- 27 4月, 2013 5 次提交
-
-
由 Laine Stump 提交于
I remembered to document this bit, but somehow forgot to implement it. This adds <driver name='kvm|vfio'/> as a subelement to the <forward> element of a network (this puts it parallel to the match between mode='hostdev' attribute in a network and type='hostdev' in an <interface>). Since it's already documented, only the parser, formatter, backend driver recognition (it just translates/moves the flag into the <interface> at the appropriate time), and a test case were needed. (I used a separate enum for the values both because the original is defined in domain_conf.h, which is unavailable from network_conf.h, and because in the future it's possible that we may want to support other non-hostdev oriented driver names in the network parser; this makes sure that one can be expanded without the other).
-
由 Paolo Bonzini 提交于
<source type='bridge'> uses a helper application to do the necessary TUN/TAP setup to use an existing network bridge, thus letting unprivileged users use TUN/TAP interfaces. However, libvirt should be preventing QEMU from running any setuid programs at all, which would include this helper program. From a security POV, any setuid helper needs to be run by libvirtd itself, not QEMU. This is what this patch does. libvirt now invokes the setuid helper, gets the TAP fd and then passes it to QEMU in the normal manner. The path to the helper is specified in qemu.conf. As a small advantage, this adds a <target dev='tap0'/> element to the XML of an active domain using <interface type='bridge'>. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Paolo Bonzini 提交于
This will be used on a tap file descriptor returned by the bridge helper to populate the <target> element, because the helper does not provide the interface name. Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
-
由 Ján Tomko 提交于
Adjust the usb-none test, since it gives the memballoon a lower PCI slot now. Add a test for 'none' controller on s390, which doesn't have PCI buses.
-
由 Bamvor Jian Zhang 提交于
this patch fix the wrong sequence for fd and timeout register. the sequence was right in dfa1e1dd for fd register, but it changed in e0622ca2. in this patch, set priv, xl_priv in info and increase info->priv ref count before virEventAddHandle. if do this after virEventAddHandle, the fd callback or fd deregister maybe got the empty priv, xl_priv or wrong ref count. after apply this patch, test more than 100 rounds passed compare to fail within 3 rounds without this patch. each round includes define -> start -> destroy -> create -> suspend -> resume -> reboot -> shutdown -> save -> resotre -> dump -> destroy -> create -> setmem -> setvcpus -> destroy. Signed-off-by: NBamvor Jian Zhang <bjzhang@suse.com>
-
- 26 4月, 2013 26 次提交
-
-
由 Laine Stump 提交于
VFIO requires all of the guest's memory and IO space to be lockable in RAM. The domain's max_balloon is the maximum amount of memory the domain can have (in KiB). We add a generous 1GiB to that for IO space (still much better than KVM device assignment, where the KVM module actually *ignores* the process limits and locks everything anyway), and convert from KiB to bytes. In the case of hotplug, we are changing the limit for the already existing qemu process (prlimit() is used under the hood), and for regular commandline additions of vfio devices, we schedule a call to setrlimit() that will happen after the qemu process is forked.
-
由 Laine Stump 提交于
These were previously being set in a custom hook function, but now that virCommand directly supports setting them, we can eliminate that part of the hook and call the APIs directly.
-
由 Laine Stump 提交于
This patch adds two sets of functions: 1) lower level virProcessSet*() functions that will immediately set the RLIMIT_MEMLOCK. RLIMIT_NPROC, or RLIMIT_NOFILE of either the current process (using setrlimit()) or any other process (using prlimit()). "current process" is indicated by passing a 0 for pid. 2) functions for virCommand* that will setup a virCommand object to set those limits at a later time just after it has forked a new process, but before it execs the new program. configure.ac has prlimit and setrlimit added to the list of functions to check for, and the low level functions log an "unsupported" error) on platforms that don't support those functions.
-
由 Daniel P. Berrange 提交于
If a user cgroup name begins with "cgroup.", "_" or with any of the controllers from /proc/cgroups followed by a dot, then they need to be prefixed with a single underscore. eg if there is an object "cpu.service", then this would end up as "_cpu.service" in the cgroup filesystem tree, however, "waldo.service" would stay "waldo.service", at least as long as nobody comes up with a cgroup controller called "waldo". Since we require a '.XXXX' suffix on all partitions, there is no scope for clashing with the kernel 'tasks' and 'release_agent' files. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
If the partition named passed in the XML does not already have a suffix, ensure it gets a '.partition' added to each component. The exceptions are /machine, /user and /system which do not need to have a suffix, since they are fixed partitions at the top level. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Daniel P. Berrange 提交于
Recently we changed to create VM cgroups with the naming pattern $VMNAME.$DRIVER.libvirt. Following discussions with the systemd community it was decided that only having a single '.' in the names is preferrable. So this changes the naming scheme to be $VMNAME.libvirt-$DRIVER. eg for LXC 'mycontainer.libvirt-lxc' or for KVM 'myvm.libvirt-qemu'. Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>
-
由 Stefan Berger 提交于
Add a test case for query-tpm-models QMP command. Signed-off-by: NStefan Berger <stefanb@linux.vnet.ibm.com>
-
由 Eric Blake 提交于
'virsh help | grep nodedev-det' shows only nodedev-detach, but 'virsh help nodedev | grep nodedev-det' also shows the old alias nodedev-dettach that we intentionally hid in commit af3f9aab. See also commit 787f4feb and this bug report: https://bugzilla.redhat.com/show_bug.cgi?id=956966 * tools/virsh.c (vshCmdGrpHelp): Copy suppression of vshCmdHelp. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Laine Stump 提交于
Legacy kvm style pci device assignment requires changes to the labelling of several sysfs files for each device, but for vfio device assignment, the only thing that needs to be relabelled/chowned is the "group" device for the group that contains the device to be assigned.
-
由 Laine Stump 提交于
Given a virPCIDevice, this function returns the path for the device that controls the vfio group the device belongs to, e.g. "/dev/vfio/15".
-
由 Laine Stump 提交于
The virsh nodedev-detach command has a new --driver option. If it's given virsh will attempt to use the new virNodeDeviceDetachFlags API instead of virNodeDeviceDettach. Validation of the driver name string is left to the hypervisor (qemu accepts "kvm" or "vfio". The only other hypervisor that implements these functions is xen, and it only accepts NULL).
-
由 Laine Stump 提交于
This was the only hypervisor driver other than qemu that implemented virNodeDeviceDettach. It doesn't currently support multiple pci device assignment driver backends, but it is simple to plug in this new API, which will make it easier for Xen people to fill it in later when they decide to support VFIO (or whatever other) device assignment. Also it means that management applications will have the same API available to them for both hypervisors on any given version of libvirt. The only acceptable value for driverName in this case is NULL, since there is no alternate, and I'm not willing to pick a name for the default driver used by Xen.
-
由 Laine Stump 提交于
The differences from virNodeDeviceDettach are very minor: 1) Check that the flags are 0. 2) Set the virPCIDevice's stubDriver according to the driverName that is passed in. 3) Call virPCIDeviceDetach with a NULL stubDriver, indicating it should get the name of the stub driver from the virPCIDevice object.
-
由 Laine Stump 提交于
This requires a custom function for remoteNodeDeviceDetachFlags, because it is named *NodeDevice, but it goes through the hypervisor driver rather than nodedevice driver, and so it uses privateData instead of nodeDevicePrivateData. (It has to go through the hypervisor driver, because that is the driver that knows about the backend drivers that will perform the pci device assignment).
-
由 Laine Stump 提交于
The existing virNodeDeviceDettach() assumes that there is only a single PCI device assignment backend driver appropriate for any hypervisor. This is no longer true, as the qemu driver is getting support for PCI device assignment via VFIO. The new API virNodeDeviceDetachFlags adds a driverName arg that should be set to the exact same string set in a domain <hostdev>'s <driver name='x'/> element (i.e. "vfio", "kvm", or NULL for default). It also adds a flags arg for good measure (and because it's possible we may need it when we start dealing with VFIO's "device groups").
-
由 Laine Stump 提交于
If the config for a device has specified <driver name='vfio'/>, "backend" in the pci part of the hostdev object will be set to ..._VFIO. In this case, when creating a virPCIDevice set the stubDriver to "vfio-pci", otherwise set it to "pci-stub". We will rely on the lower levels to report an error if the vfio driver isn't loaded. The detach/attach functions in virpci.c will pay attention to the stubDriver setting in the device, and bind/unbind the appropriate driver when preparing hostdevs for the domain. Note that we don't yet attempt to do anything to mark active any other devices in the same vfio "group" as a single device that is being marked active. We do need to do that, but in order to get basic VFIO functionality testing sooner rather than later, initially we'll just live with more cryptic errors when someone tries to do that.
-
由 Laine Stump 提交于
This can be set when the virPCIDevice is created and placed on a list, then used later when traversing the list to determine which stub driver to bind/unbind for managed devices. The existing Detach and Attach functions' signatures haven't been changed (they still accept a stub driver name in the arg list), but if the arg list has NULL for stub driver and one is available in the device's object, that will be used. (we may later deprecate and remove the arg from those functions).
-
由 Laine Stump 提交于
The device option for vfio-pci is nearly identical to that for pci-assign - only the configfd parameter isn't supported (or needed). Checking for presence of the bootindex parameter is done separately from constructing the commandline, similar to how it is done for pci-assign. This patch contains tests to check for proper commandline construction. It also includes tests for parser-formatter-parser roundtrips (xml2xml), because those tests use the same data files, and would have failed had they been included before now. qemu: xml/args tests for VFIO hostdev and <interface type='hostdev'/> These should be squashed in with the patch that adds commandline handling of vfio (they would fail at any earlier time).
-
由 Laine Stump 提交于
A domain's <interface> or <hostdev>, as well as a <network>'s <forward>, can now have an optional <driver name='kvm|vfio'/> element. As of this patch, there is no functionality behind this new knob - this patch adds support to the domain and network formatter/parser, and to the RNG and documentation. When the backend is added, legacy KVM PCI device assignment will continue to be used when no driver name is specified (or if <driver name='kvm'/> is specified), but if driver name is 'vfio', the new UEFI Secure Boot compatible VFIO device assignment will be used. Note that the parser doesn't automatically insert the current default value of this setting. This is done on purpose because the two possibilities are functionally equivalent from the guest's point of view, and we want to be able to automatically start using vfio as the default (even for existing domains) at some time in the future. This is similar to what was done with the "vhost" driver option in <interface>.
-
由 Laine Stump 提交于
There will soon be other items related to pci hostdevs that need to be in the same part of the hostdevsubsys union as the pci address (which is currently a single member called "pci". This patch replaces the single member named pci with a struct named pci that contains a single member named "addr".
-
由 Laine Stump 提交于
QEMU_CAPS_DEVICE_VFIO_PCI is set if the device named "vfio-pci" is supported in the qemu binary. QEMU_CAPS_VFIO_PCI_BOOTINDEX is set if the vfio-pci device supports the "bootindex" parameter; for some reason, the bootindex parameter wasn't included in early versions of vfio support (qemu 1.4) so we have to check for it separately from vfio itself.
-
由 Eric Blake 提交于
POSIX says that both basename() and dirname() may return static storage (aka they need not be thread-safe); and that they may but not must modify their input argument. Furthermore, <libgen.h> is not available on all platforms. For these reasons, you should never use these functions in a multi-threaded library. Gnulib instead recommends a way to avoid the portability nightmare: gnulib's "dirname.h" provides useful thread-safe counterparts. The obvious dir_name() and base_name() are GPL (because they malloc(), but call exit() on failure) so we can't use them; but the LGPL variants mdir_name() (malloc's or returns NULL) and last_component (always points into the incoming string without modifying it, differing from basename semantics only on corner cases like the empty string that we shouldn't be hitting in the first place) are already in use in libvirt. This finishes the swap over to the safe functions. * cfg.mk (sc_prohibit_libgen): New rule. * src/util/vircgroup.c: Fix offenders. * src/parallels/parallels_storage.c (parallelsPoolAddByDomain): Likewise. * src/parallels/parallels_network.c (parallelsGetBridgedNetInfo): Likewise. * src/node_device/node_device_udev.c (udevProcessSCSIHost) (udevProcessSCSIDevice): Likewise. * src/storage/storage_backend_disk.c (virStorageBackendDiskDeleteVol): Likewise. * src/util/virpci.c (virPCIGetDeviceAddressFromSysfsLink): Likewise. * src/util/virstoragefile.h (_virStorageFileMetadata): Avoid false positive. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Christophe Fergeau 提交于
It was written VIR_DOMAIN_EVENT_ID_PMSuspend
-
由 Christophe Fergeau 提交于
The previous description was a bit confusing.
-
由 Eric Blake 提交于
Jim Fehlig reported on IRC that older gcc/glibc triggers this warning: cc1: warnings being treated as errors qemu/qemu_domain.c: In function 'qemuDomainDefFormatBuf': qemu/qemu_domain.c:1297: error: declaration of 'remove' shadows a global declaration [-Wshadow] /usr/include/stdio.h:157: error: shadowed declaration is here [-Wshadow] make[3]: *** [libvirt_driver_qemu_impl_la-qemu_domain.lo] Error 1 Fix it like we have done in the past (such as commit 2e6322a7). * src/qemu/qemu_domain.c (qemuDomainDefFormatBuf): Avoid shadowing a function name. Signed-off-by: NEric Blake <eblake@redhat.com>
-
由 Ján Tomko 提交于
Use a pair of 'memballoon' tags instead of single 'watchdog' one. Add a few missing colons.
-
- 25 4月, 2013 9 次提交
-
-
由 Ján Tomko 提交于
Reject multiple controllers with the same index, except for USB controllers. Multi-function USB controllers can have the same index.
-
由 Bamvor Jian Zhang 提交于
Signed-off-by: NBamvor Jian Zhang <bjzhang@suse.com>
-
由 Martin Kletzander 提交于
When all usb controllers connected to the same bus have <master startport='x'/> specified, none of them have 'id=usb' assigned and thus qemu fails due to invalid masterport specification (we use 'usb' for that purpose). Adding a check that at least one of the controllers is specified without <master startport='x'/> and in case this happens, error out due to invalid configuration.
-
由 Michal Privoznik 提交于
After 9d6e56db the syntax-check was unhappy due to wrong whitespacing: src/qemu/qemu_command.c:1637: for ( ; a.slot < QEMU_PCI_ADDRESS_SLOT_LAST; a.slot++) { maint.mk: incorrect whitespace around brackets, see HACKING for rules make: *** [bracket-spacing-check] Error 1
-
由 Michal Privoznik 提交于
After 78d7c3c5 we are strdup()-ing path to qemu-bridge-helper. However, the check for its return value is missing. So it is possible we've ignored the OOM error silently.
-
由 Ján Tomko 提交于
Add a "dry run" address allocation to figure out how many bridges will be needed for all the devices without explicit addresses. Auto-add just enough bridges to put all the devices on, or up to the bridge with the largest specified index.
-
由 Ján Tomko 提交于
<controller type='pci' index='0' model='pci-root'/> is auto-added to pc* machine types. Without this controller PCI bus 0 is not available and no PCI addresses are assigned by default. Since older libvirt supported PCI bus 0 even without this controller, it is removed from the XML when migrating.
-
由 liguang 提交于
Signed-off-by: NJán Tomko <jtomko@redhat.com>
-