Hello community, here is the log from the commit of package libvirt for openSUSE:Factory checked in at 2015-07-14 17:44:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libvirt (Old) and /work/SRC/openSUSE:Factory/.libvirt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libvirt" Changes: -------- --- /work/SRC/openSUSE:Factory/libvirt/libvirt.changes 2015-07-05 18:02:46.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libvirt.new/libvirt.changes 2015-07-14 17:45:16.000000000 +0200 @@ -1,0 +2,25 @@ +Fri Jul 10 18:35:27 UTC 2015 - [email protected] + +- libxl: set dom0 state to running + 4ffb21c8-libxl-dom0-state-fix.patch + bsc#937316 +- libxl: support management of dom0 + 45697fe5-libxl-support-dom0.patch + bsc#937316 +- libxl: libxl: fix setting state of virDomainObj + e9c27344-libxl-fix-virDomainObj-state.patch + bsc#934937 + +------------------------------------------------------------------- +Fri Jul 10 13:29:51 UTC 2015 - [email protected] + +- Fixed virt-aa-helper bugs preventing virt-sandbox to work. + 24f3c2f-virt-aa-helper-fix-caps.patch + 61dab0f-virt-aa-helper-renaming.patch + a55a5e7-virt-aa-helper-log.patch + e44bcae-virt-aa-helper-trailing-slash.patch + bsc#936841 +- Fixed crasher due to uninitialized values + qemu-nbd-cleanup-fix.patch bsc#936841 + +------------------------------------------------------------------- New: ---- 24f3c2f-virt-aa-helper-fix-caps.patch 45697fe5-libxl-support-dom0.patch 4ffb21c8-libxl-dom0-state-fix.patch 61dab0f-virt-aa-helper-renaming.patch a55a5e7-virt-aa-helper-log.patch e44bcae-virt-aa-helper-trailing-slash.patch e9c27344-libxl-fix-virDomainObj-state.patch qemu-nbd-cleanup-fix.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libvirt.spec ++++++ --- /var/tmp/diff_new_pack.lnU20k/_old 2015-07-14 17:45:18.000000000 +0200 +++ /var/tmp/diff_new_pack.lnU20k/_new 2015-07-14 17:45:18.000000000 +0200 @@ -446,6 +446,13 @@ Source4: libvirtd-relocation-server.fw Source99: baselibs.conf # Upstream patches +Patch0: e44bcae-virt-aa-helper-trailing-slash.patch +Patch1: a55a5e7-virt-aa-helper-log.patch +Patch2: 61dab0f-virt-aa-helper-renaming.patch +Patch3: 24f3c2f-virt-aa-helper-fix-caps.patch +Patch4: 45697fe5-libxl-support-dom0.patch +Patch5: e9c27344-libxl-fix-virDomainObj-state.patch +Patch6: 4ffb21c8-libxl-dom0-state-fix.patch # Patches pending upstream review # Need to go upstream Patch150: xen-pv-cdrom.patch @@ -466,6 +473,7 @@ Patch208: apparmor-no-mount.patch Patch209: qemu-apparmor-screenshot.patch Patch210: libvirt-suse-netcontrol.patch +Patch211: qemu-nbd-cleanup-fix.patch # SocketUser and SocketGroup settings were added to systemd.socket in # version 214. Patch the setting away in earlier systemd %if 0%{systemd_version} < 214 @@ -976,6 +984,13 @@ %prep %setup -q +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 %patch150 -p1 %patch151 -p1 %patch152 -p1 @@ -992,6 +1007,7 @@ %patch208 -p1 %patch209 -p1 %patch210 -p1 +%patch211 -p1 %if 0%{systemd_version} < 214 %patch300 -p1 %endif ++++++ 24f3c2f-virt-aa-helper-fix-caps.patch ++++++ >From 24f3c2f7e0e196df5539616d03e039344768cd26 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <[email protected]> Date: Thu, 25 Jun 2015 16:08:42 +0200 Subject: [PATCH 4/5] virt-aa-helper: add DomainGuest to mockup caps With commit 3f9868a virt-aa-helper stopped working due to missing DomainGuest in the caps. The test with -c without arch also needs to be removed since the new capabilities code uses the host arch when none is provided. --- src/security/virt-aa-helper.c | 25 ++++++++++++++++++++++++- tests/virt-aa-helper-test | 3 --- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 604fb93..4ce1e7a 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -73,6 +73,7 @@ typedef struct { virDomainDefPtr def; /* VM definition */ virCapsPtr caps; /* VM capabilities */ virDomainXMLOptionPtr xmlopt; /* XML parser data */ + char *virtType; /* type of hypervisor (eg qemu, xen, lxc) */ char *os; /* type of os (eg hvm, xen, exe) */ virArch arch; /* machine architecture */ char *newfile; /* newly added file */ @@ -89,6 +90,7 @@ vahDeinit(vahControl * ctl) virObjectUnref(ctl->caps); virObjectUnref(ctl->xmlopt); VIR_FREE(ctl->files); + VIR_FREE(ctl->virtType); VIR_FREE(ctl->os); VIR_FREE(ctl->newfile); @@ -641,6 +643,7 @@ verify_xpath_context(xmlXPathContextPtr ctxt) /* * Parse the xml we received to fill in the following: + * ctl->virtType * ctl->os * ctl->arch * @@ -668,6 +671,11 @@ caps_mockup(vahControl * ctl, const char *xmlStr) if (verify_xpath_context(ctxt) != 0) goto cleanup; + ctl->virtType = virXPathString("string(./@type)", ctxt); + if (!ctl->virtType) { + vah_error(ctl, 0, _("domain type is not defined")); + goto cleanup; + } ctl->os = virXPathString("string(./os/type[1])", ctxt); if (!ctl->os) { vah_error(ctl, 0, _("os.type is not defined")); @@ -694,7 +702,7 @@ caps_mockup(vahControl * ctl, const char *xmlStr) static int get_definition(vahControl * ctl, const char *xmlStr) { - int rc = -1, ostype; + int rc = -1, ostype, virtType; virCapsGuestPtr guest; /* this is freed when caps is freed */ /* @@ -730,6 +738,21 @@ get_definition(vahControl * ctl, const char *xmlStr) goto exit; } + if ((virtType = virDomainVirtTypeFromString(ctl->virtType)) < 0) { + vah_error(ctl, 0, _("unknown virtualization type")); + goto exit; + } + + if (virCapabilitiesAddGuestDomain(guest, + virtType, + NULL, + NULL, + 0, + NULL) == NULL) { + vah_error(ctl, 0, _("could not allocate memory")); + goto exit; + } + ctl->def = virDomainDefParseString(xmlStr, ctl->caps, ctl->xmlopt, VIR_DOMAIN_DEF_PARSE_INACTIVE); diff --git a/tests/virt-aa-helper-test b/tests/virt-aa-helper-test index 96471ff..caf2f97 100755 --- a/tests/virt-aa-helper-test +++ b/tests/virt-aa-helper-test @@ -194,9 +194,6 @@ testme "1" "-c with malformed xml" "-c -u $valid_uuid" "$test_xml" sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk1,g" -e "s,<type arch='x86_64' machine='pc'>hvm</type>,,g" "$template_xml" > "$test_xml" testme "1" "-c with no os.type" "-c -u $valid_uuid" "$test_xml" -sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk1,g" -e "s,<type arch='x86_64' machine='pc'>hvm</type>,<type>hvm</type>,g" "$template_xml" > "$test_xml" -testme "1" "-c with no architecture" "-c -u $valid_uuid" "$test_xml" - sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk1,g" -e "s,hvm</type>,hvm_invalid</type>,g" "$template_xml" > "$test_xml" testme "1" "-c with invalid hvm" "-c -u $valid_uuid" "$test_xml" -- 2.1.4 ++++++ 45697fe5-libxl-support-dom0.patch ++++++ commit 45697fe545841af46c95c996439ed59ca3a7ef9d Author: Jim Fehlig <[email protected]> Date: Mon Jun 22 11:36:59 2015 -0600 libxl: support dom0 In Xen, dom0 is really just another domain that supports ballooning, adding/removing devices, changing vcpu configuration, etc. This patch adds support to the libxl driver for managing dom0. Note that the legacy xend driver has long supported managing dom0. Operations that are not supported on dom0 are filtered in libvirt where a sensible error is reported. Errors from libxl are not always helpful. E.g., attempting a save on dom0 results in 2015-06-23 15:25:05 MDT libxl: debug: libxl_dom.c:1570:libxl__toolstack_save: domain=0 toolstack data size=8 2015-06-23 15:25:05 MDT libxl: debug: libxl.c:979:do_libxl_domain_suspend: ao 0x7f7e68000b70: inprogress: poller=0x7f7e68000930, flags=i 2015-06-23 15:25:05 MDT libxl-save-helper: debug: starting save: Success 2015-06-23 15:25:05 MDT xc: detail: xc_domain_save_suse: starting save of domid 0 2015-06-23 15:25:05 MDT xc: error: Couldn't map live_shinfo (3 = No such process): Internal error 2015-06-23 15:25:05 MDT xc: detail: Save exit of domid 0 with errno=3 2015-06-23 15:25:05 MDT libxl-save-helper: debug: complete r=1: No such process 2015-06-23 15:25:05 MDT libxl: error: libxl_dom.c:1876:libxl__xc_domain_save_done: saving domain: domain did not respond to suspend request: No such process 2015-06-23 15:25:05 MDT libxl: error: libxl_dom.c:2033:remus_teardown_done: Remus: failed to teardown device for guest with domid 0, rc -8 Signed-off-by: Jim Fehlig <[email protected]> Index: libvirt-1.2.17/src/libxl/libxl_driver.c =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_driver.c +++ libvirt-1.2.17/src/libxl/libxl_driver.c @@ -79,6 +79,15 @@ VIR_LOG_INIT("libxl.libxl_driver"); /* Number of Xen scheduler parameters */ #define XEN_SCHED_CREDIT_NPARAM 2 +#define LIBXL_CHECK_DOM0_GOTO(name, label) \ + do { \ + if (STREQ_NULLABLE(name, "Domain-0")) { \ + virReportError(VIR_ERR_OPERATION_INVALID, "%s", \ + _("Domain-0 does not support requested operation")); \ + goto label; \ + } \ + } while (0) + static libxlDriverPrivatePtr libxl_driver; @@ -501,6 +510,63 @@ const struct libxl_event_hooks ev_hooks }; static int +libxlAddDom0(libxlDriverPrivatePtr driver) +{ + libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); + virDomainDefPtr def = NULL; + virDomainObjPtr vm = NULL; + virDomainDefPtr oldDef = NULL; + libxl_dominfo d_info; + int ret = -1; + + libxl_dominfo_init(&d_info); + + /* Ensure we have a dom0 */ + if (libxl_domain_info(cfg->ctx, &d_info, 0) != 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + "%s", _("unable to get Domain-0 information from libxenlight")); + goto cleanup; + } + + if (!(def = virDomainDefNew())) + goto cleanup; + + def->id = 0; + def->virtType = VIR_DOMAIN_VIRT_XEN; + if (VIR_STRDUP(def->name, "Domain-0") < 0) + goto cleanup; + + def->os.type = VIR_DOMAIN_OSTYPE_XEN; + + if (virUUIDParse("00000000-0000-0000-0000-000000000000", def->uuid) < 0) + goto cleanup; + + if (!(vm = virDomainObjListAdd(driver->domains, def, + driver->xmlopt, + 0, + &oldDef))) + goto cleanup; + + def = NULL; + + vm->def->vcpus = d_info.vcpu_online; + vm->def->maxvcpus = d_info.vcpu_max_id + 1; + vm->def->mem.cur_balloon = d_info.current_memkb; + vm->def->mem.max_balloon = d_info.max_memkb; + + ret = 0; + + cleanup: + libxl_dominfo_dispose(&d_info); + virDomainDefFree(def); + virDomainDefFree(oldDef); + if (vm) + virObjectUnlock(vm); + virObjectUnref(cfg); + return ret; +} + +static int libxlStateInitialize(bool privileged, virStateInhibitCallback callback ATTRIBUTE_UNUSED, void *opaque ATTRIBUTE_UNUSED) @@ -616,6 +682,10 @@ libxlStateInitialize(bool privileged, if (!(libxl_driver->xmlopt = libxlCreateXMLConf())) goto error; + /* Add Domain-0 */ + if (libxlAddDom0(libxl_driver) < 0) + goto error; + /* Load running domains first. */ if (virDomainObjListLoadAllConfigs(libxl_driver->domains, cfg->stateDir, @@ -1030,6 +1100,8 @@ libxlDomainSuspend(virDomainPtr dom) if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainSuspendEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -1086,6 +1158,8 @@ libxlDomainResume(virDomainPtr dom) if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainResumeEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -1147,6 +1221,8 @@ libxlDomainShutdownFlags(virDomainPtr do if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainShutdownFlagsEnsureACL(dom->conn, vm->def, flags) < 0) goto cleanup; @@ -1212,6 +1288,8 @@ libxlDomainReboot(virDomainPtr dom, unsi if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainRebootEnsureACL(dom->conn, vm->def, flags) < 0) goto cleanup; @@ -1254,6 +1332,8 @@ libxlDomainDestroyFlags(virDomainPtr dom if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainDestroyFlagsEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -1656,6 +1736,8 @@ libxlDomainSaveFlags(virDomainPtr dom, c if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainSaveFlagsEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -1782,6 +1864,8 @@ libxlDomainCoreDump(virDomainPtr dom, co if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainCoreDumpEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -1877,6 +1961,8 @@ libxlDomainManagedSave(virDomainPtr dom, if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainManagedSaveEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -4000,6 +4086,8 @@ libxlDomainSetAutostart(virDomainPtr dom if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainSetAutostartEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -4294,6 +4382,8 @@ libxlDomainOpenConsole(virDomainPtr dom, if (!(vm = libxlDomObjFromDomain(dom))) goto cleanup; + LIBXL_CHECK_DOM0_GOTO(vm->def->name, cleanup); + if (virDomainOpenConsoleEnsureACL(dom->conn, vm->def) < 0) goto cleanup; @@ -4817,6 +4907,12 @@ libxlDomainMigrateBegin3Params(virDomain if (!(vm = libxlDomObjFromDomain(domain))) return NULL; + if (STREQ_NULLABLE(vm->def->name, "Domain-0")) { + virReportError(VIR_ERR_OPERATION_INVALID, "%s", + _("Domain-0 cannot be migrated")); + return NULL; + } + if (virDomainMigrateBegin3ParamsEnsureACL(domain->conn, vm->def) < 0) { virObjectUnlock(vm); return NULL; ++++++ 4ffb21c8-libxl-dom0-state-fix.patch ++++++ commit 4ffb21c89a6b9ae2b4bfd2999c24b01433e360a9 Author: Jim Fehlig <[email protected]> Date: Thu Jul 9 15:16:18 2015 -0600 libxl: set dom0 state to running Commit 45697fe5 added dom0 to driver->domains, but missed setting its state to 'running' $ virsh list Id Name State ---------------------------------------------------- 0 Domain-0 shut off Index: libvirt-1.2.17/src/libxl/libxl_driver.c =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_driver.c +++ libvirt-1.2.17/src/libxl/libxl_driver.c @@ -549,6 +549,7 @@ libxlAddDom0(libxlDriverPrivatePtr drive def = NULL; + virDomainObjSetState(vm, VIR_DOMAIN_RUNNING, VIR_DOMAIN_RUNNING_BOOTED); vm->def->vcpus = d_info.vcpu_online; vm->def->maxvcpus = d_info.vcpu_max_id + 1; vm->def->mem.cur_balloon = d_info.current_memkb; ++++++ 61dab0f-virt-aa-helper-renaming.patch ++++++ >From 61dab0f74ef79d034542bb77921e69fbbab3cf41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <[email protected]> Date: Thu, 25 Jun 2015 13:01:40 +0200 Subject: [PATCH 3/5] virt-aa-helper: rename ctl->hvm to ctl->os ctl->hvm contains os.type string value, change the name to reflect it. --- src/security/virt-aa-helper.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index f8a9cf2..604fb93 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -73,7 +73,7 @@ typedef struct { virDomainDefPtr def; /* VM definition */ virCapsPtr caps; /* VM capabilities */ virDomainXMLOptionPtr xmlopt; /* XML parser data */ - char *hvm; /* type of hypervisor (eg hvm, xen) */ + char *os; /* type of os (eg hvm, xen, exe) */ virArch arch; /* machine architecture */ char *newfile; /* newly added file */ bool append; /* append to .files instead of rewrite */ @@ -89,7 +89,7 @@ vahDeinit(vahControl * ctl) virObjectUnref(ctl->caps); virObjectUnref(ctl->xmlopt); VIR_FREE(ctl->files); - VIR_FREE(ctl->hvm); + VIR_FREE(ctl->os); VIR_FREE(ctl->newfile); return 0; @@ -641,7 +641,7 @@ verify_xpath_context(xmlXPathContextPtr ctxt) /* * Parse the xml we received to fill in the following: - * ctl->hvm + * ctl->os * ctl->arch * * These are suitable for setting up a virCapsPtr @@ -668,8 +668,8 @@ caps_mockup(vahControl * ctl, const char *xmlStr) if (verify_xpath_context(ctxt) != 0) goto cleanup; - ctl->hvm = virXPathString("string(./os/type[1])", ctxt); - if (!ctl->hvm) { + ctl->os = virXPathString("string(./os/type[1])", ctxt); + if (!ctl->os) { vah_error(ctl, 0, _("os.type is not defined")); goto cleanup; } @@ -714,7 +714,7 @@ get_definition(vahControl * ctl, const char *xmlStr) goto exit; } - if ((ostype = virDomainOSTypeFromString(ctl->hvm)) < 0) { + if ((ostype = virDomainOSTypeFromString(ctl->os)) < 0) { vah_error(ctl, 0, _("unknown OS type")); goto exit; } -- 2.1.4 ++++++ a55a5e7-virt-aa-helper-log.patch ++++++ >From a55a5e7cfed57223820478da89422756121fb37c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <[email protected]> Date: Thu, 25 Jun 2015 10:36:52 +0200 Subject: [PATCH 2/5] Get more libvirt errors from virt-aa-helper Initializing libvirt log in virt-aa-helper and getting it to output libvirt log to stderr. This will help debugging problems happening in libvirt functions called from within virt-aa-helper --- src/security/security_apparmor.c | 4 ++++ src/security/virt-aa-helper.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c index 4134a17..16b8f87 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -196,6 +196,10 @@ load_profile(virSecurityManagerPtr mgr, } } + virCommandAddEnvFormat(cmd, + "LIBVIRT_LOG_OUTPUTS=%d:stderr", + virLogGetDefaultPriority()); + virCommandSetInputBuffer(cmd, xml); rc = virCommandRun(cmd, NULL); diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 18454c8..f8a9cf2 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -41,6 +41,7 @@ #include "virbuffer.h" #include "viralloc.h" #include "vircommand.h" +#include "virlog.h" #include "security_driver.h" #include "security_apparmor.h" @@ -1272,6 +1273,9 @@ main(int argc, char **argv) exit(EXIT_FAILURE); } + /* Initialize the log system */ + virLogSetFromEnv(); + /* clear the environment */ environ = NULL; if (setenv("PATH", "/sbin:/usr/sbin", 1) != 0) -- 2.1.4 ++++++ e44bcae-virt-aa-helper-trailing-slash.patch ++++++ >From e44bcae9f014946d66fad1164080a4e251197f19 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <[email protected]> Date: Wed, 24 Jun 2015 09:56:04 +0200 Subject: [PATCH 1/5] virt-aa-helper: fix rules for paths with trailing slash Rules generated for a path like '/' were having '//' which isn't correct for apparmor. Make virt-aa-helper smarter to avoid these. --- src/security/virt-aa-helper.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 4440552..18454c8 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -795,6 +795,9 @@ vah_add_path(virBufferPtr buf, const char *path, const char *perms, bool recursi goto cleanup; } + if (tmp[strlen(tmp) - 1] == '/') + tmp[strlen(tmp) - 1] = '\0'; + virBufferAsprintf(buf, " \"%s%s\" %s,\n", tmp, recursive ? "/**" : "", perms); if (readonly) { virBufferAddLit(buf, " # don't audit writes to readonly files\n"); -- 2.1.4 ++++++ e9c27344-libxl-fix-virDomainObj-state.patch ++++++ commit e9c2734441af0065c69fc1317965a6dd6c7f14e3 Author: Jim Fehlig <[email protected]> Date: Tue Jul 7 12:29:24 2015 -0600 libxl: rework setting the state of virDomainObj Set the state of virDomainObj in the functions that actually change the domain state, instead of the generic libxlDomainCleanup function. This approach gives functions calling libxlDomainCleanup more flexibility wrt when and how they change virDomainObj state via virDomainObjSetState. The prior approach of calling virDomainObjSetState in libxlDomainCleanup resulted in the following incorrect coding pattern in the various functions that change domain state libxlDomain<DoStateTransition> call libxl function to do state transition emit lifecycle event libxlDomainCleanup virDomainObjSetState Once simple manifestation of this bug is seeing a domain running in virt-manager after selecting the shutdown button, even after the domain has long shutdown. Index: libvirt-1.2.17/src/libxl/libxl_domain.c =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_domain.c +++ libvirt-1.2.17/src/libxl/libxl_domain.c @@ -397,7 +397,6 @@ libxlDomainShutdownThread(void *opaque) libxlDriverPrivatePtr driver = shutdown_info->driver; virObjectEventPtr dom_event = NULL; libxl_shutdown_reason xl_reason = ev->u.domain_shutdown.shutdown_reason; - virDomainShutoffReason reason = VIR_DOMAIN_SHUTOFF_SHUTDOWN; libxlDriverConfigPtr cfg; cfg = libxlDriverConfigGet(driver); @@ -406,12 +405,14 @@ libxlDomainShutdownThread(void *opaque) goto cleanup; if (xl_reason == LIBXL_SHUTDOWN_REASON_POWEROFF) { + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_SHUTDOWN); + dom_event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN); switch ((virDomainLifecycleAction) vm->def->onPoweroff) { case VIR_DOMAIN_LIFECYCLE_DESTROY: - reason = VIR_DOMAIN_SHUTOFF_SHUTDOWN; goto destroy; case VIR_DOMAIN_LIFECYCLE_RESTART: case VIR_DOMAIN_LIFECYCLE_RESTART_RENAME: @@ -421,12 +422,14 @@ libxlDomainShutdownThread(void *opaque) goto endjob; } } else if (xl_reason == LIBXL_SHUTDOWN_REASON_CRASH) { + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_CRASHED); + dom_event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_CRASHED); switch ((virDomainLifecycleCrashAction) vm->def->onCrash) { case VIR_DOMAIN_LIFECYCLE_CRASH_DESTROY: - reason = VIR_DOMAIN_SHUTOFF_CRASHED; goto destroy; case VIR_DOMAIN_LIFECYCLE_CRASH_RESTART: case VIR_DOMAIN_LIFECYCLE_CRASH_RESTART_RENAME: @@ -442,12 +445,14 @@ libxlDomainShutdownThread(void *opaque) goto restart; } } else if (xl_reason == LIBXL_SHUTDOWN_REASON_REBOOT) { + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_SHUTDOWN); + dom_event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_SHUTDOWN); switch ((virDomainLifecycleAction) vm->def->onReboot) { case VIR_DOMAIN_LIFECYCLE_DESTROY: - reason = VIR_DOMAIN_SHUTOFF_SHUTDOWN; goto destroy; case VIR_DOMAIN_LIFECYCLE_RESTART: case VIR_DOMAIN_LIFECYCLE_RESTART_RENAME: @@ -467,7 +472,7 @@ libxlDomainShutdownThread(void *opaque) dom_event = NULL; } libxlDomainDestroyInternal(driver, vm); - libxlDomainCleanup(driver, vm, reason); + libxlDomainCleanup(driver, vm); if (!vm->persistent) virDomainObjListRemove(driver->domains, vm); @@ -479,7 +484,7 @@ libxlDomainShutdownThread(void *opaque) dom_event = NULL; } libxlDomainDestroyInternal(driver, vm); - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_SHUTDOWN); + libxlDomainCleanup(driver, vm); if (libxlDomainStart(driver, vm, false, -1) < 0) { virErrorPtr err = virGetLastError(); VIR_ERROR(_("Failed to restart VM '%s': %s"), @@ -685,8 +690,7 @@ libxlDomainDestroyInternal(libxlDriverPr */ void libxlDomainCleanup(libxlDriverPrivatePtr driver, - virDomainObjPtr vm, - virDomainShutoffReason reason) + virDomainObjPtr vm) { libxlDomainObjPrivatePtr priv = vm->privateData; libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver); @@ -709,9 +713,6 @@ libxlDomainCleanup(libxlDriverPrivatePtr priv->deathW = NULL; } - if (vm->persistent) - virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, reason); - if (virAtomicIntDecAndTest(&driver->nactive) && driver->inhibitCallback) driver->inhibitCallback(false, driver->inhibitOpaque); Index: libvirt-1.2.17/src/libxl/libxl_domain.h =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_domain.h +++ libvirt-1.2.17/src/libxl/libxl_domain.h @@ -110,8 +110,7 @@ libxlDomainDestroyInternal(libxlDriverPr void libxlDomainCleanup(libxlDriverPrivatePtr driver, - virDomainObjPtr vm, - virDomainShutoffReason reason); + virDomainObjPtr vm); /* * Note: Xen 4.3 removed the const from the event handler signature. Index: libvirt-1.2.17/src/libxl/libxl_driver.c =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_driver.c +++ libvirt-1.2.17/src/libxl/libxl_driver.c @@ -392,7 +392,7 @@ libxlReconnectDomain(virDomainObjPtr vm, return 0; out: - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_UNKNOWN); + libxlDomainCleanup(driver, vm); if (!vm->persistent) virDomainObjListRemoveLocked(driver->domains, vm); else @@ -1346,16 +1346,19 @@ libxlDomainDestroyFlags(virDomainPtr dom goto endjob; } - event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, - VIR_DOMAIN_EVENT_STOPPED_DESTROYED); - if (libxlDomainDestroyInternal(driver, vm) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Failed to destroy domain '%d'"), vm->def->id); goto endjob; } - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_DESTROYED); + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_DESTROYED); + + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, + VIR_DOMAIN_EVENT_STOPPED_DESTROYED); + + libxlDomainCleanup(driver, vm); if (!vm->persistent) virDomainObjListRemove(driver->domains, vm); @@ -1689,6 +1692,9 @@ libxlDoDomainSave(libxlDriverPrivatePtr goto cleanup; } + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_SAVED); + event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_SAVED); @@ -1698,7 +1704,7 @@ libxlDoDomainSave(libxlDriverPrivatePtr goto cleanup; } - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_SAVED); + libxlDomainCleanup(driver, vm); vm->hasManagedSave = true; ret = 0; @@ -1909,7 +1915,9 @@ libxlDomainCoreDump(virDomainPtr dom, co goto unpause; } - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_CRASHED); + libxlDomainCleanup(driver, vm); + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_CRASHED); event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_CRASHED); if (!vm->persistent) Index: libvirt-1.2.17/src/libxl/libxl_migration.c =================================================================== --- libvirt-1.2.17.orig/src/libxl/libxl_migration.c +++ libvirt-1.2.17/src/libxl/libxl_migration.c @@ -585,7 +585,9 @@ libxlDomainMigrationFinish(virConnectPtr cleanup: if (dom == NULL) { libxlDomainDestroyInternal(driver, vm); - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_FAILED); + libxlDomainCleanup(driver, vm); + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_FAILED); event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_FAILED); if (!vm->persistent) @@ -624,7 +626,9 @@ libxlDomainMigrationConfirm(libxlDriverP } libxlDomainDestroyInternal(driver, vm); - libxlDomainCleanup(driver, vm, VIR_DOMAIN_SHUTOFF_MIGRATED); + libxlDomainCleanup(driver, vm); + virDomainObjSetState(vm, VIR_DOMAIN_SHUTOFF, + VIR_DOMAIN_SHUTOFF_MIGRATED); event = virDomainEventLifecycleNewFromObj(vm, VIR_DOMAIN_EVENT_STOPPED, VIR_DOMAIN_EVENT_STOPPED_MIGRATED); ++++++ qemu-nbd-cleanup-fix.patch ++++++ >From 1f17be07e9fbbae6fdba6842546ca86d51f84447 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Bosdonnat?= <[email protected]> Date: Thu, 9 Jul 2015 16:23:08 +0200 Subject: [PATCH 5/5] Fix qemu-nbd cleanup crashes The virLXCControllerAppendNBDPids function didn't properly initialize pids and npids. In case of failure it was crashing when freeing those. The nbd device pid file doesn't appear immediately after starting qemu-nbd: adding a small loop to wait for it. --- src/lxc/lxc_controller.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 828b8a8..78d3eee 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -533,16 +533,31 @@ static int virLXCControllerAppendNBDPids(virLXCControllerPtr ctrl, const char *dev) { char *pidpath = NULL; - pid_t *pids; - size_t npids; + pid_t *pids = NULL; + size_t npids = 0; size_t i; int ret = -1; + size_t loops = 0; pid_t pid; if (!STRPREFIX(dev, "/dev/") || virAsprintf(&pidpath, "/sys/devices/virtual/block/%s/pid", dev + 5) < 0) goto cleanup; + /* Wait for the pid file to appear */ + while (!virFileExists(pidpath)) { + /* wait for 100ms before checking again, but don't do it for ever */ + if (errno == ENOENT && loops < 10) { + usleep(100 * 1000); + loops++; + } else { + virReportSystemError(errno, + _("Cannot check NBD device %s pid"), + dev + 5); + goto cleanup; + } + } + if (virPidFileReadPath(pidpath, &pid) < 0) goto cleanup; -- 2.1.4
