- 17 8月, 2010 2 次提交
-
-
由 Jiri Denemark 提交于
When reconnecting to existing VMs, we re-reserved only those PCI addresses which were explicitly mentioned in domain XML. Since some addresses are always reserved (e.g., 0:0:0 and 0:0:1), we need to handle those too. Also all this should only be done if device flag is supported by qemu.
-
由 Stefan Berger 提交于
In this patch I am extending and fixing the nwfilter module's reload support to stop all ongoing threads (for learning IP addresses of interfaces) and rebuild the filtering rules of all interfaces of all VMs when libvirt is started. Now libvirtd rebuilds the filters upon the SIGHUP signal and libvirtd restart. About the patch: The nwfilter functions require a virConnectPtr. Therefore I am opening a connection in qemudStartup, which later on needs to be closed outside where the driver lock is held since otherwise it ends up in a deadlock due to virConnectClose() trying to lock the driver as well. I have tested this now for a while with several machines running and needing the IP address learner thread(s). The rebuilding of the firewall rules seems to work fine following libvirtd restart or a SIGHUP. Also the termination of libvirtd worked fine.
-
- 13 8月, 2010 3 次提交
-
-
由 Chris Lalancette 提交于
Since the qemu process is running as qemu:qemu, it can't actually look at the unix socket in /var/run/libvirt/qemu which is owned by root and has permission 700. Move the unix socket to /var/lib/libvirt/qemu, which is already owned by qemu:qemu. Thanks to Justin Clift for test this out for me. Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Chris Lalancette 提交于
The problem is that on the source of the migration, libvirtd is responsible for creating the unix socket over which the data will flow. Since libvirtd is running as root, this file will be created as root. When the qemu process running as qemu:qemu goes to access the unix file to write data to it, it will get permission denied and fail. Make sure to change the owner of the unix file to qemu:qemu. Thanks to Justin Clift for testing this patch out for me. Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Daniel Veillard 提交于
Basically a followup of the previous patch about balloon desactivation if desactivated, to not ask for balloon information to qemu as we will just get an error back. This can make a huge difference in the time needed for domain information or list when a machine is loaded, and balloon has been desactivated in the guests. * src/qemu/qemu_driver.c: do not get the balloon info if the balloon suppor is disabled
-
- 10 8月, 2010 1 次提交
-
-
由 Jiri Denemark 提交于
device_del command is not synchronous for PCI devices, it merely asks the guest to release the device and returns. If the host wants to use that device before the guest actually releases it, we are in big trouble. To avoid this, we already added a loop which waits up to 10 seconds until the device is actually released before we do anything else with that device. But we only added this loop for managed PCI devices before we try reattach them back to the host. However, we need to wait even for non-managed devices. We don't reattach them automatically, but we still want to prevent the host from using it. This was revealed thanks to sVirt: when we relabel sysfs files corresponding to the PCI device before the guest finished releasing the device, qemu is no longer allowed to access those files and if it wants (as a result of guest's request) to write anything to them, it just exits, which kills the guest. This is not a proper fix and needs some further work both on libvirt and qemu side in the future.
-
- 03 8月, 2010 1 次提交
-
-
由 Eric Blake 提交于
Spotted by clang. Regression introduced in commit e72cc3c1. * src/qemu/qemu_driver.c (qemuConnectMonitor): Don't lose error status.
-
- 31 7月, 2010 1 次提交
-
-
由 Eric Blake 提交于
Spotted by clang. * src/qemu/qemu_monitor.c (qemuMonitorClose): Kill dead store. * src/qemu/qemu_driver.c (qemudDomainSaveImageStartVM): Likewise.
-
- 29 7月, 2010 3 次提交
-
-
由 Chris Lalancette 提交于
If detecting the FLR flag of a pci device fails, then we could run into the situation of trying to close a file descriptor twice, once in pciInitDevice() and once in pciFreeDevice(). Fix that by removing the pciCloseConfig() in pciInitDevice() and just letting pciFreeDevice() handle it. Thanks to Chris Wright for pointing out this problem. While we are at it, fix an error check. While it would actually work as-is (since success returns 0), it's still more clear to check for < 0 (as the rest of the code does). Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Cole Robinson 提交于
Enable specifying a virtio console device with: <console type='pty'> <target type='virtio'/> </console>
-
由 Cole Robinson 提交于
There is actually a difference between the character device type (serial, parallel, channel, ...) and the target type (virtio, guestfwd). Currently they are awkwardly conflated. Start to pull them apart by renaming targetType -> deviceType. This is an entirely mechanical change. Signed-off-by: NCole Robinson <crobinso@redhat.com>
-
- 28 7月, 2010 1 次提交
-
-
由 Chris Lalancette 提交于
Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
- 27 7月, 2010 4 次提交
-
-
由 Chris Wright 提交于
When doing a PCI secondary bus reset, we must be sure that there are no active devices on the same bus segment. The active device tracking is designed to only track host devices that are active in use by guests. This ignores host devices that are actively in use by the host. So the current logic will reset host devices. Switch this logic around and allow sbus reset when we are assigning all devices behind a bridge to the same guest at guest startup or as a result of a single attach-device command. * src/util/pci.h: change signature of pciResetDevice to add an inactive devices list * src/qemu/qemu_driver.c src/xen/xen_driver.c: use (or not) the new functionality of pciResetDevice() depending on the place of use * src/util/pci.c: implement the interface and logic changes
-
由 Chris Wright 提交于
- src/qemu/qemu_driver.c: Eliminate code duplication by using the new helpers qemuPrepareHostdevPCIDevices and qemuDomainReAttachHostdevDevices. This reduces the number of open coded calls to pciResetDevice.
-
由 Chris Wright 提交于
- src/qemu/qemu_driver.c: These new helpers take hostdev list and count directly rather than getting them indirectly from domain definition. This will allow reuse for the attach-device case.
-
由 Chris Wright 提交于
- src/qemu/qemu_driver.c: Update qemuGetPciHostDeviceList to take a hostdev list and count directly, rather than getting this indirectly from domain definition. This will allow reuse for the attach-device case.
-
- 24 7月, 2010 4 次提交
-
-
由 Chris Lalancette 提交于
Thanks to DV for knocking together the Relax-NG changes quickly for me. Changes since v1: - Change the domain.rng to correspond to the new schema - Don't allocate caps->ns in testQemuCapsInit since it is a static table Changes since v2: - Change domain.rng to add restrictions on allowed environment names Changes since v3: - Remove a bogus comment in the tests Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Chris Lalancette 提交于
Implement the qemu driver's virDomainQemuMonitorCommand and hook it into the API entry point. Changes since v1: - Rename the (external) qemuMonitorCommand to qemuDomainMonitorCommand - Add virCheckFlags to qemuDomainMonitorCommand Changes since v2: - Drop ATTRIBUTE_UNUSED from the flags Changes since v3: - Add a flag to priv so we only print out monitor command warning once. Note that this has not been plumbed into qemuDomainObjPrivateXMLFormat or qemuDomainObjPrivateXMLParse, which means that if you run a monitor command, restart libvirtd, and then run another monitor command, you may get an an erroneous VIR_INFO. It's a pretty minor matter, and I didn't think it warranted the additional code. - Add BeginJob/EndJob calls around EnterMonitor/ExitMonitor Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Chris Lalancette 提交于
Add the library entry point for the new virDomainQemuMonitorCommand() entry point. Because this is not part of the "normal" libvirt API, it gets its own header file, library file, and will eventually get its own over-the-wire protocol later in the series. Changes since v1: - Go back to using the virDriver table for qemuDomainMonitorCommand, due to linking issues - Added versioning information to the libvirt-qemu.so Changes since v2: - None Changes since v3: - Add LGPL header to libvirt-qemu.c - Make virLibConnError and virLibDomainError macros instead of function calls Changes since v4: - Move exported symbols to libvirt_qemu.syms Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Chris Lalancette 提交于
Implement the qemu hooks for XML namespace data. This allows us to specify a qemu XML namespace, and then specify: <qemu:commandline> <qemu:arg value='arg'/> <qemu:env name='name' value='value'/> </qemu:commandline> In the domain XML. Changes since v1: - Change the <qemu:arg>arg</qemu:arg> XML to <qemu:arg value='arg'/> XML - Fix up some memory leaks in qemuDomainDefNamespaceParse - Rename num_extra and extra to num_args and args, respectively - Fixed up some error messages - Make sure to escape user-provided data in qemuDomainDefNamespaceFormatXML Changes since v2: - Add checking to ensure environment variable names are valid - Invert the logic in qemuDomainDefNamespaceFormatXML to return early Changes since v3: - Change strspn() to c_isalpha() check of first letter of environment variable Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
- 22 7月, 2010 1 次提交
-
-
由 Laine Stump 提交于
virFileOperation previously returned 0 on success, or the value of errno on failure. Although there are other functions in libvirt that use this convention, the preferred (and more common) convention is to return 0 on success and -errno (or simply -1 in some cases) on failure. This way the check for failure is always (ret < 0). * src/util/util.c - change virFileOperation and virFileOperationNoFork to return -errno on failure. * src/storage/storage_backend.c, src/qemu/qemu_driver.c - change the hook functions passed to virFileOperation to return -errno on failure.
-
- 21 7月, 2010 2 次提交
-
-
由 Daniel P. Berrange 提交于
To allow compatibility with older QEMU PCI device slot assignment it is necessary to explicitly track the balloon device in the XML. This introduces a new device <memballoon model='virtio|xen'/> It can also have a PCI address, auto-assigned if necessary. The memballoon will be automatically added to all Xen and QEMU guests by default. * docs/schemas/domain.rng: Add <memballoon> element * src/conf/domain_conf.c, src/conf/domain_conf.h: parsing and formatting for memballoon device. Always add a memory balloon device to Xen/QEMU if none exists in XML * src/libvirt_private.syms: Export memballoon model APIs * src/qemu/qemu_conf.c, src/qemu/qemu_conf.h: Honour the PCI device address in memory balloon device * tests/*: Update to test new functionality
-
由 Daniel P. Berrange 提交于
The VIR_ERR_NO_SUPPORT refers to an API which is not implemented. There is a separate VIR_ERR_CONFIG_UNSUPPORTED for XML config options that are not available with the current hypervisor. * src/qemu/qemu_conf.c, src/qemu/qemu_driver.c: Remove many VIR_ERR_NO_SUPPORT replace with VIR_ERR_CONFIG_UNSUPPORTED
-
- 20 7月, 2010 6 次提交
-
-
由 Chris Lalancette 提交于
If you try to execute two concurrent migrations p2p from A->B and B->A, the two libvirtd's will deadlock trying to perform the migrations. The reason for this is that in p2p migration, the libvirtd's are responsible for making the RPC Prepare, Migrate, and Finish calls. However, they are currently holding the driver lock while doing so, which basically guarantees deadlock in this scenario. This patch fixes the situation by adding qemuDomainObjEnterRemoteWithDriver and qemuDomainObjExitRemoteWithDriver helper methods. The Enter take an additional object reference, then drops both the domain object lock and the driver lock. The Exit takes both the driver and domain object lock, then drops the reference. Adding calls to these Enter and Exit helpers around remote calls in the various migration methods seems to fix the problem for me in testing. This should make the situation safe. The additional domain object reference ensures that the domain object won't disappear while this operation is happening. The BeginJob that is called inside of qemudDomainMigratePerform ensures that we can't execute a second migrate (or shutdown, or save, etc) job while the migration is active. Finally, the additional check on the state of the vm after we reacquire the locks ensures that we can't be surprised by an external event (domain crash, etc). Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Daniel P. Berrange 提交于
Record a default driver name/type in capabilities struct. Use this when parsing disks if value is not set in XML config. * src/conf/capabilities.h: Record default driver name/type for disks * src/conf/domain_conf.c: Fallback to default driver name/type when parsing disks * src/qemu/qemu_driver.c: Set default driver name/type to raw
-
由 Daniel P. Berrange 提交于
Disk format probing is now disabled by default. A new config option in /etc/qemu/qemu.conf will re-enable it for existing deployments where this causes trouble
-
由 Daniel P. Berrange 提交于
The implementation of security driver callbacks often needs to access the security driver object. Currently only a handful of callbacks include the driver object as a parameter. Later patches require this is many more places. * src/qemu/qemu_driver.c: Pass in the security driver object to all callbacks * src/qemu/qemu_security_dac.c, src/qemu/qemu_security_stacked.c, src/security/security_apparmor.c, src/security/security_driver.h, src/security/security_selinux.c: Add a virSecurityDriverPtr param to all security callbacks
-
由 Daniel P. Berrange 提交于
Update the QEMU cgroups code, QEMU DAC security driver, SELinux and AppArmour security drivers over to use the shared helper API virDomainDiskDefForeachPath(). * src/qemu/qemu_driver.c, src/qemu/qemu_security_dac.c, src/security/security_selinux.c, src/security/virt-aa-helper.c: Convert over to use virDomainDiskDefForeachPath()
-
由 Daniel P. Berrange 提交于
Require the disk image to be passed into virStorageFileGetMetadata. If this is set to VIR_STORAGE_FILE_AUTO, then the format will be resolved using probing. This makes it easier to control when probing will be used * src/qemu/qemu_driver.c, src/qemu/qemu_security_dac.c, src/security/security_selinux.c, src/security/virt-aa-helper.c: Set VIR_STORAGE_FILE_AUTO when calling virStorageFileGetMetadata. * src/storage/storage_backend_fs.c: Probe for disk format before calling virStorageFileGetMetadata. * src/util/storage_file.h, src/util/storage_file.c: Remove format from virStorageFileMeta struct & require it to be passed into method.
-
- 15 7月, 2010 1 次提交
-
-
由 Jim Meyering 提交于
* src/qemu/qemu_driver.c (qemuConnectMonitor): Correct erroneous parenthesization in two expressions. Without this fix, failure to set or clear SELinux security context in the monitor would go undiagnosed. Also correct a diagnostic and split some long lines.
-
- 29 6月, 2010 3 次提交
-
-
由 Chris Lalancette 提交于
Make sure to *not* call qemuDomainPCIAddressReleaseAddr if QEMUD_CMD_FLAG_DEVICE is *not* set (for older qemu). This prevents a crash when trying to do device detachment from a qemu guest. Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Chris Lalancette 提交于
In the current libvirt PCI code, there is no checking whether a PCI device is in use by a guest when doing node device detach or reattach. This causes problems when a device is assigned to a guest, and the administrator starts issuing nodedevice commands. Make it so that we check the list of active devices when trying to detach/reattach, and only allow the operation if the device is not assigned to a guest. Signed-off-by: NChris Lalancette <clalance@redhat.com>
-
由 Laine Stump 提交于
This code was just recently added (by me) and didn't account for the fact that stdin_path is sometimes NULL. If it's NULL, and SetSecurityAllLabel fails, a segfault would result.
-
- 28 6月, 2010 3 次提交
-
-
由 Laine Stump 提交于
When the saved domain image is on an NFS share, at least some part of domainSetSecurityAllLabel will fail (for example, selinux labels can't be modified). To allow domain restore to still work in this case, just ignore the errors.
-
由 Laine Stump 提交于
Previously, this function had it's own bit of code performing the same function. Since there's now an equivalent utility function, let's use it.
-
由 Laine Stump 提交于
Also restore the label to its original value after qemu is finished with the file. Prior to this patch, qemu domain restore did not function properly if selinux was set to enforce.
-
- 25 6月, 2010 4 次提交
-
-
由 Daniel P. Berrange 提交于
If an active migration operation fails, or is cancelled by the admin, the QEMU on the destination is shutdown and the one on the source continues running. It is important in shutting down the QEMU on the destination, the security drivers don't reset the file labelling/permissions. * src/qemu/qemu_driver.c: Don't reset labelling/permissions on migration abort
-
由 Daniel P. Berrange 提交于
The patches for shared storage migration were not correctly written for json mode. Thus the 'blk' and 'inc' parameters were never being set. In addition they didn't set the QEMU_MONITOR_MIGRATE_BACKGROUND so migration was synchronous. Due to multiple bugs in QEMU's JSON impl this wasn't noticed because it treated the sync migration requst as asynchronous anyway. Finally 'background' parameter was converted to take arbitrary flags but not renamed, and not all uses were changed to unsigned int. * src/qemu/qemu_driver.c: Set QEMU_MONITOR_MIGRATE_BACKGROUND in doNativeMigrate * src/qemu/qemu_monitor_json.c: Process QEMU_MONITOR_MIGRATE_NON_SHARED_DISK and QEMU_MONITOR_MIGRATE_NON_SHARED_INC flags * src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h, src/qemu/qemu_monitor_json.h, src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: change 'int background' to 'unsigned int flags' in migration APIs. Add logging of flags parameter
-
由 Daniel P. Berrange 提交于
During incoming migration the QEMU monitor is not able to be used. The incoming migration code did not keep hold of the job lock because migration is split across multiple API calls. This meant that further monitor commands on the guest would hang until migration finished with no timeout. In this change the qemuDomainMigratePrepare method sets the job flag just before it returns. The qemuDomainMigrateFinish method checks for this job flag & clears it once done. This prevents any use of the monitor between prepare+finish steps. The qemuDomainGetJobInfo method is also updated to refresh the job elapsed time. This means that virsh domjobinfo can return time data during incoming migration * src/qemu/qemu_driver.c: Keep a job active during incoming migration. Refresh job elapsed time when returning job info
-
由 Daniel P. Berrange 提交于
When configuring serial, parallel, console or channel devices with a file, dev or pipe backend type, it is necessary to label the file path in the security drivers. For char devices of type file, it is neccessary to pre-create (touch) the file if it does not already exist since QEMU won't be allowed todo so itself. dev/pipe configs already require the admin to pre-create before starting the guest. * src/qemu/qemu_security_dac.c: set file ownership for character devices * src/security/security_selinux.c: Set file labeling for character devices * src/qemu/qemu_driver.c: Add character devices to cgroup ACL
-