1. 18 9月, 2012 2 次提交
  2. 12 9月, 2012 1 次提交
  3. 06 9月, 2012 1 次提交
    • M
      qemu: don't pin all the cpus · 9f86fb93
      Martin Kletzander 提交于
      This is another fix for the emulator-pin series. When going through
      the cputune pinning settings, the current code is trying to pin all
      the CPUs, even when not all of them are specified. This causes error
      in the subsequent function which, of course, cannot find the cpu to
      pin. Since it's enough to pass the correct VCPU ID to the function,
      the fix is trivial.
      9f86fb93
  4. 31 8月, 2012 1 次提交
    • J
      qemu: Don't ignore CPU tuning config if required cgroups are missing · 774eb45b
      Jiri Denemark 提交于
      When domain XML contains any of the elements for setting up CPU
      scheduling parameters (period, quota, emulator_period, or
      emulator_quota) we need cpu cgroup to enforce the configuration.
      However, the existing code would just ignore silently such settings if
      either cgroups were not available at all cpu cgroup was not available.
      Moreover, APIs for manipulating CPU scheduler parameters were already
      failing if cpu cgroup was not available. This patch makes cpu cgroup
      mandatory for all domains that use CPU scheduling elements in their XML.
      774eb45b
  5. 29 8月, 2012 1 次提交
    • J
      qemu: Fix starting domains with no cpu cgroup · 0c7cca36
      Jiri Denemark 提交于
      If cgroups are enabled in general but cpu cgroup is disabled in
      qemu.conf or not mounted at all, libvirt would refuse to start any
      domain even though scheduler parameters are not set in domain XML.
      
      This patch makes cpu cgroup mandatory only for domains that actually
      want to use it.
      0c7cca36
  6. 27 8月, 2012 1 次提交
    • M
      qemu: fix regression with pinning · 16ebec2b
      Martin Kletzander 提交于
      Commit 4b03d591 changed the pinning
      behavior in a way that makes some machines non-startable.
      
      The comment mentioning that we cannot control each vcpu when there is
      not VCPU<-> PID mapping available is true, however, this isn't
      necessarily an error, because this can be caused by old QEMU without
      support for "query-cpus" command as well as a software emulated
      machines that don't create more than one process.
      16ebec2b
  7. 22 8月, 2012 5 次提交
  8. 06 8月, 2012 1 次提交
    • M
      qemu: Set reasonable RSS limit on domain startup · addeb7cd
      Michal Privoznik 提交于
      If there's a memory leak in qemu or qemu is exploited the host's
      system will sooner or later start trashing instead of killing
      the bad process. This however has impact on performance and other
      guests as well. Therefore we should set a reasonable RSS limit
      even when user hasn't set any. It's better to be secure by default.
      addeb7cd
  9. 27 7月, 2012 1 次提交
    • E
      maint: don't permit format strings without % · 768007ae
      Eric Blake 提交于
      Any time we have a string with no % passed through gettext, a
      translator can inject a % to cause a stack overread.  When there
      is nothing to format, it's easier to ask for a string that cannot
      be used as a formatter, by using a trivial "%s" format instead.
      
      In the past, we have used --disable-nls to catch some of the
      offenders, but that doesn't get run very often, and many more
      uses have crept in.  Syntax check to the rescue!
      
      The syntax check can catch uses such as
      virReportError(code,
                     _("split "
                       "string"));
      by using a sed script to fold context lines into one pattern
      space before checking for a string without %.
      
      This patch is just mechanical insertion of %s; there are probably
      several messages touched by this patch where we would be better
      off giving the user more information than a fixed string.
      
      * cfg.mk (sc_prohibit_diagnostic_without_format): New rule.
      * src/datatypes.c (virUnrefConnect, virGetDomain)
      (virUnrefDomain, virGetNetwork, virUnrefNetwork, virGetInterface)
      (virUnrefInterface, virGetStoragePool, virUnrefStoragePool)
      (virGetStorageVol, virUnrefStorageVol, virGetNodeDevice)
      (virGetSecret, virUnrefSecret, virGetNWFilter, virUnrefNWFilter)
      (virGetDomainSnapshot, virUnrefDomainSnapshot): Add %s wrapper.
      * src/lxc/lxc_driver.c (lxcDomainSetBlkioParameters)
      (lxcDomainGetBlkioParameters): Likewise.
      * src/conf/domain_conf.c (virSecurityDeviceLabelDefParseXML)
      (virDomainDiskDefParseXML, virDomainGraphicsDefParseXML):
      Likewise.
      * src/conf/network_conf.c (virNetworkDNSHostsDefParseXML)
      (virNetworkDefParseXML): Likewise.
      * src/conf/nwfilter_conf.c (virNWFilterIsValidChainName):
      Likewise.
      * src/conf/nwfilter_params.c (virNWFilterVarValueCreateSimple)
      (virNWFilterVarAccessParse): Likewise.
      * src/libvirt.c (virDomainSave, virDomainSaveFlags)
      (virDomainRestore, virDomainRestoreFlags)
      (virDomainSaveImageGetXMLDesc, virDomainSaveImageDefineXML)
      (virDomainCoreDump, virDomainGetXMLDesc)
      (virDomainMigrateVersion1, virDomainMigrateVersion2)
      (virDomainMigrateVersion3, virDomainMigrate, virDomainMigrate2)
      (virStreamSendAll, virStreamRecvAll)
      (virDomainSnapshotGetXMLDesc): Likewise.
      * src/nwfilter/nwfilter_dhcpsnoop.c (virNWFilterSnoopReqLeaseDel)
      (virNWFilterDHCPSnoopReq): Likewise.
      * src/openvz/openvz_driver.c (openvzUpdateDevice): Likewise.
      * src/openvz/openvz_util.c (openvzKBPerPages): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Likewise.
      * src/qemu/qemu_command.c (qemuBuildHubDevStr, qemuBuildChrChardevStr)
      (qemuBuildCommandLine): Likewise.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Likewise.
      * src/qemu/qemu_hotplug.c (qemuDomainAttachNetDevice): Likewise.
      * src/rpc/virnetsaslcontext.c (virNetSASLSessionGetIdentity):
      Likewise.
      * src/rpc/virnetsocket.c (virNetSocketNewConnectUNIX)
      (virNetSocketSendFD, virNetSocketRecvFD): Likewise.
      * src/storage/storage_backend_disk.c
      (virStorageBackendDiskBuildPool): Likewise.
      * src/storage/storage_backend_fs.c
      (virStorageBackendFileSystemProbe)
      (virStorageBackendFileSystemBuild): Likewise.
      * src/storage/storage_backend_rbd.c
      (virStorageBackendRBDOpenRADOSConn): Likewise.
      * src/storage/storage_driver.c (storageVolumeResize): Likewise.
      * src/test/test_driver.c (testInterfaceChangeBegin)
      (testInterfaceChangeCommit, testInterfaceChangeRollback):
      Likewise.
      * src/vbox/vbox_tmpl.c (vboxListAllDomains): Likewise.
      * src/xenxs/xen_sxpr.c (xenFormatSxprDisk, xenFormatSxpr):
      Likewise.
      * src/xenxs/xen_xm.c (xenXMConfigGetUUID, xenFormatXMDisk)
      (xenFormatXM): Likewise.
      768007ae
  10. 23 7月, 2012 1 次提交
    • O
      Desert the FSF address in copyright · f9ce7dad
      Osier Yang 提交于
      Per the FSF address could be changed from time to time, and GNU
      recommends the following now: (http://www.gnu.org/licenses/gpl-howto.html)
      
        You should have received a copy of the GNU General Public License
        along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
      
      This patch removes the explicit FSF address, and uses above instead
      (of course, with inserting 'Lesser' before 'General').
      
      Except a bunch of files for security driver, all others are changed
      automatically, the copyright for securify files are not complete,
      that's why to do it manually:
      
        src/security/security_selinux.h
        src/security/security_driver.h
        src/security/security_selinux.c
        src/security/security_apparmor.h
        src/security/security_apparmor.c
        src/security/security_driver.c
      f9ce7dad
  11. 19 7月, 2012 2 次提交
  12. 11 7月, 2012 1 次提交
    • E
      build: detect all improper uses of _("%s") · 0867a877
      Eric Blake 提交于
      The only useful translation of "%s" as a format string is "%s" (I
      suppose you could claim "%1$s" is also valid, but why bother).  So
      it is not worth translating; fixing this exposes some instances
      where we were failing to translate real error messages.  This makes
      the fix of commit 097da1ab more generic, as well as ensuring no
      future regressions.
      
      * cfg.mk (sc_prohibit_useless_translation): New rule.
      * src/lxc/lxc_driver.c (lxcSetVcpuBWLive): Fix offender.
      * src/openvz/openvz_conf.c (openvzReadFSConf): Likewise.
      * src/qemu/qemu_cgroup.c (qemuSetupCgroupForVcpu): Likewise.
      * src/qemu/qemu_driver.c (qemuSetVcpusBWLive): Likewise.
      * src/xenapi/xenapi_utils.c (xenapiSessionErrorHandle): Likewise.
      0867a877
  13. 10 7月, 2012 1 次提交
  14. 15 5月, 2012 1 次提交
  15. 04 2月, 2012 1 次提交
    • L
      qemu: eliminate "Ignoring open failure" when using root-squash NFS · c18a88ac
      Laine Stump 提交于
      This eliminates the warning message reported in:
      
       https://bugzilla.redhat.com/show_bug.cgi?id=624447
      
      It was caused by a failure to open an image file that is not
      accessible by root (the uid libvirtd is running as) because it's on a
      root-squash NFS share, owned by a different user, with permissions of
      660 (or maybe 600).
      
      The solution is to use virFileOpenAs() rather than open(). The
      codepath that generates the error is during qemuSetupDiskCGroup(), but
      the actual open() is in a lower-level generic function called from
      many places (virDomainDiskDefForeachPath), so some other pieces of the
      code were touched just to add dummy (or possibly useful) uid and gid
      arguments.
      
      Eliminating this warning message has the nice side effect that the
      requested operation may even succeed (which in this case isn't
      necessary, but shouldn't hurt anything either).
      c18a88ac
  16. 21 12月, 2011 1 次提交
  17. 01 12月, 2011 1 次提交
    • H
      qemu: filter blkio 0-device-weight at two other places · 25a5f07c
      Hu Tao 提交于
      filter 0-device-weight when:
      
        - getting blkio parameters with --config
        - starting up a domain
      
      When testing with blkio, I found these issues:
      
        (dom is down)
        virsh blkiotune dom --device-weights /dev/sda,300,/dev/sdb,500
        virsh blkiotune dom --device-weights /dev/sda,300,/dev/sdb,0
        virsh blkiotune dom
        weight         : 800
        device_weight  : /dev/sda,200,/dev/sdb,0
      
        # issue 1: shows 0 device weight of /dev/sdb that may confuse user
      
        (continued)
        virsh start dom
      
        # issue 2: If /dev/sdb doesn't exist, libvirt refuses to bring the
        # dom up because it wants to set the device weight to 0 of a
        # non-existing device. Since 0 means no weight-limit, we really don't
        # have to set it.
      25a5f07c
  18. 30 11月, 2011 1 次提交
  19. 26 7月, 2011 1 次提交
    • W
      set cpu bandwidth for the vm · 652e55b7
      Wen Congyang 提交于
      The cpu bandwidth is applied at the vcpu group level. We should apply it
      at the vm group level too, because the vm may do heavy I/O, and it will affect
      the other vm.
      
      We apply cpu bandwidth at the vcpu and the vm group level, so we must ensure
      that max(child_quota) <= parent_quota when we modify cpu bandwidth.
      652e55b7
  20. 21 7月, 2011 2 次提交
  21. 13 7月, 2011 1 次提交
    • D
      Move qemu_audit.h helpers into shared code · b43070eb
      Daniel P. Berrange 提交于
      The LXC and UML drivers can both make use of auditing. Move
      the qemu_audit.{c,h} files to src/conf/domain_audit.{c,h}
      
      * src/conf/domain_audit.c: Rename from src/qemu/qemu_audit.c
      * src/conf/domain_audit.h: Rename from src/qemu/qemu_audit.h
      * src/Makefile.am: Remove qemu_audit.{c,h}, add domain_audit.{c,h}
      * src/qemu/qemu_audit.h, src/qemu/qemu_cgroup.c,
        src/qemu/qemu_command.c, src/qemu/qemu_driver.c,
        src/qemu/qemu_hotplug.c, src/qemu/qemu_migration.c,
        src/qemu/qemu_process.c: Update for changed audit API names
      b43070eb
  22. 08 6月, 2011 1 次提交
    • E
      qemu: reorder checks for safety · 4eb17d64
      Eric Blake 提交于
      Detected by Coverity.  All existing callers happen to be in
      range, so this isn't too serious.
      
      * src/qemu/qemu_cgroup.c (qemuCgroupControllerActive): Check
      bounds before dereference.
      4eb17d64
  23. 12 5月, 2011 1 次提交
    • L
      libvirt,logging: cleanup VIR_XXX0() · b65f37a4
      Lai Jiangshan 提交于
      These VIR_XXXX0 APIs make us confused, use the non-0-suffix APIs instead.
      
      How do these coversions works? The magic is using the gcc extension of ##.
      When __VA_ARGS__ is empty, "##" will swallow the "," in "fmt," to
      avoid compile error.
      
      example: origin				after CPP
      	high_level_api("%d", a_int)	low_level_api("%d", a_int)
      	high_level_api("a  string")	low_level_api("a  string")
      
      About 400 conversions.
      
      8 special conversions:
      VIR_XXXX0("") -> VIR_XXXX("msg") (avoid empty format) 2 conversions
      VIR_XXXX0(string_literal_with_%) -> VIR_XXXX(%->%%) 0 conversions
      VIR_XXXX0(non_string_literal) -> VIR_XXXX("%s", non_string_literal)
        (for security) 6 conversions
      Signed-off-by: NLai Jiangshan <laijs@cn.fujitsu.com>
      b65f37a4
  24. 04 5月, 2011 1 次提交
    • E
      qemu: update qemuCgroupControllerActive signature · 29e131de
      Eric Blake 提交于
      Clang warned about a dead assignment.  In the process, I noticed
      that we are only using the function for a bool value.  I audited
      all other callers in qemu_{migration,cgroup,driver,hotplug), and
      all were making the call in a bool context.
      
      Also, do bounds checking on the argument.
      
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Delete dead
      assignment.
      (qemuCgroupControllerActive): Change return type to bool.
      * src/qemu/qemu_cgroup.h (qemuCgroupControllerActive): Likewise.
      29e131de
  25. 01 4月, 2011 1 次提交
    • O
      qemu: Fix improper logic of qemuCgroupSetup · 0ca16a78
      Osier Yang 提交于
      It throws errors as long as the cgroup controller is not available,
      regardless of whether we really want to use it to do setup or not,
      which is not what we want, fixing it with throwing error when need
      to use the controller.
      
      And change "VIR_WARN" to "qemuReportError" for memory controller
      incidentally.
      0ca16a78
  26. 29 3月, 2011 1 次提交
    • O
      cputune: Support cputune for qemu driver · 1cc4d025
      Osier Yang 提交于
      When domain startup, setting cpu affinity and cpu shares according
      to the cputune xml specified in domain xml.
      
      Modify "qemudDomainPinVcpu" to update domain config for vcpupin,
      and modify "qemuSetSchedulerParameters" to update domain config
      for cpu shares.
      
      v1 - v2:
         * Use "VIR_ALLOC_N" instead of "VIR_ALLOC_VAR"
         * But keep raising error when it fails on adding vcpupin xml
           entry, as I still don't have a better idea yet.
      1cc4d025
  27. 18 3月, 2011 1 次提交
  28. 10 3月, 2011 4 次提交
    • E
      qemu: don't request cgroup ACL access for /dev/net/tun · c52cbe48
      Eric Blake 提交于
      Since libvirt always passes /dev/net/tun to qemu via fd, we should
      never trigger the cases where qemu tries to directly open the
      device.  Therefore, it is safer to deny the cgroup device ACL.
      
      * src/qemu/qemu_cgroup.c (defaultDeviceACL): Remove /dev/net/tun.
      * src/qemu/qemu.conf (cgroup_device_acl): Reflect this change.
      c52cbe48
    • E
      audit: also audit cgroup ACL permissions · 340ab27d
      Eric Blake 提交于
      * src/qemu/qemu_audit.h (qemuAuditCgroupMajor)
      (qemuAuditCgroupPath): Add parameter.
      * src/qemu/qemu_audit.c (qemuAuditCgroupMajor)
      (qemuAuditCgroupPath): Add 'acl=rwm' to cgroup audit entries.
      * src/qemu/qemu_cgroup.c: Update clients.
      * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Likewise.
      340ab27d
    • E
      cgroup: allow fine-tuning of device ACL permissions · 5564c575
      Eric Blake 提交于
      Adding audit points showed that we were granting too much privilege
      to qemu; it should not need any mknod rights to recreate any
      devices.  On the other hand, lxc should have all device privileges.
      The solution is adding a flag parameter.
      
      This also lets us restrict write access to read-only disks.
      
      * src/util/cgroup.h (virCgroup*Device*): Adjust prototypes.
      * src/util/cgroup.c (virCgroupAllowDevice)
      (virCgroupAllowDeviceMajor, virCgroupAllowDevicePath)
      (virCgroupDenyDevice, virCgroupDenyDeviceMajor)
      (virCgroupDenyDevicePath): Add parameter.
      * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update clients.
      * src/lxc/lxc_controller.c (lxcSetContainerResources): Likewise.
      * src/qemu/qemu_cgroup.c: Likewise.
      (qemuSetupDiskPathAllow): Also, honor read-only disks.
      5564c575
    • E
      audit: split cgroup audit types to allow more information · d04916fa
      Eric Blake 提交于
      Device names can be manipulated, so it is better to also log
      the major/minor device number corresponding to the cgroup ACL
      changes that libvirt made.  This required some refactoring
      of the relatively new qemu cgroup audit code.
      
      Also, qemuSetupChardevCgroup was only auditing on failure, not success.
      
      * src/qemu/qemu_audit.h (qemuDomainCgroupAudit): Delete.
      (qemuAuditCgroup, qemuAuditCgroupMajor, qemuAuditCgroupPath): New
      prototypes.
      * src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Rename...
      (qemuAuditCgroup): ...and drop a parameter.
      (qemuAuditCgroupMajor, qemuAuditCgroupPath): New functions, to
      allow listing device major/minor in audit.
      (qemuAuditGetRdev): New helper function.
      * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Adjust callers.
      * src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
      (qemuSetupHostUsbDeviceCgroup, qemuSetupCgroup)
      (qemuTeardownDiskPathDeny): Likewise.
      (qemuSetupChardevCgroup): Likewise, fixing missing audit.
      d04916fa
  29. 01 3月, 2011 1 次提交
    • E
      qemu: only request sound cgroup ACL when required · 7c6b22c4
      Eric Blake 提交于
      When a SPICE or VNC graphics controller is present, and sound is
      piggybacked over a channel to the graphics device rather than
      directly accessing host hardware, then there is no need to grant
      host hardware access to that qemu process.
      
      * src/qemu/qemu_cgroup.c (qemuSetupCgroup): Prevent sound with
      spice, and with vnc when vnc_allow_host_audio is 0.
      Reported by Daniel Berrange.
      7c6b22c4
  30. 25 2月, 2011 1 次提交
    • E
      audit: add qemu hooks for auditing cgroup events · 6bb98d41
      Eric Blake 提交于
      * src/qemu/qemu_audit.h (qemuDomainCgroupAudit): New prototype.
      * src/qemu/qemu_audit.c (qemuDomainCgroupAudit): Implement it.
      * src/qemu/qemu_driver.c (qemudDomainSaveFlag): Add audit.
      * src/qemu/qemu_cgroup.c (qemuSetupDiskPathAllow)
      (qemuSetupChardevCgroup, qemuSetupHostUsbDeviceCgroup)
      (qemuSetupCgroup, qemuTeardownDiskPathDeny): Likewise.
      6bb98d41