Re: [libvirt] doc: write separate module for hostdev passthrough and in-use tracking
2013/3/22 Osier Yang jy...@redhat.com: On 2013年03月22日 17:36, Chunyan Liu wrote: Hi, List, As the mail I've sent a week before: https://www.redhat.com/archives/libvir-list/2013-March/msg00730.html I'm willing to push this work forward so that the passthrough APIs could be reused by qemu driver and libxl driver (which doesn't support pci passthrough yet and tries to add this function recently), or other drivers. But since this work affacts a lot, I'm not sure if I can control it in a correct way. I write a draft to describe what I'm considering how to do, as in the following and in attachment. Hope to get your review, comment and guidence to improve the work before start coding. Any feedback will be very appreciated! Thanks! Chunyan DRAFT: Write separate module for hostdev passthrough Cool. we lacked this for a time. 1. Purposes: * Move hostdev passthrough APIs from qemu_hostdev.ch to separate module so that they could be reused by other hypervisors too * Maintain global in-use state of hostdevs This is more important than the code-reuse. 2. Module design (draft): * New module name: hostdev_driver * New module files: hostdev_driver.ch hostdev_conf.ch * New Definitions: ## [src/driver.h] typedef struct _virHostdevDriver virHostdevDriver; typedef virHostdevDriver *virHostdevDriverPtr; struct _virHosedevDriver { const char *name; virDrvOpen open; virDrvClose close; virDrvPrepareHostdevsprepareHostdevs; virDrvPreparePciHostdevspreparePciHostdevs; virDrvprepareUsbHostdevsprepareUsbHostdevs; In case of you want to expose prepareHostdevs, no need to expose preparePciHostdevs and prepareUsbHostdevs? Thanks very much for your comments. Exposing these two APIs is considering that some driver may supports one but not another, so that it could call specific API. But we can use support flag in prepareHostdevs to control that, in this way not need these two APIs. virDrvReattachHostdevsreattachHostdevs; virDrvReattachPciHostdevsreattachPciHostdevs; virDrvReattachUsbHostdevs reattachUsbHostdevs; Likewise. virDrvGetActivePciHostdevList getActivePciHostdevList; virDrvGetActiveUsbHostdevList getActiveUsbHostdevList; virDrvGetDomainActivePciHostdevList getDomainActivePciHostdevList; virDrvGetDomainActiveUsbHostdevList getDomainActiveUsbHostdevList; These APIs are useful for upper layer management too. I have once wanted to create similiar APIs, but only tended for qemu driver at that time. But except these 4 get APIs, others are only useful for other drivers (internally), useless for upper layer management. That's true. Do we really want a driver instead of just an internal share module? Like src/nodeinfo.[ch], and with it we still can expose APIs like the 4 get APIs. Do you mean add src/hostdev.[ch] and do all work there? Think a while, I think it can achieve too. Then do we need to differentiate 4 get APIs and other APIs? }; ## [src/hostdev/hostdev_conf.h] typedef struct _virHostdevDriverState virHostdevDriverState; typedef virHostdevDriverState *virHostdevDriverStatePtr; struct _virHostdevDriverState { virMutex lock; virPCIDeviceListPtr activePciHostdevs; virPCIDeviceListPtr inactivePciHostdevs; virUSBDeviceListPtr activeUsbHostdevs; }; ## [src/hostdev/hostdev_driver.c] static virHostdevDriver hostdevDriver = { .name = hostdev, .open = hostdevDriverOpen, .close = hostdevDriverClose, .prepareHostdevs = virPrepareHostdevs, .preparePciHostdevs = virPreparePciHostdevs, .prepareUsbHostdevs = virPrepareUsbHostdevs .reattachHostdevs = virReattachHostdevs, .reattachPciHostdevs = virReattachPciHostdevs, .reattachUsbHostdevs = virReattachUsbHostdevs, .getActivePciHostdevList = virGetActivePciHostdevList, .getActiveUsbHostdevList = virGetActiveUsbHostdevList, .getDomainActivePciHostdevList = virGetDomainActivePciHostdevList, .getDomainActiveUsbHostdevList = virGetDomainActiveUsbHostdevList, }; static virStateDriver hostdevStateDriver = { .name = hostdev, .initialize = hostdevDriverStartup, .cleanup = hostdevDriverCleanup, .reload = hostdevDriverReload, }; * Changed Definitions: struct _virPCIDevice { .. --- const char*used_by; /*
[libvirt] [PATCH] python: set default value to optional arguments
When prefixing with string (optional) or optional in the description of arguments to libvirt C APIs, in python, these arguments will be set as optional arugments, for example: * virDomainSaveFlags: * @domain: a domain object * @to: path for the output file * @dxml: (optional) XML config for adjusting guest xml used on restore * @flags: bitwise-OR of virDomainSaveRestoreFlags the corresponding python APIs is restoreFlags(self, frm, dxml=None, flags=0) The following python APIs are changed to: blockCommit(self, disk, base, top, bandwidth=0, flags=0) blockPull(self, disk, bandwidth=0, flags=0) blockRebase(self, disk, base, bandwidth=0, flags=0) migrate(self, dconn, flags=0, dname=None, uri=None, bandwidth=0) migrate2(self, dconn, dxml=None, flags=0, dname=None, uri=None, bandwidth=0) migrateToURI(self, duri, flags=0, dname=None, bandwidth=0) migrateToURI2(self, dconnuri=None, miguri=None, dxml=None, flags=0, \ dname=None, bandwidth=0) saveFlags(self, to, dxml=None, flags=0) migrate(self, domain, flags=0, dname=None, uri=None, bandwidth=0) migrate2(self, domain, dxml=None, flags=0, dname=None, uri=None, bandwidth=0) restoreFlags(self, frm, dxml=None, flags=0) --- python/generator.py | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/python/generator.py b/python/generator.py index 0237374..7586ffc 100755 --- a/python/generator.py +++ b/python/generator.py @@ -1005,6 +1005,8 @@ functions_int_default_test = %s == -1 def is_integral_type (name): return not re.search (^(unsigned)? ?(int|long)$, name) is None +def is_optional_arg(info): +return not re.search(^\(?\optional\)?, info) is None # Functions returning lists which need special rules to check for errors # and raise exceptions. functions_list_exception_test = { @@ -1488,9 +1490,12 @@ def buildWrappers(module): for arg in args: if n != index: classes.write(, %s % arg[0]) +if arg[0] == flags or is_optional_arg(arg[2]): +if is_integral_type(arg[1]): + classes.write(=0) +else: + classes.write(=None) n = n + 1 -if arg[0] == flags: -classes.write(=0) classes.write():\n) writeDoc(module, name, args, '', classes) n = 0 -- 1.7.11.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-sandbox][PATCH] Docs: update network options configuration
Signed-off-by: Alex Jia a...@redhat.com --- bin/virt-sandbox-service-create.pod |7 ++- bin/virt-sandbox.c |7 ++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/bin/virt-sandbox-service-create.pod b/bin/virt-sandbox-service-create.pod index 84cbf0a..1f82e1d 100644 --- a/bin/virt-sandbox-service-create.pod +++ b/bin/virt-sandbox-service-create.pod @@ -56,7 +56,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 0396d9e..88c4333 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -335,7 +335,12 @@ key=val pairs, separated by commas. The following options are valid =item dhcp Configure the network interface using dhcp. This key takes no value. -No other keys may be specified. +No other keys may be specified. eg + + -N dhcp,source=default + --network dhcp,source=lan + +where 'source' is the name of any libvirt virtual network. =item source=NETWORK -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] log: Separate thread ID from timestemp in ring buffer
When we write a log message into a log, we separate thread ID from timestamp using : . However, when storing the message into the ring buffer, we omitted the separator, e.g.: 2013-02-27 11:49:11.852+3745: ... --- src/util/virlog.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/util/virlog.c b/src/util/virlog.c index 957d993..721c9bd 100644 --- a/src/util/virlog.c +++ b/src/util/virlog.c @@ -850,6 +850,7 @@ virLogVMessage(virLogSource source, */ virLogLock(); virLogStr(timestamp); +virLogStr(: ); virLogStr(msg); virLogUnlock(); if (emit == 0) -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] log: Separate thread ID from timestemp in ring buffer
On 03/25/13 11:43, Jiri Denemark wrote: When we write a log message into a log, we separate thread ID from timestamp using : . However, when storing the message into the ring buffer, we omitted the separator, e.g.: 2013-02-27 11:49:11.852+3745: ... --- src/util/virlog.c | 1 + 1 file changed, 1 insertion(+) ACK. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] qemu: Don't set address type too early during virtio disk hotplug
On Fri, Mar 22, 2013 at 06:52:46PM +0100, Guido Günther wrote: f946462e14ac036357b7c11ce5c23f94a3ee4e49 changed behavior by settings VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI upfront. If we do so before invoking qemuDomainPCIAddressEnsureAddr we merely try to set the PCI slot via qemuDomainPCIAddressReserveSlot instead reserving a new address via qemuDomainPCIAddressSetNextAddr which fails with $ ~/run-tck-test domain/200-disk-hotplug.t ./scripts/domain/200-disk-hotplug.t .. # Creating a new transient domain ./scripts/domain/200-disk-hotplug.t .. 1/5 # Attaching the new disk /var/lib/jenkins/jobs/libvirt-tck-build/workspace/scratchdir/200-disk-hotplug/extra.img # Failed test 'disk has been attached' # at ./scripts/domain/200-disk-hotplug.t line 67. # died: Sys::Virt::Error (libvirt error code: 1, message: internal error unable to reserve PCI address 0:0:0.0 # ) --- v2 merely fixes a typo in $subject. Ping? I'm sorry for being that impatient but I'd really love to see the TCK tests switch back to green (at least for a while). Cheers, -- Guido -- Guido src/qemu/qemu_hotplug.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index de9edd4..b978b97 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -226,7 +226,6 @@ int qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, disk-info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_CCW; else if (virQEMUCapsGet(priv-qemuCaps, QEMU_CAPS_VIRTIO_S390)) disk-info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_VIRTIO_S390; -else disk-info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI; } for (i = 0 ; i vm-def-ndisks ; i++) { @@ -253,7 +252,8 @@ int qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, if (qemuDomainCCWAddressAssign(disk-info, priv-ccwaddrs, !disk-info.addr.ccw.assigned) 0) goto error; -} else if (disk-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { +} else if (!disk-info.type || +disk-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { if (qemuDomainPCIAddressEnsureAddr(priv-pciaddrs, disk-info) 0) goto error; } @@ -291,14 +291,17 @@ int qemuDomainAttachVirtioDiskDevice(virConnectPtr conn, } } } -} else if (disk-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI){ +} else if (!disk-info.type || +disk-info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI) { virDevicePCIAddress guestAddr = disk-info.addr.pci; ret = qemuMonitorAddPCIDisk(priv-mon, disk-src, type, guestAddr); -if (ret == 0) +if (ret == 0) { +disk-info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_PCI; memcpy(disk-info.addr.pci, guestAddr, sizeof(guestAddr)); +} } qemuDomainObjExitMonitor(driver, vm); -- 1.7.10.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] lxc: Prevent shutting down the host
On 03/23/2013 09:25 PM, Doug Goldstein wrote: On Sat, Mar 23, 2013 at 5:21 AM, Martin Kletzander mklet...@redhat.com wrote: On 03/22/2013 06:17 PM, Daniel P. Berrange wrote: On Thu, Mar 21, 2013 at 04:10:45PM +0100, Martin Kletzander wrote: When the container has the same '/dev' mount as host (no chroot), calling domainShutdown(WithFlags) shouldn't shutdown the host it is running on. Signed-off-by: Martin Kletzander mklet...@redhat.com --- This is also valid for 1.0.[23]-maint branches, so in case this gets ACK'd I'll either send a follow-up for those or push it there as well (if the ACK says so). src/lxc/lxc_driver.c | 45 - 1 file changed, 28 insertions(+), 17 deletions(-) ACK, Thanks, I pushed it to master, how do you (or anyone else) feel about the maintenance branches with this patch? You are welcome to push them into both but the rule of thumb is really that once a new release goes out the prior one gets no more love, unless someone steps up that it will be a stable series. The idea behind the maint branches is really to upstream what the downstreams do. e.g. We shipped broken Python bindings in 1.0.2 and every downstream that packaged 1.0.2 would have to carry a patch. But how do they find out they need to carry that patch if they don't follow the developer mailing list closely. I wasn't sure, but since this is not such a huge deal, I will keep it as is. Thanks for the info, now I know for next time ;) Have a nice day, Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 0/4]Add startupPolicy attribute support for hard disks
On 03/19/2013 09:55 PM, Guannan Ren wrote: v1 to v2: added relax schema for disk of block and dir type removed original patch 3/5. The set of patches is trying to add 'startupPolicy' attribute support to the source element of hard disks. Policy levels are using the mandatory, requisite, optional levels as originally documented. For the 'optional' policy, there is a little difference from CDROM and Floppy which only drop its source path, for disks, if missing, the checking function will drop their definitions, because qemu doesn't allow missing source path for hard disk. If guest is using per-device boot element for its devices, after dropping one or more bootable device, the boot order will not be contiguous, the way here I use is to reorder them to make them contiguous. In this way, I introduce two new bit-operating functions virBitmapNextLastSetBit: Search for the last set bit before certain position. virBitmapNextLastClearBit: Search for the last clear bit before certain position. Guannan Ren [PATCH v2 1/4] conf: add startupPolicy attribute for harddisk [PATCH v2 2/4] util: add two functions to find last set or unset bit in bitmap [PATCH v2 3/4] qemu: drop disk definition if missing and reorder per-device boot sequence [PATCH v2 4/4] event: add hard disk dropping event reason enum docs/formatdomain.html.in | 9 ++--- docs/schemas/domaincommon.rng | 6 ++ include/libvirt/libvirt.h.in | 1 + src/conf/domain_conf.c| 21 +++-- src/conf/domain_conf.h| 1 + src/libvirt_private.syms | 2 ++ src/qemu/qemu_domain.c| 106 +++--- src/util/virbitmap.c | 96 src/util/virbitmap.h | 6 ++ tests/virbitmaptest.c | 51 ++- 10 files changed, 278 insertions(+), 21 deletions(-) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list Does Anybody want to review this? Guannan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] make: obey WITH_TESTS; do not run test suite when --enable-test-suite=no
On 03/24/2013 04:54 PM, TJ wrote: make: obey WITH_TESTS; do not run test suite when --enable-test-suite=no Even when --enable-test-suite=no a build would run the test suite. Fix the Makefile so that tests are conditional on WITH_TESTS. Signed-off-by: TJ libv...@iam.tj --- Makefile.am | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am index 5b1e27e..3b5e7a2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -7,10 +7,14 @@ LCOV = lcov GENHTML = genhtml SUBDIRS = gnulib/lib include src daemon tools docs gnulib/tests \ - python tests po examples/domain-events/events-c examples/hellolibvirt \ + python po examples/domain-events/events-c examples/hellolibvirt \ examples/dominfo examples/domsuspend examples/python examples/apparmor \ examples/xml/nwfilter examples/openauth examples/systemtap +if WITH_TESTS +SUBDIRS += tests +endif NACK. This completely skips the test directory if tests are disabled. Our intention is that the test directory is always visited, so that a plain 'make' will build the tests and catch compile errors, if tests are enabled; and so that 'make check' will always run the tests even if tests are disabled. The point of enabling tests is more precisely whether tests are enabled to be built during plain 'make' (useful to developers) or only during 'make check' (useful to casual self-builds). This is the relevant section of tests/Makefile.am that encodes our intentions: if WITH_TESTS noinst_PROGRAMS = $(test_programs) $(test_helpers) noinst_LTLIBRARIES = $(test_libraries) else check_PROGRAMS = $(test_programs) $(test_helpers) check_LTLIBRARIES = $(test_libraries) endif -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virsh: Fix docs for virsh setmaxmem
On 03/22/13 22:01, Eric Blake wrote: On 03/22/2013 04:08 AM, Peter Krempa wrote: The docs assumed the command works always for QEMU and other hypervisors. Unfortunately until qemu will add memory hotplug this can't be done. Fix the docs to mention this limitation. The setmaxmem command controls balloon size, not memory hotplug. If qemu adds memory hotplug, we STILL have to pre-declare a maximum memory size when qemu first boots, and at runtime, you can only change the current memory. And if we do add qemu memory hotplug support (and not just memory ballooning), I'm not sure if it would make sense to reuse the setmaxmem command (probably with a new flag) or add a new command. I agree, the commit message was a bit misleading. The question of memory hotplug will have to remain open until qemu will actually support it. I removed the note about hotplug from the commit message. --- tools/virsh.pod | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -This command works for at least the Xen, QEMU/KVM and vSphere/ESX hypervisors. +Some hypervisors such as QEMU/KVM don't support live changes (especially +increasing) of the maximum memory limit. I don't know of any hypervisor that supports changing the maximum limit on a live domain - the maximum is pinned when the hypervisor starts, and can only be changed for the next boot. At any rate, while this wording might not be the best possible, it is certainly an improvement, so: Well yes. I thought about it a bit more, the wording isn't ideal but definitely better than it was before, so ... ACK. I pushed this patch. Thanks. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Entering freeze for libvirt-1.0.4
Based on the discussions from last week, we are entering freeze now, I tagged v1.0.4-rc1 in git and pushed libvirt-1.0.4-rc1.tar.gz as well as rpms for F17 at the usual place: ftp://libvirt.org/libvirt/ This looks functional for my limited testing, but give it a try. Hopefully since 1.0.3 wasn't too long ago we should be mostly okay :) And of course a release on April Fool sounds like a good target ! Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veill...@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/5] util: allow using virCommandAllowCap with setuid helpers
When running unprivileged, virSetUIDGIDWithCaps will fail because it tries to add the requested capabilities to the permitted and effective sets. Detect this case, and invoke the child with cleared permitted and effective sets. If it is a setuid program, it will get them. Some care is needed also because you cannot drop capabilities from the bounding set without CAP_SETPCAP. Because of that, ignore errors from setting the bounding set. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/util/virutil.c | 18 +++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/src/util/virutil.c b/src/util/virutil.c index 36e6cee..8104e89 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -3052,9 +3052,21 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits, /* Change to the temp capabilities */ if ((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) 0) { -virReportError(VIR_ERR_INTERNAL_ERROR, - _(cannot apply process capabilities %d), capng_ret); -goto cleanup; +/* Failed. If we are running unprivileged, and the arguments make sense + * for this scenario, assume we're starting some kind of setuid helper: + * do not set any of capBits in the permitted or effective sets, and let + * the program get them on its own. + * + * (Too bad we cannot restrict the bounding set to the capabilities we + * would like the helper to have!). + */ +if (getuid() 0 clearExistingCaps !need_setuid !need_setgid) { +capng_clear(CAPNG_SELECT_CAPS); +} else { +virReportError(VIR_ERR_INTERNAL_ERROR, + _(cannot apply process capabilities %d), capng_ret); +goto cleanup; +} } if (virSetUIDGID(uid, gid) 0) -- 1.8.1.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 4/5] virnetdevtap: add virNetDevTapGetName
This will be used on a tap file descriptor returned by the bridge helper to populate the target element, because the helper does not provide the interface name. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/libvirt_private.syms | 1 + src/util/virnetdevtap.c | 33 + src/util/virnetdevtap.h | 3 +++ 3 files changed, 37 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index f241ec4..06085ba 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1515,6 +1515,7 @@ virNetDevOpenvswitchSetMigrateData; virNetDevTapCreate; virNetDevTapCreateInBridgePort; virNetDevTapDelete; +virNetDevTapGetName; # util/virnetdevveth.h diff --git a/src/util/virnetdevtap.c b/src/util/virnetdevtap.c index a884de1..e9fddf1 100644 --- a/src/util/virnetdevtap.c +++ b/src/util/virnetdevtap.c @@ -44,6 +44,39 @@ #define VIR_FROM_THIS VIR_FROM_NONE /** + * virNetDevTapGetName: + * @tapfd: a tun/tap file descriptor + * @ifname: a pointer that will receive the interface name + * + * Retrieve the interface name given a file descriptor for a tun/tap + * interface. + * + * Returns 0 if the interface name is successfully queried, -1 otherwise + */ +int +virNetDevTapGetName(int tapfd, char **ifname) +{ +#ifdef TUNGETIFF +struct ifreq ifr; + +/* The kernel will always return -1 at this point. + * If TUNGETIFF is not implemented then errno == EBADFD. + */ +if (ioctl(tapfd, TUNGETIFF, ifr) 0) { +virReportSystemError(errno, %s, + _(Unable to query tap interface name)); +return -1; +} + +*ifname = strdup(ifr.ifr_name); +return 0; +#else +return -1; +#endif +} + + +/** * virNetDevProbeVnetHdr: * @tapfd: a tun/tap file descriptor * diff --git a/src/util/virnetdevtap.h b/src/util/virnetdevtap.h index 980db61..6bfc80c 100644 --- a/src/util/virnetdevtap.h +++ b/src/util/virnetdevtap.h @@ -35,6 +35,9 @@ int virNetDevTapCreate(char **ifname, int virNetDevTapDelete(const char *ifname) ATTRIBUTE_NONNULL(1) ATTRIBUTE_RETURN_CHECK; +int virNetDevTapGetName(int tapfd, char **ifname) +ATTRIBUTE_NONNULL(2) ATTRIBUTE_RETURN_CHECK; + typedef enum { VIR_NETDEV_TAP_CREATE_NONE = 0, /* Bring the interface up */ -- 1.8.1.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/5] qemu_conf: add new configuration key bridge_helper
Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 8 src/qemu/qemu_conf.c | 3 +++ src/qemu/qemu_conf.h | 1 + src/qemu/test_libvirtd_qemu.aug.in | 1 + 5 files changed, 14 insertions(+) diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug index 91f5f77..61740a9 100644 --- a/src/qemu/libvirtd_qemu.aug +++ b/src/qemu/libvirtd_qemu.aug @@ -60,6 +60,7 @@ module Libvirtd_qemu = let process_entry = str_entry hugetlbfs_mount | bool_entry clear_emulator_capabilities + | str_entry bridge_helper | bool_entry set_process_name | int_entry max_processes | int_entry max_files diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf index dd853c8..87bdf70 100644 --- a/src/qemu/qemu.conf +++ b/src/qemu/qemu.conf @@ -301,6 +301,14 @@ #hugetlbfs_mount = /dev/hugepages +# Path to the setuid helper for creating tap devices. This executable +# is used to create source type='bridge' interfaces when libvirtd is +# running unprivileged. libvirt invokes the helper directly, instead +# of using -netdev bridge, for security reasons. +#bridge_helper = /usr/libexec/qemu-bridge-helper + + + # If clear_emulator_capabilities is enabled, libvirt will drop all # privileged capabilities of the QEmu/KVM emulator. This is enabled by # default. diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index c2e2e10..f648fc3 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -248,6 +248,7 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged) } } #endif +cfg-bridgeHelperName = strdup(/usr/libexec/qemu-bridge-helper); cfg-clearEmulatorCapabilities = true; @@ -297,6 +298,7 @@ static void virQEMUDriverConfigDispose(void *obj) VIR_FREE(cfg-hugetlbfsMount); VIR_FREE(cfg-hugepagePath); +VIR_FREE(cfg-bridgeHelperName); VIR_FREE(cfg-saveImageFormat); VIR_FREE(cfg-dumpImageFormat); @@ -509,6 +511,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg, GET_VALUE_BOOL(auto_start_bypass_cache, cfg-autoStartBypassCache); GET_VALUE_STR(hugetlbfs_mount, cfg-hugetlbfsMount); +GET_VALUE_STR(bridge_helper, cfg-bridgeHelperName); GET_VALUE_BOOL(mac_filter, cfg-macFilter); diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index c5ddaad..666ac33 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -117,6 +117,7 @@ struct _virQEMUDriverConfig { char *hugetlbfsMount; char *hugepagePath; +char *bridgeHelperName; bool macFilter; diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in index 2892204..0aec997 100644 --- a/src/qemu/test_libvirtd_qemu.aug.in +++ b/src/qemu/test_libvirtd_qemu.aug.in @@ -49,6 +49,7 @@ module Test_libvirtd_qemu = { auto_dump_bypass_cache = 0 } { auto_start_bypass_cache = 0 } { hugetlbfs_mount = /dev/hugepages } +{ bridge_helper = /usr/libexec/qemu-bridge-helper } { clear_emulator_capabilities = 1 } { set_process_name = 1 } { max_processes = 0 } -- 1.8.1.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/5] util: simplify virSetUIDGIDWithCaps
The need_prctl variable is not really needed. If it is false, capng_apply will be called twice with the same set, causing a little extra work but no problem. This keeps the code a bit simpler. It is also clearer to invoke capng_apply(CAPNG_SELECT_BOUNDS) separately, to make sure it is done while we have CAP_SETPCAP. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/util/virutil.c | 18 +++--- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/src/util/virutil.c b/src/util/virutil.c index 42b4295..36e6cee 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -3003,7 +3003,7 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits, { int ii, capng_ret, ret = -1; bool need_setgid = false, need_setuid = false; -bool need_prctl = false, need_setpcap = false; +bool need_setpcap = false; /* First drop all caps (unless the requested uid is unchanged or * root and clearExistingCaps wasn't requested), then add back @@ -3043,17 +3043,15 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits, capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETPCAP); # endif -need_prctl = capBits || need_setgid || need_setuid || need_setpcap; - /* Tell system we want to keep caps across uid change */ -if (need_prctl prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { +if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) { virReportSystemError(errno, %s, _(prctl failed to set KEEPCAPS)); goto cleanup; } /* Change to the temp capabilities */ -if ((capng_ret = capng_apply(CAPNG_SELECT_BOTH)) 0) { +if ((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(cannot apply process capabilities %d), capng_ret); goto cleanup; @@ -3063,12 +3061,18 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits, goto cleanup; /* Tell it we are done keeping capabilities */ -if (need_prctl prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0)) { +if (prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0)) { virReportSystemError(errno, %s, _(prctl failed to reset KEEPCAPS)); goto cleanup; } +/* Set bounding set while we have CAP_SETPCAP. Unfortunately we cannot + * do this if we failed to get the capability above, so ignore the + * return value. + */ +capng_apply(CAPNG_SELECT_BOUNDS); + /* Drop the caps that allow setuid/gid (unless they were requested) */ if (need_setgid) capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETGID); @@ -3078,7 +3082,7 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, unsigned long long capBits, if (need_setpcap) capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETPCAP); -if (need_prctl ((capng_ret = capng_apply(CAPNG_SELECT_BOTH)) 0)) { +if (((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) 0)) { virReportError(VIR_ERR_INTERNAL_ERROR, _(cannot apply process capabilities %d), capng_ret); ret = -1; -- 1.8.1.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 5/5] qemu: launch bridge helper from libvirtd
source type='bridge' uses a helper application to do the necessary TUN/TAP setup to use an existing network bridge, thus letting unprivileged users use TUN/TAP interfaces. However, libvirt should be preventing QEMU from running any setuid programs at all, which would include this helper program. From a security POV, any setuid helper needs to be run by libvirtd itself, not QEMU. This is what this patch does. libvirt now invokes the setuid helper, gets the TAP fd and then passes it to QEMU in the normal manner. The path to the helper is specified in qemu.conf. As a small advantage, this adds a target dev='tap0'/ element to the XML of an active domain using interface type='bridge'. Signed-off-by: Paolo Bonzini pbonz...@redhat.com --- src/qemu/qemu_command.c | 133 +++- src/qemu/qemu_command.h | 1 - src/qemu/qemu_hotplug.c | 25 +++-- 3 files changed, 106 insertions(+), 53 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index a0c278f..fa31102 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -28,12 +28,14 @@ #include qemu_capabilities.h #include qemu_bridge_filter.h #include cpu/cpu.h +#include passfd.h #include viralloc.h #include virlog.h #include virarch.h #include virerror.h #include virutil.h #include virfile.h +#include virnetdev.h #include virstring.h #include viruuid.h #include c-ctype.h @@ -46,6 +48,9 @@ #include base64.h #include device_conf.h #include virstoragefile.h +#if defined(__linux__) +# include linux/capability.h +#endif #include sys/stat.h #include fcntl.h @@ -193,6 +198,77 @@ error: } +/** + * qemuCreateInBridgePortWithHelper: + * @cfg: the configuration object in which the helper name is looked up + * @brname: the bridge name + * @ifname: the returned interface name + * @macaddr: the returned MAC address + * @tapfd: file descriptor return value for the new tap device + * @flags: OR of virNetDevTapCreateFlags: + + * VIR_NETDEV_TAP_CREATE_VNET_HDR + * - Enable IFF_VNET_HDR on the tap device + * + * This function creates a new tap device on a bridge using an external + * helper. The final name for the bridge will be stored in @ifname. + * + * Returns 0 in case of success or -1 on failure + */ +static int qemuCreateInBridgePortWithHelper(virQEMUDriverConfigPtr cfg, +const char *brname, +char **ifname, +int *tapfd, +unsigned int flags) +{ +virCommandPtr cmd; +int status; +int pair[2] = { -1, -1 }; + +if ((flags ~VIR_NETDEV_TAP_CREATE_VNET_HDR) != VIR_NETDEV_TAP_CREATE_IFUP) +return -1; + +if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) 0) { +virReportSystemError(errno, %s, _(failed to create socket)); +return -1; +} + +cmd = virCommandNew(cfg-bridgeHelperName); +if (flags VIR_NETDEV_TAP_CREATE_VNET_HDR) +virCommandAddArgFormat(cmd, --use-vnet); +virCommandAddArgFormat(cmd, --br=%s, brname); +virCommandAddArgFormat(cmd, --fd=%d, pair[1]); +virCommandTransferFD(cmd, pair[1]); +virCommandClearCaps(cmd); +#ifdef CAP_NET_ADMIN +virCommandAllowCap(cmd, CAP_NET_ADMIN); +#endif +if (virCommandRunAsync(cmd, NULL) 0) { +*tapfd = -1; +goto out; +} + +do { +*tapfd = recvfd(pair[0], 0); +} while (*tapfd 0 errno == EINTR); +if (*tapfd 0) { +virReportSystemError(errno, %s, + _(failed to retrieve file descriptor for interface)); +goto out; +} + +if (virNetDevTapGetName(*tapfd, ifname) 0 || +virCommandWait(cmd, status) 0) { +VIR_FORCE_CLOSE(*tapfd); +*tapfd = -1; +} + +out: +virCommandFree(cmd); +VIR_FORCE_CLOSE(pair[0]); +return *tapfd 0 ? -1 : 0; +} + int qemuNetworkIfaceConnect(virDomainDefPtr def, virConnectPtr conn, @@ -270,11 +346,17 @@ qemuNetworkIfaceConnect(virDomainDefPtr def, tap_create_flags |= VIR_NETDEV_TAP_CREATE_VNET_HDR; } -err = virNetDevTapCreateInBridgePort(brname, net-ifname, net-mac, - def-uuid, tapfd, - virDomainNetGetActualVirtPortProfile(net), - virDomainNetGetActualVlan(net), - tap_create_flags); +if (cfg-privileged) +err = virNetDevTapCreateInBridgePort(brname, net-ifname, net-mac, + def-uuid, tapfd, + virDomainNetGetActualVirtPortProfile(net), + virDomainNetGetActualVlan(net), + tap_create_flags); +else +err =
[libvirt] [PATCH 0/5] qemu: invoke qemu-bridge-helper from libvirtd
The interface type='bridge' is working mostly because of a bad design decision in Linux. Ideally, QEMU would run with an empty capability bounding set and would not be able to do any privileged operation (not even by running a helper program). This is not the case because dropping capabilities from the bounding set requires a capability of its own, CAP_SETPCAP; thus QEMU does *not* run with an empty bounding set if invoked via qemu:///session. This series lets libvirtd invoke the privileged helper program on its own, which is a cleaner design that would work even if the above Linux bug was not there. Also, this adds a target dev='tap0'/ element to the XML of an active domain using interface type='bridge'. libvirt now needs to know the path to the helper (patch 3), and must not set permitted/effective capabilities on children when running unprivileged (patches 1/2). Apart from this, the recvfd and virCommand APIs make the task almost trivial. Paolo Bonzini (5): util: simplify virSetUIDGIDWithCaps util: allow using virCommandAllowCap with setuid helpers qemu_conf: add new configuration key bridge_helper virnetdevtap: add virNetDevTapGetName qemu: launch bridge helper from libvirtd src/libvirt_private.syms | 1 + src/qemu/libvirtd_qemu.aug | 1 + src/qemu/qemu.conf | 8 +++ src/qemu/qemu_command.c| 133 +++-- src/qemu/qemu_command.h| 1 - src/qemu/qemu_conf.c | 3 + src/qemu/qemu_conf.h | 1 + src/qemu/qemu_hotplug.c| 25 +++ src/qemu/test_libvirtd_qemu.aug.in | 1 + src/util/virnetdevtap.c| 33 + src/util/virnetdevtap.h| 3 + src/util/virutil.c | 36 +++--- 12 files changed, 183 insertions(+), 63 deletions(-) -- 1.8.1.4 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Revert qemu: detect multi-head qxl via more than version check
On 03/15/2013 12:33 PM, Eric Blake wrote: This reverts commit 5ac846e42e5b7e0475f6aa9cc1e0b0c8dac84d44. Ping - this really needs to go in 1.0.4. After further discussions with Alon Levy, I learned the following: The use of '-vga qxl' vs. '-device qxl-vga' is completely orthogonal to whether ram_size can be exposed. Downstream distros are interested in backporting support for multi-head qxl, but this can be done in one of two ways: 1. Support one head per PCI device. If you do this, then it makes sense to have full control over the PCI address of each device. For full control, you need '-device qxl-vga' instead of '-vga qxl'. 2. Support multiple heads through a single PCI device. If you do this, then you need to allocate more RAM to that PCI device (enough ram to cover the multiple screens). Here, the device is hard-coded to 0:0:2.0, both in qemu and libvirt code. Apparently, backporting ram_size changes to allow multiple heads in a single device is much easier than backporting multiple device support. Furthermore, the presence or absence of qxl-vga.surfaces is no different than the presence or absence of qxl-vga.ram_size; both properties can be applied regardless of whether you have one PCI device (-vga qxl) or multiple (-device qxl-vga), so this property is NOT a good witness of whether '-device qxl-vga' support has been backported. Downstream RHEL will NOT be using this patch; and worse, leaving this patch in risks doing the wrong thing if compiling upstream libvirt on RHEL, so the best course of action is to revert it. That means that libvirt will go back to only using '-device qxl-vga' for qemu = 1.2, but this is just fine because we know of no distros that plan on backporting multiple PCI address support to any older version of qemu. Meanwhile, downstream can still use ram_size to pack multiple heads through a single PCI device. --- src/qemu/qemu_capabilities.c| 7 --- tests/qemuhelpdata/qemu-1.2.0-device| 16 tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device | 10 -- tests/qemuhelpdata/qemu-kvm-1.2.0-device| 16 4 files changed, 49 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 519d2c5..9a1b781 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -1387,10 +1387,6 @@ static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsUsbHost[] = { { bootindex, QEMU_CAPS_USB_HOST_BOOTINDEX }, }; -static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsQxlVga[] = { -{ surfaces, QEMU_CAPS_DEVICE_VIDEO_PRIMARY }, -}; - struct virQEMUCapsObjectTypeProps { const char *type; struct virQEMUCapsStringFlags *props; @@ -1424,8 +1420,6 @@ static struct virQEMUCapsObjectTypeProps virQEMUCapsObjectProps[] = { ARRAY_CARDINALITY(virQEMUCapsObjectPropsUsbRedir) }, { usb-host, virQEMUCapsObjectPropsUsbHost, ARRAY_CARDINALITY(virQEMUCapsObjectPropsUsbHost) }, -{ qxl-vga, virQEMUCapsObjectPropsQxlVga, - ARRAY_CARDINALITY(virQEMUCapsObjectPropsQxlVga) }, }; @@ -1623,7 +1617,6 @@ virQEMUCapsExtractDeviceStr(const char *qemu, -device, usb-redir,?, -device, ide-drive,?, -device, usb-host,?, - -device, qxl-vga,?, NULL); /* qemu -help goes to stdout, but qemu -device ? goes to stderr. */ virCommandSetErrorBuffer(cmd, output); diff --git a/tests/qemuhelpdata/qemu-1.2.0-device b/tests/qemuhelpdata/qemu-1.2.0-device index 027d99a..5613e00 100644 --- a/tests/qemuhelpdata/qemu-1.2.0-device +++ b/tests/qemuhelpdata/qemu-1.2.0-device @@ -208,19 +208,3 @@ usb-host.bootindex=int32 usb-host.pipeline=on/off usb-host.port=string usb-host.full-path=on/off -qxl-vga.ram_size=uint32 -qxl-vga.vram_size=uint32 -qxl-vga.revision=uint32 -qxl-vga.debug=uint32 -qxl-vga.guestdebug=uint32 -qxl-vga.cmdlog=uint32 -qxl-vga.ram_size_mb=uint32 -qxl-vga.vram_size_mb=uint32 -qxl-vga.vram64_size_mb=uint32 -qxl-vga.vgamem_mb=uint32 -qxl-vga.surfaces=int32 -qxl-vga.addr=pci-devfn -qxl-vga.romfile=string -qxl-vga.rombar=uint32 -qxl-vga.multifunction=on/off -qxl-vga.command_serr_enable=on/off diff --git a/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device b/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device index 5eab539..ee0fd78 100644 --- a/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device +++ b/tests/qemuhelpdata/qemu-kvm-0.12.1.2-rhel62-beta-device @@ -118,13 +118,3 @@ virtio-net-pci.addr=pci-devfn virtio-net-pci.romfile=string virtio-net-pci.rombar=uint32 virtio-net-pci.multifunction=on/off -qxl-vga.ram_size=uint32 -qxl-vga.vram_size=uint32 -qxl-vga.revision=uint32 -qxl-vga.debug=uint32 -qxl-vga.guestdebug=uint32 -qxl-vga.cmdlog=uint32
Re: [libvirt] Entering freeze for libvirt-1.0.4
On 25/03/13 21:42, Daniel Veillard wrote: Based on the discussions from last week, we are entering freeze now, I tagged v1.0.4-rc1 in git and pushed libvirt-1.0.4-rc1.tar.gz as well as rpms for F17 at the usual place: ftp://libvirt.org/libvirt/ This looks functional for my limited testing, but give it a try. Hopefully since 1.0.3 wasn't too long ago we should be mostly okay :) And of course a release on April Fool sounds like a good target ! I just want to reply a lol.. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] libvirt-guests: newline between output sentences
On 03/20/2013 10:08 PM, Osier Yang wrote: On 2013年03月20日 22:56, Eric Blake wrote: Right now, libvirt-guests gives awkward output. It's possible to force faster failure by setting /etc/sysconfig/libvirt-guests to use: * tools/libvirt-guests.sh.in (shutdown_guest): Add missing newline. Reported off-list by Xuesong Zhang. --- ACK Thanks; pushed. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] python: set default value to optional arguments
On 03/25/2013 10:18 AM, Guannan Ren wrote: When prefixing with string (optional) or optional in the description of arguments to libvirt C APIs, in python, these arguments will be set as optional arugments, for example: * virDomainSaveFlags: * @domain: a domain object * @to: path for the output file * @dxml: (optional) XML config for adjusting guest xml used on restore * @flags: bitwise-OR of virDomainSaveRestoreFlags the corresponding python APIs is restoreFlags(self, frm, dxml=None, flags=0) The following python APIs are changed to: blockCommit(self, disk, base, top, bandwidth=0, flags=0) blockPull(self, disk, bandwidth=0, flags=0) blockRebase(self, disk, base, bandwidth=0, flags=0) migrate(self, dconn, flags=0, dname=None, uri=None, bandwidth=0) migrate2(self, dconn, dxml=None, flags=0, dname=None, uri=None, bandwidth=0) migrateToURI(self, duri, flags=0, dname=None, bandwidth=0) migrateToURI2(self, dconnuri=None, miguri=None, dxml=None, flags=0, \ dname=None, bandwidth=0) saveFlags(self, to, dxml=None, flags=0) migrate(self, domain, flags=0, dname=None, uri=None, bandwidth=0) migrate2(self, domain, dxml=None, flags=0, dname=None, uri=None, bandwidth=0) restoreFlags(self, frm, dxml=None, flags=0) --- python/generator.py | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/python/generator.py b/python/generator.py index 0237374..7586ffc 100755 --- a/python/generator.py +++ b/python/generator.py @@ -1005,6 +1005,8 @@ functions_int_default_test = %s == -1 def is_integral_type (name): return not re.search (^(unsigned)? ?(int|long)$, name) is None +def is_optional_arg(info): +return not re.search(^\(?\optional\)?, info) is None Use is not None in here, I believe it is described in best practices. # Functions returning lists which need special rules to check for errors # and raise exceptions. functions_list_exception_test = { @@ -1488,9 +1490,12 @@ def buildWrappers(module): for arg in args: if n != index: classes.write(, %s % arg[0]) +if arg[0] == flags or is_optional_arg(arg[2]): +if is_integral_type(arg[1]): + classes.write(=0) +else: + classes.write(=None) n = n + 1 -if arg[0] == flags: -classes.write(=0) classes.write():\n) writeDoc(module, name, args, '', classes) n = 0 We have a check for flags being always unsigned long, so I see no place this could make any problems. ACK, Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Fix virConnectOpen.*() name requirements
virConnectOpenAuth didn't require 'name' to be specified (VIR_DEBUG used NULLSTR() for the output) and by default, if name == NULL, the default connection uri is used. This was not indicated in the documentation and wasn't checked for in other API's VIR_DEBUG outputs. --- Thanks to Guannan's patch, this makes the following possible in python: conn = libvirt.open() which I personally find pretty nice. --- src/libvirt.c | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libvirt.c b/src/libvirt.c index 1624776..4b9ea75 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -1334,7 +1334,7 @@ failed: /** * virConnectOpen: - * @name: URI of the hypervisor + * @name: (optional) URI of the hypervisor * * This function should be called first to get a connection to the * Hypervisor and xen store @@ -1362,7 +1362,7 @@ virConnectOpen(const char *name) if (virInitialize() 0) goto error; -VIR_DEBUG(name=%s, name); +VIR_DEBUG(name=%s, NULLSTR(name)); virResetLastError(); ret = do_open(name, NULL, 0); if (!ret) @@ -1376,7 +1376,7 @@ error: /** * virConnectOpenReadOnly: - * @name: URI of the hypervisor + * @name: (optional) URI of the hypervisor * * This function should be called first to get a restricted connection to the * library functionalities. The set of APIs usable are then restricted @@ -1397,7 +1397,7 @@ virConnectOpenReadOnly(const char *name) if (virInitialize() 0) goto error; -VIR_DEBUG(name=%s, name); +VIR_DEBUG(name=%s, NULLSTR(name)); virResetLastError(); ret = do_open(name, NULL, VIR_CONNECT_RO); if (!ret) @@ -1411,7 +1411,7 @@ error: /** * virConnectOpenAuth: - * @name: URI of the hypervisor + * @name: (optional) URI of the hypervisor * @auth: Authenticate callback parameters * @flags: bitwise-OR of virConnectFlags * -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/7 v3] Persistent vHBA support in storage driver
v2: https://www.redhat.com/archives/libvir-list/2013-February/msg00118.html v2 - v3: * 6/8 of v1 is ACKed/pushed. * Use virStringToLong_ui instead of sscanf * Fixed various nits pointed out by John This is the 3rd part to implement NPIV migration support [1]. Part 1: (pushed) https://www.redhat.com/archives/libvir-list/2013-February/msg00112.html Part 2: (pushed) https://www.redhat.com/archives/libvir-list/2013-January/msg00859.html Osier Yang (7): New XML attributes for storage pool source adapter storage: Make the adapter name be consistent with node device driver storage: Move virStorageBackendSCSIGetHostNumber into iscsi backend phyp: Prohibit fc_host adapter for phyp driver util: Add helper to get the scsi host name by iterating over sysfs storage: Add startPool and stopPool for scsi backend storage: Guess the parent if it's not specified for vHBA docs/formatstorage.html.in | 17 +- docs/schemas/storagepool.rng | 33 +++- src/conf/storage_conf.c| 132 +- src/conf/storage_conf.h| 23 ++- src/libvirt_private.syms | 4 + src/phyp/phyp_driver.c | 15 +- src/storage/storage_backend_iscsi.c| 39 +++- src/storage/storage_backend_scsi.c | 202 +++-- src/storage/storage_backend_scsi.h | 3 - src/util/virutil.c | 202 + src/util/virutil.h | 11 +- .../pool-scsi-type-fc-host.xml | 15 ++ .../pool-scsi-type-scsi-host.xml | 15 ++ .../pool-scsi-type-fc-host.xml | 18 ++ .../pool-scsi-type-scsi-host.xml | 18 ++ tests/storagepoolxml2xmlout/pool-scsi.xml | 2 +- tests/storagepoolxml2xmltest.c | 2 + 17 files changed, 669 insertions(+), 82 deletions(-) create mode 100644 tests/storagepoolxml2xmlin/pool-scsi-type-fc-host.xml create mode 100644 tests/storagepoolxml2xmlin/pool-scsi-type-scsi-host.xml create mode 100644 tests/storagepoolxml2xmlout/pool-scsi-type-fc-host.xml create mode 100644 tests/storagepoolxml2xmlout/pool-scsi-type-scsi-host.xml -- 1.8.0.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 6/7] storage: Add startPool and stopPool for scsi backend
startPool creates the vHBA if it's not existed yet, stopPool destroys the vHBA. Also to support autostart, checkPool will creates the vHBA if it's not existed yet. --- src/storage/storage_backend_scsi.c | 64 ++ 1 file changed, 64 insertions(+) diff --git a/src/storage/storage_backend_scsi.c b/src/storage/storage_backend_scsi.c index 258c82e..0bb4e70 100644 --- a/src/storage/storage_backend_scsi.c +++ b/src/storage/storage_backend_scsi.c @@ -646,6 +646,36 @@ getAdapterName(virStoragePoolSourceAdapter adapter) } static int +createVport(virStoragePoolSourceAdapter adapter) +{ +unsigned int parent_host; + +if (adapter.type != VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_FC_HOST) +return 0; + +/* This filters either HBA or already created vHBA */ +if (virGetFCHostNameByWWN(NULL, adapter.data.fchost.wwnn, + adapter.data.fchost.wwpn)) +return 0; + +if (!adapter.data.fchost.parent) { +virReportError(VIR_ERR_XML_ERROR, %s, + _('parent' for vHBA must be specified)); +return -1; +} + +if (getHostNumber(adapter.data.fchost.parent, parent_host) 0) +return -1; + +if (virManageVport(parent_host, adapter.data.fchost.wwnn, + adapter.data.fchost.wwpn, VPORT_CREATE) 0) +return -1; + +virFileWaitForDevices(); +return 0; +} + +static int virStorageBackendSCSICheckPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, bool *isActive) @@ -707,10 +737,44 @@ out: return ret; } +static int +virStorageBackendSCSIStartPool(virConnectPtr conn ATTRIBUTE_UNUSED, + virStoragePoolObjPtr pool) +{ +virStoragePoolSourceAdapter adapter = pool-def-source.adapter; + +return createVport(adapter); +} + +static int +virStorageBackendSCSIStopPool(virConnectPtr conn ATTRIBUTE_UNUSED, + virStoragePoolObjPtr pool) +{ +virStoragePoolSourceAdapter adapter = pool-def-source.adapter; +unsigned int parent_host; + +if (adapter.type != VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_FC_HOST) +return 0; + +if (!(virGetFCHostNameByWWN(NULL, adapter.data.fchost.wwnn, +adapter.data.fchost.wwpn))) +return -1; + +if (getHostNumber(adapter.data.fchost.parent, parent_host) 0) +return -1; + +if (virManageVport(parent_host, adapter.data.fchost.wwnn, + adapter.data.fchost.wwpn, VPORT_DELETE) 0) +return -1; + +return 0; +} virStorageBackend virStorageBackendSCSI = { .type = VIR_STORAGE_POOL_SCSI, .checkPool = virStorageBackendSCSICheckPool, .refreshPool = virStorageBackendSCSIRefreshPool, +.startPool = virStorageBackendSCSIStartPool, +.stopPool = virStorageBackendSCSIStopPool, }; -- 1.8.0.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 5/7] util: Add helper to get the scsi host name by iterating over sysfs
The helper iterates over sysfs, to find out the matched scsi host name by comparing the wwnn,wwpn pair. It will be used by checkPool and refreshPool of storage scsi backend. New helper getAdapterName is introduced in storage_backend_scsi.c, which uses the new util helper virGetFCHostNameByWWN to get the fc_host adapter name. --- src/libvirt_private.syms | 1 + src/storage/storage_backend_scsi.c | 49 ++--- src/util/virutil.c | 109 + src/util/virutil.h | 9 ++- 4 files changed, 159 insertions(+), 9 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 39c02ad..3df7632 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1854,6 +1854,7 @@ virFindFileInPath; virFormatIntDecimal; virGetDeviceID; virGetDeviceUnprivSGIO; +virGetFCHostNameByWWN; virGetGroupID; virGetGroupName; virGetHostname; diff --git a/src/storage/storage_backend_scsi.c b/src/storage/storage_backend_scsi.c index 1bf6c0b..258c82e 100644 --- a/src/storage/storage_backend_scsi.c +++ b/src/storage/storage_backend_scsi.c @@ -603,6 +603,8 @@ getHostNumber(const char *adapter_name, */ if (STRPREFIX(host, scsi_host)) { host += strlen(scsi_host); +} else if (STRPREFIX(host, fc_host)) { +host += strlen(fc_host); } else if (STRPREFIX(host, host)) { host += strlen(host); } else { @@ -622,42 +624,74 @@ getHostNumber(const char *adapter_name, return 0; } +static char * +getAdapterName(virStoragePoolSourceAdapter adapter) +{ +char *name = NULL; + +if (adapter.type != VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_FC_HOST) +return strdup(adapter.data.name); + +if (!(name = virGetFCHostNameByWWN(NULL, + adapter.data.fchost.wwnn, + adapter.data.fchost.wwpn))) { +virReportError(VIR_ERR_XML_ERROR, + _(Failed to find SCSI host with wwnn='%s', + wwpn='%s'), adapter.data.fchost.wwnn, + adapter.data.fchost.wwpn); +return NULL; +} + +return name; +} + static int virStorageBackendSCSICheckPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, bool *isActive) { -char *path; +char *path = NULL; +char *name = NULL; unsigned int host; +int ret = -1; *isActive = false; -if (getHostNumber(pool-def-source.adapter.data.name, host) 0) +if (!(name = getAdapterName(pool-def-source.adapter))) return -1; +if (getHostNumber(name, host) 0) +goto cleanup; + if (virAsprintf(path, /sys/class/scsi_host/host%d, host) 0) { virReportOOMError(); -return -1; +goto cleanup; } if (access(path, F_OK) == 0) *isActive = true; +ret = 0; +cleanup: VIR_FREE(path); - -return 0; +VIR_FREE(name); +return ret; } static int virStorageBackendSCSIRefreshPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool) { -int ret = -1; +char *name = NULL; unsigned int host; +int ret = -1; pool-def-allocation = pool-def-capacity = pool-def-available = 0; -if (getHostNumber(pool-def-source.adapter.data.name, host) 0) +if (!(name = getAdapterName(pool-def-source.adapter))) +return -1; + +if (getHostNumber(name, host) 0) goto out; VIR_DEBUG(Scanning host%u, host); @@ -669,6 +703,7 @@ virStorageBackendSCSIRefreshPool(virConnectPtr conn ATTRIBUTE_UNUSED, ret = 0; out: +VIR_FREE(name); return ret; } diff --git a/src/util/virutil.c b/src/util/virutil.c index 557225c..a8b9962 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -26,6 +26,7 @@ #include config.h +#include dirent.h #include stdio.h #include stdarg.h #include stdlib.h @@ -3570,6 +3571,105 @@ cleanup: VIR_FREE(operation_path); return ret; } + +/* virGetHostNameByWWN: + * + * Iterate over the sysfs tree to get SCSI host name (e.g. scsi_host5) + * by wwnn,wwpn pair. + */ +char * +virGetFCHostNameByWWN(const char *sysfs_prefix, + const char *wwnn, + const char *wwpn) +{ +const char *prefix = sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH; +struct dirent *entry = NULL; +DIR *dir = NULL; +char *wwnn_path = NULL; +char *wwpn_path = NULL; +char *wwnn_buf = NULL; +char *wwpn_buf = NULL; +char *p; +char *ret = NULL; + +if (!(dir = opendir(prefix))) { +virReportSystemError(errno, + _(Failed to opendir path '%s'), + prefix); +return NULL; +} + +# define READ_WWN(wwn_path, buf) \ +do { \ +
[libvirt] [PATCH 7/7] storage: Guess the parent if it's not specified for vHBA
This finds the parent for vHBA by iterating over all the HBA which supports vport_ops capability on the host, and return the first one which is online, not saturated (vports in use is less than max_vports). --- src/libvirt_private.syms | 1 + src/storage/storage_backend_scsi.c | 10 ++-- src/util/virutil.c | 93 ++ src/util/virutil.h | 2 + 4 files changed, 102 insertions(+), 4 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 3df7632..932a448 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1850,6 +1850,7 @@ virFileStripSuffix; virFileUnlock; virFileWaitForDevices; virFileWriteStr; +virFindFCHostCapableVport; virFindFileInPath; virFormatIntDecimal; virGetDeviceID; diff --git a/src/storage/storage_backend_scsi.c b/src/storage/storage_backend_scsi.c index 0bb4e70..b1ff127 100644 --- a/src/storage/storage_backend_scsi.c +++ b/src/storage/storage_backend_scsi.c @@ -658,10 +658,12 @@ createVport(virStoragePoolSourceAdapter adapter) adapter.data.fchost.wwpn)) return 0; -if (!adapter.data.fchost.parent) { -virReportError(VIR_ERR_XML_ERROR, %s, - _('parent' for vHBA must be specified)); -return -1; +if (!adapter.data.fchost.parent +!(adapter.data.fchost.parent = virFindFCHostCapableVport(NULL))) { + virReportError(VIR_ERR_XML_ERROR, %s, + _('parent' for vHBA not specified, and + cannot find one on this host)); + return -1; } if (getHostNumber(adapter.data.fchost.parent, parent_host) 0) diff --git a/src/util/virutil.c b/src/util/virutil.c index a8b9962..55d807e 100644 --- a/src/util/virutil.c +++ b/src/util/virutil.c @@ -3670,6 +3670,92 @@ cleanup: VIR_FREE(wwpn_buf); return ret; } + +# define PORT_STATE_ONLINE Online + +/* virFindFCHostCapableVport: + * + * Iterate over the sysfs and find out the first online HBA which + * supports vport, and not saturated,. + */ +char * +virFindFCHostCapableVport(const char *sysfs_prefix) +{ +const char *prefix = sysfs_prefix ? sysfs_prefix : SYSFS_FC_HOST_PATH; +DIR *dir = NULL; +struct dirent *entry = NULL; +char *max_vports = NULL; +char *vports = NULL; +char *state = NULL; +char *ret = NULL; + +if (!(dir = opendir(prefix))) { +virReportSystemError(errno, + _(Failed to opendir path '%s'), + prefix); +return NULL; +} + +while ((entry = readdir(dir))) { +unsigned int host; +char *p = NULL; + +if (entry-d_name[0] == '.') +continue; + +p = entry-d_name + strlen(host); +if (virStrToLong_ui(p, NULL, 10, host) == -1) { +VIR_DEBUG(Failed to parse host number from '%s', + entry-d_name); +continue; +} + +if (!virIsCapableVport(NULL, host)) +continue; + +if (virReadFCHost(NULL, host, port_state, state) 0) { + VIR_DEBUG(Failed to read port_state for host%d, host); + continue; +} + +/* Skip the not online FC host */ +if (!STREQ(state, PORT_STATE_ONLINE)) { +VIR_FREE(state); +continue; +} +VIR_FREE(state); + +if (virReadFCHost(NULL, host, max_npiv_vports, max_vports) 0) { + VIR_DEBUG(Failed to read max_npiv_vports for host%d, host); + continue; +} + +if (virReadFCHost(NULL, host, npiv_vports_inuse, vports) 0) { + VIR_DEBUG(Failed to read npiv_vports_inuse for host%d, host); + VIR_FREE(max_vports); + continue; +} + +/* Compare from the strings directly, instead of converting + * the strings to integers first + */ +if ((strlen(max_vports) = strlen(vports)) || +((strlen(max_vports) == strlen(vports)) + strcmp(max_vports, vports) 0)) { +ret = strdup(entry-d_name); +goto cleanup; +} + +VIR_FREE(max_vports); +VIR_FREE(vports); +} + +cleanup: +closedir(dir); +VIR_FREE(max_vports); +VIR_FREE(vports); +return ret; +} #else int virReadFCHost(const char *sysfs_prefix ATTRIBUTE_UNUSED, @@ -3715,4 +3801,11 @@ virGetFCHostNameByWWN(const char *sysfs_prefix ATTRIBUTE_UNUSED, return NULL; } +char * +virFindFCHostCapableVport(const char *sysfs_prefix ATTRIBUTE_UNUSED) +{ +virReportSystemError(ENOSYS, %s, _(Not supported on this platform)); +return NULL; +} + #endif /* __linux__ */ diff --git a/src/util/virutil.h b/src/util/virutil.h index d134034..cde4218 100644 --- a/src/util/virutil.h +++ b/src/util/virutil.h @@ -322,4 +322,6 @@ char *virGetFCHostNameByWWN(const char *sysfs_prefix,
[libvirt] [PATCH 1/7] New XML attributes for storage pool source adapter
This introduces 4 new attributes for storage pool source adapter. E.g. adapter type='fc_host' parent='scsi_host5' wwnn='2000c9831b4b' wwpn='1000c9831b4b'/ Attribute 'type' can be either 'scsi_host' or 'fc_host', and defaults to 'scsi_host' if attribute 'name' is specified. I.e. It's optional for 'scsi_host' adapter, for back-compat reason. However, mandatory for 'fc_host' adapter and any new future adapter types. Attribute 'parent' is to specify the parent for the fc_host adapter. * docs/formatstorage.html.in: - Add documents for the 4 new attrs * docs/schemas/storagepool.rng: - Add RNG schema * src/conf/storage_conf.c: - Parse and format the new XMLs * src/conf/storage_conf.h: - New struct virStoragePoolSourceAdapter, replace char *adapter with it; - New enum virStoragePoolSourceAdapterType * src/libvirt_private.syms: - Export TypeToString and TypeFromString * src/phyp/phyp_driver.c: - Replace adapter with adapter.data.name, which is member of the union of the new struct virStoragePoolSourceAdapter now. Later patch will add the checking, as adapter.data.name is only valid for scsi_host adapter. * src/storage/storage_backend_scsi.c: - Like above * tests/storagepoolxml2xmlin/pool-scsi-type-scsi-host.xml: * tests/storagepoolxml2xmlin/pool-scsi-type-fc-host.xml: - New test for 'fc_host' and scsi_host adapter * tests/storagepoolxml2xmlout/pool-scsi.xml: - Change the expected output, as the 'type' defaults to 'scsi_host' if 'name specified now * tests/storagepoolxml2xmlout/pool-scsi-type-scsi-host.xml: * tests/storagepoolxml2xmlout/pool-scsi-type-fc-host.xml: - New test * tests/storagepoolxml2xmltest.c: - Include the test --- docs/formatstorage.html.in | 16 ++- docs/schemas/storagepool.rng | 33 +- src/conf/storage_conf.c| 132 +++-- src/conf/storage_conf.h| 23 +++- src/libvirt_private.syms | 2 + src/phyp/phyp_driver.c | 8 +- src/storage/storage_backend_scsi.c | 6 +- .../pool-scsi-type-fc-host.xml | 15 +++ .../pool-scsi-type-scsi-host.xml | 15 +++ .../pool-scsi-type-fc-host.xml | 18 +++ .../pool-scsi-type-scsi-host.xml | 18 +++ tests/storagepoolxml2xmlout/pool-scsi.xml | 2 +- tests/storagepoolxml2xmltest.c | 2 + 13 files changed, 266 insertions(+), 24 deletions(-) create mode 100644 tests/storagepoolxml2xmlin/pool-scsi-type-fc-host.xml create mode 100644 tests/storagepoolxml2xmlin/pool-scsi-type-scsi-host.xml create mode 100644 tests/storagepoolxml2xmlout/pool-scsi-type-fc-host.xml create mode 100644 tests/storagepoolxml2xmlout/pool-scsi-type-scsi-host.xml diff --git a/docs/formatstorage.html.in b/docs/formatstorage.html.in index 9b68738..eff3016 100644 --- a/docs/formatstorage.html.in +++ b/docs/formatstorage.html.in @@ -88,8 +88,20 @@ span class=sinceSince 0.4.1/span/dd dtcodeadapter/code/dt ddProvides the source for pools backed by SCSI adapters. May -only occur once. Contains a single attribute codename/code -which is the SCSI adapter name (ex. host1). +only occur once. Attribute codename/code is the SCSI adapter +name (ex. host1). Attribute codetype/code +(span class=since1.0.4/span) specifies the adapter type. +Valid value are fc_host and scsi_host. If omitted and +the codename/code attribute is specified, then it defaults to +scsi_host. To keep backwards compatibility, the attribute +codetype/code is optional for the scsi_host adapter, but +mandatory for the fc_host adapter. Attributes codewwnn/code +(Word Wide Node Name) and codewwpn/code (Word Wide Port Name) +(span class=since1.0.4/span) are used by the fc_host adapter +to uniquely indentify the device in the Fibre Channel storage farbic +(the device can be either a HBA or vHBA). The optional attribute +codeparent/code (span class=since1.0.4/span) specifies the +parent device for the fc_host adapter. span class=sinceSince 0.6.2/span/dd dtcodehost/code/dt ddProvides the source for pools backed by storage from a diff --git a/docs/schemas/storagepool.rng b/docs/schemas/storagepool.rng index 0cc0406..43283d2 100644 --- a/docs/schemas/storagepool.rng +++ b/docs/schemas/storagepool.rng @@ -276,9 +276,36 @@ define name='sourceinfoadapter' element name='adapter' - attribute name='name' -text/ - /attribute + choice +group + !-- To keep back-compat, 'type' is not mandatory for + scsi_host adapter -- + optional +attribute name='type' + valuescsi_host/value +/attribute + /optional + attribute
[libvirt] [PATCH 4/7] phyp: Prohibit fc_host adapter for phyp driver
It's possible to support fc_host adapter for phyp driver too, but at this stage I'd like to not allow it when I'm not that clear how it works. --- src/phyp/phyp_driver.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/phyp/phyp_driver.c b/src/phyp/phyp_driver.c index 3a97364..a4e327e 100644 --- a/src/phyp/phyp_driver.c +++ b/src/phyp/phyp_driver.c @@ -2519,6 +2519,13 @@ phypBuildStoragePool(virConnectPtr conn, virStoragePoolDefPtr def) int exit_status = 0; virBuffer buf = VIR_BUFFER_INITIALIZER; +if (source.adapter.type != +VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_SCSI_HOST) { +virReportError(VIR_ERR_XML_ERROR, %s, + _(Only 'scsi_host' adapter is supported)); +goto cleanup; +} + if (system_type == HMC) virBufferAsprintf(buf, viosvrcmd -m %s --id %d -c ', managed_system, vios_id); -- 1.8.0.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/7] storage: Move virStorageBackendSCSIGetHostNumber into iscsi backend
It's only used by iscsi backend. --- src/storage/storage_backend_iscsi.c | 39 - src/storage/storage_backend_scsi.c | 39 - src/storage/storage_backend_scsi.h | 3 --- 3 files changed, 38 insertions(+), 43 deletions(-) diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_backend_iscsi.c index f374961..f6b76ed 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -23,6 +23,7 @@ #include config.h +#include dirent.h #include sys/socket.h #include netdb.h #include sys/types.h @@ -401,6 +402,42 @@ cleanup: return ret; } +static int +virStorageBackendISCSIGetHostNumber(const char *sysfs_path, +uint32_t *host) +{ +int retval = 0; +DIR *sysdir = NULL; +struct dirent *dirent = NULL; + +VIR_DEBUG(Finding host number from '%s', sysfs_path); + +virFileWaitForDevices(); + +sysdir = opendir(sysfs_path); + +if (sysdir == NULL) { +virReportSystemError(errno, + _(Failed to opendir path '%s'), sysfs_path); +retval = -1; +goto out; +} + +while ((dirent = readdir(sysdir))) { +if (STREQLEN(dirent-d_name, target, strlen(target))) { +if (sscanf(dirent-d_name, + target%u:, host) != 1) { +VIR_DEBUG(Failed to parse target '%s', dirent-d_name); +retval = -1; +break; +} +} +} + +closedir(sysdir); +out: +return retval; +} static int virStorageBackendISCSIFindLUs(virStoragePoolObjPtr pool, @@ -416,7 +453,7 @@ virStorageBackendISCSIFindLUs(virStoragePoolObjPtr pool, return -1; } -if (virStorageBackendSCSIGetHostNumber(sysfs_path, host) 0) { +if (virStorageBackendISCSIGetHostNumber(sysfs_path, host) 0) { virReportSystemError(errno, _(Failed to get host number for iSCSI session with path '%s'), diff --git a/src/storage/storage_backend_scsi.c b/src/storage/storage_backend_scsi.c index cc1ebe2..1bf6c0b 100644 --- a/src/storage/storage_backend_scsi.c +++ b/src/storage/storage_backend_scsi.c @@ -547,45 +547,6 @@ out: return retval; } - -int -virStorageBackendSCSIGetHostNumber(const char *sysfs_path, - uint32_t *host) -{ -int retval = 0; -DIR *sysdir = NULL; -struct dirent *dirent = NULL; - -VIR_DEBUG(Finding host number from '%s', sysfs_path); - -virFileWaitForDevices(); - -sysdir = opendir(sysfs_path); - -if (sysdir == NULL) { -virReportSystemError(errno, - _(Failed to opendir path '%s'), sysfs_path); -retval = -1; -goto out; -} - -while ((dirent = readdir(sysdir))) { -if (STREQLEN(dirent-d_name, target, strlen(target))) { -if (sscanf(dirent-d_name, - target%u:, host) != 1) { -VIR_DEBUG(Failed to parse target '%s', dirent-d_name); -retval = -1; -break; -} -} -} - -closedir(sysdir); -out: -return retval; -} - - static int virStorageBackendSCSITriggerRescan(uint32_t host) { diff --git a/src/storage/storage_backend_scsi.h b/src/storage/storage_backend_scsi.h index 1cdd0da..0984fd5 100644 --- a/src/storage/storage_backend_scsi.h +++ b/src/storage/storage_backend_scsi.h @@ -33,9 +33,6 @@ extern virStorageBackend virStorageBackendSCSI; int -virStorageBackendSCSIGetHostNumber(const char *sysfs_path, - uint32_t *host); -int virStorageBackendSCSIFindLUs(virStoragePoolObjPtr pool, uint32_t scanhost); -- 1.8.0.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/7] storage: Make the adapter name be consistent with node device driver
node device driver names the HBA like scsi_host5, but storage driver uses host5, which could make the user confused. This changes them to be consistent. However, for back-compat reason, adapter name like host5 is still supported. v1 - v2: * Use virStrToLong_ui instead of sscanf * No tests addition or changes, because this patch only affects the way scsi backend works for adapter, adding xml2xml tests for it is just meaningless. --- docs/formatstorage.html.in | 15 ++- src/storage/storage_backend_scsi.c | 54 +- 2 files changed, 50 insertions(+), 19 deletions(-) diff --git a/docs/formatstorage.html.in b/docs/formatstorage.html.in index eff3016..5fae933 100644 --- a/docs/formatstorage.html.in +++ b/docs/formatstorage.html.in @@ -89,13 +89,14 @@ dtcodeadapter/code/dt ddProvides the source for pools backed by SCSI adapters. May only occur once. Attribute codename/code is the SCSI adapter -name (ex. host1). Attribute codetype/code -(span class=since1.0.4/span) specifies the adapter type. -Valid value are fc_host and scsi_host. If omitted and -the codename/code attribute is specified, then it defaults to -scsi_host. To keep backwards compatibility, the attribute -codetype/code is optional for the scsi_host adapter, but -mandatory for the fc_host adapter. Attributes codewwnn/code +name (ex. scsi_host1. NB, although a name such as host1 is +still supported for backwards compatibility, it is not recommended). +Attribute codetype/code (span class=since1.0.4/span) +specifies the adapter type. Valid value are fc_host and scsi_host. +If omitted and the codename/code attribute is specified, then it +defaults to scsi_host. To keep backwards compatibility, the +attribute codetype/code is optional for the scsi_host adapter, +but mandatory for the fc_host adapter. Attributes codewwnn/code (Word Wide Node Name) and codewwpn/code (Word Wide Port Name) (span class=since1.0.4/span) are used by the fc_host adapter to uniquely indentify the device in the Fibre Channel storage farbic diff --git a/src/storage/storage_backend_scsi.c b/src/storage/storage_backend_scsi.c index c1c163e..cc1ebe2 100644 --- a/src/storage/storage_backend_scsi.c +++ b/src/storage/storage_backend_scsi.c @@ -632,14 +632,49 @@ out: } static int +getHostNumber(const char *adapter_name, + unsigned int *result) +{ +char *host = (char *)adapter_name; + +/* Specifying adapter like 'host5' is still supported for + * back-compat reason. + */ +if (STRPREFIX(host, scsi_host)) { +host += strlen(scsi_host); +} else if (STRPREFIX(host, host)) { +host += strlen(host); +} else { +virReportError(VIR_ERR_INTERNAL_ERROR, + _(invalid adapter name '%s' for scsi pool), + adapter_name); +return -1; +} + +if (result virStrToLong_ui(host, NULL, 10, result) == -1) { +virReportError(VIR_ERR_INTERNAL_ERROR, + _(invalid adapter name '%s' for scsi pool), + adapter_name); +return -1; +} + +return 0; +} + +static int virStorageBackendSCSICheckPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool, bool *isActive) { char *path; +unsigned int host; *isActive = false; -if (virAsprintf(path, /sys/class/scsi_host/%s, pool-def-source.adapter.data.name) 0) { + +if (getHostNumber(pool-def-source.adapter.data.name, host) 0) +return -1; + +if (virAsprintf(path, /sys/class/scsi_host/host%d, host) 0) { virReportOOMError(); return -1; } @@ -656,29 +691,24 @@ static int virStorageBackendSCSIRefreshPool(virConnectPtr conn ATTRIBUTE_UNUSED, virStoragePoolObjPtr pool) { -int retval = 0; -uint32_t host; +int ret = -1; +unsigned int host; pool-def-allocation = pool-def-capacity = pool-def-available = 0; -if (sscanf(pool-def-source.adapter.data.name, host%u, host) != 1) { -VIR_DEBUG(Failed to get host number from '%s', -pool-def-source.adapter.data.name); -retval = -1; +if (getHostNumber(pool-def-source.adapter.data.name, host) 0) goto out; -} VIR_DEBUG(Scanning host%u, host); -if (virStorageBackendSCSITriggerRescan(host) 0) { -retval = -1; +if (virStorageBackendSCSITriggerRescan(host) 0) goto out; -} virStorageBackendSCSIFindLUs(pool, host); +ret = 0; out: -return retval; +return ret; } -- 1.8.0.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix virConnectOpen.*() name requirements
On 03/25/2013 04:54 PM, Martin Kletzander wrote: virConnectOpenAuth didn't require 'name' to be specified (VIR_DEBUG used NULLSTR() for the output) and by default, if name == NULL, the default connection uri is used. This was not indicated in the documentation and wasn't checked for in other API's VIR_DEBUG outputs. --- Thanks to Guannan's patch, this makes the following possible in python: conn = libvirt.open() which I personally find pretty nice. --- Self-NACK, not quite true, since this function (and some others) are overridden. Will send a v2. Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv4 10/9] virCaps: Get rid of defaultConsoleTargetType callback
This patch refactors various places to allow removing of the defaultConsoleTargetType callback from the virCaps structure. A new console character device target type is introduced - VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE - to mark that no type was specified in the XML. This type is at the end converted to the standard VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL. Other types that are different from this default have to be processed separately in the device post parse callback. --- Notes: Version 4: - new in series src/conf/capabilities.h | 3 - src/conf/domain_conf.c | 269 +-- src/conf/domain_conf.h | 3 +- src/esx/esx_driver.c | 8 -- src/libxl/libxl_conf.c | 11 -- src/libxl/libxl_driver.c | 19 +++ src/lxc/lxc_conf.c | 8 -- src/lxc/lxc_domain.c | 17 +++ src/openvz/openvz_conf.c | 10 +- src/openvz/openvz_driver.c | 16 +++ src/parallels/parallels_driver.c | 7 - src/phyp/phyp_driver.c | 9 -- src/qemu/qemu_capabilities.c | 13 -- src/qemu/qemu_domain.c | 7 + src/security/virt-aa-helper.c| 7 - src/test/test_driver.c | 9 -- src/uml/uml_conf.c | 9 -- src/uml/uml_driver.c | 24 +++- src/vbox/vbox_tmpl.c | 9 -- src/vmware/vmware_conf.c | 9 -- src/xen/xen_driver.c | 28 +++- src/xen/xen_driver.h | 2 + src/xen/xen_hypervisor.c | 11 -- src/xenapi/xenapi_driver.c | 28 ++-- tests/testutilslxc.c | 9 -- tests/testutilsqemu.c| 11 -- tests/testutilsxen.c | 16 --- tests/vmx2xmltest.c | 7 - tests/xmconfigtest.c | 2 +- tests/xml2sexprtest.c| 3 +- tests/xml2vmxtest.c | 7 - 31 files changed, 278 insertions(+), 313 deletions(-) diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h index 6b65e6a..abcf6de 100644 --- a/src/conf/capabilities.h +++ b/src/conf/capabilities.h @@ -160,9 +160,6 @@ struct _virCaps { size_t nguests; size_t nguests_max; virCapsGuestPtr *guests; - -/* Move to virDomainXMLConf later */ -int (*defaultConsoleTargetType)(const char *ostype, virArch guestarch); }; diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index f7fb282..70da739 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -385,6 +385,7 @@ VIR_ENUM_IMPL(virDomainChrChannelTarget, VIR_ENUM_IMPL(virDomainChrConsoleTarget, VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_LAST, + none, serial, xen, uml, @@ -2345,9 +2346,11 @@ virDomainDeviceInfoClearCCWAddress(virDomainDefPtr def ATTRIBUTE_UNUSED, return 0; } -int virDomainDeviceInfoIterate(virDomainDefPtr def, - virDomainDeviceInfoCallback cb, - void *opaque) +static int +virDomainDeviceInfoIterateInternal(virDomainDefPtr def, + virDomainDeviceInfoCallback cb, + bool all, + void *opaque) { int i; virDomainDeviceDef device; @@ -2411,9 +2414,11 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def, return -1; } for (i = 0; i def-nconsoles ; i++) { -if (i == 0 -def-consoles[i]-targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL -STREQ_NULLABLE(def-os.type, hvm)) +if (!all +i == 0 +(def-consoles[i]-targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_SERIAL || + def-consoles[i]-targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE) + STREQ_NULLABLE(def-os.type, hvm)) continue; device.data.chr = def-consoles[i]; if (cb(def, device, def-consoles[i]-info, opaque) 0) @@ -2489,11 +2494,22 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def, } +int +virDomainDeviceInfoIterate(virDomainDefPtr def, + virDomainDeviceInfoCallback cb, + void *opaque) +{ +return virDomainDeviceInfoIterateInternal(def, cb, false, opaque); +} + + /* this is a place for global assumption checks */ static int virDomainDefPostParseInternal(virDomainDefPtr def, virCapsPtr caps ATTRIBUTE_UNUSED) { +int i; + /* verify init path for container based domains */ if (STREQ(def-os.type, exe) !def-os.init) { virReportError(VIR_ERR_XML_ERROR, %s, @@ -2538,6 +2554,91 @@ virDomainDefPostParseInternal(virDomainDefPtr def, return -1; } +/* + * Some really crazy backcompat stuff for consoles + * + * Historically the first (and only) 'console' element in an HVM guest + * was treated as being an alias for a serial device. + * + *
[libvirt] [PATCH] virsh: Let the compiler check usage of all fields in vshCmdOptType enum
Get rid of the default labels to do so. --- tools/virsh.c | 4 1 file changed, 4 deletions(-) diff --git a/tools/virsh.c b/tools/virsh.c index b574d7e..0a9ac6f 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -1172,8 +1172,6 @@ vshCmddefHelp(vshControl *ctl, const char *cmdname) case VSH_OT_ALIAS: /* aliases are intentionally undocumented */ continue; -default: -assert(0); } fputc(' ', stdout); fprintf(stdout, fmt, opt-name); @@ -1215,8 +1213,6 @@ vshCmddefHelp(vshControl *ctl, const char *cmdname) break; case VSH_OT_ALIAS: continue; -default: -assert(0); } fprintf(stdout, %-15s %s\n, buf, _(opt-help)); -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Revert qemu: detect multi-head qxl via more than version check
On Mon, Mar 25, 2013 at 08:48:02 -0600, Eric Blake wrote: On 03/15/2013 12:33 PM, Eric Blake wrote: This reverts commit 5ac846e42e5b7e0475f6aa9cc1e0b0c8dac84d44. Ping - this really needs to go in 1.0.4. ACK Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virsh: Let the compiler check usage of all fields in vshCmdOptType enum
On 03/25/13 17:21, Peter Krempa wrote: Get rid of the default labels to do so. --- tools/virsh.c | 4 1 file changed, 4 deletions(-) diff --git a/tools/virsh.c b/tools/virsh.c index b574d7e..0a9ac6f 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -1172,8 +1172,6 @@ vshCmddefHelp(vshControl *ctl, const char *cmdname) case VSH_OT_ALIAS: /* aliases are intentionally undocumented */ continue; -default: -assert(0); } fputc(' ', stdout); fprintf(stdout, fmt, opt-name); @@ -1215,8 +1213,6 @@ vshCmddefHelp(vshControl *ctl, const char *cmdname) break; case VSH_OT_ALIAS: continue; -default: -assert(0); } fprintf(stdout, %-15s %s\n, buf, _(opt-help)); Hum, this patch removes the last two asserts from this file so syntax-check would fail with this patch. I squashed the removal of #include assert.h from virsh.c in my private branch. Peter -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] python: set default value to optional arguments
On 03/25/2013 04:28 PM, Martin Kletzander wrote: On 03/25/2013 10:18 AM, Guannan Ren wrote: When prefixing with string (optional) or optional in the description of arguments to libvirt C APIs, in python, these arguments will be set as optional arugments, for example: [...] We have a check for flags being always unsigned long, so I see no place this could make any problems. ACK, If you didn't push this yet, I suggest squashing this in as I failed to see this the first time: diff --git a/python/generator.py b/python/generator.py index 7586ffc..5adf3e0 100755 --- a/python/generator.py +++ b/python/generator.py @@ -1334,6 +1334,11 @@ def buildWrappers(module): if n != 0: classes.write(, ) classes.write(%s % arg[0]) +if arg[0] == flags or is_optional_arg(arg[2]): +if is_integral_type(arg[1]): +classes.write(=0) +else: +classes.write(=None) n = n + 1 classes.write():\n) writeDoc(module, name, args, '', classes) -- Thanks, Martin -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Revert qemu: detect multi-head qxl via more than version check
On 03/25/2013 10:24 AM, Jiri Denemark wrote: On Mon, Mar 25, 2013 at 08:48:02 -0600, Eric Blake wrote: On 03/15/2013 12:33 PM, Eric Blake wrote: This reverts commit 5ac846e42e5b7e0475f6aa9cc1e0b0c8dac84d44. Ping - this really needs to go in 1.0.4. ACK Thanks; pushed. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virsh: Let the compiler check usage of all fields in vshCmdOptType enum
On 03/25/2013 10:31 AM, Peter Krempa wrote: On 03/25/13 17:21, Peter Krempa wrote: Get rid of the default labels to do so. --- tools/virsh.c | 4 1 file changed, 4 deletions(-) case VSH_OT_ALIAS: continue; -default: -assert(0); } fprintf(stdout, %-15s %s\n, buf, _(opt-help)); Hum, this patch removes the last two asserts from this file so syntax-check would fail with this patch. I squashed the removal of #include assert.h from virsh.c in my private branch. ACK with that squashed in. Safe to include in 1.0.4. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] net: use newer iptables syntax
Hi all, iptables-1.4.18 removed the long deprecated state match. Use conntrack instead in forwarding rules. Fixes openSUSE bug https://bugzilla.novell.com/811251 #811251. real patch is attached as I'm pretty sure that thunderbird will mess it up otherwise :( Basically it's s/--match state/--match conntrack/ s/--state /--ctstate/ in src/til/viriptables.c Best regards, Stefan -- Stefan Seyfried Linux Consultant Developer Mail: seyfr...@b1-systems.de GPG Key: 0x731B665B B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 From 1aa2736263537e7856db9820bce835c1b3c2b51a Mon Sep 17 00:00:00 2001 From: Stefan Seyfried seife+...@b1-systems.com Date: Mon, 25 Mar 2013 20:27:46 +0100 Subject: [PATCH] net: use newer iptables syntax iptables-1.4.18 removed the long deprecated state match. Use conntrack instead in forwarding rules. Fixes openSUSE bug https://bugzilla.novell.com/811251 #811251. --- src/util/viriptables.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/util/viriptables.c b/src/util/viriptables.c index 8cfafc0..19d6161 100644 --- a/src/util/viriptables.c +++ b/src/util/viriptables.c @@ -480,8 +480,8 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx, --destination, networkstr, --in-interface, physdev, --out-interface, iface, ---match, state, ---state, ESTABLISHED,RELATED, +--match, conntrack, +--ctstate, ESTABLISHED,RELATED, --jump, ACCEPT, NULL); } else { @@ -490,8 +490,8 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx, action, --destination, networkstr, --out-interface, iface, ---match, state, ---state, ESTABLISHED,RELATED, +--match, conntrack, +--ctstate, ESTABLISHED,RELATED, --jump, ACCEPT, NULL); } -- 1.8.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv4 1/9] conf: Add post XML parse callbacks and prepare for cleaning of virCaps
On 03/15/2013 11:26 AM, Peter Krempa wrote: This patch adds instrumentation that will allow hypervisor drivers to fill and validate domain and device definitions after parsed by the XML parser. With this patch, after the XML is parsed, a callback to the driver is issued requesing to fill and validate driver specific details of the configuration. This allows to use sensible defaults and checks on a per driver basis at the time the XML is parsed. Two callback pointers are stored in the new virDomainXMLConf object: * virDomainDeviceDefPostParseCallback (devicesConfCallback) - called for a single device parsed and for every single device in a domain config. A virDomainDeviceDefPtr is passed along with the domain definition and virCaps. * virDomainDefPostParseCallback, (domainConfCallback) - A callback that is meant to process the domain config after it's parsed. A virDomainDefPtr is passed along with virCaps. Both types of callbacks support arbitrary opaque data passed for the callback functions. Errors may be reported in those callbacks resulting in a XML parsing failure. --- Notes: Version 4: - added support for opaque data for the callback - removed post-devices domain config callback until it's needed - renamed the structure holding the data as it will also contain some defaults as values - squashed patch adding the new argument to the contstructor src/conf/domain_conf.c | 101 +-- src/conf/domain_conf.h | 27 +-- src/esx/esx_driver.c | 2 +- src/libxl/libxl_driver.c | 9 ++-- src/lxc/lxc_conf.c | 4 +- src/lxc/lxc_driver.c | 6 ++- src/openvz/openvz_conf.c | 1 + src/openvz/openvz_driver.c | 6 +-- src/parallels/parallels_driver.c | 2 +- src/phyp/phyp_driver.c | 6 +-- src/qemu/qemu_conf.c | 3 +- src/qemu/qemu_driver.c | 11 +++-- src/security/virt-aa-helper.c| 2 +- src/test/test_driver.c | 2 +- src/uml/uml_driver.c | 7 ++- src/vbox/vbox_tmpl.c | 10 ++-- src/vmware/vmware_driver.c | 2 +- src/xen/xen_driver.c | 2 +- src/xen/xend_internal.c | 6 +-- src/xen/xm_internal.c| 2 + src/xenapi/xenapi_driver.c | 2 +- tests/testutilsxen.c | 2 +- tests/xml2vmxtest.c | 2 +- 23 files changed, 173 insertions(+), 44 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 3278e9c..a1b634b 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -73,6 +73,9 @@ struct _virDomainObjList { struct _virDomainXMLConf { virObject parent; +/* XML parser callbacks and defaults */ +virDomainDefParserConfig config; + /* domain private data management callbacks */ virDomainXMLPrivateDataCallbacks privateData; @@ -732,6 +735,7 @@ static virClassPtr virDomainObjListClass; static virClassPtr virDomainXMLConfClass; static void virDomainObjDispose(void *obj); static void virDomainObjListDispose(void *obj); +static void virDomainXMLConfClassDispose(void *obj); static int virDomainObjOnceInit(void) { @@ -750,7 +754,7 @@ static int virDomainObjOnceInit(void) if (!(virDomainXMLConfClass = virClassNew(virClassForObject(), virDomainXMLConf, sizeof(virDomainXMLConf), - NULL))) + virDomainXMLConfClassDispose))) return -1; return 0; @@ -759,13 +763,24 @@ static int virDomainObjOnceInit(void) VIR_ONCE_GLOBAL_INIT(virDomainObj) +static void +virDomainXMLConfClassDispose(void *obj) +{ +virDomainXMLConfPtr xmlconf = obj; + +if (xmlconf-config.privFree) +(xmlconf-config.privFree)(xmlconf-config.priv); +} + + /** * virDomainXMLConfNew: * * Allocate a new domain XML configuration */ virDomainXMLConfPtr -virDomainXMLConfNew(virDomainXMLPrivateDataCallbacksPtr priv, +virDomainXMLConfNew(virDomainDefParserConfigPtr config, +virDomainXMLPrivateDataCallbacksPtr priv, virDomainXMLNamespacePtr xmlns) { virDomainXMLConfPtr xmlconf; @@ -779,6 +794,9 @@ virDomainXMLConfNew(virDomainXMLPrivateDataCallbacksPtr priv, if (priv) xmlconf-privateData = *priv; +if (config) +xmlconf-config = *config; + if (xmlns) xmlconf-ns = *xmlns; @@ -2469,6 +2487,73 @@ int virDomainDeviceInfoIterate(virDomainDefPtr def, } +static int +virDomainDeviceDefPostParse(virDomainXMLConfPtr xmlconf, +virDomainDeviceDefPtr dev, +virDomainDefPtr def, +
Re: [libvirt] [Qemu-devel] libvirt-QEMU interfaces for CPU models
On Fri, Mar 01, 2013 at 11:56:00PM +0100, Jiri Denemark wrote: [...] = Getting information about CPU models = Requirement: libvirt uses the predefined CPU models from QEMU, but it needs to be able to query for CPU model details, to find out how it can create a VM that matches what was requested by the user. Current problem: libvirt has a copy of the CPU model definitions on its cpu_map.xml file, and the copy can be out of sync in case CPU models in QEMU change. libvirt also assumes that the set of features on each model is always the same on all machine-types, which is not true. Challenge: the resulting CPU features depend on lots of factors, including the machine-type. Workaround: start a paused VM and query for the CPU device information after the CPU was created. I just noticed another problem here, but this gave me an idea that would help solve the enforce error reporting problem: Problem: qemu -machine M -cpu model will create CPU objects where the CPU features are _already_ filtered based on host capabilities. Ah, it seems logical now that you mention it :-) * Using enforce wouldn't solve it, because then QEMU would abort, and QMP would be unavailable. Solution: we could have a CPU object property like removed-features that would have the list of features that were disabled because they are not supported by the host (and would make enforce fail). * This would solve the problem above and also be a machine-friendly way to check for possible enforce errors. * In other words: instead of enforce, libvirt could use check instead of enforce, and before unpausing the VM (or even starting migration), it should first check if the removed-features property is empty. Would that work for you? Yes, that seems like it could work. In fact, it seems much better than using enforce and trying to deal with aborted QEMU. To make the libvirt logic simpler, we could do this: have a force mode (in addition to check/enforce), that wouldn't filter any CPU feature based on host capabilities. This way libvirt wouldn't need any non-trivial logic to combine the f-* flags and removed-features to find out the CPU model details. Then libvirt would need to look only at f-* to find out the CPU model details at probing time (as long as force is used at probing time), and just make sure removed-features is empty before starting the VM (optionally parsing its value or checking the f-* property values, to find out which features are missing exactly). -- Eduardo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv4 2/9] qemu: Record the default NIC model in the domain XML
On 03/15/2013 11:26 AM, Peter Krempa wrote: This patch implements the devices post parse cllback and uses it to fill the default qemu network card model into the XML if none is specified. Libvirt assumes that the network card model for qemu is the rtl8139. Record this in the XML using the new callback to avoid user confusion. As I recall (from a previous Fedora-specific patch I had to make that forced all fedora-13 machinetypes in configs to be changed to pc-0.14), just causing the parser to fill this in will not cause the default value to actually be written to the config files. So when we get to the point where we want to change the default, we won't have actually addressed the issue of making sure that existing configs continue to use rtl8139 rather than abruptly changing the guest's hardware at next boot (or when migrated to another host). If we want to assure that existing guests have their default netdev model written to config, we'll need to actually force the config to be rewritten to disk. Take a look at the patch named libvirt-qemu-replace-deprecated-fedora-13-machine.patch in fedora-git's f16 branch for libvirt to see what I'm talking about. It's really quite ugly :-( --- Notes: Version 4: - tweaked naming after previous changes src/qemu/qemu_conf.c | 2 +- src/qemu/qemu_domain.c | 26 ++ src/qemu/qemu_domain.h | 1 + .../qemuxml2argv-net-bandwidth.xml | 1 + .../qemuxml2argvdata/qemuxml2argv-net-client.args | 4 ++-- .../qemuxml2argv-net-eth-ifname.args | 4 ++-- .../qemuxml2argv-net-eth-ifname.xml| 1 + .../qemuxml2argv-net-eth-names.args| 8 +++ tests/qemuxml2argvdata/qemuxml2argv-net-eth.args | 4 ++-- tests/qemuxml2argvdata/qemuxml2argv-net-eth.xml| 1 + .../qemuxml2argvdata/qemuxml2argv-net-hostdev.xml | 1 + tests/qemuxml2argvdata/qemuxml2argv-net-mcast.args | 4 ++-- .../qemuxml2argv-net-openvswitch.xml | 1 + .../qemuxml2argvdata/qemuxml2argv-net-server.args | 4 ++-- tests/qemuxml2argvdata/qemuxml2argv-net-user.args | 3 ++- tests/qemuxml2argvdata/qemuxml2argv-net-user.xml | 1 + .../qemuxml2argv-net-virtio-network-portgroup.xml | 2 ++ .../qemuxml2xmlout-graphics-spice-timeout.xml | 1 + 18 files changed, 53 insertions(+), 16 deletions(-) diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index d67debd..128baf8 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -554,7 +554,7 @@ virQEMUDriverConfigPtr virQEMUDriverGetConfig(virQEMUDriverPtr driver) virDomainXMLConfPtr virQEMUDriverCreateXMLConf(void) { -return virDomainXMLConfNew(NULL, +return virDomainXMLConfNew(virQEMUDriverDomainDefParserConfig, virQEMUDriverPrivateDataCallbacks, virQEMUDriverDomainXMLNamespace); } diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index c79b05d..51db3da 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -647,6 +647,7 @@ qemuDomainDefNamespaceFormatXML(virBufferPtr buf, return 0; } + static const char * qemuDomainDefNamespaceHref(void) { @@ -662,6 +663,31 @@ virDomainXMLNamespace virQEMUDriverDomainXMLNamespace = { }; +static int +qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, + virDomainDefPtr def ATTRIBUTE_UNUSED, + virCapsPtr caps ATTRIBUTE_UNUSED, + void *opaque ATTRIBUTE_UNUSED) +{ +if (dev-type == VIR_DOMAIN_DEVICE_NET +dev-data.net-type != VIR_DOMAIN_NET_TYPE_HOSTDEV) { +if (!dev-data.net-model +!(dev-data.net-model = strdup(rtl8139))) +goto no_memory; +} +return 0; + +no_memory: +virReportOOMError(); +return -1; +} + + +virDomainDefParserConfig virQEMUDriverDomainDefParserConfig = { +.devicesConfigCallback = qemuDomainDeviceDefPostParse, +}; + + static void qemuDomainObjSaveJob(virQEMUDriverPtr driver, virDomainObjPtr obj) { diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 26d5859..089ced0 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -342,5 +342,6 @@ void qemuDomainCleanupRun(virQEMUDriverPtr driver, extern virDomainXMLPrivateDataCallbacks virQEMUDriverPrivateDataCallbacks; extern virDomainXMLNamespace virQEMUDriverDomainXMLNamespace; +extern virDomainDefParserConfig virQEMUDriverDomainDefParserConfig; #endif /* __QEMU_DOMAIN_H__ */ diff --git a/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml b/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml index bf7dde5..885e854 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml +++ b/tests/qemuxml2argvdata/qemuxml2argv-net-bandwidth.xml @@ -44,6
Re: [libvirt] [PATCHv4 6/9] conf: Enforce ranges on cputune variables
On 03/15/2013 11:26 AM, Peter Krempa wrote: The limits are documented at http://libvirt.org/formatdomain.html#elementsCPUTuning . Enforce them when going through XML parsing in addition to being enforced by the API. What's the rationale for doing this validation during the post-parse rather than just doing it as the cputune elements are being parsed? They don't depend on any device that might be modified during a post-parse callback (or any other unrelated part of the domain). My opinion is that a separate post-parse validation should only be done if: 1) the validation depends on hypervisor (in which case it will be done in a hypervisor-specific callback) 2) the validation depends on some other element of the domain object (in which case it would be done in virDomainDefPostParseInternal, as you've done here) or 2a) the validation depends on some other element of the domain that could be changed by a hypervisor-specific post-parse validation function. Doing it in a separate function when none of the above is true just has the effect of spreading out the parsing of a single element into multiple places, making it more difficult to understand and maintain the code. --- Notes: Version 4: - changed error from VIR_ERR_XML_ERROR to VIR_ERR_CONFIG_UNSUPPORTED Version 3: - new in series src/conf/domain_conf.c | 37 + 1 file changed, 37 insertions(+) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index fde88b2..5a59e3f 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2499,6 +2499,43 @@ virDomainDefPostParseInternal(virDomainDefPtr def, return -1; } +/* enforce range checks for cputune values */ +/* these are not represented in the XML schema, but are documented */ +if (def-cputune.period 0 +(def-cputune.period 1000 || def-cputune.period 100)) { +virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s, + _(Value of cputune period must be in range + [1000, 100])); +return -1; +} + +if (def-cputune.emulator_period 0 +(def-cputune.emulator_period 1000 || + def-cputune.emulator_period 100)) { +virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s, + _(Value of cputune emulator_period must be in range + [1000, 100])); +return -1; +} + +if (def-cputune.quota 0 +(def-cputune.quota 1000 || + def-cputune.quota 18446744073709551)) { +virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s, + _(Value of cputune quota must be in range + [1000, 18446744073709551])); +return -1; +} + +if (def-cputune.emulator_quota 0 +(def-cputune.emulator_quota 1000 || + def-cputune.emulator_quota 18446744073709551)) { +virReportError(VIR_ERR_CONFIG_UNSUPPORTED, %s, + _(Value of cputune emulator_quota must be in range + [1000, 18446744073709551])); +return -1; +} + return 0; } -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Remove the redundant parentheses in migrate help
Signed-off-by: Yanbing Du y...@redhat.com --- tools/virsh-domain.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 128e516..592a6e8 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -8286,7 +8286,7 @@ static const vshCmdOptDef opts_migrate[] = { }, {.name = change-protection, .type = VSH_OT_BOOL, - .help = N_(prevent any configuration changes to domain until migration ends)) + .help = N_(prevent any configuration changes to domain until migration ends) }, {.name = unsafe, .type = VSH_OT_BOOL, -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] net: use newer iptables syntax
On Mon, Mar 25, 2013 at 08:39:40PM +0100, Stefan Seyfried wrote: Hi all, iptables-1.4.18 removed the long deprecated state match. Use conntrack instead in forwarding rules. Fixes openSUSE bug https://bugzilla.novell.com/811251 #811251. real patch is attached as I'm pretty sure that thunderbird will mess it up otherwise :( Basically it's s/--match state/--match conntrack/ s/--state /--ctstate/ This is supported by old iptables. (tested with 1.4.14) in src/til/viriptables.c Best regards, Stefan -- Stefan Seyfried Linux Consultant Developer Mail: seyfr...@b1-systems.de GPG Key: 0x731B665B B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537 From 1aa2736263537e7856db9820bce835c1b3c2b51a Mon Sep 17 00:00:00 2001 From: Stefan Seyfried seife+...@b1-systems.com Date: Mon, 25 Mar 2013 20:27:46 +0100 Subject: [PATCH] net: use newer iptables syntax iptables-1.4.18 removed the long deprecated state match. Use conntrack instead in forwarding rules. Fixes openSUSE bug https://bugzilla.novell.com/811251 #811251. --- src/util/viriptables.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/util/viriptables.c b/src/util/viriptables.c index 8cfafc0..19d6161 100644 --- a/src/util/viriptables.c +++ b/src/util/viriptables.c @@ -480,8 +480,8 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx, --destination, networkstr, --in-interface, physdev, --out-interface, iface, ---match, state, ---state, ESTABLISHED,RELATED, +--match, conntrack, +--ctstate, ESTABLISHED,RELATED, --jump, ACCEPT, NULL); } else { @@ -490,8 +490,8 @@ iptablesForwardAllowRelatedIn(iptablesContext *ctx, action, --destination, networkstr, --out-interface, iface, ---match, state, ---state, ESTABLISHED,RELATED, +--match, conntrack, +--ctstate, ESTABLISHED,RELATED, --jump, ACCEPT, NULL); } -- 1.8.2 ACK. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Remove the redundant parentheses in migrate help
On Tue, Mar 26, 2013 at 11:02:17AM +0800, Yanbing Du wrote: Signed-off-by: Yanbing Du y...@redhat.com --- tools/virsh-domain.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 128e516..592a6e8 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -8286,7 +8286,7 @@ static const vshCmdOptDef opts_migrate[] = { }, {.name = change-protection, .type = VSH_OT_BOOL, - .help = N_(prevent any configuration changes to domain until migration ends)) + .help = N_(prevent any configuration changes to domain until migration ends) }, {.name = unsafe, .type = VSH_OT_BOOL, -- 1.7.1 I think this one can be pushed according trivial rules. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Remove the redundant parentheses in migrate help
On 03/26/2013 11:27 AM, Hu Tao wrote: On Tue, Mar 26, 2013 at 11:02:17AM +0800, Yanbing Du wrote: Signed-off-by: Yanbing Du y...@redhat.com --- tools/virsh-domain.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c index 128e516..592a6e8 100644 --- a/tools/virsh-domain.c +++ b/tools/virsh-domain.c @@ -8286,7 +8286,7 @@ static const vshCmdOptDef opts_migrate[] = { }, {.name = change-protection, .type = VSH_OT_BOOL, - .help = N_(prevent any configuration changes to domain until migration ends)) + .help = N_(prevent any configuration changes to domain until migration ends) }, {.name = unsafe, .type = VSH_OT_BOOL, -- 1.7.1 I think this one can be pushed according trivial rules. Yes, I think so too. I pushed it. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] python: set default value to optional arguments
On 03/26/2013 12:48 AM, Martin Kletzander wrote: On 03/25/2013 04:28 PM, Martin Kletzander wrote: On 03/25/2013 10:18 AM, Guannan Ren wrote: When prefixing with string (optional) or optional in the description of arguments to libvirt C APIs, in python, these arguments will be set as optional arugments, for example: [...] We have a check for flags being always unsigned long, so I see no place this could make any problems. ACK, If you didn't push this yet, I suggest squashing this in as I failed to see this the first time: diff --git a/python/generator.py b/python/generator.py index 7586ffc..5adf3e0 100755 --- a/python/generator.py +++ b/python/generator.py @@ -1334,6 +1334,11 @@ def buildWrappers(module): if n != 0: classes.write(, ) classes.write(%s % arg[0]) +if arg[0] == flags or is_optional_arg(arg[2]): +if is_integral_type(arg[1]): +classes.write(=0) +else: +classes.write(=None) n = n + 1 classes.write():\n) writeDoc(module, name, args, '', classes) -- Thanks, Martin Yes, this code will set optional arguments for APIs which don't belong to any classes. Okay, I pushed it with these codes. Thanks. Guannan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list