1. 10 3月, 2014 1 次提交
    • M
      conf: Utilize more of VIR_(APPEND|INSERT|DELETE)_ELEMENT · 2133441a
      Michal Privoznik 提交于
      This fixes a possible double free. In virNetworkAssignDef() if
      virBitmapNew() fails, then virNetworkObjFree(network) is called.
      However, with network->def pointing to actual @def. So if caller
      frees @def again, ...
      
      Moreover, this fixes one possible memory leak too. In
      virInterfaceAssignDef() if appending to the list of interfaces
      fails, we ought to call virInterfaceObjFree() instead of bare
      VIR_FREE().
      
      Although, in order to do that some array size variables needs
      to be turned into size_t rather than int.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      2133441a
  2. 25 2月, 2014 6 次提交
    • L
      conf: output actual netdev status in <interface> XML · 7d5bf484
      Laine Stump 提交于
      Until now, the "live" XML status of an <interface type='network'>
      device would always show the network information, rather than the
      exact hardware device that was used. It would also show the name of
      any portgroup the interface belonged to, rather than providing the
      configuration that was derived from that portgroup. As an example,
      given the following network definition:
      
      [A]
        <network>
          <name>testnet</name>
          <forward type='bridge' dev='p4p1_0'>
            <interface dev='p4p1_0'/>
            <interface dev='p4p1_1'/>
            <interface dev='p4p1_2'/>
            <interface dev='p4p1_3'/>
          </forward>
          <portgroup name='admin'>
            <bandwidth>
                <inbound average='1000' peak='5000' burst='1024'/>
                <outbound average='128' peak='256' burst='256'/>
            </bandwidth>
          </portgroup>
        </network>
      
      and the following domain <interface>:
      
      [B]
        <interface type='network'>
          <source network='testnet' portgroup='admin'/>
        </interface>
      
      the output of "virsh dumpxml $domain" while the domain was running
      would yield something like this:
      
      [C]
        <interface type='network'>
          <source network='testnet' portgroup='admin'/>
          <target dev='macvtap0'/>
          <alias name='net0'/>
          <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
        </interface>
      
      In order to learn the exact bandwidth information of the interface, a
      management application would need to retrieve the XML for testnet,
      then search for the portgroup named "admin". Even worse, there was no
      simple and standard way to learn which host physdev the macvtap0
      device is attached to.
      
      Internally, libvirt has always kept this information in the
      virDomainDef that is held in memory, as well as storing it in the
      (libvirt-internal-only) domain status XML (in
      /var/run/libvirt/qemu/$domain.xml). In order to not confuse the runtime
      "actual state" with the config of the device, it's internally stored
      like this:
      
      [D]
        <interface type='network'>
          <source network='testnet' portgroup='admin'/>
          <actual type='direct'>
            <source dev='p4p1_0' mode='bridge'/>
            <bandwidth>
                <inbound average='1000' peak='5000' burst='1024'/>
                <outbound average='128' peak='256' burst='256'/>
            </bandwidth>
          </actual>
          <target dev='macvtap0'/>
          <alias name='net0'/>
          <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
        </interface>
      
      This was never exposed outside of libvirt though, because I thought it
      would be too awkward for a management application to need to look in
      two places for the same information, but I also wasn't sure that it
      would be okay to overwrite the config info (in this case "<source
      network='testnet' portgroup='admin'/>") with the actual runtime info
      (everything inside <actual> above).
      
      Now we have a need for this information to be made available to
      management applications (in particular, so that a network "plugged"
      hook will have full information about the device that is being plugged
      in), so it's time to take the leap and decide that it is acceptable
      for the config info to be replaced with actual runtime state (but
      *only* when reporting domain live status, *not* when saving state in
      /var/run/libvirt/qemu/$domain.xml - that remains the same so that
      there is no loss of information). That is what this patch does - once
      applied, the output of "virsh dumpxml $domain" when the domain is
      running will contain something like this:
      
      [E]
        <interface type='direct'>
          <source dev='p4p1_0' mode='bridge'/>
          <bandwidth>
              <inbound average='1000' peak='5000' burst='1024'/>
              <outbound average='128' peak='256' burst='256'/>
          </bandwidth>
          <target dev='macvtap0'/>
          <alias name='net0'/>
          <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
        </interface>
      
      In effect, everything that is internally stored within <actual> is
      moved up a level to where a management application will expect
      it. This means that the management application will only look in a
      single place to learn - the type of interface in use, the name of the
      physdev (if relevant), the <bandwidth>, <vlan>, and <virtualport>
      settings in use.
      
      The potential downside is that a management app looking at this output
      will not see that the physdev 'p4p1_0' was actually allocated from the
      network named 'testnet', or that the bandwidth numbers were taken from
      the portgroup 'admin'. However, if they are interested in that info,
      they can always get the "inactive" XML for the domain.
      
      An example of where this could cause problems is in virt-manager's
      network device display, which shows the status of the device, but
      allows you to edit that status info and save it as the new
      config. Previously virt-manager would always display the information
      in example [C] above, and allow editing that. With this patch, it will
      instead display what is in [E] and allow editing it directly, which
      could lead to some confusion. I would suggest that virt-manager have
      an "edit" button which would change the display from the "live" xml to
      the "inactive" xml, so that editing would be done on that; such a
      change would both handle the new situation, and also be compatible
      with older releases.
      7d5bf484
    • L
      conf: new function virDomainActualNetDefContentsFormat · 9da98aa5
      Laine Stump 提交于
      This function is currently only called from one place, but in a
      subsequent patch will be called from a 2nd place.
      
      The new function exactly replicates the original behavior of the part
      of virDomainActualNetDefFormat() that it replaces, but takes a
      virDomainNetDefPtr instead of virDomainActualNetDefPtr, and uses the
      virDomainNetGetActual*() functions whenever possible, rather than
      reaching into def->data.network.actual - this is to be sure that we
      are reporting exactly what is being used internally, just in case
      there are any discrepancies (there shouldn't be).
      9da98aa5
    • L
      conf: re-situate <bandwidth> element in <interface> · 65487c0f
      Laine Stump 提交于
      This moves the call to virNetDevBandwidthFormat() in
      virDomainNetDefFormat() to be called right after the call to
      virNetDevVPortProfileFormat(), so that a single chunk of that function
      can be placed inside an if that conditionally calls
      virDomainActualNetDefContentsFormat() instead (next patch). The
      re-ordering necessitates modifying a couple of test data files.
      65487c0f
    • L
      conf: make virDomainNetDefFormat a public function · 7c39214c
      Laine Stump 提交于
      We will need to call virDomainNetDefFormat() from the network hook (in
      the network driver).
      7c39214c
    • L
      conf: handle null pointer in virNetDevVlanFormat · 79358733
      Laine Stump 提交于
      Other *Format() functions (e.g. virNetDevBandwidthFormat()) return
      with no action when called with a NULL *Def pointer. This makes
      virNetDevVlanFormat() consistent with that behavior.
      79358733
    • L
      conf: clarify what is returned for actual bandwidth and vlan · 6d4ffae4
      Laine Stump 提交于
      In practice, if a virDomainNetDef has a virDomainActualNetDef
      allocated, the ActualNetDef will *always* contain the bandwidth and
      vlan data from the NetDef (unless there was also a portgroup involved
      - see networkAllocateActualDevice()).
      
      However, virDomainNetGetActual(Bandwidth|Vlan)() were coded to make it
      appear as if it might be possible to have a valid bandwidth/vlan in
      the NetDef, but a NULL in the ActualNetDef. Believing this un-truth
      could lead to writing unnecessarily defensive code when dealing with
      the virDomainGetActual*() functions, so this patch makes it more
      obvious:
      
         If there is an ActualNetDef, it will always have a copy of the
         various appropriate bits from its parent NetDef, and the
         virDomainGetActual* function will *always* return the data from the
         ActualNetDef, not from the NetDef.
      
      The reason for this effective-NOP patch is that a subsequent patch to
      change virDomainNetDefFormat will rely on the above rule.
      6d4ffae4
  3. 20 2月, 2014 1 次提交
  4. 19 2月, 2014 4 次提交
  5. 18 2月, 2014 2 次提交
  6. 17 2月, 2014 2 次提交
  7. 15 2月, 2014 1 次提交
  8. 14 2月, 2014 2 次提交
  9. 13 2月, 2014 2 次提交
    • E
      event: pass reason for PM events · 6831c1d3
      Eric Blake 提交于
      Commit 57ddcc23 (v0.9.11) introduced the pmwakeup event, with
      an optional 'reason' field reserved for possible future expansion.
      But it failed to wire the field through RPC, so even if we do
      add a reason in the future, we will be unable to get it back
      to the user.
      
      Worse, commit 7ba5defb (v1.0.0) repeated the same mistake with
      the pmsuspend_disk event.
      
      As long as we are adding new RPC calls, we might as well fix
      the events to actually match the signature so that we don't have
      to add yet another RPC in the future if we do decide to start
      using the reason field.
      
      * src/remote/remote_protocol.x
      (remote_domain_event_callback_pmwakeup_msg)
      (remote_domain_event_callback_pmsuspend_msg)
      (remote_domain_event_callback_pmsuspend_disk_msg): Add reason
      field.
      * daemon/remote.c (remoteRelayDomainEventPMWakeup)
      (remoteRelayDomainEventPMSuspend)
      (remoteRelayDomainEventPMSuspendDisk): Pass reason to client.
      * src/conf/domain_event.h (virDomainEventPMWakeupNewFromDom)
      (virDomainEventPMSuspendNewFromDom)
      (virDomainEventPMSuspendDiskNewFromDom): Require additional
      parameter.
      * src/conf/domain_event.c (virDomainEventPMClass): New class.
      (virDomainEventPMDispose): New function.
      (virDomainEventPMWakeupNew*, virDomainEventPMSuspendNew*)
      (virDomainEventPMSuspendDiskNew*)
      (virDomainEventDispatchDefaultFunc): Use new class.
      * src/remote/remote_driver.c (remoteDomainBuildEvent*PM*): Pass
      reason through.
      * src/remote_protocol-structs: Regenerate.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      6831c1d3
    • E
      event: prepare client to track domain callbackID · caaf6ba1
      Eric Blake 提交于
      We want to convert over to server-side events, even for older
      APIs.  To do that, the client side of the remote driver wants
      to distinguish between legacy virConnectDomainEventRegister and
      normal virConnectDomainEventRegisterAny, while knowing the
      client callbackID and the server's serverID for both types of
      registration.  The client also needs to probe whether the
      server supports server-side filtering.  However, for ease of
      review, we don't actually use the new RPCs until a later patch.
      
      * src/conf/object_event_private.h (virObjectEventStateCallbackID):
      Add parameter.
      * src/conf/object_event.c (virObjectEventCallbackListAddID)
      (virObjectEventStateRegisterID): Separate legacy from callbackID.
      (virObjectEventStateCallbackID): Pass through parameter.
      (virObjectEventCallbackLookup): Let legacy and global domain
      lifecycle events share a common remoteID.
      * src/conf/network_event.c (virNetworkEventStateRegisterID):
      Update caller.
      * src/conf/domain_event.c (virDomainEventStateRegister)
      (virDomainEventStateRegisterID, virDomainEventStateDeregister):
      Likewise.
      (virDomainEventStateRegisterClient)
      (virDomainEventStateCallbackID): Implement new functions.
      * src/conf/domain_event.h (virDomainEventStateRegisterClient)
      (virDomainEventStateCallbackID): New prototypes.
      * src/remote/remote_driver.c (private_data): Add field.
      (doRemoteOpen): Probe server feature.
      (remoteConnectDomainEventRegister)
      (remoteConnectDomainEventRegisterAny): Use new function.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      caaf6ba1
  10. 11 2月, 2014 4 次提交
    • J
      Rename 'index' in virCapabilitiesGetCpusForNode · 47fa97a7
      Ján Tomko 提交于
      This shadows the index function on some systems (RHEL-6.4, FreeBSD 9):
      ../../src/conf/capabilities.c: In function 'virCapabilitiesGetCpusForNode':
      ../../src/conf/capabilities.c:1005: warning: declaration of'index'
            shadows a global declaration [-Wshadow]
      /usr/include/strings.h:57: warning: shadowed declaration is here [-Wshadow]
      47fa97a7
    • P
      Handle non-sequential NUMA node numbers · cd921cf0
      Pradipta Kr. Banerjee 提交于
      On some platforms like IBM PowerNV the NUMA node numbers can be
      non-sequential. For eg. numactl --hardware o/p from such a machine looks
      as given below
      
      node distances:
         node   0   1  16  17
           0:  10  40  40  40
           1:  40  10  40  40
          16:  40  40  10  40
          17:  40  40  40  10
      
      The NUMA nodes are 0,1,16,17
      
      Libvirt uses sequential index as NUMA node numbers and this can
      result in crash or incorrect results.
      Signed-off-by: NShivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
      Signed-off-by: NPradipta Kr. Banerjee <bpradip@in.ibm.com>
      cd921cf0
    • M
      conf: introduce spiceport chardev backend · 5b189541
      Martin Kletzander 提交于
      Add a new character device backend called 'spiceport' that uses
      spice's channel for communications and apart from spicevmc can be used
      as a backend for any character device from libvirt's point of view.
      Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
      5b189541
    • M
      virNetworkLoadState: Disallow mangled 'floor' element · 28900766
      Michal Privoznik 提交于
      In the network status XML we may have the <floor/> element with the
      'sum' attribute. The attribute represents sum of all 'floor'-s of
      computed over each interface connected to the network (this is needed to
      guarantee certain bandwidth for certain domain). The sum is therefore a
      number. However, if the number was mangled (e.g. by an user's
      interference to network status file), we've just ignored it without
      refusing to parse such file. This was all due to 'goto error' missing.
      Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      28900766
  11. 10 2月, 2014 3 次提交
    • P
      qemu: hyperv: Add support for timer enlightenments · 600bca59
      Peter Krempa 提交于
      Add a new <timer> for the HyperV reference time counter enlightenment
      and the iTSC reference page for Windows guests.
      
      This feature provides a paravirtual approach to track timer events for
      the guest (similar to kvmclock) with the option to use real hardware
      clock on systems with a iTSC with compensation across various hosts.
      600bca59
    • P
      conf: Enforce supported options for certain timers · 8ffaa42d
      Peter Krempa 提交于
      According to the documentation various timer options are only supported
      by certain timer types. Add a post parse check to verify that the user
      didn't specify invalid options.
      
      Also fix the qemu command line parsing function to set correct default
      values for the kvmclock timer so that it passes the new check.
      8ffaa42d
    • P
      schema: Fix guest timer specification schema according to the docs · bbd392ff
      Peter Krempa 提交于
      According to the documentation describing various tunables for domain
      timers not all the fields are supported by all the driver types. Express
      these in the RNG:
      
      - rtc, platform: Only these support the "track" attribute.
      - tsc: only one to support "frequency" and "mode" attributes
      - hpet, pit: tickpolicy/catchup attribute/element
      - kvmclock: no extra attributes are supported
      
      Additionally the attributes of the <catchup> element for
      tickpolicy='catchup' are optional according to the parsing code. Express
      this in the XML and fix a spurious space added while formatting the
      <catchup> element and add tests for it.
      bbd392ff
  12. 07 2月, 2014 3 次提交
  13. 05 2月, 2014 1 次提交
    • E
      event: move event filtering to daemon (regression fix) · 11f20e43
      Eric Blake 提交于
      https://bugzilla.redhat.com/show_bug.cgi?id=1058839
      
      Commit f9f56340 for CVE-2014-0028 almost had the right idea - we
      need to check the ACL rules to filter which events to send.  But
      it overlooked one thing: the event dispatch queue is running in
      the main loop thread, and therefore does not normally have a
      current virIdentityPtr.  But filter checks can be based on current
      identity, so when libvirtd.conf contains access_drivers=["polkit"],
      we ended up rejecting access for EVERY event due to failure to
      look up the current identity, even if it should have been allowed.
      
      Furthermore, even for events that are triggered by API calls, it
      is important to remember that the point of events is that they can
      be copied across multiple connections, which may have separate
      identities and permissions.  So even if events were dispatched
      from a context where we have an identity, we must change to the
      correct identity of the connection that will be receiving the
      event, rather than basing a decision on the context that triggered
      the event, when deciding whether to filter an event to a
      particular connection.
      
      If there were an easy way to get from virConnectPtr to the
      appropriate virIdentityPtr, then object_event.c could adjust the
      identity prior to checking whether to dispatch an event.  But
      setting up that back-reference is a bit invasive.  Instead, it
      is easier to delay the filtering check until lower down the
      stack, at the point where we have direct access to the RPC
      client object that owns an identity.  As such, this patch ends
      up reverting a large portion of the framework of commit f9f56340.
      We also have to teach 'make check' to special-case the fact that
      the event registration filtering is done at the point of dispatch,
      rather than the point of registration.  Note that even though we
      don't actually use virConnectDomainEventRegisterCheckACL (because
      the RegisterAny variant is sufficient), we still generate the
      function for the purposes of documenting that the filtering
      takes place.
      
      Also note that I did not entirely delete the notion of a filter
      from object_event.c; I still plan on using that for my upcoming
      patch series for qemu monitor events in libvirt-qemu.so.  In
      other words, while this patch changes ACL filtering to live in
      remote.c and therefore we have no current client of the filtering
      in object_event.c, the notion of filtering in object_event.c is
      still useful down the road.
      
      * src/check-aclrules.pl: Exempt event registration from having to
      pass checkACL filter down call stack.
      * daemon/remote.c (remoteRelayDomainEventCheckACL)
      (remoteRelayNetworkEventCheckACL): New functions.
      (remoteRelay*Event*): Use new functions.
      * src/conf/domain_event.h (virDomainEventStateRegister)
      (virDomainEventStateRegisterID): Drop unused parameter.
      * src/conf/network_event.h (virNetworkEventStateRegisterID):
      Likewise.
      * src/conf/domain_event.c (virDomainEventFilter): Delete unused
      function.
      * src/conf/network_event.c (virNetworkEventFilter): Likewise.
      * src/libxl/libxl_driver.c: Adjust caller.
      * src/lxc/lxc_driver.c: Likewise.
      * src/network/bridge_driver.c: Likewise.
      * src/qemu/qemu_driver.c: Likewise.
      * src/remote/remote_driver.c: Likewise.
      * src/test/test_driver.c: Likewise.
      * src/uml/uml_driver.c: Likewise.
      * src/vbox/vbox_tmpl.c: Likewise.
      * src/xen/xen_driver.c: Likewise.
      Signed-off-by: NEric Blake <eblake@redhat.com>
      11f20e43
  14. 04 2月, 2014 1 次提交
    • L
      network: change default of forwardPlainNames to 'yes' · 66f75925
      Laine Stump 提交于
      The previous patch fixed "forwardPlainNames" so that it really is
      doing only what is intended, but left the default to be
      "forwardPlainNames='no'". Discussion around the initial version of
      that patch led to the decision that the default should instead be
      "forwardPlainNames='yes'" (i.e. the original behavior before commit
      f3886825). This patch makes that change to the default.
      66f75925
  15. 31 1月, 2014 1 次提交
    • D
      Push nwfilter update locking up to top level · 6e5c79a1
      Daniel P. Berrange 提交于
      The NWFilter code has as a deadlock race condition between
      the virNWFilter{Define,Undefine} APIs and starting of guest
      VMs due to mis-matched lock ordering.
      
      In the virNWFilter{Define,Undefine} codepaths the lock ordering
      is
      
        1. nwfilter driver lock
        2. virt driver lock
        3. nwfilter update lock
        4. domain object lock
      
      In the VM guest startup paths the lock ordering is
      
        1. virt driver lock
        2. domain object lock
        3. nwfilter update lock
      
      As can be seen the domain object and nwfilter update locks are
      not acquired in a consistent order.
      
      The fix used is to push the nwfilter update lock upto the top
      level resulting in a lock ordering for virNWFilter{Define,Undefine}
      of
      
        1. nwfilter driver lock
        2. nwfilter update lock
        3. virt driver lock
        4. domain object lock
      
      and VM start using
      
        1. nwfilter update lock
        2. virt driver lock
        3. domain object lock
      
      This has the effect of serializing VM startup once again, even if
      no nwfilters are applied to the guest. There is also the possibility
      of deadlock due to a call graph loop via virNWFilterInstantiate
      and virNWFilterInstantiateFilterLate.
      
      These two problems mean the lock must be turned into a read/write
      lock instead of a plain mutex at the same time. The lock is used to
      serialize changes to the "driver->nwfilters" hash, so the write lock
      only needs to be held by the define/undefine methods. All other
      methods can rely on a read lock which allows good concurrency.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      6e5c79a1
  16. 29 1月, 2014 1 次提交
    • P
      snapshot: Add support for specifying snapshot disk backing type · 7076b4b7
      Peter Krempa 提交于
      Add support for specifying various types when doing snapshots. This will
      later allow to do snapshots on network backed volumes. Disks of type
      'volume' are not supported by snapshots (yet).
      
      Also amend the test suite to check parsing of the various new disk
      types that can now be specified.
      7076b4b7
  17. 21 1月, 2014 1 次提交
    • F
      spice: expose the QEMU disable file transfer option · 08d07e5f
      Francesco Romani 提交于
      spice-server offers an API to disable file transfer messages
      on the agent channel between the client and the guest.
      This is supported in qemu through the disable-agent-file-xfer option.
      
      This patch exposes this option to libvirt.
      Adds a new element 'filetransfer', with one property,
      'enable', which accepts a boolean.
      Default is enabled, for backward compatibility.
      
      Depends on the capability exported in the first patch of the series.
      Signed-off-by: NFrancesco Romani <fromani@redhat.com>
      08d07e5f
  18. 20 1月, 2014 2 次提交
  19. 16 1月, 2014 2 次提交
    • P
      storage: Introduce internal pool support · 362da820
      Peter Krempa 提交于
      To allow using the storage driver APIs to do operation on generic domain
      disks we will need to introduce internal storage pools that will give is
      a base to support this stuff even on files that weren't originally
      defined as a part of the pool.
      
      This patch introduces the 'internal' flag for a storage pool that will
      prevent it from being listed along with the user defined storage pools.
      362da820
    • C
      conf: Always use VIR_ERR_CONFIG_UNSUPPORTED on enumFromString() failures · 9b73290f
      Christophe Fergeau 提交于
      Currently, during XML parsing, when a call to a FromString() function to
      get an enum value fails, the error which is reported is either
      VIR_ERR_CONFIG_UNSUPPORTED, VIR_ERR_INTERNAL_ERROR or VIR_ERR_XML_ERROR.
      
      This commit makes such conversion failures consistently return
      VIR_ERR_CONFIG_UNSUPPORTED.
      9b73290f