1. 11 7月, 2013 1 次提交
  2. 01 7月, 2013 2 次提交
  3. 26 6月, 2013 2 次提交
  4. 20 6月, 2013 2 次提交
    • J
      lxc: Resolve issue with GetScheduler APIs for non running domain · f1e45445
      John Ferlan 提交于
      Cherry-picked from 38ada092
      
      As a consequence of the cgroup layout changes from commit 'cfed9ad4', the
      lxcDomainGetSchedulerParameters[Flags]()' and lxcGetSchedulerType() APIs
      failed to return data for a non running domain.  This can be seen through
      a 'virsh schedinfo <domain>' command which returns:
      
      Scheduler      : Unknown
      error: Requested operation is not valid: cgroup CPU controller is not mounted
      
      Prior to that change a non running domain would return:
      
      Scheduler      : posix
      cpu_shares     : 0
      vcpu_period    : 0
      vcpu_quota     : 0
      emulator_period: 0
      emulator_quota : 0
      
      This patch will restore the capability to return configuration only data
      for a non running domain regardless of whether cgroups are available.
      
      NOTE: Needed to change the VIR_STRDUP(ret, "posix"); to ret = strdup("posix");
            and added the virReportOOMError(); on failure.
      f1e45445
    • J
      qemu: Resolve issue with GetScheduler APIs for non running domain · f1729409
      John Ferlan 提交于
      Cherry-picked from b2375453
      
      As a consequence of the cgroup layout changes from commit '632f78ca', the
      qemuDomainGetSchedulerParameters[Flags]()' and qemuGetSchedulerType() APIs
      failed to return data for a non running domain.  This can be seen through
      a 'virsh schedinfo <domain>' command which returns:
      
      Scheduler      : Unknown
      error: Requested operation is not valid: cgroup CPU controller is not mounted
      
      Prior to that change a non running domain would return:
      
      Scheduler      : posix
      cpu_shares     : 0
      vcpu_period    : 0
      vcpu_quota     : 0
      emulator_period: 0
      emulator_quota : 0
      
      This patch will restore the capability to return configuration only data
      for a non running domain regardless of whether cgroups are available.
      
      NOTE: Needed to change the VIR_STRDUP(ret, "posix"); to ret = strdup("posix");
            and added the virReportOOMError(); on failure.
      f1729409
  5. 18 6月, 2013 4 次提交
  6. 13 6月, 2013 8 次提交
    • C
      Prep for release 1.0.5.2 · 419605b3
      Cole Robinson 提交于
      419605b3
    • C
      virsh: migrate: Don't disallow --p2p and --migrateuri · feb2d337
      Cole Robinson 提交于
      Because it's a valid combination. p2p still uses a separate channel
      for qemu migration, so there's value in letting the user specify a manual
      migrate URI for overriding auto-port, or libvirt's FQDN lookup.
      
      What _isn't_ allowed is --migrateuri and TUNNELLED, since there is
      no separate migration channel. Disallow that instead
      (cherry picked from commit 5e1de4fc)
      feb2d337
    • C
      qemu: migration: error if tunnelled + storage specified · 12b0af59
      Cole Robinson 提交于
      Since as the code indicates it doesn't work yet, so let's be
      explicit about it.
      (cherry picked from commit 98bbda00)
      12b0af59
    • C
      qemu: migration: Improve p2p error if we can't open conn · 69de4ce8
      Cole Robinson 提交于
      By actually showing the Open() error to the user
      (cherry picked from commit 5751fc4f)
      69de4ce8
    • D
      Add a virGetLastErrorMessage() function · 9b3455cb
      Daniel P. Berrange 提交于
      Apps using libvirt will often have code like
      
         if (virXXXX() < 0) {
            virErrorPtr err = virGetLastError();
            fprintf(stderr, "Something failed: %s\n",
                    err && err->message ? err->message :
                    "unknown error");
            return -1;
         }
      
      Checking for a NULL error object or message leads to very
      verbose code. A virGetLastErrorMessage() helper from libvirt
      can simplify this to
      
         if (virXXXX() < 0) {
            fprintf(stderr, "Something failed: %s\n",
                    virGetLastErrorMessage());
            return -1;
         }
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      (cherry picked from commit 69c6a58a)
      9b3455cb
    • C
      qemu: Don't report error on successful media eject · bdb58081
      Cole Robinson 提交于
      If we are just ejecting media, ret == -1 even after the retry loop
      determines that the tray is open, as requested. This means media
      disconnect always report's error.
      
      Fix it, and fix some other mini issues:
      
      - Don't overwrite the 'eject' error message if the retry loop fails
      - Move the retries decrement inside the loop, otherwise the final loop
        might succeed, yet retries == 0 and we will raise error
      - Setting ret = -1 in the disk->src check is unneeded
      - Fix comment typos
      
      cc: mprivozn@redhat.com
      (cherry picked from commit 406d8a98)
      bdb58081
    • M
      qemuDomainChangeEjectableMedia: Unlock domain while waiting for event · dc0efacb
      Michal Privoznik 提交于
      In 84c59ffa I've tried to fix changing ejectable media process. The
      process should go like this:
      
      1) we need to call 'eject' on the monitor
      2) we should wait for 'DEVICE_TRAY_MOVED' event
      3) now we can issue 'change' command
      
      However, while waiting in step 2) the domain monitor was locked. So
      even if qemu reported the desired event, the proper callback was not
      called immediately. The monitor handling code needs to lock the
      monitor in order to read the event. So that's the first lock we must
      not hold while waiting. The second one is the domain lock. When
      monitor handling code reads an event, the appropriate callback is
      called then. The first thing that each callback does is locking the
      corresponding domain as a domain or its device is about to change
      state. So we need to unlock both monitor and VM lock. Well, holding
      any lock while sleep()-ing is not the best thing to do anyway.
      (cherry picked from commit 543af79a)
      dc0efacb
    • C
      storage: Ensure 'qemu-img resize' size arg is a 512 multiple · 0e6aa8fc
      Christophe Fergeau 提交于
      qemu-img resize will fail with "The new size must be a multiple of 512"
      if libvirt doesn't round it first.
      This fixes rhbz#951495
      Signed-off-by: NChristophe Fergeau <cfergeau@redhat.com>
      (cherry picked from commit 9a8f39d0)
      0e6aa8fc
  7. 12 6月, 2013 1 次提交
    • S
      nwfilter: grab driver lock earlier during init (bz96649) · 12f18158
      Stefan Berger 提交于
      This patch is in relation to Bug 966449:
      
      https://bugzilla.redhat.com/show_bug.cgi?id=966449
      
      This is a patch addressing the coredump.
      
      Thread 1 must be calling  nwfilterDriverRemoveDBusMatches(). It does so with
      nwfilterDriverLock held. In the patch below I am now moving the
      nwfilterDriverLock(driverState) further up so that the initialization, which
      seems to either take a long time or is entirely stuck, occurs with the lock
      held and the shutdown cannot occur at the same time.
      
      Remove the lock in virNWFilterDriverIsWatchingFirewallD to avoid
      double-locking.
      
      (cherry picked from commit 0ec376c2)
      12f18158
  8. 10 6月, 2013 1 次提交
    • D
      Fix use of VIR_STRDUP vs strdup · ab7e3039
      Doug Goldstein 提交于
      Commit 894f7849 broke the v1.0.5-maint
      branch because VIR_STRDUP() didn't exist in the v1.0.5 release so the
      resulting build is missing that symbol.
      
      This patch is only for the v1.0.5-maint branch.
      ab7e3039
  9. 01 6月, 2013 2 次提交
  10. 31 5月, 2013 1 次提交
    • J
      qemu: escape literal IPv6 address in NBD migration · 894f7849
      Ján Tomko 提交于
      A literal IPv6 must be escaped, otherwise migration fails with:
      unable to execute QEMU command 'drive-mirror': address resolution failed
      for f0::0d:5901: Servname not supported for ai_socktype
      since QEMU treats everything after the first ':' as the port.
      (cherry picked from commit 2136327e)
      894f7849
  11. 29 5月, 2013 1 次提交
    • E
      build: fix build with older gcc · 0ecc5ad7
      Eric Blake 提交于
      gcc 4.1.2 (hello, RHEL 5!) fails to build on 32-bit platforms with:
      
      conf/domain_conf.c: In function 'virDomainDefParseXML':
      conf/domain_conf.c:10581: warning: integer constant is too large for 'long' type
      
      Problem introduced in commit f8e3221f.
      
      * src/conf/domain_conf.c (virDomainDefParseXML): Mark large constants.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      (cherry picked from commit f6817c70)
      0ecc5ad7
  12. 26 5月, 2013 1 次提交
  13. 22 5月, 2013 1 次提交
    • E
      cgroup: be robust against cgroup movement races · b4541a2f
      Eric Blake 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=965169 documents a
      problem starting domains when cgroups are enabled; I was able
      to reliably reproduce the race about 5% of the time when I added
      hooks to domain startup by 3 seconds (as that seemed to be about
      the length of time that qemu created and then closed a temporary
      thread, probably related to aio handling of initially opening
      a disk image).  The problem has existed since we introduced
      virCgroupMoveTask in commit 91028296 (v0.10.0).
      
      There are some inherent TOCTTOU races when moving tasks between
      kernel cgroups, precisely because threads can be created or
      completed in the window between when we read a thread id from the
      source and when we write to the destination.  As the goal of
      virCgroupMoveTask is merely to move ALL tasks into the new
      cgroup, it is sufficient to iterate until no more threads are
      being created in the old group, and ignoring any threads that
      die before we can move them.
      
      It would be nicer to start the threads in the right cgroup to
      begin with, but by default, all child threads are created in
      the same cgroup as their parent, and we don't want vcpu child
      threads in the emulator cgroup, so I don't see any good way
      of avoiding the move.  It would also be nice if the kernel were
      to implement something like rename() as a way to atomically move
      a group of threads from one cgroup to another, instead of forcing
      a window where we have to read and parse the source, then format
      and write back into the destination.
      
      * src/util/vircgroup.c (virCgroupAddTaskStrController): Ignore
      ESRCH, because a thread ended between read and write attempts.
      (virCgroupMoveTask): Loop until all threads have moved.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      (cherry picked from commit 83e4c775)
      b4541a2f
  14. 20 5月, 2013 1 次提交
  15. 18 5月, 2013 1 次提交
    • E
      tests: use portable shell code · 6a7ae990
      Eric Blake 提交于
      'make check' fails since commit 470d5c46 on any system with dash
      as /bin/sh, because '<<<' is a bash extension.  For example:
      
      nwfilterschematest: 23: /home/eblake/libvirt/tests/schematestutils.sh: Syntax error: redirection unexpected
      
      Also, there is no need to spawn a grep process when shell globbing
      can do the same.
      
      * tests/schematestutils.sh: Replace bashism and subprocess with a
      faster and portable construct.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      (cherry picked from commit 1d21b884)
      6a7ae990
  16. 17 5月, 2013 1 次提交
  17. 16 5月, 2013 1 次提交
    • J
      daemon: fix leak after listing all volumes · 71e7f139
      Ján Tomko 提交于
      CVE-2013-1962
      
      remoteDispatchStoragePoolListAllVolumes wasn't freeing the pool.
      The pool also held a reference to the connection, preventing it from
      getting freed and closing the netcf interface driver, which held two
      sockets open.
      (cherry picked from commit ca697e90)
      71e7f139
  18. 15 5月, 2013 1 次提交
  19. 11 5月, 2013 1 次提交
    • L
      util: fix virFileOpenAs return value and resulting error logs · ce902dca
      Laine Stump 提交于
      This resolves:
      
           https://bugzilla.redhat.com/show_bug.cgi?id=851411
           https://bugzilla.redhat.com/show_bug.cgi?id=955500
      
      The first problem was that virFileOpenAs was returning fd (-1) in one
      of the error cases rather than ret (-errno), so the caller thought
      that the error was EPERM rather than ENOENT.
      
      The second problem was that some log messages in the general purpose
      qemuOpenFile() function would always say "Failed to create" even if
      the caller hadn't included O_CREAT (i.e. they were trying to open an
      existing file).
      
      This fixes virFileOpenAs to jump down to the error return (which
      returns ret instead of fd) in the previously mentioned incorrect
      failure case of virFileOpenAs(), removes all error logging from
      virFileOpenAs() (since the callers report it), and modifies
      qemuOpenFile to appropriately use "open" or "create" in its log
      messages.
      
      NB: I seriously considered removing logging from all callers of
      virFileOpenAs(), but there is at least one case where the caller
      doesn't want virFileOpenAs() to log any errors, because it's just
      going to try again (qemuOpenFile()). We can't simply make a silent
      variation of virFileOpenAs() though, because qemuOpenFile() can't make
      the decision about whether or not it wants to retry until after
      virFileOpenAs() has already returned an error code.
      
      Likewise, I also considered changing virFileOpenAs() to return -1 with
      errno set on return, and may still do that, but only as a separate
      patch, as it obscures the intent of this patch too much.
      (cherry picked from commit a2c1bedb)
      ce902dca
  20. 09 5月, 2013 4 次提交
  21. 08 5月, 2013 1 次提交
    • L
      qemu: allocate network connections sooner during domain startup · 6597cc25
      Laine Stump 提交于
      VFIO device assignment requires a cgroup ACL to be setup for access to
      the /dev/vfio/nn "group" device for any devices that will be assigned
      to a guest. In the case of a host device that is allocated from a
      pool, it was being allocated during qemuBuildCommandLine(), which is
      called by qemuProcessStart() *after* the all-encompassing
      qemuSetupCgroup() was called, meaning that the standard Cgroup ACL
      setup wasn't creating ACLs for these devices allocated from pools.
      
      One possible solution was to manually add a single ACL down inside
      qemuBuildCommandLine() when networkAllocateActualDevice() is called,
      but that has two problems: 1) the function that adds the cgroup ACL
      requires a virDomainObjPtr, which isn't available in
      qemuBuildCommandLine(), and 2) we really shouldn't be doing network
      device setup inside qemuBuildCommandLine() anyway.
      
      Instead, I've created a new function called
      qemuNetworkPrepareDevices() which is called just before
      qemuPrepareHostDevices() during qemuProcessStart() (explanation of
      ordering in the comments), i.e. well before the call to
      qemuSetupCgroup(). To minimize code churn in a patch that will be
      backported to 1.0.5-maint, qemuNetworkPrepareDevices only does
      networkAllocateActualDevice() and the bare amount of setup required
      for type='hostdev network devices, but it eventually should do *all*
      device setup for guest network devices.
      
      Note that some of the code that was previously needed in
      qemuBuildCommandLine() is no longer required when
      networkAllocateActualDevice() is called earlier:
      
       * qemuAssignDeviceHostdevAlias() is already done further down in
         qemuProcessStart().
      
       * qemuPrepareHostdevPCIDevices() is called by
         qemuPrepareHostDevices() which is called after
         qemuNetworkPrepareDevices() in qemuProcessStart().
      
      As hinted above, this new function should be moved into a separate
      qemu_network.c (or similarly named) file along with
      qemuPhysIfaceConnect(), qemuNetworkIfaceConnect(), and
      qemuOpenVhostNet(), and expanded to call those functions as well, then
      the nnets loop in qemuBuildCommandLine() should be reduced to only
      build the commandline string (which itself can be in a separate
      qemuInterfaceBuilldCommandLine() function as suggested by
      Michal). However, this will require storing away an array of tapfd and
      vhostfd that are needed for the commandline, so I would rather do that
      in a separate patch and leave this patch at the minimum to fix the
      bug.
      (cherry picked from commit 8cd40e7e)
      6597cc25
  22. 07 5月, 2013 2 次提交