1. 07 1月, 2013 1 次提交
    • O
      util: Prepare helpers for unpriv_sgio setting · ba72cb12
      Osier Yang 提交于
      "virGetDeviceID" could be used across the sources, but it doesn't
      relate with this series, and could be done later.
      
      * src/util/virutil.h: (Declare virGetDeviceID, and
                             vir{Get,Set}DeviceUnprivSGIO)
      * src/util/virutil.c: (Implement virGetDeviceID and
                             vir{Get,Set}DeviceUnprivSGIO)
      * src/libvirt_private.syms: Export private symbols of upper helpers
      ba72cb12
  2. 05 1月, 2013 3 次提交
  3. 21 12月, 2012 1 次提交
  4. 19 12月, 2012 1 次提交
  5. 18 12月, 2012 2 次提交
    • D
      Add support for <hostdev mode="capabilities"> · aae0fc2a
      Daniel P. Berrange 提交于
      The <hostdev> device type has long had a redundant "mode"
      attribute, which has always been "subsys". This finally
      introduces a new mode "capabilities", which will be used
      by the LXC driver for device assignment. Since container
      based virtualization uses a single kernel, the idea of
      assigning physical PCI devices doesn't make sense. It is
      still reasonable to assign USB devices, but for assigning
      arbitrary nodes in /dev, the new 'capabilities' mode is
      to be used.
      
      The first capability support is 'storage', which is for
      assignment of block devices. Functionally this is really
      pretty similar to the <disk> support. The only difference
      is the device node name is identical in both host and
      container namespaces.
      
          <hostdev mode='capabilities' type='storage'>
            <source>
              <block>/dev/sdf1</block>
            </source>
          </hostdev>
      
      The second capability support is 'misc', which is for
      assignment of character devices. There is no existing
      parallel to this. Again the device node is the same
      inside & outside the container.
      
          <hostdev mode='capabilities' type='misc'>
            <source>
              <char>/dev/input/event3</char>
            </source>
          </hostdev>
      
      The reason for keeping the char & storage devices
      separate in the domain XML, is to mirror the split
      in the node device XML. NB the node device XML does
      not yet report character devices, but that's another
      new patch to come
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      aae0fc2a
    • V
      S390: Fix virSysinfoRead memory corruption · cab938c9
      Viktor Mihajlovski 提交于
      There was a double free issue caused by virSysinfoRead on s390,
      as the same manufacturer string instance was assigned to more
      than one processor record.
      Cleaned up other potential memory issues and restructured the sysinfo
      parsing code by moving repeating patterns into a helper function.
      
      The restructuring made it necessary to conditionally disable
      -Wlogical-op for some older GCC versions, using pragma GCC diagnostic.
      This is a GCC specific pragma, which is acceptable, since we're
      using it to work around a GCC specific bug.
      
      Finally, added a function virSysinfoSetup to configure the sysinfo
      data source files/script during run time, to facilitate writing test
      programs. This function is not published in sysinfo.h and only
      there for testing.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      cab938c9
  6. 12 12月, 2012 5 次提交
  7. 11 12月, 2012 1 次提交
    • L
      util: add VIR_(APPEND|INSERT|DELETE)_ELEMENT · 85b22f52
      Laine Stump 提交于
      I noticed when writing the backend functions for virNetworkUpdate that
      I was repeating the same sequence of memmove, VIR_REALLOC, nXXX-- (and
      messed up the args to memmove at least once), and had seen the same
      sequence in a lot of other places, so I decided to write a few
      utility functions/macros - see the .h file for full documentation.
      
      The intent is to reduce the number of lines of code, but more
      importantly to eliminate the need to check the element size and
      element count arithmetic every time we need to do this (I *always*
      make at least one mistake.)
      
      VIR_INSERT_ELEMENT: insert one element at an arbitrary index within an
        array of objects. The size of each object is determined
        automatically by the macro using sizeof(*array). The new element's
        contents are copied into the inserted space, then the original copy
        of contents are 0'ed out (if everything else was
        successful). Compile-time assignment and size compatibility between
        the array and the new element is guaranteed (see explanation below
        [*])
      
      VIR_INSERT_ELEMENT_COPY: identical to VIR_INSERT_ELEMENT, except that
        the original contents of newelem are not cleared to 0 (i.e. a copy
        is made).
      
      VIR_APPEND_ELEMENT: This is just a special case of VIR_INSERT_ELEMENT
        that "inserts" one past the current last element.
      
      VIR_APPEND_ELEMENT_COPY: identical to VIR_APPEND_ELEMENT, except that
        the original contents of newelem are not cleared to 0 (i.e. a copy
        is made).
      
      VIR_DELETE_ELEMENT: delete one element at an arbitrary index within an
        array of objects. It's assumed that the element being deleted is
        already saved elsewhere (or cleared, if that's what is appropriate).
      
      All five of these macros have an _INPLACE variant, which skips the
      memory re-allocation of the array, assuming that the caller has
      already done it (when inserting) or will do it later (when deleting).
      
      Note that VIR_DELETE_ELEMENT* can return a failure, but only if an
      invalid index is given (index + amount to delete is > current array
      size), so in most cases you can safely ignore the return (that's why
      the helper function virDeleteElementsN isn't declared with
      ATTRIBUTE_RETURN_CHECK). A warning is logged if this ever happens,
      since it is surely a coding error.
      
      [*] One initial problem with the INSERT and APPEND macros was that,
      due to both the array pointer and newelem pointer being cast to void*
      when passing to virInsertElementsN(), any chance of type-checking was
      lost. If we were going to move in newelem with a memmove anyway, we
      would be no worse off for this. However, most current open-coded
      insert/append operations use direct struct assignment to move the new
      element into place (or just populate the new element directly) - thus
      use of the new macros would open a possibility for new usage errors
      that didn't exist before (e.g. accidentally sending &newelemptr rather
      than newelemptr - I actually did this quite a lot in my test
      conversions of existing code).
      
      But thanks to Eric Blake's clever thinking, I was able to modify the
      INSERT and APPEND macros so that they *do* check for both assignment
      and size compatibility of *ptr (an element in the array) and newelem
      (the element being copied into the new position of the array). This is
      done via clever use of the C89-guaranteed fact that the sizeof()
      operator must have *no* side effects (so an assignment inside sizeof()
      is checked for validity, but not actually evaluated), and the fact
      that virInsertElementsN has a "# of new elements" argument that we
      want to always be 1.
      85b22f52
  8. 07 12月, 2012 1 次提交
  9. 06 12月, 2012 1 次提交
    • L
      network: prevent a few invalid configuration combinations · fd54f1de
      Laine Stump 提交于
      This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=767057
      
      It was possible to define a network with <forward mode='bridge'> that
      had both a bridge device and a forward device defined. These two are
      mutually exclusive by definition (if you are using a bridge device,
      then this is a host bridge, and if you have a forward dev defined,
      this is using macvtap). It was also possible to put <ip>, <dns>, and
      <domain> elements in this definition, although those aren't supported
      by the current driver (although it's conceivable that some other
      driver might support that).
      
      The items that are invalid by definition, are now checked in the XML
      parser (since they will definitely *always* be wrong), and the others
      are checked in networkValidate() in the network driver (since, as
      mentioned, it's possible that some other network driver, or even this
      one, could some day support setting those).
      fd54f1de
  10. 05 12月, 2012 1 次提交
  11. 04 12月, 2012 3 次提交
    • D
      Replace polling for active VMs with signalling by drivers · 79b8a569
      Daniel P. Berrange 提交于
      Currently to deal with auto-shutdown libvirtd must periodically
      poll all stateful drivers. Thus sucks because it requires
      acquiring both the driver lock and locks on every single virtual
      machine. Instead pass in a "inhibit" callback to virStateInitialize
      which drivers can invoke whenever they want to inhibit shutdown
      due to existance of active VMs.
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      79b8a569
    • L
      qemu: support live update of an interface's filter · 258fb278
      Laine Stump 提交于
      Since we can't (currently) rely on the ability to provide blanket
      support for all possible network changes by calling the toplevel
      netdev hostside disconnect/connect functions (due to qemu only
      supporting a lockstep between initialization of host side and guest
      side of devices), in order to support live change of an interface's
      nwfilter we need to make a special purpose function to only call the
      nwfilter teardown and setup functions if the filter for an interface
      (or its parameters) changes. The pattern is nearly identical to that
      used to change the bridge that an interface is connected to.
      
      This patch was inspired by a request from Guido Winkelmann
      <guido@sagersystems.de>, who tested an earlier version.
      258fb278
    • S
      nwfilter: utility function virNWFilterVarValueEqual · ab4139a4
      Stefan Berger 提交于
      To detect if an interface's nwfilter has changed, we need to also
      compare the filterparams, which is a hashtable of virNWFilterVarValue.
      virHashEqual can do this nicely, but requires a pointer to a function
      that will compare two of the items being stored in the hashes.
      ab4139a4
  12. 01 12月, 2012 2 次提交
  13. 30 11月, 2012 2 次提交
    • L
      util: new virSocketAddrIsPrivate function · bf402e77
      Laine Stump 提交于
      This new function returns true if the given address is in the range of
      any "private" or "local" networks as defined in RFC1918 (IPv4) or
      RFC3484/RFC4193 (IPv6), otherwise they return false.
      
      These ranges are:
      
         192.168.0.0/16
         172.16.0.0/16
         10.0.0.0/24
         FC00::/7
         FEC0::/10
      bf402e77
    • L
      util: capabilities detection for dnsmasq · 719c2c76
      Laine Stump 提交于
      In order to optionally take advantage of new features in dnsmasq when
      the host's version of dnsmasq supports them, but still be able to run
      on hosts that don't support the new features, we need to be able to
      detect the version of dnsmasq running on the host, and possibly
      determine from the help output what options are in this dnsmasq.
      
      This patch implements a greatly simplified version of the capabilities
      code we already have for qemu. A dnsmasqCaps device can be created and
      populated either from running a program on disk, reading a file with
      the concatenated output of "dnsmasq --version; dnsmasq --help", or
      examining a buffer in memory that contains the concatenated output of
      those two commands. Simple functions to retrieve capabilities flags,
      the version number, and the path of the binary are also included.
      
      bridge_driver.c creates a single dnsmasqCaps object at driver startup,
      and disposes of it at driver shutdown. Any time it must be used, the
      dnsmasqCapsRefresh method is called - it checks the mtime of the
      binary, and re-runs the checks if the binary has changed.
      
      networkxml2argvtest.c creates 2 "artificial" dnsmasqCaps objects at
      startup - one "restricted" (doesn't support --bind-dynamic) and one
      "full" (does support --bind-dynamic). Some of the test cases use one
      and some the other, to make sure both code pathes are tested.
      719c2c76
  14. 28 11月, 2012 3 次提交
  15. 27 11月, 2012 2 次提交
    • H
      qemu: Add support for gluster protocol based network storage backend. · c33c36d2
      Harsh Prateek Bora 提交于
      Qemu accepts gluster protocol as supported storage backend beside others.
      Signed-off-by: NHarsh Prateek Bora <harsh@linux.vnet.ibm.com>
      c33c36d2
    • H
      Add Gluster protocol as supported network disk backend · a2d2b80f
      Harsh Prateek Bora 提交于
      This patch introduces the RNG schema and updates necessary data strucutures
      to allow various hypervisors to make use of Gluster protocol as one of the
      supported network disk backend. Next patch will add support to make use of
      this feature in Qemu since it now supports Gluster protocol as one of the
      network based storage backend.
      
      Two new optional attributes for <host> element are introduced - 'transport'
      and 'socket'. Valid transport values are tcp, unix or rdma. If none specified,
      tcp is assumed. If transport is unix, socket specifies path to unix socket.
      
      This patch allows users to specify disks on gluster backends like this:
      
          <disk type='network' device='disk'>
            <driver name='qemu' type='raw'/>
            <source protocol='gluster' name='Volume1/image'>
              <host name='example.org' port='6000' transport='tcp'/>
            </source>
            <target dev='vda' bus='virtio'/>
          </disk>
      
          <disk type='network' device='disk'>
            <driver name='qemu' type='raw'/>
            <source protocol='gluster' name='Volume2/image'>
              <host transport='unix' socket='/path/to/sock'/>
            </source>
            <target dev='vdb' bus='virtio'/>
          </disk>
      Signed-off-by: NHarsh Prateek Bora <harsh@linux.vnet.ibm.com>
      a2d2b80f
  16. 22 11月, 2012 1 次提交
    • D
      Log an audit message with the LXC init pid · a6158336
      Daniel P. Berrange 提交于
      Currently the LXC driver logs audit messages when a container
      is started or stopped. These audit messages, however, contain
      the PID of the libvirt_lxc supervisor process. To enable
      sysadmins to correlate with audit messages generated by
      processes /inside/ the container, we need to include the
      container init process PID.
      
      We can't do this in the main 'start' audit message, since
      the init PID is not available at that point. Instead we output
      a completely new audit record, that lists both PIDs.
      
      type=VIRT_CONTROL msg=audit(1353433750.071:363): pid=20180 uid=0 auid=501 ses=3 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 msg='virt=lxc op=init vm="busy" uuid=dda7b947-0846-1759-2873-0f375df7d7eb vm-pid=20371 init-pid=20372 exe="/home/berrange/src/virt/libvirt/daemon/.libs/lt-libvirtd" hostname=? addr=? terminal=pts/6 res=success'
      Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
      a6158336
  17. 20 11月, 2012 1 次提交
    • E
      snapshot: make cloning of domain definition easier · 0b5617a6
      Eric Blake 提交于
      Upcoming patches for revert-and-clone branching of snapshots need
      to be able to copy a domain definition; make this step reusable.
      
      * src/conf/domain_conf.h (virDomainDefCopy): New prototype.
      * src/conf/domain_conf.c (virDomainObjCopyPersistentDef): Split...
      (virDomainDefCopy): ...into new function.
      (virDomainObjSetDefTransient): Use it.
      * src/libvirt_private.syms (domain_conf.h): Export it.
      * src/qemu/qemu_driver.c (qemuDomainRevertToSnapshot): Use it.
      0b5617a6
  18. 14 11月, 2012 1 次提交
    • P
      snapshot: qemu: Fix detection of external snapshots when deleting · 30f1bccf
      Peter Krempa 提交于
      This patch adds a helper to determine if snapshots are external and uses
      the helper to fix detection of those in snapshot deletion code.
      
      Snapshots are external if they have an external memory image or if the
      disk locations are external. As mixed snapshots are forbidden for now
      we need to check just one disk to know.
      30f1bccf
  19. 01 11月, 2012 1 次提交
  20. 30 10月, 2012 1 次提交
    • M
      qemu: Report errors from iohelper · 34e8f63a
      Michal Privoznik 提交于
      Currently, we use iohelper when saving/restoring a domain.
      However, if there's some kind of error (like I/O) it is not
      propagated to libvirt. Since it is not qemu who is doing
      the actual write() it will not get error. The iohelper does.
      Therefore we should check for iohelper errors as it makes
      libvirt more user friendly.
      34e8f63a
  21. 29 10月, 2012 1 次提交
    • J
      xml: print uuids in the warning · 0b121614
      Ján Tomko 提交于
      In the XML warning, we print a virsh command line that can be used to
      edit that XML. This patch prints UUIDs if the entity name contains
      special characters (like shell metacharacters, or "--" that would break
      parsing of the XML comment). If the entity doesn't have a UUID, just
      print the virsh command that can be used to edit it.
      0b121614
  22. 27 10月, 2012 3 次提交
    • E
      blockjob: react to active block copy · b3822ed0
      Eric Blake 提交于
      For now, disk migration via block copy job is not implemented in
      libvirt.  But when we do implement it, we have to deal with the
      fact that qemu does not yet provide an easy way to re-start a qemu
      process with mirroring still intact.  Paolo has proposed an idea
      for a persistent dirty bitmap that might make this possible, but
      until that design is complete, it's hard to say what changes
      libvirt would need.  Even something like 'virDomainSave' becomes
      hairy, if you realize the implications that 'virDomainRestore'
      would be stuck with recreating the same mirror layout.
      
      But if we step back and look at the bigger picture, we realize that
      the initial client of live storage migration via disk mirroring is
      oVirt, which always uses transient domains, and that if a transient
      domain is destroyed while a mirror exists, oVirt can easily restart
      the storage migration by creating a new domain that visits just the
      source storage, with no loss in data.
      
      We can make life a lot easier by being cowards for now, forbidding
      certain operations on a domain.  This patch guarantees that we
      never get in a state where we would have to restart a domain with
      a mirroring block copy, by preventing saves, snapshots, migration,
      hot unplug of a disk in use, and conversion to a persistent domain
      (thankfully, it is still relatively easy to 'virsh undefine' a
      running domain to temporarily make it transient, run tests on
      'virsh blockcopy', then 'virsh define' to restore the persistence).
      Later, if the qemu design is enhanced, we can relax our code.
      
      The change to qemudDomainDefine looks a bit odd for undoing an
      assignment, rather than probing up front to avoid the assignment,
      but this is because of how virDomainAssignDef combines both a
      lookup and assignment into a single function call.
      
      * src/conf/domain_conf.h (virDomainHasDiskMirror): New prototype.
      * src/conf/domain_conf.c (virDomainHasDiskMirror): New function.
      * src/libvirt_private.syms (domain_conf.h): Export it.
      * src/qemu/qemu_driver.c (qemuDomainSaveInternal)
      (qemuDomainSnapshotCreateXML, qemuDomainRevertToSnapshot)
      (qemuDomainBlockJobImpl, qemudDomainDefine): Prevent dangerous
      actions while block copy is already in action.
      * src/qemu/qemu_hotplug.c (qemuDomainDetachDiskDevice): Likewise.
      * src/qemu/qemu_migration.c (qemuMigrationIsAllowed): Likewise.
      b3822ed0
    • L
      qemu: fix attach/detach of netdevs with matching mac addrs · def31e4c
      Laine Stump 提交于
      This resolves:
      
         https://bugzilla.redhat.com/show_bug.cgi?id=862515
      
      which describes inconsistencies in dealing with duplicate mac
      addresses on network devices in a domain.
      
      (at any rate, it resolves *almost* everything, and prints out an
      informative error message for the one problem that isn't solved, but
      has a workaround.)
      
      A synopsis of the problems:
      
      1) you can't do a persistent attach-interface of a device with a mac
      address that matches an existing device.
      
      2) you *can* do a live attach-interface of such a device.
      
      3) you *can* directly edit a domain and put in two devices with
      matching mac addresses.
      
      4) When running virsh detach-device (live or config), only MAC address
      is checked when matching the device to remove, so the first device
      with the desired mac address will be removed. This isn't always the
      one that's wanted.
      
      5) when running virsh detach-interface (live or config), the only two
      items that can be specified to match against are mac address and model
      type (virtio, etc) - if multiple netdevs match both of those
      attributes, it again just finds the first one added and assumes that
      is the only match.
      
      Since it is completely valid to have multiple network devices with the
      same MAC address (although it can cause problems in many cases, there
      *are* valid use cases), what is needed is:
      
      1) remove the restriction that prohibits doing a persistent add of a
      netdev with a duplicate mac address.
      
      2) enhance the backend of virDomainDetachDeviceFlags to check for
      something that *is* guaranteed unique (but still work with just mac
      address, as long as it yields only a single results.
      
      This patch does three things:
      
      1) removes the check for duplicate mac address during a persistent
      netdev attach.
      
      2) unifies the searching for both live and config detach of netdevices
      in the subordinate functions of qemuDomainModifyDeviceFlags() to use the
      new function virDomainNetFindIdx (which matches mac address and PCI
      address if available, checking for duplicates if only mac address was
      specified). This function returns -2 if multiple matches are found,
      allowing the callers to print out an appropriate message.
      
      Steps 1 & 2 are enough to fully fix the problem when using virsh
      attach-device and detach-device (which require an XML description of
      the device rather than a bunch of commandline args)
      
      3) modifies the virsh detach-interface command to check for multiple
      matches of mac address and show an error message suggesting use of the
      detach-device command in cases where there are multiple matching mac
      addresses.
      
      Later we should decide how we want to input a PCI address on the virsh
      commandline, and enhance detach-interface to take a --address option,
      eliminating the need to use detach-device
      
      * src/conf/domain_conf.c
      * src/conf/domain_conf.h
      * src/libvirt_private.syms
        * added new virDomainNetFindIdx function
        * removed now unused virDomainNetIndexByMac and
          virDomainNetRemoveByMac
      
      * src/qemu/qemu_driver.c
        * remove check for duplicate max from qemuDomainAttachDeviceConfig
        * use virDomainNetFindIdx/virDomainNetRemove instead
          of virDomainNetRemoveByMac in qemuDomainDetachDeviceConfig
        * use virDomainNetFindIdx instead of virDomainIndexByMac
          in qemuDomainUpdateDeviceConfig
      
      * src/qemu/qemu_hotplug.c
        * use virDomainNetFindIdx instead of a homespun loop in
          qemuDomainDetachNetDevice.
      
      * tools/virsh-domain.c: modified detach-interface command as described
          above
      def31e4c
    • E
      cpustat: fix regression when cpus are offline · 4fbf322f
      Eric Blake 提交于
      It turns out that the cpuacct results properly account for offline
      cpus, and always returns results for every possible cpu, not just
      the online ones.  So there is no need to check the map of online
      cpus in the first place, merely only a need to know the maximum
      possible cpu.  Meanwhile, virNodeGetCPUBitmap had a subtle change
      from returning the maximum id to instead returning the width of
      the bitmap (one larger than the maximum id) in commit 2f4c5338,
      which made this code encounter some off-by-one logic leading to
      bad error messages when a cpu was offline:
      
      $ virsh cpu-stats dom
      error: Failed to virDomainGetCPUStats()
      
      error: An error occurred, but the cause is unknown
      
      Cleaning this up unraveled a chain of other unused variables.
      
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Drop
      pointless check for cpumap changes, and use correct number of
      cpus.  Simplify signature.
      (qemuDomainGetCPUStats): Adjust caller.
      * src/nodeinfo.h (nodeGetCPUCount): New prototype.
      (nodeGetCPUBitmap): Drop unused parameter.
      * src/nodeinfo.c (nodeGetCPUBitmap): Likewise.
      (nodeGetCPUMap): Adjust caller.
      (nodeGetCPUCount): New function.
      * src/libvirt_private.syms (nodeinfo.h): Export it.
      4fbf322f
  23. 26 10月, 2012 2 次提交
    • V
      virNodeGetCPUMap: Implement support function in nodeinfo · d34439c9
      Viktor Mihajlovski 提交于
      Added an implemention of virNodeGetCPUMap to nodeinfo.c,
      (nodeGetCPUMap) which can be used by all drivers for a Linux
      hypervisor host.
      Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
      d34439c9
    • E
      nodeinfo: improve probing node cpu bitmap · 2f4c5338
      Eric Blake 提交于
      Callers should not need to know what the name of the file to
      be read in the Linux-specific version of nodeGetCPUmap;
      furthermore, qemu cares about online cpus, not present cpus,
      when determining which cpus to skip.
      
      While at it, I fixed the fact that we were computing the maximum
      online cpu id by doing a slow iteration, when what we really want
      to know is the max available cpu.
      
      * src/nodeinfo.h (nodeGetCPUmap): Rename...
      (nodeGetCPUBitmap): ...and simplify signature.
      * src/nodeinfo.c (linuxParseCPUmax): New function.
      (linuxParseCPUmap): Simplify and alter signature.
      (nodeGetCPUBitmap): Change implementation.
      * src/libvirt_private.syms (nodeinfo.h): Reflect rename.
      * src/qemu/qemu_driver.c (qemuDomainGetPercpuStats): Update
      caller.
      2f4c5338