Re: [libvirt] [PATCH] add migration APIs to libxl driver
---
src/libxl/libxl_conf.h |4 +
src/libxl/libxl_driver.c | 641
++
src/libxl/libxl_driver.h |5 +
3 files changed, 650 insertions(+), 0 deletions(-)
diff --git a/src/libxl/libxl_conf.h b/src/libxl/libxl_conf.h
index 8ba0ee4..2041cc2 100644
--- a/src/libxl/libxl_conf.h
+++ b/src/libxl/libxl_conf.h
@@ -41,6 +41,9 @@
# define LIBXL_VNC_PORT_MIN 5900
# define LIBXL_VNC_PORT_MAX 65535
+# define LIBXL_MIGRATION_PORT_MIN 49152
+# define LIBXL_MIGRATION_PORT_MAX 49216
+
there is a overlap between vnc and migration port. althrought, it will try
next port in virPortAllocatorAcquire after bind fail.
# define LIBXL_CONFIG_DIR SYSCONFDIR /libvirt/libxl
# define LIBXL_AUTOSTART_DIR LIBXL_CONFIG_DIR /autostart
# define LIBXL_STATE_DIR LOCALSTATEDIR /run/libvirt/libxl
@@ -109,6 +112,7 @@ struct _libxlDriverPrivate {
/* Immutable pointer, self-locking APIs */
virPortAllocatorPtr reservedVNCPorts;
+virPortAllocatorPtr reservedMigPorts;
/* Immutable pointer, lockless APIs*/
virSysinfoDefPtr hostsysinfo;
diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c
index e2a6d44..93b7153 100644
--- a/src/libxl/libxl_driver.c
+++ b/src/libxl/libxl_driver.c
@@ -32,6 +32,12 @@
#include libxl_utils.h
#include fcntl.h
#include regex.h
+#include stdlib.h
+#include string.h
+#include sys/types.h
+#include sys/socket.h
+#include arpa/inet.h
+#include netdb.h
#include internal.h
#include virlog.h
@@ -52,6 +58,7 @@
#include virsysinfo.h
#include viraccessapicheck.h
#include viratomic.h
+#include rpc/virnetsocket.h
#define VIR_FROM_THIS VIR_FROM_LIBXL
@@ -69,6 +76,20 @@
static libxlDriverPrivatePtr libxl_driver = NULL;
+typedef struct _libxlMigrateReceiveArgs {
+virConnectPtr conn;
+virDomainObjPtr vm;
+
+/* for freeing listen sockets */
+virNetSocketPtr *socks;
+size_t nsocks;
+} libxlMigrateReceiveArgs;
+
+static const char libxlMigrateReceiverReady[]=
+libvirt libxl migration receiver ready, send binary domain data;
+static const char libxlMigrateReceiverFinish[]=
+domain received, ready to unpause;
+
/* Function declarations */
static int
libxlDomainManagedSaveLoad(virDomainObjPtr vm,
@@ -836,6 +857,12 @@ libxlStateInitialize(bool privileged,
LIBXL_VNC_PORT_MAX)))
goto error;
+/* Allocate bitmap for migration port reservation */
+if (!(libxl_driver-reservedMigPorts =
+ virPortAllocatorNew(LIBXL_MIGRATION_PORT_MIN,
+ LIBXL_MIGRATION_PORT_MAX)))
+goto error;
+
if (!(libxl_driver-domains = virDomainObjListNew()))
goto error;
@@ -4175,11 +4202,620 @@ libxlConnectSupportsFeature(virConnectPtr conn,
int feature)
switch (feature) {
case VIR_DRV_FEATURE_TYPED_PARAM_STRING:
return 1;
+case VIR_DRV_FEATURE_MIGRATION_V3:
+return 1;
default:
return 0;
}
}
+static int
+libxlCheckMessageBanner(int fd, const char *banner, int banner_sz)
+{
+char buf[banner_sz];
+int ret = 0;
+
+do {
+ret = saferead(fd, buf, banner_sz);
+} while (ret == -1 errno == EAGAIN);
+
+if (ret != banner_sz || memcmp(buf, banner, banner_sz)) {
+return -1;
+}
+
+return 0;
+}
+
+static char *
+libxlDomainMigrateBegin3(virDomainPtr domain,
+ const char *xmlin,
+ char **cookieout ATTRIBUTE_UNUSED,
+ int *cookieoutlen ATTRIBUTE_UNUSED,
+ unsigned long flags,
+ const char *dname ATTRIBUTE_UNUSED,
+ unsigned long resource ATTRIBUTE_UNUSED)
+{
+libxlDriverPrivatePtr driver = domain-conn-privateData;
+libxlDriverConfigPtr cfg = libxlDriverConfigGet(driver);
+virDomainObjPtr vm;
+virDomainDefPtr def = NULL;
+char *xml = NULL;
+
+virCheckFlags(LIBXL_MIGRATION_FLAGS, NULL);
+
+vm = virDomainObjListFindByUUID(driver-domains, domain-uuid);
+if (!vm) {
+char uuidstr[VIR_UUID_STRING_BUFLEN];
+virUUIDFormat(domain-uuid, uuidstr);
+virReportError(VIR_ERR_OPERATION_INVALID,
+ _(no domain with matching uuid '%s'), uuidstr);
+goto cleanup;
+}
libxlDomObjFromDomain is introduced in commit 0d87fd0aa by Jim.
+
+if (!virDomainObjIsActive(vm)) {
+virReportError(VIR_ERR_OPERATION_INVALID, %s,
+ _(domain is not running));
+goto cleanup;
+}
+
+if (virDomainMigrateBegin3EnsureACL(domain-conn, vm-def) 0)
+goto cleanup;
+
+if (xmlin) {
+if (!(def =
[libvirt] [PATCH] fix a ambiguous output of the command:'virsh vol-create-as'
I created a storage volume(eg: test) from a storage pool(eg:vg10) using
the following command:virsh vol-create-as --pool vg10 --name test --capacity
300M.
When I re-executed the above command, the output was as the following:
error: Failed to create vol test
error: Storage volume not found: storage vol 'test' already exists
I think the output Storage volume not found is not appropriate. Because in
fact storage
vol test has been found at this time. And then I think virErrorNumber should
includes
VIR_ERR_STORAGE_EXIST which can also be used elsewhere. So I make this patch.
The result
is as following:
error: Failed to create vol test
error: storage volume 'test' exists already
---
include/libvirt/virterror.h |1 +
src/storage/storage_driver.c |4 ++--
src/util/virerror.c |6 ++
3 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/include/libvirt/virterror.h b/include/libvirt/virterror.h
index c1960c8..28ef30a 100644
--- a/include/libvirt/virterror.h
+++ b/include/libvirt/virterror.h
@@ -296,6 +296,7 @@ typedef enum {
VIR_ERR_ACCESS_DENIED = 88, /* operation on the object/resource
was denied */
VIR_ERR_DBUS_SERVICE = 89, /* error from a dbus service */
+VIR_ERR_STORAGE_EXIST = 90, /* the storage vol already exist */
} virErrorNumber;
/**
diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
index 6c39284..aa5a144 100644
--- a/src/storage/storage_driver.c
+++ b/src/storage/storage_driver.c
@@ -1538,8 +1538,8 @@ storageVolCreateXML(virStoragePoolPtr obj,
goto cleanup;
if (virStorageVolDefFindByName(pool, voldef-name)) {
-virReportError(VIR_ERR_NO_STORAGE_VOL,
- _(storage vol '%s' already exists), voldef-name);
+virReportError(VIR_ERR_STORAGE_EXIST,
+ _('%s'), voldef-name);
goto cleanup;
}
diff --git a/src/util/virerror.c b/src/util/virerror.c
index ca25678..35bb017 100644
--- a/src/util/virerror.c
+++ b/src/util/virerror.c
@@ -1004,6 +1004,12 @@ virErrorMsg(virErrorNumber error, const char *info)
else
errmsg = _(Storage volume not found: %s);
break;
+case VIR_ERR_STORAGE_EXIST:
+if (info == NULL)
+errmsg = _(this storage volume exists already);
+else
+errmsg = _(storage volume %s exists already);
+break;
case VIR_ERR_STORAGE_PROBE_FAILED:
if (info == NULL)
errmsg = _(Storage pool probe failed);
--
1.7.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Openvswitch support question
Hi all. I'm using vs witch and libvirt 1.2. I'm write vswitch controller and want to react on up/down port in virtual switch. All fork fine, but message sent to controller does not contain Mac address of added interface. Does this libvirt problem or this is only vswitch error? -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] qemu, numa: non-contiguous cpusets
On Sun, Sep 29, 2013 at 05:10:44PM +0200, Borislav Petkov wrote: Btw, while I got your attention, on a not-really related topic: how do we feel about adding support for specifying a non-contiguous set of cpus for a numa node in qemu with the -numa option? I.e., like this, for example: x86_64-softmmu/qemu-system-x86_64 -smp 8 -numa node,nodeid=0,cpus=0\;2\;4-5 -numa node,nodeid=1,cpus=1\;3\;6-7 The ';' needs to be escaped from the shell but I'm open for better suggestions. Use a ':' instead. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH]lxc: goto cleanup if lxcContainerBuildInitCmd returns NULL
From: Chen Hanxiao chenhanx...@cn.fujitsu.com
We should goto cleanup directly
if lxcContainerBuildInitCmd returns NULL,
which would avoid lots of unnecessary works.
Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com
---
src/lxc/lxc_container.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 3fdf397..f03f236 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1820,7 +1820,10 @@ static int lxcContainerChild(void *data)
if ((hasReboot = lxcContainerHasReboot()) 0)
goto cleanup;
-cmd = lxcContainerBuildInitCmd(vmDef);
+if (!(cmd = lxcContainerBuildInitCmd(vmDef))) {
+VIR_DEBUG(Failed to build init cmd for container);
+goto cleanup;
+}
virCommandWriteArgLog(cmd, 1);
if (lxcContainerSetID(vmDef) 0)
--
1.8.2.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Openvswitch support question
On 30.09.2013 10:08, Vasiliy Tolstov wrote: Hi all. I'm using vs witch and libvirt 1.2. I'm write vswitch controller and want to react on up/down port in virtual switch. All fork fine, but message sent to controller does not contain Mac address of added interface. Does this libvirt problem or this is only vswitch error? From the code I think we do send the interface's MAC: http://libvirt.org/git/?p=libvirt.git;a=blob;f=src/util/virnetdevopenvswitch.c;h=daa2bfa2af99a724ef9238d16127c85cedffa5a1;hb=HEAD#l132 (the @attachedmac_ex_id variable contains mac - see line 69). But maybe I've misunderstood the question. Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]lxc: do cleanup when failed to bind fs as read-only
On Sun, Sep 29, 2013 at 06:36:24PM +0800, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com We forgot to 'goto cleanup' when lxcContainerMountFSTmpfs failed to bind fs as read-only. Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index c60f5d8..3fdf397 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1451,6 +1451,7 @@ static int lxcContainerMountFSTmpfs(virDomainFSDefPtr fs, virReportSystemError(errno, _(Failed to make directory %s readonly), fs-dst); +goto cleanup; Indentation is not right here Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] storage: use btrfs file clone ioctl when possible
On Mon, Sep 30, 2013 at 01:21:18AM +0300, Oskari Saarenmaa wrote: On Fri, Sep 27, 2013 at 03:19:06PM +0100, Daniel P. Berrange wrote: On Fri, Sep 27, 2013 at 05:02:53PM +0300, Oskari Saarenmaa wrote: Btrfs provides a copy-on-write clone ioctl so let's try to use it instead of copying files block by block. The ioctl is executed unconditionally if it's available and we fall back to block copying if it fails, similarly to cp --reflink=auto. Currently the virStorageVolCreateXMLFrom method does a full allocation of storage when cloning volumes. This means applications can rely on the image having enough space when clone completes and won't get ENOSPC in the VM. AFAICT, this change to do copy-on-write changes the API to do thin provisioning of the storage during clone, so any future write on either the new or old volume may generate ENOSPC when btrfs finally copies the sector. I don't think this is a good thing. I think applications should have to explicitly request copy-on-write behaviour for the clone so they know the implications. That's a good point. However, it looks like this change would only change the behavior for the old volumes; new volumes are always created sparsely and they may already get ENOSPC on write if they contained zero blocks. This should probably be fixed by calling fallocate instead of lseek when noticing empty blocks (safezero should probably be used instead, but it's currently rather unsafe if posix_fallocate isn't available.) I was wondering if we could reuse the allocation and capacity fields to decide whether or not to try to do a cow-clone (or sparse allocation of the cloned bits)? Currently a cloned volume's allocation is always set to at least the original volume's capacity and the original client-requested allocation value is not passed on to the code doing the cloning, but we could pass it on and allow copy-on-write clones if allocation is set to zero (no space is guaranteed to be available for writing) and also change sparse cloning to only happen if allocation is lower than capacity. I think just having a VIR_STORAGE_VOL_CLONE_COPY_ON_WRITE flag for the API would suffice. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]lxc: goto cleanup if lxcContainerBuildInitCmd returns NULL
On Mon, Sep 30, 2013 at 04:20:14PM +0800, Chen Hanxiao wrote:
From: Chen Hanxiao chenhanx...@cn.fujitsu.com
We should goto cleanup directly
if lxcContainerBuildInitCmd returns NULL,
which would avoid lots of unnecessary works.
Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com
---
src/lxc/lxc_container.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 3fdf397..f03f236 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1820,7 +1820,10 @@ static int lxcContainerChild(void *data)
if ((hasReboot = lxcContainerHasReboot()) 0)
goto cleanup;
-cmd = lxcContainerBuildInitCmd(vmDef);
+if (!(cmd = lxcContainerBuildInitCmd(vmDef))) {
+VIR_DEBUG(Failed to build init cmd for container);
+goto cleanup;
+}
virCommandWriteArgLog(cmd, 1);
This is not required - the virCommand APIs are designed to handle
NULL for cmd - they do delayed error reporting.
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Openvswitch support question
On Sep 30, 2013 12:32 PM, Michal Privoznik mpriv...@redhat.com wrote: On 30.09.2013 10:08, Vasiliy Tolstov wrote: Hi all. I'm using vs witch and libvirt 1.2. I'm write vswitch controller and want to react on up/down port in virtual switch. All fork fine, but message sent to controller does not contain Mac address of added interface. Does this libvirt problem or this is only vswitch error? From the code I think we do send the interface's MAC: http://libvirt.org/git/?p=libvirt.git;a=blob;f=src/util/virnetdevopenvswitch.c;h=daa2bfa2af99a724ef9238d16127c85cedffa5a1;hb=HEAD#l132 (the @attachedmac_ex_id variable contains mac - see line 69). But maybe I've misunderstood the question. Michal Thanks, Michal. Yes as see that libvirt send mac. I'm try to ask now in vswitch list. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] qemu, numa: non-contiguous cpusets
Il 29/09/2013 17:10, Borislav Petkov ha scritto:
Btw,
while I got your attention, on a not-really related topic: how do we
feel about adding support for specifying a non-contiguous set of cpus
for a numa node in qemu with the -numa option? I.e., like this, for
example:
x86_64-softmmu/qemu-system-x86_64 -smp 8 -numa node,nodeid=0,cpus=0\;2\;4-5
-numa node,nodeid=1,cpus=1\;3\;6-7
I think there are already patches on the list to do that, as part of the
NUMA memory binding series from Wanlong Gao.
Paolo
The ';' needs to be escaped from the shell but I'm open for better
suggestions.
Here's a diff:
---
diff --git a/vl.c b/vl.c
index 4e709d5c1c20..82a6c8451fb0 100644
--- a/vl.c
+++ b/vl.c
@@ -1261,9 +1261,27 @@ char *get_boot_devices_list(size_t *size)
return list;
}
+static int __numa_set_cpus(unsigned long *map, int start, int end)
+{
+if (end = MAX_CPUMASK_BITS) {
+end = MAX_CPUMASK_BITS - 1;
+fprintf(stderr,
+qemu: NUMA: A max of %d VCPUs are supported\n,
+ MAX_CPUMASK_BITS);
+return -EINVAL;
+}
+
+if (end start) {
+return -EINVAL;
+}
+
+bitmap_set(map, start, end-start+1);
+return 0;
+}
+
static void numa_node_parse_cpus(int nodenr, const char *cpus)
{
-char *endptr;
+char *endptr, *ptr = (char *)cpus;
unsigned long long value, endvalue;
/* Empty CPU range strings will be considered valid, they will simply
@@ -1273,7 +1291,8 @@ static void numa_node_parse_cpus(int nodenr, const char
*cpus)
return;
}
-if (parse_uint(cpus, value, endptr, 10) 0) {
+fromthetop:
+if (parse_uint(ptr, value, endptr, 10) 0) {
goto error;
}
if (*endptr == '-') {
@@ -1282,22 +1301,22 @@ static void numa_node_parse_cpus(int nodenr, const
char *cpus)
}
} else if (*endptr == '\0') {
endvalue = value;
-} else {
-goto error;
-}
+} else if (*endptr == ';') {
+ if (__numa_set_cpus(node_cpumask[nodenr], value, value) 0) {
+ goto error;
+ }
+ endptr++;
+if (*endptr == '\0')
+ return;
-if (endvalue = MAX_CPUMASK_BITS) {
-endvalue = MAX_CPUMASK_BITS - 1;
-fprintf(stderr,
-qemu: NUMA: A max of %d VCPUs are supported\n,
- MAX_CPUMASK_BITS);
-}
+ ptr = endptr;
-if (endvalue value) {
+ goto fromthetop;
+} else {
goto error;
}
-bitmap_set(node_cpumask[nodenr], value, endvalue-value+1);
+__numa_set_cpus(node_cpumask[nodenr], value, endvalue);
return;
error:
--
Thanks.
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v2]lxc: do cleanup when failed to bind fs as read-only
From: Chen Hanxiao chenhanx...@cn.fujitsu.com We forgot to do cleanup when lxcContainerMountFSTmpfs failed to bind fs as read-only. v2: fix an indentation issue Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index c60f5d8..b1f429c 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1451,6 +1451,7 @@ static int lxcContainerMountFSTmpfs(virDomainFSDefPtr fs, virReportSystemError(errno, _(Failed to make directory %s readonly), fs-dst); +goto cleanup; } } -- 1.8.2.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]lxc: do cleanup when failed to bind fs as read-only
-Original Message- From: Daniel P. Berrange [mailto:berra...@redhat.com] Sent: Monday, September 30, 2013 4:45 PM To: Chen Hanxiao Cc: libvir-list@redhat.com Subject: Re: [libvirt] [PATCH]lxc: do cleanup when failed to bind fs as read-only On Sun, Sep 29, 2013 at 06:36:24PM +0800, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com We forgot to 'goto cleanup' when lxcContainerMountFSTmpfs failed to bind fs as read-only. Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index c60f5d8..3fdf397 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1451,6 +1451,7 @@ static int lxcContainerMountFSTmpfs(virDomainFSDefPtr fs, virReportSystemError(errno, _(Failed to make directory %s readonly), fs-dst); +goto cleanup; Indentation is not right here Oops... v2 will come soon Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]lxc: goto cleanup if lxcContainerBuildInitCmd returns NULL
-Original Message-
From: Daniel P. Berrange [mailto:berra...@redhat.com]
Sent: Monday, September 30, 2013 4:51 PM
To: Chen Hanxiao
Cc: libvir-list@redhat.com
Subject: Re: [libvirt] [PATCH]lxc: goto cleanup if lxcContainerBuildInitCmd
returns NULL
On Mon, Sep 30, 2013 at 04:20:14PM +0800, Chen Hanxiao wrote:
From: Chen Hanxiao chenhanx...@cn.fujitsu.com
We should goto cleanup directly
if lxcContainerBuildInitCmd returns NULL,
which would avoid lots of unnecessary works.
Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com
---
src/lxc/lxc_container.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 3fdf397..f03f236 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1820,7 +1820,10 @@ static int lxcContainerChild(void *data)
if ((hasReboot = lxcContainerHasReboot()) 0)
goto cleanup;
-cmd = lxcContainerBuildInitCmd(vmDef);
+if (!(cmd = lxcContainerBuildInitCmd(vmDef))) {
+VIR_DEBUG(Failed to build init cmd for container);
+goto cleanup;
+}
virCommandWriteArgLog(cmd, 1);
This is not required - the virCommand APIs are designed to handle
NULL for cmd - they do delayed error reporting.
Thanks, I see.
I just don't want lxcContainerChild to have finished all preparation
and then find nothing to do due to an OOM occurred :)
Daniel
--
|: http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o-
http://virt-manager.org :|
|: http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/2] python: Report nodeinfo's memory in KiB
The python binding to virNodeGetInfo API has this awful bug. The
amount of RAM the node has is reported in MiB instead of KiB as
we have documented in the struct virNodeInfo description. The
problem is, after we obtain the nodeinfo the amount is shifted
left ten times (divided by 1024).
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
python/libvirt-override.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index e659bae..3069013 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -2843,7 +2843,7 @@ libvirt_virNodeGetInfo(PyObject *self ATTRIBUTE_UNUSED,
PyObject *args) {
return VIR_PY_NONE;
py_retval = PyList_New(8);
PyList_SetItem(py_retval, 0, libvirt_constcharPtrWrap(info.model[0]));
-PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory 10));
+PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory));
PyList_SetItem(py_retval, 2, libvirt_intWrap((int) info.cpus));
PyList_SetItem(py_retval, 3, libvirt_intWrap((int) info.mhz));
PyList_SetItem(py_retval, 4, libvirt_intWrap((int) info.nodes));
--
1.8.1.5
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/2] python: Document virNodeGetInfo bug
The memory size in virNodeGetInfo python API binding is reported in MiB instead of KiB (like we have in C struct). However, there already might be applications out there relying on this inconsistence so we can't simply fix it. Document this sad fact as known bug. Signed-off-by: Michal Privoznik mpriv...@redhat.com --- python/libvirt-override-api.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/libvirt-override-api.xml b/python/libvirt-override-api.xml index 1bceb05..337d0a0 100644 --- a/python/libvirt-override-api.xml +++ b/python/libvirt-override-api.xml @@ -100,7 +100,7 @@ arg name='flags' type='unsigned int' info='flags, currently unused, pass 0.'/ /function function name='virNodeGetInfo' file='python' - infoExtract hardware information about the Node./info + infoExtract hardware information about the Node. Note that the memory size is reported in MiB instead of KiB./info return type='char *' info='the list of information or None in case of error'/ arg name='conn' type='virConnectPtr' info='pointer to the hypervisor connection'/ /function -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 0/2] Python virNodeGetInfo mess
I'm proposing two contradictionary patches to fix the issue. Long story short, libvirt is mangling the memory size in pythong API binding where the size is reported in MiB instead of KiB: https://www.redhat.com/archives/libvirt-users/2013-September/msg00187.html Which approach do you like better? Michal Privoznik (2): python: Report nodeinfo's memory in KiB python: Document virNodeGetInfo bug python/libvirt-override-api.xml | 2 +- python/libvirt-override.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/2] python: Report nodeinfo's memory in KiB
On Mon, Sep 30, 2013 at 11:30:11AM +0200, Michal Privoznik wrote:
The python binding to virNodeGetInfo API has this awful bug. The
amount of RAM the node has is reported in MiB instead of KiB as
we have documented in the struct virNodeInfo description. The
problem is, after we obtain the nodeinfo the amount is shifted
left ten times (divided by 1024).
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
python/libvirt-override.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index e659bae..3069013 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -2843,7 +2843,7 @@ libvirt_virNodeGetInfo(PyObject *self ATTRIBUTE_UNUSED,
PyObject *args) {
return VIR_PY_NONE;
py_retval = PyList_New(8);
PyList_SetItem(py_retval, 0, libvirt_constcharPtrWrap(info.model[0]));
-PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory 10));
+PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory));
PyList_SetItem(py_retval, 2, libvirt_intWrap((int) info.cpus));
PyList_SetItem(py_retval, 3, libvirt_intWrap((int) info.mhz));
PyList_SetItem(py_retval, 4, libvirt_intWrap((int) info.nodes));
NACK, this is a clear backwards compat problem that will break *every*
application using this API
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] genprotocol.pl: Fix code on FreeBSD too
On Fri, Sep 27, 2013 at 04:39:21PM +0200, Michal Privoznik wrote:
On some systems (linux, cygwin and freebsd) rpcgen generates files which
when compiling produces this warning:
remote/remote_protocol.c: In function 'xdr_remote_node_get_cpu_stats_ret':
remote/remote_protocol.c:530: warning: dereferencing type-punned pointer will
break strict-aliasing rules [-Wstrict-aliasing]
Hence, on those systems we need to post-process the files by
the rpc/genprotocol.pl perl script. At the beginning of the script the
OS is detected via $^O perl variable. On FreeBSD it contains 'freebsd'
string and not 'gnukfreebsd' as is currently there:
http://perldoc.perl.org/perlport.html#PLATFORMS
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
src/rpc/genprotocol.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/genprotocol.pl b/src/rpc/genprotocol.pl
index 4f8b6c4..abd40fd 100755
--- a/src/rpc/genprotocol.pl
+++ b/src/rpc/genprotocol.pl
@@ -43,7 +43,7 @@ open RPCGEN, -|, $rpcgen, $mode, $xdrdef
open TARGET, $target
or die cannot create $target: $!;
-my $fixup = $^O eq linux || $^O eq cygwin || $^O eq gnukfreebsd;
+my $fixup = $^O eq linux || $^O eq cygwin || $^O eq freebsd;
NAK. As Daniel pointed out the above refers to GNU/kFreeBSD and should
be kept and freebsd just added.
Cheers,
-- Guido
if ($mode eq -c) {
print TARGET #include config.h\n;
--
1.8.1.5
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/2] python: Document virNodeGetInfo bug
On Mon, Sep 30, 2013 at 11:30:12AM +0200, Michal Privoznik wrote: The memory size in virNodeGetInfo python API binding is reported in MiB instead of KiB (like we have in C struct). However, there already might be applications out there relying on this inconsistence so we can't simply fix it. Document this sad fact as known bug. Signed-off-by: Michal Privoznik mpriv...@redhat.com --- python/libvirt-override-api.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/libvirt-override-api.xml b/python/libvirt-override-api.xml index 1bceb05..337d0a0 100644 --- a/python/libvirt-override-api.xml +++ b/python/libvirt-override-api.xml @@ -100,7 +100,7 @@ arg name='flags' type='unsigned int' info='flags, currently unused, pass 0.'/ /function function name='virNodeGetInfo' file='python' - infoExtract hardware information about the Node./info + infoExtract hardware information about the Node. Note that the memory size is reported in MiB instead of KiB./info return type='char *' info='the list of information or None in case of error'/ arg name='conn' type='virConnectPtr' info='pointer to the hypervisor connection'/ /function ACK Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] genprotocol.pl: Fix code on FreeBSD too
On Fri, Sep 27, 2013 at 04:55:39PM +0200, Michal Privoznik wrote:
On some systems (linux, cygwin and gnukfreebsd) rpcgen generates files
which when compiling produces this warning:
remote/remote_protocol.c: In function 'xdr_remote_node_get_cpu_stats_ret':
remote/remote_protocol.c:530: warning: dereferencing type-punned pointer will
break strict-aliasing rules [-Wstrict-aliasing]
Hence, on those systems we need to post-process the files by the
rpc/genprotocol.pl perl script. At the beginning of the script the OS is
detected via $^O perl variable. From my latest build on FreeBSD I see we
need to fix the code there too. On FreeBSD the variable contains
'freebsd' string:
http://perldoc.perl.org/perlport.html#PLATFORMS
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
src/rpc/genprotocol.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/genprotocol.pl b/src/rpc/genprotocol.pl
index 4f8b6c4..6e6d6d4 100755
--- a/src/rpc/genprotocol.pl
+++ b/src/rpc/genprotocol.pl
@@ -43,7 +43,7 @@ open RPCGEN, -|, $rpcgen, $mode, $xdrdef
open TARGET, $target
or die cannot create $target: $!;
-my $fixup = $^O eq linux || $^O eq cygwin || $^O eq gnukfreebsd;
+my $fixup = $^O eq linux || $^O eq cygwin || $^O eq gnukfreebsd || $^O
eq freebsd;
if ($mode eq -c) {
print TARGET #include config.h\n;
ACK.
-- Guido
--
1.8.1.5
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/2] python: Report nodeinfo's memory in KiB
On 30.09.2013 11:37, Daniel P. Berrange wrote:
On Mon, Sep 30, 2013 at 11:30:11AM +0200, Michal Privoznik wrote:
The python binding to virNodeGetInfo API has this awful bug. The
amount of RAM the node has is reported in MiB instead of KiB as
we have documented in the struct virNodeInfo description. The
problem is, after we obtain the nodeinfo the amount is shifted
left ten times (divided by 1024).
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
python/libvirt-override.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index e659bae..3069013 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -2843,7 +2843,7 @@ libvirt_virNodeGetInfo(PyObject *self
ATTRIBUTE_UNUSED, PyObject *args) {
return VIR_PY_NONE;
py_retval = PyList_New(8);
PyList_SetItem(py_retval, 0, libvirt_constcharPtrWrap(info.model[0]));
-PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory
10));
+PyList_SetItem(py_retval, 1, libvirt_longWrap((long) info.memory));
PyList_SetItem(py_retval, 2, libvirt_intWrap((int) info.cpus));
PyList_SetItem(py_retval, 3, libvirt_intWrap((int) info.mhz));
PyList_SetItem(py_retval, 4, libvirt_intWrap((int) info.nodes));
NACK, this is a clear backwards compat problem that will break *every*
application using this API
Yeah, I've posted the patch just for completeness-sake while in fact
preferring the 2/2.
Michal
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/2] python: Document virNodeGetInfo bug
On 30.09.2013 11:38, Daniel P. Berrange wrote: On Mon, Sep 30, 2013 at 11:30:12AM +0200, Michal Privoznik wrote: The memory size in virNodeGetInfo python API binding is reported in MiB instead of KiB (like we have in C struct). However, there already might be applications out there relying on this inconsistence so we can't simply fix it. Document this sad fact as known bug. Signed-off-by: Michal Privoznik mpriv...@redhat.com --- python/libvirt-override-api.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/python/libvirt-override-api.xml b/python/libvirt-override-api.xml index 1bceb05..337d0a0 100644 --- a/python/libvirt-override-api.xml +++ b/python/libvirt-override-api.xml @@ -100,7 +100,7 @@ arg name='flags' type='unsigned int' info='flags, currently unused, pass 0.'/ /function function name='virNodeGetInfo' file='python' - infoExtract hardware information about the Node./info + infoExtract hardware information about the Node. Note that the memory size is reported in MiB instead of KiB./info return type='char *' info='the list of information or None in case of error'/ arg name='conn' type='virConnectPtr' info='pointer to the hypervisor connection'/ /function ACK Thanks, I've pushed this patch even though we're in freeze as it's just a documentation fix - so it won't break anything [Famous Last Words (TM)] Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] qemu, numa: non-contiguous cpusets
On Mon, Sep 30, 2013 at 11:05:10AM +0200, Paolo Bonzini wrote: I think there are already patches on the list to do that, as part of the NUMA memory binding series from Wanlong Gao. Yeah: https://lists.gnu.org/archive/html/qemu-devel/2013-09/msg02833.html Although I don't see from it how the syntax for -cpus will look like from that QAPI magic except that it is an + '*cpus': ['uint16'], :-) Thanks. -- Regards/Gruss, Boris. Sent from a fat crate under my desk. Formatting is fine. -- -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] qemu: process: Silence coverity warning when rewinding log file
The change in ef29de14c37d14abc546e90555a0093797facfdd that introduced better error logging from qemu introduced a warning from coverity about unused return value from lseek. Silence this warning and fix typo in the corresponding error message. Reported by: John Ferlan --- src/qemu/qemu_process.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index d7be731..7a30a5e 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -1845,10 +1845,10 @@ cleanup: } len = strlen(buf); -/* best effor seek - we need to reset to the original position, so that +/* best effort seek - we need to reset to the original position, so that * a possible read of the fd in the monitor code doesn't influence this * error delivery option */ -lseek(logfd, pos, SEEK_SET); +ignore_value(lseek(logfd, pos, SEEK_SET)); qemuProcessReadLog(logfd, buf + len, buf_size - len - 1, 0, true); virReportError(VIR_ERR_INTERNAL_ERROR, _(process exited while connecting to monitor: %s), -- 1.8.3.2 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] virfile: safezero: align mmap offset to page size
mmap's offset must be aligned to page size or mapping will fail.
mmap-based safezero is only used if posix_fallocate isn't available.
Signed-off-by: Oskari Saarenmaa o...@ohmu.fi
---
src/util/virfile.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/util/virfile.c b/src/util/virfile.c
index 20ca89f..16f8101 100644
--- a/src/util/virfile.c
+++ b/src/util/virfile.c
@@ -1038,9 +1038,16 @@ safezero(int fd, off_t offset, off_t len)
int
safezero(int fd, off_t offset, off_t len)
{
+static long pagemask = 0;
+off_t map_skip;
int r;
char *buf;
+/* align offset and length, rounding offset down and length up */
+if (pagemask == 0)
+pagemask = ~(sysconf(_SC_PAGESIZE) - 1);
+map_skip = offset - (offset pagemask);
+
/* memset wants the mmap'ed file to be present on disk so create a
* sparse file
*/
@@ -1048,12 +1055,13 @@ safezero(int fd, off_t offset, off_t len)
if (r 0)
return -1;
-buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, offset);
+buf = mmap(NULL, len + map_skip, PROT_READ | PROT_WRITE, MAP_SHARED,
+ fd, offset - map_skip);
if (buf == MAP_FAILED)
return -1;
-memset(buf, 0, len);
-munmap(buf, len);
+memset(buf + map_skip, 0, len);
+munmap(buf, len + map_skip);
return 0;
}
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] libvirt: hostdev SCSI AdapterId retrieval fix
Fixed the retrieval of the AdapterId from the AdapterName of the
hostdev source so it does return an error instead of leaving the
adapter_id uninitialized.
Signed-off-by: Boris Fiuczynski fiu...@linux.vnet.ibm.com
Reviewed-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com
---
src/util/virscsi.c | 17 +++--
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/src/util/virscsi.c b/src/util/virscsi.c
index 43658c0..7aca9e6 100644
--- a/src/util/virscsi.c
+++ b/src/util/virscsi.c
@@ -88,16 +88,13 @@ static int
virSCSIDeviceGetAdapterId(const char *adapter,
unsigned int *adapter_id)
{
-if (STRPREFIX(adapter, scsi_host)) {
-if (virStrToLong_ui(adapter + strlen(scsi_host),
-NULL, 0, adapter_id) 0) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
- _(Cannot parse adapter '%s'), adapter);
-return -1;
-}
-}
-
-return 0;
+if (STRPREFIX(adapter, scsi_host)
+virStrToLong_ui(adapter + strlen(scsi_host),
+NULL, 0, adapter_id) == 0)
+return 0;
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(Cannot parse adapter '%s'), adapter);
+return -1;
}
char *
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: process: Silence coverity warning when rewinding log file
On 09/30/2013 06:01 AM, Peter Krempa wrote: The change in ef29de14c37d14abc546e90555a0093797facfdd that introduced better error logging from qemu introduced a warning from coverity about unused return value from lseek. Silence this warning and fix typo in the corresponding error message. Reported by: John Ferlan --- src/qemu/qemu_process.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK John -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu: process: Silence coverity warning when rewinding log file
On 09/30/13 13:20, John Ferlan wrote: On 09/30/2013 06:01 AM, Peter Krempa wrote: The change in ef29de14c37d14abc546e90555a0093797facfdd that introduced better error logging from qemu introduced a warning from coverity about unused return value from lseek. Silence this warning and fix typo in the corresponding error message. Reported by: John Ferlan --- src/qemu/qemu_process.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK Pushed; Thanks. Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [sandbox PATCH] virt-sandbox patch to launch containers with proper label
On Wed, Sep 25, 2013 at 04:50:23PM -0400, Dan Walsh wrote:
virt-sandbox should be launching containers based off the lxc_context
file from selinux-policy. I changed the hard coded paths to match the
latest fedora assigned labels.
Fedora 20 SELinux Policy and beyond will have proper SELinux labels in its
lxc_contexts file.
---
bin/virt-sandbox-service | 2 +-
bin/virt-sandbox-service-clone.pod| 5 ++-
bin/virt-sandbox-service-create.pod | 7 ++--
bin/virt-sandbox.c| 5 ++-
libvirt-sandbox/libvirt-sandbox-builder.c | 58
+--
5 files changed, 55 insertions(+), 22 deletions(-)
diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service
index c4c4f54..b42fe08 100755
--- a/bin/virt-sandbox-service
+++ b/bin/virt-sandbox-service
@@ -101,7 +101,7 @@ def copydirtree(src, dst):
class Container:
DEFAULT_PATH = /var/lib/libvirt/filesystems
DEFAULT_IMAGE = /var/lib/libvirt/images/%s.raw
-SELINUX_FILE_TYPE = svirt_lxc_file_t
+SELINUX_FILE_TYPE = svirt_sandbox_file_t
This change will make it impossible to use the new release on existing
distros since they won't have this new policy type. We need this to be
conditionally changed.
diff --git a/libvirt-sandbox/libvirt-sandbox-builder.c
b/libvirt-sandbox/libvirt-sandbox-builder.c
index 1335042..613161a 100644
--- a/libvirt-sandbox/libvirt-sandbox-builder.c
+++ b/libvirt-sandbox/libvirt-sandbox-builder.c
@@ -67,6 +67,48 @@ gvir_sandbox_builder_error_quark(void)
{
return g_quark_from_static_string(gvir-sandbox-builder);
}
+#include selinux/selinux.h
+#include errno.h
+static char line[1024];
+
+static const char *get_label(int type) {
+const char *path = selinux_lxc_contexts_path();
+
+FILE *fp = fopen(path, r);
+if (fp) {
+GType gt = gvir_config_domain_virt_type_get_type ();
+GEnumClass *cls = g_type_class_ref (gt);
+GEnumValue *val = g_enum_get_value (cls, type);
+
+while (val fgets(line, sizeof line, fp)) {
+int len = strlen(line);
+if (len 2)
+continue;
+if (line[len-1] == '\n')
+line[len-1] = '\0';
+char *name = line;
+char *value = strchr(name, '=');
+if (!value)
+continue;
+*value = '\0';
+value++;
+if (strcmp(name,val-value_nick))
+continue;
+return value;
+}
+fclose(fp);
I'm not sure I really understand what this code is doing. You seem to
be opening /etc/selinux/targetted/context/lxc_contexts and then searching
for the type for LXC, QEMU or KVM. This doesn't really make sense to me.
I wonder what the point of any of this code us, when the switch statement
below looks to be sufficient.
+}
+
+switch (type) {
+case GVIR_CONFIG_DOMAIN_VIRT_KVM:
+return system_u:system_r:svirt_qemu_net_t:s0;
This should be 'svirt_kvm_net_t' otherwise you are granting the
KVM process permission to use execmem execstack, which is
bad from a security POV.
+case GVIR_CONFIG_DOMAIN_VIRT_QEMU:
+return system_u:system_r:svirt_qemu_net_t:s0;
This again looks like it might have back compat problems, if we
try to use this on old policy based systems. Though those hosts
were already broken due to svirt_t type not allowing sufficient
privileges, so perhaps its ok.
+case GVIR_CONFIG_DOMAIN_VIRT_LXC:
+default:
+return system_u:system_r:svirt_lxc_net_t:s0;
The default case should report an error - we shouldn't assume that
if we add usermode linux or vmware support, that it'll want this
lxc type.
+}
+}
static gboolean gvir_sandbox_builder_construct_domain(GVirSandboxBuilder
*builder,
GVirSandboxConfig
*config,
@@ -335,17 +377,11 @@ static gboolean
gvir_sandbox_builder_construct_security(GVirSandboxBuilder *buil
if (gvir_sandbox_config_get_security_dynamic(config)) {
gvir_config_domain_seclabel_set_type(sec,
GVIR_CONFIG_DOMAIN_SECLABEL_DYNAMIC);
-if (label)
-gvir_config_domain_seclabel_set_baselabel(sec, label);
-else if (gvir_config_domain_get_virt_type(domain) ==
- GVIR_CONFIG_DOMAIN_VIRT_LXC)
-gvir_config_domain_seclabel_set_baselabel(sec,
system_u:system_r:svirt_lxc_net_t:s0);
-else if (gvir_config_domain_get_virt_type(domain) ==
- GVIR_CONFIG_DOMAIN_VIRT_QEMU)
-gvir_config_domain_seclabel_set_baselabel(sec,
system_u:system_r:svirt_tcg_t:s0);
-else if (gvir_config_domain_get_virt_type(domain) ==
- GVIR_CONFIG_DOMAIN_VIRT_KVM)
-gvir_config_domain_seclabel_set_baselabel(sec,
system_u:system_r:svirt_t:s0);
+if
Re: [libvirt] [PATCHv2 3/5] qemu: Add support for paravirtual spinlocks in the guest
On 09/26/13 10:59, Peter Krempa wrote: The linux kernel recently added support for paravirtual spinlock handling to avoid performance regressions on overcomitted hosts. This feature needs to be turned in the hypervisor so that the guest OS is notified about the possible support. This patch adds a new feature paravirt-spinlock to the XML and supporting code to enable the kvm_pv_unhalt pseudoCPU feature in qemu. https://bugzilla.redhat.com/show_bug.cgi?id=1008989 --- QEMU upstream has now pulled the patches adding this feature: http://git.qemu.org/?p=qemu.git;a=commit;h=f010bc643a2759e87e989c3e4e85f15ec71ae98f Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 1/2] Introduce Libvirt Wireshark dissector
2013/9/20 Daniel P. Berrange berra...@redhat.com:
On Thu, Sep 19, 2013 at 11:26:08PM +0900, Yuto KAWAMURA(kawamuray) wrote:
diff --git a/tools/wireshark/src/moduleinfo.h
b/tools/wireshark/src/moduleinfo.h
new file mode 100644
index 000..9ab642c
--- /dev/null
+++ b/tools/wireshark/src/moduleinfo.h
@@ -0,0 +1,37 @@
+/* moduleinfo.h --- Define constants about wireshark plugin module
...
+
+/* Included *after* config.h, in order to re-define these macros */
+
+#ifdef PACKAGE
+# undef PACKAGE
+#endif
+
+/* Name of package */
+#define PACKAGE libvirt
Huh ? PACKAGE will already be defined to 'libvirt' so why are
you redefining it.
+
+
+#ifdef VERSION
+# undef VERSION
+#endif
+
+/* Version number of package */
+#define VERSION 0.0.1
This means the wireshark plugin will have a fixed version, even
when libvirt protocol changes in new releases. This seems bogus.
Again I think we should just use the existing defined VERSION.
I think this whole file can just go away completely
Right. I'll remove whole moduleinfo.h.
diff --git a/tools/wireshark/src/packet-libvirt.c
b/tools/wireshark/src/packet-libvirt.c
new file mode 100644
index 000..cd3e6ce
--- /dev/null
+++ b/tools/wireshark/src/packet-libvirt.c
+static gboolean
+dissect_xdr_bytes(tvbuff_t *tvb, proto_tree *tree, XDR *xdrs, int hf,
+ guint32 maxlen)
+{
+goffset start;
+guint8 *val = NULL;
+guint32 length;
+
+start = xdr_getpos(xdrs);
+if (xdr_bytes(xdrs, (char **)val, length, maxlen)) {
+proto_tree_add_bytes_format_value(tree, hf, tvb, start,
xdr_getpos(xdrs) - start,
+ NULL, %s, format_xdr_bytes(val,
length));
+/* Seems I can't call xdr_free() for this case.
+ It will raises SEGV by referencing out of bounds argument stack
*/
+xdrs-x_op = XDR_FREE;
+xdr_bytes(xdrs, (char **)val, length, maxlen);
+xdrs-x_op = XDR_DECODE;
Is accessing the internals of the 'XDR' struct really portable ? I think
it would be desirable to solve the xdr_free problem rather than accessing
struct internals
I'll change this to use free(), but let me explain this problem detail.
xdr_bytes may raises SEGV when it called from xdr_free.
This is caused by xdr_free is accessing it's third argument 'sizep' even if
it was called from xdr_free(in other word, when xdrs-x_op is XDR_FREE).
This problem can't be reproduced in 64bit architecture due to 64bit
system's register usage (I'll explain about this later).
Following is a small enough code to reproduce this issue:
#include stdio.h
#include stdlib.h
#include rpc/xdr.h
/* Contents of this buffer is not important to reproduce the issue */
static char xdr_buffer[] = {
0x00, 0x00, 0x00, 0x02, /* length is 2byte */
'A', '\0', 0, 0 /* 2 byte data and 2 byte padding bytes */
};
/* Same as the prototype of xdr_bytes() */
bool_t my_xdr_bytes(XDR *xdrs, char **cpp, u_int *sizep)
{
return TRUE;
}
/* Same as the prototype of xdr_free() */
void my_xdr_free(xdrproc_t proc, char *objp)
{
XDR x;
(*proc)(x, objp, NULL/* This NULL stored at same pos of 'sizep'
in xdr_bytes() */);
}
int main(void)
{
XDR xdrs;
char *opaque = NULL;
unsigned int size;
xdrmem_create(xdrs, xdr_buffer, sizeof(xdr_buffer), XDR_DECODE);
if (!xdr_bytes(xdrs, opaque, size, ~0)) {
fprintf(stderr, xdr_bytes() returns FALSE\n);
exit(1);
}
/* Reproduce same stack-upping as call of xdr_free(xdr_bytes, opaque).
This is needed to stack-up 0x0(invalid address) on position of
'sizsp' which is third argument of xdr_bytes(). */
my_xdr_free((xdrproc_t)my_xdr_bytes, (char *)opaque);
/* *** SEGV!! *** */
xdr_free((xdrproc_t)xdr_bytes, (char *)opaque);
/* ** */
xdr_destroy(xdrs);
return 0;
}
There are useless calls of my_xdr_free and my_xdr_bytes. These calls
are used to reproduce same
stack-upping of that when we call xdr_free((xdrproc_t)xdr_bytes, (char
*)allocated_mem).
To reproduce this issue, we need to store some invalid address in
callstack where it will
referenced from xdr_bytes via it's third argument 'sizep'. These
useless call will store NULL
into the position on callstack which will be correspond to the
position of 'sizep' in xdr_bytes.
In rpc/xdr.h, xdrproc_t was typedefed as following:
typedef bool_t (*xdrproc_t) (XDR *, void *,...);
xdr_free will call passed xdrproc as function which takes two args and
return bool_t.
So called function from xdr_free should not access after second argument.
But xdr_bytes is accessing it's third argument 'sizep' whatever it was
called from xdr_free.
This is totally wrong because we can't tell what is stored at position
of after second argument
in call stack.
This problem can only be reproduced in 32bit environment due to
register usage on function call.
Following explanation is regarding to my environment, so it
[libvirt] [PATCH v3 0/2] Libvirt Wireshark dissector
From: Yuto KAWAMURA(kawamuray) kawamuray.dad...@gmail.com Changes from version2: * Remove moduleinfo.h * Stop accessing internal XDR struct and just use free() Introduce Wireshark dissector plugin which adds support to Wireshark for dissecting libvirt RPC protocol. This feature was presented by Michal Privoznik year before last[1]. But it did only support dissecting packet headers. This time I enhanced that dissector to support dissecting packet payload. Furthermore, I provide code generator of dissector. So you can get fresh build of dissector from libvirt RPC specification file at any version you like. [1] http://www.redhat.com/archives/libvir-list/2011-October/msg00301.html Yuto KAWAMURA(kawamuray) (2): Introduce Libvirt Wireshark dissector Add sample output of Wireshark dissector Makefile.am |3 +- cfg.mk |8 +- configure.ac| 72 +- tools/wireshark/Makefile.am | 29 + tools/wireshark/README.md | 31 + tools/wireshark/samples/libvirt-sample.pdml | 206 ++ tools/wireshark/src/.gitignore |4 + tools/wireshark/src/Makefile.am | 42 ++ tools/wireshark/src/packet-libvirt.c| 512 ++ tools/wireshark/src/packet-libvirt.h| 128 tools/wireshark/util/genxdrstub.pl | 1009 +++ tools/wireshark/util/make-dissector-reg | 198 ++ 12 files changed, 2236 insertions(+), 6 deletions(-) create mode 100644 tools/wireshark/Makefile.am create mode 100644 tools/wireshark/README.md create mode 100644 tools/wireshark/samples/libvirt-sample.pdml create mode 100644 tools/wireshark/src/.gitignore create mode 100644 tools/wireshark/src/Makefile.am create mode 100644 tools/wireshark/src/packet-libvirt.c create mode 100644 tools/wireshark/src/packet-libvirt.h create mode 100755 tools/wireshark/util/genxdrstub.pl create mode 100755 tools/wireshark/util/make-dissector-reg -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v3 2/2] Add sample output of Wireshark dissector
From: Yuto KAWAMURA(kawamuray) kawamuray.dad...@gmail.com Add directory tools/wireshark/samples/ and libvirt-sample.pdml which is sample output of dissector. --- tools/wireshark/samples/libvirt-sample.pdml | 206 1 file changed, 206 insertions(+) create mode 100644 tools/wireshark/samples/libvirt-sample.pdml diff --git a/tools/wireshark/samples/libvirt-sample.pdml b/tools/wireshark/samples/libvirt-sample.pdml new file mode 100644 index 000..f6a4c28 --- /dev/null +++ b/tools/wireshark/samples/libvirt-sample.pdml @@ -0,0 +1,206 @@ +?xml version=1.0? +?xml-stylesheet type=text/xsl href=pdml2html.xsl? +!-- *** + This file has been reduced for ineffective packets. + Real output contains more and more elements, but structure + and hierarchy of XML is same as this exmaple. +*** -- +!-- You can find pdml2html.xsl in /usr/share/wireshark or at http://anonsvn.wireshark.org/trunk/wireshark/pdml2html.xsl. -- +pdml version=0 creator=wireshark/1.10.2 time=Thu Sep 19 18:09:24 2013 capture_file= +!-- Program = REMOTE, Procedure = AUTH_LIST -- +packet + proto name=libvirt showname=Libvirt size=28 pos=66 +field name=libvirt.length showname=length: 28 size=4 pos=66 show=28 value=001c/ +field name=libvirt.program showname=program: REMOTE (0x20008086) size=4 pos=70 show=0x20008086 value=20008086/ +field name=libvirt.version showname=version: 1 size=4 pos=74 show=1 value=0001/ +field name=libvirt.procedure showname=procedure: AUTH_LIST (66) size=4 pos=78 show=66 value=0042/ +field name=libvirt.type showname=type: CALL (0) size=4 pos=82 show=0 value=/ +field name=libvirt.serial showname=serial: 0 size=4 pos=86 show=0 value=/ +field name=libvirt.status showname=status: OK (0) size=4 pos=90 show=0 value=/ + /proto +/packet +packet + proto name=libvirt showname=Libvirt size=36 pos=66 +field name=libvirt.length showname=length: 36 size=4 pos=66 show=36 value=0024/ +field name=libvirt.program showname=program: REMOTE (0x20008086) size=4 pos=70 show=0x20008086 value=20008086/ +field name=libvirt.version showname=version: 1 size=4 pos=74 show=1 value=0001/ +field name=libvirt.procedure showname=procedure: AUTH_LIST (66) size=4 pos=78 show=66 value=0042/ +field name=libvirt.type showname=type: REPLY (1) size=4 pos=82 show=1 value=0001/ +field name=libvirt.serial showname=serial: 0 size=4 pos=86 show=0 value=/ +field name=libvirt.status showname=status: OK (0) size=4 pos=90 show=0 value=/ +field name=libvirt.remote_auth_list_ret showname=remote_auth_list_ret size=8 pos=94 show= value= + field name=libvirt.remote_auth_list_ret.types showname=types :: remote_auth_typelt;1gt; size=8 pos=94 show= value= +field name=libvirt.remote_auth_list_ret.types.types showname=types: REMOTE_AUTH_NONE(0) size=4 pos=98 show=0 value=/ + /field +/field + /proto +/packet + +!-- Program = REMOTE, Procedure = CONNECT_OPEN -- +packet + proto name=libvirt showname=Libvirt size=56 pos=66 +field name=libvirt.length showname=length: 56 size=4 pos=66 show=56 value=0038/ +field name=libvirt.program showname=program: REMOTE (0x20008086) size=4 pos=70 show=0x20008086 value=20008086/ +field name=libvirt.version showname=version: 1 size=4 pos=74 show=1 value=0001/ +field name=libvirt.procedure showname=procedure: CONNECT_OPEN (1) size=4 pos=78 show=1 value=0001/ +field name=libvirt.type showname=type: CALL (0) size=4 pos=82 show=0 value=/ +field name=libvirt.serial showname=serial: 2 size=4 pos=86 show=2 value=0002/ +field name=libvirt.status showname=status: OK (0) size=4 pos=90 show=0 value=/ +field name=libvirt.remote_connect_open_args showname=remote_connect_open_args size=8 pos=94 show= value= + field name=libvirt.remote_connect_open_args.name showname=name: (null) size=4 pos=94 show= value=/ + field name=libvirt.remote_connect_open_args.flags showname=flags: 15 size=4 pos=98 show=15 value=000f/ +/field + /proto +/packet +packet + proto name=libvirt showname=Libvirt size=28 pos=66 +field name=libvirt.length showname=length: 28 size=4 pos=66 show=28 value=001c/ +field name=libvirt.program showname=program: REMOTE (0x20008086) size=4 pos=70 show=0x20008086 value=20008086/ +field name=libvirt.version showname=version: 1 size=4 pos=74 show=1 value=0001/ +field name=libvirt.procedure showname=procedure: CONNECT_OPEN (1) size=4 pos=78 show=1 value=0001/ +field name=libvirt.type showname=type: REPLY (1) size=4 pos=82 show=1 value=0001/ +field name=libvirt.serial showname=serial: 2 size=4 pos=86 show=2 value=0002/ +field name=libvirt.status showname=status: OK (0) size=4 pos=90 show=0 value=/ + /proto +/packet + +!-- Program = REMOTE, Procedure = DOMAIN_LOOKUP_BY_NAME -- +packet + proto
Re: [libvirt] qemu, numa: non-contiguous cpusets
Il 30/09/2013 11:49, Borislav Petkov ha scritto: Yeah: https://lists.gnu.org/archive/html/qemu-devel/2013-09/msg02833.html Although I don't see from it how the syntax for -cpus will look like from that QAPI magic except that it is an + '*cpus': ['uint16'], It's -numa node,cpus=0-1,cpus=4-5. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2 1/2] Introduce Libvirt Wireshark dissector
On Mon, Sep 30, 2013 at 09:12:35PM +0900, Yuto KAWAMURA wrote:
2013/9/20 Daniel P. Berrange berra...@redhat.com:
On Thu, Sep 19, 2013 at 11:26:08PM +0900, Yuto KAWAMURA(kawamuray) wrote:
diff --git a/tools/wireshark/src/moduleinfo.h
b/tools/wireshark/src/moduleinfo.h
new file mode 100644
index 000..9ab642c
--- /dev/null
+++ b/tools/wireshark/src/moduleinfo.h
@@ -0,0 +1,37 @@
+/* moduleinfo.h --- Define constants about wireshark plugin module
...
+
+/* Included *after* config.h, in order to re-define these macros */
+
+#ifdef PACKAGE
+# undef PACKAGE
+#endif
+
+/* Name of package */
+#define PACKAGE libvirt
Huh ? PACKAGE will already be defined to 'libvirt' so why are
you redefining it.
+
+
+#ifdef VERSION
+# undef VERSION
+#endif
+
+/* Version number of package */
+#define VERSION 0.0.1
This means the wireshark plugin will have a fixed version, even
when libvirt protocol changes in new releases. This seems bogus.
Again I think we should just use the existing defined VERSION.
I think this whole file can just go away completely
Right. I'll remove whole moduleinfo.h.
diff --git a/tools/wireshark/src/packet-libvirt.c
b/tools/wireshark/src/packet-libvirt.c
new file mode 100644
index 000..cd3e6ce
--- /dev/null
+++ b/tools/wireshark/src/packet-libvirt.c
+static gboolean
+dissect_xdr_bytes(tvbuff_t *tvb, proto_tree *tree, XDR *xdrs, int hf,
+ guint32 maxlen)
+{
+goffset start;
+guint8 *val = NULL;
+guint32 length;
+
+start = xdr_getpos(xdrs);
+if (xdr_bytes(xdrs, (char **)val, length, maxlen)) {
+proto_tree_add_bytes_format_value(tree, hf, tvb, start,
xdr_getpos(xdrs) - start,
+ NULL, %s,
format_xdr_bytes(val, length));
+/* Seems I can't call xdr_free() for this case.
+ It will raises SEGV by referencing out of bounds argument
stack */
+xdrs-x_op = XDR_FREE;
+xdr_bytes(xdrs, (char **)val, length, maxlen);
+xdrs-x_op = XDR_DECODE;
Is accessing the internals of the 'XDR' struct really portable ? I think
it would be desirable to solve the xdr_free problem rather than accessing
struct internals
I'll change this to use free(), but let me explain this problem detail.
xdr_bytes may raises SEGV when it called from xdr_free.
This is caused by xdr_free is accessing it's third argument 'sizep' even if
it was called from xdr_free(in other word, when xdrs-x_op is XDR_FREE).
This problem can't be reproduced in 64bit architecture due to 64bit
system's register usage (I'll explain about this later).
Following is a small enough code to reproduce this issue:
#include stdio.h
#include stdlib.h
#include rpc/xdr.h
/* Contents of this buffer is not important to reproduce the issue */
static char xdr_buffer[] = {
0x00, 0x00, 0x00, 0x02, /* length is 2byte */
'A', '\0', 0, 0 /* 2 byte data and 2 byte padding bytes */
};
/* Same as the prototype of xdr_bytes() */
bool_t my_xdr_bytes(XDR *xdrs, char **cpp, u_int *sizep)
{
return TRUE;
}
/* Same as the prototype of xdr_free() */
void my_xdr_free(xdrproc_t proc, char *objp)
{
XDR x;
(*proc)(x, objp, NULL/* This NULL stored at same pos of 'sizep'
in xdr_bytes() */);
}
int main(void)
{
XDR xdrs;
char *opaque = NULL;
unsigned int size;
xdrmem_create(xdrs, xdr_buffer, sizeof(xdr_buffer), XDR_DECODE);
if (!xdr_bytes(xdrs, opaque, size, ~0)) {
fprintf(stderr, xdr_bytes() returns FALSE\n);
exit(1);
}
/* Reproduce same stack-upping as call of xdr_free(xdr_bytes, opaque).
This is needed to stack-up 0x0(invalid address) on position of
'sizsp' which is third argument of xdr_bytes(). */
my_xdr_free((xdrproc_t)my_xdr_bytes, (char *)opaque);
/* *** SEGV!! *** */
xdr_free((xdrproc_t)xdr_bytes, (char *)opaque);
/* ** */
Ok, the scenario here is
- 'xdr_bytes' takes 4 arguments
- 'xdrproc_t' takes 2 mandatory args + var-args
- 'xdr_free' calls the 'xdrproc_t' function with only 2 arguments
- 'xdr_bytes' unconditionally accesses its 3rd argument
So either
- the cast from xdr_bytes - xdrproc_t is invalid and thus
xdr_bytes should not be used with xdr_free.
or
- xdr_bytes impl in glibc is buggy and shouldn't access the
3rd arg except when doing encode/decode operations.
Regardless of which is right, we want our code to work on all xdr
impls, so we must avoid problem 2. So I think we should just not
use xdr_free here. Just do a plain 'free(opaque)' instead.
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o-
Re: [libvirt] [sandbox PATCH] virt-sandbox patch to launch containers with proper label
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/30/2013 08:07 AM, Daniel P. Berrange wrote:
On Wed, Sep 25, 2013 at 04:50:23PM -0400, Dan Walsh wrote:
virt-sandbox should be launching containers based off the lxc_context
file from selinux-policy. I changed the hard coded paths to match the
latest fedora assigned labels.
Fedora 20 SELinux Policy and beyond will have proper SELinux labels in
its lxc_contexts file. --- bin/virt-sandbox-service | 2
+- bin/virt-sandbox-service-clone.pod| 5 ++-
bin/virt-sandbox-service-create.pod | 7 ++-- bin/virt-sandbox.c
| 5 ++- libvirt-sandbox/libvirt-sandbox-builder.c | 58
+-- 5 files changed, 55 insertions(+), 22
deletions(-)
diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index
c4c4f54..b42fe08 100755 --- a/bin/virt-sandbox-service +++
b/bin/virt-sandbox-service @@ -101,7 +101,7 @@ def copydirtree(src,
dst): class Container: DEFAULT_PATH =
/var/lib/libvirt/filesystems DEFAULT_IMAGE =
/var/lib/libvirt/images/%s.raw -SELINUX_FILE_TYPE =
svirt_lxc_file_t +SELINUX_FILE_TYPE = svirt_sandbox_file_t
This change will make it impossible to use the new release on existing
distros since they won't have this new policy type. We need this to be
conditionally changed.
Well we could put the code into check if the type exists else use
svirt_lxc_file_t. (BTW Aliased in latest code.)
diff --git a/libvirt-sandbox/libvirt-sandbox-builder.c
b/libvirt-sandbox/libvirt-sandbox-builder.c index 1335042..613161a
100644 --- a/libvirt-sandbox/libvirt-sandbox-builder.c +++
b/libvirt-sandbox/libvirt-sandbox-builder.c @@ -67,6 +67,48 @@
gvir_sandbox_builder_error_quark(void) { return
g_quark_from_static_string(gvir-sandbox-builder); } +#include
selinux/selinux.h +#include errno.h +static char line[1024]; +
+static const char *get_label(int type) { +const char *path =
selinux_lxc_contexts_path(); + +FILE *fp = fopen(path, r); +if
(fp) { +GType gt = gvir_config_domain_virt_type_get_type (); +
GEnumClass *cls = g_type_class_ref (gt); +GEnumValue *val =
g_enum_get_value (cls, type); + +while (val fgets(line, sizeof
line, fp)) { +int len = strlen(line); +if (len
2) +continue; +if (line[len-1] == '\n') +
line[len-1] = '\0'; +char *name = line; +char
*value = strchr(name, '='); +if (!value) +
continue; +*value = '\0'; +value++; +
if (strcmp(name,val-value_nick)) +continue; +
return value; +} +fclose(fp);
I'm not sure I really understand what this code is doing. You seem to be
opening /etc/selinux/targetted/context/lxc_contexts and then searching for
the type for LXC, QEMU or KVM. This doesn't really make sense to me. I
wonder what the point of any of this code us, when the switch statement
below looks to be sufficient.
Well the idea is to allow other policy writers to write policy that would use
different types, rather then hard code them into programs. Dominick Grift is
experimenting with other types of SELinux Policy, and any time he has a hard
coded type, it breaks his code. Obviously we need to move more types out of
this code to make it fully functional.
+} + +switch (type) { +case GVIR_CONFIG_DOMAIN_VIRT_KVM: +
return system_u:system_r:svirt_qemu_net_t:s0;
This should be 'svirt_kvm_net_t' otherwise you are granting the KVM process
permission to use execmem execstack, which is bad from a security POV.
+case GVIR_CONFIG_DOMAIN_VIRT_QEMU: +return
system_u:system_r:svirt_qemu_net_t:s0;
This again looks like it might have back compat problems, if we try to use
this on old policy based systems. Though those hosts were already broken
due to svirt_t type not allowing sufficient privileges, so perhaps its ok.
+case GVIR_CONFIG_DOMAIN_VIRT_LXC: +default: +return
system_u:system_r:svirt_lxc_net_t:s0;
The default case should report an error - we shouldn't assume that if we
add usermode linux or vmware support, that it'll want this lxc type.
Ok.
+} +}
static gboolean gvir_sandbox_builder_construct_domain(GVirSandboxBuilder
*builder, GVirSandboxConfig *config, @@ -335,17 +377,11 @@ static
gboolean gvir_sandbox_builder_construct_security(GVirSandboxBuilder
*buil if (gvir_sandbox_config_get_security_dynamic(config)) {
gvir_config_domain_seclabel_set_type(sec,
GVIR_CONFIG_DOMAIN_SECLABEL_DYNAMIC); -if (label) -
gvir_config_domain_seclabel_set_baselabel(sec, label); -else if
(gvir_config_domain_get_virt_type(domain) == -
GVIR_CONFIG_DOMAIN_VIRT_LXC) -
gvir_config_domain_seclabel_set_baselabel(sec,
system_u:system_r:svirt_lxc_net_t:s0); -else if
(gvir_config_domain_get_virt_type(domain) == -
GVIR_CONFIG_DOMAIN_VIRT_QEMU) -
Re: [libvirt] [sandbox PATCH] virt-sandbox patch to launch containers with proper label
On Mon, Sep 30, 2013 at 08:39:35AM -0400, Daniel J Walsh wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/30/2013 08:07 AM, Daniel P. Berrange wrote:
On Wed, Sep 25, 2013 at 04:50:23PM -0400, Dan Walsh wrote:
virt-sandbox should be launching containers based off the lxc_context
file from selinux-policy. I changed the hard coded paths to match the
latest fedora assigned labels.
Fedora 20 SELinux Policy and beyond will have proper SELinux labels in
its lxc_contexts file. --- bin/virt-sandbox-service | 2
+- bin/virt-sandbox-service-clone.pod| 5 ++-
bin/virt-sandbox-service-create.pod | 7 ++-- bin/virt-sandbox.c
| 5 ++- libvirt-sandbox/libvirt-sandbox-builder.c | 58
+-- 5 files changed, 55 insertions(+), 22
deletions(-)
diff --git a/bin/virt-sandbox-service b/bin/virt-sandbox-service index
c4c4f54..b42fe08 100755 --- a/bin/virt-sandbox-service +++
b/bin/virt-sandbox-service @@ -101,7 +101,7 @@ def copydirtree(src,
dst): class Container: DEFAULT_PATH =
/var/lib/libvirt/filesystems DEFAULT_IMAGE =
/var/lib/libvirt/images/%s.raw -SELINUX_FILE_TYPE =
svirt_lxc_file_t +SELINUX_FILE_TYPE = svirt_sandbox_file_t
This change will make it impossible to use the new release on existing
distros since they won't have this new policy type. We need this to be
conditionally changed.
Well we could put the code into check if the type exists else use
svirt_lxc_file_t. (BTW Aliased in latest code.)
diff --git a/libvirt-sandbox/libvirt-sandbox-builder.c
b/libvirt-sandbox/libvirt-sandbox-builder.c index 1335042..613161a
100644 --- a/libvirt-sandbox/libvirt-sandbox-builder.c +++
b/libvirt-sandbox/libvirt-sandbox-builder.c @@ -67,6 +67,48 @@
gvir_sandbox_builder_error_quark(void) { return
g_quark_from_static_string(gvir-sandbox-builder); } +#include
selinux/selinux.h +#include errno.h +static char line[1024]; +
+static const char *get_label(int type) { +const char *path =
selinux_lxc_contexts_path(); + +FILE *fp = fopen(path, r); +if
(fp) { +GType gt = gvir_config_domain_virt_type_get_type (); +
GEnumClass *cls = g_type_class_ref (gt); +GEnumValue *val =
g_enum_get_value (cls, type); + +while (val fgets(line, sizeof
line, fp)) { +int len = strlen(line); +if (len
2) +continue; +if (line[len-1] == '\n') +
line[len-1] = '\0'; +char *name = line; +char
*value = strchr(name, '='); +if (!value) +
continue; +*value = '\0'; +value++; +
if (strcmp(name,val-value_nick)) +continue; +
return value; +} +fclose(fp);
Your email client has completely mangled this quoted text. Please fix it
to preserve line breaks / whitespace, as it makes reading the replies
rather difficult.
I'm not sure I really understand what this code is doing. You seem to be
opening /etc/selinux/targetted/context/lxc_contexts and then searching for
the type for LXC, QEMU or KVM. This doesn't really make sense to me. I
wonder what the point of any of this code us, when the switch statement
below looks to be sufficient.
Well the idea is to allow other policy writers to write policy that would use
different types, rather then hard code them into programs. Dominick Grift is
experimenting with other types of SELinux Policy, and any time he has a hard
coded type, it breaks his code. Obviously we need to move more types out of
this code to make it fully functional.
Yeah, but I'm not seeing how this /etc/selinux/targetted/context/lxc_contexts
file content is working with this piece of code. With the updated policy
I see
$ cat /etc/selinux/targeted/contexts/lxc_contexts
process = system_u:system_r:svirt_lxc_net_t:s0
file = system_u:object_r:svirt_lxc_file_t:s0
content = system_u:object_r:virt_var_lib_t:s0
so this code which is looking for 'kvm' and 'qemu' strings in that file
isn't doing anything useful
Daniel
--
|: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] virsh-domain: Free dom before return false in cmdDump
On 09/28/13 00:02, Hongwei Bi wrote: --- tools/virsh-domain.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) ACK and will be pushed shortly. Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] virsh-volume: Add missing check when calling virStreamNew
On 09/29/13 11:24, Hongwei Bi wrote: Check return value of virStreamNew when called by cmdVolUpload and cmdVolDownload. --- tools/virsh-volume.c | 12 ++-- 1 files changed, 10 insertions(+), 2 deletions(-) ACK will be pushed soon. Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] libvirt: hostdev SCSI AdapterId retrieval fix
On 30.09.2013 13:20, Boris Fiuczynski wrote:
Fixed the retrieval of the AdapterId from the AdapterName of the
hostdev source so it does return an error instead of leaving the
adapter_id uninitialized.
Signed-off-by: Boris Fiuczynski fiu...@linux.vnet.ibm.com
Reviewed-by: Viktor Mihajlovski mihaj...@linux.vnet.ibm.com
---
src/util/virscsi.c | 17 +++--
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/src/util/virscsi.c b/src/util/virscsi.c
index 43658c0..7aca9e6 100644
--- a/src/util/virscsi.c
+++ b/src/util/virscsi.c
@@ -88,16 +88,13 @@ static int
virSCSIDeviceGetAdapterId(const char *adapter,
unsigned int *adapter_id)
{
-if (STRPREFIX(adapter, scsi_host)) {
-if (virStrToLong_ui(adapter + strlen(scsi_host),
-NULL, 0, adapter_id) 0) {
-virReportError(VIR_ERR_INTERNAL_ERROR,
- _(Cannot parse adapter '%s'), adapter);
-return -1;
-}
-}
-
-return 0;
+if (STRPREFIX(adapter, scsi_host)
+virStrToLong_ui(adapter + strlen(scsi_host),
+NULL, 0, adapter_id) == 0)
+return 0;
+virReportError(VIR_ERR_INTERNAL_ERROR,
+ _(Cannot parse adapter '%s'), adapter);
+return -1;
}
char *
ACK, but I had some difficulties applying this patch. Have you edited it
before sending or did you e-mail client mangle it? The context must have
exactly one space in prefix, not two.
Michal
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] qemu_migrate: Fix assign the same port when migrating concurrently
On Mon, Sep 30, 2013 at 03:55:21 +, Wangyufei (A) wrote:
From 6c2de34432db674072231ad66c9e8a0a600ede8a Mon Sep 17 00:00:00 2001
From: WangYufei james.wangyu...@huawei.com
Date: Mon, 30 Sep 2013 11:48:43 +0800
Subject: [PATCH] qemu_migrate: Fix assign the same port when migrating
concurrently
When we migrate vms concurrently, there's a chance that libvirtd on
destination assign the same port for different migrations, which will lead to
migration failed during migration prepare phase on destination. So we use
virPortAllocator here to solve the problem.
...
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index e8bc04d..9437b5a 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -688,6 +688,11 @@ qemuStateInitialize(bool privileged,
cfg-webSocketPortMax)) == NULL)
goto error;
+if ((qemu_driver-migrationPorts =
+virPortAllocatorNew(QEMU_MIGRATION_PORT_MIN,
+QEMU_MIGRATION_PORT_MAX)) == NULL)
+goto error;
+
Hmm, I guess we could make the port range configurable, but that's a
separate thing.
if (qemuSecurityInit(qemu_driver) 0)
goto error;
@@ -994,6 +999,7 @@ qemuStateCleanup(void) {
virObjectUnref(qemu_driver-domains);
virObjectUnref(qemu_driver-remotePorts);
virObjectUnref(qemu_driver-webSocketPorts);
+virObjectUnref(qemu_driver-migrationPorts);
virObjectUnref(qemu_driver-xmlopt);
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 3a1aab7..82d90bf 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
...
@@ -2600,8 +2600,11 @@ qemuMigrationPrepareDirect(virQEMUDriverPtr driver,
cleanup:
virURIFree(uri);
VIR_FREE(hostname);
-if (ret != 0)
+if (ret != 0) {
VIR_FREE(*uri_out);
+virPortAllocatorRelease(driver-migrationPorts,
+(unsigned short)this_port);
+}
return ret;
}
I'm afraid we will also need to release the port once the migration is
done. qemuMigrationPrepareCleanup and qemuMigrationFinish are the places
where we should handle this.
Jirka
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] virfile: safezero: align mmap offset to page size
On 30.09.2013 13:01, Oskari Saarenmaa wrote: mmap's offset must be aligned to page size or mapping will fail. mmap-based safezero is only used if posix_fallocate isn't available. Signed-off-by: Oskari Saarenmaa o...@ohmu.fi --- src/util/virfile.c | 14 +++--- 1 file changed, 11 insertions(+), 3 deletions(-) ACK and safe for 1.1.3 so I've pushed this. Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v3 1/2] Introduce Libvirt Wireshark dissector
On 30.09.2013 14:15, Yuto KAWAMURA(kawamuray) wrote:
From: Yuto KAWAMURA(kawamuray) kawamuray.dad...@gmail.com
Introduce Wireshark dissector plugin which adds support to Wireshark
for dissecting libvirt RPC protocol.
Added following files to build Wireshark dissector from libvirt source
tree.
* tools/wireshark/*: Source tree of Wireshark dissector plugin.
Added followings to configure.ac or Makefile.am.
configure.ac
* --with-wireshark-dissector: Enable support for building Wireshark
dissector.
* --with-ws-plugindir: Specify wireshark plugin directory that dissector
will installed.
* Added tools/wireshark/{Makefile,src/Makefile} to AC_CONFIG_FILES.
Makefile.am
* Added tools/wireshark/ to SUBDIR.
---
Makefile.am |3 +-
cfg.mk |8 +-
configure.ac| 72 ++-
tools/wireshark/Makefile.am | 29 +
tools/wireshark/README.md | 31 +
tools/wireshark/src/.gitignore |4 +
tools/wireshark/src/Makefile.am | 42 ++
tools/wireshark/src/packet-libvirt.c| 512
tools/wireshark/src/packet-libvirt.h| 128
tools/wireshark/util/genxdrstub.pl | 1009
+++
tools/wireshark/util/make-dissector-reg | 198 ++
11 files changed, 2030 insertions(+), 6 deletions(-)
create mode 100644 tools/wireshark/Makefile.am
create mode 100644 tools/wireshark/README.md
create mode 100644 tools/wireshark/src/.gitignore
create mode 100644 tools/wireshark/src/Makefile.am
create mode 100644 tools/wireshark/src/packet-libvirt.c
create mode 100644 tools/wireshark/src/packet-libvirt.h
create mode 100755 tools/wireshark/util/genxdrstub.pl
create mode 100755 tools/wireshark/util/make-dissector-reg
I think we want tools/wireshark/src/.gitignore merged to global
$(srcdir)/.gitignore.
Moreover, I've noticed a strange behavior when dissecting some strings.
Try to dissect an opening sequence. The client calls CONNECT_OPEN
function with 2 arguments:
libvirt.remote_connect_open_args.name
libvirt.remote_connect_open_args.flags
While @flags are correctly dissected, the @name isn't. For example,
while executing virsh -c qemu+tcp:///system list I got this:
00 00 00 38 20 00 80 86 00 00 00 01 00 00 00 01 ...8 ...
0010 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 01
0020 00 00 00 0e 71 65 6d 75 3a 2f 2f 2f 73 79 73 74 qemu:///syst
0030 65 6d 00 00 00 00 00 00 em..
where the @name is at 0x1c-10x1f and @flags at 0x20-0x24. However, some
strings are still dissected correctly
And when running 'virsh domfstrim $dom' I've encountered:
[Dissector bug, protocol libvirt: proto.c:2541: failed assertion
hfinfo-type == FT_STRING || hfinfo-type == FT_STRINGZ]
Besides this I like this approach the most and once you solve the string
dissecting bugs I will give you my ACK.
Michal
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] error: server response too large
Hi. When trying to do a screenshot of a remote domain connected via qemu+tcp (for testing purposes only), I receive this error: -- virsh -c qemu+tcp://dev/system Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # version Compiled against library: libvir 0.9.8 Using library: libvir 0.9.8 Using API: QEMU 0.9.8 Running hypervisor: QEMU 1.5.1 virsh # screenshot 2 /tmp/screendump error: could not receive data from domain 2 error: packet 1048600 bytes received from server too large, want 262144 virsh # 2013-09-30 14:47:05.158+: 21646: info : libvirt version: 0.9.8 2013-09-30 14:47:05.158+: 21646: warning : virNetClientIncomingEvent:1660 : Something went wrong during async message processing -- I'm using Ubuntu LTS 12.04.3, latest version in the repo which is 0.9.8-2ubuntu17.13. On the server side, I'm using a self-compiled libvirt from git master. On the server, I receive: 2013-09-30 14:41:10.075+: 1203: info : libvirt version: 1.1.2 2013-09-30 14:41:10.075+: 1203: error : virNetSocketWriteWire:1446 : Cannot write data: Connection reset by peer 2013-09-30 14:41:10.077+: 1203: error : virFDStreamCloseInt:315 : internal error: I/O helper exited abnormally 2013-09-30 14:41:10.078+: 1203: error : virFDStreamUpdateCallback:133 : internal error: stream is not open I've uploaded the logs produced with LIBVIRT_DEBUG=1 to sendspace: http://www.sendspace.com/file/tevueo (libvirtd.log.gz) [1MB] http://www.sendspace.com/file/rdpmrh (virsh.log.gz) [5KB] When using a non-async virStream with client library version 1.1.2, it works OK. Is this a bug in libvirt 0.9.8 or is this a regression in = 1.1.2? I started to git bisect but ran out of time, I'm out of office till next week. Any help would be great. Thanks. Claudio -- AV-Test GmbH, Henricistraße 20, 04155 Leipzig, Germany Phone: +49 341 265 310 19 Web:http://www.av-test.org Eingetragen am / Registered at: Amtsgericht Stendal (HRB 114076) Geschaeftsfuehrer (CEO): Andreas Marx, Guido Habicht, Maik Morgenstern -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] virsh-volume: Add missing check when calling virStreamNew
2013/9/30 Peter Krempa pkre...@redhat.com: On 09/29/13 11:24, Hongwei Bi wrote: Check return value of virStreamNew when called by cmdVolUpload and cmdVolDownload. --- tools/virsh-volume.c | 12 ++-- 1 files changed, 10 insertions(+), 2 deletions(-) ACK will be pushed soon. Peter Pushed; Thanks. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] virsh-domain: Free dom before return false in cmdDump
2013/9/30 Peter Krempa pkre...@redhat.com: On 09/28/13 00:02, Hongwei Bi wrote: --- tools/virsh-domain.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) ACK and will be pushed shortly. Peter Pushed; Thanks. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] LXC: workaround machined uncleaned data with containers running systemd.
The problem is described by [0] but its effect on libvirt is that
starting a container with a full distro running systemd after having
stopped it simply fails.
The container cleanup now calls the machined Terminate function to make
sure that everything is in order for the next run.
[0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370
---
src/libvirt_private.syms | 2 ++
src/lxc/lxc_process.c| 8 +
src/util/virsystemd.c| 80 +---
src/util/virsystemd.h| 8 +
tests/virsystemdtest.c | 28 +
6 files changed, 117 insertions(+), 12 deletions(-)
2nd version:
* Removed the Makefile hack and added symbols to libvirt_private.syms instead
* Added virSystemdMakeMachineName to factorize some code in Make and Terminate
machine systemd functions.
* Added tests for TerminateMachine and TerminateContainer cases.
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 48e4b04..4bc4d69 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1947,8 +1947,10 @@ virSysinfoSetup;
# util/virsystemd.h
virSystemdCreateMachine;
+virSystemdMakeMachineName;
virSystemdMakeScopeName;
virSystemdMakeSliceName;
+virSystemdTerminateMachine;
# util/virthread.h
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index 4835bd5..f92c613 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -50,6 +50,7 @@
#include virstring.h
#include viratomic.h
#include virprocess.h
+#include virsystemd.h
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -210,6 +211,13 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver,
virCgroupFree(priv-cgroup);
}
+/* Get machined to terminate the machine as it may not have cleaned it
+ * properly. See https://bugs.freedesktop.org/show_bug.cgi?id=68370 for
+ * the bug we are working around here.
+ */
+virSystemdTerminateMachine(vm-def-name, lxc, true);
+
+
/* now that we know it's stopped call the hook if present */
if (virHookPresent(VIR_HOOK_DRIVER_LXC)) {
char *xml = virDomainDefFormat(vm-def, 0);
diff --git a/src/util/virsystemd.c b/src/util/virsystemd.c
index e72b7f0..1ba37cc 100644
--- a/src/util/virsystemd.c
+++ b/src/util/virsystemd.c
@@ -116,6 +116,27 @@ char *virSystemdMakeSliceName(const char *partition)
return virBufferContentAndReset(buf);
}
+char *virSystemdMakeMachineName(const char *name,
+const char *drivername,
+bool privileged)
+{
+char *machinename = NULL;
+char *username = NULL;
+if (privileged) {
+if (virAsprintf(machinename, %s-%s, drivername, name) 0)
+goto cleanup;
+} else {
+if (!(username = virGetUserName(geteuid(
+goto cleanup;
+if (virAsprintf(machinename, %s-%s-%s, username, drivername, name)
0)
+goto cleanup;
+}
+
+cleanup:
+VIR_FREE(username);
+
+return machinename;
+}
/**
* virSystemdCreateMachine:
@@ -142,7 +163,6 @@ int virSystemdCreateMachine(const char *name,
DBusConnection *conn;
char *machinename = NULL;
char *creatorname = NULL;
-char *username = NULL;
char *slicename = NULL;
ret = virDBusIsServiceEnabled(org.freedesktop.machine1);
@@ -152,15 +172,8 @@ int virSystemdCreateMachine(const char *name,
conn = virDBusGetSystemBus();
ret = -1;
-if (privileged) {
-if (virAsprintf(machinename, %s-%s, drivername, name) 0)
-goto cleanup;
-} else {
-if (!(username = virGetUserName(geteuid(
-goto cleanup;
-if (virAsprintf(machinename, %s-%s-%s, username, drivername, name)
0)
-goto cleanup;
-}
+if (!(machinename = virSystemdMakeMachineName(name, drivername,
privileged)))
+goto cleanup;
if (virAsprintf(creatorname, libvirt-%s, drivername) 0)
goto cleanup;
@@ -236,9 +249,54 @@ int virSystemdCreateMachine(const char *name,
ret = 0;
cleanup:
-VIR_FREE(username);
VIR_FREE(creatorname);
VIR_FREE(machinename);
VIR_FREE(slicename);
return ret;
}
+
+int virSystemdTerminateMachine(const char *name,
+ const char *drivername,
+ bool privileged)
+{
+int ret;
+DBusConnection *conn;
+char *machinename = NULL;
+
+ret = virDBusIsServiceEnabled(org.freedesktop.machine1);
+if (ret 0)
+return ret;
+
+conn = virDBusGetSystemBus();
+
+ret = -1;
+if (!(machinename = virSystemdMakeMachineName(name, drivername,
privileged)))
+goto cleanup;
+
+/*
+ * The systemd DBus API we're invoking has the
+ * following signature
+ *
+ * TerminateMachine(in s name);
+ *
+ * @name a host unique name for the machine. shows up
+ * in 'ps' listing similar
+ */
+
+VIR_DEBUG(Attempting to terminate machine via systemd);
+if
Re: [libvirt] error: server response too large
On 30.09.2013 17:02, Claudio Bley wrote: Hi. When trying to do a screenshot of a remote domain connected via qemu+tcp (for testing purposes only), I receive this error: -- virsh -c qemu+tcp://dev/system Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # version Compiled against library: libvir 0.9.8 Using library: libvir 0.9.8 Using API: QEMU 0.9.8 Running hypervisor: QEMU 1.5.1 virsh # screenshot 2 /tmp/screendump error: could not receive data from domain 2 error: packet 1048600 bytes received from server too large, want 262144 virsh # 2013-09-30 14:47:05.158+: 21646: info : libvirt version: 0.9.8 2013-09-30 14:47:05.158+: 21646: warning : virNetClientIncomingEvent:1660 : Something went wrong during async message processing -- I'm using Ubuntu LTS 12.04.3, latest version in the repo which is 0.9.8-2ubuntu17.13. This works as expected. 0.9.8 still had a small buffer for RPC messages. It's since 0.9.13 release that we've switched to dynamically allocated buffer and hence could size up the limit for incoming data. Update the client and problem will just go away. Michal -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] error: server response too large
On Mon, Sep 30, 2013 at 05:23:33PM +0200, Michal Privoznik wrote: On 30.09.2013 17:02, Claudio Bley wrote: Hi. When trying to do a screenshot of a remote domain connected via qemu+tcp (for testing purposes only), I receive this error: -- virsh -c qemu+tcp://dev/system Welcome to virsh, the virtualization interactive terminal. Type: 'help' for help with commands 'quit' to quit virsh # version Compiled against library: libvir 0.9.8 Using library: libvir 0.9.8 Using API: QEMU 0.9.8 Running hypervisor: QEMU 1.5.1 virsh # screenshot 2 /tmp/screendump error: could not receive data from domain 2 error: packet 1048600 bytes received from server too large, want 262144 virsh # 2013-09-30 14:47:05.158+: 21646: info : libvirt version: 0.9.8 2013-09-30 14:47:05.158+: 21646: warning : virNetClientIncomingEvent:1660 : Something went wrong during async message processing -- I'm using Ubuntu LTS 12.04.3, latest version in the repo which is 0.9.8-2ubuntu17.13. This works as expected. 0.9.8 still had a small buffer for RPC messages. It's since 0.9.13 release that we've switched to dynamically allocated buffer and hence could size up the limit for incoming data. Update the client and problem will just go away. Actually that is not working as expected. The old client should *always* be able to talk to a new server. If the new server is unconditionally sending back data that is too large for the client, this is a bug. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] error: server response too large
On 09/30/2013 05:24 PM, Daniel P. Berrange wrote: 0.9.8-2ubuntu17.13. This works as expected. 0.9.8 still had a small buffer for RPC messages. It's since 0.9.13 release that we've switched to dynamically allocated buffer and hence could size up the limit for incoming data. Update the client and problem will just go away. Actually that is not working as expected. The old client should *always* be able to talk to a new server. If the new server is unconditionally sending back data that is too large for the client, this is a bug. True, however I don't see how to fix it for past versions, specifically we can't go back to the small buffers again. For a proper solution client and server would need to advertise their respective maximum buffer sizes (or know it by the version number) and restrict themselves to using the lower number. -- Mit freundlichen Grüßen/Kind Regards Viktor Mihajlovski IBM Deutschland Research Development GmbH Vorsitzender des Aufsichtsrats: Martina Köderitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] LXC: workaround machined uncleaned data with containers running systemd.
On Mon, Sep 30, 2013 at 04:46:29PM +0200, Cédric Bosdonnat wrote: The problem is described by [0] but its effect on libvirt is that starting a container with a full distro running systemd after having stopped it simply fails. The container cleanup now calls the machined Terminate function to make sure that everything is in order for the next run. [0]: https://bugs.freedesktop.org/show_bug.cgi?id=68370 --- src/libvirt_private.syms | 2 ++ src/lxc/lxc_process.c| 8 + src/util/virsystemd.c| 80 +--- src/util/virsystemd.h| 8 + tests/virsystemdtest.c | 28 + 6 files changed, 117 insertions(+), 12 deletions(-) 2nd version: * Removed the Makefile hack and added symbols to libvirt_private.syms instead * Added virSystemdMakeMachineName to factorize some code in Make and Terminate machine systemd functions. * Added tests for TerminateMachine and TerminateContainer cases ACK and pushed since this is a critical fix for systemd hosts. Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] struct random on FreeBSD [was: FreeBSD-8.3 build failure for amd64/i386, build archive included]
On Sat, Sep 28, 2013 at 4:36 PM, Eric Blake ebl...@redhat.com wrote:
On 09/27/2013 01:01 PM, Jason Helfman wrote:
On Fri, Sep 27, 2013 at 4:57 AM, Eric Blake ebl...@redhat.com wrote:
On 09/27/2013 01:35 AM, Michal Privoznik wrote:
make[3]: Entering directory
`/home/zippy/work/tmp/a/libvirt-1.1.2/gnulib/lib'
CC allocator.lo
In file included from allocator.c:4:0:
./stdlib.h:76:8: error: redefinition of 'struct random_data'
struct random_data
^
In file included from ./stdlib.h:36:0,
from allocator.c:4:
/usr/include/stdlib.h:349:8: note: originally defined here
struct random_data
^
Can
you show me the config.log output related to detecting whether 'struct
random_data' exists? Is this a case of circular header inclusion on
FreeBSD (that is, does sys/types.h try to recursively include
stdlib.h to pick up the struct?)
Should be available here:
http://people.freebsd.org/~jgh/files/libvirt_83amd64.tar.xz
Thanks; looking through that, I see:
configure:31404: checking for struct random_data
configure:31404: cc -std=gnu99 -c -O2 -pipe -fno-strict-aliasing
-D_THREAD_SAFE -D_THREAD_SAFE conftest.c 5
conftest.c: In function 'main':
conftest.c:346: error: invalid application of 'sizeof' to incomplete
type 'struct random_data'
...
| #include stdlib.h
| #if HAVE_RANDOM_H
| # include random.h
| #endif
|
|
| int
| main ()
| {
| if (sizeof (struct random_data))
So, what has to be included prior to stdlib.h for the forward
declaration of struct random_data in that header to no longer be an
incomplete type? Can you grep your system headers and find what all
mentions struct random_data?
In looking through our 8.4 Branch, here are the results of digging the tree:
crypto/openssh/pkcs11.h: unsigned char *random_data,
crypto/heimdal/lib/hx509/ref/pkcs11.h: unsigned char
*random_data,
crypto/heimdal/lib/hx509/hxtool.c:random_data(void *opt, int argc, char
**argv)
sys/netinet/sctp_output.c:
SCTP_READ_RANDOM(randp-random_data, random_len);
sys/netinet/sctp_header.h: uint8_t random_data[];
Per another developer at FreeBSD, it seems to be a bug in 8.x branch and
picking up something it shouldn't and was fixed by adding this to the
configure environment:
ac_cv_type_struct_random_data=
http://redports.org/~jgh/20130930154500-61365-148605/libvirt-1.1.2.log
However the build still fails, but looks to be a more standard failure. Any
more ideas on this?
-jgh
--
Jason Helfman | FreeBSD Committer
j...@freebsd.org | http://people.freebsd.org/~jgh | The Power to Serve
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/6] kvm: Add KVM_GET_EMULATED_CPUID
On Sat, Sep 28, 2013 at 12:49:04PM +0200, Borislav Petkov wrote:
On Fri, Sep 27, 2013 at 11:21:34AM -0300, Eduardo Habkost wrote:
The problem here is that requested_features doesn't include just
the explicit +flag flags, but any flag included in the CPU model
definition. See the -cpu n270 example below.
Oh, you mean if requested_features would contain a flag included from
the CPU model definition - a flag which we haven't requested explicitly
- and if kvm emulates that flag, then it will get enabled?
Exactly. The code needs to filter/check all feature bits on the CPU, not
just the ones requested explicitly in the command-line.
[...]
[1] Maybe one source of confusion is that the existing code have two
feature-filtering functions doing basically the same thing:
filter_features_for_kvm() and kvm_check_features_against_host(). That's
Yes, and the first gets executed unconditionally and does the feature
filtering, right after the second has run in the kvm_enabled() branch.
This should be fixed, too: eventually enforce should work on TCG mode
as well.
something we must clean up, and they should be unified. enforce should
become synonymous to make sure filtered_features is all zeroes. This
way, libvirt can emulate what 'enforce does while being able to collect
detailed error information (which is not easy to do if QEMU simply
aborts).
Ok, maybe someone who's more knowledgeable with this code should do it -
not me :)
I have added it to my TODO-list. :-)
Also, there's another aspect, while we're here: now that QEMU emulates
MOVBE with TCG too, how do we specify on the command line, which
emulation should be used - kvm.ko or QEMU?
You can use accel={tcg,kvm} option on the -machine argument, e.g.
-machine pc,accel=kvm. Or the -enable-kvm option.
--
Eduardo
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/6] kvm: Add KVM_GET_EMULATED_CPUID
On Mon, Sep 30, 2013 at 01:13:34PM -0300, Eduardo Habkost wrote:
I have added it to my TODO-list. :-)
Cool, thanks. Let me know if I can test stuff and help out somehow.
Also, there's another aspect, while we're here: now that QEMU emulates
MOVBE with TCG too, how do we specify on the command line, which
emulation should be used - kvm.ko or QEMU?
You can use accel={tcg,kvm} option on the -machine argument, e.g.
-machine pc,accel=kvm. Or the -enable-kvm option.
Ah, ok.
Thanks.
--
Regards/Gruss,
Boris.
Sent from a fat crate under my desk. Formatting is fine.
--
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Fix max stream packet size for old clients
From: Daniel P. Berrange berra...@redhat.com
The libvirtd server pushes data out to clients. It does not
know what protocol version the client might have, so must be
conservative and use the old payload limits. ie send no more
than 256kb of data per packet.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
daemon/stream.c | 2 +-
src/rpc/virnetprotocol.x | 7 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/daemon/stream.c b/daemon/stream.c
index 87dfaf5..9e36e8a 100644
--- a/daemon/stream.c
+++ b/daemon/stream.c
@@ -708,7 +708,7 @@ daemonStreamHandleRead(virNetServerClientPtr client,
daemonClientStream *stream)
{
char *buffer;
-size_t bufferLen = VIR_NET_MESSAGE_PAYLOAD_MAX;
+size_t bufferLen = VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX;
int ret;
VIR_DEBUG(client=%p, stream=%p tx=%d closed=%d,
diff --git a/src/rpc/virnetprotocol.x b/src/rpc/virnetprotocol.x
index 131e40b..1eae7cb 100644
--- a/src/rpc/virnetprotocol.x
+++ b/src/rpc/virnetprotocol.x
@@ -50,6 +50,13 @@
*/
const VIR_NET_MESSAGE_INITIAL = 65536;
+/*
+ * Until we enlarged the message buffers, this was the max
+ * payload size. We need to remember this for compat with
+ * old clients.
+ */
+const VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX = 262144;
+
/* Maximum total message size (serialised). */
const VIR_NET_MESSAGE_MAX = 16777216;
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix max stream packet size for old clients
On 30.09.2013 18:29, Daniel P. Berrange wrote:
From: Daniel P. Berrange berra...@redhat.com
The libvirtd server pushes data out to clients. It does not
know what protocol version the client might have, so must be
conservative and use the old payload limits. ie send no more
than 256kb of data per packet.
Signed-off-by: Daniel P. Berrange berra...@redhat.com
---
daemon/stream.c | 2 +-
src/rpc/virnetprotocol.x | 7 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/daemon/stream.c b/daemon/stream.c
index 87dfaf5..9e36e8a 100644
--- a/daemon/stream.c
+++ b/daemon/stream.c
@@ -708,7 +708,7 @@ daemonStreamHandleRead(virNetServerClientPtr client,
daemonClientStream *stream)
{
char *buffer;
-size_t bufferLen = VIR_NET_MESSAGE_PAYLOAD_MAX;
+size_t bufferLen = VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX;
int ret;
VIR_DEBUG(client=%p, stream=%p tx=%d closed=%d,
diff --git a/src/rpc/virnetprotocol.x b/src/rpc/virnetprotocol.x
index 131e40b..1eae7cb 100644
--- a/src/rpc/virnetprotocol.x
+++ b/src/rpc/virnetprotocol.x
@@ -50,6 +50,13 @@
*/
const VIR_NET_MESSAGE_INITIAL = 65536;
+/*
+ * Until we enlarged the message buffers, this was the max
+ * payload size. We need to remember this for compat with
+ * old clients.
+ */
+const VIR_NET_MESSAGE_LEGACY_PAYLOAD_MAX = 262144;
+
/* Maximum total message size (serialised). */
const VIR_NET_MESSAGE_MAX = 16777216;
ACK and worth pushing into maint branches from 0.10.2 on.
Michal
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] storage: fix file allocation behavior in file cloning
Fixed the safezero call for allocating the rest of the file after cloning
an existing volume; it used to always use a zero offset, causing it to
only allocate the beginning of the file.
Also modified file creation to try to use fallocate(2) to pre-allocate
disk space before copying any data to make sure it fails early on if disk
is full and makes sure we can skip zero blocks when copying file contents.
If fallocate isn't available we will zero out the rest of the file after
cloning and only use sparse cloning if client requested a lower allocation
than the input volume's capacity.
Signed-off-by: Oskari Saarenmaa o...@ohmu.fi
---
the safezero mmap issue fixed in my previous patch never showed up because
all safezero calls previously had 0 offset (or maybe everyone's using
posix_fallocate)
configure.ac | 8
src/storage/storage_backend.c | 35 ++-
2 files changed, 34 insertions(+), 9 deletions(-)
diff --git a/configure.ac b/configure.ac
index 553015a..220d95b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -253,10 +253,10 @@ AC_CHECK_SIZEOF([long])
dnl Availability of various common functions (non-fatal if missing),
dnl and various less common threadsafe functions
-AC_CHECK_FUNCS_ONCE([cfmakeraw geteuid getgid getgrnam_r getmntent_r \
- getpwuid_r getuid kill mmap newlocale posix_fallocate posix_memalign \
- prlimit regexec sched_getaffinity setgroups setns setrlimit symlink \
- sysctlbyname])
+AC_CHECK_FUNCS_ONCE([cfmakeraw fallocate geteuid getgid getgrnam_r \
+ getmntent_r getpwuid_r getuid kill mmap newlocale posix_fallocate \
+ posix_memalign prlimit regexec sched_getaffinity setgroups setns \
+ setrlimit symlink sysctlbyname])
dnl Availability of pthread functions (if missing, win32 threading is
dnl assumed). Because of $LIB_PTHREAD, we cannot use AC_CHECK_FUNCS_ONCE.
diff --git a/src/storage/storage_backend.c b/src/storage/storage_backend.c
index b7edf85..5f1bc66 100644
--- a/src/storage/storage_backend.c
+++ b/src/storage/storage_backend.c
@@ -129,7 +129,7 @@ virStorageBackendCopyToFD(virStorageVolDefPtr vol,
virStorageVolDefPtr inputvol,
int fd,
unsigned long long *total,
- int is_dest_file)
+ int want_sparse)
{
int inputfd = -1;
int amtread = -1;
@@ -191,7 +191,7 @@ virStorageBackendCopyToFD(virStorageVolDefPtr vol,
interval = ((wbytes amtleft) ? amtleft : wbytes);
int offset = amtread - amtleft;
-if (is_dest_file memcmp(buf+offset, zerobuf, interval) == 0) {
+if (want_sparse memcmp(buf+offset, zerobuf, interval) == 0) {
if (lseek(fd, interval, SEEK_CUR) 0) {
ret = -errno;
virReportSystemError(errno,
@@ -315,6 +315,7 @@ static int
createRawFile(int fd, virStorageVolDefPtr vol,
virStorageVolDefPtr inputvol)
{
+int need_alloc = 1;
int ret = 0;
unsigned long long remain;
@@ -328,17 +329,41 @@ createRawFile(int fd, virStorageVolDefPtr vol,
goto cleanup;
}
+#ifdef HAVE_FALLOCATE
+/* Try to preallocate all requested disk space, but fall back to
+ * other methods if this fails with ENOSYS or EOPNOTSUPP.
+ * NOTE: do not use posix_fallocate; posix_fallocate falls back
+ * to writing zeroes block by block in case fallocate isn't
+ * available, and since we're going to copy data from another
+ * file it doesn't make sense to write the file twice. */
+if (fallocate(fd, 0, 0, vol-allocation) == 0) {
+need_alloc = 0;
+} else if (errno != ENOSYS errno != EOPNOTSUPP) {
+ret = -errno;
+virReportSystemError(errno,
+ _(cannot allocate %llu bytes in file '%s'),
+ vol-allocation, vol-target.path);
+goto cleanup;
+}
+#endif
+
remain = vol-allocation;
if (inputvol) {
-ret = virStorageBackendCopyToFD(vol, inputvol, fd, remain, 1);
+/* allow zero blocks to be skipped if we've requested sparse
+ * allocation (allocation capacity) or we have already
+ * been able to allocate the required space. */
+int want_sparse = (need_alloc == 0) ||
+ (vol-allocation inputvol-capacity);
+
+ret = virStorageBackendCopyToFD(vol, inputvol, fd, remain,
want_sparse);
if (ret 0) {
goto cleanup;
}
}
-if (remain) {
-if (safezero(fd, 0, remain) 0) {
+if (remain need_alloc) {
+if (safezero(fd, vol-allocation - remain, remain) 0) {
ret = -errno;
virReportSystemError(errno, _(cannot fill file '%s'),
vol-target.path);
--
1.8.3.1
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] struct random on FreeBSD [was: FreeBSD-8.3 build failure for amd64/i386, build archive included]
On 09/30/13 09:09, Jason Helfman wrote: http://redports.org/~jgh/20130930154500-61365-148605/libvirt-1.1.2.log http://redports.org/%7Ejgh/20130930154500-61365-148605/libvirt-1.1.2.log However the build still fails, but looks to be a more standard failure internal compiler error: Segmentation fault is a standard failure? I dunno, perhaps you have a bad development host, or perhaps you're just living so far over the bleeding edge that even gnulib can't save you. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] struct random on FreeBSD [was: FreeBSD-8.3 build failure for amd64/i386, build archive included]
On 09/30/2013 10:09 AM, Jason Helfman wrote: So, what has to be included prior to stdlib.h for the forward declaration of struct random_data in that header to no longer be an incomplete type? Can you grep your system headers and find what all mentions struct random_data? In looking through our 8.4 Branch, here are the results of digging the tree: crypto/openssh/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/ref/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/hxtool.c:random_data(void *opt, int argc, char **argv) sys/netinet/sctp_output.c: SCTP_READ_RANDOM(randp-random_data, random_len); Not relevant. sys/netinet/sctp_header.h: uint8_t random_data[]; Maybe relevant. Can this header be picked up by some include sequence of standard-only headers, such that using stdlib.h in isolation doesn't have a problem, but stdlib.h in combination with this header causes the problem? Per another developer at FreeBSD, it seems to be a bug in 8.x branch and picking up something it shouldn't and was fixed by adding this to the configure environment: ac_cv_type_struct_random_data= Generally, Autoconf wants you to use 'ac_cv_type_struct_random_data=no', not blank. I don't know if using 'no' instead of a blank would resolve the compiler core dump you hit. Is there a mail archive where you were discussing this with the FreeBSD developers? http://redports.org/~jgh/20130930154500-61365-148605/libvirt-1.1.2.log Also, this build was on FreeBSD 8.4, although you reported the problem against FreeBSD 8.3. Let's get it resolved on one platform before bouncing around to another (at the moment, I only have a FreeBSD 8.2 environment for my own testing, so I'm not much help at the moment). -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] tests: Introduce qemucapabilitiestest
On 09/27/2013 04:25 AM, Michal Privoznik wrote:
This test is there to ensure that our capabilities detection code isn't
broken somehow.
How to gather test data:
Firstly, the data is split into two separate files. The former (with
suffix .replies) contains all the qemu replies. This is very fragile as
introducing a new device can mean yet another monitor command and hence
edit of this file in the future. But there's no better way of doing
this. To get this data simply turn on debug logs and copy all the
QEMU_MONITOR_IO_PROCESS lines. But be careful to not copy incomplete
ones (yeah, we report some incomplete lines too). Long story short, at
the libvirtd startup, a dummy qemu is spawn to get all the capabilities.
The latter (with suffix .caps) contains capabilities XML. Just start a
domain and copy the corresponding part from its state XML file.
Including qemuCaps tag.
Signed-off-by: Michal Privoznik mpriv...@redhat.com
---
.gitignore |1 +
tests/Makefile.am | 12 +-
tests/qemucapabilitiesdata/caps_1.5.3-1.caps| 133 ++
tests/qemucapabilitiesdata/caps_1.5.3-1.replies | 2519
+++
tests/qemucapabilitiestest.c| 241 +++
5 files changed, 2904 insertions(+), 2 deletions(-)
create mode 100644 tests/qemucapabilitiesdata/caps_1.5.3-1.caps
create mode 100644 tests/qemucapabilitiesdata/caps_1.5.3-1.replies
create mode 100644 tests/qemucapabilitiestest.c
+static qemuMonitorTestPtr
+testQemuFeedMonitor(char *replies,
+virDomainXMLOptionPtr xmlopt)
+{
+qemuMonitorTestPtr test = NULL;
+char *tmp = replies;
+char *singleReply = tmp;
+
+/* Our JSON parser expects replies to be separated by a newline
character.
+ * Hence we must preprocess the file a bit. */
+while ((tmp = strchr(tmp, '\n'))) {
+/* It is safe to touch (tmp + 1) since all strings ends with '\0'. */
+bool eof = *(tmp + 1) == '\0';
More compact as:
bool eof = !tmp[1];
but that's not worth a respin :)
ACK - as this just touches the testsuite, I'm fine with including it in
1.1.3 rather than waiting.
--
Eric Blake eblake redhat com+1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] struct random on FreeBSD [was: FreeBSD-8.3 build failure for amd64/i386, build archive included]
On Mon, Sep 30, 2013 at 11:50 AM, Eric Blake ebl...@redhat.com wrote: On 09/30/2013 10:09 AM, Jason Helfman wrote: So, what has to be included prior to stdlib.h for the forward declaration of struct random_data in that header to no longer be an incomplete type? Can you grep your system headers and find what all mentions struct random_data? In looking through our 8.4 Branch, here are the results of digging the tree: crypto/openssh/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/ref/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/hxtool.c:random_data(void *opt, int argc, char **argv) sys/netinet/sctp_output.c: SCTP_READ_RANDOM(randp-random_data, random_len); Not relevant. sys/netinet/sctp_header.h: uint8_t random_data[]; Maybe relevant. Can this header be picked up by some include sequence of standard-only headers, such that using stdlib.h in isolation doesn't have a problem, but stdlib.h in combination with this header causes the problem? Per another developer at FreeBSD, it seems to be a bug in 8.x branch and picking up something it shouldn't and was fixed by adding this to the configure environment: ac_cv_type_struct_random_data= Generally, Autoconf wants you to use 'ac_cv_type_struct_random_data=no', not blank. I don't know if using 'no' instead of a blank would resolve the compiler core dump you hit. Is there a mail archive where you were discussing this with the FreeBSD developers? http://redports.org/~jgh/20130930154500-61365-148605/libvirt-1.1.2.log Also, this build was on FreeBSD 8.4, although you reported the problem against FreeBSD 8.3. Let's get it resolved on one platform before bouncing around to another (at the moment, I only have a FreeBSD 8.2 environment for my own testing, so I'm not much help at the moment). -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org It all uses the same branch of code, so it won't matter what version while you are still in 8.x, unless you are running 8.x STABLE, and not a RELEASE based branch. In working with a fellow developer, this came down to gcc bugs that were addressed in later versions of FreeBSD, but was not merged from CURRENT branch to 8.x. Here is a link to the fix that I will be committing at some point today. http://people.freebsd.org/~jgh/files/libvirt-84fix.diff Here are all the buildlogs, as well: http://redports.org/buildarchive/20130930180500-15801/ -jgh -- Jason Helfman | FreeBSD Committer j...@freebsd.org | http://people.freebsd.org/~jgh | The Power to Serve -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2]lxc: do cleanup when failed to bind fs as read-only
On 09/30/2013 03:06 AM, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com We forgot to do cleanup when lxcContainerMountFSTmpfs failed to bind fs as read-only. v2: fix an indentation issue Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- src/lxc/lxc_container.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index c60f5d8..b1f429c 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1451,6 +1451,7 @@ static int lxcContainerMountFSTmpfs(virDomainFSDefPtr fs, virReportSystemError(errno, _(Failed to make directory %s readonly), fs-dst); +goto cleanup; ACK and pushed. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2]lxc: do cleanup when failed to bind fs as read-only
On 09/30/2013 01:29 PM, Eric Blake wrote: On 09/30/2013 03:06 AM, Chen Hanxiao wrote: From: Chen Hanxiao chenhanx...@cn.fujitsu.com We forgot to do cleanup when lxcContainerMountFSTmpfs failed to bind fs as read-only. v2: fix an indentation issue Oh, and a side note. Patch changelogs, such as this paragraph... Signed-off-by: Chen Hanxiao chenhanx...@cn.fujitsu.com --- ...belong here, after the ---, so that 'git am' won't make them part of the permanent git history. They're highly useful to reviewers, but not so much when revisiting the code a year from now when we don't care how many iterations it took to get to a final patch. ACK and pushed. so I amended before actually pushing. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] VMware: Add Fusion version test
This adds a test for the version string of VMware Fusion. --- Not sure how but this was dropped from my series adding VMware Fusion that was added prior to 1.1.3-rc2. This should be safe for 1.1.3 and probably encouraged --- tests/vmwareverdata/fusion-5.0.3.txt | 3 +++ tests/vmwarevertest.c| 1 + 2 files changed, 4 insertions(+) create mode 100644 tests/vmwareverdata/fusion-5.0.3.txt diff --git a/tests/vmwareverdata/fusion-5.0.3.txt b/tests/vmwareverdata/fusion-5.0.3.txt new file mode 100644 index 000..9fae811 --- /dev/null +++ b/tests/vmwareverdata/fusion-5.0.3.txt @@ -0,0 +1,3 @@ + +VMware Fusion Information: +VMware Fusion 5.0.3 build-1040386 Release diff --git a/tests/vmwarevertest.c b/tests/vmwarevertest.c index f5ccb06..47c250c 100644 --- a/tests/vmwarevertest.c +++ b/tests/vmwarevertest.c @@ -88,6 +88,7 @@ mymain(void) } while (0) DO_TEST(ws, workstation-7.0.0, 700); +DO_TEST(fusion, fusion-5.0.3, 503); return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; } -- 1.8.1.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] VMware: Add Fusion version test
On 09/30/2013 04:00 PM, Doug Goldstein wrote: This adds a test for the version string of VMware Fusion. --- Not sure how but this was dropped from my series adding VMware Fusion that was added prior to 1.1.3-rc2. This should be safe for 1.1.3 and probably encouraged Indeed - more testing prior to the release never hurts. ACK. --- tests/vmwareverdata/fusion-5.0.3.txt | 3 +++ tests/vmwarevertest.c| 1 + 2 files changed, 4 insertions(+) create mode 100644 tests/vmwareverdata/fusion-5.0.3.txt -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Availability of release candidate 2 of libvirt-1.1.3
On Sun, Sep 29, 2013 at 4:16 AM, Daniel Veillard veill...@redhat.comwrote: As planned I tagged rc2 in git and pushed tarball and rpms to the usual place at: ftp://libvirt.org/libvirt/ seems to behave correctly on my limited testing, please give it a try too. i will try to push 1.1.3 final on Tuesday or Wednesday depending on time available and feedback. thanks ! Daniel Looks good here. https://redports.org/buildarchive/20130930215801-5110/ -jgh -- Jason Helfman | FreeBSD Committer j...@freebsd.org | http://people.freebsd.org/~jgh | The Power to Serve -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Availability of release candidate 2 of libvirt-1.1.3
On Sun, Sep 29, 2013 at 6:16 AM, Daniel Veillard veill...@redhat.com wrote: As planned I tagged rc2 in git and pushed tarball and rpms to the usual place at: ftp://libvirt.org/libvirt/ seems to behave correctly on my limited testing, please give it a try too. i will try to push 1.1.3 final on Tuesday or Wednesday depending on time available and feedback. thanks ! Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veill...@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list fwiw, tested this on Mac OS X. Simple virsh commands work fine and the only issues that remain are the ones discussed in the rc1 thread that we won't be fixing for 1.1.3 but I will try to have some patches for shortly. -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] VMware: Add Fusion version test
On Mon, Sep 30, 2013 at 5:29 PM, Eric Blake ebl...@redhat.com wrote: On 09/30/2013 04:00 PM, Doug Goldstein wrote: This adds a test for the version string of VMware Fusion. --- Not sure how but this was dropped from my series adding VMware Fusion that was added prior to 1.1.3-rc2. This should be safe for 1.1.3 and probably encouraged Indeed - more testing prior to the release never hurts. ACK. --- tests/vmwareverdata/fusion-5.0.3.txt | 3 +++ tests/vmwarevertest.c| 1 + 2 files changed, 4 insertions(+) create mode 100644 tests/vmwareverdata/fusion-5.0.3.txt -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org Thanks. Pushed. -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] struct random on FreeBSD [was: FreeBSD-8.3 build failure for amd64/i386, build archive included]
On Mon, Sep 30, 2013 at 2:27 PM, Jason Helfman j...@freebsd.org wrote: On Mon, Sep 30, 2013 at 11:50 AM, Eric Blake ebl...@redhat.com wrote: On 09/30/2013 10:09 AM, Jason Helfman wrote: So, what has to be included prior to stdlib.h for the forward declaration of struct random_data in that header to no longer be an incomplete type? Can you grep your system headers and find what all mentions struct random_data? In looking through our 8.4 Branch, here are the results of digging the tree: crypto/openssh/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/ref/pkcs11.h: unsigned char *random_data, crypto/heimdal/lib/hx509/hxtool.c:random_data(void *opt, int argc, char **argv) sys/netinet/sctp_output.c: SCTP_READ_RANDOM(randp-random_data, random_len); Not relevant. sys/netinet/sctp_header.h: uint8_t random_data[]; Maybe relevant. Can this header be picked up by some include sequence of standard-only headers, such that using stdlib.h in isolation doesn't have a problem, but stdlib.h in combination with this header causes the problem? Per another developer at FreeBSD, it seems to be a bug in 8.x branch and picking up something it shouldn't and was fixed by adding this to the configure environment: ac_cv_type_struct_random_data= Generally, Autoconf wants you to use 'ac_cv_type_struct_random_data=no', not blank. I don't know if using 'no' instead of a blank would resolve the compiler core dump you hit. Is there a mail archive where you were discussing this with the FreeBSD developers? http://redports.org/~jgh/20130930154500-61365-148605/libvirt-1.1.2.log Also, this build was on FreeBSD 8.4, although you reported the problem against FreeBSD 8.3. Let's get it resolved on one platform before bouncing around to another (at the moment, I only have a FreeBSD 8.2 environment for my own testing, so I'm not much help at the moment). -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org It all uses the same branch of code, so it won't matter what version while you are still in 8.x, unless you are running 8.x STABLE, and not a RELEASE based branch. In working with a fellow developer, this came down to gcc bugs that were addressed in later versions of FreeBSD, but was not merged from CURRENT branch to 8.x. Here is a link to the fix that I will be committing at some point today. http://people.freebsd.org/~jgh/files/libvirt-84fix.diff Here are all the buildlogs, as well: http://redports.org/buildarchive/20130930180500-15801/ -jgh -- Jason Helfman | FreeBSD Committer j...@freebsd.org | http://people.freebsd.org/~jgh | The Power to Serve -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list What's the error you're getting with -Wmissing-include-dirs? We should be testing to see if gcc supports that and not using it if its not supported. Additionally, what version of gcc are you using in 8.x? We can probably whip up a quick patch to resolve this. As far as the struct random_data, I'll let Eric work on that since he's got a better understand and more context. -- Doug Goldstein -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
