- 11 5月, 2017 4 次提交
-
-
由 Peter Krempa 提交于
The alias would be leaked, since it's not freed on the vm stop path. (cherry picked from commit 8c1fee5f)
-
由 Peter Krempa 提交于
Since the private data structure is not freed upon stopping a VM, the usbaddrs pointer would be leaked: ==15388== 136 (16 direct, 120 indirect) bytes in 1 blocks are definitely lost in loss record 893 of 1,019 ==15388== at 0x4C2CF55: calloc (vg_replace_malloc.c:711) ==15388== by 0x54BF64A: virAlloc (viralloc.c:144) ==15388== by 0x5547588: virDomainUSBAddressSetCreate (domain_addr.c:1608) ==15388== by 0x144D38A2: qemuDomainAssignUSBAddresses (qemu_domain_address.c:2458) ==15388== by 0x144D38A2: qemuDomainAssignAddresses (qemu_domain_address.c:2515) ==15388== by 0x144ED1E3: qemuProcessPrepareDomain (qemu_process.c:5398) ==15388== by 0x144F51FF: qemuProcessStart (qemu_process.c:5979) [...] (cherry picked from commit 3ab802d6)
-
由 Peter Krempa 提交于
Clean the stale data after shutting down the VM. Otherwise the data would be leaked on next VM start. This happens due to the fact that the private data object is not freed on destroy of the VM. (cherry picked from commit 1730cdc6)
-
由 Jiri Denemark 提交于
There is no async job running when a freshly started libvirtd is trying to recover from an interrupted incoming migration. While at it, let's call qemuMigrationResetTLS every time we don't kill the domain. This is not strictly necessary since TLS is not supported when v2 migration protocol is used, but doing so makes more sense. Signed-off-by: NJiri Denemark <jdenemar@redhat.com> (cherry picked from commit 59b28eca)
-
- 06 4月, 2017 1 次提交
-
-
由 Jiri Denemark 提交于
qemuProcessVerifyHypervFeatures is supposed to check whether all requested hyperv features were actually honored by QEMU/KVM. This is done by checking the corresponding CPUID bits reported by the virtual CPU. In other words, it doesn't work for string properties, such as VIR_DOMAIN_HYPERV_VENDOR_ID (there is no CPUID bit we could check). We could theoretically check all 96 bits corresponding to the vendor string, but luckily we don't have to check the feature at all. If QEMU is too old to support hyperv features, the domain won't even start. Otherwise, it is always supported. Without this patch, libvirt refuses to start a domain which contains <features> <hyperv> <vendor_id state='on' value='...'/> </hyperv> </features> reporting internal error: "unknown CPU feature __kvm_hv_vendor_id. This regression was introduced by commit v3.1.0-186-ge9dbe701, which (by fixing the virCPUDataCheckFeature condition in qemuProcessVerifyHypervFeatures) revealed an old bug in the feature verification code. It's been there ever since the verification was implemented by commit v1.3.3-rc1-5-g95bbe4bf, which effectively did not check VIR_DOMAIN_HYPERV_VENDOR_ID at all. https://bugzilla.redhat.com/show_bug.cgi?id=1439424Signed-off-by: NJiri Denemark <jdenemar@redhat.com> (cherry picked from commit ae102b5d)
-
- 27 3月, 2017 3 次提交
-
-
由 Peter Krempa 提交于
For certain kinds of panic notifiers (notably hyper-v) qemu is able to report some data regarding the crash passed from the guest. Make the data accessible to the callback in qemu so that it can be processed further.
-
由 Peter Krempa 提交于
Detect the node names when setting block threshold and when reconnecting or when they are cleared when a block job finishes. This operation will become a no-op once we fully support node names.
-
由 Peter Krempa 提交于
Bind it to qemu's BLOCK_WRITE_THRESHOLD event. Look up the disk by nodename and construct the string to return.
-
- 25 3月, 2017 1 次提交
-
-
由 John Ferlan 提交于
If the migration flags indicate this migration will be using TLS, then set up the destination during the prepare phase once the target domain has been started to add the TLS objects to perform the migration. This will create at least an "-object tls-creds-x509,endpoint=server,..." for TLS credentials and potentially an "-object secret,..." to handle the passphrase response to access the TLS credentials. The alias/id used for the TLS objects will contain "libvirt_migrate". Once the objects are created, the code will set the "tls-creds" and "tls-hostname" migration parameters to signify usage of TLS. During the Finish phase we'll be sure to attempt to clear the migration parameters and delete those objects (whether or not they were created). We'll also perform the same reset during recovery if we've reached FINISH3. If the migration isn't using TLS, then be sure to check if the migration parameters exist and clear them if so.
-
- 20 3月, 2017 1 次提交
-
-
由 Jiri Denemark 提交于
Calling virCPUUpdateLive on a domain with no guest CPU configuration does not make sense. Especially when doing so would crash libvirtd. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 17 3月, 2017 7 次提交
-
-
由 Jiri Denemark 提交于
When starting a domain with custom guest CPU specification QEMU may add or remove some CPU features. There are several reasons for this, e.g., QEMU/KVM does not support some requested features or the definition of the requested CPU model in libvirt's cpu_map.xml differs from the one QEMU is using. We can't really avoid this because CPU models are allowed to change with machine types and libvirt doesn't know (and probably doesn't even want to know) about such changes. Thus when we want to make sure guest ABI doesn't change when a domain gets migrated to another host, we need to update our live CPU definition according to the CPU QEMU created. Once updated, we will change CPU checking to VIR_CPU_CHECK_FULL to make sure the virtual CPU created after migration exactly matches the one on the source. https://bugzilla.redhat.com/show_bug.cgi?id=822148 https://bugzilla.redhat.com/show_bug.cgi?id=824989Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
qemuMonitorGetGuestCPU can now optionally create CPU data from filtered-features in addition to feature-words. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
The checks are now in a dedicated qemuProcessVerifyCPUFeatures function. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
The checks are now in a dedicated qemuProcessVerifyKVMFeatures function. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
The checks are now in a dedicated qemuProcessVerifyHypervFeatures function. In addition to moving the code this patch also fixes a few bugs: the original code was leaking cpuFeature and the return value of virCPUDataCheckFeature was not checked properly. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Jiri Denemark 提交于
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 16 3月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
There were couple of reports on the list (e.g. [1]) that guests with huge amounts of RAM are unable to start because libvirt kills qemu in the initialization phase. The problem is that if guest is configured to use hugepages kernel has to zero them all out before handing over to qemu process. For instance, 402GiB worth of 1GiB pages took around 105 seconds (~3.8GiB/s). Since we do not want to make the timeout for connecting to monitor configurable, we have to teach libvirt to count with this fact. This commit implements "1s per each 1GiB of RAM" approach as suggested here [2]. 1: https://www.redhat.com/archives/libvir-list/2017-March/msg00373.html 2: https://www.redhat.com/archives/libvir-list/2017-March/msg00405.htmlSigned-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 10 3月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1430634 If a qemu process has died, we get EOF on its monitor. At this point, since qemu process was the only one running in the namespace kernel has already cleaned the namespace up. Any attempt of ours to enter it has to fail. This really happened in the bug linked above. We've tried to attach a disk to qemu and while we were in the monitor talking to qemu it just died. Therefore our code tried to do some roll back (e.g. deny the device in cgroups again, restore labels, etc.). However, during the roll back (esp. when restoring labels) we still thought that domain has a namespace. So we used secdriver's transactions. This failed as there is no namespace to enter. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 08 3月, 2017 1 次提交
-
-
由 Pavel Hrdina 提交于
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1430258Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 06 3月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
Now that we have some qemuSecurity wrappers over virSecurityManager APIs, lets make sure everybody sticks with them. We have them for a reason and calling virSecurityManager API directly instead of wrapper may lead into accidentally labelling a file on the host instead of namespace. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 04 3月, 2017 1 次提交
-
-
由 Jiri Denemark 提交于
Querying "host" CPU model expansion only makes sense for KVM. QEMU 2.9.0 introduces a new "max" CPU model which can be used to ask QEMU what the best CPU it can provide to a TCG domain is. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
- 24 2月, 2017 3 次提交
-
-
由 Michal Privoznik 提交于
After eca76884 in case of error in qemuDomainSetPrivatePaths() in pretended start we jump to stop. I've changed this during review from 'cleanup' which turned out to be correct. Well, sort of. We can't call qemuProcessStop() as it decrements driver->nactive and we did not increment it. However, it calls virDomainObjRemoveTransientDef() which is basically the only function we need to call. So call that function and goto cleanup; Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Jiri Denemark 提交于
The new API is called virCPUDataFree. Individual CPU drivers are no longer required to implement their own freeing function unless they need to free architecture specific data from virCPUData. Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
-
由 Pavel Hrdina 提交于
The port is stored in graphics configuration and it will also get released in qemuProcessStop in case of error. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1397440Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 23 2月, 2017 1 次提交
-
-
由 Marc Hartmayer 提交于
Fix incorrect jump labels in error paths as the stop jump is only needed if the driver has already changed the state. For example 'virAtomicIntInc(&driver->nactive)' will be 'reverted' in the qemuProcessStop call. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com> Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 21 2月, 2017 6 次提交
-
-
由 Marc Hartmayer 提交于
The functions in virCommand() after fork() must be careful with regard to accessing any mutexes that may have been locked by other threads in the parent process. It is possible that another thread in the parent process holds the lock for the virQEMUDriver while fork() is called. This leads to a deadlock in the child process when 'virQEMUDriverGetConfig(driver)' is called and therefore the handshake never completes between the child and the parent process. Ultimately the virDomainObjectPtr will never be unlocked. It gets much worse if the other thread of the parent process, that holds the lock for the virQEMUDriver, tries to lock the already locked virDomainObject. This leads to a completely unresponsive libvirtd. It's possible to reproduce this case with calling 'virsh start XXX' and 'virsh managedsave XXX' in a tight loop for multiple domains. This commit fixes the deadlock in the same way as it is described in commit 61b52d2e. Signed-off-by: NMarc Hartmayer <mhartmay@linux.vnet.ibm.com> Reviewed-by: NBoris Fiuczynski <fiuczy@linux.vnet.ibm.com>
-
由 Martin Kletzander 提交于
Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Martin Kletzander 提交于
With that users could access files outside /dev/shm. That itself isn't a security problem, but might cause some errors we want to avoid. So let's forbid slashes as we do with domain and volume names and also mention that in the schema. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1395496Signed-off-by: NMartin Kletzander <mkletzan@redhat.com>
-
由 Pavel Hrdina 提交于
The situation covered by the removed code will not ever happen. This code is called only while starting a new QEMU process where the capabilities where already checked and while attaching to existing QEMU process where we don't even detect the iothreads. Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
由 Pavel Hrdina 提交于
Signed-off-by: NPavel Hrdina <phrdina@redhat.com>
-
- 16 2月, 2017 1 次提交
-
- 09 2月, 2017 1 次提交
-
-
由 Jaroslav Safka 提交于
Rename to avoid duplicate code. Because virDomainMemoryAccess will be used in memorybacking for setting default behaviour. NOTE: The enum cannot be moved to qemu/domain_conf because of headers dependency
-
- 17 1月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
https://bugzilla.redhat.com/show_bug.cgi?id=1413922 While all the code that deals with qemu namespaces correctly detects whether we are running as root (and turn into NO-OP for qemu:///session) the actual unshare() call is not guarded with such check. Therefore any attempt to start a domain under qemu:///session shall fail as unshare() is reserved for root. The fix consists of moving unshare() call (for which we have a wrapper called virProcessSetupPrivateMountNS) into qemuDomainBuildNamespace() where the proper check is performed. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com> Tested-by: NRichard W.M. Jones <rjones@redhat.com>
-
- 10 1月, 2017 1 次提交
-
-
由 Michal Privoznik 提交于
After previous commits, this function is no longer needed. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
- 05 1月, 2017 2 次提交
-
-
由 Michal Privoznik 提交于
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-
由 Wangjing (King, Euler) 提交于
If we restart libvirtd while VM was doing external memory snapshot, VM's state be updated to paused as a result of running a migration-to-file operation, and then VM will be left as paused state. In this case we must restart the VM's CPUs to resume it. Signed-off-by: NWang King <king.wang@huawei.com>
-
- 15 12月, 2016 2 次提交
-
-
由 Peter Krempa 提交于
After qemu delivers the resume event it's already running and thus it's too late to enter lockspaces since it may already have modified the disk. The code only creates false log entries in the case when locking is enabled. The lockspace needs to be acquired prior to starting cpus.
-
由 Michal Privoznik 提交于
Instead of trying to fix our security drivers, we can use a simple trick to relabel paths in both namespace and the host. I mean, if we enter the namespace some paths are still shared with the host so any change done to them is visible from the host too. Therefore, we can just enter the namespace and call SetAllLabel()/RestoreAllLabel() from there. Yes, it has slight overhead because we have to fork in order to enter the namespace. But on the other hand, no complexity is added to our code. Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
-