Skip to content

L
libvirt

openeuler / libvirt

通知 3
Star 0
Fork 0
L
libvirt

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

切换分支/标签
  1. 24 6月, 2019 3 次提交
  3. 21 5月, 2019 4 次提交
  5. 15 5月, 2019 5 次提交
  7. 19 6月, 2018 2 次提交
  9. 01 5月, 2018 1 次提交
    • L
      nwfilter: increase pcap buffer size to be compatible with TPACKET_V3 · 13969ca5
      Laine Stump 提交于 
      When an nwfilter rule sets the parameter CTRL_IP_LEARNING to "dhcp",
this turns on the "dhcpsnoop" thread, which uses libpcap to monitor
traffic on the domain's tap device and extract the IP address from the
DHCP response.

If libpcap on the host is built with HAVE_TPACKET3 defined (to enable
support for TPACKET_V3), the dhcpsnoop code's initialization of the
libpcap socket would fail with the following error:

  virNWFilterSnoopDHCPOpen:1134 : internal error: pcap_setfilter: can't remove kernel filter: Bad file descriptor

It turns out that this was because TPACKET_V3 requires a larger buffer
size than libvirt was setting (we were setting it to 128k). Changing
the buffer size to 256k eliminates the error, and the dhcpsnoop thread
once again works properly.

A fuller explanation of why TPACKET_V3 requires such a large buffer,
for future git spelunkers:

libpcap calls setsockopt(... SOL_PACKET, PACKET_RX_RING...) to setup a
ring buffer for receiving packets; two of the attributes sent to this
API are called tp_frame_size, and tp_frame_nr. If libpcap was built
with HAVE_TPACKET3 defined, tp_trame_size is set to MAXIMUM_SNAPLEN
(defined in libpcap sources as 262144) and tp_frame_nr is set to:

 [the buffer size we set, i.e. PCAP_BUFFERSIZE i.e. 262144] / tp_frame_size.

So if PCAP_BUFFERSIZE < MAXIMUM_SNAPLEN, then tp_frame_nr (the number
of frames in the ring buffer) is 0, which is nonsensical. This same
value is later used as a multiplier to determine the size for a call
to malloc() (which would also fail).

(NB: if HAVE_TPACKET3 is *not* defined, then tp_frame_size is set to
the snaplen set by the user (in our case 576) plus a small amount to
account for ethernet headers, so 256k is far more than adequate)

Since the TPACKET_V3 code in libpcap actually reads multiple packets
into each frame, it's not a problem to have only a single frame
(especially when we are monitoring such infrequent traffic), so it's
okay to set this relatively small buffer size (in comparison to the
default, which is 2MB), which is important since every guest using
dhcp snooping in a nwfilter rule will hold 2 of these buffers for the
entire life of the guest.

Thanks to Christian Ehrhardt for discovering that buffer size was the
problem (this was not at all obvious from the error that was logged!)

Resolves: https://bugzilla.redhat.com/1547237
Fixes: https://bugs.launchpad.net/libvirt/+bug/1758037Signed-off-by: NLaine Stump <laine@laine.org>
Reviewed-by: Christian Ehrhardt <christian.ehrhardt@canonical.com> (V1)
Reviewed-by: NJohn Ferlan <jferlan@redhat.com>
Tested-by: NChristian Ehrhardt <christian.ehrhardt@canonical.com>
(cherry picked from commit ce5aebea)
      13969ca5
  11. 05 3月, 2018 1 次提交
    • D
      Release of libvirt 4.1.0 · 6b59754b
      Daniel Veillard 提交于 
      - docs/news.xml : updated for release
- po/*.po*: regenerated

Signed-off-by: Daniel Veillard<veillard@redhat.com>
      6b59754b
  13. 02 3月, 2018 3 次提交
  15. 01 3月, 2018 7 次提交
  17. 28 2月, 2018 5 次提交
    • M
      vshCommandOpt: Do more checking if skipChecks is set · 846d3b58
      Michal Privoznik 提交于 
      Currently if cmd->skipChecks is set (done only from completers)
some basic checks are skipped because we're working over
partially parsed command. See a26ff63a for more detailed
explanation. Anyway, the referenced commit was too aggressive in
disabling checks and effectively returned success even in clear
case of failure. For instance:

  # domif-getlink --interface <TAB><TAB>

causes virshDomainInterfaceCompleter() to be called, which calls
virshDomainGetXML() which eventually calls
vshCommandOptStringReq(.., name = "domain"); The --domain
argument is required for the command and if not present -1 should
be returned to tell the caller the argument was not found. Well,
zero is returned meaning the argument was not found but it's not
required either.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      846d3b58
    • N
      vz: fix ref/unref of domain obj in vzDomainRevertToSnapshot · 98c9c304
      Nikolay Shirokovskiy 提交于 
      Signed-off-by: NNikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
      98c9c304
    • J
      virsh: fixing segfault by pool autocompleter function. · 8fe09a53
      Julio Faracco 提交于 
      The commands which requires a pool to perform any action for a volume is
throwing a segfault when you pass the volume name before a pool name or
without the argument '--pool'.

An example that works:
virsh # vol-list loops-pool
 Name                 Path
-------------------------------------------------------------------
 loop0                /mnt/loop0

virsh # vol-info --pool loops-pool lo<TAB>

An example that does not work:
virsh # vol-list loops-pool
 Name                 Path
-------------------------------------------------------------------
 loop0                /mnt/loop0

virsh # vol-info lo<TAB>
Segmentation Fault

The example 'vol-info' can be executed as 'vol-info loop0 --pool
loops-pool'. So, this commit fixes this problem when the arguments are
inverted and avoids the segfault.
Signed-off-by: NJulio Faracco <jcfaracco@gmail.com>
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
      8fe09a53
    • Z
      qemu: fix memory leak of @vporttype during migration. · f7399de1
      Zhangzijian 提交于 
      12 bytes in 1 blocks are definitely lost in loss record 188 of 1,145
at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
by 0x5D2CD77: xmlStrndup (in /lib/x86_64-linux-gnu/libxml2.so.2.7.8)
by 0x514E137: virXMLPropString (virxml.c:506)
by 0x234F51: qemuMigrationCookieNetworkXMLParse qemu_migration.c:1001)
by 0x235FF8: qemuMigrationCookieXMLParse (qemu_migration.c:1333)
by 0x236214: qemuMigrationCookieXMLParseStr (qemu_migration.c:1372)
by 0x2365D2: qemuMigrationEatCookie (qemu_migration.c:1456)
by 0x243DBA: qemuMigrationFinish (qemu_migration.c:6381)
by 0x204032: qemuDomainMigrateFinish3 (qemu_driver.c:13228)
by 0x521CCBB: virDomainMigrateFinish3 (libvirt-domain.c:4788)
by 0x1936DE: remoteDispatchDomainMigrateFinish3 (remote.c:4580)
by 0x16DBB1: remoteDispatchDomainMigrateFinish3Helper(remote_dispatch.h:7582)
Signed-off-by: NZhangZijian <zhang.zijian@h3c.com>
      f7399de1
    • L
      nwfilter: save error from DHCP snoop thread to report in main thread · 1297db74
      Laine Stump 提交于 
      A problem encountered due to a bug in libpcap was reported to the
caller as:

   An error occurred, but the cause is unknown

This was because the error had been logged in the DHCPSnoop
thread. The worker thread handling the API call to start a domain
spins up the DHCPSnoop thread which watches for dhcp packets with
libpcap, then uses virCondSignal() to notify the worker thread (which
has been waiting with virCondWait()). The worker thread knows that
there was an error (because threadStatus != THREAD_STATUS_OK), but the
error info had been stored in thread-specific storage for the other
thread, so the worker thread can only report that there was a failure,
but it doesn't know why.

The solution is to save the error that was logged (with
virErrorPreserveLast() into the object the is used to share info
between the threads, then we can set the error in the worker thread
using virErrorRestore().

In the case of the error I was looking at, this changed the "unknown"
message into:

    internal error: pcap_setfilter: can't remove kernel filter:
    Bad file descriptor
Signed-off-by: NLaine Stump <laine@laine.org>
      1297db74
  19. 27 2月, 2018 3 次提交
  21. 26 2月, 2018 6 次提交