: On 03/14/2013 10:29 AM, Daniel P. Berrange wrote: On Wed, Mar 13, 2013 at 12:03:52PM -0400, Stefan Berger wrote: Signed-off-by: Stefan Berger stef...@linux.vnet.ibm.com --- src/security/security_selinux.c | 90 1 file changed, 90 insertions(+) I imagine we also need to update security_apparmour.c and security_dac.c. DAC: this seems to only be necessary if the the owner of the device is not root. Typically it is owned by root. I added support for it anyway now. AppArmour: it looks like no other character devices are being labeled so I may not have to do this for the TPM, either (?) Also src/conf/domain_audit.c will need to emit an audit event when the TPM is configured to use a host device. type=VIRT_RESOURCE msg=audit(1363292411.635:499): pid=23365 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:virtd_t:s0-s0:c0.c1023 msg='virt=kvm resrc=cgroup reason=allow vm=TPM-PT uuid=a4d7cd22-da89-3094-6212-079a48a309a1 cgroup=/sys/fs/cgroup/devices/libvirt/qemu/TPM-PT/ class=path path=/dev/tpm0 rdev=0A:E0 acl=rw exe=/usr/sbin/libvirtd hostname=? addr=? terminal=? res=success' Is this message type sufficient for a host device? No, this is just a generic message related to cgroups setup. We need to emit explicit audit log for each device in addition to this, since we cannot assume cgroups is enabled. We need to extend the virDomainAuditStart method to include this new device type. Ok, so now libvirt is also printing this one here: type=VIRT_RESOURCE msg=audit(1363305463.181:1302): pid=17807 uid=0 auid=0 ses=1 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=kvm resrc=dev reason=start vm=TPM-PT uuid=a4d7cd22-da89-3094-6212-079a48a309a1 device=/dev/tpm0 exe=/usr/sbin/libvirtd hostname=? addr=? terminal=pts/20 res=success' I suppose the msg='' part is somewhat device specific. So above really only shows /dev/tpm0 and I don't think there's much else worth mentioning. Yep, that's fine - people using these are just interested in the name of the device / file on the host being used by the VM. The last thing is now in which patch to put this :-) I would keep it in a separate patch after the one touching the SELinux and DAC labeling... Sure, separate patch is fine. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv2 2/2] Add USB option capability
From: Li Zhang zhlci...@linux.vnet.ibm.com
To avoid the collision for creating USB controllers in machine-init()
and -device xx command line, it needs to set usb=off to avoid one USB
controller created in machine-init(). So that libvirt can use -device
or -usb to create USB controller sucessfully.
So QEMU_CAPS_MACHINE_USB_OPT capability is added, and it is for QEMU
v1.3.0 onwards which supports USB option.
Signed-off-by: Li Zhang zhlci...@linux.vnet.ibm.com
---
v2 - v1:
* Rename QEMU_CAPS_USB_OPT to QEMU_CAPS_MACHINE_USB_OPT suggested by Daniel
* Corret QEMU version with v1.3.0 suggested by Daniel
src/qemu/qemu_capabilities.c |7 ++-
src/qemu/qemu_capabilities.h |1 +
src/qemu/qemu_command.c |6 ++
3 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 778e825..6ea09cc 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -211,7 +211,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
rng-random, /* 130 */
rng-egd,
virtio-ccw,
- machine-opt
+ machine-opt,
+ machine-usb-opt
);
struct _virQEMUCaps {
@@ -2446,6 +2447,10 @@ virQEMUCapsInitQMP(virQEMUCapsPtr qemuCaps,
/* machine option is supported for newer version */
virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_OPT);
+/* USB option is supported v1.3.0 onwards */
+if (qemuCaps-version = 1003000)
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_USB_OPT);
+
if (!(archstr = qemuMonitorGetTargetArch(mon)))
goto cleanup;
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 66df556..a23df1f 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -173,6 +173,7 @@ enum virQEMUCapsFlags {
QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
QEMU_CAPS_VIRTIO_CCW = 132, /* -device virtio-*-ccw */
QEMU_CAPS_MACHINE_OPT= 133, /* -machine */
+QEMU_CAPS_MACHINE_USB_OPT= 134, /* -machine */
QEMU_CAPS_LAST, /* this must always be the last item */
};
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index c39faf0..5472c8b 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4964,6 +4964,12 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
virCommandAddArg(cmd, -machine);
virBufferAsprintf(buf, %s, def-os.machine);
+/* To avoid the collision of creating USB controllers when calling
+ * machine-init in QEMU, it needs to set usb=off
+ */
+if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_USB_OPT))
+virBufferAsprintf(buf, ,usb=off);
+
if (def-mem.dump_core) {
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--
1.7.10.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv2 1/2] Optimize machine option to set more options with it.
From: Li Zhang zhlci...@linux.vnet.ibm.com
Currently, -machine option is used only when dump-guest-core is set.
To use options defined in machine option for newer version of QEMU,
it needs to use -machine xxx, and to be compatible with older version
-M, this patch addes QEMU_CAPS_MACHINE_OPT capability for newer version,
say 1.2.0.
Signed-off-by: Li Zhang zhlci...@linux.vnet.ibm.com
---
v2 - v1:
* Split the patch to 2 parts suggested by Daniel P.Berrange
* Rename QEMU_CAPS_MACH_OPT to QEMU_CAPS_MACHINE_OPT
* Remove version 1.1 assertion for QEMU_CAPS_MACHINE_OPT
src/qemu/qemu_capabilities.c |6 +-
src/qemu/qemu_capabilities.h |1 +
src/qemu/qemu_command.c | 30 +++---
tests/qemuxml2argvtest.c |6 +++---
4 files changed, 28 insertions(+), 15 deletions(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 519d2c5..778e825 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -210,7 +210,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
rng-random, /* 130 */
rng-egd,
- virtio-ccw
+ virtio-ccw,
+ machine-opt
);
struct _virQEMUCaps {
@@ -2442,6 +2443,9 @@ virQEMUCapsInitQMP(virQEMUCapsPtr qemuCaps,
virQEMUCapsInitQMPBasic(qemuCaps);
+/* machine option is supported for newer version */
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_OPT);
+
if (!(archstr = qemuMonitorGetTargetArch(mon)))
goto cleanup;
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index da06e27..66df556 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -172,6 +172,7 @@ enum virQEMUCapsFlags {
virtio rng */
QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
QEMU_CAPS_VIRTIO_CCW = 132, /* -device virtio-*-ccw */
+QEMU_CAPS_MACHINE_OPT= 133, /* -machine */
QEMU_CAPS_LAST, /* this must always be the last item */
};
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index dc49d44..c39faf0 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4941,6 +4941,8 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
const virDomainDefPtr def,
virQEMUCapsPtr qemuCaps)
{
+virBuffer buf = VIR_BUFFER_INITIALIZER;
+
/* This should *never* be NULL, since we always provide
* a machine in the capabilities data for QEMU. So this
* check is just here as a safety in case the unexpected
@@ -4948,27 +4950,33 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
if (!def-os.machine)
return 0;
-if (!def-mem.dump_core) {
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_OPT)) {
/* if no parameter to the machine type is needed, we still use
* '-M' to keep the most of the compatibility with older versions.
*/
virCommandAddArgList(cmd, -M, def-os.machine, NULL);
} else {
-if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
-virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- %s, _(dump-guest-core is not available
-with this QEMU binary));
-return -1;
-}
/* However, in case there is a parameter to be added, we need to
* use the -machine parameter because qemu is not parsing the
* -M correctly */
+
virCommandAddArg(cmd, -machine);
-virCommandAddArgFormat(cmd,
- %s,dump-guest-core=%s,
- def-os.machine,
-
virDomainMemDumpTypeToString(def-mem.dump_core));
+virBufferAsprintf(buf, %s, def-os.machine);
+
+if (def-mem.dump_core) {
+if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ %s, _(dump-guest-core is not available
+ with this QEMU binary));
+return -1;
+}
+
+virBufferAsprintf(buf, ,dump-guest-core=%s,
+
virDomainMemDumpTypeToString(def-mem.dump_core));
+}
+
+virCommandAddArg(cmd, virBufferContentAndReset(buf));
}
return 0;
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index c77b73f..352b41f 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -363,9 +363,9 @@ mymain(void)
DO_TEST(minimal-s390, QEMU_CAPS_NAME);
DO_TEST(machine-aliases1, NONE);
DO_TEST(machine-aliases2, QEMU_CAPS_KVM);
-DO_TEST(machine-core-on, QEMU_CAPS_DUMP_GUEST_CORE);
-DO_TEST(machine-core-off, QEMU_CAPS_DUMP_GUEST_CORE);
-DO_TEST_FAILURE(machine-core-on, NONE);
+DO_TEST(machine-core-on,
Re: [libvirt] [PATCHv2 2/2] Add USB option capability
On 2013年03月15日 17:19, Li Zhang wrote:
From: Li Zhang zhlci...@linux.vnet.ibm.com
To avoid the collision for creating USB controllers in machine-init()
and -device xx command line, it needs to set usb=off to avoid one USB
controller created in machine-init(). So that libvirt can use -device
or -usb to create USB controller sucessfully.
So QEMU_CAPS_MACHINE_USB_OPT capability is added, and it is for QEMU
v1.3.0 onwards which supports USB option.
Signed-off-by: Li Zhang zhlci...@linux.vnet.ibm.com
---
v2 - v1:
* Rename QEMU_CAPS_USB_OPT to QEMU_CAPS_MACHINE_USB_OPT suggested by Daniel
* Corret QEMU version with v1.3.0 suggested by Daniel
src/qemu/qemu_capabilities.c |7 ++-
src/qemu/qemu_capabilities.h |1 +
src/qemu/qemu_command.c |6 ++
3 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index 778e825..6ea09cc 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -211,7 +211,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
rng-random, /* 130 */
rng-egd,
virtio-ccw,
- machine-opt
+ machine-opt,
+ machine-usb-opt
);
struct _virQEMUCaps {
@@ -2446,6 +2447,10 @@ virQEMUCapsInitQMP(virQEMUCapsPtr qemuCaps,
/* machine option is supported for newer version */
virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_OPT);
+/* USB option is supported v1.3.0 onwards */
+if (qemuCaps-version = 1003000)
+virQEMUCapsSet(qemuCaps, QEMU_CAPS_MACHINE_USB_OPT);
+
if (!(archstr = qemuMonitorGetTargetArch(mon)))
goto cleanup;
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 66df556..a23df1f 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -173,6 +173,7 @@ enum virQEMUCapsFlags {
QEMU_CAPS_OBJECT_RNG_EGD = 131, /* EGD protocol daemon for rng */
QEMU_CAPS_VIRTIO_CCW = 132, /* -device virtio-*-ccw */
QEMU_CAPS_MACHINE_OPT= 133, /* -machine */
+QEMU_CAPS_MACHINE_USB_OPT= 134, /* -machine */
Correct the comment /* -machine xxx,usb=off */
QEMU_CAPS_LAST, /* this must always be the last item */
};
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index c39faf0..5472c8b 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4964,6 +4964,12 @@ qemuBuildMachineArgStr(virCommandPtr cmd,
virCommandAddArg(cmd, -machine);
virBufferAsprintf(buf, %s, def-os.machine);
+/* To avoid the collision of creating USB controllers when calling
+ * machine-init in QEMU, it needs to set usb=off
+ */
+if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_MACHINE_USB_OPT))
+virBufferAsprintf(buf, ,usb=off);
+
if (def-mem.dump_core) {
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DUMP_GUEST_CORE)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv2 1/1] Remove contiguous CPU indexes assumption
From: Li Zhang zhlci...@linux.vnet.ibm.com
When getting CPUs' information, it assumes that CPU indexes
are not contiguous. But for ppc64 platform, CPU indexes are not
contiguous because SMT is needed to be disabled, so CPU information
is not right on ppc64 and vpuinfo, vcpupin can't work corretly.
This patch is to remove the assumption to be compatible with ppc64.
Test:
4 vcpus are assigned to one VM and execute vcpuinfo command.
Without patch: There is only one vcpu informaion can be listed.
With patch: All vcpus' information can be listed correctly.
Signed-off-by: Li Zhang zhlci...@linux.vnet.ibm.com
---
v2 - v1:
* Remove unused cpu variable suggested by Daniel P.Berrange
* Remove contigous assumption in qemu_monitor_text.c suggested by Daniel
P.Berrange
src/qemu/qemu_monitor_json.c | 14 --
src/qemu/qemu_monitor_text.c | 13 ++---
2 files changed, 2 insertions(+), 25 deletions(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 9991a0a..1bf8baf 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -1209,7 +1209,6 @@ qemuMonitorJSONExtractCPUInfo(virJSONValuePtr reply,
for (i = 0 ; i ncpus ; i++) {
virJSONValuePtr entry = virJSONValueArrayGet(data, i);
-int cpu;
int thread;
if (!entry) {
virReportError(VIR_ERR_INTERNAL_ERROR, %s,
@@ -1217,12 +1216,6 @@ qemuMonitorJSONExtractCPUInfo(virJSONValuePtr reply,
goto cleanup;
}
-if (virJSONValueObjectGetNumberInt(entry, CPU, cpu) 0) {
-virReportError(VIR_ERR_INTERNAL_ERROR, %s,
- _(cpu information was missing cpu number));
-goto cleanup;
-}
-
if (virJSONValueObjectGetNumberInt(entry, thread_id, thread) 0) {
/* Only qemu-kvm tree includs thread_id, so treat this as
non-fatal, simply returning no data */
@@ -1230,13 +1223,6 @@ qemuMonitorJSONExtractCPUInfo(virJSONValuePtr reply,
goto cleanup;
}
-if (cpu != i) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
- _(unexpected cpu index %d expecting %d),
- i, cpu);
-goto cleanup;
-}
-
threads[i] = thread;
}
diff --git a/src/qemu/qemu_monitor_text.c b/src/qemu/qemu_monitor_text.c
index 58f6323..1b6efba 100644
--- a/src/qemu/qemu_monitor_text.c
+++ b/src/qemu/qemu_monitor_text.c
@@ -510,7 +510,6 @@ int qemuMonitorTextGetCPUInfo(qemuMonitorPtr mon,
{
char *qemucpus = NULL;
char *line;
-int lastVcpu = -1;
pid_t *cpupids = NULL;
size_t ncpupids = 0;
@@ -530,16 +529,12 @@ int qemuMonitorTextGetCPUInfo(qemuMonitorPtr mon,
do {
char *offset = strchr(line, '#');
char *end = NULL;
-int vcpu = 0, tid = 0;
+int tid = 0;
/* See if we're all done */
if (offset == NULL)
break;
-/* Extract VCPU number */
-if (virStrToLong_i(offset + 1, end, 10, vcpu) 0)
-goto error;
-
if (end == NULL || *end != ':')
goto error;
@@ -552,15 +547,11 @@ int qemuMonitorTextGetCPUInfo(qemuMonitorPtr mon,
if (end == NULL || !c_isspace(*end))
goto error;
-if (vcpu != (lastVcpu + 1))
-goto error;
-
if (VIR_REALLOC_N(cpupids, ncpupids+1) 0)
goto error;
-VIR_DEBUG(vcpu=%d pid=%d, vcpu, tid);
+VIR_DEBUG(pid=%d, tid);
cpupids[ncpupids++] = tid;
-lastVcpu = vcpu;
/* Skip to next data line */
line = strchr(offset, '\r');
--
1.7.10.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 4/4] LXC: add cpuset cgroup support for lxc
On 2013年03月01日 14:52, Gao feng wrote:
This patch adds cpuset cgroup support for LXC.
also set cpuset cgroup before setting cpu
affinity and numa policy.
Any special reason to move lxcSetupCgroup before the CPU affinity
and NUMA setttings?
Signed-off-by: Gao fenggaof...@cn.fujitsu.com
---
src/lxc/lxc_cgroup.c | 57 +++-
src/lxc/lxc_cgroup.h | 2 +-
src/lxc/lxc_controller.c | 6 ++---
3 files changed, 60 insertions(+), 5 deletions(-)
diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index a075335..f94b914 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -68,6 +68,58 @@ cleanup:
}
+static int virLXCCgroupSetupCpusetTune(virDomainDefPtr def,
+ virCgroupPtr cgroup,
+ virBitmapPtr nodemask)
+{
+int rc = 0;
+char *mask = NULL;
+
+if (def-placement_mode != VIR_DOMAIN_CPU_PLACEMENT_MODE_AUTO
+def-cpumask) {
+mask = virBitmapFormat(def-cpumask);
+if (!mask) {
+virReportError(VIR_ERR_INTERNAL_ERROR, %s,
+ _(failed to convert cpumask));
+return -1;
+}
+
+rc = virCgroupSetCpusetCpus(cgroup, mask);
+VIR_FREE(mask);
+if (rc 0) {
+virReportSystemError(-rc, %s,
+ _(Unable to set cpuset.cpus));
+}
+}
+
+if ((def-numatune.memory.nodemask ||
+ (def-numatune.memory.placement_mode ==
+ VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO))
+ def-numatune.memory.mode == VIR_DOMAIN_NUMATUNE_MEM_STRICT) {
+if (def-numatune.memory.placement_mode ==
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO)
+mask = virBitmapFormat(nodemask);
+else
+mask = virBitmapFormat(def-numatune.memory.nodemask);
+
+if (!mask) {
+virReportError(VIR_ERR_INTERNAL_ERROR, %s,
+ _(failed to convert memory nodemask));
+return -1;
+}
+
+rc = virCgroupSetCpusetMems(cgroup, mask);
+VIR_FREE(mask);
+if (rc 0) {
+virReportSystemError(-rc, %s,
+ _(Unable to set cpuset.mems));
+}
+}
+
+return rc;
+}
+
+
static int virLXCCgroupSetupBlkioTune(virDomainDefPtr def,
virCgroupPtr cgroup)
{
@@ -472,7 +524,7 @@ cleanup:
}
-int virLXCCgroupSetup(virDomainDefPtr def)
+int virLXCCgroupSetup(virDomainDefPtr def, virBitmapPtr nodemask)
{
virCgroupPtr driver = NULL;
virCgroupPtr cgroup = NULL;
@@ -497,6 +549,9 @@ int virLXCCgroupSetup(virDomainDefPtr def)
if (virLXCCgroupSetupCpuTune(def, cgroup) 0)
goto cleanup;
+if (virLXCCgroupSetupCpusetTune(def, cgroup, nodemask) 0)
+goto cleanup;
+
if (virLXCCgroupSetupBlkioTune(def, cgroup) 0)
goto cleanup;
diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h
index fff554b..29f21d6 100644
--- a/src/lxc/lxc_cgroup.h
+++ b/src/lxc/lxc_cgroup.h
@@ -26,7 +26,7 @@
# include lxc_fuse.h
# include virusb.h
-int virLXCCgroupSetup(virDomainDefPtr def);
+int virLXCCgroupSetup(virDomainDefPtr def, virBitmapPtr nodemask);
int virLXCCgroupGetMeminfo(virLXCMeminfoPtr meminfo);
int
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 3db0a88..75e2fe4 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -505,15 +505,15 @@ static int
virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl)
if (ret 0)
goto cleanup;
-ret = virLXCControllerSetupCpuAffinity(ctrl);
+ret = virLXCCgroupSetup(ctrl-def, nodemask);
if (ret 0)
goto cleanup;
-ret = virSetupNumaMemoryPolicy(ctrl-def-numatune, nodemask);
+ret = virLXCControllerSetupCpuAffinity(ctrl);
if (ret 0)
goto cleanup;
-ret = virLXCCgroupSetup(ctrl-def);
+ret = virSetupNumaMemoryPolicy(ctrl-def-numatune, nodemask);
if (ret 0)
goto cleanup;
Looks good ACK if there is a reasonble response on the question, but
this needs to be rebased for comments in 1/4.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: fix typos in IPv6 address
On 03/15/2013 04:02 PM, Osier Yang wrote: On 2013年03月15日 15:23, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- bin/virt-sandbox.c |2 +- libvirt-sandbox/libvirt-sandbox-config.c |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 9becd07..69d1e62 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -352,7 +352,7 @@ specifies the broadcast address. Some examples address=192.168.122.1/24 address=192.168.122.1/24%192.168.122.255 - address=2001:212::204.2/64 + address=2001:212::204:2/64 =item route=IP-NETWORK/PREFIX%GATEWAY diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 3dc453a..90217f1 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -825,7 +825,7 @@ GList *gvir_sandbox_config_get_networks(GVirSandboxConfig *config) * * dhcp * address=192.168.122.1/24%192.168.122.255; - * address=192.168.122.1/24%192.168.122.255;address=2001:212::204.2/64 + * address=192.168.122.1/24%192.168.122.255;address=2001:212::204:2/64 * route=192.168.122.255/24%192.168.1.1 */ gboolean gvir_sandbox_config_add_network_strv(GVirSandboxConfig *config, ACK, Please push. Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Update to COPYING.LIB to latest LGPLv2.1 copy
On Fri, Mar 15, 2013 at 10:08:37AM +0100, Christophe Fergeau wrote: Ping? On Mon, Mar 11, 2013 at 12:43:13PM +0100, Christophe Fergeau wrote: The text version of LGPLv2.1 available at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt is slightly different from COPYING.LIB: - several paragraphs were rewrapped - the FSF address has changed, so the license has been changed to indicate the newer address I've checked that there are no changes in the license text apart from the updated address, which is what I want to fix with this commit. --- COPYING.LIB | 82 - 1 file changed, 38 insertions(+), 44 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
Signed-off-by: Alex Jia a...@redhat.com
---
libvirt-sandbox/libvirt-sandbox-config.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c
b/libvirt-sandbox/libvirt-sandbox-config.c
index 90217f1..f96d417 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -1356,10 +1356,13 @@ gboolean
gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config,
if (strncmp(name, label=, 5) == 0) {
gvir_sandbox_config_set_security_label(config, value);
+break;
} else if (g_str_equal(name, dynamic)) {
gvir_sandbox_config_set_security_dynamic(config, TRUE);
+break;
} else if (g_str_equal(name, static)) {
gvir_sandbox_config_set_security_dynamic(config, FALSE);
+break;
} else {
g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0,
Unknown security option '%s', name);
--
1.7.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] remote: Prevent race when closing a connection
On Thu, Mar 14, 2013 at 01:26:55PM +0100, Viktor Mihajlovski wrote: A race condition can occur when virConnectClose is called parallel to the execution of the connection close callback in remoteClientCloseFunc. The race happens if the connection object is destroyed (including the mutex) while remoteClientCloseFunc is waiting for the connection mutex. After the destruction of the (non error checking) mutex remoteClientCloseFunc starts to process the callbacks. However the operations can occur against a freed (or even worse, reallocated) object. Another issue is that the closeFreeCallback is invoked even if it's NULL (this is the case for virsh). The solution is to clean out the callback pointers in virConnectDispose before destroying the mutex. This way remoteClientCloseFunc will return immediately after passing virMutexLock, thus avoiding potential data corruption. There's still the slight chance that the concluding virMutexUnlock could do harm on the freed connection object. This could be fixed using an error checking mutex which however has a much broader scope and impact. No, this really isn't solving the problem. The virConnectDipose function is the last thing to run on an object. Once virConnectDispose is running absolutely nothing else may safely use that object pointer. The thread that is not in virConnectDispose here is missing a reference on the object, to prevent it being destroyed while it is still in use. so NACk to this patch, it doesn't fix the problem, merely makes a SEGV slightly less likely. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/4] rename qemuGetNumadAdvice to virGetNumadAdvice
On Fri, Mar 15, 2013 at 04:13:30PM +0800, Osier Yang wrote:
On 2013年03月01日 14:52, Gao feng wrote:
qemuGetNumadAdvice will be used by LXC driver,rename
it to virGetNumaAdvice and move it to virnuma.c
s/virGetNumaAdvice/virGetNumadAdvice/,
diff --git a/src/util/virnuma.h b/src/util/virnuma.h
new file mode 100644
index 000..b9046c2
--- /dev/null
+++ b/src/util/virnuma.h
+
+char *virGetNumadAdvice(unsigned short vcups,
+unsigned long long balloon);
+
+#endif /* __VIR_NUMA_H__ */
ACK with the small nits fixed. It's good to have virnuma.{h,c} for
numa stuffs, I guess now we can move many codes into it.
Function names should always aim to match the filename. So i'd rename
this to virNumaGetAutoPlacementAdvice()
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv2 1/1] Remove contiguous CPU indexes assumption
On Fri, Mar 15, 2013 at 05:25:09PM +0800, Li Zhang wrote: From: Li Zhang zhlci...@linux.vnet.ibm.com When getting CPUs' information, it assumes that CPU indexes are not contiguous. But for ppc64 platform, CPU indexes are not contiguous because SMT is needed to be disabled, so CPU information is not right on ppc64 and vpuinfo, vcpupin can't work corretly. This patch is to remove the assumption to be compatible with ppc64. Test: 4 vcpus are assigned to one VM and execute vcpuinfo command. Without patch: There is only one vcpu informaion can be listed. With patch: All vcpus' information can be listed correctly. Signed-off-by: Li Zhang zhlci...@linux.vnet.ibm.com --- v2 - v1: * Remove unused cpu variable suggested by Daniel P.Berrange * Remove contigous assumption in qemu_monitor_text.c suggested by Daniel P.Berrange src/qemu/qemu_monitor_json.c | 14 -- src/qemu/qemu_monitor_text.c | 13 ++--- 2 files changed, 2 insertions(+), 25 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 3/4] remove the redundant codes
On Fri, Mar 15, 2013 at 05:03:47PM +0800, Osier Yang wrote:
diff --git a/src/util/virnuma.h b/src/util/virnuma.h
index b9046c2..8d9f14d 100644
--- a/src/util/virnuma.h
+++ b/src/util/virnuma.h
@@ -22,7 +22,31 @@
#ifndef __VIR_NUMA_H__
# define __VIR_NUMA_H__
+#include virbitmap.h
+
+enum virDomainNumatuneMemPlacementMode {
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_DEFAULT = 0,
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_STATIC,
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_AUTO,
+
+VIR_DOMAIN_NUMATUNE_MEM_PLACEMENT_MODE_LAST
+};
This needs renaming to
enum virNumaMemPlacementMode
and the constants to
VIR_NUMA_MEM_PLACEMENT_MODE*
+
+typedef struct _virNumaTuneParams virNumaTuneParams;
+typedef virNumaTuneParams *virNumaTuneParamsPtr;
+struct _virNumaTuneParams {
+struct {
+virBitmapPtr nodemask;
+int mode;
+int placement_mode; /* enum virDomainNumatuneMemPlacementMode */
+} memory;
+
+/* Future NUMA tuning related stuff should go here. */
+};
+
Except the pointed out nits, others are simply code moving, looks good
to me. This needs a v2 too.
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On Fri, Mar 15, 2013 at 05:32:24PM +0800, Alex Jia wrote:
Signed-off-by: Alex Jia a...@redhat.com
---
libvirt-sandbox/libvirt-sandbox-config.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c
b/libvirt-sandbox/libvirt-sandbox-config.c
index 90217f1..f96d417 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -1356,10 +1356,13 @@ gboolean
gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config,
if (strncmp(name, label=, 5) == 0) {
gvir_sandbox_config_set_security_label(config, value);
+break;
} else if (g_str_equal(name, dynamic)) {
gvir_sandbox_config_set_security_dynamic(config, TRUE);
+break;
} else if (g_str_equal(name, static)) {
gvir_sandbox_config_set_security_dynamic(config, FALSE);
+break;
} else {
g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0,
Unknown security option '%s', name);
Actually the real flaw is that we're missing 'i++' as the last line of
the loop body.
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On 03/15/2013 05:44 PM, Daniel P. Berrange wrote:
On Fri, Mar 15, 2013 at 05:32:24PM +0800, Alex Jia wrote:
Signed-off-by: Alex Jiaa...@redhat.com
---
libvirt-sandbox/libvirt-sandbox-config.c |3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/libvirt-sandbox/libvirt-sandbox-config.c
b/libvirt-sandbox/libvirt-sandbox-config.c
index 90217f1..f96d417 100644
--- a/libvirt-sandbox/libvirt-sandbox-config.c
+++ b/libvirt-sandbox/libvirt-sandbox-config.c
@@ -1356,10 +1356,13 @@ gboolean
gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config,
if (strncmp(name, label=, 5) == 0) {
gvir_sandbox_config_set_security_label(config, value);
+break;
} else if (g_str_equal(name, dynamic)) {
gvir_sandbox_config_set_security_dynamic(config, TRUE);
+break;
} else if (g_str_equal(name, static)) {
gvir_sandbox_config_set_security_dynamic(config, FALSE);
+break;
} else {
g_set_error(error, GVIR_SANDBOX_CONFIG_ERROR, 0,
Unknown security option '%s', name);
Actually the real flaw is that we're missing 'i++' as the last line of
the loop body.
Daniel
Ah, yes, I will commit a v2 patch.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] remote: Prevent race when closing a connection
On 03/15/2013 10:33 AM, Daniel P. Berrange wrote: No, this really isn't solving the problem. The virConnectDipose function is the last thing to run on an object. Once virConnectDispose is running absolutely nothing else may safely use that object pointer. The thread that is not in virConnectDispose here is missing a reference on the object, to prevent it being destroyed while it is still in use. so NACk to this patch, it doesn't fix the problem, merely makes a SEGV slightly less likely. Daniel I understand your objection and I have already tested a patch which increments the object ref counter when registering a close callback. The unfortunate thing is that the close callback isn't guaranteed to be deregistered (causing a virsh leaked reference complaint). As my brain kicks in while I'm typing, this is probably the way to go ... -- Mit freundlichen Grüßen/Kind Regards Viktor Mihajlovski IBM Deutschland Research Development GmbH Vorsitzender des Aufsichtsrats: Martina Köderitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On Fri, Mar 15, 2013 at 05:50:32PM +0800, Alex Jia wrote: Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..08d21b9 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1365,6 +1365,7 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, Unknown security option '%s', name); return FALSE; } +i++; } return TRUE; ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
On 03/15/2013 05:52 PM, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 05:50:32PM +0800, Alex Jia wrote: Signed-off-by: Alex Jiaa...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..08d21b9 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1365,6 +1365,7 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, Unknown security option '%s', name); return FALSE; } +i++; } return TRUE; ACK Daniel Thanks and push now. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Avoid infinite loop in gvir_sandbox_config_set_security_opts()
Signed-off-by: Alex Jia a...@redhat.com --- libvirt-sandbox/libvirt-sandbox-config.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) diff --git a/libvirt-sandbox/libvirt-sandbox-config.c b/libvirt-sandbox/libvirt-sandbox-config.c index 90217f1..08d21b9 100644 --- a/libvirt-sandbox/libvirt-sandbox-config.c +++ b/libvirt-sandbox/libvirt-sandbox-config.c @@ -1365,6 +1365,7 @@ gboolean gvir_sandbox_config_set_security_opts(GVirSandboxConfig *config, Unknown security option '%s', name); return FALSE; } +i++; } return TRUE; } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv2 1/1] Remove contiguous CPU indexes assumption
On 2013年03月15日 17:42, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 05:25:09PM +0800, Li Zhang wrote: From: Li Zhangzhlci...@linux.vnet.ibm.com When getting CPUs' information, it assumes that CPU indexes are not contiguous. But for ppc64 platform, CPU indexes are not contiguous because SMT is needed to be disabled, so CPU information is not right on ppc64 and vpuinfo, vcpupin can't work corretly. This patch is to remove the assumption to be compatible with ppc64. Test: 4 vcpus are assigned to one VM and execute vcpuinfo command. Without patch: There is only one vcpu informaion can be listed. With patch: All vcpus' information can be listed correctly. Signed-off-by: Li Zhangzhlci...@linux.vnet.ibm.com --- v2 - v1: * Remove unused cpu variable suggested by Daniel P.Berrange * Remove contigous assumption in qemu_monitor_text.c suggested by Daniel P.Berrange src/qemu/qemu_monitor_json.c | 14 -- src/qemu/qemu_monitor_text.c | 13 ++--- 2 files changed, 2 insertions(+), 25 deletions(-) ACK Daniel Pushed. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] remote: Prevent race when closing a connection
On Fri, Mar 15, 2013 at 10:50:08AM +0100, Viktor Mihajlovski wrote: On 03/15/2013 10:33 AM, Daniel P. Berrange wrote: No, this really isn't solving the problem. The virConnectDipose function is the last thing to run on an object. Once virConnectDispose is running absolutely nothing else may safely use that object pointer. The thread that is not in virConnectDispose here is missing a reference on the object, to prevent it being destroyed while it is still in use. so NACk to this patch, it doesn't fix the problem, merely makes a SEGV slightly less likely. Daniel I understand your objection and I have already tested a patch which increments the object ref counter when registering a close callback. The unfortunate thing is that the close callback isn't guaranteed to be deregistered (causing a virsh leaked reference complaint). As my brain kicks in while I'm typing, this is probably the way to go ... With the existing domain event callbacks we hold a reference on the connection for as long as the callback is set. The app is required to unregister the callbacks prior to closing the connection. So the same approach is fine for the close callback. To prevent the leak in virsh, virsh should be de-registering the callback Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Update to COPYING.LIB to latest LGPLv2.1 copy
On Fri, Mar 15, 2013 at 09:26:08AM +, Daniel P. Berrange wrote: On Fri, Mar 15, 2013 at 10:08:37AM +0100, Christophe Fergeau wrote: Ping? On Mon, Mar 11, 2013 at 12:43:13PM +0100, Christophe Fergeau wrote: The text version of LGPLv2.1 available at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt is slightly different from COPYING.LIB: - several paragraphs were rewrapped - the FSF address has changed, so the license has been changed to indicate the newer address I've checked that there are no changes in the license text apart from the updated address, which is what I want to fix with this commit. --- COPYING.LIB | 82 - 1 file changed, 38 insertions(+), 44 deletions(-) ACK Thanks, pushed. Christophe pgpwMWVG4BH9v.pgp Description: PGP signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: Fix security options wrongs in man page
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 14 ++ 1 files changed, 10 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..66676c3 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,19 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +The SELinux security dynamic for the sandbox, defaults to svirt_sandbox_t -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +To use dynamic and override the base label, defaults to +system_u:system_r:svirt_t:s0 + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 =back -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: Fix security options wrongs in man page
On Fri, Mar 15, 2013 at 06:29:05PM +0800, Alex Jia wrote: Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 14 ++ 1 files changed, 10 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..66676c3 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,19 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +The SELinux security dynamic for the sandbox, defaults to svirt_sandbox_t I'd word this as Dynamically allocate an SELinux label, using the default base context. The default base context is for LXC, . for KVM and for QEMU. The defaults are seen here else if (gvir_config_domain_get_virt_type(domain) == GVIR_CONFIG_DOMAIN_VIRT_LXC) gvir_config_domain_seclabel_set_baselabel(sec, system_u:system_r:svirt_lxc_net_t:s0); else if (gvir_config_domain_get_virt_type(domain) == GVIR_CONFIG_DOMAIN_VIRT_QEMU) gvir_config_domain_seclabel_set_baselabel(sec, system_u:system_r:svirt_tcg_t:s0); else if (gvir_config_domain_get_virt_type(domain) == GVIR_CONFIG_DOMAIN_VIRT_KVM) gvir_config_domain_seclabel_set_baselabel(sec, system_u:system_r:svirt_t:s0); -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +To use dynamic and override the base label, defaults to +system_u:system_r:svirt_t:s0 I'd simplify this to Dynamically allocate an SELinux label, using the base context USER:ROLE:TYPE:LEVEL, instead of the default base context. + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH] Docs: Fix security options wrongs in man page
On 03/15/2013 06:42 PM, Daniel P. Berrange wrote: Dynamically allocate an SELinux label, using the base context USER:ROLE:TYPE:LEVEL, instead of the default base context. Thanks for your nice comment, the v2 patch is coming. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH v2] Docs: Fix security options wrongs in man page
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 17 + 1 files changed, 13 insertions(+), 4 deletions(-) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 69d1e62..bd7ac49 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -372,13 +372,22 @@ separated by commas. The following options are valid for SELinux =over 4 -=item type=TYPE +=item dynamic -The SELinux security type, defaults to sandbox_t +Dynamically allocate an SELinux label, using the default base context. +The default base context is system_u:system_r:svirt_lxc_net_t:s0 for LXC, +system_u:system_r:svirt_t:s0 for KVM, system_u:system_r:svirt_tcg_t:s0 +for QEMU. -=item level=LEVEL +=item dynamic,label=USER:ROLE:TYPE:LEVEL -The SELinux MCS level, defaults to a randomly allocated level +Dynamically allocate an SELinux label, using the base context +USER:ROLE:TYPE:LEVEL, instead of the default base context. + +=item static,label=USER:ROLE:TYPE:LEVEL + +To set a completely static label. For example, +static,label=system_u:system_r:svirt_t:s0:c412,c355 =back -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [libvirt-sandbox][PATCH v2] Docs: Fix security options wrongs in man page
On Fri, Mar 15, 2013 at 06:57:15PM +0800, Alex Jia wrote: Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox.c | 17 + 1 files changed, 13 insertions(+), 4 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/4] Make vshDebug work when parsing parameters
On 03/14/2013 06:15 PM, Daniel P. Berrange wrote:
On Thu, Mar 14, 2013 at 10:27:32AM +0100, Martin Kletzander wrote:
The vshInit initializes ctl-debug by which vshDebug (which is also
called in vshParseArgv) decides whether to print out the message or
not.
Signed-off-by: Martin Kletzander mklet...@redhat.com
---
tools/virsh.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index d822e09..9ed038a 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3100,15 +3100,13 @@ main(int argc, char **argv)
ctl-name = vshStrdup(ctl, defaultConn);
}
-if (!vshParseArgv(ctl, argc, argv)) {
+if (!vshInit(ctl)) {
vshDeinit(ctl);
Hmm, we previously called vshDeinit() even though we'd not
got to vshInit yet !
exit(EXIT_FAILURE);
}
-if (!vshInit(ctl)) {
-vshDeinit(ctl);
+if (!vshParseArgv(ctl, argc, argv))
But here you've lost the vshDeinit now. I think we need to
put that back to keep valgrind happy, don't we ? Or is there
some reason which forced to you drop the vshDeinit here ?
No reason, just my fault. I removed it at first when the vshParseArgv
was before vshInit and then switched those two without adding it back,
thanks for noticing. This is how the patch should've looked like:
diff --git a/tools/virsh.c b/tools/virsh.c
index d822e09..58a604b 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3100,12 +3100,12 @@ main(int argc, char **argv)
ctl-name = vshStrdup(ctl, defaultConn);
}
-if (!vshParseArgv(ctl, argc, argv)) {
+if (!vshInit(ctl)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
-if (!vshInit(ctl)) {
+if (!vshParseArgv(ctl, argc, argv)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
--
exit(EXIT_FAILURE);
-}
Regards
Daniel
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/4] Make vshDebug work when parsing parameters
On Fri, Mar 15, 2013 at 02:10:08PM +0100, Martin Kletzander wrote:
On 03/14/2013 06:15 PM, Daniel P. Berrange wrote:
On Thu, Mar 14, 2013 at 10:27:32AM +0100, Martin Kletzander wrote:
The vshInit initializes ctl-debug by which vshDebug (which is also
called in vshParseArgv) decides whether to print out the message or
not.
Signed-off-by: Martin Kletzander mklet...@redhat.com
---
tools/virsh.c | 6 ++
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/tools/virsh.c b/tools/virsh.c
index d822e09..9ed038a 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3100,15 +3100,13 @@ main(int argc, char **argv)
ctl-name = vshStrdup(ctl, defaultConn);
}
-if (!vshParseArgv(ctl, argc, argv)) {
+if (!vshInit(ctl)) {
vshDeinit(ctl);
Hmm, we previously called vshDeinit() even though we'd not
got to vshInit yet !
exit(EXIT_FAILURE);
}
-if (!vshInit(ctl)) {
-vshDeinit(ctl);
+if (!vshParseArgv(ctl, argc, argv))
But here you've lost the vshDeinit now. I think we need to
put that back to keep valgrind happy, don't we ? Or is there
some reason which forced to you drop the vshDeinit here ?
No reason, just my fault. I removed it at first when the vshParseArgv
was before vshInit and then switched those two without adding it back,
thanks for noticing. This is how the patch should've looked like:
diff --git a/tools/virsh.c b/tools/virsh.c
index d822e09..58a604b 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3100,12 +3100,12 @@ main(int argc, char **argv)
ctl-name = vshStrdup(ctl, defaultConn);
}
-if (!vshParseArgv(ctl, argc, argv)) {
+if (!vshInit(ctl)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
-if (!vshInit(ctl)) {
+if (!vshParseArgv(ctl, argc, argv)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
ACK
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] conftest segfault
One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. Gene -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] conftest segfault
On 03/15/2013 09:48 AM, Gene Czarcinski wrote: One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. I went back and looked at my logs more closely. This started with libvirt-1.0.3-1. Gene -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v4 0/3] Keep original file label
Yet another rework of $subj. I am still not solving atomicity problem for now. See diff to the patches if you want to know what's changed. Patch 1/3 has been already ACKed, however, I've changed it slightly. Michal Privoznik (3): virFile: Add APIs for extended attributes handling virfile: Introduce internal API for managing ACL security_dac: Favour ACLs over chown() configure.ac| 2 + libvirt.spec.in | 1 + m4/virt-acl.m4 | 9 ++ src/Makefile.am | 4 +- src/libvirt_private.syms| 6 + src/security/security_dac.c | 302 +++- src/util/virfile.c | 301 +++ src/util/virfile.h | 28 8 files changed, 622 insertions(+), 31 deletions(-) create mode 100644 m4/virt-acl.m4 -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v4 3/3] security_dac: Favour ACLs over chown()
On filesystems supporting ACLs we don't need to do a chown but we
can just set ACLs to gain access for qemu. However, since we are
setting these on too low level, where we don't know if disk is
just a read only or read write, we set read write access
unconditionally.
From implementation POV, a reference counter is introduced, so ACL is
restored only on the last restore attempt in order to not cut off other
domains. And since a file may had an ACL for a user already set, we need
to keep this as well. Both these, the reference counter and original ACL
are stored as extended attributes named trusted.libvirt.dac.refCount and
trusted.libvirt.dac.oldACL respectively.
However, some filesystems doesn't support ACLs, XATTRs, or both. So the
code is made to favour ACLs among with tracking the reference count. If
this fails, we fall back to chown() with best effort to remember the
original owner of file.
---
diff to v3:
-Dan's suggestions worked in
diff to v2:
-basically squashed functionality of 2/4 and 4/4 from previous
round
src/security/security_dac.c | 302 +++-
1 file changed, 273 insertions(+), 29 deletions(-)
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 0b274b7..4914baa 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -25,6 +25,7 @@
#include security_dac.h
#include virerror.h
+#include virfile.h
#include virutil.h
#include viralloc.h
#include virlog.h
@@ -34,6 +35,9 @@
#define VIR_FROM_THIS VIR_FROM_SECURITY
#define SECURITY_DAC_NAME dac
+#define SECURITY_DAC_XATTR_OLD_ACL trusted.libvirt.dac.oldACL
+#define SECURITY_DAC_XATTR_OLD_OWNER trusted.libvirt.dac.oldOwner
+#define SECURITY_DAC_XATTR_REFCOUNT trusted.libvirt.dac.refCount
typedef struct _virSecurityDACData virSecurityDACData;
typedef virSecurityDACData *virSecurityDACDataPtr;
@@ -234,6 +238,196 @@ int virSecurityDACGetImageIds(virDomainDefPtr def,
virSecurityDACDataPtr priv,
return 0;
}
+static int
+virSecurityDACGetXATTRRefcount(const char *path,
+ int *refCount)
+{
+int ret = -1;
+char *refCountStr;
+
+if (virFileGetAttr(path, SECURITY_DAC_XATTR_REFCOUNT, refCountStr) 0)
+return ret;
+
+VIR_DEBUG(path=%s refCountStr=%s, path, NULLSTR(refCountStr));
+
+if (!refCountStr) {
+*refCount = 0;
+return 0;
+}
+
+if (virStrToLong_i(refCountStr, NULL, 10, refCount) 0) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(Malformed %s attribute: %s),
+ SECURITY_DAC_XATTR_REFCOUNT,
+ refCountStr);
+goto cleanup;
+}
+
+ret = 0;
+cleanup:
+VIR_FREE(refCountStr);
+return ret;
+}
+
+static int
+virSecurityDACSetXATTRRefcount(const char *path,
+ int refCount)
+{
+int ret = -1;
+char *refCountStr;
+
+VIR_DEBUG(path=%s refCount=%d, path, refCount);
+
+if (refCount == 0) {
+virFileRemoveAttr(path, SECURITY_DAC_XATTR_REFCOUNT);
+return 0;
+}
+
+if (virAsprintf(refCountStr, %u, refCount) 0) {
+virReportOOMError();
+return ret;
+}
+
+if (virFileSetAttr(path, SECURITY_DAC_XATTR_REFCOUNT, refCountStr) 0)
+goto cleanup;
+
+ret = 0;
+cleanup:
+VIR_FREE(refCountStr);
+return ret;
+}
+
+static int
+virSecurityDACSetACL(const char *path,
+ uid_t uid)
+{
+int ret = -1;
+char *oldACL = NULL;
+mode_t perms;
+
+VIR_DEBUG(path=%s uid=%u, path, uid);
+
+if (virFileGetACL(path, uid, perms) 0) {
+/* error getting ACL entry for @uid */
+goto cleanup;
+}
+
+if (virAsprintf(oldACL, %u:0%o, uid, perms) 0) {
+virReportOOMError();
+goto cleanup;
+}
+
+if (virFileSetAttr(path, SECURITY_DAC_XATTR_OLD_ACL, oldACL) 0)
+goto cleanup;
+
+if (virFileSetACL(path, uid, S_IRUSR | S_IWUSR) 0)
+goto cleanup;
+
+ret = 0;
+cleanup:
+if (ret 0)
+virFileRemoveAttr(path, SECURITY_DAC_XATTR_OLD_ACL);
+VIR_FREE(oldACL);
+return ret;
+}
+
+static int
+virSecurityDACRestoreACL(const char *path)
+{
+int ret = -1;
+char *oldACL = NULL, *c;
+uid_t uid;
+mode_t perms;
+
+VIR_DEBUG(path=%s, path);
+
+if (virFileGetAttr(path, SECURITY_DAC_XATTR_OLD_ACL, oldACL) 0)
+return ret;
+
+if (!oldACL) {
+VIR_WARN(Attribute %s is missing, SECURITY_DAC_XATTR_OLD_ACL);
+return ret;
+}
+
+if (!(c = strchr(oldACL, ':'))) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(Malformed %s attribute: %s),
+ SECURITY_DAC_XATTR_OLD_ACL, oldACL);
+goto cleanup;
+}
+
+*c = '\0';
+c++;
+
+if (virStrToLong_ui(oldACL, NULL, 10, uid) 0 ||
+virStrToLong_ui(c, NULL, 8, perms) 0) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+
[libvirt] [PATCH v4 1/3] virFile: Add APIs for extended attributes handling
Currently, only three wrappers are being implemented:
virFileSetAttr for setting attributes
virFileGetAttr for querying attributes (note we need to call it twice,
first time to get length of attribute value, second to get actual value)
virFileRemoveAttr for removing attributes
---
diff to v3:
-set errno=ENOSYS when building without WITH_ATTR for easier check within
callee.
diff to v2:
-drop multiple check for libattr
src/libvirt_private.syms | 3 ++
src/util/virfile.c | 108 +++
src/util/virfile.h | 14 ++
3 files changed, 125 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5cad990..5a2cbe8 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1252,8 +1252,11 @@ virFileClose;
virFileDirectFdFlag;
virFileFclose;
virFileFdopen;
+virFileGetAttr;
virFileLoopDeviceAssociate;
+virFileRemoveAttr;
virFileRewrite;
+virFileSetAttr;
virFileTouch;
virFileUpdatePerm;
virFileWrapperFdClose;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index 4a9fa81..be50e83 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -37,6 +37,10 @@
# include sys/ioctl.h
#endif
+#ifdef WITH_ATTR
+# include attr/xattr.h
+#endif
+
#include vircommand.h
#include configmake.h
#include viralloc.h
@@ -644,3 +648,107 @@ int virFileLoopDeviceAssociate(const char *file,
}
#endif /* __linux__ */
+
+#ifdef WITH_ATTR
+int
+virFileSetAttr(const char *file,
+ const char *name,
+ const char *value)
+{
+size_t valueSize = strlen(value);
+if (setxattr(file, name, value, valueSize, 0) 0) {
+virReportSystemError(errno,
+ _(Unable to set extended attribute '%s' on
'%s'),
+ name, file);
+return -1;
+}
+return 0;
+}
+
+int
+virFileGetAttr(const char *file,
+ const char *name,
+ char **value)
+{
+int ret = -1;
+char *buf = NULL;
+ssize_t valueSize;
+
+/* get attribute length */
+if ((valueSize = getxattr(file, name, NULL, 0)) 0) {
+/* The Linux kernel does not define ENOATTR, but maps it to ENODATA. */
+if (errno == ENOATTR || errno == ENODATA) {
+*value = NULL;
+return 0;
+} else {
+virReportSystemError(errno,
+ _(Unable to get extended attribute '%s' on
'%s'),
+ name, file);
+return ret;
+}
+}
+
+if (VIR_ALLOC_N(buf, valueSize) 0) {
+virReportOOMError();
+return ret;
+}
+
+if ((ret = getxattr(file, name, buf, valueSize)) 0) {
+VIR_FREE(buf);
+virReportSystemError(errno,
+ _(Unable to get extended attribute '%s' on
'%s'),
+ name, file);
+} else {
+*value = buf;
+}
+
+return ret;
+}
+
+int
+virFileRemoveAttr(const char *file,
+ const char *name)
+{
+if (removexattr(file, name) 0) {
+virReportSystemError(errno,
+ _(Unable to remove extended attribute '%s' on
'%s'),
+ name, file);
+return -1;
+}
+return 0;
+}
+
+#else /* WITH_ATTR */
+
+int
+virFileSetAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED,
+ const char *value ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
+virReportSystemError(errno, %s,
+ _(Unable to set extended attributes));
+return -1;
+}
+
+int
+virFileGetAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED,
+ char **value ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
+virReportSystemError(errno, %s,
+ _(Unable to get extended attributes));
+return -1;
+}
+
+int
+virFileRemoveAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
+virReportSystemError(errno, %s,
+ _(Unable to remove extended attributes));
+return -1;
+}
+#endif /* WITH_ATTR */
diff --git a/src/util/virfile.h b/src/util/virfile.h
index c885b73..9e0adf6 100644
--- a/src/util/virfile.h
+++ b/src/util/virfile.h
@@ -108,4 +108,18 @@ int virFileUpdatePerm(const char *path,
int virFileLoopDeviceAssociate(const char *file,
char **dev);
+int virFileSetAttr(const char *file,
+ const char *name,
+ const char *value)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
+
+int virFileGetAttr(const char *file,
+ const char *name,
+ char **value)
+ATTRIBUTE_NONNULL(1) ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(3);
+
+int virFileRemoveAttr(const char *file,
+ const char *name)
+ATTRIBUTE_NONNULL(1)
[libvirt] [PATCH v4 2/3] virfile: Introduce internal API for managing ACL
For now, only three APIs are implemented:
virFileGetACL to retrieve permission for a specific user
virFileSetACL for setting requested permissions for a specific user,
virFileRemoveACL to remove those permissions.
---
diff to v3:
-set errno=ENOSYS when building without WITH_ATTR for easier check within
callee.
-ACL mask is deleted prior recalc as after removing our entry, mask may be not
required anymore.
diff to v2:
-Introduced m4 macro to check for libacl
-new virFileGetACL API
-ACL mask recalc offloaded to libacl
configure.ac | 2 +
libvirt.spec.in | 1 +
m4/virt-acl.m4 | 9 +++
src/Makefile.am | 4 +-
src/libvirt_private.syms | 3 +
src/util/virfile.c | 193 +++
src/util/virfile.h | 14
7 files changed, 224 insertions(+), 2 deletions(-)
create mode 100644 m4/virt-acl.m4
diff --git a/configure.ac b/configure.ac
index 9d366e9..4e6627c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -142,6 +142,7 @@ AC_MSG_RESULT([$VERSION_SCRIPT_FLAGS])
LIBVIRT_COMPILE_WARNINGS
+LIBVIRT_CHECK_ACL
LIBVIRT_CHECK_APPARMOR
LIBVIRT_CHECK_ATTR
LIBVIRT_CHECK_AUDIT
@@ -2462,6 +2463,7 @@ fi
AC_MSG_NOTICE([])
AC_MSG_NOTICE([Libraries])
AC_MSG_NOTICE([])
+LIBVIRT_RESULT_ACL
LIBVIRT_RESULT_APPARMOR
LIBVIRT_RESULT_ATTR
LIBVIRT_RESULT_AUDIT
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 9fb753a..222674d 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -411,6 +411,7 @@ BuildRequires: gettext
BuildRequires: libtasn1-devel
BuildRequires: gnutls-devel
BuildRequires: libattr-devel
+BuildRequires: libacl-devel
%if 0%{?fedora} = 12 || 0%{?rhel} = 6
# for augparse, optionally used in testing
BuildRequires: augeas
diff --git a/m4/virt-acl.m4 b/m4/virt-acl.m4
new file mode 100644
index 000..7f16dca
--- /dev/null
+++ b/m4/virt-acl.m4
@@ -0,0 +1,9 @@
+dnl The libacl.so library
+
+AC_DEFUN([LIBVIRT_CHECK_ACL],[
+ LIBVIRT_CHECK_LIB([ACL], [acl], [acl_init], [sys/acl.h])
+])
+
+AC_DEFUN([LIBVIRT_RESULT_ACL],[
+ LIBVIRT_RESULT_LIB([ACL])
+])
diff --git a/src/Makefile.am b/src/Makefile.am
index 0c0dfb3..0ddc128 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -764,11 +764,11 @@ libvirt_util_la_SOURCES =
\
$(UTIL_SOURCES)
libvirt_util_la_CFLAGS = $(CAPNG_CFLAGS) $(YAJL_CFLAGS) $(LIBNL_CFLAGS) \
$(AM_CFLAGS) $(AUDIT_CFLAGS) $(DEVMAPPER_CFLAGS) \
- $(DBUS_CFLAGS) $(LDEXP_LIBM)
+ $(DBUS_CFLAGS) $(LDEXP_LIBM) $(ACL_CFLAGS)
libvirt_util_la_LIBADD = $(CAPNG_LIBS) $(YAJL_LIBS) $(LIBNL_LIBS) \
$(THREAD_LIBS) $(AUDIT_LIBS) $(DEVMAPPER_LIBS) \
$(LIB_CLOCK_GETTIME) $(DBUS_LIBS) $(MSCOM_LIBS) $(LIBXML_LIBS) \
- $(SECDRIVER_LIBS)
+ $(SECDRIVER_LIBS) $(ACL_LIBS)
noinst_LTLIBRARIES += libvirt_conf.la
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5a2cbe8..e1ec774 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1252,10 +1252,13 @@ virFileClose;
virFileDirectFdFlag;
virFileFclose;
virFileFdopen;
+virFileGetACL;
virFileGetAttr;
virFileLoopDeviceAssociate;
+virFileRemoveACL;
virFileRemoveAttr;
virFileRewrite;
+virFileSetACL;
virFileSetAttr;
virFileTouch;
virFileUpdatePerm;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index be50e83..7f50328 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -41,6 +41,10 @@
# include attr/xattr.h
#endif
+#ifdef WITH_ACL
+# include acl/libacl.h
+#endif
+
#include vircommand.h
#include configmake.h
#include viralloc.h
@@ -752,3 +756,192 @@ virFileRemoveAttr(const char *file ATTRIBUTE_UNUSED,
return -1;
}
#endif /* WITH_ATTR */
+
+#ifdef WITH_ACL
+static acl_entry_t
+virFileACLFindEntry(acl_t acl, acl_tag_t type, id_t id)
+{
+acl_entry_t ent;
+acl_tag_t e_type;
+id_t *e_id_p;
+
+/* acl_get_entry returns 1 if there's an entry in @acl */
+if (acl_get_entry(acl, ACL_FIRST_ENTRY, ent) != 1)
+return NULL;
+
+do {
+acl_get_tag_type(ent, e_type);
+if (e_type == type) {
+if (id == ACL_UNDEFINED_ID)
+return ent;
+
+if (!(e_id_p = acl_get_qualifier(ent)))
+return NULL;
+if (*e_id_p == id) {
+acl_free(e_id_p);
+return ent;
+}
+acl_free(e_id_p);
+}
+} while (acl_get_entry(acl, ACL_NEXT_ENTRY, ent) == 1);
+
+return NULL;
+}
+
+static void
+virFileACLSetPerms(acl_entry_t ent, mode_t perms)
+{
+acl_permset_t set;
+
+acl_get_permset(ent, set);
+if (perms S_IRUSR)
+acl_add_perm(set, ACL_READ);
+else
+acl_delete_perm(set, ACL_READ);
+if (perms S_IWUSR)
+acl_add_perm(set, ACL_WRITE);
+else
+acl_delete_perm(set, ACL_WRITE);
+if (perms S_IXUSR)
+acl_add_perm(set, ACL_EXECUTE);
+else
+
Re: [libvirt] conftest segfault
On 15.03.2013 14:56, Gene Czarcinski wrote: On 03/15/2013 09:48 AM, Gene Czarcinski wrote: One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. I went back and looked at my logs more closely. This started with libvirt-1.0.3-1. Gene Do you have a coredump? What does it say? Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 3/3] security_dac: Favour ACLs over chown()
On Fri, Mar 15, 2013 at 03:12:03PM +0100, Michal Privoznik wrote:
static int
+virSecurityDACSetOwnership(const char *path, uid_t uid, gid_t gid)
+{
+int refCount = 0;
+bool xattrSupported = true;
+
+VIR_INFO(Setting DAC user and group on '%s' to '%ld:%ld',
+ path, (long) uid, (long) gid);
+
+if (virSecurityDACGetXATTRRefcount(path, refCount) 0) {
+if (errno != ENOSYS errno != ENOTSUP)
+return -1;
It is unsafe to check errno. You must use the virErrorPtr only,
and if you decide to ignore the error, you should also call
virResetLastError() to clear it.
+xattrSupported = false;
+}
+
+if (refCount || virSecurityDACSetACL(path, uid) == 0) {
+if (xattrSupported
+virSecurityDACSetXATTRRefcount(path, refCount + 1) 0) {
+/* Clear out oldACL XATTR */
+return -1;
+}
+return 0;
+}
+
+/* Setting ACL failed. If the cause is libvirt was build without ACL
+ * support, or filesystem does not support ACLs fall back to chown */
+if (errno != ENOSYS errno != ENOTSUP)
+return -1;
+
+VIR_DEBUG(Falling back to chown);
+if (xattrSupported virSecurityDACRememberLabel(path) 0)
+return -1;
+
+if (virSecurityDACChown(path, uid, gid) 0 ||
+(xattrSupported
+ virSecurityDACSetXATTRRefcount(path, refCount + 1) 0)) {
+/* XXX Clear our oldOwner XATTR */
+return -1;
+}
+return 0;
+}
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 1/3] virFile: Add APIs for extended attributes handling
On Fri, Mar 15, 2013 at 03:12:01PM +0100, Michal Privoznik wrote:
Currently, only three wrappers are being implemented:
virFileSetAttr for setting attributes
virFileGetAttr for querying attributes (note we need to call it twice,
first time to get length of attribute value, second to get actual value)
virFileRemoveAttr for removing attributes
---
diff to v3:
-set errno=ENOSYS when building without WITH_ATTR for easier check within
callee.
diff to v2:
-drop multiple check for libattr
src/libvirt_private.syms | 3 ++
src/util/virfile.c | 108
+++
src/util/virfile.h | 14 ++
3 files changed, 125 insertions(+)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5cad990..5a2cbe8 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1252,8 +1252,11 @@ virFileClose;
virFileDirectFdFlag;
virFileFclose;
virFileFdopen;
+virFileGetAttr;
virFileLoopDeviceAssociate;
+virFileRemoveAttr;
virFileRewrite;
+virFileSetAttr;
virFileTouch;
virFileUpdatePerm;
virFileWrapperFdClose;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index 4a9fa81..be50e83 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -37,6 +37,10 @@
# include sys/ioctl.h
#endif
+#ifdef WITH_ATTR
+# include attr/xattr.h
+#endif
+
#include vircommand.h
#include configmake.h
#include viralloc.h
@@ -644,3 +648,107 @@ int virFileLoopDeviceAssociate(const char *file,
}
#endif /* __linux__ */
+
+#ifdef WITH_ATTR
+int
+virFileSetAttr(const char *file,
+ const char *name,
+ const char *value)
+{
+size_t valueSize = strlen(value);
+if (setxattr(file, name, value, valueSize, 0) 0) {
+virReportSystemError(errno,
+ _(Unable to set extended attribute '%s' on
'%s'),
+ name, file);
+return -1;
+}
+return 0;
+}
+
+int
+virFileGetAttr(const char *file,
+ const char *name,
+ char **value)
+{
+int ret = -1;
+char *buf = NULL;
+ssize_t valueSize;
+
+/* get attribute length */
+if ((valueSize = getxattr(file, name, NULL, 0)) 0) {
+/* The Linux kernel does not define ENOATTR, but maps it to ENODATA.
*/
+if (errno == ENOATTR || errno == ENODATA) {
+*value = NULL;
+return 0;
+} else {
+virReportSystemError(errno,
+ _(Unable to get extended attribute '%s' on
'%s'),
+ name, file);
+return ret;
+}
+}
+
+if (VIR_ALLOC_N(buf, valueSize) 0) {
+virReportOOMError();
+return ret;
+}
+
+if ((ret = getxattr(file, name, buf, valueSize)) 0) {
+VIR_FREE(buf);
+virReportSystemError(errno,
+ _(Unable to get extended attribute '%s' on
'%s'),
+ name, file);
+} else {
+*value = buf;
+}
+
+return ret;
+}
+
+int
+virFileRemoveAttr(const char *file,
+ const char *name)
+{
+if (removexattr(file, name) 0) {
+virReportSystemError(errno,
+ _(Unable to remove extended attribute '%s' on
'%s'),
+ name, file);
+return -1;
+}
+return 0;
+}
+
+#else /* WITH_ATTR */
+
+int
+virFileSetAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED,
+ const char *value ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
+virReportSystemError(errno, %s,
+ _(Unable to set extended attributes));
+return -1;
+}
+
+int
+virFileGetAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED,
+ char **value ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
+virReportSystemError(errno, %s,
+ _(Unable to get extended attributes));
+return -1;
+}
+
+int
+virFileRemoveAttr(const char *file ATTRIBUTE_UNUSED,
+ const char *name ATTRIBUTE_UNUSED)
+{
+errno = ENOSYS;
NACK to this addition. Callers have absolutely no business accessing
'errno' for any function which uses libvirt error reporting - we make
no guarnatees that the value will be preserved by any cleanup code in
such methods. If callers want to check errno values they should do this:
virErrorPtr err = virGetLastError()
if (err
err-code == VIR_ERR_SYSTEM_ERROR
err-int1 == ENOSYS)
Regards,
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o-
Re: [libvirt] [PATCH V1 1/6] Add QMP probing for TPM
On 03/14/2013 10:47 AM, Daniel P. Berrange wrote:
On Thu, Mar 14, 2013 at 10:44:32AM -0400, Stefan Berger wrote:
Hm, this surprises me since this would put JSON specific code into
the monitor APIs (qemu_monitor.c) while qemu_monitor.c typically
only serves as a dispatcher for either text monitor or json monitor.
No, you mis-understand me - I mean move the code into these 2 functions:
Sorry for bothering you about this one. If I was to move the code back
into these functions, we'd end up with duplicate code in both functions.
It's like having 100 lines of code while 50 + 10 do the same thing...
You really want me to do this?
Stefan
+int qemuMonitorJSONGetTPMModels(qemuMonitorPtr mon,
+char ***tpmmodels)
+{
+return qemuMonitorJSONGetStringArray(mon, query-tpm-models, tpmmodels);
+}
+
+
+int qemuMonitorJSONGetTPMTypes(qemuMonitorPtr mon,
+ char ***tpmtypes)
+{
+return qemuMonitorJSONGetStringArray(mon, query-tpm-types, tpmtypes);
+}
Daniel
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 2/3] virfile: Introduce internal API for managing ACL
On Fri, Mar 15, 2013 at 03:12:02PM +0100, Michal Privoznik wrote:
For now, only three APIs are implemented:
virFileGetACL to retrieve permission for a specific user
virFileSetACL for setting requested permissions for a specific user,
virFileRemoveACL to remove those permissions.
---
diff to v3:
-set errno=ENOSYS when building without WITH_ATTR for easier check within
callee.
-ACL mask is deleted prior recalc as after removing our entry, mask may be not
required anymore.
diff to v2:
-Introduced m4 macro to check for libacl
-new virFileGetACL API
-ACL mask recalc offloaded to libacl
configure.ac | 2 +
libvirt.spec.in | 1 +
m4/virt-acl.m4 | 9 +++
src/Makefile.am | 4 +-
src/libvirt_private.syms | 3 +
src/util/virfile.c | 193
+++
src/util/virfile.h | 14
7 files changed, 224 insertions(+), 2 deletions(-)
create mode 100644 m4/virt-acl.m4
diff --git a/configure.ac b/configure.ac
index 9d366e9..4e6627c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -142,6 +142,7 @@ AC_MSG_RESULT([$VERSION_SCRIPT_FLAGS])
LIBVIRT_COMPILE_WARNINGS
+LIBVIRT_CHECK_ACL
LIBVIRT_CHECK_APPARMOR
LIBVIRT_CHECK_ATTR
LIBVIRT_CHECK_AUDIT
@@ -2462,6 +2463,7 @@ fi
AC_MSG_NOTICE([])
AC_MSG_NOTICE([Libraries])
AC_MSG_NOTICE([])
+LIBVIRT_RESULT_ACL
LIBVIRT_RESULT_APPARMOR
LIBVIRT_RESULT_ATTR
LIBVIRT_RESULT_AUDIT
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 9fb753a..222674d 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -411,6 +411,7 @@ BuildRequires: gettext
BuildRequires: libtasn1-devel
BuildRequires: gnutls-devel
BuildRequires: libattr-devel
+BuildRequires: libacl-devel
%if 0%{?fedora} = 12 || 0%{?rhel} = 6
# for augparse, optionally used in testing
BuildRequires: augeas
diff --git a/m4/virt-acl.m4 b/m4/virt-acl.m4
new file mode 100644
index 000..7f16dca
--- /dev/null
+++ b/m4/virt-acl.m4
@@ -0,0 +1,9 @@
+dnl The libacl.so library
+
+AC_DEFUN([LIBVIRT_CHECK_ACL],[
+ LIBVIRT_CHECK_LIB([ACL], [acl], [acl_init], [sys/acl.h])
+])
+
+AC_DEFUN([LIBVIRT_RESULT_ACL],[
+ LIBVIRT_RESULT_LIB([ACL])
+])
diff --git a/src/Makefile.am b/src/Makefile.am
index 0c0dfb3..0ddc128 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -764,11 +764,11 @@ libvirt_util_la_SOURCES =
\
$(UTIL_SOURCES)
libvirt_util_la_CFLAGS = $(CAPNG_CFLAGS) $(YAJL_CFLAGS) $(LIBNL_CFLAGS) \
$(AM_CFLAGS) $(AUDIT_CFLAGS) $(DEVMAPPER_CFLAGS) \
- $(DBUS_CFLAGS) $(LDEXP_LIBM)
+ $(DBUS_CFLAGS) $(LDEXP_LIBM) $(ACL_CFLAGS)
libvirt_util_la_LIBADD = $(CAPNG_LIBS) $(YAJL_LIBS) $(LIBNL_LIBS) \
$(THREAD_LIBS) $(AUDIT_LIBS) $(DEVMAPPER_LIBS) \
$(LIB_CLOCK_GETTIME) $(DBUS_LIBS) $(MSCOM_LIBS) $(LIBXML_LIBS) \
- $(SECDRIVER_LIBS)
+ $(SECDRIVER_LIBS) $(ACL_LIBS)
noinst_LTLIBRARIES += libvirt_conf.la
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5a2cbe8..e1ec774 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1252,10 +1252,13 @@ virFileClose;
virFileDirectFdFlag;
virFileFclose;
virFileFdopen;
+virFileGetACL;
virFileGetAttr;
virFileLoopDeviceAssociate;
+virFileRemoveACL;
virFileRemoveAttr;
virFileRewrite;
+virFileSetACL;
virFileSetAttr;
virFileTouch;
virFileUpdatePerm;
diff --git a/src/util/virfile.c b/src/util/virfile.c
index be50e83..7f50328 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -41,6 +41,10 @@
# include attr/xattr.h
#endif
+#ifdef WITH_ACL
+# include acl/libacl.h
+#endif
+
#include vircommand.h
#include configmake.h
#include viralloc.h
@@ -752,3 +756,192 @@ virFileRemoveAttr(const char *file ATTRIBUTE_UNUSED,
return -1;
}
#endif /* WITH_ATTR */
+
+#ifdef WITH_ACL
+static acl_entry_t
+virFileACLFindEntry(acl_t acl, acl_tag_t type, id_t id)
+{
+acl_entry_t ent;
+acl_tag_t e_type;
+id_t *e_id_p;
+
+/* acl_get_entry returns 1 if there's an entry in @acl */
+if (acl_get_entry(acl, ACL_FIRST_ENTRY, ent) != 1)
+return NULL;
+
+do {
+acl_get_tag_type(ent, e_type);
+if (e_type == type) {
+if (id == ACL_UNDEFINED_ID)
+return ent;
+
+if (!(e_id_p = acl_get_qualifier(ent)))
+return NULL;
+if (*e_id_p == id) {
+acl_free(e_id_p);
+return ent;
+}
+acl_free(e_id_p);
+}
+} while (acl_get_entry(acl, ACL_NEXT_ENTRY, ent) == 1);
+
+return NULL;
+}
+
+static void
+virFileACLSetPerms(acl_entry_t ent, mode_t perms)
+{
+acl_permset_t set;
+
+acl_get_permset(ent, set);
+if (perms S_IRUSR)
+acl_add_perm(set, ACL_READ);
+else
+
Re: [libvirt] [PATCH 02/13] qemu: do not support non-network disks without -drive
On Mon, Feb 25, 2013 at 06:44:21PM +0100, Paolo Bonzini wrote: QEMU added -drive in 2007, and NBD in 2008. Both appeared first in release 0.10.0. Thus the code to support network disks without -drive is dead, and in fact it incorrectly escapes commas. Drop it. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c | 53 ++--- 1 file changed, 2 insertions(+), 51 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 03/13] qemu: rewrite NBD command-line builder and parser
On Mon, Feb 25, 2013 at 06:44:22PM +0100, Paolo Bonzini wrote:
Move the code to an external function, and structure it to prepare
the addition of new features in the next few patches.
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
---
src/qemu/qemu_command.c | 128
tests/qemuxml2xmltest.c | 1 +
2 files changed, 76 insertions(+), 53 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index a3c5a4e..beb7cfe 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -2128,6 +2128,45 @@ error:
}
static int
+qemuParseNBDString(virDomainDiskDefPtr disk)
+{
+virDomainDiskHostDefPtr h = NULL;
+char *host, *port;
+
+if (VIR_ALLOC(h) 0)
+goto no_memory;
+
+host = disk-src + strlen(nbd:);
+port = strchr(host, ':');
+if (!port) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(cannot parse nbd filename '%s'), disk-src);
+goto error;
+}
+
+*port++ = '\0';
+h-name = strdup(host);
+if (!h-name)
+goto no_memory;
+
+h-port = strdup(port);
+if (!h-port)
+goto no_memory;
+
+VIR_FREE(disk-src);
+disk-nhosts = 1;
+disk-hosts = h;
+return 0;
+
+no_memory:
+virReportOOMError();
+error:
+virDomainDiskHostDefFree(h);
+VIR_FREE(h);
+return -1;
+}
+
I would have had the 'parse' method further down near the other
parse function which calls it, but no big deal.
+static int
qemuBuildGlusterString(virDomainDiskDefPtr disk, virBufferPtr opt)
{
int ret = -1;
@@ -2188,6 +2227,36 @@ no_memory:
goto cleanup;
}
+static int
+qemuBuildNBDString(virDomainDiskDefPtr disk, virBufferPtr opt)
+{
+const char *transp;
+
+if (disk-nhosts != 1) {
+virReportError(VIR_ERR_INTERNAL_ERROR, %s,
+ _(nbd accepts only one host));
+return -1;
+}
+
+virBufferAddLit(opt, file=nbd:);
+
+switch (disk-hosts-transport) {
+case VIR_DOMAIN_DISK_PROTO_TRANS_TCP:
+if (disk-hosts-name)
+virBufferEscape(opt, ',', ,, %s, disk-hosts-name);
+virBufferEscape(opt, ',', ,, :%s,
+disk-hosts-port ? disk-hosts-port : 10809);
+break;
+default:
+transp =
virDomainDiskProtocolTransportTypeToString(disk-hosts-transport);
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(nbd does not support transport '%s'), transp);
+break;
+}
+
+return 0;
+}
+
char *
qemuBuildDriveStr(virConnectPtr conn ATTRIBUTE_UNUSED,
virDomainDiskDefPtr disk,
@@ -2314,13 +2383,9 @@ qemuBuildDriveStr(virConnectPtr conn ATTRIBUTE_UNUSED,
} else if (disk-type == VIR_DOMAIN_DISK_TYPE_NETWORK) {
switch (disk-protocol) {
case VIR_DOMAIN_DISK_PROTOCOL_NBD:
-if (disk-nhosts != 1) {
-virReportError(VIR_ERR_INTERNAL_ERROR, %s,
- _(NBD accepts only one host));
+if (qemuBuildNBDString(disk, opt) 0)
goto error;
-}
-virBufferAsprintf(opt, file=nbd:%s:%s,,
- disk-hosts-name, disk-hosts-port);
+virBufferAddChar(opt, ',');
break;
case VIR_DOMAIN_DISK_PROTOCOL_RBD:
virBufferAddLit(opt, file=);
@@ -7337,39 +7402,11 @@ qemuParseCommandLineDisk(virCapsPtr qemuCaps,
if (STRPREFIX(def-src, /dev/))
def-type = VIR_DOMAIN_DISK_TYPE_BLOCK;
else if (STRPREFIX(def-src, nbd:)) {
-char *host, *port;
-
def-type = VIR_DOMAIN_DISK_TYPE_NETWORK;
def-protocol = VIR_DOMAIN_DISK_PROTOCOL_NBD;
-host = def-src + strlen(nbd:);
-port = strchr(host, ':');
-if (!port) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
- _(cannot parse nbd filename '%s'),
- def-src);
-goto error;
-}
-*port++ = '\0';
-if (VIR_ALLOC(def-hosts) 0) {
-virReportOOMError();
-goto error;
-}
-def-nhosts = 1;
-def-hosts-name = strdup(host);
-if (!def-hosts-name) {
-virReportOOMError();
-goto error;
-}
-def-hosts-port = strdup(port);
-if (!def-hosts-port) {
-virReportOOMError();
-goto error;
-
Re: [libvirt] [PATCH 04/13] qemu: support named nbd exports
On Mon, Feb 25, 2013 at 06:44:23PM +0100, Paolo Bonzini wrote: These are supported by nbd-server and by the NBD server that QEMU embeds for live image access. But seemingly not by 'qemu-nbd' ? ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 05/13] qemu: support NBD with Unix sockets
On Mon, Feb 25, 2013 at 06:44:24PM +0100, Paolo Bonzini wrote: This reuses the XML format that was introduced for Gluster. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- docs/formatdomain.html.in | 8 ++-- src/qemu/qemu_command.c| 49 +++--- tests/qemuargv2xmltest.c | 1 + .../qemuxml2argv-disk-drive-network-nbd-unix.args | 5 +++ .../qemuxml2argv-disk-drive-network-nbd-unix.xml | 33 +++ tests/qemuxml2argvtest.c | 2 + tests/qemuxml2xmltest.c| 1 + 7 files changed, 80 insertions(+), 19 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-unix.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-unix.xml ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 07/13] domain: add support for iscsi network disks
On Mon, Feb 25, 2013 at 06:44:26PM +0100, Paolo Bonzini wrote: This plumbs in the XML description of iSCSI shares. The next patches will add support for the libiscsi userspace initiator. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- docs/formatdomain.html.in | 7 +- docs/schemas/domaincommon.rng | 1 + src/conf/domain_conf.c | 3 ++- src/conf/domain_conf.h | 1 + .../qemuxml2argv-disk-drive-network-iscsi.xml | 27 ++ tests/qemuxml2xmltest.c| 1 + 6 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi.xml ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 06/13] qemu: support URI syntax for NBD
On Mon, Feb 25, 2013 at 06:44:25PM +0100, Paolo Bonzini wrote: QEMU 1.3 and newer support an alternative URI-based syntax to specify the location of an NBD server. Libvirt can keep on using the old syntax in general, but only the URI syntax supports IPv6 addresses. The URI syntax also supports relative paths to Unix sockets. These should never be used but aren't explicitly blocked either by the parser, so support it just in case. The URI syntax is intentionally compatible with Gluster's, and the code can be reused. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c| 97 +++--- tests/qemuargv2xmltest.c | 2 + ...ml2argv-disk-drive-network-nbd-ipv6-export.args | 5 ++ ...xml2argv-disk-drive-network-nbd-ipv6-export.xml | 33 .../qemuxml2argv-disk-drive-network-nbd-ipv6.args | 5 ++ .../qemuxml2argv-disk-drive-network-nbd-ipv6.xml | 33 tests/qemuxml2argvtest.c | 4 + tests/qemuxml2xmltest.c| 2 + 8 files changed, 153 insertions(+), 28 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-ipv6-export.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-ipv6-export.xml create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-ipv6.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-nbd-ipv6.xml ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/4] Fix snapshot-create-as syntax in help output
On 03/14/2013 06:48 PM, Eric Blake wrote:
On 03/14/2013 11:16 AM, Daniel P. Berrange wrote:
On Thu, Mar 14, 2013 at 10:27:33AM +0100, Martin Kletzander wrote:
According to the man page, the memspec parameter should have the
'--memspec' option mandatory and this is as close as we can get to
that. What this change does is explained below.
diff --git a/tools/virsh-snapshot.c b/tools/virsh-snapshot.c
index d994fd9..c2db99b 100644
--- a/tools/virsh-snapshot.c
+++ b/tools/virsh-snapshot.c
@@ -397,7 +397,7 @@ static const vshCmdOptDef opts_snapshot_create_as[] = {
.help = N_(take a live snapshot)
},
{.name = memspec,
- .type = VSH_OT_DATA,
+ .type = VSH_OT_STRING,
.flags = VSH_OFLAG_REQ_OPT,
.help = N_(memory attributes: [file=]name[,snapshot=type])
},
ACK, looks reasonable, but would like Eric to confirm since he did
this bit of code.
Concur - this is a reasonable change.
(I'm still not sure why we have VSH_OT_DATA vs. VSH_OT_STRING, as about
the ONLY place where they make a difference is in help ouput.)
Thanks, pushed.
Martin
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 04/13] qemu: support named nbd exports
Il 15/03/2013 15:34, Daniel P. Berrange ha scritto: These are supported by nbd-server and by the NBD server that QEMU embeds for live image access. But seemingly not by 'qemu-nbd' ? No, not yet at least. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/4] Make vshDebug work when parsing parameters
On 03/15/2013 02:17 PM, Daniel P. Berrange wrote:
On Fri, Mar 15, 2013 at 02:10:08PM +0100, Martin Kletzander wrote:
On 03/14/2013 06:15 PM, Daniel P. Berrange wrote:
On Thu, Mar 14, 2013 at 10:27:32AM +0100, Martin Kletzander wrote:
The vshInit initializes ctl-debug by which vshDebug (which is also
called in vshParseArgv) decides whether to print out the message or
not.
Signed-off-by: Martin Kletzander mklet...@redhat.com
---
[...]
diff --git a/tools/virsh.c b/tools/virsh.c
index d822e09..58a604b 100644
--- a/tools/virsh.c
+++ b/tools/virsh.c
@@ -3100,12 +3100,12 @@ main(int argc, char **argv)
ctl-name = vshStrdup(ctl, defaultConn);
}
-if (!vshParseArgv(ctl, argc, argv)) {
+if (!vshInit(ctl)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
-if (!vshInit(ctl)) {
+if (!vshParseArgv(ctl, argc, argv)) {
vshDeinit(ctl);
exit(EXIT_FAILURE);
}
ACK
Thanks, pushed
Martin
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 08/13] qemu: add support for libiscsi
On Mon, Feb 25, 2013 at 06:44:27PM +0100, Paolo Bonzini wrote: libiscsi provides a userspace iSCSI initiator. The main advantage over the kernel initiator is that it is very easy to provide different initiator names for VMs on the same host. Thus libiscsi supports usage of persistent reservations in the VM, which otherwise would only be possible with NPIV. libiscsi uses iscsi as the scheme, not iscsi+tcp. We can change this in the tests (while remaining backwards-compatible manner, because QEMU uses TCP as the default transport for both Gluster and NBD). Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c| 49 +- tests/qemuargv2xmltest.c | 1 + .../qemuxml2argv-disk-drive-network-gluster.args | 2 +- .../qemuxml2argv-disk-drive-network-iscsi.args | 1 + ...ml2argv-disk-drive-network-nbd-ipv6-export.args | 2 +- .../qemuxml2argv-disk-drive-network-nbd-ipv6.args | 2 +- tests/qemuxml2argvtest.c | 2 + 7 files changed, 54 insertions(+), 5 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi.args ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv3] audit: Audit resources used by VirtIO RNG
On Wednesday, March 13, 2013 10:21:00 AM Daniel P. Berrange wrote:
On Wed, Mar 13, 2013 at 10:46:24AM +0100, Peter Krempa wrote:
This patch adds auditing of resources used by Virtio RNG devices. Only
resources on the local filesystems are audited.
The audit logs look like:
For the 'random' backend:
type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0
auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start
vm=qcow-test uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng=?
new-rng=/dev/random: exe=/home/pipo/libvirt/daemon/.libs/libvirtd
hostname=? addr=? terminal=pts/0 res=success'
For local character device source:
type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0
auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start
vm=qcow-test uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng=?
new-rng=/tmp/unix.sock: exe=/home/pipo/libvirt/daemon/.libs/libvirtd
hostname=? addr=? terminal=pts/0 res=success' ---
Notes:
Version 3:
- don't log non-local resources for EGD backend
- change order of blocks of code to optimize
Version 2:
- log also EGD backends
- add example of audit message to commit message
src/conf/domain_audit.c | 120
1 file changed, 120
insertions(+)
ACK, but wait 1 more day to give Steve Grubb a chance to
raise any issues before pushing.
Sorry...looks fine. Thanks for letting me know!
-Steve
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 4/4] Cleanup useless flags specifications
On 03/14/2013 06:25 PM, Daniel P. Berrange wrote: On Thu, Mar 14, 2013 at 10:27:35AM +0100, Martin Kletzander wrote: After we switched to C99 initialization, I noticed there were many places where the specification of .flags parameter differed. After going through many options and deciding whether to unify the initialization to be '.flags = 0' or '.flags = VSH_OFLAG_NONE', I realized both can be removed and it makes the code easier to go through. Signed-off-by: Martin Kletzander mklet...@redhat.com --- tools/virsh-domain-monitor.c | 26 - tools/virsh-domain.c | 221 --- tools/virsh-host.c | 10 -- tools/virsh-interface.c | 7 -- tools/virsh-network.c| 12 --- tools/virsh-nodedev.c| 3 - tools/virsh-pool.c | 23 - tools/virsh-secret.c | 4 - tools/virsh-snapshot.c | 59 tools/virsh-volume.c | 29 -- tools/virsh.c| 7 -- 11 files changed, 401 deletions(-) ACK Thanks, pushed. Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 12/13] domain: parse XML for iscsi authorization credentials
On Mon, Feb 25, 2013 at 06:44:31PM +0100, Paolo Bonzini wrote:
Signed-off-by: Paolo Bonzini pbonz...@redhat.com
---
docs/formatdomain.html.in | 12 -
docs/schemas/domaincommon.rng | 1 +
src/conf/domain_conf.c | 31
--
.../qemuxml2argv-disk-drive-network-iscsi-auth.xml | 31
++
tests/qemuxml2xmltest.c| 1 +
5 files changed, 62 insertions(+), 14 deletions(-)
create mode 100644
tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-auth.xml
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index c590427..0906fe9 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -1760,12 +1760,12 @@
holds the actual password or other credentials (the domain XML
intentionally does not expose the password, only the reference
to the object that does manage the password). For now, the
-only known secret codetype/code is ceph, for Ceph RBD
-network sources, and requires either an
-attribute codeuuid/code with the UUID of the Ceph secret
-object, or an attribute codeusage/code with the name
-associated with the Ceph secret
-object. span class=sincelibvirt 0.9.7/span
+known secret codetype/codes are ceph, for Ceph RBD
+network sources, and iscsi, for CHAP authentication of iSCSI
+targets. Both require either a codeuuid/code attribute
+with the UUID of the secret object, or a codeusage/code
+attribute matching the key that was specified in the
+secret object. span class=sincelibvirt 0.9.7/span
/dd
dtcodegeometry/code/dt
ddThe optional codegeometry/code element provides the
diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index b8c4503..6f85e84 100644
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -3592,6 +3592,7 @@
attribute name='type'
choice
valueceph/value
+ valueiscsi/value
/choice
/attribute
choice
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 71da694..e4c3e67 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -3885,6 +3885,8 @@ virDomainDiskDefParseXML(virCapsPtr caps,
char *wwn = NULL;
char *vendor = NULL;
char *product = NULL;
+int expected_secret_usage = -1;
+int auth_secret_usage = -1;
if (VIR_ALLOC(def) 0) {
virReportOOMError();
@@ -3922,7 +3924,6 @@ virDomainDiskDefParseXML(virCapsPtr caps,
if (cur-type == XML_ELEMENT_NODE) {
if (!source !hosts
xmlStrEqual(cur-name, BAD_CAST source)) {
-
sourceNode = cur;
switch (def-type) {
@@ -3958,6 +3959,9 @@ virDomainDiskDefParseXML(virCapsPtr caps,
_(invalid logical unit number));
goto error;
}
+expected_secret_usage = VIR_SECRET_USAGE_TYPE_ISCSI;
+} else if (def-protocol ==
VIR_DOMAIN_DISK_PROTOCOL_RBD) {
+expected_secret_usage = VIR_SECRET_USAGE_TYPE_CEPH;
}
if (!(source = virXMLPropString(cur, name))
def-protocol != VIR_DOMAIN_DISK_PROTOCOL_NBD) {
@@ -4144,8 +4148,9 @@ virDomainDiskDefParseXML(virCapsPtr caps,
_(missing type for secret));
goto error;
}
-if (virSecretUsageTypeTypeFromString(usageType) !=
-VIR_SECRET_USAGE_TYPE_CEPH) {
+auth_secret_usage =
+virSecretUsageTypeTypeFromString(usageType);
+if (auth_secret_usage 0) {
virReportError(VIR_ERR_XML_ERROR,
_(invalid secret type %s),
usageType);
@@ -4295,6 +4300,13 @@ virDomainDiskDefParseXML(virCapsPtr caps,
cur = cur-next;
}
+if (auth_secret_usage != -1 auth_secret_usage !=
expected_secret_usage) {
+virReportError(VIR_ERR_INTERNAL_ERROR,
Probably should use VIR_ERR_CONFIG_UNSUPPORTED
+ _(invalid secret type '%s'),
+ virSecretUsageTypeTypeToString(auth_secret_usage));
And list the expected type here, as well as the incorrect type.
ACK if those small changes are made when pushing
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org
Re: [libvirt] [PATCH 10/13] domain: make port optional for network disks
On Mon, Feb 25, 2013 at 06:44:29PM +0100, Paolo Bonzini wrote: Only sheepdog actually required it in the code, and we can use 7000 as the default---the same value that QEMU uses for the simple sheepdog:VOLUME syntax. With this change, the schema can be fixed to allow no port. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- docs/formatdomain.html.in | 6 ++ docs/schemas/domaincommon.rng | 8 +--- src/conf/domain_conf.c| 5 - src/qemu/qemu_command.c | 3 ++- 4 files changed, 13 insertions(+), 9 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 02/13] qemu: do not support non-network disks without -drive
On 03/15/2013 08:29 AM, Daniel P. Berrange wrote: On Mon, Feb 25, 2013 at 06:44:21PM +0100, Paolo Bonzini wrote: QEMU added -drive in 2007, and NBD in 2008. Both appeared first in release 0.10.0. Thus the code to support network disks without -drive is dead, and in fact it incorrectly escapes commas. Drop it. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c | 53 ++--- 1 file changed, 2 insertions(+), 51 deletions(-) ACK Pushed. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 11/13] secret: add iscsi to possible usage types
On Mon, Feb 25, 2013 at 06:44:30PM +0100, Paolo Bonzini wrote: Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- docs/formatsecret.html.in| 12 docs/schemas/secret.rng | 10 ++ include/libvirt/libvirt.h.in | 1 + src/conf/secret_conf.c | 22 +- src/conf/secret_conf.h | 1 + src/secret/secret_driver.c | 8 6 files changed, 53 insertions(+), 1 deletion(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 14/13] qemu: support passthrough for iscsi disks
On Mon, Feb 25, 2013 at 07:09:14PM +0100, Paolo Bonzini wrote: This enables usage of commands like persistent reservations. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/libvirt_private.syms | 1 + src/qemu/qemu_command.c| 9 ++- .../qemuxml2argv-disk-drive-network-iscsi-lun.args | 1 + .../qemuxml2argv-disk-drive-network-iscsi-lun.xml | 28 ++ tests/qemuxml2argvtest.c | 4 5 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-lun.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-iscsi-lun.xml ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH V1 1/6] Add QMP probing for TPM
On Fri, Mar 15, 2013 at 10:28:38AM -0400, Stefan Berger wrote: On 03/14/2013 10:47 AM, Daniel P. Berrange wrote: On Thu, Mar 14, 2013 at 10:44:32AM -0400, Stefan Berger wrote: Hm, this surprises me since this would put JSON specific code into the monitor APIs (qemu_monitor.c) while qemu_monitor.c typically only serves as a dispatcher for either text monitor or json monitor. No, you mis-understand me - I mean move the code into these 2 functions: Sorry for bothering you about this one. If I was to move the code back into these functions, we'd end up with duplicate code in both functions. It's like having 100 lines of code while 50 + 10 do the same thing... You really want me to do this? Yep, this makes the code for converting a JSON response into a string array reusable from other functions that need it. The duplication of the boilerplate for invoking commands is not a new issue - same applies to all functions in this file, so I'm not concerned about that. If we want to figure out a way to minimise it, we should do it across all the APIs. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/3] remote: Don't call NULL closeFreeCallback
Check function pointer before calling. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- src/remote/remote_driver.c |3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c index 3721af9..885120e 100644 --- a/src/remote/remote_driver.c +++ b/src/remote/remote_driver.c @@ -358,7 +358,8 @@ static void remoteClientCloseFunc(virNetClientPtr client ATTRIBUTE_UNUSED, closeCallback(conn, reason, closeOpaque); virMutexLock(conn-lock); conn-closeDispatch = false; -if (conn-closeUnregisterCount != closeUnregisterCount) +if (conn-closeUnregisterCount != closeUnregisterCount +closeFreeCallback) closeFreeCallback(closeOpaque); } virMutexUnlock(conn-lock); -- 1.7.9.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/3] libvirt: Increase connection reference count for callbacks
By adjusting the reference count of the connection object we prevent races between callback function and virConnectClose. Signed-off-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com --- src/libvirt.c |5 + 1 file changed, 5 insertions(+) diff --git a/src/libvirt.c b/src/libvirt.c index 02d5dd9..f7df26a 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -20184,6 +20184,8 @@ int virConnectRegisterCloseCallback(virConnectPtr conn, return -1; } +virObjectRef(conn); + virMutexLock(conn-lock); virCheckNonNullArgGoto(cb, error); @@ -20204,6 +20206,7 @@ int virConnectRegisterCloseCallback(virConnectPtr conn, error: virMutexUnlock(conn-lock); +virObjectUnref(conn); virDispatchError(NULL); return -1; } @@ -20253,6 +20256,8 @@ int virConnectUnregisterCloseCallback(virConnectPtr conn, virMutexUnlock(conn-lock); +virObjectUnref(conn); + return 0; error: -- 1.7.9.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/3] Fix virsh race and coredump
I hope that this is an acceptable solution. The race is caused by referencing a disposed connection object in a callback. In the first patch we make sure that the object reference count is reflecting the callback registration. The second patch prevents the invocation of a NULL callback. The last one tries to ensure that we don't leak connection references. Viktor Mihajlovski (3): libvirt: Increase connection reference count for callbacks remote: Don't call NULL closeFreeCallback virsh: Unregister the connection close notifier upon termination src/libvirt.c |5 + src/remote/remote_driver.c |3 ++- tools/virsh.c | 23 +-- 3 files changed, 24 insertions(+), 7 deletions(-) -- 1.7.9.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv4 7/9] virCaps: remove defaultDiskDriverType from the struct
Use the qemu specific callback to fill this data in the qemu driver as
it's the only place where it was used and fix tests as the qemu test
capability object didn't configure the defaults for the tests.
---
Notes:
Version 4:
- new in series
src/conf/capabilities.h| 1 -
src/conf/domain_conf.c | 5 ---
src/qemu/qemu_conf.c | 6
src/qemu/qemu_domain.c | 42 ++
.../qemuxml2argv-disk-drive-network-nbd.args | 5 +--
.../qemuxml2argv-disk-drive-network-nbd.xml| 1 +
.../qemuxml2argv-disk-drive-network-rbd-auth.args | 2 +-
.../qemuxml2argv-disk-drive-network-rbd-ipv6.args | 2 +-
.../qemuxml2argv-disk-drive-network-rbd-ipv6.xml | 1 +
.../qemuxml2argv-disk-drive-network-rbd.args | 2 +-
.../qemuxml2argv-disk-drive-network-rbd.xml| 1 +
.../qemuxml2argv-disk-drive-network-sheepdog.args | 3 +-
.../qemuxml2argv-disk-drive-network-sheepdog.xml | 1 +
13 files changed, 47 insertions(+), 25 deletions(-)
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index dcf38a8..22a7a3d 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -163,7 +163,6 @@ struct _virCaps {
/* Move to virDomainXMLConf later */
unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN];
-int defaultDiskDriverType; /* enum virStorageFileFormat */
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
bool hasWideScsiBus;
};
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 5a59e3f..6cebe67 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4862,9 +4862,6 @@ virDomainDiskDefParseXML(virCapsPtr caps,
driverType);
goto error;
}
-} else if (def-type == VIR_DOMAIN_DISK_TYPE_FILE ||
- def-type == VIR_DOMAIN_DISK_TYPE_BLOCK) {
-def-format = caps-defaultDiskDriverType;
}
if (mirrorFormat) {
@@ -4875,8 +4872,6 @@ virDomainDiskDefParseXML(virCapsPtr caps,
driverType);
goto error;
}
-} else if (def-mirror) {
-def-mirrorFormat = caps-defaultDiskDriverType;
}
if (def-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index aab3375..c1ab3c9 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -574,12 +574,6 @@ virCapsPtr
virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver)
if (!(caps = virQEMUCapsInit(driver-qemuCapsCache)))
goto no_memory;
-if (cfg-allowDiskFormatProbing) {
-caps-defaultDiskDriverType = VIR_STORAGE_FILE_AUTO;
-} else {
-caps-defaultDiskDriverType = VIR_STORAGE_FILE_RAW;
-}
-
if (virGetHostUUID(caps-host.host_uuid)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
%s, _(cannot get the host uuid));
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 58f9d27..f7df4a9 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -695,13 +695,41 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
goto no_memory;
}
-if (dev-type == VIR_DOMAIN_DEVICE_DISK
-!dev-data.disk-driverName
-driver
-(cfg = virQEMUDriverGetConfig(driver))) {
-if (!cfg-allowDiskFormatProbing
-!(dev-data.disk-driverName = strdup(qemu))) {
-goto no_memory;
+/* set default disk types and drivers */
+if (dev-type == VIR_DOMAIN_DEVICE_DISK) {
+virDomainDiskDefPtr disk = dev-data.disk;
+
+/* both of these require data from the driver config */
+if (driver (cfg = virQEMUDriverGetConfig(driver))) {
+/* assign default storage format and driver according to config */
+if (cfg-allowDiskFormatProbing) {
+/* default disk format for drives */
+if (disk-format == VIR_STORAGE_FILE_NONE
+(disk-type == VIR_DOMAIN_DISK_TYPE_FILE ||
+ disk-type == VIR_DOMAIN_DISK_TYPE_BLOCK))
+disk-format = VIR_STORAGE_FILE_AUTO;
+
+ /* default disk format for mirrored drive */
+if (disk-mirror
+disk-mirrorFormat == VIR_STORAGE_FILE_NONE)
+disk-mirrorFormat = VIR_STORAGE_FILE_AUTO;
+} else {
+/* default driver if probing is forbidden */
+if (!disk-driverName
+!(disk-driverName = strdup(qemu)))
+goto no_memory;
+
+/* default disk format for drives */
+if (disk-format == VIR_STORAGE_FILE_NONE
+(disk-type == VIR_DOMAIN_DISK_TYPE_FILE ||
+ disk-type == VIR_DOMAIN_DISK_TYPE_BLOCK))
+disk-format = VIR_STORAGE_FILE_RAW;
+
+
[libvirt] [PATCHv4 3/9] virCaps: get rid of defaultInitPath value in the virCaps struct
This gets rid of the parameter in favor of using the new callback
infrastructure to do the same stuff.
This patch implements the domain adjustment callback in the openVZ
driver and moves the check from the parser to a new validation method in
the callback infrastructure.
---
Notes:
Version 4:
- tweaked naming do comply with other changes
- v3 ACKed
Version 3:
- new in series
src/conf/capabilities.h| 1 -
src/conf/domain_conf.c | 33 +
src/openvz/openvz_conf.c | 1 -
src/openvz/openvz_driver.c | 26 +-
4 files changed, 46 insertions(+), 15 deletions(-)
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index a70896a..43ace12 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -168,7 +168,6 @@ struct _virCaps {
int defaultDiskDriverType; /* enum virStorageFileFormat */
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
bool hasWideScsiBus;
-const char *defaultInitPath;
};
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index a1b634b..bd3cd26 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2487,6 +2487,22 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def,
}
+/* this is a place for global assumption checks */
+static int
+virDomainDefPostParseInternal(virDomainDefPtr def,
+ virCapsPtr caps ATTRIBUTE_UNUSED)
+{
+/* verify init path for container based domains */
+if (STREQ(def-os.type, exe) !def-os.init) {
+virReportError(VIR_ERR_XML_ERROR, %s,
+ _(init binary must be specified));
+return -1;
+}
+
+return 0;
+}
+
+
static int
virDomainDeviceDefPostParse(virDomainXMLConfPtr xmlconf,
virDomainDeviceDefPtr dev,
@@ -2506,6 +2522,7 @@ virDomainDeviceDefPostParse(virDomainXMLConfPtr xmlconf,
}
+
struct virDomainDefPostParseDeviceIteratorData {
virCapsPtr caps;
virDomainDefPtr def;
@@ -2550,6 +2567,10 @@ virDomainDefPostParse(virDomainXMLConfPtr xmlconf,
data)) 0)
return ret;
+
+if ((ret = virDomainDefPostParseInternal(def, caps)) 0)
+return ret;
+
return 0;
}
@@ -10297,18 +10318,6 @@ virDomainDefParseXML(virCapsPtr caps,
if (STREQ(def-os.type, exe)) {
def-os.init = virXPathString(string(./os/init[1]), ctxt);
-if (!def-os.init) {
-if (caps-defaultInitPath) {
-def-os.init = strdup(caps-defaultInitPath);
-if (!def-os.init) {
-goto no_memory;
-}
-} else {
-virReportError(VIR_ERR_XML_ERROR, %s,
- _(init binary must be specified));
-goto error;
-}
-}
def-os.cmdline = virXPathString(string(./os/cmdline[1]), ctxt);
if ((n = virXPathNodeSet(./os/initarg, ctxt, nodes)) 0) {
diff --git a/src/openvz/openvz_conf.c b/src/openvz/openvz_conf.c
index e3e64e5..05c6113 100644
--- a/src/openvz/openvz_conf.c
+++ b/src/openvz/openvz_conf.c
@@ -206,7 +206,6 @@ virCapsPtr openvzCapsInit(void)
NULL) == NULL)
goto no_memory;
-caps-defaultInitPath = /sbin/init;
caps-defaultConsoleTargetType = openvzDefaultConsoleType;
return caps;
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index a6f4c66..de6198c 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -97,6 +97,29 @@ static void cmdExecFree(const char *cmdExec[])
}
}
+
+static int
+openvzDomainDefPostParse(virDomainDefPtr def,
+ virCapsPtr caps ATTRIBUTE_UNUSED,
+ void *opaque ATTRIBUTE_UNUSED)
+{
+/* fill the init path */
+if (STREQ(def-os.type, exe) !def-os.init) {
+if (!(def-os.init = strdup(/sbin/init))) {
+virReportOOMError();
+return -1;
+}
+}
+
+return 0;
+}
+
+
+virDomainDefParserConfig openvzDomainDefParserConfig = {
+.domainConfigCallback = openvzDomainDefPostParse,
+};
+
+
/* generate arguments to create OpenVZ container
return -1 - error
0 - OK
@@ -1453,7 +1476,8 @@ static virDrvOpenStatus openvzOpen(virConnectPtr conn,
if (!(driver-caps = openvzCapsInit()))
goto cleanup;
-if (!(driver-xmlconf = virDomainXMLConfNew(NULL, NULL, NULL)))
+if (!(driver-xmlconf = virDomainXMLConfNew(openvzDomainDefParserConfig,
+NULL, NULL)))
goto cleanup;
if (openvzLoadDomains(driver) 0)
--
1.8.1.5
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv4 4/9] virCaps: get rid of defaultDiskDriverName
This patch removes the defaultDiskDriverName from the virCaps
structure. This particular default value is used only in the qemu driver
so this patch uses the recently added callback to fill the driver name
if it's needed instead of propagating it through virCaps.
---
Notes:
Version 4:
- tweaked naming to comply
- v3 was already ACKed
Version 3:
- new in series
src/conf/capabilities.h | 1 -
src/conf/domain_conf.c| 8
src/qemu/qemu_conf.c | 5 ++---
src/qemu/qemu_conf.h | 3 ++-
src/qemu/qemu_domain.c| 25 ++---
src/qemu/qemu_driver.c| 2 +-
tests/domainsnapshotxml2xmltest.c | 2 +-
tests/qemuargv2xmltest.c | 2 +-
tests/qemumonitorjsontest.c | 2 +-
tests/qemuxml2argvtest.c | 2 +-
tests/qemuxml2xmltest.c | 2 +-
tests/qemuxmlnstest.c | 2 +-
tests/securityselinuxlabeltest.c | 2 +-
13 files changed, 34 insertions(+), 24 deletions(-)
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index 43ace12..5fd1bb5 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -164,7 +164,6 @@ struct _virCaps {
/* Move to virDomainXMLConf later */
unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN];
unsigned int emulatorRequired : 1;
-const char *defaultDiskDriverName;
int defaultDiskDriverType; /* enum virStorageFileFormat */
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
bool hasWideScsiBus;
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index bd3cd26..7f8f96e 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4830,11 +4830,6 @@ virDomainDiskDefParseXML(virCapsPtr caps,
def-format = caps-defaultDiskDriverType;
}
-if (!def-driverName
-caps-defaultDiskDriverName
-!(def-driverName = strdup(caps-defaultDiskDriverName)))
-goto no_memory;
-
if (mirrorFormat) {
def-mirrorFormat = virStorageFileFormatTypeFromString(mirrorFormat);
if (def-mirrorFormat = 0) {
@@ -4897,9 +4892,6 @@ cleanup:
ctxt-node = save_ctxt;
return def;
-no_memory:
-virReportOOMError();
-
error:
virDomainDiskDefFree(def);
def = NULL;
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 128baf8..aab3375 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -552,8 +552,9 @@ virQEMUDriverConfigPtr
virQEMUDriverGetConfig(virQEMUDriverPtr driver)
}
virDomainXMLConfPtr
-virQEMUDriverCreateXMLConf(void)
+virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver)
{
+virQEMUDriverDomainDefParserConfig.priv = driver;
return virDomainXMLConfNew(virQEMUDriverDomainDefParserConfig,
virQEMUDriverPrivateDataCallbacks,
virQEMUDriverDomainXMLNamespace);
@@ -574,10 +575,8 @@ virCapsPtr
virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver)
goto no_memory;
if (cfg-allowDiskFormatProbing) {
-caps-defaultDiskDriverName = NULL;
caps-defaultDiskDriverType = VIR_STORAGE_FILE_AUTO;
} else {
-caps-defaultDiskDriverName = qemu;
caps-defaultDiskDriverType = VIR_STORAGE_FILE_RAW;
}
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index c5ddaad..4b917a7 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -301,6 +301,7 @@ void qemuSharedDiskEntryFree(void *payload, const void
*name)
ATTRIBUTE_NONNULL(1);
int qemuDriverAllocateID(virQEMUDriverPtr driver);
-virDomainXMLConfPtr virQEMUDriverCreateXMLConf(void);
+virDomainXMLConfPtr virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver);
+
#endif /* __QEMUD_CONF_H */
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 51db3da..6397809 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -667,19 +667,38 @@ static int
qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
virDomainDefPtr def ATTRIBUTE_UNUSED,
virCapsPtr caps ATTRIBUTE_UNUSED,
- void *opaque ATTRIBUTE_UNUSED)
+ void *opaque)
{
+int ret = -1;
+virQEMUDriverPtr driver = opaque;
+virQEMUDriverConfigPtr cfg = NULL;
+
if (dev-type == VIR_DOMAIN_DEVICE_NET
dev-data.net-type != VIR_DOMAIN_NET_TYPE_HOSTDEV) {
if (!dev-data.net-model
!(dev-data.net-model = strdup(rtl8139)))
goto no_memory;
}
-return 0;
+
+if (dev-type == VIR_DOMAIN_DEVICE_DISK
+!dev-data.disk-driverName
+driver
+(cfg = virQEMUDriverGetConfig(driver))) {
+if (!cfg-allowDiskFormatProbing
+!(dev-data.disk-driverName = strdup(qemu))) {
+goto no_memory;
+}
+}
+
+ret = 0;
+
+cleanup:
+virObjectUnref(cfg);
+return ret;
no_memory:
[libvirt] [PATCHv4 0/9] Introduce driver specific callbacks and get rid of irrelevant data in virCaps
This series now splits out almost everything from the virCaps object (except for the defaultConsoleTargetType callback that I will post later as It requires more tweaking). See notes in individual patches for change summary. Peter Krempa (9): conf: Add post XML parse callbacks and prepare for cleaning of virCaps qemu: Record the default NIC model in the domain XML virCaps: get rid of defaultInitPath value in the virCaps struct virCaps: get rid of defaultDiskDriverName virCaps: get rid of emulatorRequired conf: Enforce ranges on cputune variables virCaps: remove defaultDiskDriverType from the struct virCaps: Get rid of hasWideScsiBus virCaps: get rid of macPrefix field src/conf/capabilities.c| 24 --- src/conf/capabilities.h| 20 -- src/conf/domain_conf.c | 239 - src/conf/domain_conf.h | 40 +++- src/esx/esx_driver.c | 13 +- src/libvirt_private.syms | 6 +- src/libvirt_vmx.syms | 2 + src/libxl/libxl_conf.c | 2 - src/libxl/libxl_driver.c | 13 +- src/lxc/lxc_conf.c | 11 +- src/lxc/lxc_domain.c | 17 ++ src/lxc/lxc_domain.h | 1 + src/lxc/lxc_driver.c | 6 +- src/openvz/openvz_conf.c | 4 +- src/openvz/openvz_driver.c | 32 ++- src/parallels/parallels_driver.c | 12 +- src/phyp/phyp_driver.c | 10 +- src/qemu/qemu_capabilities.c | 6 - src/qemu/qemu_command.c| 15 +- src/qemu/qemu_conf.c | 14 +- src/qemu/qemu_conf.h | 3 +- src/qemu/qemu_domain.c | 89 src/qemu/qemu_domain.h | 1 + src/qemu/qemu_driver.c | 13 +- src/security/virt-aa-helper.c | 2 +- src/test/test_driver.c | 2 +- src/uml/uml_driver.c | 7 +- src/vbox/vbox_tmpl.c | 18 +- src/vmware/vmware_conf.c | 4 +- src/vmware/vmware_driver.c | 8 +- src/vmx/vmx.c | 39 ++-- src/vmx/vmx.h | 12 +- src/xen/xen_driver.c | 7 +- src/xen/xen_hypervisor.c | 2 - src/xen/xend_internal.c| 6 +- src/xen/xm_internal.c | 2 + src/xenapi/xenapi_driver.c | 2 +- tests/domainsnapshotxml2xmltest.c | 2 +- tests/lxcxml2xmldata/lxc-hostdev.xml | 1 + tests/lxcxml2xmldata/lxc-systemd.xml | 1 + tests/qemuargv2xmltest.c | 2 +- tests/qemumonitorjsontest.c| 2 +- .../qemuxml2argv-disk-drive-network-nbd.args | 5 +- .../qemuxml2argv-disk-drive-network-nbd.xml| 1 + .../qemuxml2argv-disk-drive-network-rbd-auth.args | 2 +- .../qemuxml2argv-disk-drive-network-rbd-ipv6.args | 2 +- .../qemuxml2argv-disk-drive-network-rbd-ipv6.xml | 1 + .../qemuxml2argv-disk-drive-network-rbd.args | 2 +- .../qemuxml2argv-disk-drive-network-rbd.xml| 1 + .../qemuxml2argv-disk-drive-network-sheepdog.args | 3 +- .../qemuxml2argv-disk-drive-network-sheepdog.xml | 1 + .../qemuxml2argv-net-bandwidth.xml | 1 + .../qemuxml2argvdata/qemuxml2argv-net-client.args | 4 +- .../qemuxml2argv-net-eth-ifname.args | 4 +- .../qemuxml2argv-net-eth-ifname.xml| 1 + .../qemuxml2argv-net-eth-names.args| 8 +- tests/qemuxml2argvdata/qemuxml2argv-net-eth.args | 4 +- tests/qemuxml2argvdata/qemuxml2argv-net-eth.xml| 1 + .../qemuxml2argvdata/qemuxml2argv-net-hostdev.xml | 1 + tests/qemuxml2argvdata/qemuxml2argv-net-mcast.args | 4 +- .../qemuxml2argv-net-openvswitch.xml | 1 + .../qemuxml2argvdata/qemuxml2argv-net-server.args | 4 +- tests/qemuxml2argvdata/qemuxml2argv-net-user.args | 3 +- tests/qemuxml2argvdata/qemuxml2argv-net-user.xml | 1 + .../qemuxml2argv-net-virtio-network-portgroup.xml | 2 + tests/qemuxml2argvtest.c | 2 +- .../qemuxml2xmlout-graphics-spice-timeout.xml | 1 + tests/qemuxml2xmltest.c| 2 +- tests/qemuxmlnstest.c | 2 +- tests/securityselinuxlabeltest.c | 2 +-
[libvirt] [PATCHv4 8/9] virCaps: Get rid of hasWideScsiBus
Use the virDomainXMLConf structure to hold this data.
---
Notes:
Version 4:
- new in series
src/conf/capabilities.h| 1 -
src/conf/domain_conf.c | 13 +++--
src/conf/domain_conf.h | 8 +++-
src/esx/esx_driver.c | 12 +---
src/libvirt_vmx.syms | 2 ++
src/qemu/qemu_command.c| 9 +
src/vmware/vmware_conf.c | 2 +-
src/vmware/vmware_driver.c | 6 +++---
src/vmx/vmx.c | 38 ++
src/vmx/vmx.h | 12 +++-
tests/vmx2xmltest.c| 10 +++---
tests/xml2vmxtest.c| 7 +++
12 files changed, 73 insertions(+), 47 deletions(-)
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index 22a7a3d..f4cf8f3 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -164,7 +164,6 @@ struct _virCaps {
/* Move to virDomainXMLConf later */
unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN];
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
-bool hasWideScsiBus;
};
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 6cebe67..cad5387 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -3640,7 +3640,8 @@ virDomainDiskFindByBusAndDst(virDomainDefPtr def,
}
int
-virDomainDiskDefAssignAddress(virCapsPtr caps, virDomainDiskDefPtr def)
+virDomainDiskDefAssignAddress(virDomainXMLConfPtr xmlconf,
+ virDomainDiskDefPtr def)
{
int idx = virDiskNameToIndex(def-dst);
if (idx 0) {
@@ -3654,7 +3655,7 @@ virDomainDiskDefAssignAddress(virCapsPtr caps,
virDomainDiskDefPtr def)
case VIR_DOMAIN_DISK_BUS_SCSI:
def-info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DRIVE;
-if (caps-hasWideScsiBus) {
+if (xmlconf-config.hasWideScsiBus) {
/* For a wide SCSI bus we define the default mapping to be
* 16 units per bus, 1 bus per controller, many controllers.
* Unit 7 is the SCSI controller itself. Therefore unit 7
@@ -4093,7 +4094,7 @@ cleanup:
* @param node XML nodeset to parse for disk definition
*/
static virDomainDiskDefPtr
-virDomainDiskDefParseXML(virCapsPtr caps,
+virDomainDiskDefParseXML(virDomainXMLConfPtr xmlconf,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virBitmapPtr bootMap,
@@ -4875,7 +4876,7 @@ virDomainDiskDefParseXML(virCapsPtr caps,
}
if (def-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE
- virDomainDiskDefAssignAddress(caps, def) 0)
+ virDomainDiskDefAssignAddress(xmlconf, def) 0)
goto error;
cleanup:
@@ -8537,7 +8538,7 @@ virDomainDeviceDefParse(virCapsPtr caps,
if (xmlStrEqual(node-name, BAD_CAST disk)) {
dev-type = VIR_DOMAIN_DEVICE_DISK;
-if (!(dev-data.disk = virDomainDiskDefParseXML(caps, node, ctxt,
+if (!(dev-data.disk = virDomainDiskDefParseXML(xmlconf, node, ctxt,
NULL, def-seclabels,
def-nseclabels,
flags)))
@@ -10392,7 +10393,7 @@ virDomainDefParseXML(virCapsPtr caps,
goto no_memory;
for (i = 0 ; i n ; i++) {
-virDomainDiskDefPtr disk = virDomainDiskDefParseXML(caps,
+virDomainDiskDefPtr disk = virDomainDiskDefParseXML(xmlconf,
nodes[i],
ctxt,
bootMap,
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index a82a432..a253438 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1965,11 +1965,16 @@ typedef int
(*virDomainDeviceDefPostParseCallback)(virDomainDeviceDefPtr dev,
typedef struct _virDomainDefParserConfig virDomainDefParserConfig;
typedef virDomainDefParserConfig *virDomainDefParserConfigPtr;
struct _virDomainDefParserConfig {
+/* driver domain definition callbacks */
virDomainDefPostParseCallback domainConfigCallback;
virDomainDeviceDefPostParseCallback devicesConfigCallback;
+/* private data for the callbacks */
void *priv;
virFreeCallback privFree;
+
+/* data */
+bool hasWideScsiBus;
};
typedef struct _virDomainXMLPrivateDataCallbacks
virDomainXMLPrivateDataCallbacks;
@@ -2166,7 +2171,8 @@ int virDomainDiskInsert(virDomainDefPtr def,
virDomainDiskDefPtr disk);
void virDomainDiskInsertPreAlloced(virDomainDefPtr def,
virDomainDiskDefPtr disk);
-int virDomainDiskDefAssignAddress(virCapsPtr caps, virDomainDiskDefPtr def);
+int virDomainDiskDefAssignAddress(virDomainXMLConfPtr xmlconf,
+ virDomainDiskDefPtr def);
virDomainDiskDefPtr
[libvirt] [PATCHv4 5/9] virCaps: get rid of emulatorRequired
This patch removes the emulatorRequired field and associated
infrastructure from the virCaps object. Instead the driver specific
callbacks are used as this field isn't enforced by all drivers.
This patch implements the appropriate callbacks in the qemu and lxc
driver and moves to check to that location.
---
Notes:
Version 4:
- rename virDomainDefDefaultEmulator to virDomainDefGetDefaultEmulator
- changed names of functions to comply with the rest
Version 3:
- new in the series
src/conf/capabilities.c | 10 --
src/conf/capabilities.h | 7 ---
src/conf/domain_conf.c | 16 ++--
src/conf/domain_conf.h | 2 ++
src/libvirt_private.syms | 3 +--
src/lxc/lxc_conf.c | 6 ++
src/lxc/lxc_domain.c | 17 +
src/lxc/lxc_domain.h | 1 +
src/qemu/qemu_capabilities.c | 3 ---
src/qemu/qemu_domain.c | 16
tests/lxcxml2xmldata/lxc-hostdev.xml | 1 +
tests/lxcxml2xmldata/lxc-systemd.xml | 1 +
12 files changed, 47 insertions(+), 36 deletions(-)
diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c
index d53d5a3..1d29ce6 100644
--- a/src/conf/capabilities.c
+++ b/src/conf/capabilities.c
@@ -935,13 +935,3 @@ virCapabilitiesGenerateMac(virCapsPtr caps,
{
virMacAddrGenerate(caps-macPrefix, mac);
}
-
-extern void
-virCapabilitiesSetEmulatorRequired(virCapsPtr caps) {
-caps-emulatorRequired = 1;
-}
-
-extern unsigned int
-virCapabilitiesIsEmulatorRequired(virCapsPtr caps) {
-return caps-emulatorRequired;
-}
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index 5fd1bb5..dcf38a8 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -163,7 +163,6 @@ struct _virCaps {
/* Move to virDomainXMLConf later */
unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN];
-unsigned int emulatorRequired : 1;
int defaultDiskDriverType; /* enum virStorageFileFormat */
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
bool hasWideScsiBus;
@@ -186,12 +185,6 @@ extern void
virCapabilitiesGenerateMac(virCapsPtr caps,
virMacAddrPtr mac);
-extern void
-virCapabilitiesSetEmulatorRequired(virCapsPtr caps);
-
-extern unsigned int
-virCapabilitiesIsEmulatorRequired(virCapsPtr caps);
-
extern int
virCapabilitiesAddHostFeature(virCapsPtr caps,
const char *name);
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 7f8f96e..fde88b2 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -9166,8 +9166,9 @@ virDomainLeaseRemove(virDomainDefPtr def,
}
-static char *virDomainDefDefaultEmulator(virDomainDefPtr def,
- virCapsPtr caps) {
+char *
+virDomainDefGetDefaultEmulator(virDomainDefPtr def,
+ virCapsPtr caps) {
const char *type;
const char *emulator;
char *retemu;
@@ -9186,13 +9187,13 @@ static char
*virDomainDefDefaultEmulator(virDomainDefPtr def,
if (!emulator) {
virReportError(VIR_ERR_INTERNAL_ERROR,
- _(no emulator for domain %s os type %s on architecture
%s),
+ _(no emulator for domain %s os type %s
+ on architecture %s),
type, def-os.type, virArchToString(def-os.arch));
return NULL;
}
-retemu = strdup(emulator);
-if (!retemu)
+if (!(retemu = strdup(emulator)))
virReportOOMError();
return retemu;
@@ -10350,11 +10351,6 @@ virDomainDefParseXML(virCapsPtr caps,
}
def-emulator = virXPathString(string(./devices/emulator[1]), ctxt);
-if (!def-emulator virCapabilitiesIsEmulatorRequired(caps)) {
-def-emulator = virDomainDefDefaultEmulator(def, caps);
-if (!def-emulator)
-goto error;
-}
/* analysis of the disk devices */
if ((n = virXPathNodeSet(./devices/disk, ctxt, nodes)) 0)
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index 4995da5..a82a432 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -2490,4 +2490,6 @@ int virDomainObjListExport(virDomainObjListPtr doms,
virDomainVcpuPinDefPtr virDomainLookupVcpuPin(virDomainDefPtr def,
int vcpuid);
+char *virDomainDefGetDefaultEmulator(virDomainDefPtr def, virCapsPtr caps);
+
#endif /* __DOMAIN_CONF_H */
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 5cad990..fb05d59 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -21,9 +21,7 @@ virCapabilitiesFormatXML;
virCapabilitiesFreeMachines;
virCapabilitiesFreeNUMAInfo;
virCapabilitiesGenerateMac;
-virCapabilitiesIsEmulatorRequired;
virCapabilitiesNew;
-virCapabilitiesSetEmulatorRequired;
virCapabilitiesSetHostCPU;
[libvirt] [PATCHv4 9/9] virCaps: get rid of macPrefix field
Use the virDomainXMLConf structure to hold this data and tweak the code
to avoid semantic change.
Without configuration the KVM mac prefix is used by default. I chose it
as it's in the privately administered segment so it should be usable for
any purposes.
---
Notes:
Version 4:
- new in series
src/conf/capabilities.c | 14 --
src/conf/capabilities.h | 9 -
src/conf/domain_conf.c | 26 ++
src/conf/domain_conf.h | 3 +++
src/esx/esx_driver.c | 1 -
src/libvirt_private.syms | 3 +--
src/libxl/libxl_conf.c | 2 --
src/libxl/libxl_driver.c | 6 +-
src/lxc/lxc_conf.c | 3 ---
src/openvz/openvz_conf.c | 2 --
src/openvz/openvz_driver.c | 2 +-
src/parallels/parallels_driver.c | 12
src/phyp/phyp_driver.c | 4
src/qemu/qemu_capabilities.c | 3 ---
src/qemu/qemu_command.c | 6 +++---
src/vbox/vbox_tmpl.c | 10 +++---
src/vmware/vmware_conf.c | 2 --
src/vmx/vmx.c| 1 +
src/xen/xen_driver.c | 7 ++-
src/xen/xen_hypervisor.c | 2 --
tests/vmx2xmltest.c | 1 -
tests/xml2vmxtest.c | 1 -
22 files changed, 57 insertions(+), 63 deletions(-)
diff --git a/src/conf/capabilities.c b/src/conf/capabilities.c
index 1d29ce6..c7ec92f 100644
--- a/src/conf/capabilities.c
+++ b/src/conf/capabilities.c
@@ -921,17 +921,3 @@ virCapabilitiesFormatXML(virCapsPtr caps)
return virBufferContentAndReset(xml);
}
-
-extern void
-virCapabilitiesSetMacPrefix(virCapsPtr caps,
-const unsigned char prefix[VIR_MAC_PREFIX_BUFLEN])
-{
-memcpy(caps-macPrefix, prefix, sizeof(caps-macPrefix));
-}
-
-extern void
-virCapabilitiesGenerateMac(virCapsPtr caps,
- virMacAddrPtr mac)
-{
-virMacAddrGenerate(caps-macPrefix, mac);
-}
diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h
index f4cf8f3..6b65e6a 100644
--- a/src/conf/capabilities.h
+++ b/src/conf/capabilities.h
@@ -162,7 +162,6 @@ struct _virCaps {
virCapsGuestPtr *guests;
/* Move to virDomainXMLConf later */
-unsigned char macPrefix[VIR_MAC_PREFIX_BUFLEN];
int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch);
};
@@ -175,14 +174,6 @@ virCapabilitiesNew(virArch hostarch,
extern void
virCapabilitiesFreeNUMAInfo(virCapsPtr caps);
-extern void
-virCapabilitiesSetMacPrefix(virCapsPtr caps,
-const unsigned char prefix[VIR_MAC_PREFIX_BUFLEN]);
-
-extern void
-virCapabilitiesGenerateMac(virCapsPtr caps,
- virMacAddrPtr mac);
-
extern int
virCapabilitiesAddHostFeature(virCapsPtr caps,
const char *name);
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index cad5387..a26bc7b 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -800,6 +800,16 @@ virDomainXMLConfNew(virDomainDefParserConfigPtr config,
if (xmlns)
xmlconf-ns = *xmlns;
+/* Technically this forbids to use one of Xerox's MAC address prefixes in
+ * our hypervisor drivers. This shouldn't ever be a problem.
+ *
+ * Use the KVM prefix as default as it's in the privately administered
+ * range */
+if (memcmp(xmlconf-config.macPrefix,
+ (unsigned char[]) {0x00, 0x00, 0x00}, 3))
+memcpy(xmlconf-config.macPrefix,
+ (unsigned char[]) {0x54, 0x52, 0x00}, 3);
+
return xmlconf;
}
@@ -5077,6 +5087,14 @@ cleanup:
}
+void
+virDomainNetGenerateMAC(virDomainXMLConfPtr xmlconf,
+virMacAddrPtr mac)
+{
+virMacAddrGenerate(xmlconf-config.macPrefix, mac);
+}
+
+
/* Parse a value located at XPATH within CTXT, and store the
* result into val. If REQUIRED, then the value must exist;
* otherwise, the value is optional. The value is in bytes.
@@ -5445,7 +5463,7 @@ error:
* @return 0 on success, -1 on failure
*/
static virDomainNetDefPtr
-virDomainNetDefParseXML(virCapsPtr caps,
+virDomainNetDefParseXML(virDomainXMLConfPtr xmlconf,
xmlNodePtr node,
xmlXPathContextPtr ctxt,
virBitmapPtr bootMap,
@@ -5630,7 +5648,7 @@ virDomainNetDefParseXML(virCapsPtr caps,
goto error;
}
} else {
-virCapabilitiesGenerateMac(caps, def-mac);
+virDomainNetGenerateMAC(xmlconf, def-mac);
}
if (devaddr) {
@@ -8553,7 +8571,7 @@ virDomainDeviceDefParse(virCapsPtr caps,
goto error;
} else if (xmlStrEqual(node-name, BAD_CAST interface)) {
dev-type = VIR_DOMAIN_DEVICE_NET;
-if (!(dev-data.net = virDomainNetDefParseXML(caps, node, ctxt,
+if (!(dev-data.net = virDomainNetDefParseXML(xmlconf, node, ctxt,
NULL, flags)))
[libvirt] [PATCHv4 1/9] conf: Add post XML parse callbacks and prepare for cleaning of virCaps
This patch adds instrumentation that will allow hypervisor drivers to
fill and validate domain and device definitions after parsed by the XML
parser.
With this patch, after the XML is parsed, a callback to the driver is
issued requesing to fill and validate driver specific details of the
configuration. This allows to use sensible defaults and checks on a per
driver basis at the time the XML is parsed.
Two callback pointers are stored in the new virDomainXMLConf object:
* virDomainDeviceDefPostParseCallback (devicesConfCallback)
- called for a single device parsed and for every single device in a
domain config. A virDomainDeviceDefPtr is passed along with the
domain definition and virCaps.
* virDomainDefPostParseCallback, (domainConfCallback)
- A callback that is meant to process the domain config after it's
parsed. A virDomainDefPtr is passed along with virCaps.
Both types of callbacks support arbitrary opaque data passed for the
callback functions.
Errors may be reported in those callbacks resulting in a XML parsing
failure.
---
Notes:
Version 4:
- added support for opaque data for the callback
- removed post-devices domain config callback until it's needed
- renamed the structure holding the data as it will also contain some
defaults as values
- squashed patch adding the new argument to the contstructor
src/conf/domain_conf.c | 101 +--
src/conf/domain_conf.h | 27 +--
src/esx/esx_driver.c | 2 +-
src/libxl/libxl_driver.c | 9 ++--
src/lxc/lxc_conf.c | 4 +-
src/lxc/lxc_driver.c | 6 ++-
src/openvz/openvz_conf.c | 1 +
src/openvz/openvz_driver.c | 6 +--
src/parallels/parallels_driver.c | 2 +-
src/phyp/phyp_driver.c | 6 +--
src/qemu/qemu_conf.c | 3 +-
src/qemu/qemu_driver.c | 11 +++--
src/security/virt-aa-helper.c| 2 +-
src/test/test_driver.c | 2 +-
src/uml/uml_driver.c | 7 ++-
src/vbox/vbox_tmpl.c | 10 ++--
src/vmware/vmware_driver.c | 2 +-
src/xen/xen_driver.c | 2 +-
src/xen/xend_internal.c | 6 +--
src/xen/xm_internal.c| 2 +
src/xenapi/xenapi_driver.c | 2 +-
tests/testutilsxen.c | 2 +-
tests/xml2vmxtest.c | 2 +-
23 files changed, 173 insertions(+), 44 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 3278e9c..a1b634b 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -73,6 +73,9 @@ struct _virDomainObjList {
struct _virDomainXMLConf {
virObject parent;
+/* XML parser callbacks and defaults */
+virDomainDefParserConfig config;
+
/* domain private data management callbacks */
virDomainXMLPrivateDataCallbacks privateData;
@@ -732,6 +735,7 @@ static virClassPtr virDomainObjListClass;
static virClassPtr virDomainXMLConfClass;
static void virDomainObjDispose(void *obj);
static void virDomainObjListDispose(void *obj);
+static void virDomainXMLConfClassDispose(void *obj);
static int virDomainObjOnceInit(void)
{
@@ -750,7 +754,7 @@ static int virDomainObjOnceInit(void)
if (!(virDomainXMLConfClass = virClassNew(virClassForObject(),
virDomainXMLConf,
sizeof(virDomainXMLConf),
- NULL)))
+ virDomainXMLConfClassDispose)))
return -1;
return 0;
@@ -759,13 +763,24 @@ static int virDomainObjOnceInit(void)
VIR_ONCE_GLOBAL_INIT(virDomainObj)
+static void
+virDomainXMLConfClassDispose(void *obj)
+{
+virDomainXMLConfPtr xmlconf = obj;
+
+if (xmlconf-config.privFree)
+(xmlconf-config.privFree)(xmlconf-config.priv);
+}
+
+
/**
* virDomainXMLConfNew:
*
* Allocate a new domain XML configuration
*/
virDomainXMLConfPtr
-virDomainXMLConfNew(virDomainXMLPrivateDataCallbacksPtr priv,
+virDomainXMLConfNew(virDomainDefParserConfigPtr config,
+virDomainXMLPrivateDataCallbacksPtr priv,
virDomainXMLNamespacePtr xmlns)
{
virDomainXMLConfPtr xmlconf;
@@ -779,6 +794,9 @@ virDomainXMLConfNew(virDomainXMLPrivateDataCallbacksPtr
priv,
if (priv)
xmlconf-privateData = *priv;
+if (config)
+xmlconf-config = *config;
+
if (xmlns)
xmlconf-ns = *xmlns;
@@ -2469,6 +2487,73 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def,
}
+static int
+virDomainDeviceDefPostParse(virDomainXMLConfPtr xmlconf,
+virDomainDeviceDefPtr dev,
+virDomainDefPtr def,
+virCapsPtr caps)
+{
+int ret;
+
+if (xmlconf xmlconf-config.devicesConfigCallback) {
+ret = xmlconf-config.devicesConfigCallback(dev, def, caps,
+
[libvirt] [PATCHv4 2/9] qemu: Record the default NIC model in the domain XML
This patch implements the devices post parse cllback and uses it to fill
the default qemu network card model into the XML if none is specified.
Libvirt assumes that the network card model for qemu is the rtl8139.
Record this in the XML using the new callback to avoid user
confusion.
---
Notes:
Version 4:
- tweaked naming after previous changes
src/qemu/qemu_conf.c | 2 +-
src/qemu/qemu_domain.c | 26 ++
src/qemu/qemu_domain.h | 1 +
.../qemuxml2argv-net-bandwidth.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-net-client.args | 4 ++--
.../qemuxml2argv-net-eth-ifname.args | 4 ++--
.../qemuxml2argv-net-eth-ifname.xml| 1 +
.../qemuxml2argv-net-eth-names.args| 8 +++
tests/qemuxml2argvdata/qemuxml2argv-net-eth.args | 4 ++--
tests/qemuxml2argvdata/qemuxml2argv-net-eth.xml| 1 +
.../qemuxml2argvdata/qemuxml2argv-net-hostdev.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-net-mcast.args | 4 ++--
.../qemuxml2argv-net-openvswitch.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-net-server.args | 4 ++--
tests/qemuxml2argvdata/qemuxml2argv-net-user.args | 3 ++-
tests/qemuxml2argvdata/qemuxml2argv-net-user.xml | 1 +
.../qemuxml2argv-net-virtio-network-portgroup.xml | 2 ++
.../qemuxml2xmlout-graphics-spice-timeout.xml | 1 +
18 files changed, 53 insertions(+), 16 deletions(-)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index d67debd..128baf8 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -554,7 +554,7 @@ virQEMUDriverConfigPtr
virQEMUDriverGetConfig(virQEMUDriverPtr driver)
virDomainXMLConfPtr
virQEMUDriverCreateXMLConf(void)
{
-return virDomainXMLConfNew(NULL,
+return virDomainXMLConfNew(virQEMUDriverDomainDefParserConfig,
virQEMUDriverPrivateDataCallbacks,
virQEMUDriverDomainXMLNamespace);
}
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index c79b05d..51db3da 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -647,6 +647,7 @@ qemuDomainDefNamespaceFormatXML(virBufferPtr buf,
return 0;
}
+
static const char *
qemuDomainDefNamespaceHref(void)
{
@@ -662,6 +663,31 @@ virDomainXMLNamespace virQEMUDriverDomainXMLNamespace = {
};
+static int
+qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
+ virDomainDefPtr def ATTRIBUTE_UNUSED,
+ virCapsPtr caps ATTRIBUTE_UNUSED,
+ void *opaque ATTRIBUTE_UNUSED)
+{
+if (dev-type == VIR_DOMAIN_DEVICE_NET
+dev-data.net-type != VIR_DOMAIN_NET_TYPE_HOSTDEV) {
+if (!dev-data.net-model
+!(dev-data.net-model = strdup(rtl8139)))
+goto no_memory;
+}
+return 0;
+
+no_memory:
+virReportOOMError();
+return -1;
+}
+
+
+virDomainDefParserConfig virQEMUDriverDomainDefParserConfig = {
+.devicesConfigCallback = qemuDomainDeviceDefPostParse,
+};
+
+
static void
qemuDomainObjSaveJob(virQEMUDriverPtr driver, virDomainObjPtr obj)
{
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 26d5859..089ced0 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -342,5 +342,6 @@ void qemuDomainCleanupRun(virQEMUDriverPtr driver,
extern virDomainXMLPrivateDataCallbacks virQEMUDriverPrivateDataCallbacks;
extern virDomainXMLNamespace virQEMUDriverDomainXMLNamespace;
+extern virDomainDefParserConfig virQEMUDriverDomainDefParserConfig;
#endif /* __QEMU_DOMAIN_H__ */
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml
b/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml
index bf7dde5..885e854 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml
+++ b/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml
@@ -44,6 +44,7 @@
interface type='network'
mac address='52:54:00:24:a5:9f'/
source network='default'/
+ model type='rtl8139'/
bandwidth
inbound average='1000' peak='4000' burst='1024'/
outbound average='128' peak='256' burst='32768'/
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-net-client.args
b/tests/qemuxml2argvdata/qemuxml2argv-net-client.args
index 7974f2e..34fab0a 100644
--- a/tests/qemuxml2argvdata/qemuxml2argv-net-client.args
+++ b/tests/qemuxml2argvdata/qemuxml2argv-net-client.args
@@ -1,5 +1,5 @@
LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu -S -M \
pc -m 214 -smp 1 -nographic -monitor unix:/tmp/test-monitor,server,nowait \
-no-acpi -boot c -usb -hda /dev/HostVG/QEMUGuest1 -net nic,\
-macaddr=52:54:00:8c:b9:05,vlan=0 -net socket,connect=192.168.0.1:5558,vlan=0 \
--serial none -parallel none
+macaddr=52:54:00:8c:b9:05,vlan=0,model=rtl8139 -net socket,\
+connect=192.168.0.1:5558,vlan=0 -serial none -parallel none
diff --git
[libvirt] [PATCHv4 6/9] conf: Enforce ranges on cputune variables
The limits are documented at
http://libvirt.org/formatdomain.html#elementsCPUTuning . Enforce them
when going through XML parsing in addition to being enforced by the API.
---
Notes:
Version 4:
- changed error from VIR_ERR_XML_ERROR to VIR_ERR_CONFIG_UNSUPPORTED
Version 3:
- new in series
src/conf/domain_conf.c | 37 +
1 file changed, 37 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index fde88b2..5a59e3f 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -2499,6 +2499,43 @@ virDomainDefPostParseInternal(virDomainDefPtr def,
return -1;
}
+/* enforce range checks for cputune values */
+/* these are not represented in the XML schema, but are documented */
+if (def-cputune.period 0
+(def-cputune.period 1000 || def-cputune.period 100)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
+ _(Value of cputune period must be in range
+ [1000, 100]));
+return -1;
+}
+
+if (def-cputune.emulator_period 0
+(def-cputune.emulator_period 1000 ||
+ def-cputune.emulator_period 100)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
+ _(Value of cputune emulator_period must be in range
+ [1000, 100]));
+return -1;
+}
+
+if (def-cputune.quota 0
+(def-cputune.quota 1000 ||
+ def-cputune.quota 18446744073709551)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
+ _(Value of cputune quota must be in range
+ [1000, 18446744073709551]));
+return -1;
+}
+
+if (def-cputune.emulator_quota 0
+(def-cputune.emulator_quota 1000 ||
+ def-cputune.emulator_quota 18446744073709551)) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s,
+ _(Value of cputune emulator_quota must be in range
+ [1000, 18446744073709551]));
+return -1;
+}
+
return 0;
}
--
1.8.1.5
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] conftest segfault
On 03/15/2013 07:48 AM, Gene Czarcinski wrote: One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. Generally, this is not an issue. Autoconf tests INTENTIONALLY try to probe for broken systems, in order to work around brokenness, so a segfaulting conftest during ./configure just says that things are probing as expected. About the only thing that could be done to avoid a segfault during ./configure is fixing the underlying broken system that the probe was detecting in the first place, but that's more likely to be a glibc or kernel fix, not a libvirt fix. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/8] Simplify mutually exclusive argument handling in virsh
On 03/07/13 13:52, Peter Krempa wrote: This patchset introduces a new macro that allows simple checking for mutually exclusive arguments in virsh and uses it in many occasions in virs. Peter Krempa (8): virsh: Introduce macros to reject mutually exclusive arguments virsh-snapshot: Refactor virsh snapshot-list virsh-host: Refactor cmdFreecell virsh-domain: Fix flag name in error message to match the check virsh-snapshot: Refactor cmdSnapshotCurrent virsh-snapshot: Use the mutually exclusive params macro in cmdSnapshotEdit virsh-snapshot: Simplify cleanup path in cmdSnapshotEdit virsh-domain: Simplify usage of --current, --live and --config flags po/POTFILES.in | 1 + tools/virsh-domain.c | 262 + tools/virsh-host.c | 55 +-- tools/virsh-snapshot.c | 181 +- tools/virsh.h | 42 5 files changed, 248 insertions(+), 293 deletions(-) Ping? -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 09/13] qemu: support LUN numbers for iSCSI disks
Il 15/03/2013 15:40, Daniel P. Berrange ha scritto: Each iSCSI target can provide multiple logical units. Support this with an additional attribute in the source element. Hmm, this is kind of what the 'name' attribute is used for with RBD / Gluster. I tend to feel we should just use that rather than adding a new attribute. eg source name=IQN/LUN I think IQN and LUN are separate things, and best kept separate. For example, for each IQN you can only have (if you use -readconfig, which this series doesn't do) a single username/password/initiator-name triple. Note that the 'name' attribute is already used for the IQN. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 02/13] qemu: do not support non-network disks without -drive
Il 15/03/2013 15:43, Eric Blake ha scritto: On 03/15/2013 08:29 AM, Daniel P. Berrange wrote: On Mon, Feb 25, 2013 at 06:44:21PM +0100, Paolo Bonzini wrote: QEMU added -drive in 2007, and NBD in 2008. Both appeared first in release 0.10.0. Thus the code to support network disks without -drive is dead, and in fact it incorrectly escapes commas. Drop it. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c | 53 ++--- 1 file changed, 2 insertions(+), 51 deletions(-) ACK Pushed. Ok to push 3-10 and 14 too? Then I'll send the coding style adjustments that Osier requested (but Dan acked nevertheless) and 11-13 which need a bit more work. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 09/13] qemu: support LUN numbers for iSCSI disks
On Fri, Mar 15, 2013 at 04:53:19PM +0100, Paolo Bonzini wrote: Il 15/03/2013 15:40, Daniel P. Berrange ha scritto: Each iSCSI target can provide multiple logical units. Support this with an additional attribute in the source element. Hmm, this is kind of what the 'name' attribute is used for with RBD / Gluster. I tend to feel we should just use that rather than adding a new attribute. eg source name=IQN/LUN I think IQN and LUN are separate things, and best kept separate. For example, for each IQN you can only have (if you use -readconfig, which this series doesn't do) a single username/password/initiator-name triple. Note that the 'name' attribute is already used for the IQN. Yes, but that doesn't make it right. The 'name' attribute is intended to uniquely identify the exported volume on the server. Neither IQN or LUN alone can uniquely identify the volume, so the name attribute should use a combination of the two. This is the same scenario you have with RBD, where you have a 'pool' and 'volume', so the name attribute uses the pool/volume syntax for identifying the export. In retrospect this combined syntax may have been better split up into separate attributes, but that's what we have, so we should follow this existing practice for iSCSI too. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] conftest segfault
On 03/15/2013 10:17 AM, Michal Privoznik wrote: On 15.03.2013 14:56, Gene Czarcinski wrote: On 03/15/2013 09:48 AM, Gene Czarcinski wrote: One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. I went back and looked at my logs more closely. This started with libvirt-1.0.3-1. Gene Do you have a coredump? What does it say? In a word: no. See the attached excerpt from syslog which may explain why. I have explored a bit into the problem. 1. It occurs when ./autogen is run an will likely also occur when ./configure is run ... this is something internal to autogen. To eliminate the rpmbuild, I ran things from a git repository. 2. git checkout v1.0.2-maint does *not* have the problem. 3. git checkout v1.0.3-maint does have the problem 4. So does git checkout v1.0.3-rc1 One approach to identify this may be to do a binary search through the commits. Gene Mar 15 11:34:48 falcon kernel: [ 5503.372355] conftest[13761]: segfault at 18 ip 003f19e7be5b sp 7fffac7bdc80 error 4 in libc-2.16.so[3f19e0+1ad000] Mar 15 11:34:48 falcon abrtd: Directory 'ccpp-2013-03-15-11:34:48-13761' creation detected Mar 15 11:34:48 falcon abrt[13762]: Saved core dump of pid 13761 (/home/gc/devel/git-dev/libvirt/conftest) to /var/spool/abrt/ccpp-2013-03-15-11:34:48-13761 (393216 bytes) Mar 15 11:34:48 falcon abrtd: Executable '/home/gc/devel/git-dev/libvirt/conftest' doesn't belong to any package Mar 15 11:34:48 falcon abrtd: 'post-create' on '/var/spool/abrt/ccpp-2013-03-15-11:34:48-13761' exited with 1 Mar 15 11:34:48 falcon abrtd: Corrupted or bad directory '/var/spool/abrt/ccpp-2013-03-15-11:34:48-13761', deleting -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] conftest segfault
On 03/15/2013 11:38 AM, Eric Blake wrote: On 03/15/2013 07:48 AM, Gene Czarcinski wrote: One of the libvirt tests (conftest) has been segfaulting for some time with no indication of a test failure other than a message in syslog. I verified this by building libvirt-1.0.3-1 with mock. Generally, this is not an issue. Autoconf tests INTENTIONALLY try to probe for broken systems, in order to work around brokenness, so a segfaulting conftest during ./configure just says that things are probing as expected. About the only thing that could be done to avoid a segfault during ./configure is fixing the underlying broken system that the probe was detecting in the first place, but that's more likely to be a glibc or kernel fix, not a libvirt fix. Isn't it a bit strange that it is broken under v1.0.3-maint but not under v1.0.2-maint? The underlying system is the same. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 02/13] qemu: do not support non-network disks without -drive
On Fri, Mar 15, 2013 at 04:56:26PM +0100, Paolo Bonzini wrote: Il 15/03/2013 15:43, Eric Blake ha scritto: On 03/15/2013 08:29 AM, Daniel P. Berrange wrote: On Mon, Feb 25, 2013 at 06:44:21PM +0100, Paolo Bonzini wrote: QEMU added -drive in 2007, and NBD in 2008. Both appeared first in release 0.10.0. Thus the code to support network disks without -drive is dead, and in fact it incorrectly escapes commas. Drop it. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c | 53 ++--- 1 file changed, 2 insertions(+), 51 deletions(-) ACK Pushed. Ok to push 3-10 and 14 too? Then I'll send the coding style adjustments that Osier requested (but Dan acked nevertheless) and 11-13 which need a bit more work. Nope, not ok to push 7 or 8, given the way it represents IQN LUN as separate attributes. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 09/13] qemu: support LUN numbers for iSCSI disks
Il 15/03/2013 16:59, Daniel P. Berrange ha scritto: I think IQN and LUN are separate things, and best kept separate. For example, for each IQN you can only have (if you use -readconfig, which this series doesn't do) a single username/password/initiator-name triple. Note that the 'name' attribute is already used for the IQN. Yes, but that doesn't make it right. The 'name' attribute is intended to uniquely identify the exported volume on the server. Neither IQN or LUN alone can uniquely identify the volume, so the name attribute should use a combination of the two. This is the same scenario you have with RBD, where you have a 'pool' and 'volume', so the name attribute uses the pool/volume syntax for identifying the export. In retrospect this combined syntax may have been better split up into separate attributes, but that's what we have, so we should follow this existing practice for iSCSI too. Ok, that's what I missed. It should just work in fact, and I'm explicitly forbidding slashes in patch 8/13; I just need to drop that test. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv3] audit: Audit resources used by VirtIO RNG
On Wednesday, March 13, 2013 10:46:24 AM Peter Krempa wrote: This patch adds auditing of resources used by Virtio RNG devices. Only resources on the local filesystems are audited. Further testing revealed that I needed to make a some updates to the audit package to support this. The auvirt program didn't recognize the event and because the old/new values are escaped, it needed to be added to the lookup tables to identify it as such. In the process of looking at this event, I found out that cgroup resource assignments of class = path are not escaping the path like it should. Opening a bz on that shortly. Thanks for showing me the event. -Steve -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/7] Re-arrange code setting up ifs/disk loop devices for LXC
From: Daniel P. Berrange berra...@redhat.com
The current code for setting up loop devices to LXC disks first
does a switch() based on the disk format, then looks at the
disk driver name. Reverse this so it first looks at the driver
name, and then the disk format. This is more useful since the
list of supported disk formats depends on what driver is used.
The code for setting loop devices for LXC fs entries also needs
to have the same logic added, now the XML schema supports this.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
src/lxc/lxc_controller.c | 76 +++-
1 file changed, 43 insertions(+), 33 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 1508b9c..8f3ca6a 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -415,17 +415,31 @@ static int
virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
if (fs-type != VIR_DOMAIN_FS_TYPE_FILE)
continue;
-fd = virLXCControllerSetupLoopDeviceFS(fs);
-if (fd 0)
-goto cleanup;
+if (fs-fsdriver == VIR_DOMAIN_FS_DRIVER_TYPE_LOOP) {
+if (fs-format != VIR_STORAGE_FILE_RAW
+fs-format != VIR_STORAGE_FILE_NONE) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _(fs format %s is not supported),
+ virStorageFileFormatTypeToString(fs-format));
+goto cleanup;
+}
-VIR_DEBUG(Saving loop fd %d, fd);
-if (VIR_EXPAND_N(ctrl-loopDevFds, ctrl-nloopDevs, 1) 0) {
-VIR_FORCE_CLOSE(fd);
-virReportOOMError();
-goto cleanup;
+fd = virLXCControllerSetupLoopDeviceFS(fs);
+if (fd 0)
+goto cleanup;
+
+VIR_DEBUG(Saving loop fd %d, fd);
+if (VIR_EXPAND_N(ctrl-loopDevFds, ctrl-nloopDevs, 1) 0) {
+VIR_FORCE_CLOSE(fd);
+virReportOOMError();
+goto cleanup;
+}
+ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
+} else {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _(fs driver %s is not supported),
+ virDomainFSDriverTypeTypeToString(fs-fsdriver));
}
-ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
}
for (i = 0 ; i ctrl-def-ndisks ; i++) {
@@ -435,40 +449,36 @@ static int
virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
if (disk-type != VIR_DOMAIN_DISK_TYPE_FILE)
continue;
-switch (disk-format) {
-/* We treat 'none' as meaning 'raw' since we
- * don't want to go into the auto-probing
- * business for security reasons
- */
-case VIR_STORAGE_FILE_RAW:
-case VIR_STORAGE_FILE_NONE:
-if (disk-driverName
-STRNEQ(disk-driverName, loop)) {
+if (!disk-driverName ||
+STREQ(disk-driverName, loop)) {
+if (disk-format != VIR_STORAGE_FILE_RAW
+disk-format != VIR_STORAGE_FILE_NONE) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _(disk driver %s is not supported),
- disk-driverName);
+ _(disk format %s is not supported),
+ virStorageFileFormatTypeToString(disk-format));
goto cleanup;
}
+/* We treat 'none' as meaning 'raw' since we
+ * don't want to go into the auto-probing
+ * business for security reasons
+ */
fd = virLXCControllerSetupLoopDeviceDisk(disk);
if (fd 0)
goto cleanup;
-break;
-default:
+VIR_DEBUG(Saving loop fd %d, fd);
+if (VIR_EXPAND_N(ctrl-loopDevFds, ctrl-nloopDevs, 1) 0) {
+VIR_FORCE_CLOSE(fd);
+virReportOOMError();
+goto cleanup;
+}
+ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
+} else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _(disk format %s is not supported),
- virStorageFileFormatTypeToString(disk-format));
-goto cleanup;
-}
-
-VIR_DEBUG(Saving loop fd %d, fd);
-if (VIR_EXPAND_N(ctrl-loopDevFds, ctrl-nloopDevs, 1) 0) {
-VIR_FORCE_CLOSE(fd);
-virReportOOMError();
-goto cleanup;
+ _(disk driver %s is not supported),
+ disk-driverName);
}
-ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
}
VIR_DEBUG(Setup all loop devices);
--
1.7.11.7
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/7] Setup LXC cgroups in two phases
From: Daniel P. Berrange berra...@redhat.com
Currently the LXC controller creates the cgroup, configures the
resources and adds the task all in one go. This is not sufficiently
flexible for the forthcoming NBD integration. We need to make sure
the NBD process gets into the right cgroup immediately, but we can
not have limits (in particular the device ACL) applied at the point
where we start qemu-nbd. So create a virLXCCgroupCreate method
which creates the cgroup and adds the current ask to be called
early, and leave virLXCCgroupSetup to only do resource config.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
src/lxc/lxc_cgroup.c | 39 +++
src/lxc/lxc_cgroup.h | 4 +++-
src/lxc/lxc_controller.c | 12 +---
3 files changed, 39 insertions(+), 16 deletions(-)
diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index a075335..fa47229 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -472,7 +472,7 @@ cleanup:
}
-int virLXCCgroupSetup(virDomainDefPtr def)
+virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def)
{
virCgroupPtr driver = NULL;
virCgroupPtr cgroup = NULL;
@@ -494,6 +494,32 @@ int virLXCCgroupSetup(virDomainDefPtr def)
goto cleanup;
}
+rc = virCgroupAddTask(cgroup, getpid());
+if (rc != 0) {
+virReportSystemError(-rc,
+ _(Unable to add task %d to cgroup for domain
%s),
+ getpid(), def-name);
+goto cleanup;
+}
+
+ret = 0;
+
+cleanup:
+virCgroupFree(driver);
+if (ret 0) {
+virCgroupFree(cgroup);
+return NULL;
+}
+
+return cgroup;
+}
+
+
+int virLXCCgroupSetup(virDomainDefPtr def,
+ virCgroupPtr cgroup)
+{
+int ret = -1;
+
if (virLXCCgroupSetupCpuTune(def, cgroup) 0)
goto cleanup;
@@ -506,19 +532,8 @@ int virLXCCgroupSetup(virDomainDefPtr def)
if (virLXCCgroupSetupDeviceACL(def, cgroup) 0)
goto cleanup;
-rc = virCgroupAddTask(cgroup, getpid());
-if (rc != 0) {
-virReportSystemError(-rc,
- _(Unable to add task %d to cgroup for domain
%s),
- getpid(), def-name);
-goto cleanup;
-}
-
ret = 0;
cleanup:
-virCgroupFree(cgroup);
-virCgroupFree(driver);
-
return ret;
}
diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h
index fff554b..18f54e6 100644
--- a/src/lxc/lxc_cgroup.h
+++ b/src/lxc/lxc_cgroup.h
@@ -26,7 +26,9 @@
# include lxc_fuse.h
# include virusb.h
-int virLXCCgroupSetup(virDomainDefPtr def);
+virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def);
+int virLXCCgroupSetup(virDomainDefPtr def,
+ virCgroupPtr cgroup);
int virLXCCgroupGetMeminfo(virLXCMeminfoPtr meminfo);
int
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index becf811..1508b9c 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -628,7 +628,8 @@ static int
virLXCControllerSetupCpuAffinity(virLXCControllerPtr ctrl)
*
* Returns 0 on success or -1 in case of error
*/
-static int virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl)
+static int virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl,
+ virCgroupPtr cgroup)
{
if (virLXCControllerSetupCpuAffinity(ctrl) 0)
@@ -637,7 +638,7 @@ static int
virLXCControllerSetupResourceLimits(virLXCControllerPtr ctrl)
if (virLXCControllerSetupNUMAPolicy(ctrl) 0)
return -1;
-return virLXCCgroupSetup(ctrl-def);
+return virLXCCgroupSetup(ctrl-def, cgroup);
}
@@ -1473,6 +1474,7 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
int containerhandshake[2] = { -1, -1 };
char **containerTTYPaths = NULL;
size_t i;
+virCgroupPtr cgroup = NULL;
if (VIR_ALLOC_N(containerTTYPaths, ctrl-nconsoles) 0) {
virReportOOMError();
@@ -1494,10 +1496,13 @@ virLXCControllerRun(virLXCControllerPtr ctrl)
if (virLXCControllerSetupPrivateNS() 0)
goto cleanup;
+if (!(cgroup = virLXCCgroupCreate(ctrl-def)))
+goto cleanup;
+
if (virLXCControllerSetupLoopDevices(ctrl) 0)
goto cleanup;
-if (virLXCControllerSetupResourceLimits(ctrl) 0)
+if (virLXCControllerSetupResourceLimits(ctrl, cgroup) 0)
goto cleanup;
if (virLXCControllerSetupDevPTS(ctrl) 0)
@@ -1570,6 +1575,7 @@ cleanup:
VIR_FREE(containerTTYPaths[i]);
VIR_FREE(containerTTYPaths);
+virCgroupFree(cgroup);
virLXCControllerStopInit(ctrl);
return rc;
--
1.7.11.7
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/7] Support NBD volumes with LXC containers
This series adds support for using non-raw disks with LXC containers by leverging NBD + qemu-nbd as an alternative to the loopback device. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 6/7] Support NBD backed disks/filesystems in LXC driver
From: Daniel P. Berrange berra...@redhat.com
The LXC driver can already configure disk or filesystem
devices to use the loop device. This extends it to also allow
for use of the NBD device, to support non-raw formats.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
src/lxc/lxc_controller.c | 64 ++--
1 file changed, 62 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 8f3ca6a..c433fb1 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -403,6 +403,46 @@ static int
virLXCControllerSetupLoopDeviceDisk(virDomainDiskDefPtr disk)
}
+static int virLXCControllerSetupNBDDeviceFS(virDomainFSDefPtr fs)
+{
+char *dev;
+
+if (virFileNBDDeviceAssociate(fs-src, dev,
+ !!fs-readonly) 0)
+return -1;
+
+/*
+ * We now change it into a block device type, so that
+ * the rest of container setup 'just works'
+ */
+fs-type = VIR_DOMAIN_DISK_TYPE_BLOCK;
+VIR_FREE(fs-src);
+fs-src = dev;
+
+return 0;
+}
+
+
+static int virLXCControllerSetupNBDDeviceDisk(virDomainDiskDefPtr disk)
+{
+char *dev;
+
+if (virFileNBDDeviceAssociate(disk-src, dev,
+ !!disk-readonly) 0)
+return -1;
+
+/*
+ * We now change it into a block device type, so that
+ * the rest of container setup 'just works'
+ */
+disk-type = VIR_DOMAIN_DISK_TYPE_BLOCK;
+VIR_FREE(disk-src);
+disk-src = dev;
+
+return 0;
+}
+
+
static int virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
{
size_t i;
@@ -435,6 +475,9 @@ static int
virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
goto cleanup;
}
ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
+} else if (fs-fsdriver == VIR_DOMAIN_FS_DRIVER_TYPE_NBD) {
+if (virLXCControllerSetupNBDDeviceFS(fs) 0)
+goto cleanup;
} else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_(fs driver %s is not supported),
@@ -449,8 +492,14 @@ static int
virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
if (disk-type != VIR_DOMAIN_DISK_TYPE_FILE)
continue;
-if (!disk-driverName ||
-STREQ(disk-driverName, loop)) {
+/* If no driverName is set, we prefer 'loop' for
+ * dealing with raw or undefined formats. Only
+ * default to 'nbd' for non-raw formats.
+ */
+if ((disk-driverName STREQ(disk-driverName, loop)) ||
+(!disk-driverName
+ (disk-format == VIR_STORAGE_FILE_RAW ||
+ disk-format == VIR_STORAGE_FILE_NONE))) {
if (disk-format != VIR_STORAGE_FILE_RAW
disk-format != VIR_STORAGE_FILE_NONE) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
@@ -474,6 +523,17 @@ static int
virLXCControllerSetupLoopDevices(virLXCControllerPtr ctrl)
goto cleanup;
}
ctrl-loopDevFds[ctrl-nloopDevs - 1] = fd;
+} else if (!disk-driverName ||
+ STREQ(disk-driverName, nbd)) {
+if (disk-cachemode != VIR_DOMAIN_DISK_CACHE_DEFAULT
+disk-cachemode != VIR_DOMAIN_DISK_CACHE_DISABLE) {
+virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _(Disk cache mode %s is not supported),
+
virDomainDiskCacheTypeToString(disk-cachemode));
+goto cleanup;
+}
+if (virLXCControllerSetupNBDDeviceDisk(disk) 0)
+goto cleanup;
} else {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_(disk driver %s is not supported),
--
1.7.11.7
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/7] Add support for storage format in FS driver
From: Daniel P. Berrange berra...@redhat.com Extend the driver element in filesystem devices to allow a storage format to be set. The new attribute uses 'format' to reflect the storage format. This is different from the driver element in disk devices which use 'type' to reflect the storage format. THis is because the 'type' attribute on filesystem devices is already used for the driver backend, for which the disk devices use the 'name' attribte. Arh. Anyway for disks we have driver name=qemu type=raw/ And for filesystems this change means we now have driver type=loop format=raw/ Signed-off-by: Daniel P. Berrange berra...@redhat.com --- docs/formatdomain.html.in | 24 ++ docs/schemas/domaincommon.rng | 73 ++- src/conf/domain_conf.c| 25 --- src/conf/domain_conf.h| 6 ++-- src/qemu/qemu_command.c | 3 +- 5 files changed, 102 insertions(+), 29 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 1ef80b0..c0a65a5 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -1811,6 +1811,13 @@ lt;target dir='/import/from/host'/gt; lt;readonly/gt; lt;/filesystemgt; +lt;filesystem type='file' accessmode='passthrough'gt; + lt;driver name='loop' type='raw'/gt; + lt;driver type='path' wrpolicy='immediate'/gt; + lt;source file='/export/to/guest.img'/gt; + lt;target dir='/import/from/host'/gt; + lt;readonly/gt; +lt;/filesystemgt; ... lt;/devicesgt; .../pre @@ -1902,6 +1909,23 @@ /dd + dtcodedriver/code/dt + dd +The optional driver element allows specifying further details +related to the hypervisor driver used to provide the filesystem. +span class=sinceSince 1.0.4/span +ul + li +If the hypervisor supports multiple backend drivers, then +the codetype/code attribute selects the primary +backend driver name, while the codeformat/code +attribute provides the format type. For example, LXC +supports a type of loop, with a format of raw. QEMU +supports a type of path or handle, but no formats. + /li +/ul + /dd + dtcodesource/code/dt dd The resource on the host that is being accessed in the guest. The diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index 9792065..a75c515 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -853,7 +853,7 @@ define name=diskspec interleave optional -ref name=driver/ +ref name=diskDriver/ /optional optional ref name='diskMirror'/ @@ -1205,7 +1205,7 @@ !-- Disk may use a special driver for access. -- - define name=driver + define name=diskDriver element name=driver choice group @@ -1249,13 +1249,13 @@ optional attribute name='type' choice - ref name='diskFormat'/ + ref name='storageFormat'/ valueaio/value !-- back-compat for 'raw' -- /choice /attribute /optional /define - define name='diskFormat' + define name='storageFormat' choice valueraw/value valuedir/value @@ -1414,6 +1414,9 @@ attribute name=type valuefile/value /attribute + optional +ref name=diskDriver/ + /optional interleave element name=source attribute name=file @@ -1427,6 +1430,9 @@ attribute name=type valueblock/value /attribute + optional +ref name=diskDriver/ + /optional interleave element name=source attribute name=dev @@ -1443,6 +1449,9 @@ valuemount/value /attribute /optional + optional +ref name=diskDriver/ + /optional interleave element name=source attribute name=dir @@ -1450,22 +1459,6 @@ /attribute empty/ /element -optional - element name=driver -attribute name=type - choice -valuepath/value -valuehandle/value - /choice -/attribute -optional - attribute name=wrpolicy -valueimmediate/value - /attribute -/optional -empty/ - /element -/optional /interleave /group group @@ -1474,6 +1467,9 @@ valuebind/value /attribute /optional + optional +ref name=diskDriver/ + /optional interleave
