[libvirt] [PATCH] LXC: don't free tty before using it in lxcContainerSetupDevices
Signed-off-by: Gao feng gaof...@cn.fujitsu.com --- .gnulib | 2 +- src/lxc/lxc_container.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gnulib b/.gnulib index 8f74258..4a5ee89 16 --- a/.gnulib +++ b/.gnulib @@ -1 +1 @@ -Subproject commit 8f7425866463f994538584d1dd7211603b8b0550 +Subproject commit 4a5ee89c8a8be7350a8fd8ca1bacb196a190e492 diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 1ec59d5..255c711 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1042,10 +1042,10 @@ static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths) if (virAsprintf(tty, /dev/tty%zu, i+1) 0) return -1; if (symlink(ttyPaths[i], tty) 0) { -VIR_FREE(tty); virReportSystemError(errno, _(Failed to symlink %s to %s), ttyPaths[i], tty); +VIR_FREE(tty); return -1; } VIR_FREE(tty); -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] LXC: mount /dev/pts/0 to /dev/console
Now, /dev/console is linked to the /dev/pts/0, so for the process agetty, the tty device of agetty is pts/0. this will cause login container failed. since pts/0 is not in the /etc/securetty. so pam module pam_securetty will prevent the root user logging on the system. this patch doesn't make /dev/console a symbol but binds /dev/pts/0 to it. so the tty device of agetty will be console. root can login the system successfully. Signed-off-by: Gao feng gaof...@cn.fujitsu.com --- src/lxc/lxc_container.c | 19 +-- 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 255c711..1cede41 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1049,12 +1049,19 @@ static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths) return -1; } VIR_FREE(tty); -if (i == 0 -symlink(ttyPaths[i], /dev/console) 0) { -virReportSystemError(errno, - _(Failed to symlink %s to /dev/console), - ttyPaths[i]); -return -1; +if (i == 0) { +if (virFileTouch(/dev/console, 0600) 0) { +virReportSystemError(errno, %s, + _(Failed to create /dev/console)); +return -1; +} + +if (mount(ttyPaths[0], /dev/console, NULL, MS_BIND, NULL) 0) { +virReportSystemError(errno, + _(Failed to symlink %s to /dev/console), + ttyPaths[i]); +return -1; +} } } return 0; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2] LXC: mount /dev/pts/0 to /dev/console
Now, /dev/console is linked to the /dev/pts/0, so for the process agetty, the tty device of agetty is pts/0. this will cause login container failed. since pts/0 is not in the /etc/securetty. so pam module pam_securetty will prevent the root user logging on the system. this patch doesn't make /dev/console a symbol but binds /dev/pts/0 to it. so the tty device of agetty will be console. root can login the system successfully. change from v1: 1,Add some comments. 2,Modify the System error report message. Signed-off-by: Gao feng gaof...@cn.fujitsu.com --- src/lxc/lxc_container.c | 22 -- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 255c711..9c71bad 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1049,12 +1049,22 @@ static int lxcContainerSetupDevices(char **ttyPaths, size_t nttyPaths) return -1; } VIR_FREE(tty); -if (i == 0 -symlink(ttyPaths[i], /dev/console) 0) { -virReportSystemError(errno, - _(Failed to symlink %s to /dev/console), - ttyPaths[i]); -return -1; +if (i == 0) { +if (virFileTouch(/dev/console, 0600) 0) { +virReportSystemError(errno, %s, + _(Failed to create /dev/console)); +return -1; +} +/* Binding /dev/console to pts, this will make agetty + * trust its tty device is console but not the pts device. + * So the pam_sercuretty module will not try to prevent + * root user logging on container. */ +if (mount(ttyPaths[0], /dev/console, NULL, MS_BIND, NULL) 0) { +virReportSystemError(errno, + _(Failed to bind %s to /dev/console), + ttyPaths[i]); +return -1; +} } } return 0; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Schedule for next release
On Mon, Oct 28, 2013 at 12:30:33PM +, Daniel P. Berrange wrote: On Fri, Oct 18, 2013 at 05:18:22PM -0400, Daniel Veillard wrote: Assuming we want to release around the end of the month means we ought to enter freeze next week around the 24 or 25, but I know I will be very busy and have a hard time on those days. So potentially I will try to do the freeze on the Saturday 26 for a release around Nov 1st, but there is a slight risk that the release of 1.1.4 will be postponed if I fail to this while in Edinburgh (BTW a lot of libvirt developpers will be there around the KVM forum and LinuxCon events). Guess we have a bit of a delay due to KVM Forum, since I didn't see an announcement from you about freeze. I say just start the freeze as soon as you see this message, so we can try to get a release done for, say, Monday 4th Nov ? Yup, I was supposed to tag on Saturday but after 2 weeks of travels and meetings I was exhausted and forgot ! 1.1.4-rc1 is tagged and i'm pushing bits, will send another mail for announce, sorry about this, Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veill...@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 REPOST 1/6] Add virFileIsMountPoint function
On 10/28/2013 11:40 PM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com Add a function for efficiently checking if a path is a filesystem mount point. NB will not work for bind mounts, only true filesystem mounts. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/libvirt_private.syms | 1 + src/util/virfile.c | 50 src/util/virfile.h | 2 ++ 3 files changed, 53 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index f1f817c..ea68490 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1188,6 +1188,7 @@ virFileIsAbsPath; virFileIsDir; virFileIsExecutable; virFileIsLink; +virFileIsMountPoint; virFileLinkPointsTo; virFileLock; virFileLoopDeviceAssociate; diff --git a/src/util/virfile.c b/src/util/virfile.c index 3a9980c..9fde99c 100644 --- a/src/util/virfile.c +++ b/src/util/virfile.c @@ -1518,6 +1518,56 @@ virFileIsExecutable(const char *file) return false; } + +/* + * Check that a file refers to a mount point. Trick is that for + * a mount point, the st_dev field will differ from the parent + * directory. + * + * Note that this will not detect bind mounts of dirs/files, + * only true filesystem mounts. + */ +int virFileIsMountPoint(const char *file) +{ +char *parent = NULL; +int ret = -1; +struct stat sb1, sb2; + +if (!(parent = mdir_name(file))) { +virReportOOMError(); +goto cleanup; +} + +VIR_DEBUG(Comparing '%s' to '%s', file, parent); + +if (stat(file, sb1) 0) { +if (errno == ENOENT) +ret = 0; +else +virReportSystemError(errno, + _(Cannot stat '%s'), + file); +goto cleanup; +} + +if (stat(parent, sb2) 0) { +virReportSystemError(errno, + _(Cannot stat '%s'), + parent); +goto cleanup; +} + +if (!S_ISDIR(sb1.st_mode)) VIR_FREE(parent) Acked-by: Gao feng gaof...@cn.fujitsu.com +return false; + +ret = sb1.st_dev != sb2.st_dev; +VIR_DEBUG(Is mount %d, ret); + + cleanup: +VIR_FREE(parent); +return ret; +} + #ifndef WIN32 /* Check that a file is accessible under certain * user gid. diff --git a/src/util/virfile.h b/src/util/virfile.h index 72d35ce..ff84719 100644 --- a/src/util/virfile.h +++ b/src/util/virfile.h @@ -156,6 +156,8 @@ bool virFileIsDir (const char *file) ATTRIBUTE_NONNULL(1); bool virFileExists(const char *file) ATTRIBUTE_NONNULL(1); bool virFileIsExecutable(const char *file) ATTRIBUTE_NONNULL(1); +int virFileIsMountPoint(const char *file) ATTRIBUTE_NONNULL(1); + char *virFileSanitizePath(const char *path); enum { -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 REPOST 0/6] Try to fix selinux/securityfs mount handling in LXC
On 10/28/2013 11:40 PM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com Update of https://www.redhat.com/archives/libvir-list/2013-October/msg00270.html Previously I just re-sent the one patch needing changes. This time I am reposting the whole series after rebasing. Daniel P. Berrange (6): Add virFileIsMountPoint function Remove unused 'opts' field from LXC basic mounts struct Remove pointless 'srcpath' variable in lxcContainerMountBasicFS Remove duplicate entries in lxcBasicMounts array Add flag to lxcBasicMounts to control use in user namespaces Skip any files which are not mounted on the host Ack this serial . Thanks! src/libvirt_private.syms | 1 + src/lxc/lxc_container.c | 86 +--- src/util/virfile.c | 50 src/util/virfile.h | 2 ++ 4 files changed, 105 insertions(+), 34 deletions(-) -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Entering freeze for libvirt-1.1.4
I finally tagged and genrated tarballs for RC1 of 1.1.4, so we have now entered freeze. The bits are available as usual at: ftp://libvirt.org/libvirt/ My initial testing doesn't show anything suspicious but is limited, so please give it a try, especially for portability issues ! If all goes well i will probably make an rc2 by Thurday and release 1.1.4 for good on Monday 4th. Give it a try ! thanks, Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veill...@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/2 v2]virsh: set --shareable and --mode's new member: excludeOption
On 10/28/2013 10:08 PM, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- tools/virsh-domain.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) NACK. Not necessary. My patch for aliasing already handles the exclusion of an alias with its canonical spelling. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/2 v2]virsh: introduce member excludeOption in vshCmdOptDef and improve auto complete with it
On 10/28/2013 10:08 PM, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com If we need to exclude one parameters from another, we could use this member to specify one. With this flag, we could archive what Eric comment on: https://www.redhat.com/archives/libvir-list/2013-October/msg00965.html 1. COMMAND TAB or COMMAND --TAB Auto complete will NOT show option that marked as VSH_OT_ALIAS 2. COMMAND --shTAB Auto complete will show --shareable (this one was marked as VSH_OT_ALIAS) 3. COMMAND --mode XXX TAB or COMMAND --mode XXX --shTAB Auto complete will NOT show --shareable (we set new member exclude_option for mode) 4. COMMAND --shareable --moTAB Auto complete will NOT show --mode (we set new member exclude_option for mode) Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- v2: use camelCase for struct members enable excludeOption to hold more than one options by a comma seperated string. I'm not sure we need this patch. Tab completion already needs to be improved for other reasons, and adding this patch just for the sake of patch 2/2, which I already said is probably not necessary, seems like it would just be churn for Tomas' work on overall improvements. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Push RPM deps down into libvirt-daemon-driver-XXXX sub-RPMs
From: Daniel P. Berrange berra...@redhat.com For inexplicable reasons, many of the 3rd party package deps were left against the 'libvirt-daemon' RPM when the drivers were split out. This makes a minimal install heavier that it should be. Push them all down into libvirt-daemon-driver-XXX so they're only pulled in when truely needed With this change applied, a minimal install of just the libvirt-daemon-driver-lxc RPM is reduced by 41 MB on a Fedora 19 host. Fedora cloud team has requested that we cut down minimal libvirt install size as much as is possible. Fixing these deps is the biggest win without coding work, per: https://bugzilla.redhat.com/show_bug.cgi?id=1012198 Signed-off-by: Daniel P. Berrange berra...@redhat.com --- libvirt.spec.in | 135 +++- 1 file changed, 66 insertions(+), 69 deletions(-) diff --git a/libvirt.spec.in b/libvirt.spec.in index fb4d46f..48feea5 100644 --- a/libvirt.spec.in +++ b/libvirt.spec.in @@ -657,31 +657,6 @@ Requires: avahi Requires: avahi-libs %endif %endif -%if %{with_network} -Requires: dnsmasq = 2.41 -Requires: radvd -%endif -%if %{with_network} || %{with_nwfilter} -Requires: iptables -Requires: iptables-ipv6 -%endif -%if %{with_nwfilter} -Requires: ebtables -%endif -%if %{with_netcf} (0%{?fedora} = 18 || 0%{?rhel} = 7) -Requires: netcf-libs = 0.2.2 -%endif -# needed for device enumeration -%if %{with_hal} -Requires: hal -%endif -%if %{with_udev} -%if 0%{?fedora} = 18 || 0%{?rhel} = 7 -Requires: systemd = 185 -%else -Requires: udev = 145 -%endif -%endif %if %{with_polkit} %if 0%{?fedora} = 12 || 0%{?rhel} =6 Requires: polkit = 0.93 @@ -689,50 +664,6 @@ Requires: polkit = 0.93 Requires: PolicyKit = 0.6 %endif %endif -%if %{with_storage_fs} -Requires: nfs-utils -# For mkfs -Requires: util-linux -# For glusterfs -%if 0%{?fedora} = 11 -Requires: glusterfs-client = 2.0.1 -%endif -%endif -%if %{with_qemu} -# From QEMU RPMs -Requires: /usr/bin/qemu-img -# For image compression -Requires: gzip -Requires: bzip2 -Requires: lzop -Requires: xz -%else -%if %{with_xen} -# From Xen RPMs -Requires: /usr/sbin/qcow-create -%endif -%endif -%if %{with_storage_lvm} -# For LVM drivers -Requires: lvm2 -%endif -%if %{with_storage_iscsi} -# For ISCSI driver -Requires: iscsi-initiator-utils -%endif -%if %{with_storage_disk} -# For disk driver -Requires: parted -Requires: device-mapper -%endif -%if %{with_storage_mpath} -# For multipath support -Requires: device-mapper -%endif -%if %{with_storage_sheepdog} -# For Sheepdog support -Requires: sheepdog -%endif %if %{with_cgconfig} Requires: libcgroup %endif @@ -788,6 +719,10 @@ Network filter configuration files for cleaning guest traffic Summary: Network driver plugin for the libvirtd daemon Group: Development/Libraries Requires: libvirt-daemon = %{version}-%{release} +Requires: dnsmasq = 2.41 +Requires: radvd +Requires: iptables +Requires: iptables-ipv6 %description daemon-driver-network The network driver plugin for the libvirtd daemon, providing @@ -801,6 +736,9 @@ bridge capabilities. Summary: Nwfilter driver plugin for the libvirtd daemon Group: Development/Libraries Requires: libvirt-daemon = %{version}-%{release} +Requires: iptables +Requires: iptables-ipv6 +Requires: ebtables %description daemon-driver-nwfilter The nwfilter driver plugin for the libvirtd daemon, providing @@ -814,6 +752,17 @@ iptables and ip6tables capabilities Summary: Nodedev driver plugin for the libvirtd daemon Group: Development/Libraries Requires: libvirt-daemon = %{version}-%{release} +# needed for device enumeration +%if %{with_hal} +Requires: hal +%endif +%if %{with_udev} +%if 0%{?fedora} = 18 || 0%{?rhel} = 7 +Requires: systemd = 185 +%else +Requires: udev = 145 +%endif +%endif %description daemon-driver-nodedev The nodedev driver plugin for the libvirtd daemon, providing @@ -827,6 +776,9 @@ capabilities. Summary: Interface driver plugin for the libvirtd daemon Group: Development/Libraries Requires: libvirt-daemon = %{version}-%{release} +%if %{with_netcf} (0%{?fedora} = 18 || 0%{?rhel} = 7) +Requires: netcf-libs = 0.2.2 +%endif %description daemon-driver-interface The interface driver plugin for the libvirtd daemon, providing @@ -850,6 +802,45 @@ an implementation of the secret key APIs. Summary: Storage driver plugin for the libvirtd daemon Group: Development/Libraries Requires: libvirt-daemon = %{version}-%{release} +%if %{with_storage_fs} +Requires: nfs-utils +# For mkfs +Requires: util-linux +# For glusterfs +%if 0%{?fedora} = 11 +Requires: glusterfs-client = 2.0.1 +%endif +
Re: [libvirt] [PATCH] virsh: new environment variable VIRSH_HISTSIZE
On 10/28/2013 08:05 AM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 02:38:46PM +0100, Pavel Raiskup wrote: Allow adjust the number of commands to remember in the command history. * tools/virsh.c (vshReadlineInit): Read and sanity the VIRSH_HISTSIZE variable. (VIRSH_HISTSIZE_MAX): New constant. * tools/virsh.pod: Document VIRSH_HISTSIZE variable. --- tools/virsh.c | 17 - tools/virsh.pod | 5 + 2 files changed, 21 insertions(+), 1 deletion(-) ACK ACK was given before freeze, so I pushed this even though it missed rc1, after fixing 'make syntax-check' (which only fails if you have cppi installed): preprocessor_indentation cppi: tools/virsh.c: line 2751: not properly indented maint.mk: incorrect preprocessor indentation -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 3/3] capabilities: add baselabel per sec driver/virt type to secmodel
On 10/28/2013 06:02 AM, Daniel P. Berrange wrote: On Fri, Oct 18, 2013 at 02:13:21PM +0200, Giuseppe Scrivano wrote: Expand the secmodel XML fragment of host with a sequence of baselabel's which describe the default security context used by libvirt with a specific security model and virtualization type: secmodel modelselinux/model doi0/doi baselabel type='kvm'system_u:system_r:svirt_t:s0/baselabel baselabel type='qemu'system_u:system_r:svirt_tcg_t:s0/baselabel /secmodel +const int virtTypes[] = {VIR_DOMAIN_VIRT_KVM, + VIR_DOMAIN_VIRT_QEMU, + VIR_DOMAIN_VIRT_LAST}; No need for having VIR_DOMAIN_VIRT_LAST here, since we have a handy ARRAY_CARDINALITY macro +for (j = 0; virtTypes[j] != VIR_DOMAIN_VIRT_LAST; j++) { eg for (j = 0 ; j ARRAY_CARDINALITY(virtTypes) ; j++) ACK with the following squashed in. Since 1 and 2 were acked before freeze, and the series seems like a low-risk addition (rather than a change to existing functionality), I'm okay with including this in 1.1.4, so I pushed. diff --git i/src/qemu/qemu_conf.c w/src/qemu/qemu_conf.c index 998d938..03c9c7d 100644 --- i/src/qemu/qemu_conf.c +++ w/src/qemu/qemu_conf.c @@ -612,8 +612,7 @@ virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver) const char *doi, *model, *lbl, *type; virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); const int virtTypes[] = {VIR_DOMAIN_VIRT_KVM, - VIR_DOMAIN_VIRT_QEMU, - VIR_DOMAIN_VIRT_LAST}; + VIR_DOMAIN_VIRT_QEMU,}; /* Basic host arch / guest machine capabilities */ if (!(caps = virQEMUCapsInit(driver-qemuCapsCache))) @@ -645,7 +644,7 @@ virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver) VIR_STRDUP(sm-doi, doi) 0) goto error; -for (j = 0; virtTypes[j] != VIR_DOMAIN_VIRT_LAST; j++) { +for (j = 0; j ARRAY_CARDINALITY(virtTypes); j++) { lbl = virSecurityManagerGetBaseLabel(sec_managers[i], virtTypes[j]); type = virDomainVirtTypeToString(virtTypes[j]); if (lbl -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: fix well-formed migration URI formatting
On Wed, 23 Oct 2013, Michael Chapman wrote: When adding an automatically allocated port to a well-formed migration URI, keep it well-formed: tcp://1.2.3.4/ - tcp://1.2.3.4/:12345 # wrong tcp://1.2.3.4/ - tcp://1.2.3.4:12345/ # fixed tcp://1.2.3.4 - tcp://1.2.3.4:12345# still works tcp:1.2.3.4 - tcp:1.2.3.4:12345 # still works (old syntax) Hi, I was wondering if anyone has had a chance to look at this patch. It's pretty straight-forward, just making sure that qemuMigrationPrepareDirect doesn't return a malformed migration URI when the one supplied doesn't have an explicit port number. without this patch, if the user supplies a well-formed tcp://ip/ migration URI without a port, QEMU on the source side of the migration is told to connect to the target on port 0, which obviously doesn't work too well. Regards, Michael -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Fix leak of objects when reconnecting to QEMU instances
From: Daniel P. Berrange berra...@redhat.com The 'error' cleanup block in qemuProcessReconnect() had a 'return' statement in the middle of it. This caused a leak of virConnectPtr virQEMUDriverConfigPtr instances. This was identified because netcf recently started checking its refcount in libvirtd shutdown: netcfStateCleanup:109 : internal error: Attempt to close netcf state driver with open connections Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_process.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 354e079..b278742 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -3219,10 +3219,7 @@ error: if (!virDomainObjIsActive(obj)) { if (virObjectUnref(obj)) virObjectUnlock(obj); -return; -} - -if (virObjectUnref(obj)) { +} else if (virObjectUnref(obj)) { /* We can't get the monitor back, so must kill the VM * to remove danger of it ending up running twice if * user tries to start it again later -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix race condition reconnecting to vms loading configs
On Mon, Oct 28, 2013 at 11:52:50AM +, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com The following sequence 1. Define a persistent QMEU guest 2. Start the QEMU guest 3. Stop libvirtd 4. Kill the QEMU process 5. Start libvirtd 6. List persistent guets At the last step, the previously running persistent guest will be missing. This is because of a race condition in the QEMU driver startup code. It does 1. Load all VM state files 2. Spawn thread to reconnect to each VM 3. Load all VM config files Only at the end of step 3, does the 'virDomainObjPtr' get marked as persistent. There is therefore a window where the thread reconnecting to the VM will remove the persistent VM from the list. The easy fix is to simply switch the order of steps 2 3. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_driver.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c613967..9c3daad 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -816,8 +816,6 @@ qemuStateInitialize(bool privileged, conn = virConnectOpen(cfg-uri); -qemuProcessReconnectAll(conn, qemu_driver); - /* Then inactive persistent configs */ if (virDomainObjListLoadAllConfigs(qemu_driver-domains, cfg-configDir, @@ -828,6 +826,7 @@ qemuStateInitialize(bool privileged, NULL, NULL) 0) goto error; +qemuProcessReconnectAll(conn, qemu_driver); virDomainObjListForEach(qemu_driver-domains, qemuDomainSnapshotLoad, Self-NACK. The qemuProcessReconnectAll() method assumes that *only* live configs have been loaded. Reordering this, makes it try to connect to all VMs, even those which were never live. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Push RPM deps down into libvirt-daemon-driver-XXXX sub-RPMs
On 10/29/2013 06:16 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com For inexplicable reasons, many of the 3rd party package deps were left against the 'libvirt-daemon' RPM when the drivers were split out. This makes a minimal install heavier that it should be. Push them all down into libvirt-daemon-driver-XXX so they're only pulled in when truely needed s/truely/truly/ With this change applied, a minimal install of just the libvirt-daemon-driver-lxc RPM is reduced by 41 MB on a Fedora 19 host. Fedora cloud team has requested that we cut down minimal libvirt install size as much as is possible. Fixing these deps is the biggest win without coding work, per: https://bugzilla.redhat.com/show_bug.cgi?id=1012198 Signed-off-by: Daniel P. Berrange berra...@redhat.com --- libvirt.spec.in | 135 +++- 1 file changed, 66 insertions(+), 69 deletions(-) ACK, worth having in 1.1.4. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix leak of objects when reconnecting to QEMU instances
On 10/29/2013 07:59 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com The 'error' cleanup block in qemuProcessReconnect() had a 'return' statement in the middle of it. This caused a leak of virConnectPtr virQEMUDriverConfigPtr instances. This was identified because netcf recently started checking its refcount in libvirtd shutdown: netcfStateCleanup:109 : internal error: Attempt to close netcf state driver with open connections Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_process.c | 5 + 1 file changed, 1 insertion(+), 4 deletions(-) ACK; worth having in 1.1.4. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Unable to provision VM attaching it directly to a OVS bridge
Moving this discussion from libvirt-users: Getting deeper and deeper :) $ egrep '^int vir*' util/virnetdevopenvswitch.c int virNetDevOpenvswitchAddPort(const char *brname, const char *ifname, int virNetDevOpenvswitchRemovePort(const char *brname ATTRIBUTE_UNUSED, const char *ifname) int virNetDevOpenvswitchGetMigrateData(char **migrate, const char *ifname) int virNetDevOpenvswitchSetMigrateData(char *migrate, const char *ifname) Libvirt by now basically support adding/removing port to a OVS bridge . Is there some planning on an OVS full support, like bridge creation/destroy, creating a VM attaching it to a OVS brige, etc, just like 'traditional' Linux bridge ? If so, Is anybody working on it ? regards Lucas Brasilino MSc Student @ Federal University of Pernambuco (UFPE) twitter: @lucas_brasilino 2013/10/29 Lucas Brasilino lr...@cin.ufpe.br: Hi Getting deeper, the error is raised by 'virDomainCreateLinux()'. Here comes the snippet of the XML argument passed to this call: (Pdb) print xmlDesc domain type='kvm' namevm2/name uuid3d713513-e8ee-994a-0eba-51128bd4b42e/uuid [...] interface type='bridge' source bridge='databr0'/ mac address='00:00:00:00:00:03'/ model type='virtio'/ /interface [...] /domain So libvirt network driver is surely trying to use 'databr0' as the common Linux bridge implementation, not an Open vSwitch bridge. I tried to add an virtualport='openvswitch'/ element in the XML created by virt-install and use 'virsh create' to create it but seems that libvirt's network driver does not support Open vSwitch when creating VM's. Is there some planning to support it ? Thanks! regards Lucas Brasilino MSc Student @ Federal University of Pernambuco (UFPE) twitter: @lucas_brasilino 2013/10/28 Lucas Brasilino lr...@cin.ufpe.br: Reposting from virt-tools mailing list: Hi! I'm facing a problem that could be triggered by some lacking of support from libvirt on Open vSwitch (or could be my mistake). I have interests in researching on virtual networks and SDN. To keep things simple, I've decided to use libvirt/virt-tools to manage VM's since my focus is on the network, instead of using a full feature system like OpenStack. I'm quite new with libvirt/virt-tools, but I have a good experience with openvswitch and other virtualizations technologies (which I dropped in libvirt/kvm favor). I'm using Fedora 19 packages openvswitch (1.11.0-1.fc19.x86_64) libvirt (1.0.5.6-3.fc19.x86_64) virt-install (0.10.0-4.fc19.noarch) I've created an OVS bridge (databr0) outside libvirt, and then defined it inside libvirt with: network namedatabr0/name forward mode='bridge'/ bridge name='databr0'/ virtualport type='openvswitch'/ /network And then 'net-autostart' and 'net-start' it with virsh. Now I've got: # virsh net-list Name State Autostart Persistent -- databr0 active yes yes When I try to provision an VM, if I use the virt-install option --network=bridge:databr0,model=virtio,mac=00:00:00:00:00:03 I got the following error: # virt-install --connect qemu:///system --virt-type kvm --name vm2 --ram 768 --disk path=/home/lucas/local/vm/images/vm2.img --vnc --cdrom /home/lucas/local/vm/fc19-x86_64.iso --network=bridge:databr0,model=virtio,mac=00:00:00:00:00:03 --os-type=linux --os-variant fedora19 Starting install... ERRORUnable to add bridge databr0 port vnet0: Operation not supported Domain installation does not appear to have been successful. If it was, you can restart your domain by running: virsh --connect qemu:///system start vm2 otherwise, please restart your installation. I just managed to create a VM when I use '--nonetworks' option and after I do a 'virtsh edit vm2' and add: interface type='bridge' mac address='00:00:00:00:00:03'/ source bridge='databr0'/ virtualport type='openvswitch'/ model type='virtio'/ address type='pci' domain='0x' bus='0x00' slot='0x05' function='0x0'/ /interface Well, I read elsewhere that openvswitch bridging isn't fully supported. Is it the case or I'm facing another kind of problem ? regards Att Lucas Brasilino MSc Student @ Federal University of Pernambuco (UFPE) twitter: @lucas_brasilino -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2] Fix race condition reconnecting to vms loading configs
From: Daniel P. Berrange berra...@redhat.com The following sequence 1. Define a persistent QMEU guest 2. Start the QEMU guest 3. Stop libvirtd 4. Kill the QEMU process 5. Start libvirtd 6. List persistent guets At the last step, the previously running persistent guest will be missing. This is because of a race condition in the QEMU driver startup code. It does 1. Load all VM state files 2. Spawn thread to reconnect to each VM 3. Load all VM config files Only at the end of step 3, does the 'virDomainObjPtr' get marked as persistent. There is therefore a window where the thread reconnecting to the VM will remove the persistent VM from the list. The easy fix is to simply switch the order of steps 2 3. In addition to this though, we must only attempt to reconnect to a VM which had a non-zero PID loaded from its state file. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_driver.c | 3 +-- src/qemu/qemu_process.c | 3 +++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c613967..9c3daad 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -816,8 +816,6 @@ qemuStateInitialize(bool privileged, conn = virConnectOpen(cfg-uri); -qemuProcessReconnectAll(conn, qemu_driver); - /* Then inactive persistent configs */ if (virDomainObjListLoadAllConfigs(qemu_driver-domains, cfg-configDir, @@ -828,6 +826,7 @@ qemuStateInitialize(bool privileged, NULL, NULL) 0) goto error; +qemuProcessReconnectAll(conn, qemu_driver); virDomainObjListForEach(qemu_driver-domains, qemuDomainSnapshotLoad, diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index b278742..bdffdf8 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -3253,6 +3253,9 @@ qemuProcessReconnectHelper(virDomainObjPtr obj, struct qemuProcessReconnectData *src = opaque; struct qemuProcessReconnectData *data; +if (!obj-pid) +return 0; + if (VIR_ALLOC(data) 0) return -1; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix race condition reconnecting to vms loading configs
On Mon, Oct 28, 2013 at 01:22:39PM -0400, Cole Robinson wrote: On 10/28/2013 01:14 PM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 01:08:45PM -0400, Cole Robinson wrote: On 10/28/2013 01:06 PM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 01:03:49PM -0400, Cole Robinson wrote: On 10/28/2013 07:52 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com The following sequence 1. Define a persistent QMEU guest 2. Start the QEMU guest 3. Stop libvirtd 4. Kill the QEMU process 5. Start libvirtd 6. List persistent guets At the last step, the previously running persistent guest will be missing. This is because of a race condition in the QEMU driver startup code. It does 1. Load all VM state files 2. Spawn thread to reconnect to each VM 3. Load all VM config files Only at the end of step 3, does the 'virDomainObjPtr' get marked as persistent. There is therefore a window where the thread reconnecting to the VM will remove the persistent VM from the list. The easy fix is to simply switch the order of steps 2 3. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_driver.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c613967..9c3daad 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -816,8 +816,6 @@ qemuStateInitialize(bool privileged, conn = virConnectOpen(cfg-uri); -qemuProcessReconnectAll(conn, qemu_driver); - /* Then inactive persistent configs */ if (virDomainObjListLoadAllConfigs(qemu_driver-domains, cfg-configDir, @@ -828,6 +826,7 @@ qemuStateInitialize(bool privileged, NULL, NULL) 0) goto error; +qemuProcessReconnectAll(conn, qemu_driver); virDomainObjListForEach(qemu_driver-domains, qemuDomainSnapshotLoad, I tried testing this patch to see if it would fix: https://bugzilla.redhat.com/show_bug.cgi?id=1015246 from current master I did: git revert a924d9d083c215df6044387057c501d9aa338b96 reproduce the bug git am your-patch But the daemon won't even start up after your patch is built: (gdb) bt #0 qemuMonitorOpen (vm=vm@entry=0x7fffd4211090, config=0x0, json=false, cb=cb@entry=0x7fffddcae720 monitorCallbacks, opaque=opaque@entry=0x7fffd419b840) at qemu/qemu_monitor.c:852 Sorry for not being clear: The daemon crashes, that's the backtrace. Hmm config is NULL - does the state XML files not include the monitor info perhaps ? I see: pidfile for busted VM in /var/run/libvirt/qemu nothing in /var/cache/libvirt/qemu no state that I can see in /var/lib/libvirt/qemu But I'm not sure where it's supposed to be stored. FWIW reproducing this state was pretty simple: revert a924d9d083c215df6044387057c501d9aa338b96, edit an existing x86 guest to remove all video and graphics devices, start the guest, libvirtd crashes. Ok, I believe you probably have SELinux disabled on your machine or in libvirtd. With SELinux enabled you hit another bug first 2013-10-29 13:50:11.711+: 17579: error : qemuConnectMonitor:1401 : Failed to set security context for monitor for rhel6x86_64 which prevents hitting the crash you report. The fix is the same in both cases - we must skip VMs with PID of zero. I've sent a v2 patch. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Fix race condition reconnecting to vms loading configs
On 10/29/2013 08:24 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com The following sequence 1. Define a persistent QMEU guest 2. Start the QEMU guest 3. Stop libvirtd 4. Kill the QEMU process 5. Start libvirtd 6. List persistent guets s/guets/guests/ The easy fix is to simply switch the order of steps 2 3. In addition to this though, we must only attempt to reconnect to a VM which had a non-zero PID loaded from its state file. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_driver.c | 3 +-- src/qemu/qemu_process.c | 3 +++ 2 files changed, 4 insertions(+), 2 deletions(-) ACK, good for 1.1.4. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: fix well-formed migration URI formatting
On 10/22/2013 10:15 PM, Michael Chapman wrote: When adding an automatically allocated port to a well-formed migration URI, keep it well-formed: tcp://1.2.3.4/ - tcp://1.2.3.4/:12345 # wrong tcp://1.2.3.4/ - tcp://1.2.3.4:12345/ # fixed tcp://1.2.3.4 - tcp://1.2.3.4:12345# still works tcp:1.2.3.4 - tcp:1.2.3.4:12345 # still works (old syntax) Signed-off-by: Michael Chapman m...@very.puzzling.org --- src/qemu/qemu_migration.c | 16 +--- 1 file changed, 13 insertions(+), 3 deletions(-) Apologies for the slow review time. ACK and pushed. A testsuite addition would also be nice, to prove we don't regress... -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix race condition reconnecting to vms loading configs
On 10/29/2013 10:25 AM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 01:22:39PM -0400, Cole Robinson wrote: On 10/28/2013 01:14 PM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 01:08:45PM -0400, Cole Robinson wrote: On 10/28/2013 01:06 PM, Daniel P. Berrange wrote: On Mon, Oct 28, 2013 at 01:03:49PM -0400, Cole Robinson wrote: On 10/28/2013 07:52 AM, Daniel P. Berrange wrote: From: Daniel P. Berrange berra...@redhat.com The following sequence 1. Define a persistent QMEU guest 2. Start the QEMU guest 3. Stop libvirtd 4. Kill the QEMU process 5. Start libvirtd 6. List persistent guets At the last step, the previously running persistent guest will be missing. This is because of a race condition in the QEMU driver startup code. It does 1. Load all VM state files 2. Spawn thread to reconnect to each VM 3. Load all VM config files Only at the end of step 3, does the 'virDomainObjPtr' get marked as persistent. There is therefore a window where the thread reconnecting to the VM will remove the persistent VM from the list. The easy fix is to simply switch the order of steps 2 3. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- src/qemu/qemu_driver.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index c613967..9c3daad 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -816,8 +816,6 @@ qemuStateInitialize(bool privileged, conn = virConnectOpen(cfg-uri); -qemuProcessReconnectAll(conn, qemu_driver); - /* Then inactive persistent configs */ if (virDomainObjListLoadAllConfigs(qemu_driver-domains, cfg-configDir, @@ -828,6 +826,7 @@ qemuStateInitialize(bool privileged, NULL, NULL) 0) goto error; +qemuProcessReconnectAll(conn, qemu_driver); virDomainObjListForEach(qemu_driver-domains, qemuDomainSnapshotLoad, I tried testing this patch to see if it would fix: https://bugzilla.redhat.com/show_bug.cgi?id=1015246 from current master I did: git revert a924d9d083c215df6044387057c501d9aa338b96 reproduce the bug git am your-patch But the daemon won't even start up after your patch is built: (gdb) bt #0 qemuMonitorOpen (vm=vm@entry=0x7fffd4211090, config=0x0, json=false, cb=cb@entry=0x7fffddcae720 monitorCallbacks, opaque=opaque@entry=0x7fffd419b840) at qemu/qemu_monitor.c:852 Sorry for not being clear: The daemon crashes, that's the backtrace. Hmm config is NULL - does the state XML files not include the monitor info perhaps ? I see: pidfile for busted VM in /var/run/libvirt/qemu nothing in /var/cache/libvirt/qemu no state that I can see in /var/lib/libvirt/qemu But I'm not sure where it's supposed to be stored. FWIW reproducing this state was pretty simple: revert a924d9d083c215df6044387057c501d9aa338b96, edit an existing x86 guest to remove all video and graphics devices, start the guest, libvirtd crashes. Ok, I believe you probably have SELinux disabled on your machine or in libvirtd. With SELinux enabled you hit another bug first 2013-10-29 13:50:11.711+: 17579: error : qemuConnectMonitor:1401 : Failed to set security context for monitor for rhel6x86_64 which prevents hitting the crash you report. The fix is the same in both cases - we must skip VMs with PID of zero. I've sent a v2 patch. Hmm, selinux is permissive here but not disabled. But I'll try your patches and report back. Thanks, Cole -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] storage: fix incorrect typedef
The rbd code had a confusing typedef ending in Ptr that was not actually a pointer, which made the rest of the code harder to read. This fixes things to actually pass by pointer rather than by copy. * src/storage/storage_backend_rbd.c (virStorageBackendStatePtr): Fix typedef. (virStorageBackendRBDOpenRADOSConn) (virStorageBackendRBDCloseRADOSConn) (volStorageBackendRBDRefreshVolInfo) (virStorageBackendRBDRefreshPool, virStorageBackendRBDDeleteVol) (virStorageBackendRBDCreateVol, virStorageBackendRBDRefreshVol) (virStorageBackendRBDResizeVol): Fix fallout. Signed-off-by: Eric Blake ebl...@redhat.com --- A quick git grep found no other instances of a '...Ptr' typedef that wasn't actually a pointer; but I can also add a syntax check to prevent that mistake if desired. src/storage/storage_backend_rbd.c | 46 +++ 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c index 60b48c2..4e18bf9 100644 --- a/src/storage/storage_backend_rbd.c +++ b/src/storage/storage_backend_rbd.c @@ -44,9 +44,9 @@ struct _virStorageBackendRBDState { }; typedef struct _virStorageBackendRBDState virStorageBackendRBDState; -typedef virStorageBackendRBDState virStorageBackendRBDStatePtr; +typedef virStorageBackendRBDState *virStorageBackendRBDStatePtr; -static int virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr *ptr, +static int virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr, virConnectPtr conn, virStoragePoolObjPtr pool) { @@ -223,21 +223,21 @@ static int virStorageBackendRBDCloseRADOSConn(virStorageBackendRBDStatePtr ptr) { int ret = 0; -if (ptr.ioctx != NULL) { +if (ptr-ioctx != NULL) { VIR_DEBUG(Closing RADOS IoCTX); -rados_ioctx_destroy(ptr.ioctx); +rados_ioctx_destroy(ptr-ioctx); ret = -1; } -ptr.ioctx = NULL; +ptr-ioctx = NULL; -if (ptr.cluster != NULL) { +if (ptr-cluster != NULL) { VIR_DEBUG(Closing RADOS connection); -rados_shutdown(ptr.cluster); +rados_shutdown(ptr-cluster); ret = -2; } -ptr.cluster = NULL; +ptr-cluster = NULL; -time_t runtime = time(0) - ptr.starttime; +time_t runtime = time(0) - ptr-starttime; VIR_DEBUG(RADOS connection existed for %ld seconds, runtime); return ret; @@ -249,7 +249,7 @@ static int volStorageBackendRBDRefreshVolInfo(virStorageVolDefPtr vol, { int ret = -1; rbd_image_t image; -if (rbd_open(ptr.ioctx, vol-name, image, NULL) 0) { +if (rbd_open(ptr-ioctx, vol-name, image, NULL) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(failed to open the RBD image '%s'), vol-name); @@ -298,7 +298,7 @@ static int virStorageBackendRBDRefreshPool(virConnectPtr conn, int ret = -1; int len = -1; char *name, *names = NULL; -virStorageBackendRBDStatePtr ptr; +virStorageBackendRBDState ptr; ptr.cluster = NULL; ptr.ioctx = NULL; @@ -373,7 +373,7 @@ static int virStorageBackendRBDRefreshPool(virConnectPtr conn, name += strlen(name) + 1; -if (volStorageBackendRBDRefreshVolInfo(vol, pool, ptr) 0) { +if (volStorageBackendRBDRefreshVolInfo(vol, pool, ptr) 0) { virStorageVolDefFree(vol); goto cleanup; } @@ -388,7 +388,7 @@ static int virStorageBackendRBDRefreshPool(virConnectPtr conn, cleanup: VIR_FREE(names); -virStorageBackendRBDCloseRADOSConn(ptr); +virStorageBackendRBDCloseRADOSConn(ptr); return ret; } @@ -398,7 +398,7 @@ static int virStorageBackendRBDDeleteVol(virConnectPtr conn, unsigned int flags) { int ret = -1; -virStorageBackendRBDStatePtr ptr; +virStorageBackendRBDState ptr; ptr.cluster = NULL; ptr.ioctx = NULL; @@ -431,7 +431,7 @@ static int virStorageBackendRBDDeleteVol(virConnectPtr conn, ret = 0; cleanup: -virStorageBackendRBDCloseRADOSConn(ptr); +virStorageBackendRBDCloseRADOSConn(ptr); return ret; } @@ -439,7 +439,7 @@ static int virStorageBackendRBDCreateVol(virConnectPtr conn, virStoragePoolObjPtr pool, virStorageVolDefPtr vol) { -virStorageBackendRBDStatePtr ptr; +virStorageBackendRBDState ptr; ptr.cluster = NULL; ptr.ioctx = NULL; int order = 0; @@ -475,14 +475,14 @@ static int virStorageBackendRBDCreateVol(virConnectPtr conn, goto cleanup; } -if (volStorageBackendRBDRefreshVolInfo(vol, pool, ptr) 0) { +if (volStorageBackendRBDRefreshVolInfo(vol, pool, ptr) 0) { goto cleanup; } ret = 0; cleanup: -virStorageBackendRBDCloseRADOSConn(ptr); +
[libvirt] [PATCH] apparmor: Fix typo in function name in driver struct initialization
Commit 64a68a4a introduced a typo in the initialization of the apparmor driver structure breaking the build with apparmor enabled. --- src/security/security_apparmor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index 776a470..a9f04d2 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -979,5 +979,5 @@ virSecurityDriver virAppArmorSecurityDriver = { .domainGetSecurityMountOptions = AppArmorGetMountOptions, -.getBaseLabel = AppArmoryGetBaseLabel, +.getBaseLabel = AppArmorGetBaseLabel, }; -- 1.8.3.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [Qemu-devel] pvpanic plans?
Ping! Hu Tao hu...@cn.fujitsu.com writes: Hi All, I know it's been a long time since this thread. But qemu 1.7 is releasing, do you have any consensus on this? Thanks. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] apparmor: Fix typo in function name in driver struct initialization
On Tue, Oct 29, 2013 at 05:03:43PM +0100, Peter Krempa wrote: Commit 64a68a4a introduced a typo in the initialization of the apparmor driver structure breaking the build with apparmor enabled. --- src/security/security_apparmor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index 776a470..a9f04d2 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -979,5 +979,5 @@ virSecurityDriver virAppArmorSecurityDriver = { .domainGetSecurityMountOptions = AppArmorGetMountOptions, -.getBaseLabel = AppArmoryGetBaseLabel, +.getBaseLabel = AppArmorGetBaseLabel, }; ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] storage: fix incorrect typedef
On Tue, Oct 29, 2013 at 10:00:17AM -0600, Eric Blake wrote: The rbd code had a confusing typedef ending in Ptr that was not actually a pointer, which made the rest of the code harder to read. This fixes things to actually pass by pointer rather than by copy. * src/storage/storage_backend_rbd.c (virStorageBackendStatePtr): Fix typedef. (virStorageBackendRBDOpenRADOSConn) (virStorageBackendRBDCloseRADOSConn) (volStorageBackendRBDRefreshVolInfo) (virStorageBackendRBDRefreshPool, virStorageBackendRBDDeleteVol) (virStorageBackendRBDCreateVol, virStorageBackendRBDRefreshVol) (virStorageBackendRBDResizeVol): Fix fallout. Signed-off-by: Eric Blake ebl...@redhat.com --- A quick git grep found no other instances of a '...Ptr' typedef that wasn't actually a pointer; but I can also add a syntax check to prevent that mistake if desired. src/storage/storage_backend_rbd.c | 46 +++ 1 file changed, 23 insertions(+), 23 deletions(-) ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] apparmor: Fix typo in function name in driver struct initialization
On 10/29/13 17:07, Daniel P. Berrange wrote: On Tue, Oct 29, 2013 at 05:03:43PM +0100, Peter Krempa wrote: Commit 64a68a4a introduced a typo in the initialization of the apparmor driver structure breaking the build with apparmor enabled. --- src/security/security_apparmor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index 776a470..a9f04d2 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -979,5 +979,5 @@ virSecurityDriver virAppArmorSecurityDriver = { .domainGetSecurityMountOptions = AppArmorGetMountOptions, -.getBaseLabel = AppArmoryGetBaseLabel, +.getBaseLabel = AppArmorGetBaseLabel, }; ACK Oops. I forgot to add --notes when using git format patch. The note would say that the patch was already pushed as trivial build-breaker. Thanks anyways. Daniel Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] PATCH: pci-subsystem: ixgbe: SR-IOV: kernel way to order driver's virtfn -entries is odd causing libvirt failures.
On 10/24/2013 11:12 AM, Daniel P. Berrange wrote: On Thu, Oct 24, 2013 at 09:52:31AM +0300, Niilona wrote: Hi. As Bjorn Helgaas recommend, this might be the item to discuss in the wider area. --- There is a behavior effecting virtfn -entries in sysfs, when amount of them increases over 10. Run VM's through LIBVIRT - QEMU/KVM, this causes : - MAC address setting by LIBVIRT disordered ie. setting targeted to wrong VF. - VLAN setting by LIBVIRT overall failed Basics of this are in /libvirt-x.x.x/src/util/virpci.c ; in function below, which don't order virtfn entries correctly. /* * Returns virtual functions of a physical function */ int virPCIGetVirtualFunctions(const char *sysfs_path, virPCIDeviceAddressPtr **virtual_functions, unsigned int *num_virtual_functions) { But I let you to decide which is best way to fix this, as if every application reads virtfn entries from PF's directory, they all need to sort entries in alphabet. order to avoid this influence. So personally I did get over this by adding pre-zeroes to names to have them in sorted order in PF's directory. Libvirt has to work correctly with all existing released kernels, so we have to fix libvirt to deal with ordering correctly. Thus changing the kernel naming here doesn't really help. We need to fix libvirt to deal with this. Right. Now that there is enough information to understand the problem wrt. libvirt, I can see that the main place this improper ordering of the device links causes an issue is in virPCIGetVirtualFunctionIndex() (and callers) - it assumes that the VF indexes will exactly match the index of each PCI device in the list returned by virPCIGetVirtualFunction(). (We've never made any guarantees about the ordering of virtual functions in the output of nodedev-dumpxml, but the return value from virPCIGetVirtualFunctionIndex is used by callers to fill in the netlink command to get/set a VF's mac address and vlan tag.) To fix this we need to modify virPCIGetVirtualFunctions to gather all virtfn%d entries in the PF's directory and sort them numerically (right now we just grab them in whatever order readdir() provides and put them in the list in that order). This will automatically fix virPCIGetVirtualFunctionIndex() and coincidentally make the ordering in nodedev-dumpxml proper. Of course even this will only work as long as lists of virtual functions are guaranteed to never be sparse (e.g. there can't be a virtfn22 unless there is also a virtfn21). My guess is that this is always true, but we should check for that in the new function and log an appropriate error in the case that we encounter a sparse list. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] the case for volatile nwfilters
I'd like oVirt to make a more extensive usage of libvirt's nwfilters in order to implement security groups, i.e. which protocol/port/host should be open on an interface. Since oVirt is cetrally-managed by ovirt-engine, filter definitions should be edited there and kept in its database. However, libivrt's domain xml requires to have a locally-defined filter as well: devices interface type='bridge' filterref filter='filter-name'/ /interface /devices We can leave with it by defining an ad-hoc filter before staring a VM, deleting it after the VM stops, and collecting garbage (due to system crashes) occasionally. It would be nicer if we could instead have just-in-time filter definition such as devices interface type='bridge' filter name='nameless' rule/ rule/ rule/ /filter /interface /devices avoiding nwfilter persistence. Would something like this be beneficial to other libvirt users? Would it be easy to implement within libvirt? Regards, Dan. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] maint: update to latest gnulib
On Mon, Oct 28, 2013 at 03:50:20PM -0600, Eric Blake wrote: Since we haven't quite frozen yet, it's time to pick up some fixes. I know at least cygwin benefits from this update. * .gnulib: Update to latest, in part for cygwin compilation. Even though that's not your fault, this might interest you: root@freebsd9:/home/jenkins/workspace/libvirt/platform/freebsd-9/gnulib/tests # ./test-poll Unconnected socket test... passed Connected sockets test... failed (expecting POLLHUP after shutdown) General socket test with fork... failed (expecting POLLHUP after shutdown) Pipe test... passed And two other tests fail as well. I, however, couldn't find a time to look at that, so I'm just sending this to you in case you'd like to go deeper with it. Martin signature.asc Description: Digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Add '+' to uid/gid printing for label processing
To ensure proper processing by virGetUserID() and virGetGroupID() of a uid/gid add a + prior to the uid/gid to denote it's really a uid/gid for the label. Signed-off-by: John Ferlan jfer...@redhat.com --- src/security/security_dac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 019c789..cb7d322 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -60,7 +60,7 @@ virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, priv-user = user; priv-group = group; -if (virAsprintf(priv-baselabel, %u:%u, +if (virAsprintf(priv-baselabel, +%u:+%u, (unsigned int) user, (unsigned int) group) 0) return -1; @@ -1064,7 +1064,7 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr, } break; case VIR_DOMAIN_SECLABEL_DYNAMIC: -if (virAsprintf(seclabel-label, %u:%u, +if (virAsprintf(seclabel-label, +%u:+%u, (unsigned int) priv-user, (unsigned int) priv-group) 0) return rc; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [libvirt-glib][PATCH V3] Add filterref and filterref parameter support.
This patch adds support for setting filterref's on interfaces. Also supported are parameters to the filterref's. V2: - alphabetical orderized (don't look it up!) Makefile.am - s/set_filter/set_name/ s/get_filter/get_name/ - remove trailing whitespace. - fix missing line. - add return_val_if_fail check. - moved qcow fix in demo to a new patch. - fixed new_from_xml(). V3: - added g_debug in add_filterref_parameter(); - more fixing new_from_xml(). - orderized (I like this word now) libvirt-gconfig.h includes. Signed-off-by: Ian Main im...@redhat.com --- examples/config-demo.py| 7 + libvirt-gconfig/Makefile.am| 4 + ...-gconfig-domain-interface-filterref-parameter.c | 101 + ...-gconfig-domain-interface-filterref-parameter.h | 75 ++ .../libvirt-gconfig-domain-interface-filterref.c | 159 + .../libvirt-gconfig-domain-interface-filterref.h | 76 ++ libvirt-gconfig/libvirt-gconfig-domain-interface.c | 41 ++ libvirt-gconfig/libvirt-gconfig-domain-interface.h | 5 + libvirt-gconfig/libvirt-gconfig.h | 2 + libvirt-gconfig/libvirt-gconfig.sym| 18 +++ 10 files changed, 488 insertions(+) create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-interface-filterref-parameter.c create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-interface-filterref-parameter.h create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-interface-filterref.c create mode 100644 libvirt-gconfig/libvirt-gconfig-domain-interface-filterref.h diff --git a/examples/config-demo.py b/examples/config-demo.py index 09b9e89..367d99a 100644 --- a/examples/config-demo.py +++ b/examples/config-demo.py @@ -35,6 +35,13 @@ domain.add_device(disk) interface = LibvirtGConfig.DomainInterfaceNetwork.new() interface.set_source(default) +filterref = LibvirtGConfig.DomainInterfaceFilterref.new() +filterref.set_name(clean-traffic) +parameter = LibvirtGConfig.DomainInterfaceFilterrefParameter.new() +parameter.set_name(IP) +parameter.set_value(205.23.12.40) +filterref.add_parameter(parameter) +interface.set_filterref(filterref) domain.add_device(interface) interface = LibvirtGConfig.DomainInterfaceUser.new() diff --git a/libvirt-gconfig/Makefile.am b/libvirt-gconfig/Makefile.am index 35dc978..0793da1 100644 --- a/libvirt-gconfig/Makefile.am +++ b/libvirt-gconfig/Makefile.am @@ -47,6 +47,8 @@ GCONFIG_HEADER_FILES = \ libvirt-gconfig-domain-input.h \ libvirt-gconfig-domain-interface.h \ libvirt-gconfig-domain-interface-bridge.h \ + libvirt-gconfig-domain-interface-filterref.h \ + libvirt-gconfig-domain-interface-filterref-parameter.h \ libvirt-gconfig-domain-interface-network.h \ libvirt-gconfig-domain-interface-user.h \ libvirt-gconfig-domain-memballoon.h \ @@ -129,6 +131,8 @@ GCONFIG_SOURCE_FILES = \ libvirt-gconfig-domain-input.c \ libvirt-gconfig-domain-interface.c \ libvirt-gconfig-domain-interface-bridge.c \ + libvirt-gconfig-domain-interface-filterref.c \ + libvirt-gconfig-domain-interface-filterref-parameter.c \ libvirt-gconfig-domain-interface-network.c \ libvirt-gconfig-domain-interface-user.c \ libvirt-gconfig-domain-memballoon.c \ diff --git a/libvirt-gconfig/libvirt-gconfig-domain-interface-filterref-parameter.c b/libvirt-gconfig/libvirt-gconfig-domain-interface-filterref-parameter.c new file mode 100644 index 000..e697e86 --- /dev/null +++ b/libvirt-gconfig/libvirt-gconfig-domain-interface-filterref-parameter.c @@ -0,0 +1,101 @@ +/* + * libvirt-gconfig-domain-interface-filterref-parameter.c: + * libvirt filterref parameters + * + * Copyright (C) 2013 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * http://www.gnu.org/licenses/. + * + * Authors: Ian Main im...@redhat.com + * Daniel P. Berrange berra...@redhat.com + */ + +#include config.h + +#include libvirt-gconfig/libvirt-gconfig.h +#include libvirt-gconfig/libvirt-gconfig-private.h + +#define
Re: [libvirt] [PATCH] storage: fix incorrect typedef
On 10/29/2013 10:07 AM, Daniel P. Berrange wrote: On Tue, Oct 29, 2013 at 10:00:17AM -0600, Eric Blake wrote: The rbd code had a confusing typedef ending in Ptr that was not actually a pointer, which made the rest of the code harder to read. This fixes things to actually pass by pointer rather than by copy. * src/storage/storage_backend_rbd.c (virStorageBackendStatePtr): Fix typedef. (virStorageBackendRBDOpenRADOSConn) (virStorageBackendRBDCloseRADOSConn) (volStorageBackendRBDRefreshVolInfo) (virStorageBackendRBDRefreshPool, virStorageBackendRBDDeleteVol) (virStorageBackendRBDCreateVol, virStorageBackendRBDRefreshVol) (virStorageBackendRBDResizeVol): Fix fallout. Signed-off-by: Eric Blake ebl...@redhat.com --- A quick git grep found no other instances of a '...Ptr' typedef that wasn't actually a pointer; but I can also add a syntax check to prevent that mistake if desired. Coming up in a separate thread. src/storage/storage_backend_rbd.c | 46 +++ 1 file changed, 23 insertions(+), 23 deletions(-) ACK Thanks; pushed. Daniel -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] maint: avoid further typedef accidents
To make it easier to forbid future attempts at a confusing typedef name ending in Ptr that isn't actually a pointer, insist that we follow our preferred style of 'typedef foo *fooPtr'. * cfg.mk (sc_forbid_const_pointer_typedef): Enforce consistent style, to prevent issue fixed in previous storage patch. * src/conf/capabilities.h (virCapsPtr): Fix offender. * src/security/security_stack.c (virSecurityStackItemPtr): Likewise. * tests/qemucapabilitiestest.c (testQemuDataPtr): Likewise. Signed-off-by: Eric Blake ebl...@redhat.com --- cfg.mk| 4 src/conf/capabilities.h | 4 ++-- src/security/security_stack.c | 2 +- tests/qemucapabilitiestest.c | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/cfg.mk b/cfg.mk index e9da282..1b2fd46 100644 --- a/cfg.mk +++ b/cfg.mk @@ -471,10 +471,14 @@ sc_correct_id_types: # const fooPtr a is the same as foo * const a, even though it is # usually desired to have foo const *a. It's easier to just prevent # the confusing mix of typedef vs. const placement. +# Also requires that all 'fooPtr' typedefs are actually pointers. sc_forbid_const_pointer_typedef: @prohibit='(^|[^])const \w*Ptr'\ halt='const fooPtr var does not declare what you meant' \ $(_sc_search_regexp) + @prohibit='typedef [^(]+ [^*]\w*Ptr\b' \ + halt='use correct style and type for Ptr typedefs' \ + $(_sc_search_regexp) # Forbid sizeof foo or sizeof (foo), require sizeof(foo) sc_size_of_brackets: diff --git a/src/conf/capabilities.h b/src/conf/capabilities.h index 5bc7bb5..ba99e1a 100644 --- a/src/conf/capabilities.h +++ b/src/conf/capabilities.h @@ -1,7 +1,7 @@ /* * capabilities.h: hypervisor capabilities * - * Copyright (C) 2006-2008, 2010, 2012 Red Hat, Inc. + * Copyright (C) 2006-2013 Red Hat, Inc. * Copyright (C) 2006-2008 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -162,7 +162,7 @@ struct _virDomainXMLNamespace { }; typedef struct _virCaps virCaps; -typedef virCaps* virCapsPtr; +typedef virCaps *virCapsPtr; struct _virCaps { virObject parent; diff --git a/src/security/security_stack.c b/src/security/security_stack.c index ff0f06b..0d42b21 100644 --- a/src/security/security_stack.c +++ b/src/security/security_stack.c @@ -30,7 +30,7 @@ typedef struct _virSecurityStackData virSecurityStackData; typedef virSecurityStackData *virSecurityStackDataPtr; typedef struct _virSecurityStackItem virSecurityStackItem; -typedef virSecurityStackItem* virSecurityStackItemPtr; +typedef virSecurityStackItem *virSecurityStackItemPtr; struct _virSecurityStackItem { virSecurityManagerPtr securityManager; diff --git a/tests/qemucapabilitiestest.c b/tests/qemucapabilitiestest.c index 28f12e7..d912171 100644 --- a/tests/qemucapabilitiestest.c +++ b/tests/qemucapabilitiestest.c @@ -27,7 +27,7 @@ #define VIR_FROM_THIS VIR_FROM_NONE typedef struct _testQemuData testQemuData; -typedef testQemuData * testQemuDataPtr; +typedef testQemuData *testQemuDataPtr; struct _testQemuData { virDomainXMLOptionPtr xmlopt; const char *base; -- 1.8.3.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] maint: update to latest gnulib
[adding bug-gnulib] On 10/29/2013 11:15 AM, Martin Kletzander wrote: On Mon, Oct 28, 2013 at 03:50:20PM -0600, Eric Blake wrote: Since we haven't quite frozen yet, it's time to pick up some fixes. I know at least cygwin benefits from this update. * .gnulib: Update to latest, in part for cygwin compilation. Even though that's not your fault, this might interest you: root@freebsd9:/home/jenkins/workspace/libvirt/platform/freebsd-9/gnulib/tests # ./test-poll Unconnected socket test... passed Connected sockets test... failed (expecting POLLHUP after shutdown) General socket test with fork... failed (expecting POLLHUP after shutdown) Pipe test... passed Has that test been failing prior to my submodule update for libvirt? This is likely a latent bug in gnulib that has been manifesting itself on FreeBSD for a much longer time period than just the month's worth of patches I pulled in by updating; but you are right that it would be nice to fix it upstream. And two other tests fail as well. I, however, couldn't find a time to look at that, so I'm just sending this to you in case you'd like to go deeper with it. Martin -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Add '+' to uid/gid printing for label processing
On 10/29/2013 12:52 PM, John Ferlan wrote: To ensure proper processing by virGetUserID() and virGetGroupID() of a uid/gid add a + prior to the uid/gid to denote it's really a uid/gid for the label. Signed-off-by: John Ferlan jfer...@redhat.com --- src/security/security_dac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK. Although unlikely, it is possible to have a system with a username that is purely digits, and where those digits don't match the underlying uid, so it is indeed nice that when we know we have a uid that we force the parser to skip a name lookup (which harmlessly fails on 99.99% of the systems, but which could potentially get wrong credentials on the rare system with odd usernames). Worth including in 1.1.4. diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 019c789..cb7d322 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -60,7 +60,7 @@ virSecurityDACSetUserAndGroup(virSecurityManagerPtr mgr, priv-user = user; priv-group = group; -if (virAsprintf(priv-baselabel, %u:%u, +if (virAsprintf(priv-baselabel, +%u:+%u, (unsigned int) user, (unsigned int) group) 0) return -1; @@ -1064,7 +1064,7 @@ virSecurityDACGenLabel(virSecurityManagerPtr mgr, } break; case VIR_DOMAIN_SECLABEL_DYNAMIC: -if (virAsprintf(seclabel-label, %u:%u, +if (virAsprintf(seclabel-label, +%u:+%u, (unsigned int) priv-user, (unsigned int) priv-group) 0) return rc; -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Add '+' to uid/gid printing for label processing
On 10/29/2013 04:13 PM, Eric Blake wrote: On 10/29/2013 12:52 PM, John Ferlan wrote: To ensure proper processing by virGetUserID() and virGetGroupID() of a uid/gid add a + prior to the uid/gid to denote it's really a uid/gid for the label. Signed-off-by: John Ferlan jfer...@redhat.com --- src/security/security_dac.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK. Although unlikely, it is possible to have a system with a username that is purely digits, and where those digits don't match the underlying uid, so it is indeed nice that when we know we have a uid that we force the parser to skip a name lookup (which harmlessly fails on 99.99% of the systems, but which could potentially get wrong credentials on the rare system with odd usernames). Worth including in 1.1.4. Thanks - this is now pushed. John It's also notable that without the patch, messages would be sent to /var/log/messages such as: Oct 19 10:13:21 myhost libvirtd[4055]: User record for user '1000' was not found: No such file or directory Oct 19 10:13:21 myhost libvirtd[4055]: Group record for user '1000' was not found: No such file or directory -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] MacOS: Re-add support for QEMU backend
On 10/28/2013 06:51 PM, Doug Goldstein wrote: The QEMU backend was disabled on Mac OS X without a reason in the code and due to refactors its difficult to understand when/why it was disabled. With QEMU being supported on Mac OS X there is no reason to disable QEMU on this platform. --- configure.ac | 6 +- 1 file changed, 1 insertion(+), 5 deletions(-) ACK. Okay for 1.1.4. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] MacOS: Handle changes to args in xdrproc_t
On 10/28/2013 12:05 PM, Doug Goldstein wrote: With Mac OS X 10.9, xdrproc_t is no longer defined as: typedef bool_t (*xdrproc_t) (XDR *, void *, ...); but instead as typedef bool-t (*xdrproc_t) (XDR *, void *, unsigned int); The rationale explained in the header is that using a vararg is incorrect and has a potential to change the ABI slightly. They decided to specify the exact number of parameters and for compatibility with old code decided to make the signature require 3 arguments. The third argument is ignored for cases that its not used and its recommended to supply a 0. --- configure.ac| 41 + src/rpc/virnetmessage.c | 10 -- 2 files changed, 49 insertions(+), 2 deletions(-) I'd like some feedback from someone else who can actually test this on MacOS, as well as FreeBSD, but it does seem reasonable to get in 1.1.4. diff --git a/configure.ac b/configure.ac index 1c5b168..f2bae88 100644 --- a/configure.ac +++ b/configure.ac @@ -697,6 +697,47 @@ if test x$with_remote = xyes || test x$with_libvirtd = xyes; then *) XDR_CFLAGS=$lv_cv_xdr_cflags ;; esac AC_SUBST([XDR_CFLAGS]) Not your fault, but we probably ought to move xdr stuff into m4/virt-xdr.m4 - but that can wait till post-release. + AC_DEFINE_UNQUOTED([XDRPROC_T_ARG_COUNT], [$lv_cv_xdrproc_t_args], + [number of arguments that xdrproc_t func ptr takes]) Seems reasonable; but I'm a bit worried about accepting args=2 in the cases where we actually needed the varargs to pass 3. It may be safer to pass 3 always, unless we have empirical evidence that uclibc will fail to compile if we don't limit to exactly 2 (and not just a thread archives where they were contemplating forcing just 2, but where I don't know if the thread was actually applied as a patch). +#if XDRPROC_T_ARG_COUNT == 3 +# define VIR_XDRPROC(proc, xdr, data) ((proc)((xdr), (data), 0)) +#else +# define VIR_XDRPROC(proc, xdr, data) ((proc)((xdr), (data))) +#endif This seems like a nice abstraction for the problem at hand. Here's hoping we get someone to provide test results in a timely manner. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH]docs: fix typos in formatnwfilter
From: Chen Hanxiao chenhanx...@cn.fujitsu.com s/initated/initiated Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- docs/formatnwfilter.html.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/formatnwfilter.html.in b/docs/formatnwfilter.html.in index 5e1c6bb..ec20300 100644 --- a/docs/formatnwfilter.html.in +++ b/docs/formatnwfilter.html.in @@ -2079,9 +2079,9 @@ To enable traffic for TCP ports 22 and 80 we will add 2 rules to enable this type of traffic. To allow the VM to send ping traffic we will add a rule for ICMP traffic. For simplicity reasons - we allow general ICMP traffic to be initated from the VM, not + we allow general ICMP traffic to be initiated from the VM, not just ICMP echo request and response messages. To then - disallow all other traffic to reach or be initated by the + disallow all other traffic to reach or be initiated by the VM we will then need to add a rule that drops all other traffic. Assuming our VM is called itest/i and the interface we want to associate our filter with is called ieth0/i, -- 1.8.2.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH]virsh: track alias option and improve error message when option duplicate its alias
From: Chen Hanxiao chenhanx...@cn.fujitsu.com commit 2b172a8effa712aee97a21a64d2d02060958f9b2 allow alias to expand to opt=value pair. That means alias may not look alike since then. With this patch we will also track alias. If we type command with one option and another marked as its alias, we will get an error message like: error: option '--AA' duplicate its alias '--AAA' Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- tools/virsh.c | 11 +-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/tools/virsh.c b/tools/virsh.c index bad78c9..423e2d8 100644 --- a/tools/virsh.c +++ b/tools/virsh.c @@ -1101,11 +1101,18 @@ vshCmddefGetOption(vshControl *ctl, const vshCmdDef *cmd, const char *name, if (VIR_STRDUP(*optstr, value + 1) 0) goto cleanup; } +*opts_seen |= 1 i; continue; } if ((*opts_seen (1 i)) opt-type != VSH_OT_ARGV) { -vshError(ctl, _(option --%s already seen), name); -goto cleanup; +if ((*opts_seen (1 (i - 1 { +vshError(ctl, _(option '--%s' duplicates its alias '--%s'), + cmd-opts[i].name, cmd-opts[i-1].name); +goto cleanup; +} else { +vshError(ctl, _(option '--%s' already seen), name); +goto cleanup; +} } *opts_seen |= 1 i; *opt_index = i; -- 1.8.2.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] MacOS: Handle changes to args in xdrproc_t
On Tue, Oct 29, 2013 at 6:28 PM, Eric Blake ebl...@redhat.com wrote: On 10/28/2013 12:05 PM, Doug Goldstein wrote: With Mac OS X 10.9, xdrproc_t is no longer defined as: typedef bool_t (*xdrproc_t) (XDR *, void *, ...); but instead as typedef bool-t (*xdrproc_t) (XDR *, void *, unsigned int); The rationale explained in the header is that using a vararg is incorrect and has a potential to change the ABI slightly. They decided to specify the exact number of parameters and for compatibility with old code decided to make the signature require 3 arguments. The third argument is ignored for cases that its not used and its recommended to supply a 0. --- configure.ac| 41 + src/rpc/virnetmessage.c | 10 -- 2 files changed, 49 insertions(+), 2 deletions(-) I'd like some feedback from someone else who can actually test this on MacOS, as well as FreeBSD, but it does seem reasonable to get in 1.1.4. Gave this a change a whirl on FreeBSD 9.2 and it was fine. But obviously more testing is better. + AC_DEFINE_UNQUOTED([XDRPROC_T_ARG_COUNT], [$lv_cv_xdrproc_t_args], + [number of arguments that xdrproc_t func ptr takes]) Seems reasonable; but I'm a bit worried about accepting args=2 in the cases where we actually needed the varargs to pass 3. It may be safer to pass 3 always, unless we have empirical evidence that uclibc will fail to compile if we don't limit to exactly 2 (and not just a thread archives where they were contemplating forcing just 2, but where I don't know if the thread was actually applied as a patch). fwiw, it appears that uclibc master [1] has not gone that route so I'm not sure what became of that thread. Hard coding our implementation to always pass 3 arguments was my other approach that I had mentioned on IRC but I wasn't sure about any negative repercussions on other platforms. [1] http://git.uclibc.org/uClibc/tree/include/rpc/xdr.h#n149 -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] MacOS: Re-add support for QEMU backend
On Tue, Oct 29, 2013 at 6:12 PM, Eric Blake ebl...@redhat.com wrote: On 10/28/2013 06:51 PM, Doug Goldstein wrote: The QEMU backend was disabled on Mac OS X without a reason in the code and due to refactors its difficult to understand when/why it was disabled. With QEMU being supported on Mac OS X there is no reason to disable QEMU on this platform. --- configure.ac | 6 +- 1 file changed, 1 insertion(+), 5 deletions(-) ACK. Okay for 1.1.4. Thanks. Pushed. -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list