[libvirt] [PATCH] Modify help information of virsh list command
Use 'virsh list domain --title' option can get domain's title, not description, the original help information 'show short domain description' will confuse users, so modify it to 'show domain title' Signed-off-by: Li Yang liyang.f...@cn.fujitsu.com --- tools/virsh-domain-monitor.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/tools/virsh-domain-monitor.c b/tools/virsh-domain-monitor.c index de4afbb..5d19388 100644 --- a/tools/virsh-domain-monitor.c +++ b/tools/virsh-domain-monitor.c @@ -1753,7 +1753,7 @@ static const vshCmdOptDef opts_list[] = { }, {.name = title, .type = VSH_OT_BOOL, - .help = N_(show short domain description) + .help = N_(show domain title) }, {.name = NULL} }; -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Fix Memory Leak in testGetCaps()
On 03/26/2014 11:37 PM, Nehal J Wani wrote: While running qemucaps2xmltest, it was found that valgrind pointed out the following memory leaks: ==27045== 160 (112 direct, 48 indirect) bytes in 1 blocks are definitely lost in loss record 51 of 65 ==27045==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==27045==by 0x4C6BACD: virAllocVar (viralloc.c:560) ==27045==by 0x4CAF095: virObjectNew (virobject.c:193) ==27045==by 0x421453: virQEMUCapsNew (qemu_capabilities.c:1805) ==27045==by 0x41F04F: testQemuCapsXML (qemucaps2xmltest.c:72) ==27045==by 0x41FFD1: virtTestRun (testutils.c:201) ==27045==by 0x41EE7A: mymain (qemucaps2xmltest.c:203) ==27045==by 0x42074D: virtTestMain (testutils.c:789) ==27045==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) ==27045== ==27045== 160 (112 direct, 48 indirect) bytes in 1 blocks are definitely lost in loss record 52 of 65 ==27045==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==27045==by 0x4C6BACD: virAllocVar (viralloc.c:560) ==27045==by 0x4CAF095: virObjectNew (virobject.c:193) ==27045==by 0x421453: virQEMUCapsNew (qemu_capabilities.c:1805) ==27045==by 0x41F04F: testQemuCapsXML (qemucaps2xmltest.c:72) ==27045==by 0x41FFD1: virtTestRun (testutils.c:201) ==27045==by 0x41EEA3: mymain (qemucaps2xmltest.c:204) ==27045==by 0x42074D: virtTestMain (testutils.c:789) ==27045==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) --- tests/qemucaps2xmltest.c |1 + 1 files changed, 1 insertions(+), 0 deletions(-) ACK and pushed. Jan signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v6 0/3] fix query-command-line-options
This patchset fixed some issues of query-command-line-options: * some new options that haven't argument can't be queried. (eg: -enable-fips) * some legacy options that have argument can't be queried. (eg: -vnc display) More discussion: http://marc.info/?l=qemu-develm=139081830416684w=2 https://www.redhat.com/archives/libvir-list/2014-March/msg00318.html V2: remove duplicate option tables, update schema (eric) V3: fix typo in commitlog and export qemu_options talbe (eric) V4: avoid the duplicate static table (eric) V5: rename new field, other fix (markus) V6: add implied-name (eric, markus) Thanks for your review! Amos Kong (3): qmp: rename query_option_descs() to get_param_info() query-command-line-options: expose implicit parameter name query-command-line-options: query all the options in qemu-options.hx qapi-schema.json | 16 +--- qemu-options.h | 12 util/qemu-config.c | 52 ++-- vl.c | 19 ++- 4 files changed, 65 insertions(+), 34 deletions(-) -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v6 1/3] qmp: rename query_option_descs() to get_param_info()
Signed-off-by: Amos Kong ak...@redhat.com Reviewed-by: Eric Blake ebl...@redhat.com --- util/qemu-config.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/util/qemu-config.c b/util/qemu-config.c index f610101..508adbc 100644 --- a/util/qemu-config.c +++ b/util/qemu-config.c @@ -39,7 +39,7 @@ QemuOptsList *qemu_find_opts(const char *group) return ret; } -static CommandLineParameterInfoList *query_option_descs(const QemuOptDesc *desc) +static CommandLineParameterInfoList *get_param_info(const QemuOptDesc *desc) { CommandLineParameterInfoList *param_list = NULL, *entry; CommandLineParameterInfo *info; @@ -120,9 +120,9 @@ static CommandLineParameterInfoList *get_drive_infolist(void) for (i = 0; drive_config_groups[i] != NULL; i++) { if (!head) { -head = query_option_descs(drive_config_groups[i]-desc); +head = get_param_info(drive_config_groups[i]-desc); } else { -cur = query_option_descs(drive_config_groups[i]-desc); +cur = get_param_info(drive_config_groups[i]-desc); connect_infolist(head, cur); } } @@ -147,7 +147,7 @@ CommandLineOptionInfoList *qmp_query_command_line_options(bool has_option, info-parameters = get_drive_infolist(); } else { info-parameters = -query_option_descs(vm_config_groups[i]-desc); +get_param_info(vm_config_groups[i]-desc); } entry = g_malloc0(sizeof(*entry)); entry-value = info; -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v6 2/3] query-command-line-options: expose implicit parameter name
This patch added a new field to expose implicit parameter name, we make it optional for compatibility. Suggested-by: Eric Blake ebl...@redhat.com Signed-off-by: Amos Kong ak...@redhat.com --- qapi-schema.json | 6 +- util/qemu-config.c | 24 +++- 2 files changed, 20 insertions(+), 10 deletions(-) diff --git a/qapi-schema.json b/qapi-schema.json index 391356f..9341033 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -4088,12 +4088,16 @@ # # @help: #optional human readable text string, not suitable for parsing. # +# @implied-name: #optional, if present and true, the parameter can be +#specified as '-option value' instead of the preferred +#spelling of '-option name=value' (since 2.1) +# # Since 1.5 ## { 'type': 'CommandLineParameterInfo', 'data': { 'name': 'str', 'type': 'CommandLineParameterType', -'*help': 'str' } } +'*help': 'str', '*implied-name': 'bool' } } ## # @CommandLineOptionInfo: diff --git a/util/qemu-config.c b/util/qemu-config.c index 508adbc..85bb0c8 100644 --- a/util/qemu-config.c +++ b/util/qemu-config.c @@ -39,17 +39,23 @@ QemuOptsList *qemu_find_opts(const char *group) return ret; } -static CommandLineParameterInfoList *get_param_info(const QemuOptDesc *desc) +static CommandLineParameterInfoList *get_param_info(const QemuOptsList *list) { CommandLineParameterInfoList *param_list = NULL, *entry; CommandLineParameterInfo *info; int i; -for (i = 0; desc[i].name != NULL; i++) { +for (i = 0; list-desc[i].name != NULL; i++) { info = g_malloc0(sizeof(*info)); -info-name = g_strdup(desc[i].name); +info-name = g_strdup(list-desc[i].name); -switch (desc[i].type) { +info-has_implied_name = true; +if (list-implied_opt_name !strcmp(list-desc[i].name, + list-implied_opt_name)) { +info-implied_name = true; +} + +switch (list-desc[i].type) { case QEMU_OPT_STRING: info-type = COMMAND_LINE_PARAMETER_TYPE_STRING; break; @@ -64,9 +70,9 @@ static CommandLineParameterInfoList *get_param_info(const QemuOptDesc *desc) break; } -if (desc[i].help) { +if (list-desc[i].help) { info-has_help = true; -info-help = g_strdup(desc[i].help); +info-help = g_strdup(list-desc[i].help); } entry = g_malloc0(sizeof(*entry)); @@ -120,9 +126,9 @@ static CommandLineParameterInfoList *get_drive_infolist(void) for (i = 0; drive_config_groups[i] != NULL; i++) { if (!head) { -head = get_param_info(drive_config_groups[i]-desc); +head = get_param_info(drive_config_groups[i]); } else { -cur = get_param_info(drive_config_groups[i]-desc); +cur = get_param_info(drive_config_groups[i]); connect_infolist(head, cur); } } @@ -147,7 +153,7 @@ CommandLineOptionInfoList *qmp_query_command_line_options(bool has_option, info-parameters = get_drive_infolist(); } else { info-parameters = -get_param_info(vm_config_groups[i]-desc); +get_param_info(vm_config_groups[i]); } entry = g_malloc0(sizeof(*entry)); entry-value = info; -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v6 3/3] query-command-line-options: query all the options in qemu-options.hx
vm_config_groups[] only contains part of the options which have parameters, and all options which have no parameter aren't added to vm_config_groups[]. Current query-command-line-options only checks options from vm_config_groups[], so some options will be lost. We have macro in qemu-options.hx to generate a table that contains all the options. This patch tries to query options from the table. Then we won't lose the legacy options that weren't added to vm_config_groups[] (eg: -vnc, -smbios). The options that have no parameter will also be returned (eg: -enable-fips) Some options that have parameters have a NULL desc list, some options don't have parameters, and parameters is mandatory in the past. So we add a new field unspecified-parameters to present if the option takes unspecified parameters. This patch also fixes options to match their actual command-line spelling rather than an alternate name associated with the option table in use by the command. Signed-off-by: Amos Kong ak...@redhat.com --- qapi-schema.json | 10 -- qemu-options.h | 12 util/qemu-config.c | 30 -- vl.c | 19 ++- 4 files changed, 46 insertions(+), 25 deletions(-) diff --git a/qapi-schema.json b/qapi-schema.json index 9341033..36812d4 100644 --- a/qapi-schema.json +++ b/qapi-schema.json @@ -4106,12 +4106,18 @@ # # @option: option name # -# @parameters: an array of @CommandLineParameterInfo +# @parameters: array of @CommandLineParameterInfo, possibly empty +# +# @unspecified-parameters: @optional present if the @parameters array is empty. +# If true, then the option takes unspecified +# parameters, if false, then the option takes no +# parameter (since 2.1) # # Since 1.5 ## { 'type': 'CommandLineOptionInfo', - 'data': { 'option': 'str', 'parameters': ['CommandLineParameterInfo'] } } + 'data': { 'option': 'str', 'parameters': ['CommandLineParameterInfo'], +'*unspecified-parameters': 'bool' } } ## # @query-command-line-options: diff --git a/qemu-options.h b/qemu-options.h index 89a009e..4024487 100644 --- a/qemu-options.h +++ b/qemu-options.h @@ -28,9 +28,21 @@ #ifndef _QEMU_OPTIONS_H_ #define _QEMU_OPTIONS_H_ +#include sysemu/arch_init.h + enum { #define QEMU_OPTIONS_GENERATE_ENUM #include qemu-options-wrapper.h }; +#define HAS_ARG 0x0001 + +typedef struct QEMUOption { +const char *name; +int flags; +int index; +uint32_t arch_mask; +} QEMUOption; + +extern const QEMUOption qemu_options[]; #endif diff --git a/util/qemu-config.c b/util/qemu-config.c index 85bb0c8..0697cb9 100644 --- a/util/qemu-config.c +++ b/util/qemu-config.c @@ -6,6 +6,14 @@ #include hw/qdev.h #include qapi/error.h #include qmp-commands.h +#include qemu-options.h + +const QEMUOption qemu_options[] = { +{ h, 0, QEMU_OPTION_h, QEMU_ARCH_ALL }, +#define QEMU_OPTIONS_GENERATE_OPTIONS +#include qemu-options-wrapper.h +{ NULL }, +}; static QemuOptsList *vm_config_groups[32]; static QemuOptsList *drive_config_groups[4]; @@ -143,18 +151,26 @@ CommandLineOptionInfoList *qmp_query_command_line_options(bool has_option, { CommandLineOptionInfoList *conf_list = NULL, *entry; CommandLineOptionInfo *info; +QemuOptsList *list; int i; -for (i = 0; vm_config_groups[i] != NULL; i++) { -if (!has_option || !strcmp(option, vm_config_groups[i]-name)) { +for (i = 0; qemu_options[i].name; i++) { +if (!has_option || !strcmp(option, qemu_options[i].name)) { info = g_malloc0(sizeof(*info)); -info-option = g_strdup(vm_config_groups[i]-name); -if (!strcmp(drive, vm_config_groups[i]-name)) { +info-option = g_strdup(qemu_options[i].name); + +if (!strcmp(drive, qemu_options[i].name)) { info-parameters = get_drive_infolist(); } else { -info-parameters = -get_param_info(vm_config_groups[i]); +list = qemu_find_opts_err(qemu_options[i].name, NULL); +info-parameters = list ? get_param_info(list) : NULL; } + +if (!info-parameters) { +info-has_unspecified_parameters = true; +info-unspecified_parameters = qemu_options[i].flags HAS_ARG; +} + entry = g_malloc0(sizeof(*entry)); entry-value = info; entry-next = conf_list; @@ -169,6 +185,8 @@ CommandLineOptionInfoList *qmp_query_command_line_options(bool has_option, return conf_list; } +#undef HAS_ARG + QemuOptsList *qemu_find_opts_err(const char *group, Error **errp) { return find_list(vm_config_groups, group, errp); diff --git a/vl.c b/vl.c index a64dd0a..5bfcff9 100644 --- a/vl.c +++ b/vl.c @@ -111,7 +111,6 @@ int main(int argc, char **argv) #include trace/control.h #include qemu/queue.h #include
Re: [libvirt] [Qemu-devel] [PATCH v6 0/3] fix query-command-line-options
On Thu, Mar 27, 2014 at 02:57:00PM +0800, Amos Kong wrote: This patchset fixed some issues of query-command-line-options: * some new options that haven't argument can't be queried. (eg: -enable-fips) * some legacy options that have argument can't be queried. (eg: -vnc display) More discussion: http://marc.info/?l=qemu-develm=139081830416684w=2 https://www.redhat.com/archives/libvir-list/2014-March/msg00318.html V2: remove duplicate option tables, update schema (eric) V3: fix typo in commitlog and export qemu_options talbe (eric) V4: avoid the duplicate static table (eric) V5: rename new field, other fix (markus) V6: add implied-name (eric, markus) Thanks for your review! Attached query output file, ([1] was additionally applied) [1] https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg05175.html [PATCH 0/3] ABI change: change group name of option table to match with option name -- { name: order, implied-name: true, -- optional 'implied-name' was added type: string \-boot c,menu=on / -boot order=c,menu=on } ], option: boot boot-opts was fixed by [1] }, --- { parameters: [ ], option: enable-fips, -- lost enable-fips was queried \ from qemu-options.hx unspecified-parameters: false -- -enable-fips (bool option) }, --- { parameters: [ - desc table is NULL ], option: cdrom, unspecified-parameters: true but it can accept argument }, See the detail in the attachment. Thanks, Amos Amos Kong (3): qmp: rename query_option_descs() to get_param_info() query-command-line-options: expose implicit parameter name query-command-line-options: query all the options in qemu-options.hx EXECUTE { 'execute': 'qmp_capabilities' } EXECUTE { 'execute': 'query-command-line-options' } { QMP: { version: { qemu: { micro: 90, minor: 7, major: 1 }, package: }, capabilities: [ ] } } { return: { } } { return: [ { parameters: [ { name: timestamp, implied-name: false, type: boolean } ], option: msg }, { parameters: [ ], option: object, unspecified-parameters: true }, { parameters: [ ], option: tdf, unspecified-parameters: false }, { parameters: [ ], option: no-kvm-irqchip, unspecified-parameters: false }, { parameters: [ ], option: no-kvm-pit, unspecified-parameters: false }, { parameters: [ ], option: no-kvm-pit-reinjection, unspecified-paramet ers: false }, { parameters: [ ], option: no-kvm, unspecified-parameters: false }, { parameters: [ ], option: enable-fips, unspecified-parameters: false }, { parameters: [ ], option: qtest-log, unspecified-parameters: true }, { parameters: [ ], option: qtest, unspecified-parameters: true }, { parameters: [ { name: file, implied-name: false, type: string }, { name: events, implied-name: false, type: string } ], optio n: trace }, { parameters: [ ], option: no-user-config, unspecified-parameters: false }, { parameters: [ ], option: nodefconfig, unspecified-parameters: false }, { parameters: [ ], option: writeconfig, unspecified-parameters: true }, { parameters: [ ], option: readconfig, unspecified-parameters: true }, { parameters: [ { name: enable, implied-name: true, type: boolean } ], option: sandbox }, { parameters: [ ], option: old-param,
[libvirt] [PATCH] bhyve: add domainLookupByID
Implement domainLookupByID as required by OpenStack stuff. Wojciech Macek (1): bhyve: add domainLookupByID src/bhyve/bhyve_driver.c | 29 + 1 file changed, 29 insertions(+) -- 1.9.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] bhyve: add domainLookupByID
Implement domain lookup by its ID. --- src/bhyve/bhyve_driver.c | 29 + 1 file changed, 29 insertions(+) diff --git a/src/bhyve/bhyve_driver.c b/src/bhyve/bhyve_driver.c index f54dff0..38a7f41 100644 --- a/src/bhyve/bhyve_driver.c +++ b/src/bhyve/bhyve_driver.c @@ -778,6 +778,34 @@ bhyveNodeSetMemoryParameters(virConnectPtr conn, return nodeSetMemoryParameters(params, nparams, flags); } +static virDomainPtr +bhyveDomainLookupByID(virConnectPtr conn, + int id) +{ +bhyveConnPtr privconn = conn-privateData; +virDomainObjPtr vm; +virDomainPtr dom = NULL; + +vm = virDomainObjListFindByID(privconn-domains, id); + +if (!vm) { +virReportError(VIR_ERR_NO_DOMAIN, + _(No domain with matching ID '%d'), id); +goto cleanup; +} + +if (virDomainLookupByIDEnsureACL(conn, vm-def) 0) +goto cleanup; + +dom = virGetDomain(conn, vm-def-name, vm-def-uuid); +if (dom) +dom-id = vm-def-id; + + cleanup: +virObjectUnlock(vm); +return dom; +} + static virDriver bhyveDriver = { .no = VIR_DRV_BHYVE, .name = bhyve, @@ -811,6 +839,7 @@ static virDriver bhyveDriver = { .nodeGetCPUMap = bhyveNodeGetCPUMap, /* 1.2.3 */ .nodeGetMemoryParameters = bhyveNodeGetMemoryParameters, /* 1.2.3 */ .nodeSetMemoryParameters = bhyveNodeSetMemoryParameters, /* 1.2.3 */ +.domainLookupByID = bhyveDomainLookupByID, /* 1.2.3 */ }; -- 1.9.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [RFC PATCH] Behaviour of topology, vcpus and maxcpus
Nikunj A Dadhania nik...@linux.vnet.ibm.com writes: I have observed the following with libvirt xml: vcpu6/vcpu cpu topology sockets='1' cores='4' threads='2'/ /cpu So according to the topology maximum supported is 8 vcpus, while the libvirt sets that to 6 - specified in vcpu tag. Shouldn't libvirt error this out as the mismatch between the topology definition and the vcpu count? There is an upper bound check already in place where if we have maxcpu topology-supported cpus, that errors out. For eg. vcpu12/vcpu cpu topology sockets='1' cores='4' threads='2'/ /cpu The below patch make sures that libvirt does the lower bound check as well. Ping, Any comments? Regards Nikunj -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] bhyve: add domainLookupByID
Wojciech Macek wrote: Implement domain lookup by its ID. --- src/bhyve/bhyve_driver.c | 29 + 1 file changed, 29 insertions(+) static virDriver bhyveDriver = { .no = VIR_DRV_BHYVE, .name = bhyve, @@ -811,6 +839,7 @@ static virDriver bhyveDriver = { .nodeGetCPUMap = bhyveNodeGetCPUMap, /* 1.2.3 */ .nodeGetMemoryParameters = bhyveNodeGetMemoryParameters, /* 1.2.3 */ .nodeSetMemoryParameters = bhyveNodeSetMemoryParameters, /* 1.2.3 */ +.domainLookupByID = bhyveDomainLookupByID, /* 1.2.3 */ }; I grouped that with other domainLookup methods. ACK and pushed. Roman Bogorodskiy -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
On 03/27/2014 04:43 AM, Eric Blake wrote: On 03/26/2014 07:20 PM, bigclouds wrote: hi,all is there a way to convert vm's filter into comandline, i think it is useful. You mean, as in virsh domxml-to-native qemu-argv $(virsh dumpxml $dom) or are you asking about the nwfilter settings applied on behalf of a guest? Since this same person previously asked about netfilter on IRC, I'm assuming the latter... No, there isn't a way within libvirt to retrive this information. Beyond that, Dan Berrange is in the middle of refactoring the nwfilter code to not use the commandline at all in the case where firewalld is running, so in the future libvirt won't even be running any external commands to setup nwfilter rules. One way to get the information would be to run iptables -S before and after starting the guest, then look at the difference between the two outputs. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [Qemu-devel] [PATCH v4 2/2] query-command-line-options: query all the options in qemu-options.hx
Amos Kong ak...@redhat.com writes: On Wed, Mar 26, 2014 at 02:15:18PM +0100, Markus Armbruster wrote: Amos Kong ak...@redhat.com writes: On Fri, Mar 07, 2014 at 10:54:09AM +0100, Markus Armbruster wrote: Eric Blake ebl...@redhat.com writes: On 03/05/2014 07:36 PM, Amos Kong wrote: vm_config_groups[] only contains part of the options which have argument, and all options which have no argument aren't added to vm_config_groups[]. Current query-command-line-options only checks options from vm_config_groups[], so some options will be lost. We have macro in qemu-options.hx to generate a table that contains all the options. This patch tries to query options from the table. Then we won't lose the legacy options that weren't added to vm_config_groups[] (eg: -vnc, -smbios). The options that have no argument will also be returned (eg: -enable-fips) Some options that have argument have a NULL desc list, some options don't have argument, and parameters is mandatory in the past. So we add a new field argument to present if the option takes unspecified arguments. I like Markus' suggestion of naming the new field 'unspecified-parameters' rather than 'argument'. Hi Markus, Looking again, there are more problems. 1. Non-parameter argument vs. parameter argument taking unspecified parameters Example: -device takes unspecified parameters. -cdrom doesn't take parameters, it takes a file name. Yet, the command reports the same for both: parameters: [], argument: true. Looks like we need a tri-state: option takes no argument, QemuOpts argument, or other argument. '-cdrom' is the 'other argument' == 'Non-parameter argument'? Let me clarify my terminology: * A parameter argument is an option argument of the form KEY=VALUE,... Since parameter arguments should always be parsed with QemuOpts[*], I use the term QemuOpts argument interchangeably. * A non-parameter argument or other argument is an option argument that doesn't use this form. Does that answer your question? Got it, thanks. We can use a enum state. I'm not sure I got that. | { 'enum': 'ArgumentStateType', |'data': ['no-argument', 'unspecified-parameters-argument', | 'non-parameter-argument'] | } {'enum': 'ArgumentStateType', 'data': ['no-argument', 'qemuopts-argument', 'non-param-argument'] } no-argument: -enable-kvm qemuopts-argument: -boot order=c,menu=on non-param-argument: -cdrom file I don't know if it's the tri-state you suggested in previous reply. It is. Maybe { 'enum': 'OptionArgumentKind', 'data': ['none, 'QemuOpts, 'other'] } The type name makes clear it's about *option* argument, and avoids connotation with schema types or C types. The enum value names are short and to the point. [...] -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [TCK] nwfilter tests and libvirt commit 4f209434
On 03/27/2014 12:22 AM, Mike Latimer wrote: Hi, As I've been looking through libvirt-tck tests, I found that commit 4f209434 (in libvirt) changes a condition that the nwfilter/050-apply-verify-host.t relies on. Specifically, the 050-apply-verify-host.t test creates a number of filters with invalid values (such as dscp='64', and protocol='256'). Without commit 4f209434, these invalid values are silently dropped off the end of the rule, as in the following example: #virsh nwfilter-define xml with illegal value: filter name='tck-testcase' uuid5c6d49af-b071-6127-b4ec-6f8ed4b55335/uuid rule action='accept' direction='in' ip srcipaddr='10.1.2.3' srcipmask='255.255.255.254' dstipaddr='10.1.2.3' dstipmask='255.255.255.128' protocol='255' dscp='64' / /rule #virsh nwfilter-dumpxml tck-testcase rule action='accept' direction='in' priority='500' ip srcipaddr='10.1.2.3' srcipmask='31' dstipaddr='10.1.2.3' dstipmask='25' protocol='255'/ /rule With commit 4f209434 in place, the entire filter is rejected with the following error: 'internal error: dscp has illegal value 64'. As the filter is not created, the testing of that filter by the 050-apply-verify-host test fails. I agree that the change is the right thing to do, but I'm wondering how best to handle the now failing tests. This test (050-apply-verify-host.t) runs ~1200 subtests, and about 10% of those tests fail due to the change. I'm thinking that the illegal options (and only those illegal options) should be removed from the now broken tests, and a few new tests added to specifically test for the failure to add the entire rule when illegal data is passed. Thoughts? I agree. BTW - Is anyone else running the full libvirt-tck suite against recent versions of libvirt? I had thought someone had setup a continuous run of libvirt-tck against current upstream, but maybe that's only being done for autotest. There are quite a few issues (such as this one) which should be easily seen... -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
On Thu, Mar 27, 2014 at 03:17:09AM +0530, Nehal J Wani wrote: While running qemucaps2xmltest, it was found that valgrind pointed out the following memory leaks: ==29896== 0 bytes in 1 blocks are definitely lost in loss record 1 of 65 ==29896==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==29896==by 0x4C6B45E: virAllocN (viralloc.c:191) ==29896==by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999) ==29896==by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789) ==29896==by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118) ==29896==by 0x41FFD1: virtTestRun (testutils.c:201) ==29896==by 0x41EE7A: mymain (qemucaps2xmltest.c:203) ==29896==by 0x42074D: virtTestMain (testutils.c:789) ==29896==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) ==29896== ==29896== 0 bytes in 1 blocks are definitely lost in loss record 2 of 65 ==29896==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==29896==by 0x4C6B45E: virAllocN (viralloc.c:191) ==29896==by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999) ==29896==by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789) ==29896==by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118) ==29896==by 0x41FFD1: virtTestRun (testutils.c:201) ==29896==by 0x41EEA3: mymain (qemucaps2xmltest.c:204) ==29896==by 0x42074D: virtTestMain (testutils.c:789) ==29896==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) --- src/qemu/qemu_capabilities.c |4 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 7673592..aef8bc1 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -789,6 +789,10 @@ virQEMUCapsInitGuestFromBinary(virCapsPtr caps, if (virQEMUCapsGetMachineTypesCaps(qemubinCaps, nmachines, machines) 0) goto cleanup; +/* Free unneeded memory given by malloc(0) */ +if (!nmachines) +VIR_FREE(machines); + /* We register kvm as the base emulator too, since we can * just give -no-kvm to disable acceleration if required */ if ((guest = virCapabilitiesAddGuest(caps, This doesn't look at all right either. If nmachines is 0, then machines should already be NULL. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [TCK] nwfilter tests and libvirt commit 4f209434
On Wed, Mar 26, 2014 at 04:22:04PM -0600, Mike Latimer wrote: Hi, As I've been looking through libvirt-tck tests, I found that commit 4f209434 (in libvirt) changes a condition that the nwfilter/050-apply-verify-host.t relies on. Specifically, the 050-apply-verify-host.t test creates a number of filters with invalid values (such as dscp='64', and protocol='256'). Without commit 4f209434, these invalid values are silently dropped off the end of the rule, as in the following example: #virsh nwfilter-define xml with illegal value: filter name='tck-testcase' uuid5c6d49af-b071-6127-b4ec-6f8ed4b55335/uuid rule action='accept' direction='in' ip srcipaddr='10.1.2.3' srcipmask='255.255.255.254' dstipaddr='10.1.2.3' dstipmask='255.255.255.128' protocol='255' dscp='64' / /rule #virsh nwfilter-dumpxml tck-testcase rule action='accept' direction='in' priority='500' ip srcipaddr='10.1.2.3' srcipmask='31' dstipaddr='10.1.2.3' dstipmask='25' protocol='255'/ /rule With commit 4f209434 in place, the entire filter is rejected with the following error: 'internal error: dscp has illegal value 64'. As the filter is not created, the testing of that filter by the 050-apply-verify-host test fails. I agree that the change is the right thing to do, but I'm wondering how best to handle the now failing tests. This test (050-apply-verify-host.t) runs ~1200 subtests, and about 10% of those tests fail due to the change. I'm thinking that the illegal options (and only those illegal options) should be removed from the now broken tests, and a few new tests added to specifically test for the failure to add the entire rule when illegal data is passed. Thoughts? I've got fixes for this test suite pending that I'll be sending today hopefully. It will be a mixture of fixing the illegal attribute values and/or deleting pointless rules. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
On Thu, Mar 27, 2014 at 09:20:23AM +0800, bigclouds wrote: hi,all is there a way to convert vm's filter into comandline, i think it is useful. if there is the functionality, so you think it is worthy to be done. Currently the nwfilter driver generates horrible hacky shell scripts which run a variety of (eb|ip)tables commands. I'm killing all of the shell script code so that we can directly invoke iptables or talk to firewalld over DBus. The commands we will generate though won't be suitable for a user to run directly, because libvirt will parse the output of some commands in order to determine what subsequent commands to run. This kind of logic isn't something you can just export from libvirt, so what you suggest isn't really practical Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
This doesn't look at all right either. If nmachines is 0, then machines should already be NULL. If you look at the code of virQEMUCapsGetMachineTypesCaps, you see: int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps, size_t *nmachines, virCapsGuestMachinePtr **machines) { size_t i; *nmachines = 0; *machines = NULL; if (VIR_ALLOC_N(*machines, qemuCaps-nmachineTypes) 0) goto error; *nmachines = qemuCaps-nmachineTypes; Even if we pass nmachines=0 to VIR_ALLOC_N , it emulates GNU behavior of malloc(0) allocating a pointer, which is never freed, and hence needs a VIR_FREE. -- Nehal J Wani -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
On Thu, Mar 27, 2014 at 04:39:28PM +0530, Nehal J Wani wrote: This doesn't look at all right either. If nmachines is 0, then machines should already be NULL. If you look at the code of virQEMUCapsGetMachineTypesCaps, you see: int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps, size_t *nmachines, virCapsGuestMachinePtr **machines) { size_t i; *nmachines = 0; *machines = NULL; if (VIR_ALLOC_N(*machines, qemuCaps-nmachineTypes) 0) goto error; *nmachines = qemuCaps-nmachineTypes; Even if we pass nmachines=0 to VIR_ALLOC_N , it emulates GNU behavior of malloc(0) allocating a pointer, which is never freed, and hence needs a VIR_FREE. IMHO we should fix that code so it doesn't allocate the machines array. ie we shouldn't require callers to free data that they're not expecting to be allocated in the first place Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] docs: cgroups: fix typo about LXC cgroups
--- docs/cgroups.html.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/cgroups.html.in b/docs/cgroups.html.in index f7c2450..33de453 100644 --- a/docs/cgroups.html.in +++ b/docs/cgroups.html.in @@ -33,9 +33,9 @@ p The LXC driver is capable of using the codecpuset/code, - codecpu/code, codecpuset/code, codefreezer/code, + codecpu/code, codecpuacct/code, codefreezer/code, codememory/code, codeblkio/code and codedevices/code - controllers. The codecpuset/code, codedevices/code + controllers. The codecpuacct/code, codedevices/code and codememory/code controllers are compulsory. Without them mounted, no containers can be started. If any of the other controllers are not mounted, the resource management APIs -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCHv3] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
While running qemucaps2xmltest, it was found that valgrind pointed out the following memory leaks: ==29896== 0 bytes in 1 blocks are definitely lost in loss record 1 of 65 ==29896==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==29896==by 0x4C6B45E: virAllocN (viralloc.c:191) ==29896==by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999) ==29896==by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789) ==29896==by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118) ==29896==by 0x41FFD1: virtTestRun (testutils.c:201) ==29896==by 0x41EE7A: mymain (qemucaps2xmltest.c:203) ==29896==by 0x42074D: virtTestMain (testutils.c:789) ==29896==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) ==29896== ==29896== 0 bytes in 1 blocks are definitely lost in loss record 2 of 65 ==29896==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==29896==by 0x4C6B45E: virAllocN (viralloc.c:191) ==29896==by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999) ==29896==by 0x4234E7: virQEMUCapsInitGuestFromBinary (qemu_capabilities.c:789) ==29896==by 0x41F10B: testQemuCapsXML (qemucaps2xmltest.c:118) ==29896==by 0x41FFD1: virtTestRun (testutils.c:201) ==29896==by 0x41EEA3: mymain (qemucaps2xmltest.c:204) ==29896==by 0x42074D: virtTestMain (testutils.c:789) ==29896==by 0x3E6CE1ED1C: (below main) (libc-start.c:226) --- Based on Daniel's comments. v2: https://www.redhat.com/archives/libvir-list/2014-March/msg01672.html v1: https://www.redhat.com/archives/libvir-list/2014-March/msg01667.html src/qemu/qemu_capabilities.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c index 7673592..e4c1cbd 100644 --- a/src/qemu/qemu_capabilities.c +++ b/src/qemu/qemu_capabilities.c @@ -1996,10 +1996,12 @@ int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps, *nmachines = 0; *machines = NULL; -if (VIR_ALLOC_N(*machines, qemuCaps-nmachineTypes) 0) -goto error; *nmachines = qemuCaps-nmachineTypes; +if (*nmachines +VIR_ALLOC_N(*machines, qemuCaps-nmachineTypes) 0) +goto error; + for (i = 0; i qemuCaps-nmachineTypes; i++) { virCapsGuestMachinePtr mach; if (VIR_ALLOC(mach) 0) -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v2] libvirt-tck: prefer kvm domains if multiple domain types exist
On Fri, Mar 07, 2014 at 11:06:35AM -0700, Mike Latimer wrote: When matching capabilities of a guest, if multiple domain types exist (for example, 'qemu' and 'kvm') the order in which they are returned can change. To avoid unpredictable test results, this patch prefers kvm if that domain type exists. If not, the behavior matches what existed before, and the first domain type is returned. --- lib/Sys/Virt/TCK.pm | 9 ++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/Sys/Virt/TCK.pm b/lib/Sys/Virt/TCK.pm index b2c16e7..a3a2732 100644 --- a/lib/Sys/Virt/TCK.pm +++ b/lib/Sys/Virt/TCK.pm @@ -502,9 +502,12 @@ sub match_kernel { my @domains = $caps-guest_domain_types($i); next unless int(@domains); - return ($domains[0], - $caps-guest_domain_emulator($i, $domains[0]), - $caps-guest_domain_loader($i, $domains[0])); + # Prefer kvm if multiple domain types are returned + my $domain = (grep /^kvm$/, @domains) ? kvm : $domains[0]; + + return ($domain, + $caps-guest_domain_emulator($i, $domain), + $caps-guest_domain_loader($i, $domain)); } } ACK Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] libvirt-tck: 052-domain-hook.t - reload after hook cleanup
On Thu, Mar 06, 2014 at 03:41:01PM -0700, Mike Latimer wrote: Reload libvirtd after hook testing has completed. Otherwise, libvirtd is still expecting hook test scripts to exist. --- scripts/hooks/052-domain-hook.t | 4 1 file changed, 4 insertions(+) diff --git a/scripts/hooks/052-domain-hook.t b/scripts/hooks/052-domain-hook.t index 90b8a48..d1070b5 100644 --- a/scripts/hooks/052-domain-hook.t +++ b/scripts/hooks/052-domain-hook.t @@ -180,4 +180,8 @@ SKIP: { Sys::Virt::Error::ERR_NO_DOMAIN); $hook-cleanup(); + +diag reload libvirtd after hook cleanup; +$hook-action('reload'); +$hook-service_libvirtd(); }; ACK Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Cope with newer ebtables tools in testvm.fwall.dat
Newer ebtables tools turn 0x8035 into RARP, so our test file must expect this. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat b/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat index b540509..1b5f3ce 100644 --- a/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat +++ b/scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat @@ -2,20 +2,20 @@ -i vnet0 -j libvirt-I-vnet0 #ebtables -t nat -L POSTROUTING | grep vnet0 | grep -v ^Bridge | grep -v ^$ -o vnet0 -j libvirt-O-vnet0 -#ebtables -t nat -L libvirt-I-vnet0 | grep -v ^Bridge | grep -v ^$ +#ebtables -t nat -L libvirt-I-vnet0 | sed s/0x8035/RARP/g | grep -v ^Bridge | grep -v ^$ -j I-vnet0-mac -p IPv4 -j I-vnet0-ipv4-ip -p IPv4 -j ACCEPT -p ARP -j I-vnet0-arp-mac -p ARP -j I-vnet0-arp-ip -p ARP -j ACCEPT --p 0x8035 -j I-vnet0-rarp +-p RARP -j I-vnet0-rarp -p 0x835 -j ACCEPT -j DROP -#ebtables -t nat -L libvirt-O-vnet0 | grep -v ^Bridge | grep -v ^$ +#ebtables -t nat -L libvirt-O-vnet0 | sed s/0x8035/RARP/g | grep -v ^Bridge | grep -v ^$ -p IPv4 -j O-vnet0-ipv4 -p ARP -j ACCEPT --p 0x8035 -j O-vnet0-rarp +-p RARP -j O-vnet0-rarp -j DROP #ebtables -t nat -L I-vnet0-ipv4-ip | grep -v ^Bridge | grep -v ^$ -p IPv4 --ip-src 0.0.0.0 --ip-proto udp -j RETURN -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Remove illegal values in nwfilter test XML/firewall files
A number of the nwfilter XML files have attribute values which are out of range. Previously the libvirt nwfilter XML parser would silently ignore illegal values, causing them to default to 0. This resulted in creating incorrect iptables rules, which the TCK suite then validated as correct. Current libvirt returns a hard error for illegal XML values. To address this we either change the attribute values to be valid, or delete the bogus rules entirely if they are duplicates of other existing valid rules. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall | 1 - scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall | 6 +++--- scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall | 6 +++--- scripts/nwfilter/nwfilterxml2fwallout/icmp-test.fwall | 3 --- scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall | 4 +--- scripts/nwfilter/nwfilterxml2fwallout/ip-test.fwall | 4 +--- scripts/nwfilter/nwfilterxml2fwallout/mac-test.fwall | 1 - scripts/nwfilter/nwfilterxml2fwallout/rarp-test.fwall | 1 - scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall | 6 +++--- scripts/nwfilter/nwfilterxml2fwallout/vlan-test.fwall | 1 - scripts/nwfilter/nwfilterxml2xmlin/ah-ipv6-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/all-ipv6-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/arp-test.xml | 5 - scripts/nwfilter/nwfilterxml2xmlin/comment-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/esp-ipv6-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/hex-data-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/icmp-test.xml | 5 - scripts/nwfilter/nwfilterxml2xmlin/icmpv6-test.xml| 4 ++-- scripts/nwfilter/nwfilterxml2xmlin/ip-test.xml| 8 +--- scripts/nwfilter/nwfilterxml2xmlin/ipv6-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/mac-test.xml | 4 scripts/nwfilter/nwfilterxml2xmlin/rarp-test.xml | 5 - scripts/nwfilter/nwfilterxml2xmlin/sctp-ipv6-test.xml | 4 ++-- scripts/nwfilter/nwfilterxml2xmlin/sctp-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/tcp-ipv6-test.xml | 4 ++-- scripts/nwfilter/nwfilterxml2xmlin/tcp-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/udp-ipv6-test.xml | 6 +++--- scripts/nwfilter/nwfilterxml2xmlin/udp-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/udplite-ipv6-test.xml | 2 +- scripts/nwfilter/nwfilterxml2xmlin/vlan-test.xml | 7 --- 30 files changed, 31 insertions(+), 74 deletions(-) diff --git a/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall index 6ff4eb9..34174a0 100644 --- a/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall +++ b/scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall @@ -3,7 +3,6 @@ -p ARP -s 1:2:3:4:5:6 --arp-op Request --arp-htype 255 --arp-ptype 0xff -j ACCEPT -p ARP -s 1:2:3:4:5:6 --arp-op 11 --arp-htype 256 --arp-ptype 0x100 -j ACCEPT -p ARP -s 1:2:3:4:5:6 --arp-op 65535 --arp-htype 65535 --arp-ptype 0x -j ACCEPT --p ARP -s 1:2:3:4:5:6 -j ACCEPT #ebtables -t nat -L libvirt-O-vnet0 | grep -v ^Bridge | grep -v ^$ -p ARP --arp-gratuitous -j ACCEPT #ebtables -t nat -L PREROUTING | grep vnet0 diff --git a/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall index 6ef30a5..842f3bb 100644 --- a/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall +++ b/scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall @@ -31,21 +31,21 @@ FO-vnet0 all -- 0.0.0.0/0 0.0.0.0/0 [goto] PHYSDEV match --physdev-out vnet0 --p #ip6tables -L FI-vnet0 -n Chain FI-vnet0 (1 references) target prot opt source destination -RETURN tcp ::/0 a:b:c::/128 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */ +RETURN tcp ::/0 a:b:c::/128 DSCP match 0x39 tcp spts:256:4369 dpts:32:33 state ESTABLISHED ctdir ORIGINAL/* tcp/ipv6 rule */ RETURN udp ::/0 ::/0state ESTABLISHED ctdir ORIGINAL/* `ls`;${COLUMNS};$(ls);test;'3 spaces' */ RETURN sctp ::/0 ::/0state ESTABLISHED ctdir ORIGINAL/* comment with lone ', `, , `, \, $x, and two spaces */ RETURN ah ::/0 ::/0state ESTABLISHED ctdir ORIGINAL/* tmp=`mktemp`; echo ${RANDOM} ${tmp} ; cat ${tmp}; rm -f ${tmp} */ #ip6tables -L FO-vnet0 -n Chain FO-vnet0 (1 references) target prot opt source destination -ACCEPT tcp a:b:c::/128 ::/0MAC 01:02:03:04:05:06 tcp spts:32:33 dpts:256:4369 state NEW,ESTABLISHED ctdir REPLY/* tcp/ipv6 rule */ +ACCEPT tcp a:b:c::/128 ::/0
[libvirt] [PATCH] Do not truncate output of nwfilter2vmtest.sh
When printing test results, nwfilter2vmtest.sh, truncates the output at 66 or 70 characters. This is very unhelpful when debugging problems where you want to see the full output Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilter2vmtest.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/nwfilter/nwfilter2vmtest.sh b/scripts/nwfilter/nwfilter2vmtest.sh index f44f299..a68c771 100644 --- a/scripts/nwfilter/nwfilter2vmtest.sh +++ b/scripts/nwfilter/nwfilter2vmtest.sh @@ -68,7 +68,7 @@ EOF tap_fail() { - txt=$(echo $2 | gawk '{print substr($0,1,66)}') + txt=$(echo $2) echo not ok $1 - ${txt} TAP_FAIL_LIST=$TAP_FAIL_LIST $1 TAP_FAIL_CTR=$(($TAP_FAIL_CTR + 1)) @@ -76,7 +76,7 @@ tap_fail() { } tap_pass() { - txt=$(echo $2 | gawk '{print substr($0,1,70)}') + txt=$(echo $2) echo ok $1 - ${txt} TAP_TOT_CTR=$(($TAP_TOT_CTR + 1)) } -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Remove illegal values in nwfilter test XML/firewall files
On 03/27/2014 05:44 AM, Daniel P. Berrange wrote: You might want to 'git config format.subjectprefix tck PATCH' to make it obvious when you are patching libvirt-tck. A number of the nwfilter XML files have attribute values which are out of range. Previously the libvirt nwfilter XML parser would silently ignore illegal values, causing them to default to 0. This resulted in creating incorrect iptables rules, which the TCK suite then validated as correct. Current libvirt returns a hard error for illegal XML values. To address this we either change the attribute values to be valid, or delete the bogus rules entirely if they are duplicates of other existing valid rules. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall | 1 - ACK. Are you also planning on pushing Mike's patches that you have acked? -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] libvirt Wiki account creation request
... We still welcome contributions from anyone interested in updating content. Simply send an email to the main libvirt development list asking for an account and one will be created for you with as little delay as practical. ... Hence, Sophoklis -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Do not truncate output of nwfilter2vmtest.sh
On 03/27/2014 05:45 AM, Daniel P. Berrange wrote: When printing test results, nwfilter2vmtest.sh, truncates the output at 66 or 70 characters. This is very unhelpful when debugging problems where you want to see the full output Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilter2vmtest.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Cope with newer ebtables tools in testvm.fwall.dat
On 03/27/2014 05:44 AM, Daniel P. Berrange wrote: Newer ebtables tools turn 0x8035 into RARP, so our test file must expect this. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilterxml2fwallout/testvm.fwall.dat | 8 1 file changed, 4 insertions(+), 4 deletions(-) ACK -#ebtables -t nat -L libvirt-I-vnet0 | grep -v ^Bridge | grep -v ^$ +#ebtables -t nat -L libvirt-I-vnet0 | sed s/0x8035/RARP/g | grep -v ^Bridge | grep -v ^$ You know, sed|grep|grep is overkill, when you could do it all in sed: ebtables -t nat -L libvirt-I-vnet0 | \ sed 's/0x8035/RARP/g; /^Bridge/d; /^$/d' But I don't care about the minor efficiency gain enough to demand the change. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Remove illegal values in nwfilter test XML/firewall files
On Thu, Mar 27, 2014 at 06:04:41AM -0600, Eric Blake wrote: On 03/27/2014 05:44 AM, Daniel P. Berrange wrote: You might want to 'git config format.subjectprefix tck PATCH' to make it obvious when you are patching libvirt-tck. A number of the nwfilter XML files have attribute values which are out of range. Previously the libvirt nwfilter XML parser would silently ignore illegal values, causing them to default to 0. This resulted in creating incorrect iptables rules, which the TCK suite then validated as correct. Current libvirt returns a hard error for illegal XML values. To address this we either change the attribute values to be valid, or delete the bogus rules entirely if they are duplicates of other existing valid rules. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilterxml2fwallout/arp-test.fwall | 1 - ACK. Are you also planning on pushing Mike's patches that you have acked? Yes, I pushed the one I acked Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] libvirt Wiki account creation request
On Thu, Mar 27, 2014 at 02:04:32PM +0200, Sophoklis Goumas wrote: ... We still welcome contributions from anyone interested in updating content. Simply send an email to the main libvirt development list asking for an account and one will be created for you with as little delay as practical. ... FYI, I've dealt with this account request. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] question for qemu migrate fail by virDomainMigrate API
Hi everyone, when I use the API virDomainMigrate to do migration operation in KVM environment(libvirt1.1.0 qemu1.5.1), I encountered with some problems. I found that If the connection to source side is disconnected in the BEGIN phase of a migration, the migration job would fail. Further more, the following-up migration of the same VM would not be successful until restart libvirtd. The error log: libvirtd : 8406: error : virQEMUCloseCallbacksSet:781 : internal error Close callback for domain myvm1 already registered with another connection 0x7f023801a900 libvirt: Domain Config error : Requested operation is not valid: domain is already active as 'myvm1' I got the above error by following steps: step 1 : migrate VM. step 2 : disconnect the client connection to source libvirtd at once ,such as ctrl+c. step 3 : the migrate API returns fail. step 4 : migrate this VM again , fails and reports above error. The reason causing this problem may be: In the BEGIN phase of a migraion, it registers a close callback through virQEMUCloseCallbacksSet function. In the normal flow of migration, the registered callback is cleanup in the PERFORM and CONFIRM phase. But if the connection to source side is disconnected before PERFORM phase or between PERFORM phase and CONFIRM phase, the close callback will not be cleanup, and the problem mentioned above occurs. I have test it on libvirt1.2.2, it also happens. I tried, but could not find a good way to solve this problem. Does anyone have any good ideas? Thanks! -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] docs: cgroups: fix typo about LXC cgroups
On 03/27/2014 05:21 AM, Jean-Baptiste Rouault wrote: --- docs/cgroups.html.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) ACK, will push shortly. diff --git a/docs/cgroups.html.in b/docs/cgroups.html.in index f7c2450..33de453 100644 --- a/docs/cgroups.html.in +++ b/docs/cgroups.html.in @@ -33,9 +33,9 @@ p The LXC driver is capable of using the codecpuset/code, - codecpu/code, codecpuset/code, codefreezer/code, + codecpu/code, codecpuacct/code, codefreezer/code, codememory/code, codeblkio/code and codedevices/code - controllers. The codecpuset/code, codedevices/code + controllers. The codecpuacct/code, codedevices/code and codememory/code controllers are compulsory. Without them mounted, no containers can be started. If any of the other controllers are not mounted, the resource management APIs -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCHv3] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
On 03/27/2014 05:38 AM, Nehal J Wani wrote: While running qemucaps2xmltest, it was found that valgrind pointed out the following memory leaks: ==29896== 0 bytes in 1 blocks are definitely lost in loss record 1 of 65 ==29896==at 0x4A0577B: calloc (vg_replace_malloc.c:593) ==29896==by 0x4C6B45E: virAllocN (viralloc.c:191) ==29896==by 0x4232A9: virQEMUCapsGetMachineTypesCaps (qemu_capabilities.c:1999) --- Based on Daniel's comments. v2: https://www.redhat.com/archives/libvir-list/2014-March/msg01672.html v1: https://www.redhat.com/archives/libvir-list/2014-March/msg01667.html src/qemu/qemu_capabilities.c |6 -- 1 files changed, 4 insertions(+), 2 deletions(-) ACK, will push shortly -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Entering freeze for libvirt-1.2.3
I'm one day late but i have tagged the tree and pushed a release candidate 1 tarball and associated rpms to the usual place: ftp://libvirt.org/libvirt/ Being optimistic maybe we can push it on April 1st but maybe it will be safer to wait for Wed for more feedback. I gave it a bit of testing, it looks fine with my limited check, but please give it a try :-) ! thanks, Daniel -- Daniel Veillard | Open Source and Standards, Red Hat veill...@redhat.com | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH]execute netdev_del after receive DEVICE_DELETED event
Hi, When live detaching the virtual net device, such as virtio nic、 RTL8139、E1000, there are some problems: (1)If the Guest OS don't support the hot plugging pci device, detach the virtual network device by Libvirt, the net device in Qemu will still exist, but hostnet(tap) in Qemu will be removed. so the net device in Guest OS will be of no effect. (2)If reject the nic in Guest OS, Qemu will remove the net device, then Qemu send DEVICE_DELETED to Libvirt, Libvirt receive the event in event-loop thread and release info of the net device in qemuDomainRemoveNetDevice func. but hostnet in Qemu still exist. So next live attaching virtual net device will be failed because of Duplicate ID. #virsh attach-device win2008_st_r2_64 net.xml --live error: Failed to attach device from net.xml error: internal error: unable to execute QEMU command 'netdev_add': Duplicate ID 'hostnet0' for netdev (3)In addition, in qemuDomainDetachNetDevice, detach net device func, netdev_del command will be sent after sending device_del command at once. So it is violent to remove the tap device before the net device is completely removed. So I think it's more logical that doing the work of sending Qemu command netdev_del after receive the DEVICE_DELETED event. It can avoid the conflict of device info between Libvirt side and Qemu side. I create a thread in qemuDomainRemoveDevice,the handle of DEVICE_DELETED event, to execute QEMU command netdev_del. Regards, -xie Signed-off-by: xiexiangyou xiexiang...@huawei.com --- src/qemu/qemu_hotplug.c | 154 +- 1 files changed, 137 insertions(+), 17 deletions(-) diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index bf4f160..81f6a56 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -2699,6 +2699,124 @@ qemuDomainRemoveChrDevice(virQEMUDriverPtr driver, virDomainChrDefFree(chr); } +typedef struct privVmDevDriver { +virQEMUDriverPtr driver; +virDomainObjPtr vm; +virDomainDeviceDefPtr dev; +}privVmDevDriver, *privVmDevDriverPtr; + +static void +qemuProcessRemoveNetDevice(void *opaque) +{ +privVmDevDriverPtr privData = opaque; +virQEMUDriverPtr driver = privData-driver; +virDomainObjPtr vm = privData-vm; +virDomainDeviceDefPtr dev = privData-dev; + +qemuDomainObjPrivatePtr priv = vm-privateData; +char mac[VIR_MAC_STRING_BUFLEN]; +int detachidx; +virDomainNetDefPtr detach = NULL; +char *hostnet_name = NULL; +int vlan; + +virObjectLock(vm); + +if (qemuDomainObjBeginJob(driver, vm, QEMU_JOB_MODIFY) 0) +goto cleanup; + +detachidx = virDomainNetFindIdx(vm-def, dev-data.net); +if (detachidx == -2) { +virReportError(VIR_ERR_OPERATION_FAILED, +_(multiple devices matching mac address %s found), + virMacAddrFormat(dev-data.net-mac, mac)); +goto endjob; +} +else if (detachidx 0) { + virReportError(VIR_ERR_OPERATION_FAILED, + _(network device %s not found), + virMacAddrFormat(dev-data.net-mac, mac)); +goto endjob; +} +detach = vm-def-nets[detachidx]; +if (virAsprintf(hostnet_name, host%s, detach-info.alias) 0) { +virReportOOMError(); +goto endjob; +} +if ((vlan = qemuDomainNetVLAN(detach)) 0) { +virReportError(VIR_ERR_OPERATION_FAILED, + %s, _(unable to determine original VLAN)); +goto endjob; +} + +qemuDomainObjEnterMonitor(driver, vm); +if (virQEMUCapsGet(priv-qemuCaps, QEMU_CAPS_NETDEV) +virQEMUCapsGet(priv-qemuCaps, QEMU_CAPS_DEVICE)) { +if (qemuMonitorRemoveNetdev(priv-mon, hostnet_name) 0) { +qemuDomainObjExitMonitor(driver, vm); +virDomainAuditNet(vm, detach, NULL, detach, false); +goto endjob; +} +} else { +if (qemuMonitorRemoveHostNetwork(priv-mon, vlan, hostnet_name) 0) { +qemuDomainObjExitMonitor(driver, vm); +virDomainAuditNet(vm, detach, NULL, detach, false); +goto endjob; +} +} +qemuDomainObjExitMonitor(driver, vm); + +qemuDomainRemoveNetDevice(driver, vm, dev-data.net); + +endjob: +if (!qemuDomainObjEndJob(driver, vm)) +vm = NULL; + +cleanup: +VIR_FREE(hostnet_name); +VIR_FREE(privData-dev); +VIR_FREE(privData); + +if (vm virObjectUnref(vm)) +virObjectUnlock(vm); +} + +static void +qemuRemoveNetDeviceJob(virQEMUDriverPtr driver, + virDomainObjPtr vm, + virDomainDeviceDefPtr dev) +{ +virThread th; +privVmDevDriverPtr data = NULL; +virDomainDeviceDefPtr device = NULL; + +if (VIR_ALLOC(data) 0) { +VIR_ERROR(_(Failed to alloc VmDevDriver)); +return; +} + +if (VIR_ALLOC(device) 0) { +VIR_ERROR(_(Failed to alloc virDomainDeviceDefPtr)); +
Re: [libvirt] [PATCHv3] Fix Memory Leak in virQEMUCapsInitGuestFromBinary()
On 03/27/2014 05:38 AM, Nehal J Wani wrote: While running qemucaps2xmltest, it was found that valgrind pointed out the following memory leaks: +++ b/src/qemu/qemu_capabilities.c @@ -1996,10 +1996,12 @@ int virQEMUCapsGetMachineTypesCaps(virQEMUCapsPtr qemuCaps, *nmachines = 0; Oh, and I'm dropping this assignment, as it is dead because of... *machines = NULL; -if (VIR_ALLOC_N(*machines, qemuCaps-nmachineTypes) 0) -goto error; *nmachines = qemuCaps-nmachineTypes; ...this assignment. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [Qemu-devel] [PATCH v4 for 2.0 0/3] ABI change: change group name of option table to match with option name
On Thu, Mar 27, 2014 at 01:28:37PM +0100, Paolo Bonzini wrote: Il 27/03/2014 03:38, Amos Kong ha scritto: This patchset changes group names of option tables to match with option name, this breakes ABI, release note was updated. Amos Kong (3): only add qemu_tpmdev_opts when CONFIG_TPM is defined abort QEMU if group name in option table doesn't match with defined option name update names in option tables to match with actual command-line spelling hw/acpi/core.c| 8 hw/nvram/fw_cfg.c | 4 ++-- include/qemu/option.h | 2 +- qemu-options.h| 12 util/qemu-config.c| 28 vl.c | 37 + 6 files changed, 60 insertions(+), 31 deletions(-) Patches 2 and 3 should be in the opposite order. Right, I changed the order for testing, but didn't recover it back. The subject also needs to be fixed to [PATCH v4 for 2.0 0/3] Paolo -- Amos. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v5 for 2.0 0/3] ABI change: change group name of option table to match with option name
This patchset changes group names of option tables to match with option name, this breakes ABI, release note was updated. V4: fix tpmdev, add name matching test (markus) V5: adjust patch order (paolo) Amos Kong (3): only add qemu_tpmdev_opts when CONFIG_TPM is defined update names in option tables to match with actual command-line spelling abort QEMU if group name in option table doesn't match with defined option name hw/acpi/core.c| 8 hw/nvram/fw_cfg.c | 4 ++-- include/qemu/option.h | 2 +- qemu-options.h| 12 util/qemu-config.c| 28 vl.c | 37 + 6 files changed, 60 insertions(+), 31 deletions(-) -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v5 for 2.0 1/3] only add qemu_tpmdev_opts when CONFIG_TPM is defined
Signed-off-by: Amos Kong ak...@redhat.com --- vl.c | 4 1 file changed, 4 insertions(+) diff --git a/vl.c b/vl.c index 2355227..596ecfa 100644 --- a/vl.c +++ b/vl.c @@ -449,6 +449,7 @@ static QemuOptsList qemu_object_opts = { }, }; +#ifdef CONFIG_TPM static QemuOptsList qemu_tpmdev_opts = { .name = tpmdev, .implied_opt_name = type, @@ -458,6 +459,7 @@ static QemuOptsList qemu_tpmdev_opts = { { /* end of list */ } }, }; +#endif static QemuOptsList qemu_realtime_opts = { .name = realtime, @@ -2992,7 +2994,9 @@ int main(int argc, char **argv, char **envp) qemu_add_opts(qemu_sandbox_opts); qemu_add_opts(qemu_add_fd_opts); qemu_add_opts(qemu_object_opts); +#ifdef CONFIG_TPM qemu_add_opts(qemu_tpmdev_opts); +#endif qemu_add_opts(qemu_realtime_opts); qemu_add_opts(qemu_msg_opts); qemu_add_opts(qemu_name_opts); -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH v5 for 2.0 2/3] update names in option tables to match with actual command-line spelling
We want to establish a mapping between option name and option table, then we can search related option table by option name. This patch makes all the member name of QemuOptsList to match with actual command-line spelling(option name). [ Important Note ] The QemuOptsList member name values are ABI, changing them can break existing -readconfig configuration files. This patch changes: fromto introduced in acpiacpitable 0c764a9 v1.5.0 boot-opts boot3d3b830 v1.0 smp-optssmp 12b7f57 v1.6.0 All three have calcified into ABI already. I have updated the release note of 2.0 http://wiki.qemu.org/ChangeLog/2.0#ABI_breaking Signed-off-by: Amos Kong ak...@redhat.com Reviewed-by: Eric Blake ebl...@redhat.com --- hw/acpi/core.c| 8 hw/nvram/fw_cfg.c | 4 ++-- include/qemu/option.h | 2 +- vl.c | 14 +++--- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/hw/acpi/core.c b/hw/acpi/core.c index 79414b4..12e9ae8 100644 --- a/hw/acpi/core.c +++ b/hw/acpi/core.c @@ -54,16 +54,16 @@ static const char unsigned dfl_hdr[ACPI_TABLE_HDR_SIZE - ACPI_TABLE_PFX_SIZE] = char unsigned *acpi_tables; size_t acpi_tables_len; -static QemuOptsList qemu_acpi_opts = { -.name = acpi, +static QemuOptsList qemu_acpitable_opts = { +.name = acpitable, .implied_opt_name = data, -.head = QTAILQ_HEAD_INITIALIZER(qemu_acpi_opts.head), +.head = QTAILQ_HEAD_INITIALIZER(qemu_acpitable_opts.head), .desc = { { 0 } } /* validated with OptsVisitor */ }; static void acpi_register_config(void) { -qemu_add_opts(qemu_acpi_opts); +qemu_add_opts(qemu_acpitable_opts); } machine_init(acpi_register_config); diff --git a/hw/nvram/fw_cfg.c b/hw/nvram/fw_cfg.c index 282341a..3e6b048 100644 --- a/hw/nvram/fw_cfg.c +++ b/hw/nvram/fw_cfg.c @@ -125,7 +125,7 @@ static void fw_cfg_bootsplash(FWCfgState *s) const char *temp; /* get user configuration */ -QemuOptsList *plist = qemu_find_opts(boot-opts); +QemuOptsList *plist = qemu_find_opts(boot); QemuOpts *opts = QTAILQ_FIRST(plist-head); if (opts != NULL) { temp = qemu_opt_get(opts, splash); @@ -191,7 +191,7 @@ static void fw_cfg_reboot(FWCfgState *s) const char *temp; /* get user configuration */ -QemuOptsList *plist = qemu_find_opts(boot-opts); +QemuOptsList *plist = qemu_find_opts(boot); QemuOpts *opts = QTAILQ_FIRST(plist-head); if (opts != NULL) { temp = qemu_opt_get(opts, reboot-timeout); diff --git a/include/qemu/option.h b/include/qemu/option.h index 8c0ac34..96b7c29 100644 --- a/include/qemu/option.h +++ b/include/qemu/option.h @@ -102,7 +102,7 @@ typedef struct QemuOptDesc { } QemuOptDesc; struct QemuOptsList { -const char *name; +const char *name; /* option name */ const char *implied_opt_name; bool merge_lists; /* Merge multiple uses of option into a single list? */ QTAILQ_HEAD(, QemuOpts) head; diff --git a/vl.c b/vl.c index 596ecfa..0464494 100644 --- a/vl.c +++ b/vl.c @@ -388,7 +388,7 @@ static QemuOptsList qemu_machine_opts = { }; static QemuOptsList qemu_boot_opts = { -.name = boot-opts, +.name = boot, .implied_opt_name = order, .merge_lists = true, .head = QTAILQ_HEAD_INITIALIZER(qemu_boot_opts.head), @@ -1359,7 +1359,7 @@ static void numa_add(const char *optarg) } static QemuOptsList qemu_smp_opts = { -.name = smp-opts, +.name = smp, .implied_opt_name = cpus, .merge_lists = true, .head = QTAILQ_HEAD_INITIALIZER(qemu_smp_opts.head), @@ -3241,7 +3241,7 @@ int main(int argc, char **argv, char **envp) drive_add(IF_DEFAULT, 2, optarg, CDROM_OPTS); break; case QEMU_OPTION_boot: -opts = qemu_opts_parse(qemu_find_opts(boot-opts), optarg, 1); +opts = qemu_opts_parse(qemu_find_opts(boot), optarg, 1); if (!opts) { exit(1); } @@ -3610,7 +3610,7 @@ int main(int argc, char **argv, char **envp) break; } case QEMU_OPTION_acpitable: -opts = qemu_opts_parse(qemu_find_opts(acpi), optarg, 1); +opts = qemu_opts_parse(qemu_find_opts(acpitable), optarg, 1); if (!opts) { exit(1); } @@ -3677,7 +3677,7 @@ int main(int argc, char **argv, char **envp) } break; case QEMU_OPTION_smp: -if (!qemu_opts_parse(qemu_find_opts(smp-opts), optarg, 1)) { +if (!qemu_opts_parse(qemu_find_opts(smp), optarg, 1)) { exit(1); } break; @@ -4002,7 +4002,7 @@ int main(int argc, char **argv, char **envp) data_dir[data_dir_idx++] = CONFIG_QEMU_DATADIR; } -smp_parse(qemu_opts_find(qemu_find_opts(smp-opts),
[libvirt] [PATCH v5 for 2.0 3/3] abort QEMU if group name in option table doesn't match with defined option name
All the options are defined in qemu-options.hx. If we can't find a matched option definition by group name of option table, then the group name doesn't match with defined option name, it's not allowed from 2.0 Signed-off-by: Amos Kong ak...@redhat.com --- qemu-options.h | 12 util/qemu-config.c | 28 vl.c | 19 ++- 3 files changed, 42 insertions(+), 17 deletions(-) diff --git a/qemu-options.h b/qemu-options.h index 89a009e..4024487 100644 --- a/qemu-options.h +++ b/qemu-options.h @@ -28,9 +28,21 @@ #ifndef _QEMU_OPTIONS_H_ #define _QEMU_OPTIONS_H_ +#include sysemu/arch_init.h + enum { #define QEMU_OPTIONS_GENERATE_ENUM #include qemu-options-wrapper.h }; +#define HAS_ARG 0x0001 + +typedef struct QEMUOption { +const char *name; +int flags; +int index; +uint32_t arch_mask; +} QEMUOption; + +extern const QEMUOption qemu_options[]; #endif diff --git a/util/qemu-config.c b/util/qemu-config.c index f610101..eba5428 100644 --- a/util/qemu-config.c +++ b/util/qemu-config.c @@ -6,6 +6,14 @@ #include hw/qdev.h #include qapi/error.h #include qmp-commands.h +#include qemu-options.h + +const QEMUOption qemu_options[] = { +{ h, 0, QEMU_OPTION_h, QEMU_ARCH_ALL }, +#define QEMU_OPTIONS_GENERATE_OPTIONS +#include qemu-options-wrapper.h +{ NULL }, +}; static QemuOptsList *vm_config_groups[32]; static QemuOptsList *drive_config_groups[4]; @@ -184,6 +192,20 @@ void qemu_add_drive_opts(QemuOptsList *list) abort(); } +/* check if the option is defined in qemu-options.hx */ +static bool opt_is_defined(const char *name) +{ +int i; + +for (i = 0; qemu_options[i].name; i++) { +if (!strcmp(qemu_options[i].name, name)) { +return true; +} +} + +return false; +} + void qemu_add_opts(QemuOptsList *list) { int entries, i; @@ -193,6 +215,12 @@ void qemu_add_opts(QemuOptsList *list) for (i = 0; i entries; i++) { if (vm_config_groups[i] == NULL) { vm_config_groups[i] = list; +if (!opt_is_defined(list-name)) { +error_report(Didn't find a matched option definition, + group name (%s) of option table must match with + defined option name (Since 2.0), list-name); +abort(); +} return; } } diff --git a/vl.c b/vl.c index 0464494..bd44c52 100644 --- a/vl.c +++ b/vl.c @@ -111,7 +111,6 @@ int main(int argc, char **argv) #include trace/control.h #include qemu/queue.h #include sysemu/cpus.h -#include sysemu/arch_init.h #include qemu/osdep.h #include ui/qemu-spice.h @@ -2082,22 +2081,6 @@ static void help(int exitcode) exit(exitcode); } -#define HAS_ARG 0x0001 - -typedef struct QEMUOption { -const char *name; -int flags; -int index; -uint32_t arch_mask; -} QEMUOption; - -static const QEMUOption qemu_options[] = { -{ h, 0, QEMU_OPTION_h, QEMU_ARCH_ALL }, -#define QEMU_OPTIONS_GENERATE_OPTIONS -#include qemu-options-wrapper.h -{ NULL }, -}; - static bool vga_available(void) { return object_class_by_name(VGA) || object_class_by_name(isa-vga); @@ -2842,6 +2825,8 @@ static const QEMUOption *lookup_opt(int argc, char **argv, return popt; } +#undef HAS_ARG + static gpointer malloc_and_trace(gsize n_bytes) { void *ptr = malloc(n_bytes); -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/n] conf: split security label structs to util/
On 03/27/14 00:09, Eric Blake wrote: In order to reuse the newly-created host-side disk struct in the virstoragefile backing chain code, I first have to move it to util/. This starts the process, by first moving the security label structures. * src/conf/domain_conf.h (virDomainDefGenSecurityLabelDef) (virDomainDiskDefGenSecurityLabelDef, virSecurityLabelDefFree) (virSecurityDeviceLabelDefFree, virSecurityLabelDef) (virSecurityDeviceLabelDef): Move... * src/util/virseclabel.h: ...to new file. (virSecurityLabelDefNew, virSecurityDeviceLabelDefNew): Rename the GenSecurity functions. * src/qemu/qemu_process.c (qemuProcessAttach): Adjust callers. * src/security/security_manager.c (virSecurityManagerGenLabel): Likewise. * src/security/security_selinux.c (virSecuritySELinuxSetSecurityFileLabel): Likewise. * src/util/virseclabel.c: New file. * src/conf/domain_conf.c: Move security code, and fix fallout. * src/Makefile.am (UTIL_SOURCES): Build new file. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virseclabel.h): ...to new section. Signed-off-by: Eric Blake ebl...@redhat.com --- src/Makefile.am | 1 + src/conf/domain_conf.c | 51 - src/conf/domain_conf.h | 43 + src/libvirt_private.syms| 11 -- src/qemu/qemu_process.c | 2 +- src/security/security_manager.c | 2 +- src/security/security_selinux.c | 2 +- src/util/virseclabel.c | 82 + src/util/virseclabel.h | 67 + 9 files changed, 161 insertions(+), 100 deletions(-) create mode 100644 src/util/virseclabel.c create mode 100644 src/util/virseclabel.h ACK. Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 2/n] conf: split network host structs to util/
On 03/27/14 00:09, Eric Blake wrote: Continuing the refactoring of host-side storage descriptions out of conf/domain_conf and into util/virstoragefile, this patch focuses on details about a host name/port/transport as used by a network storage volume. * src/conf/domain_conf.h (virDomainDiskProtocolTransport) (virDomainDiskHostDef, virDomainDiskHostDefClear) (virDomainDiskHostDefFree, virDomainDiskHostDefCopy): Move... * src/util/virstoragefile.h (virStorageNetHostTransport) (virStorageNetHostDef, virStorageNetHostDefClear) (virStorageNetHostDefFree, virStorageNetHostDefCopy): ...here, with better names. * src/util/virstoragefile.c (virStorageNetHostDefClear) (virStorageNetHostDefFree, virStorageNetHostDefCopy): Moved from... * src/conf/domain_conf.c (virDomainDiskHostDefClear) (virDomainDiskHostDefFree, virDomainDiskHostDefCopy): ...here. (virDomainDiskSourceDefClear, virDomainDiskSourceDefParse) (virDomainDiskSourceDefFormatInternal): Adjust callers. * src/conf/snapshot_conf.h (_virDomainSnapshotDiskDef): Likewise. * src/conf/snapshot_conf.c (virDomainSnapshotDiskDefClear): Likewise. * src/qemu/qemu_command.c (qemuAddRBDHost) (qemuParseDriveURIString, qemuParseNBDString) (qemuBuildNetworkDriveURI, qemuParseCommandLineDisk) (qemuParseCommandLine, qemuGetDriveSourceString): Likewise. * src/qemu/qemu_command.h: Likewise. * src/qemu/qemu_conf.c (qemuAddISCSIPoolSourceHost) (qemuTranslateDiskSourcePool): Likewise. * src/qemu/qemu_driver.c (qemuDomainSnapshotCreateSingleDiskActive) (qemuDomainSnapshotUndoSingleDiskActive): Likewise. * src/storage/storage_backend_gluster.c (virStorageFileBackendGlusterInit): Likewise. * src/storage/storage_driver.c (virStorageFileFree) (virStorageFileInitInternal): Likewise. * src/storage/storage_driver.h (_virStorageFile): Likewise. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virstoragefile.h): ...as appropriate. Signed-off-by: Eric Blake ebl...@redhat.com --- src/conf/domain_conf.c| 88 +-- src/conf/domain_conf.h| 28 ++- src/conf/snapshot_conf.c | 5 +- src/conf/snapshot_conf.h | 4 +- src/libvirt_private.syms | 10 ++-- src/qemu/qemu_command.c | 38 +++ src/qemu/qemu_command.h | 6 +-- src/qemu/qemu_conf.c | 4 +- src/qemu/qemu_driver.c| 24 +- src/storage/storage_backend_gluster.c | 8 ++-- src/storage/storage_driver.c | 8 ++-- src/storage/storage_driver.h | 2 +- src/util/virstoragefile.c | 71 +++- src/util/virstoragefile.h | 30 +++- 14 files changed, 167 insertions(+), 159 deletions(-) Unpleasant amount of fallout from these changes :/.. ACK Peter signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Device attach / detach problem for passthrough/SR-IOV in libvirt
Hi all I just encountered a problem in libvirt while was trying to attach and detach a sr-iov vf to my VM The version of my libvirt is 1.1.1-0ubuntu8.5 I tried to attach the device using following xml interface type='hostdev' managed='yes' mac address='5c:01:fd:12:34:58'/ source address type='pci' domain='0x' bus='0x04' slot='0x01' function='0x1'/ /source /interface When i attached device it worked properly and i managed to ping another host. virsh # attach-device t5 1.xml Device attached successfully But when i detached it still i had network traffic in my VM but libvirt (virsh) said that virsh # detach-device t5 1.xml Device detached successfully The next time i tried to attach it libvirt said that virsh # attach-device t5 1.xml error: Failed to attach device from 1.xml error: Requested operation is not valid: PCI device :04:01.1 is in use by domain t5 and when i continue this action after the 'domain' i receive some strange characters which might come from the memory space (memory content) like some addresses, links or some characters I tried it with different VMs and different guest OSs that the same happend. The same action was done with another host running libvirt version Installed: 1.0.2-0ubuntu11.13.04.5~cloud1 Candidate: 1.0.2-0ubuntu11.13.04.5~cloud1 and it worked pretty OK. No problem. Do you have any idea what is wrong? More information: Kernel : 3.8.0-37-generic /etc/libvirt/qemu.conf : security_driver = none root@compute01:~# ethtool -i eth5 driver: bnx2x version: 1.78.58 firmware-version: bc 7.4.22 phy 1.34 bus-info: :04:00.1 supports-statistics: yes supports-test: yes supports-eeprom-access: yes supports-register-dump: yes -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Modify help information of virsh list command
On 03/27/2014 12:10 AM, Li Yang wrote: Use 'virsh list domain --title' option can get domain's title, not description, the original help information 'show short domain description' will confuse users, so modify it to 'show domain title' Signed-off-by: Li Yang liyang.f...@cn.fujitsu.com --- tools/virsh-domain-monitor.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) ACK, will push shortly. diff --git a/tools/virsh-domain-monitor.c b/tools/virsh-domain-monitor.c index de4afbb..5d19388 100644 --- a/tools/virsh-domain-monitor.c +++ b/tools/virsh-domain-monitor.c @@ -1753,7 +1753,7 @@ static const vshCmdOptDef opts_list[] = { }, {.name = title, .type = VSH_OT_BOOL, - .help = N_(show short domain description) + .help = N_(show domain title) }, {.name = NULL} }; -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] libvirt-tck: 052-domain-hook.t - reload after hook cleanup
On 03/27/2014 05:39 AM, Daniel P. Berrange wrote: On Thu, Mar 06, 2014 at 03:41:01PM -0700, Mike Latimer wrote: Reload libvirtd after hook testing has completed. Otherwise, libvirtd is still expecting hook test scripts to exist. --- scripts/hooks/052-domain-hook.t | 4 1 file changed, 4 insertions(+) diff --git a/scripts/hooks/052-domain-hook.t b/scripts/hooks/052-domain-hook.t index 90b8a48..d1070b5 100644 --- a/scripts/hooks/052-domain-hook.t +++ b/scripts/hooks/052-domain-hook.t @@ -180,4 +180,8 @@ SKIP: { Sys::Virt::Error::ERR_NO_DOMAIN); $hook-cleanup(); + +diag reload libvirtd after hook cleanup; +$hook-action('reload'); +$hook-service_libvirtd(); }; ACK Pushed. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]execute netdev_del after receive DEVICE_DELETED event
On Thu, Mar 27, 2014 at 20:51:24 +0800, x00221466 wrote: Hi, When live detaching the virtual net device, such as virtio nic、 RTL8139、E1000, there are some problems: (1)If the Guest OS don't support the hot plugging pci device, detach the virtual network device by Libvirt, the net device in Qemu will still exist, but hostnet(tap) in Qemu will be removed. so the net device in Guest OS will be of no effect. (2)If reject the nic in Guest OS, Qemu will remove the net device, then Qemu send DEVICE_DELETED to Libvirt, Libvirt receive the event in event-loop thread and release info of the net device in qemuDomainRemoveNetDevice func. but hostnet in Qemu still exist. So next live attaching virtual net device will be failed because of Duplicate ID. #virsh attach-device win2008_st_r2_64 net.xml --live error: Failed to attach device from net.xml error: internal error: unable to execute QEMU command 'netdev_add': Duplicate ID 'hostnet0' for netdev (3)In addition, in qemuDomainDetachNetDevice, detach net device func, netdev_del command will be sent after sending device_del command at once. So it is violent to remove the tap device before the net device is completely removed. So I think it's more logical that doing the work of sending Qemu command netdev_del after receive the DEVICE_DELETED event. It can avoid the conflict of device info between Libvirt side and Qemu side. This sounds like it could be correct, although I'd prefer Laine to express his opinion on this since he knows the corners in network device assignment... I create a thread in qemuDomainRemoveDevice,the handle of DEVICE_DELETED event, to execute QEMU command netdev_del. Hmm, it took me some time to realize why you'd need to do this. It's because qemuDomainRemoveDevice is run from a DEVICE_DELETED event handler and thus it cannot talk back to the monitor, right? In that case, I suggest spawning a thread for qemuDomainRemoveDevice itself within the event handler (qemuProcessHandleDeviceDeleted) so that all qemuDomainRemove* methods can talk to monitor if they need to. To make the changes easier to follow, please do the change in two patches. The first one to move qemuDomainRemoveDevice into a new thread and the second one to move qemuMonitorRemoveNetdev and qemuMonitorRemoveHostNetwork calls inside qemuDomainRemoveNetDevice. But first, wait for Laine's input, please. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH]execute netdev_del after receive DEVICE_DELETED event
On Thu, Mar 27, 2014 at 03:14:06PM +0100, Jiri Denemark wrote: On Thu, Mar 27, 2014 at 20:51:24 +0800, x00221466 wrote: Hi, When live detaching the virtual net device, such as virtio nic、 RTL8139、E1000, there are some problems: (1)If the Guest OS don't support the hot plugging pci device, detach the virtual network device by Libvirt, the net device in Qemu will still exist, but hostnet(tap) in Qemu will be removed. so the net device in Guest OS will be of no effect. (2)If reject the nic in Guest OS, Qemu will remove the net device, then Qemu send DEVICE_DELETED to Libvirt, Libvirt receive the event in event-loop thread and release info of the net device in qemuDomainRemoveNetDevice func. but hostnet in Qemu still exist. So next live attaching virtual net device will be failed because of Duplicate ID. #virsh attach-device win2008_st_r2_64 net.xml --live error: Failed to attach device from net.xml error: internal error: unable to execute QEMU command 'netdev_add': Duplicate ID 'hostnet0' for netdev (3)In addition, in qemuDomainDetachNetDevice, detach net device func, netdev_del command will be sent after sending device_del command at once. So it is violent to remove the tap device before the net device is completely removed. So I think it's more logical that doing the work of sending Qemu command netdev_del after receive the DEVICE_DELETED event. It can avoid the conflict of device info between Libvirt side and Qemu side. This sounds like it could be correct, although I'd prefer Laine to express his opinion on this since he knows the corners in network device assignment... I create a thread in qemuDomainRemoveDevice,the handle of DEVICE_DELETED event, to execute QEMU command netdev_del. Hmm, it took me some time to realize why you'd need to do this. It's because qemuDomainRemoveDevice is run from a DEVICE_DELETED event handler and thus it cannot talk back to the monitor, right? In that case, I suggest spawning a thread for qemuDomainRemoveDevice itself within the event handler (qemuProcessHandleDeviceDeleted) so that all qemuDomainRemove* methods can talk to monitor if they need to. To make the changes easier to follow, please do the change in two patches. The first one to move qemuDomainRemoveDevice into a new thread and the second one to move qemuMonitorRemoveNetdev and qemuMonitorRemoveHostNetwork calls inside qemuDomainRemoveNetDevice. One complication is that DEVICE_DELETED only exists in very recent QEMU versions, and we need to be careful not to introduce a reliance on that existing, becuase it would cause a regression for libvirt against older QEMU. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 0/3] ABI change: change group name of option table to match with option name
Il 27/03/2014 03:38, Amos Kong ha scritto: This patchset changes group names of option tables to match with option name, this breakes ABI, release note was updated. Amos Kong (3): only add qemu_tpmdev_opts when CONFIG_TPM is defined abort QEMU if group name in option table doesn't match with defined option name update names in option tables to match with actual command-line spelling hw/acpi/core.c| 8 hw/nvram/fw_cfg.c | 4 ++-- include/qemu/option.h | 2 +- qemu-options.h| 12 util/qemu-config.c| 28 vl.c | 37 + 6 files changed, 60 insertions(+), 31 deletions(-) Patches 2 and 3 should be in the opposite order. Paolo -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
killing all of the shell script code ? you mean nwfilter of libvirt does not exist any more? yes. nwfilter code is horrible . maybe we can think of a better way. after all ip|eb tables is complicated, and must be done, user or libvirt. thanks At 2014-03-27 18:57:23,Daniel P. Berrange berra...@redhat.com wrote: On Thu, Mar 27, 2014 at 09:20:23AM +0800, bigclouds wrote: hi,all is there a way to convert vm's filter into comandline, i think it is useful. if there is the functionality, so you think it is worthy to be done. Currently the nwfilter driver generates horrible hacky shell scripts which run a variety of (eb|ip)tables commands. I'm killing all of the shell script code so that we can directly invoke iptables or talk to firewalld over DBus. The commands we will generate though won't be suitable for a user to run directly, because libvirt will parse the output of some commands in order to determine what subsequent commands to run. This kind of logic isn't something you can just export from libvirt, so what you suggest isn't really practical Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] VM host name
Is there a way using LibVirt (java) API to find out the DNS host name of a virtual machine, if already configured? -Vikas -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
Dan Berrange: if there are some one work with you to refactore nwfilter architeture. i hope i can help thanks At 2014-03-27 17:41:15,Laine Stump la...@laine.org wrote: On 03/27/2014 04:43 AM, Eric Blake wrote: On 03/26/2014 07:20 PM, bigclouds wrote: hi,all is there a way to convert vm's filter into comandline, i think it is useful. You mean, as in virsh domxml-to-native qemu-argv $(virsh dumpxml $dom) or are you asking about the nwfilter settings applied on behalf of a guest? Since this same person previously asked about netfilter on IRC, I'm assuming the latter... No, there isn't a way within libvirt to retrive this information. Beyond that, Dan Berrange is in the middle of refactoring the nwfilter code to not use the commandline at all in the case where firewalld is running, so in the future libvirt won't even be running any external commands to setup nwfilter rules. One way to get the information would be to run iptables -S before and after starting the guest, then look at the difference between the two outputs. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
On 03/27/2014 08:25 AM, longguang.yue wrote: [please don't top-post on technical lists] killing all of the shell script code ? Rewriting it so it uses saner mechanisms than shell script. you mean nwfilter of libvirt does not exist any more? No. nwfilter will still exist, it will just be more efficient and more maintainable from the libvirt point of view. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH tck] Adapt network tests to changed cli tool formats
The network tests invoke various ifconfig and route commands to test network setup, and also grep for dnsmasq/radvd args. Switch to use 'ip' since ifconfig and route commands are not installed by default on recent distros any more and their output formats have also changed. Remove grepping for dnsmasq args since libvirt uses a config file now too. Also avoid looking for radvd, since we let dnsmasq handle IPv6 too now. --- .../networks/networkxml2hostout/tck-testnet-1.dat | 20 - .../networks/networkxml2hostout/tck-testnet-2.dat | 16 +++ .../networks/networkxml2hostout/tck-testnet-3.dat | 51 +++--- 3 files changed, 33 insertions(+), 54 deletions(-) diff --git a/scripts/networks/networkxml2hostout/tck-testnet-1.dat b/scripts/networks/networkxml2hostout/tck-testnet-1.dat index da1a51e..977489f 100644 --- a/scripts/networks/networkxml2hostout/tck-testnet-1.dat +++ b/scripts/networks/networkxml2hostout/tck-testnet-1.dat @@ -1,19 +1,19 @@ #iptables -t nat -L -n | grep ' 10\.1\.2\.' +RETURN all -- 10.1.2.0/24 224.0.0.0/24 +RETURN all -- 10.1.2.0/24 255.255.255.255 MASQUERADE tcp -- 10.1.2.0/24 !10.1.2.0/24 masq ports: 1024-65535 MASQUERADE udp -- 10.1.2.0/24 !10.1.2.0/24 masq ports: 1024-65535 MASQUERADE all -- 10.1.2.0/24 !10.1.2.0/24 -#iptables -n -L FORWARD | grep ' 10\.1\.2\.' +#iptables -n -L FORWARD | grep ' 10\.1\.2\.' | sed -e 's/ctstate/state/' ACCEPT all -- 0.0.0.0/010.1.2.0/24 state RELATED,ESTABLISHED ACCEPT all -- 10.1.2.0/24 0.0.0.0/0 -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(listen-address 10\.1\.2\.1*\).*|\1|p' -listen-address 10.1.2.1 -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(dhcp-range 10\.1\.2\.2\,10\.1\.2\.254*\).*|\1|p' -dhcp-range 10.1.2.2,10.1.2.254 -#route -n | grep '10\.1\.2\.' -10.1.2.00.0.0.0 255.255.255.0 U 0 00 tck-testbr +#ip -o route show dev tck-testbr | gawk '{print $1 $7}' +10.1.2.0/24 10.1.2.1 +#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(\/dnsmasq\/tck-testnet.conf\).*|\1|p' +/dnsmasq/tck-testnet.conf #brctl show | grep tck-testbr | gawk '{print $1 $3}' tck-testbr yes -#ifconfig tck-testbr | grep ':10\.1\.2\.' - inet addr:10.1.2.1 Bcast:10.1.2.255 Mask:255.255.255.0 +#ip -o addr show dev tck-testbr | gawk '{print $4 $6}' +10.1.2.1/24 10.1.2.255 #virsh net-list | grep tck-testnet -tck-testnet active no + tck-testnet active no no diff --git a/scripts/networks/networkxml2hostout/tck-testnet-2.dat b/scripts/networks/networkxml2hostout/tck-testnet-2.dat index b2f4315..72ba48b 100644 --- a/scripts/networks/networkxml2hostout/tck-testnet-2.dat +++ b/scripts/networks/networkxml2hostout/tck-testnet-2.dat @@ -2,15 +2,13 @@ ACCEPT all -- 0.0.0.0/010.1.2.0/24 ACCEPT all -- 10.1.2.0/24 0.0.0.0/0 #iptables -t nat -L -n | grep ' 10\.1\.2\.' -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(listen-address 10\.1\.2\.1\).*|\1|p' -listen-address 10.1.2.1 -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(dhcp-range 10\.1\.2\.2,10\.1\.2\.254\).*|\1|p' -dhcp-range 10.1.2.2,10.1.2.254 -#route -n | grep '10\.1\.2\.' -10.1.2.00.0.0.0 255.255.255.0 U 0 00 tck-testbr +#ip -o route show dev tck-testbr | gawk '{print $1 $7}' +10.1.2.0/24 10.1.2.1 +#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(\/dnsmasq\/tck-testnet.conf\).*|\1|p' +/dnsmasq/tck-testnet.conf #brctl show | grep tck-testbr | gawk '{print $1 $3}' tck-testbr yes -#ifconfig tck-testbr | grep ':10\.1\.2\.' - inet addr:10.1.2.1 Bcast:10.1.2.255 Mask:255.255.255.0 +#ip -o addr show dev tck-testbr | gawk '{print $4 $6}' +10.1.2.1/24 10.1.2.255 #virsh net-list | grep tck-testnet -tck-testnet active no + tck-testnet active no no diff --git a/scripts/networks/networkxml2hostout/tck-testnet-3.dat b/scripts/networks/networkxml2hostout/tck-testnet-3.dat index 36c7b32..f9417fc 100644 --- a/scripts/networks/networkxml2hostout/tck-testnet-3.dat +++ b/scripts/networks/networkxml2hostout/tck-testnet-3.dat @@ -1,8 +1,10 @@ #iptables -t nat -L -n | grep ' 10\.1\.2\.' +RETURN all -- 10.1.2.0/24 224.0.0.0/24 +RETURN all -- 10.1.2.0/24 255.255.255.255 MASQUERADE tcp -- 10.1.2.0/24 !10.1.2.0/24 masq ports: 1024-65535 MASQUERADE udp -- 10.1.2.0/24 !10.1.2.0/24 masq ports: 1024-65535 MASQUERADE all -- 10.1.2.0/24 !10.1.2.0/24 -#iptables -n -L FORWARD | grep ' 10\.1\.2\.' +#iptables -n -L FORWARD | grep ' 10\.1\.2\.' | sed -e 's/ctstate/state/' ACCEPT all -- 0.0.0.0/010.1.2.0/24 state RELATED,ESTABLISHED ACCEPT all -- 10.1.2.0/24 0.0.0.0/0 #ip6tables -n -L FORWARD | grep ' 2001:db8:ac10' @@ -10,40 +12,19
[libvirt] [PATCH tck] Change 'Sys::Virt::TCK::generic_domain' to take named params
To make it easier to add more optional parameters to the Sys::Virt::TCK::generic_domain method, change it to take named parameters instead of positional parameters. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- docs/writing-tests.pod | 6 ++--- lib/Sys/Virt/TCK.pm| 37 +++--- lib/Sys/Virt/TCK/NetworkHelpers.pm | 2 +- scripts/domain/050-transient-lifecycle.t | 2 +- scripts/domain/051-transient-autostart.t | 2 +- scripts/domain/060-persistent-lifecycle.t | 2 +- scripts/domain/061-persistent-autostart.t | 2 +- scripts/domain/065-persistent-redefine.t | 2 +- scripts/domain/070-transient-to-persistent.t | 2 +- scripts/domain/080-unique-id-define.t | 8 +++--- scripts/domain/081-unique-id-create.t | 8 +++--- scripts/domain/082-unique-id-caching.t | 4 +-- scripts/domain/090-invalid-ops-when-inactive.t | 2 +- scripts/domain/100-transient-save-restore.t| 2 +- scripts/domain/101-persistent-save-restore.t | 2 +- scripts/domain/102-broken-save-restore.t | 2 +- scripts/domain/103-blockdev-save-restore.t | 2 +- scripts/domain/120-disks-stats.t | 2 +- scripts/domain/121-block-info.t| 2 +- scripts/domain/130-cpu-hotplug.t | 2 +- scripts/domain/180-interface-parameters.t | 2 +- scripts/domain/200-disk-hotplug.t | 2 +- scripts/domain/202-numa-set-parameters.t | 2 +- scripts/domain/205-disk-hotplug-ordering.t | 2 +- scripts/domain/207-disk-media-change.t | 2 +- scripts/domain/210-nic-hotplug.t | 2 +- scripts/domain/215-nic-hotplug-many.t | 2 +- scripts/domain/240-usb-host-hotplug.t | 2 +- scripts/domain/250-pci-host-hotplug.t | 2 +- scripts/domain/300-migration.t | 2 +- scripts/domain/301-migration-max-speed.t | 2 +- scripts/hooks/052-domain-hook.t| 2 +- scripts/qemu/100-disk-encryption.t | 2 +- scripts/qemu/200-qcow2-single-backing-file.t | 2 +- scripts/qemu/205-qcow2-double-backing-file.t | 2 +- scripts/qemu/210-qcow2-auto-probing.t | 2 +- scripts/qemu/400-save-image-xml.t | 2 +- scripts/selinux/050-dynamic-relabel-yes.t | 2 +- scripts/selinux/055-dynamic-base-label.t | 2 +- scripts/selinux/100-static-relabel-no.t| 2 +- scripts/selinux/105-static-relabel-fail.t | 2 +- scripts/selinux/110-static-relabel-yes.t | 2 +- 42 files changed, 71 insertions(+), 66 deletions(-) diff --git a/docs/writing-tests.pod b/docs/writing-tests.pod index 3bc70b0..171166c 100644 --- a/docs/writing-tests.pod +++ b/docs/writing-tests.pod @@ -159,7 +159,7 @@ the exact config, just wanting a minimal generic domain config that is highly likely to work without error. For such cases, a nice simple API is provided: - my $xml = $tck-generic_domain(test)-as_xml; + my $xml = $tck-generic_domain(name = test)-as_xml; This creates an XML document for a guest that is of the correct OS and domain type to be able to run on the current hypervisor, with a name @@ -167,7 +167,7 @@ of 'test', and a single disk. It is possible to set further parameters if required. For example, to set an explicit UUID, give 3 virtual CPUs and turn on ACPI: - my $xml = $tck-generic_domain(test)-vcpus(3) + my $xml = $tck-generic_domain(name = test)-vcpus(3) -uuid(----) -with_acpi()-as_xml() @@ -357,7 +357,7 @@ Taking this into account, the complete example script looks like END { $tck-cleanup if $tck; } -my $xml = $tck-generic_domain(test)-as_xml; +my $xml = $tck-generic_domain(name = test)-as_xml; my $dom; diag Defining inactive domain config again; diff --git a/lib/Sys/Virt/TCK.pm b/lib/Sys/Virt/TCK.pm index a3a2732..57eb08c 100644 --- a/lib/Sys/Virt/TCK.pm +++ b/lib/Sys/Virt/TCK.pm @@ -607,14 +607,14 @@ sub get_kernel { sub generic_machine_domain { my $self = shift; -my $name = shift; -my $caps = shift; -my $ostype = shift; -my $conn = @_ ? shift : $self-conn; +my %params = @_; +my $name = exists $params{name} ? $params{name} : tck; +my $ostype = exists $params{ostype} ? $params{ostype} : hvm; +my $caps = exists $params{caps} ? $params{caps} : die caps parameter is required; my %config = $self-get_kernel($caps, $ostype); -my $b = Sys::Virt::TCK::DomainBuilder-new(conn = $conn, +my $b = Sys::Virt::TCK::DomainBuilder-new(conn = $self-conn, name = $name, domain = $config{domain}, ostype = $config{ostype}); @@ -652,14 +652,14 @@ sub best_container_domain { sub generic_container_domain { my $self = shift;
Re: [libvirt] [PATCH]execute netdev_del after receive DEVICE_DELETED event
On Thu, Mar 27, 2014 at 14:18:46 +, Daniel Berrange wrote: On Thu, Mar 27, 2014 at 03:14:06PM +0100, Jiri Denemark wrote: On Thu, Mar 27, 2014 at 20:51:24 +0800, x00221466 wrote: Hi, When live detaching the virtual net device, such as virtio nic、 RTL8139、E1000, there are some problems: (1)If the Guest OS don't support the hot plugging pci device, detach the virtual network device by Libvirt, the net device in Qemu will still exist, but hostnet(tap) in Qemu will be removed. so the net device in Guest OS will be of no effect. (2)If reject the nic in Guest OS, Qemu will remove the net device, then Qemu send DEVICE_DELETED to Libvirt, Libvirt receive the event in event-loop thread and release info of the net device in qemuDomainRemoveNetDevice func. but hostnet in Qemu still exist. So next live attaching virtual net device will be failed because of Duplicate ID. #virsh attach-device win2008_st_r2_64 net.xml --live error: Failed to attach device from net.xml error: internal error: unable to execute QEMU command 'netdev_add': Duplicate ID 'hostnet0' for netdev (3)In addition, in qemuDomainDetachNetDevice, detach net device func, netdev_del command will be sent after sending device_del command at once. So it is violent to remove the tap device before the net device is completely removed. So I think it's more logical that doing the work of sending Qemu command netdev_del after receive the DEVICE_DELETED event. It can avoid the conflict of device info between Libvirt side and Qemu side. This sounds like it could be correct, although I'd prefer Laine to express his opinion on this since he knows the corners in network device assignment... I create a thread in qemuDomainRemoveDevice,the handle of DEVICE_DELETED event, to execute QEMU command netdev_del. Hmm, it took me some time to realize why you'd need to do this. It's because qemuDomainRemoveDevice is run from a DEVICE_DELETED event handler and thus it cannot talk back to the monitor, right? In that case, I suggest spawning a thread for qemuDomainRemoveDevice itself within the event handler (qemuProcessHandleDeviceDeleted) so that all qemuDomainRemove* methods can talk to monitor if they need to. To make the changes easier to follow, please do the change in two patches. The first one to move qemuDomainRemoveDevice into a new thread and the second one to move qemuMonitorRemoveNetdev and qemuMonitorRemoveHostNetwork calls inside qemuDomainRemoveNetDevice. One complication is that DEVICE_DELETED only exists in very recent QEMU versions, and we need to be careful not to introduce a reliance on that existing, becuase it would cause a regression for libvirt against older QEMU. Sure, that's already taken care of. The device removal code checks if DEVICE_DELETED is supported and if it's not, it directly calls the appropriate qemuDomainRemove* method that would otherwise be called from the event handler. Jirka -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] is there a way to convert vm's filter into comandline
On Thu, Mar 27, 2014 at 10:31:32PM +0800, longguang.yue wrote: Dan Berrange: if there are some one work with you to refactore nwfilter architeture. i hope i can help I've already done pretty much all the work for this. I'm onto testing it now before posting for review. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Crash when using python-libvirt setSchedulerParameters
On 3/25/2014 6:50 AM, Michal Privoznik wrote: On 24.03.2014 21:45, Brian Rak wrote: I'm seeing a very weird (and somewhat reproducable) crash in setSchedulerParameters. The backtrace looks like this: *** glibc detected *** python2.7: free(): invalid pointer: 0x0152bc48 *** === Backtrace: = /lib64/libc.so.6(+0x76166)[0x7faa9e991166] /usr/lib64/python2.7/site-packages/libvirtmod.so(virFree+0x29)[0x7faa9887bfe9] /lib/libvirt.so.0(virTypedParamsClear+0x54)[0x7faa98342fe4] /lib/libvirt.so.0(virTypedParamsFree+0x1e)[0x7faa9834302e] /usr/lib64/python2.7/site-packages/libvirtmod.so(+0x1b4dc)[0x7faa9886c4dc] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x5629)[0x7faa9f63a129] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x68e8)[0x7faa9f63b3e8] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCodeEx+0x8ae)[0x7faa9f63bd5e] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCode+0x32)[0x7faa9f63be72] /usr/lib64/libpython2.7.so.1.0(+0xff25c)[0x7faa9f65625c] /usr/lib64/libpython2.7.so.1.0(PyRun_FileExFlags+0x90)[0x7faa9f656330] /usr/lib64/libpython2.7.so.1.0(PyRun_SimpleFileExFlags+0xef)[0x7faa9f6578cf] /usr/lib64/libpython2.7.so.1.0(Py_Main+0xc56)[0x7faa9f6693f6] /lib64/libc.so.6(__libc_start_main+0xfd)[0x7faa9e939d1d] python2.7[0x400649] I am using: Python2.7 Python-Libvirt 1.2.2 with the [PATCH libvirt-python 1/2] setPyVirTypedParameter: Copy full field name patch. Libvirt 1.2.1 Is the following patch applied as well? commit 69c4600d61fa74c4977d2471a29fb73f0fe5edb0 Author: Michal Privoznik mpriv...@redhat.com AuthorDate: Tue Mar 18 09:20:00 2014 +0100 Commit: Michal Privoznik mpriv...@redhat.com CommitDate: Tue Mar 18 14:43:10 2014 +0100 setPyVirTypedParameter: free whole return variable on error The @ret value is built in a loop. However, if in one iteration there's an error, we should free all the fields built so far. For instance, if there's an error and the previous item was type of VIR_TYPED_PARAM_STRING we definitely must free it. Signed-off-by: Michal Privoznik mpriv...@redhat.com Can you install debuginfo so we see the full stack trace? Michal Unfortunately, even with that patch I'm still seeing crashes. Apparently, this crash only happens when running normally (it doesn't crash when running under gdb). I created a core dump, and have what might be a better call stack: (gdb) where #0 0x7f96047cd925 in raise () from /lib64/libc.so.6 #1 0x7f96047cf105 in abort () from /lib64/libc.so.6 #2 0x7f960480b837 in __libc_message () from /lib64/libc.so.6 #3 0x7f9604811166 in malloc_printerr () from /lib64/libc.so.6 #4 0x7f95fe6fbff9 in virFree (ptrptr=0x2463918) at libvirt-utils.c:119 #5 0x7f95fe1c2fe4 in virTypedParamsClear (params=value optimized out, nparams=5) at util/virtypedparam.c:1147 #6 0x7f95fe1c302e in virTypedParamsFree (params=0x2463800, nparams=value optimized out) at util/virtypedparam.c:1166 #7 0x7f95fe6ec4ec in libvirt_virDomainSetSchedulerParameters (self=value optimized out, args=value optimized out) at libvirt-override.c:975 #8 0x7f96054ba129 in call_function (f=value optimized out, throwflag=value optimized out) at /usr/src/debug/Python-2.7.6/Python/ceval.c:4098 ... truncated This patch corrects the issue. new_params is not guaranteed to have the same number of parameters as params, so we can't use nparams here to free the object. diff --git a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c b/python27-libvirt/libvi index f8fafa7..9725870 100755 --- a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c +++ b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c @@ -913,7 +913,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int nparams = 0; Py_ssize_t size = 0; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OO:virDomainSetScedulerParameters, pyobj_domain, info)) @@ -972,7 +972,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } I am not sure if the 'params = NULL' change is necessary, but that seemed like a potential bug anyway. -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH 1/2] Fixed regression in apparmor profiles for qemu brought by 43c030f
On 03/24/2014 11:20 AM, Cédric Bosdonnat wrote: --- src/security/virt-aa-helper.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) ACK and pushed. diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index b8b0610..59de517 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -1281,7 +1281,9 @@ main(int argc, char **argv) if (vah_add_file(buf, ctl-newfile, rw) != 0) goto cleanup; } else { -if (ctl-def-virtType == VIR_DOMAIN_VIRT_QEMU) { +if (ctl-def-virtType == VIR_DOMAIN_VIRT_QEMU || +ctl-def-virtType == VIR_DOMAIN_VIRT_KQEMU || +ctl-def-virtType == VIR_DOMAIN_VIRT_KVM) { virBufferAsprintf(buf, \%s/log/libvirt/**/%s.log\ w,\n, LOCALSTATEDIR, ctl-def-name); virBufferAsprintf(buf, \%s/lib/libvirt/**/%s.monitor\ rw,\n, -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Crash when using python-libvirt setSchedulerParameters
On 3/27/2014 10:54 AM, Brian Rak wrote: On 3/25/2014 6:50 AM, Michal Privoznik wrote: On 24.03.2014 21:45, Brian Rak wrote: I'm seeing a very weird (and somewhat reproducable) crash in setSchedulerParameters. The backtrace looks like this: *** glibc detected *** python2.7: free(): invalid pointer: 0x0152bc48 *** === Backtrace: = /lib64/libc.so.6(+0x76166)[0x7faa9e991166] /usr/lib64/python2.7/site-packages/libvirtmod.so(virFree+0x29)[0x7faa9887bfe9] /lib/libvirt.so.0(virTypedParamsClear+0x54)[0x7faa98342fe4] /lib/libvirt.so.0(virTypedParamsFree+0x1e)[0x7faa9834302e] /usr/lib64/python2.7/site-packages/libvirtmod.so(+0x1b4dc)[0x7faa9886c4dc] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x5629)[0x7faa9f63a129] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x68e8)[0x7faa9f63b3e8] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCodeEx+0x8ae)[0x7faa9f63bd5e] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCode+0x32)[0x7faa9f63be72] /usr/lib64/libpython2.7.so.1.0(+0xff25c)[0x7faa9f65625c] /usr/lib64/libpython2.7.so.1.0(PyRun_FileExFlags+0x90)[0x7faa9f656330] /usr/lib64/libpython2.7.so.1.0(PyRun_SimpleFileExFlags+0xef)[0x7faa9f6578cf] /usr/lib64/libpython2.7.so.1.0(Py_Main+0xc56)[0x7faa9f6693f6] /lib64/libc.so.6(__libc_start_main+0xfd)[0x7faa9e939d1d] python2.7[0x400649] I am using: Python2.7 Python-Libvirt 1.2.2 with the [PATCH libvirt-python 1/2] setPyVirTypedParameter: Copy full field name patch. Libvirt 1.2.1 Is the following patch applied as well? commit 69c4600d61fa74c4977d2471a29fb73f0fe5edb0 Author: Michal Privoznik mpriv...@redhat.com AuthorDate: Tue Mar 18 09:20:00 2014 +0100 Commit: Michal Privoznik mpriv...@redhat.com CommitDate: Tue Mar 18 14:43:10 2014 +0100 setPyVirTypedParameter: free whole return variable on error The @ret value is built in a loop. However, if in one iteration there's an error, we should free all the fields built so far. For instance, if there's an error and the previous item was type of VIR_TYPED_PARAM_STRING we definitely must free it. Signed-off-by: Michal Privoznik mpriv...@redhat.com Can you install debuginfo so we see the full stack trace? Michal Unfortunately, even with that patch I'm still seeing crashes. Apparently, this crash only happens when running normally (it doesn't crash when running under gdb). I created a core dump, and have what might be a better call stack: (gdb) where #0 0x7f96047cd925 in raise () from /lib64/libc.so.6 #1 0x7f96047cf105 in abort () from /lib64/libc.so.6 #2 0x7f960480b837 in __libc_message () from /lib64/libc.so.6 #3 0x7f9604811166 in malloc_printerr () from /lib64/libc.so.6 #4 0x7f95fe6fbff9 in virFree (ptrptr=0x2463918) at libvirt-utils.c:119 #5 0x7f95fe1c2fe4 in virTypedParamsClear (params=value optimized out, nparams=5) at util/virtypedparam.c:1147 #6 0x7f95fe1c302e in virTypedParamsFree (params=0x2463800, nparams=value optimized out) at util/virtypedparam.c:1166 #7 0x7f95fe6ec4ec in libvirt_virDomainSetSchedulerParameters (self=value optimized out, args=value optimized out) at libvirt-override.c:975 #8 0x7f96054ba129 in call_function (f=value optimized out, throwflag=value optimized out) at /usr/src/debug/Python-2.7.6/Python/ceval.c:4098 ... truncated This patch corrects the issue. new_params is not guaranteed to have the same number of parameters as params, so we can't use nparams here to free the object. diff --git a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c b/python27-libvirt/libvi index f8fafa7..9725870 100755 --- a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c +++ b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c @@ -913,7 +913,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int nparams = 0; Py_ssize_t size = 0; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OO:virDomainSetScedulerParameters, pyobj_domain, info)) @@ -972,7 +972,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } I am not sure if the 'params = NULL' change is necessary, but that seemed like a potential bug anyway. Turns out this issue occurs a bunch of other places as well. Better patch, fixes all the ones I see: diff --git a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c --- a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c +++ b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c @@ -913,7 +913,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int nparams
Re: [libvirt] [PATCH v2] Fix apparmor profile to make vfio pci passthrough work
On 03/25/2014 03:27 PM, Serge Hallyn wrote: Quoting Cedric Bosdonnat (cbosdon...@suse.com): On Tue, 2014-03-25 at 10:40 -0500, Serge Hallyn wrote: Quoting Cédric Bosdonnat (cbosdon...@suse.com): See lp#1276719 for the bug description. As virt-aa-helper doesn't know the VFIO groups to use for the guest, allow access to all /dev/vfio/[0-9]* and /dev/vfio/vfio files if there is a potential need for vfio --- Thanks, Cédric! Looks good to me. Still needs a signed-off-by from you (I assume), but Acked-by: Serge E. Hallyn serge.hal...@ubuntu.com I wasn't aware I needed to sign-off my patches, but I can resubmit with it ;) Actually it looks like I'm wrong, libvirt doesn't require them: http://libvirt.org/hacking.html (point 3) I've pushed this patch to ppa:ubuntu-virt/candidate, which is meant to go into trusty when qemu 2.0 is released. +if (needsVfio) { +virBufferAsprintf(buf, /dev/vfio/vfio rw,\n); +virBufferAsprintf(buf, /dev/vfio/[0-9]* rw,\n); virBufferAsprintf should only be used with % format strings. This fails 'make syntax-check': prohibit_virBufferAsprintf_with_string_literal src/security/virt-aa-helper.c:1107:virBufferAsprintf(buf, /dev/vfio/vfio rw,\n); src/security/virt-aa-helper.c:1108:virBufferAsprintf(buf, /dev/vfio/[0-9]* rw,\n); maint.mk: use virBufferAddLit, not virBufferAsprintf, with a string literal I made the obvious change, and pushed in time for 1.2.3. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] Crash when using python-libvirt setSchedulerParameters
On 27.03.2014 16:01, Brian Rak wrote: On 3/27/2014 10:54 AM, Brian Rak wrote: On 3/25/2014 6:50 AM, Michal Privoznik wrote: On 24.03.2014 21:45, Brian Rak wrote: I'm seeing a very weird (and somewhat reproducable) crash in setSchedulerParameters. The backtrace looks like this: *** glibc detected *** python2.7: free(): invalid pointer: 0x0152bc48 *** === Backtrace: = /lib64/libc.so.6(+0x76166)[0x7faa9e991166] /usr/lib64/python2.7/site-packages/libvirtmod.so(virFree+0x29)[0x7faa9887bfe9] /lib/libvirt.so.0(virTypedParamsClear+0x54)[0x7faa98342fe4] /lib/libvirt.so.0(virTypedParamsFree+0x1e)[0x7faa9834302e] /usr/lib64/python2.7/site-packages/libvirtmod.so(+0x1b4dc)[0x7faa9886c4dc] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x5629)[0x7faa9f63a129] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalFrameEx+0x68e8)[0x7faa9f63b3e8] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCodeEx+0x8ae)[0x7faa9f63bd5e] /usr/lib64/libpython2.7.so.1.0(PyEval_EvalCode+0x32)[0x7faa9f63be72] /usr/lib64/libpython2.7.so.1.0(+0xff25c)[0x7faa9f65625c] /usr/lib64/libpython2.7.so.1.0(PyRun_FileExFlags+0x90)[0x7faa9f656330] /usr/lib64/libpython2.7.so.1.0(PyRun_SimpleFileExFlags+0xef)[0x7faa9f6578cf] /usr/lib64/libpython2.7.so.1.0(Py_Main+0xc56)[0x7faa9f6693f6] /lib64/libc.so.6(__libc_start_main+0xfd)[0x7faa9e939d1d] python2.7[0x400649] I am using: Python2.7 Python-Libvirt 1.2.2 with the [PATCH libvirt-python 1/2] setPyVirTypedParameter: Copy full field name patch. Libvirt 1.2.1 Is the following patch applied as well? commit 69c4600d61fa74c4977d2471a29fb73f0fe5edb0 Author: Michal Privoznik mpriv...@redhat.com AuthorDate: Tue Mar 18 09:20:00 2014 +0100 Commit: Michal Privoznik mpriv...@redhat.com CommitDate: Tue Mar 18 14:43:10 2014 +0100 setPyVirTypedParameter: free whole return variable on error The @ret value is built in a loop. However, if in one iteration there's an error, we should free all the fields built so far. For instance, if there's an error and the previous item was type of VIR_TYPED_PARAM_STRING we definitely must free it. Signed-off-by: Michal Privoznik mpriv...@redhat.com Can you install debuginfo so we see the full stack trace? Michal Unfortunately, even with that patch I'm still seeing crashes. Apparently, this crash only happens when running normally (it doesn't crash when running under gdb). I created a core dump, and have what might be a better call stack: (gdb) where #0 0x7f96047cd925 in raise () from /lib64/libc.so.6 #1 0x7f96047cf105 in abort () from /lib64/libc.so.6 #2 0x7f960480b837 in __libc_message () from /lib64/libc.so.6 #3 0x7f9604811166 in malloc_printerr () from /lib64/libc.so.6 #4 0x7f95fe6fbff9 in virFree (ptrptr=0x2463918) at libvirt-utils.c:119 #5 0x7f95fe1c2fe4 in virTypedParamsClear (params=value optimized out, nparams=5) at util/virtypedparam.c:1147 #6 0x7f95fe1c302e in virTypedParamsFree (params=0x2463800, nparams=value optimized out) at util/virtypedparam.c:1166 #7 0x7f95fe6ec4ec in libvirt_virDomainSetSchedulerParameters (self=value optimized out, args=value optimized out) at libvirt-override.c:975 #8 0x7f96054ba129 in call_function (f=value optimized out, throwflag=value optimized out) at /usr/src/debug/Python-2.7.6/Python/ceval.c:4098 ... truncated This patch corrects the issue. new_params is not guaranteed to have the same number of parameters as params, so we can't use nparams here to free the object. diff --git a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c b/python27-libvirt/libvi index f8fafa7..9725870 100755 --- a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c +++ b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c @@ -913,7 +913,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int nparams = 0; Py_ssize_t size = 0; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OO:virDomainSetScedulerParameters, pyobj_domain, info)) @@ -972,7 +972,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } I am not sure if the 'params = NULL' change is necessary, but that seemed like a potential bug anyway. Turns out this issue occurs a bunch of other places as well. Better patch, fixes all the ones I see: diff --git a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c --- a/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c +++ b/python27-libvirt/libvirt-python-1.2.2/libvirt-override.c @@ -913,7 +913,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int
[libvirt] [PATCH tck] Avoid assumptions about selinux contexts
The current SELinux tests assume a context system_u:system_r or system_u:object_r, which is not true if running against a libvirtd from the source tree. --- lib/Sys/Virt/TCK/SELinux.pm | 30 +++--- scripts/selinux/050-dynamic-relabel-yes.t | 10 ++ scripts/selinux/055-dynamic-base-label.t | 10 ++ scripts/selinux/100-static-relabel-no.t | 2 +- scripts/selinux/110-static-relabel-yes.t | 11 +++ 5 files changed, 47 insertions(+), 16 deletions(-) diff --git a/lib/Sys/Virt/TCK/SELinux.pm b/lib/Sys/Virt/TCK/SELinux.pm index 9f7c0c1..c117fca 100644 --- a/lib/Sys/Virt/TCK/SELinux.pm +++ b/lib/Sys/Virt/TCK/SELinux.pm @@ -18,19 +18,43 @@ use warnings; use base qw(Exporter); use vars qw($SELINUX_GENERIC_CONTEXT $SELINUX_DOMAIN_CONTEXT - $SELINUX_IMAGE_CONTEXT $SELINUX_OTHER_CONTEXT); + $SELINUX_IMAGE_CONTEXT $SELINUX_OTHER_CONTEXT + $SELINUX_GENERIC_TYPE $SELINUX_DOMAIN_TYPE + $SELINUX_IMAGE_TYPE $SELINUX_OTHER_TYPE); our @EXPORT = qw(selinux_get_file_context selinux_set_file_context selinux_restore_file_context + selinux_get_type + selinux_get_mcs $SELINUX_GENERIC_CONTEXT $SELINUX_DOMAIN_CONTEXT - $SELINUX_IMAGE_CONTEXT $SELINUX_OTHER_CONTEXT); + $SELINUX_IMAGE_CONTEXT $SELINUX_OTHER_CONTEXT + $SELINUX_GENERIC_TYPE $SELINUX_DOMAIN_TYPE + $SELINUX_IMAGE_TYPE $SELINUX_OTHER_TYPE); -$SELINUX_OTHER_CONTEXT = system_u:object_r:virt_t:s0; +$SELINUX_OTHER_TYPE = svirt_tcg_t; +$SELINUX_GENERIC_TYPE = virt_image_t; +$SELINUX_DOMAIN_TYPE = svirt_t; +$SELINUX_IMAGE_TYPE = svirt_image_t; + +$SELINUX_OTHER_CONTEXT = system_u:system_r:svirt_tcg_t:s0; $SELINUX_GENERIC_CONTEXT = system_u:object_r:virt_image_t:s0; $SELINUX_DOMAIN_CONTEXT = system_u:system_r:svirt_t:s0; $SELINUX_IMAGE_CONTEXT = system_u:object_r:svirt_image_t:s0; +sub selinux_get_type { +my $context = shift; + +my @bits = split /:/, $context; +return $bits[2]; +} + +sub selinux_get_mcs { +my $context = shift; + +my @bits = split /:/, $context; +return $bits[4]; +} sub selinux_get_file_context { my $path = shift; diff --git a/scripts/selinux/050-dynamic-relabel-yes.t b/scripts/selinux/050-dynamic-relabel-yes.t index 2fb6866..5a53b9d 100644 --- a/scripts/selinux/050-dynamic-relabel-yes.t +++ b/scripts/selinux/050-dynamic-relabel-yes.t @@ -64,12 +64,14 @@ SKIP: { diag domainlabel $domainlabel; my $imagelabel = xpath($dom, string(/domain/seclabel/imagelabel)); diag imagelabel $imagelabel; +my $domaintype = selinux_get_type($domainlabel); +my $imagetype = selinux_get_type($imagelabel); -is(index($domainlabel, $SELINUX_DOMAIN_CONTEXT), 0, dynamic domain label prefix is $SELINUX_DOMAIN_CONTEXT); -is(index($imagelabel, $SELINUX_IMAGE_CONTEXT), 0, dynamic image label prefix is $SELINUX_IMAGE_CONTEXT); +is($domaintype, $SELINUX_DOMAIN_TYPE, dynamic domain label type is $SELINUX_DOMAIN_TYPE); +is($imagetype, $SELINUX_IMAGE_TYPE, dynamic image label type is $SELINUX_IMAGE_TYPE); -my $domainmcs = substr $domainlabel, length($SELINUX_DOMAIN_CONTEXT); -my $imagemcs = substr $imagelabel, length($SELINUX_IMAGE_CONTEXT); +my $domainmcs = selinux_get_mcs($domainlabel); +my $imagemcs = selinux_get_mcs($imagelabel); is($domainmcs, $imagemcs, Domain MCS $domainmcs == Image MCS $imagemcs); diff --git a/scripts/selinux/055-dynamic-base-label.t b/scripts/selinux/055-dynamic-base-label.t index ba07c09..646c50d 100644 --- a/scripts/selinux/055-dynamic-base-label.t +++ b/scripts/selinux/055-dynamic-base-label.t @@ -64,12 +64,14 @@ SKIP: { diag domainlabel $domainlabel; my $imagelabel = xpath($dom, string(/domain/seclabel/imagelabel)); diag imagelabel $imagelabel; +my $domaintype = selinux_get_type($domainlabel); +my $imagetype = selinux_get_type($imagelabel); -is(index($domainlabel, $SELINUX_OTHER_CONTEXT), 0, dynamic domain label prefix is $SELINUX_OTHER_CONTEXT); -is(index($imagelabel, $SELINUX_IMAGE_CONTEXT), 0, dynamic image label prefix is $SELINUX_IMAGE_CONTEXT); +is($domaintype, $SELINUX_OTHER_TYPE, dynamic domain label type is $SELINUX_OTHER_TYPE); +is($imagetype, $SELINUX_IMAGE_TYPE, dynamic image label type is $SELINUX_IMAGE_TYPE); -my $domainmcs = substr $domainlabel, length($SELINUX_OTHER_CONTEXT); -my $imagemcs = substr $imagelabel, length($SELINUX_IMAGE_CONTEXT); +my $domainmcs = selinux_get_mcs($domainlabel); +my $imagemcs = selinux_get_mcs($imagelabel); is($domainmcs, $imagemcs, Domain MCS $domainmcs == Image MCS $imagemcs); diff --git a/scripts/selinux/100-static-relabel-no.t b/scripts/selinux/100-static-relabel-no.t index 36eae47..8d9fda8 100644 --- a/scripts/selinux/100-static-relabel-no.t +++ b/scripts/selinux/100-static-relabel-no.t @@ -51,8 +51,8 @@ SKIP: { my $origdomainlabel = $SELINUX_DOMAIN_CONTEXT . $origmcs; my $origimagelabel = $SELINUX_IMAGE_CONTEXT . $origmcs; +diag Setting image
[libvirt] [PATCH] Fix potential crash when setting partial cpu/memory/numa/interface limits on domains
The number of parameters in new_params is not guaranteed to be the same as the number of parameters in params. Use the correct count when freeing new_params to avoid crashes --- libvirt-override.c | 24 1 files changed, 12 insertions(+), 12 deletions(-) diff --git a/libvirt-override.c b/libvirt-override.c index 9dc6ad4..3fa9b9b 100644 --- a/libvirt-override.c +++ b/libvirt-override.c @@ -914,7 +914,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, int i_retval; int nparams = 0; Py_ssize_t size = 0; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OO:virDomainSetScedulerParameters, pyobj_domain, info)) @@ -973,7 +973,7 @@ libvirt_virDomainSetSchedulerParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } @@ -1064,7 +1064,7 @@ libvirt_virDomainSetBlkioParameters(PyObject *self ATTRIBUTE_UNUSED, int nparams = 0; Py_ssize_t size = 0; unsigned int flags; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OOi:virDomainSetBlkioParameters, @@ -1123,7 +1123,7 @@ libvirt_virDomainSetBlkioParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } @@ -1184,7 +1184,7 @@ libvirt_virDomainSetMemoryParameters(PyObject *self ATTRIBUTE_UNUSED, int nparams = 0; Py_ssize_t size = 0; unsigned int flags; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OOi:virDomainSetMemoryParameters, @@ -1243,7 +1243,7 @@ libvirt_virDomainSetMemoryParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } @@ -1304,7 +1304,7 @@ libvirt_virDomainSetNumaParameters(PyObject *self ATTRIBUTE_UNUSED, int nparams = 0; Py_ssize_t size = 0; unsigned int flags; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OOi:virDomainSetNumaParameters, @@ -1363,7 +1363,7 @@ libvirt_virDomainSetNumaParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } @@ -1425,7 +1425,7 @@ libvirt_virDomainSetInterfaceParameters(PyObject *self ATTRIBUTE_UNUSED, Py_ssize_t size = 0; unsigned int flags; const char *device = NULL; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OzOi:virDomainSetInterfaceParameters, @@ -1484,7 +1484,7 @@ libvirt_virDomainSetInterfaceParameters(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } @@ -4782,7 +4782,7 @@ libvirt_virDomainSetBlockIoTune(PyObject *self ATTRIBUTE_UNUSED, Py_ssize_t size = 0; const char *disk; unsigned int flags; -virTypedParameterPtr params, new_params = NULL; +virTypedParameterPtr params = NULL, new_params = NULL; if (!PyArg_ParseTuple(args, (char *)OzOi:virDomainSetBlockIoTune, pyobj_domain, disk, info, flags)) @@ -4840,7 +4840,7 @@ libvirt_virDomainSetBlockIoTune(PyObject *self ATTRIBUTE_UNUSED, cleanup: virTypedParamsFree(params, nparams); -virTypedParamsFree(new_params, nparams); +virTypedParamsFree(new_params, size); return ret; } -- 1.7.1 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH tck] Fix 202-numa-set-parameters.t test querying numa params
The 202-numa-set-parameters.t test would attempt to fetch NUMA parameters while the guest is shutoff using the VIR_DOMAIN_AFFECT_LIVE parameter. Change it to use the param AFFECT_CONFIG instead, and add a separate test for AFFECT_LIVE after the guest has been started again. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/domain/202-numa-set-parameters.t | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/domain/202-numa-set-parameters.t b/scripts/domain/202-numa-set-parameters.t index c0baf0b..886a979 100644 --- a/scripts/domain/202-numa-set-parameters.t +++ b/scripts/domain/202-numa-set-parameters.t @@ -28,7 +28,7 @@ after the API call to set NUMA parameters for a domain. use strict; use warnings; -use Test::More tests = 10; +use Test::More tests = 12; use Sys::Virt::TCK; use Test::Exception; @@ -80,7 +80,7 @@ diag Set numa parameters, affects next boot; lives_ok(sub {$dom-set_numa_parameters(\%params, Sys::Virt::Domain::AFFECT_CONFIG)}, set_numa_parameters); diag Get numa parameters; -my $params = $dom-get_numa_parameters(Sys::Virt::Domain::AFFECT_LIVE); +$params = $dom-get_numa_parameters(Sys::Virt::Domain::AFFECT_CONFIG); ok($params-{Sys::Virt::Domain::NUMA_MODE} == Sys::Virt::Domain::NUMATUNE_MEM_STRICT, 'Check mode'); ok($params-{Sys::Virt::Domain::NUMA_NODESET} eq '0', 'Check nodeset'); @@ -88,6 +88,11 @@ diag Make sure the domain can be started after setting numa parameters; $dom-create; ok($dom-get_id 0, running domain with ID 0); +diag Get numa parameters; +$params = $dom-get_numa_parameters(Sys::Virt::Domain::AFFECT_LIVE); +ok($params-{Sys::Virt::Domain::NUMA_MODE} == Sys::Virt::Domain::NUMATUNE_MEM_STRICT, 'Check mode'); +ok($params-{Sys::Virt::Domain::NUMA_NODESET} eq '0', 'Check nodeset'); + diag Destroying the persistent domain; $dom-destroy; $dom-undefine; -- 1.8.5.3 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Added example script on how to convert LXC container config
On 03/11/2014 06:40 AM, Cédric Bosdonnat wrote: --- Makefile.am | 2 +- configure.ac | 1 + examples/lxcconvert/Makefile.am | 19 ++ examples/lxcconvert/virt-lxc-convert | 67 4 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 examples/lxcconvert/Makefile.am create mode 100644 examples/lxcconvert/virt-lxc-convert +++ b/examples/lxcconvert/Makefile.am ... +EXTRA_DIST= \ + virt-lxc-convert + Fails 'make syntax-check': prohibit_empty_lines_at_EOF examples/lxcconvert/Makefile.am maint.mk: empty line(s) or no newline at EOF +++ b/examples/lxcconvert/virt-lxc-convert @@ -0,0 +1,67 @@ +#!/usr/bin/env sh 'env sh' is overkill; you are guaranteed that /bin/sh exists; and furthermore, since we are talking about LXC and therefore Linux, that it is a POSIX sh (compared to the more generic case where you have to worry about braindead Solaris /bin/sh). + +function show_help() 'function' is a bash-ism. To be portable to /bin/sh, this MUST be: show_help () +{ +cat EOF +$0 /path/to/lxc/config/file + +Wrapper around virsh domxml-from-native to ease conversion of LXC +containers configuration to libvirt domain XML. +EOF +} + +if test $# != 1; then around $# is redundant (doesn't hurt if you are using a consistent style, but the result is guaranteed to be a number not subject to word splitting) It might also be nice to support '--help'. +show_help +exit 1 although if you do add support for --help, that particular case should exit with status 0 (or more technically correct, with the exit status of the cat process, in case there was a write failure when printing the help) + +conf_new=/tmp/config-$$ +domain_new=/tmp/config-$$.xml Eww. Totally insecure. Consider using mktemp(1) + +cp $conf $conf_new Needs around $conf, since it comes from the user and may contain spaces. Your choice of $conf_new does not contain spaces, but it can't hurt to be consistent in the use of . + +# Do we have lxc.mount, and is it pointing to a readable file? +fstab=`grep 'lxc.mount[[:space:]]*=' $conf_new | sed -e 's/[[:space:]]\+=[[:space:]]\+/=/' | cut -f 2 -d '='` Use $(), not `` grep|sed is a waste of a process. Also, \+ is not portable sed. It's simpler to: sed -n '/lxc.mount[[:space:]]*=/ s/[[:space:]]*=[[:space:]]*/=/p' | cut... Long lines; it would be nice to keep things under 80 columns. +if test \( -n $fstab \) -a \( -r $fstab \); then 'test \(' and 'test -a' are not portable. This MUST be: if test -n $fstab test -r $fstab; then +sed -i -e 's/^lxc.mount[[:space:]]*=.*$//' $conf_new 'sed -i' is not portable. But since LXC targets Linux, we can be reasonably safe assuming that GNU sed is installed and you can get away with it. +sed -e 's/^\([^#]\)/lxc.mount.entry = \1/' $fstab | cat $conf_new - ${conf_new}.tmp Need around $fstab. +mv ${conf_new}.tmp $conf_new Useless use of cat and mv. Just do 'sed ... $conf_new'. +fi + +memory=`free | grep 'Mem:' | sed -e 's: \+: :g' | cut -f 2 -d ' '` $(). free is a Linux-ism (but this deals with LXC, so I guess we are okay). grep|sed is a waste of a process. \+ is not portable sed. 's:::' looks odd compared to the typical 's///'. +default_tmpfs=size=$((memory/2)) + +# Do we have tmpfs without size param? +grep -e 'lxc.mount.entry[[:space:]]*=[[:space:]]*tmpfs[[:space:]]' $conf_new | while read line; do Why 'grep -e' when you didn't use any extended regex capabilities? +has_size=`echo $line | grep -v -e 'size='` Why 'grep -e'? $() instead of ``, or even better to do this natively in shell instead of forking processes: case $line in size=*) has_size=: ;; *) has_size=false ;; esac +# Add the default size here (50%) if no size is given +if test -n $has_size; then and if you use case to determine has_size, then this would be if $has_size; then +sed -i -e \;$line;s/\([[:space:]]\+[0-9][[:space:]]\+[0-9][::space::]*$\)/,$default_tmpfs\1/ $conf_new Unsafe if $line contains ';'. And I'm probably fighting a losing battle for avoiding \+ or sed -i +fi +# Convert relative sizes +has_rel_size=`echo $line | grep -e 'size=[0-9]\+%'` Similar comments as for $has_size via 'case' instead of forking +if test -n $has_rel_size; then +percent=`echo $line | sed -e 's:size=\([0-9]\+\)%:\n\1%\n:' | grep '\%' | sed -e 's/%//'` Simpler and more portable as: percent=$(echo $line | sed 's/.*size=\([0-9][0-9]\*\)%.*/\1/') +size=$((memory*percent/100)) +sed -i -e \;$line;s/size=[0-9]\+%/size=${size}/ $conf_new Again, problematic if $line contains ';' +fi +done + +# Do we have any memory limit set? +mem_limit=`grep 'lxc.cgroup.memory.limit_in_bytes[[:space:]]*=' $conf_new` $() +if test -z $mem_limit; then +sed -i -e
Re: [libvirt] [PATCH] Do not truncate output of nwfilter2vmtest.sh
On Thursday, March 27, 2014 11:45:06 AM Daniel P. Berrange wrote: When printing test results, nwfilter2vmtest.sh, truncates the output at 66 or 70 characters. This is very unhelpful when debugging problems where you want to see the full output Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilter2vmtest.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) I realize I'm new here, but it's easy to ACK this one. ;) -Mike -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 3/3] libxl: Implement basic video device selection
This started as an investigation into an issue where libvirt (using the libxl driver) and the Xen host, like an old couple, could not agree on who is responsible for selecting the VNC port to use. Things usually (and a bit surprisingly) did work because, just like that old couple, they had the same idea on what to do by default. However it was possible that this ended up in a big argument. The problem is that display information exists in two different places: in the vfbs list and in the build info. And for launching the device model, only the latter is used. But that never gets initialized from libvirt. So Xen allows the device model to select a default port while libvirt thinks it has told Xen that this is done by libvirt (though the vfbs config). While fixing that, I made a stab at actually evaluating the configuration of the video device. So that it is now possible to at least decide between a Cirrus or standard VGA emulation and to modify the VRAM within certain limits using libvirt. Signed-off-by: Stefan Bader stefan.ba...@canonical.com --- src/libxl/libxl_conf.c | 85 1 file changed, 85 insertions(+) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index b8de72a..fdd2726 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -1298,6 +1298,82 @@ libxlMakeCapabilities(libxl_ctx *ctx) return NULL; } +static void +libxlSetBuildGraphics(virDomainDefPtr def, libxl_domain_config *d_config) +{ +libxl_domain_build_info *b_info = d_config-b_info; + +/* + * Take the first defined video device (graphics card) to display + * on the first graphics device (display). + * Right now only type and vram info is used and anything beside + * type xen and vga is mapped to cirrus. + */ +if (def-nvideos) { +unsigned int min_vram = 8 * 1024; + +switch (def-videos[0]-type) { +case VIR_DOMAIN_VIDEO_TYPE_VGA: +case VIR_DOMAIN_VIDEO_TYPE_XEN: +b_info-u.hvm.vga.kind = LIBXL_VGA_INTERFACE_TYPE_STD; +/* + * Libxl enforces a minimal VRAM size of 8M when using + * LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN_TRADITIONAL or + * 16M for LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN. + * Avoid build failures and go with the minimum if less + * is specified. + */ +switch (b_info-device_model_version) { +case LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN_TRADITIONAL: +min_vram = 8 * 1024; +break; +case LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN: +default: +min_vram = 16 * 1024; +} +break; +default: +/* + * Ignore any other device type and use Cirrus. Again fix + * up the minimal VRAM to what libxl expects. + */ +b_info-u.hvm.vga.kind = LIBXL_VGA_INTERFACE_TYPE_CIRRUS; +switch (b_info-device_model_version) { +case LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN_TRADITIONAL: +min_vram = 4 * 1024; /* Actually the max, too */ +break; +case LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN: +default: +min_vram = 8 * 1024; +} +} +b_info-video_memkb = (def-videos[0]-vram min_vram) ? + def-videos[0]-vram : + LIBXL_MEMKB_DEFAULT; +} else { +libxl_defbool_set(b_info-u.hvm.nographic, 1); +} + +/* + * When making the list of displays, only VNC and SDL types were + * taken into account. So it seems sensible to connect the default + * video device to the first in the vfb list. + * + * FIXME: Copy the structures and fixing the strings feels a bit dirty. + */ +if (d_config-num_vfbs) { +libxl_device_vfb *vfb0 = d_config-vfbs[0]; + + b_info-u.hvm.vnc = vfb0-vnc; +VIR_STRDUP(b_info-u.hvm.vnc.listen, vfb0-vnc.listen); +VIR_STRDUP(b_info-u.hvm.vnc.passwd, vfb0-vnc.passwd); +b_info-u.hvm.sdl = vfb0-sdl; +VIR_STRDUP(b_info-u.hvm.sdl.display, vfb0-sdl.display); +VIR_STRDUP(b_info-u.hvm.sdl.xauthority, vfb0-sdl.xauthority); +VIR_STRDUP(b_info-u.hvm.keymap, vfb0-keymap); +} +} + int libxlBuildDomainConfig(libxlDriverPrivatePtr driver, virDomainObjPtr vm, libxl_domain_config *d_config) @@ -1325,6 +1401,15 @@ libxlBuildDomainConfig(libxlDriverPrivatePtr driver, if (libxlMakePciList(def, d_config) 0) return -1; +/* + * Now that any potential VFBs are defined, it is time to update the + * build info with the data of the primary display. Some day libxl + * might
[libvirt] libxl fixes/improvements for libvirt
Here several changes which improve the handling of Xen for me: * 0001-libxl-Use-id-from-virDomainObj-inside-the-driver.patch This is a re-send as I initially submitted that as a reply to some discussion. Starting from the visibly broken libxlDomainGetInfo when creating or rebooting a guest with virt-manager, I replaced all usage of dom-id with the more stable vm-def-id. * 0002-libxl-Set-disk-format-for-empty-cdrom-device.patch Fixes start of a guest after ejecting the iso image from a virtual CDROM drive (again using virt-manager). * 0003-libxl-Implement-basic-video-device-selection.patch Should fix the occasional disagreement about the used VNC port and adds the ability to select the standard VGA graphics from Xen. VRAM size seemed to work with that. Only for Cirrus, while the qemu command-line looks good, ones seems to end up with 32M. Note to people on the Xen list: I wonder whether libxenlight internally should somehow should fix up the situation where a caller sets up the video devices in the vfbs list but does not sync that with the information in the build info. Question probably is what the semantics should be. -Stefan -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 2/3] libxl: Set disk format for empty cdrom device
The XML config for a CDROM device can be without a source path, indicating that there is no media present. Without this change the libxl driver fails to start a guest in that case because the libxl library checks for the LIBXL_DISK_FORMAT_EMPTY format type and tries to stat the NULL pointer that gets passed on. libxl: error: libxl_device.c:265:libxl__device_disk_set_backend: Disk vdev=hdc failed to stat: (null): Bad address Signed-off-by: Stefan Bader stefan.ba...@canonical.com --- src/libxl/libxl_conf.c |3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index de6f7ce..b8de72a 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -827,6 +827,9 @@ libxlMakeDisk(virDomainDiskDefPtr l_disk, libxl_device_disk *x_disk) x_disk-removable = 1; x_disk-readwrite = !l_disk-readonly; x_disk-is_cdrom = l_disk-device == VIR_DOMAIN_DISK_DEVICE_CDROM ? 1 : 0; +/* An empty CDROM must have the empty format, otherwise libxl fails. */ +if (x_disk-is_cdrom !x_disk-pdev_path) +x_disk-format = LIBXL_DISK_FORMAT_EMPTY; if (l_disk-transient) { virReportError(VIR_ERR_INTERNAL_ERROR, %s, _(libxenlight does not support transient disks)); -- 1.7.9.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/3] libxl: Use id from virDomainObj inside the driver
There is a domain id in the virDomain structure as well as in the virDomainObj structure. While the former can become stale the latter is kept up to date. So it is safer to always (virDomainObjPtr)-def-id internally. This will fix issues seen when managing Xen guests through libvirt from virt-manager (not being able to get domain info after define or reboot). This was caused both though libxlDomainGetInfo() only but there were a lot of places that might potentially cause issues, too. Signed-off-by: Stefan Bader stefan.ba...@canonical.com --- src/libxl/libxl_driver.c | 75 +++--- 1 file changed, 38 insertions(+), 37 deletions(-) diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index fc97db4..b5061df 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -770,10 +770,10 @@ libxlDomainSuspend(virDomainPtr dom) priv = vm-privateData; if (virDomainObjGetState(vm, NULL) != VIR_DOMAIN_PAUSED) { -if (libxl_domain_pause(priv-ctx, dom-id) != 0) { +if (libxl_domain_pause(priv-ctx, vm-def-id) != 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to suspend domain '%d' with libxenlight), - dom-id); + vm-def-id); goto endjob; } @@ -829,10 +829,10 @@ libxlDomainResume(virDomainPtr dom) priv = vm-privateData; if (virDomainObjGetState(vm, NULL) == VIR_DOMAIN_PAUSED) { -if (libxl_domain_unpause(priv-ctx, dom-id) != 0) { +if (libxl_domain_unpause(priv-ctx, vm-def-id) != 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to resume domain '%d' with libxenlight), - dom-id); + vm-def-id); goto endjob; } @@ -883,10 +883,10 @@ libxlDomainShutdownFlags(virDomainPtr dom, unsigned int flags) } priv = vm-privateData; -if (libxl_domain_shutdown(priv-ctx, dom-id) != 0) { +if (libxl_domain_shutdown(priv-ctx, vm-def-id) != 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to shutdown domain '%d' with libxenlight), - dom-id); + vm-def-id); goto cleanup; } @@ -930,10 +930,10 @@ libxlDomainReboot(virDomainPtr dom, unsigned int flags) } priv = vm-privateData; -if (libxl_domain_reboot(priv-ctx, dom-id) != 0) { +if (libxl_domain_reboot(priv-ctx, vm-def-id) != 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to reboot domain '%d' with libxenlight), - dom-id); + vm-def-id); goto cleanup; } ret = 0; @@ -974,7 +974,7 @@ libxlDomainDestroyFlags(virDomainPtr dom, priv = vm-privateData; if (libxl_domain_destroy(priv-ctx, vm-def-id, NULL) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, - _(Failed to destroy domain '%d'), dom-id); + _(Failed to destroy domain '%d'), vm-def-id); goto cleanup; } @@ -1105,10 +1105,10 @@ libxlDomainSetMemoryFlags(virDomainPtr dom, unsigned long newmem, if (flags VIR_DOMAIN_MEM_LIVE) { priv = vm-privateData; -if (libxl_domain_setmaxmem(priv-ctx, dom-id, newmem) 0) { +if (libxl_domain_setmaxmem(priv-ctx, vm-def-id, newmem) 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to set maximum memory for domain '%d' - with libxenlight), dom-id); + with libxenlight), vm-def-id); goto endjob; } } @@ -1138,13 +1138,13 @@ libxlDomainSetMemoryFlags(virDomainPtr dom, unsigned long newmem, priv = vm-privateData; /* Unlock virDomainObj while ballooning memory */ virObjectUnlock(vm); -res = libxl_set_memory_target(priv-ctx, dom-id, newmem, 0, +res = libxl_set_memory_target(priv-ctx, vm-def-id, newmem, 0, /* force */ 1); virObjectLock(vm); if (res 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Failed to set memory for domain '%d' - with libxenlight), dom-id); + with libxenlight), vm-def-id); goto endjob; } } @@ -1202,9 +1202,10 @@ libxlDomainGetInfo(virDomainPtr dom, virDomainInfoPtr info) info-memory = vm-def-mem.cur_balloon; info-maxMem = vm-def-mem.max_balloon; } else { -if (libxl_domain_info(priv-ctx, d_info, dom-id) != 0) { +if (libxl_domain_info(priv-ctx, d_info, vm-def-id) != 0) { virReportError(VIR_ERR_INTERNAL_ERROR, -
Re: [libvirt] [PATCH] Do not truncate output of nwfilter2vmtest.sh
On 03/27/2014 10:45 AM, Mike Latimer wrote: On Thursday, March 27, 2014 11:45:06 AM Daniel P. Berrange wrote: When printing test results, nwfilter2vmtest.sh, truncates the output at 66 or 70 characters. This is very unhelpful when debugging problems where you want to see the full output Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/nwfilter/nwfilter2vmtest.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) I realize I'm new here, but it's easy to ACK this one. ;) New or not, your reviews are helpful! We all had to start somewhere. And right now, the fact that you are attempting to run tck gives you better status as a reviewer, even if only to say I applied this, and it {still passed for me/fixed a bug I was hitting} -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Do not truncate output of nwfilter2vmtest.sh
On Thursday, March 27, 2014 11:10:15 AM Eric Blake wrote: New or not, your reviews are helpful! We all had to start somewhere. And right now, the fact that you are attempting to run tck gives you better status as a reviewer, even if only to say I applied this, and it {still passed for me/fixed a bug I was hitting} Thank you! That's exactly the response I was hoping for. I'll continue my testing then and should be able to at least provide an ACK/response on the areas I'm familiar with. (So far, Daniel's recent patches all look good.) -Mike -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH tck] Change 'Sys::Virt::TCK::generic_domain' to take named params
On Thursday, March 27, 2014 02:49:11 PM Daniel P. Berrange wrote: To make it easier to add more optional parameters to the Sys::Virt::TCK::generic_domain method, change it to take named parameters instead of positional parameters. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- docs/writing-tests.pod | 6 ++--- lib/Sys/Virt/TCK.pm| 37 +++--- lib/Sys/Virt/TCK/NetworkHelpers.pm | 2 +- scripts/domain/050-transient-lifecycle.t | 2 +- scripts/domain/051-transient-autostart.t | 2 +- scripts/domain/060-persistent-lifecycle.t | 2 +- scripts/domain/061-persistent-autostart.t | 2 +- scripts/domain/065-persistent-redefine.t | 2 +- scripts/domain/070-transient-to-persistent.t | 2 +- scripts/domain/080-unique-id-define.t | 8 +++--- scripts/domain/081-unique-id-create.t | 8 +++--- scripts/domain/082-unique-id-caching.t | 4 +-- scripts/domain/090-invalid-ops-when-inactive.t | 2 +- scripts/domain/100-transient-save-restore.t| 2 +- scripts/domain/101-persistent-save-restore.t | 2 +- scripts/domain/102-broken-save-restore.t | 2 +- scripts/domain/103-blockdev-save-restore.t | 2 +- scripts/domain/120-disks-stats.t | 2 +- scripts/domain/121-block-info.t| 2 +- scripts/domain/130-cpu-hotplug.t | 2 +- scripts/domain/180-interface-parameters.t | 2 +- scripts/domain/200-disk-hotplug.t | 2 +- scripts/domain/202-numa-set-parameters.t | 2 +- scripts/domain/205-disk-hotplug-ordering.t | 2 +- scripts/domain/207-disk-media-change.t | 2 +- scripts/domain/210-nic-hotplug.t | 2 +- scripts/domain/215-nic-hotplug-many.t | 2 +- scripts/domain/240-usb-host-hotplug.t | 2 +- scripts/domain/250-pci-host-hotplug.t | 2 +- scripts/domain/300-migration.t | 2 +- scripts/domain/301-migration-max-speed.t | 2 +- scripts/hooks/052-domain-hook.t| 2 +- scripts/qemu/100-disk-encryption.t | 2 +- scripts/qemu/200-qcow2-single-backing-file.t | 2 +- scripts/qemu/205-qcow2-double-backing-file.t | 2 +- scripts/qemu/210-qcow2-auto-probing.t | 2 +- scripts/qemu/400-save-image-xml.t | 2 +- scripts/selinux/050-dynamic-relabel-yes.t | 2 +- scripts/selinux/055-dynamic-base-label.t | 2 +- scripts/selinux/100-static-relabel-no.t| 2 +- scripts/selinux/105-static-relabel-fail.t | 2 +- scripts/selinux/110-static-relabel-yes.t | 2 +- 42 files changed, 71 insertions(+), 66 deletions(-) ACK. This seems like a good improvement, and works well in my testing. -Mike -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH tck] Fix 202-numa-set-parameters.t test querying numa params
On Thursday, March 27, 2014 03:38:47 PM Daniel P. Berrange wrote: The 202-numa-set-parameters.t test would attempt to fetch NUMA parameters while the guest is shutoff using the VIR_DOMAIN_AFFECT_LIVE parameter. Change it to use the param AFFECT_CONFIG instead, and add a separate test for AFFECT_LIVE after the guest has been started again. Signed-off-by: Daniel P. Berrange berra...@redhat.com --- scripts/domain/202-numa-set-parameters.t | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) ACK. This fixes the persistent NUMA failures I was seeing in my testing. -Mike -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] Expose SLIRP attributes
We allow users to use SLIRP stack. However, there are some knobs which are not exposed to users, such as host network address, DNS server, smb, and others. Signed-off-by: Michal Privoznik mpriv...@redhat.com --- docs/formatdomain.html.in | 7 +- docs/schemas/domaincommon.rng | 23 +- src/conf/domain_conf.c | 88 ++ src/conf/domain_conf.h | 6 ++ src/qemu/qemu_command.c| 19 + .../qemuxml2argvdata/qemuxml2argv-net-user-ip.args | 7 ++ .../qemuxml2argvdata/qemuxml2argv-net-user-ip.xml | 33 tests/qemuxml2argvtest.c | 1 + 8 files changed, 180 insertions(+), 4 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-user-ip.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-user-ip.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 7f90455..0a353ca 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -3225,7 +3225,11 @@ starting from code10.0.2.15/code. The default router will be code10.0.2.2/code and the DNS server will be code10.0.2.3/code. This networking is the only option for unprivileged users who need their - VMs to have outgoing access. + VMs to have outgoing access. span class=sinceSince 1.2.3/span the + user network can have the lt;ip/gt; element to override the default + network of code10.0.2.0/24/code. For example it can be set to + code192.168.2.0/24/code. The whole element and its attributes are + optional. /p pre @@ -3235,6 +3239,7 @@ ... lt;interface type='user'gt; lt;mac address=00:11:22:33:44:55/gt; + lt;ip address=192.168.2.0 prefix=24 dns=192.168.2.3 dhcpstart=192.168.2.9/gt; lt;/interfacegt; lt;/devicesgt; .../pre diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index bcd8142..5745ce7 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -2152,9 +2152,26 @@ /optional optional element name=ip - attribute name=address -ref name=ipv4Addr/ - /attribute + optional +attribute name=address + ref name=ipv4Addr/ +/attribute + /optional + optional +attribute name=prefix + data type=integer/ +/attribute + /optional + optional +attribute name=dns + ref name=ipv4Addr/ +/attribute + /optional + optional +attribute name=dhcpstart + ref name=ipv4Addr/ +/attribute + /optional empty/ /element /optional diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6fb216e..aec14ed 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -1539,6 +1539,11 @@ void virDomainNetDefFree(virDomainNetDefPtr def) break; case VIR_DOMAIN_NET_TYPE_USER: +VIR_FREE(def-data.user.ipaddr); +VIR_FREE(def-data.user.dns); +VIR_FREE(def-data.user.dhcpstart); +break; + case VIR_DOMAIN_NET_TYPE_LAST: break; } @@ -6669,6 +6674,9 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlopt, char *mode = NULL; char *linkstate = NULL; char *addrtype = NULL; +char *prefix = NULL; +char *dns = NULL; +char *dhcpstart = NULL; virNWFilterHashTablePtr filterparams = NULL; virDomainActualNetDefPtr actual = NULL; xmlNodePtr oldnode = ctxt-node; @@ -6750,6 +6758,13 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlopt, def-type == VIR_DOMAIN_NET_TYPE_BRIDGE) xmlStrEqual(cur-name, BAD_CAST ip)) { address = virXMLPropString(cur, address); +} else if (!address + def-type == VIR_DOMAIN_NET_TYPE_USER + xmlStrEqual(cur-name, BAD_CAST ip)) { +address = virXMLPropString(cur, address); +prefix = virXMLPropString(cur, prefix); +dns = virXMLPropString(cur, dns); +dhcpstart = virXMLPropString(cur, dhcpstart); } else if (!ifname xmlStrEqual(cur-name, BAD_CAST target)) { ifname = virXMLPropString(cur, dev); @@ -6988,6 +7003,59 @@ virDomainNetDefParseXML(virDomainXMLOptionPtr xmlopt, break; case VIR_DOMAIN_NET_TYPE_USER: +if (prefix) { +if (!address) { +virReportError(VIR_ERR_XML_ERROR, %s, + _(can't use prefix without an address)); +goto error; +} + +if (virStrToLong_i(prefix, NULL, 10, def-data.user.prefix) 0 || +def-data.user.prefix 0) { +
Re: [libvirt] [PATCH] Expose SLIRP attributes
On 03/27/2014 11:17 AM, Michal Privoznik wrote: We allow users to use SLIRP stack. However, there are some knobs which are not exposed to users, such as host network address, DNS server, smb, and others. Signed-off-by: Michal Privoznik mpriv...@redhat.com --- docs/formatdomain.html.in | 7 +- docs/schemas/domaincommon.rng | 23 +- src/conf/domain_conf.c | 88 ++ src/conf/domain_conf.h | 6 ++ src/qemu/qemu_command.c| 19 + .../qemuxml2argvdata/qemuxml2argv-net-user-ip.args | 7 ++ .../qemuxml2argvdata/qemuxml2argv-net-user-ip.xml | 33 tests/qemuxml2argvtest.c | 1 + 8 files changed, 180 insertions(+), 4 deletions(-) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-user-ip.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-net-user-ip.xml diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index 7f90455..0a353ca 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -3225,7 +3225,11 @@ starting from code10.0.2.15/code. The default router will be code10.0.2.2/code and the DNS server will be code10.0.2.3/code. This networking is the only option for unprivileged users who need their - VMs to have outgoing access. + VMs to have outgoing access. span class=sinceSince 1.2.3/span the We've already frozen for 1.2.3, and this feels like new features rather than bug fix. Is it better to wait until after the release? + user network can have the lt;ip/gt; element to override the default + network of code10.0.2.0/24/code. For example it can be set to + code192.168.2.0/24/code. The whole element and its attributes are No mention of what those attributes are? Other than... + optional. /p pre @@ -3235,6 +3239,7 @@ ... lt;interface type='user'gt; lt;mac address=00:11:22:33:44:55/gt; + lt;ip address=192.168.2.0 prefix=24 dns=192.168.2.3 dhcpstart=192.168.2.9/gt; ...here in the example +++ b/docs/schemas/domaincommon.rng @@ -2152,9 +2152,26 @@ /optional optional element name=ip Needs an interleave around the optional sub-elements. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] Segfault in libvirt.git virHostdevManagerOnceInit
Current libvirt.git: $ ~/d/libvirt/run gdb --args ~/d/libvirt/daemon/libvirtd --timeout=30 [...] 2014-03-27 18:44:21.816+: 11868: info : libvirt version: 1.2.3 2014-03-27 18:44:21.816+: 11868: error : virHostdevManagerNew:116 : operation failed: Failed to create state dir '/var/run/libvirt/hostdevmgr' Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fffdabc6700 (LWP 11868)] virObjectUnref (anyobj=anyobj@entry=0x7fffd412cc70) at util/virobject.c:270 270memset(obj, 0, obj-klass-objectSize); Missing separate debuginfos, use: debuginfo-install audit-libs-2.3.3-1.fc20.x86_64 augeas-libs-1.1.0-2.fc20.x86_64 avahi-libs-0.6.31-21.fc20.x86_64 boost-system-1.54.0-9.fc20.x86_64 boost-thread-1.54.0-9.fc20.x86_64 bzip2-libs-1.0.6-9.fc20.x86_64 ceph-libs-0.67.3-2.fc20.x86_64 cryptopp-5.6.2-3.fc20.x86_64 cyrus-sasl-gssapi-2.1.26-14.fc20.x86_64 cyrus-sasl-lib-2.1.26-14.fc20.x86_64 cyrus-sasl-md5-2.1.26-14.fc20.x86_64 cyrus-sasl-plain-2.1.26-14.fc20.x86_64 cyrus-sasl-scram-2.1.26-14.fc20.x86_64 dbus-libs-1.6.12-8.fc20.x86_64 device-mapper-libs-1.02.82-5.fc20.x86_64 fuse-libs-2.9.3-2.fc20.x86_64 glibc-2.18-12.fc20.x86_64 glusterfs-api-3.4.2-1.fc20.x86_64 glusterfs-libs-3.4.2-1.fc20.x86_64 gmp-5.1.2-2.fc20.x86_64 gnome-keyring-3.10.1-1.fc20.x86_64 gnutls-3.1.20-3.fc20.x86_64 keyutils-libs-1.5.8-1.fc20.x86_64 krb5-libs-1.11.5-2.fc20.x86_64 leveldb-1.12.0-5.fc20.x86_64 libblkid-2.24.1-1.fc20.x86_64 libcap-ng-0.7.3-6.fc20.x86_64 libcom_err-1.42.8-3.fc20.x86_64 libcurl-7.32.0-4.fc2! 0.x86_64 libdb-5.3.28-1.fc20.x86_64 libffi-3.0.13-5.fc20.x86_64 libgcc-4.8.2-7.fc20.x86_64 libgcrypt-1.5.3-2.fc20.x86_64 libgpg-error-1.12-1.fc20.x86_64 libidn-1.28-2.fc20.x86_64 libnl3-3.2.24-1.fc20.x86_64 libpcap-1.5.3-1.fc20.x86_64 libpciaccess-0.13.2-1.fc20.x86_64 libselinux-2.2.1-6.fc20.x86_64 libsepol-2.1.9-2.fc20.x86_64 libssh2-1.4.3-8.fc20.x86_64 libstdc++-4.8.2-7.fc20.x86_64 libtasn1-3.3-2.fc20.x86_64 libuuid-2.24.1-1.fc20.x86_64 libwsman1-2.4.3-1.fc20.x86_64 libxml2-2.9.1-2.fc20.x86_64 libxslt-1.1.28-5.fc20.x86_64 netcf-libs-0.2.3-5.fc20.x86_64 nettle-2.7.1-3.fc20.x86_64 nspr-4.10.2-1.fc20.x86_64 nss-3.15.4-1.fc20.x86_64 nss-softokn-freebl-3.15.4-1.fc20.x86_64 nss-util-3.15.4-1.fc20.x86_64 numactl-libs-2.0.9-1.fc20.x86_64 openldap-2.4.39-2.fc20.x86_64 openssl-libs-1.0.1e-37.fc20.x86_64 p11-kit-0.20.2-1.fc20.x86_64 p11-kit-trust-0.20.2-1.fc20.x86_64 pcre-8.33-4.fc20.x86_64 snappy-1.1.0-2.fc20.x86_64 systemd-libs-208-14.fc20.x86_64 trousers-0.3.11.2-1.fc20.x86_64 xe! n-libs-4.3.1-9.fc20.x86_64 xz-libs-5.1.2-6alpha.fc20.x86_64 yajl-2.0.4 -3.fc20.x86_64 zlib-1.2.8-3.fc20.x86_64 (gdb) bt #0 virObjectUnref (anyobj=anyobj@entry=0x7fffd412cc70) at util/virobject.c:270 #1 0x7747eeb0 in virHostdevManagerNew () at util/virhostdev.c:123 #2 virHostdevManagerOnceInit () at util/virhostdev.c:65 #3 virHostdevManagerOnce () at util/virhostdev.c:71 #4 0x744e9200 in pthread_once () from /lib64/libpthread.so.0 #5 0x774aeabd in virOnce (once=optimized out, init=optimized out) at util/virthread.c:47 #6 0x7747ef07 in virHostdevManagerInitialize () at util/virhostdev.c:71 #7 virHostdevManagerGetDefault () at util/virhostdev.c:130 #8 0x7fffdca2285d in qemuStateInitialize (privileged=optimized out, callback=optimized out, opaque=optimized out) at qemu/qemu_driver.c:698 #9 0x7753f83f in virStateInitialize (privileged=false, callback=callback@entry=0x5556bf20 daemonInhibitCallback, opaque=opaque@entry=0x5584a100) at libvirt.c:743 #10 0x5556bfcb in daemonRunStateInit ( opaque=opaque@entry=0x5584a100) at libvirtd.c:919 #11 0x774aea0e in virThreadHelper (data=optimized out) at util/virthread.c:197 #12 0x744e3f33 in start_thread () from /lib64/libpthread.so.0 #13 0x73e0aded in clone () from /lib64/libc.so.6 Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH] Expose SLIRP attributes
On Thu, Mar 27, 2014 at 06:17:46PM +0100, Michal Privoznik wrote: We allow users to use SLIRP stack. However, there are some knobs which are not exposed to users, such as host network address, DNS server, smb, and others. The XML looks good. I have posted a patch to libguestfs to consume this XML: https://www.redhat.com/archives/libguestfs/2014-March/thread.html#00254 I wasn't able to try it because of an unrelated segfault in libvirt.git at the moment, but will try it out later when that is fixed. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 100 libraries supported. http://fedoraproject.org/wiki/MinGW -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH tck] Adapt network tests to changed cli tool formats
On Thursday, March 27, 2014 02:49:25 PM Daniel P. Berrange wrote: The network tests invoke various ifconfig and route commands to test network setup, and also grep for dnsmasq/radvd args. Switch to use 'ip' since ifconfig and route commands are not installed by default on recent distros any more and their output formats have also changed. Remove grepping for dnsmasq args since libvirt uses a config file now too. Also avoid looking for radvd, since we let dnsmasq handle IPv6 too now. --- .../networks/networkxml2hostout/tck-testnet-1.dat | 20 - .../networks/networkxml2hostout/tck-testnet-2.dat | 16 +++ .../networks/networkxml2hostout/tck-testnet-3.dat | 51 +++--- 3 files changed, 33 insertions(+), 54 deletions(-) ACK. This works in my environment and obsoletes a local patch I was using. There are some differences between the two patches, but nothing critical. The main difference is that my version greps through the tck-testnet.conf file to validate the settings. For example: diff --git a/scripts/networks/networkxml2hostout/tck-testnet-1.dat b/scripts/networks/networkxml2hostout/tck-testnet-1.dat index ... -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(listen-address 10\.1\.2\.1*\).*|\1|p' -listen-address 10.1.2.1 Instead of eliminating the above test, I checked for the bind-dynamic setting in the conf file as follows: #grep bind-dynamic `ps aux | sed -n '0,/dnsmasq .*tck-testnet/ s|.*--conf- file=\(.*tck-testnet.conf\).*|\1|p'` bind-dynamic -#ps aux | sed -n '/dnsmasq .*tck-testnet/ s|.*\(dhcp-range 10\.1\.2\.2\,10\.1\.2\.254*\).*|\1|p' -dhcp-range 10.1.2.2,10.1.2.254 I used the same approach here also, only grepping for 'dhcp-range'.: #grep dhcp-range `ps aux | sed -n '0,/dnsmasq .*tck-testnet/ s|.*--conf- file=\(.*tck-testnet.conf\).*|\1|p'` dhcp-range=10.1.2.2,10.1.2.254 The above two checks exist in all three .dat files. The test results match across the three test until the final dhcp-range check, where the test produces the following results (in my environment): #grep dhcp-range `ps aux | sed -n '0,/dnsmasq .*tck-testnet/ s|.*--conf- file=\(.*tck-testnet.conf\).*|\1|p'` dhcp-range=10.1.2.2,10.1.2.254 dhcp-range=2001:db8:ac10:fe01::1,ra-only dhcp-range=2001:db8:ac10:fd01::1,ra-only Is there any reason to include these checks, or is it safe to just verify the existence of the conf file itself? -Mike -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH tck] 300-vsitype.t: skip earlier if lldptool is not available
Move the test for /usr/sbin/lldptool up so libvirt-tck will report the skip and reason, rather than passing the test as 'ok'. --- scripts/nwfilter/300-vsitype.t | 48 ++ 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/scripts/nwfilter/300-vsitype.t b/scripts/nwfilter/300-vsitype.t index 3d06803..58e8469 100644 --- a/scripts/nwfilter/300-vsitype.t +++ b/scripts/nwfilter/300-vsitype.t @@ -26,7 +26,14 @@ The test case validates that the corrrect VSI is set in the adjacent switch use strict; use warnings; -use Test::More tests = 3; +use Test::More; + +if ( ! -e '/usr/sbin/lldptool' ) { +eval use Test::More skip_all = \lldptool is not available\;; +} else { +eval use Test::More tests = 3; +} + use Sys::Virt::TCK; use Sys::Virt::TCK::NetworkHelpers; @@ -41,34 +48,29 @@ END { $tck-cleanup if $tck; } -SKIP: { - skip lldptool not present, 3 unless -e /usr/sbin/lldptool; - # creating domain - my $dom1; - my $dom_name =tck8021Qbgtest; +my $dom1; +my $dom_name =tck8021Qbgtest; # speficy mode=vepa for a direct interface - $dom1 = prepare_test_disk_and_vm($tck, $conn, $dom_name, vepa); - $dom1-create(); +$dom1 = prepare_test_disk_and_vm($tck, $conn, $dom_name, vepa); +$dom1-create(); - ok($dom1-get_id() 0, running domain has an ID 0); - my $xml = $dom1-get_xml_description; - diag $xml; - my $mac1 = get_first_macaddress($dom1); - diag mac is $mac1; +ok($dom1-get_id() 0, running domain has an ID 0); +my $xml = $dom1-get_xml_description; +diag $xml; +my $mac1 = get_first_macaddress($dom1); +diag mac is $mac1; - sleep(30); +sleep(30); # check vsi information - diag Verifying VSI information using lldptool; - my $lldptool = `/usr/sbin/lldptool -t -i eth2 -V vdp mode`; - diag $lldptool; +diag Verifying VSI information using lldptool; +my $lldptool = `/usr/sbin/lldptool -t -i eth2 -V vdp mode`; +diag $lldptool; # check if instance is listed - ok($lldptool =~ instance, check instance); - ok($lldptool =~ $mac1, check mac as well); - - shutdown_vm_gracefully($dom1); - exit 0; +ok($lldptool =~ instance, check instance); +ok($lldptool =~ $mac1, check mac as well); -}; +shutdown_vm_gracefully($dom1); +exit 0; -- 1.8.4.5 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
* Tomoki Sekiyama tomoki.sekiy...@hds.com wrote: Hello, This is patchset v4 to add FSFreeze/FSThaw API for custom disk snapshotting. This patchset works for my tests. Without pausing the guest I am able to quiesce all attached volumes. Does there exists an option to create a snapshot of only one (or some) of the volumes attached to a particular instance? -- Jon -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 1/2] ESX: Allow method calls for VI version 2.5
Currently, ESX driver can only issue VI method calls available in version 2.5. To send method calls available in newer versions, a SOAPAction header needs to be set in the following format: 'SOAPAction: urn:vim25/version_number' This patch modifies the Python code generator to optionally read 'apiVersion' token from .input file which is then passed to the ESX_VI_METHOD macro. If the apiVersion is not specified, 2.5 is passed by default. Finally, the esx_VI_Context_Execute function takes this argument and conditionally sets SOAPAction header, performs CURL request, and then unsets it again so that any subsequest 2.5 call gets 2.5 formatted XML response. In conclusion, this patch allows to make method calls for VI API greater than v2.5 wthout braking existing v2.5 calls. --- src/esx/esx_vi.c| 26 +- src/esx/esx_vi.h| 2 +- src/esx/esx_vi_generator.py | 20 +++- src/esx/esx_vi_methods.c| 12 +++- 4 files changed, 48 insertions(+), 12 deletions(-) diff --git a/src/esx/esx_vi.c b/src/esx/esx_vi.c index 6188139..393a009 100644 --- a/src/esx/esx_vi.c +++ b/src/esx/esx_vi.c @@ -1224,7 +1224,7 @@ esxVI_Context_LookupManagedObjectsByHostSystemIp(esxVI_Context *ctx, int esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, const char *request, esxVI_Response **response, - esxVI_Occurrence occurrence) + esxVI_Occurrence occurrence, const char *apiVersion) { int result = -1; virBuffer buffer = VIR_BUFFER_INITIALIZER; @@ -1232,6 +1232,8 @@ esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, char *xpathExpression = NULL; xmlXPathContextPtr xpathContext = NULL; xmlNodePtr responseNode = NULL; +char *versionHeader = NULL; +struct curl_slist *origHeader = NULL; if (!request || !response || *response) { virReportError(VIR_ERR_INTERNAL_ERROR, %s, _(Invalid argument)); @@ -1251,8 +1253,29 @@ esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, curl_easy_setopt(ctx-curl-handle, CURLOPT_POSTFIELDS, request); curl_easy_setopt(ctx-curl-handle, CURLOPT_POSTFIELDSIZE, strlen(request)); +if (!STRPREFIX(apiVersion, 2.5)) { +origHeader = ctx-curl-headers; + +virBufferAsprintf(buffer, SOAPAction: \urn:vim25/%s\, apiVersion); +versionHeader = virBufferContentAndReset(buffer); + +ctx-curl-headers = curl_slist_append(ctx-curl-headers, + versionHeader); +curl_easy_setopt(ctx-curl-handle, CURLOPT_HTTPHEADER, + ctx-curl-headers); +} + (*response)-responseCode = esxVI_CURL_Perform(ctx-curl, ctx-url); +if (origHeader) { +curl_slist_free_all(origHeader-next); +origHeader-next = NULL; + +ctx-curl-headers = origHeader; +curl_easy_setopt(ctx-curl-handle, CURLOPT_HTTPHEADER, + ctx-curl-headers); +} + virMutexUnlock(ctx-curl-lock); if ((*response)-responseCode 0) { @@ -1403,6 +1426,7 @@ esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, } VIR_FREE(xpathExpression); +VIR_FREE(versionHeader); xmlXPathFreeContext(xpathContext); return result; diff --git a/src/esx/esx_vi.h b/src/esx/esx_vi.h index 7cc2f71..15c2529 100644 --- a/src/esx/esx_vi.h +++ b/src/esx/esx_vi.h @@ -245,7 +245,7 @@ int esxVI_Context_LookupManagedObjectsByHostSystemIp(esxVI_Context *ctx, const char *hostSystemIpAddress); int esxVI_Context_Execute(esxVI_Context *ctx, const char *methodName, const char *request, esxVI_Response **response, - esxVI_Occurrence occurrence); + esxVI_Occurrence occurrence, const char *apiVersion); diff --git a/src/esx/esx_vi_generator.py b/src/esx/esx_vi_generator.py index 0b75f18..f571b36 100755 --- a/src/esx/esx_vi_generator.py +++ b/src/esx/esx_vi_generator.py @@ -188,11 +188,12 @@ class Parameter(Member): class Method: -def __init__(self, name, parameters, returns): +def __init__(self, name, parameters, returns, apiVersion): self.name = name self.parameters = [] self.autobind_parameter = None self.returns = returns +self.apiVersion = apiVersion for parameter in parameters: if parameter.autobind_name is None: @@ -282,7 +283,7 @@ class Method: for parameter in self.parameters: source += parameter.generate_serialize_code() -source += })\n\n\n\n +source += }, %s)\n\n\n\n % self.apiVersion return source @@ -1276,6 +1277,8 @@ def parse_method(block): # expected format: method name [returns type occurrence] header_items = block[0][1].split() +apiVersion = 2.5 + if
[libvirt] [PATCH 2/2] ESX: Implement virDomainScreenshot
This patch implements virDomainScreenshot support for ESX versions newer than 4.0. It adds CreateScreenshot_Task (apiVersion 4.0) and DeleteDatastoreFile_Task (v2.5) then uses those to implement esxDomainScreenshot function. The DeleteDatastoreFile_Task is used to remove the screenshot file that is left on the server after invoking CreateScreenshot_Task call. --- src/esx/esx_driver.c | 173 + src/esx/esx_vi_generator.input | 19 - 2 files changed, 190 insertions(+), 2 deletions(-) diff --git a/src/esx/esx_driver.c b/src/esx/esx_driver.c index ff44881..e825aaf 100644 --- a/src/esx/esx_driver.c +++ b/src/esx/esx_driver.c @@ -22,6 +22,7 @@ */ #include config.h +#include fcntl.h #include internal.h #include domain_conf.h @@ -44,6 +45,8 @@ #include esx_vi.h #include esx_vi_methods.h #include esx_util.h +#include configmake.h +#include fdstream.h #include virstring.h #include viruri.h @@ -2501,6 +2504,175 @@ esxDomainGetState(virDomainPtr domain, +static char * +esxDomainScreenshot(virDomainPtr domain, +virStreamPtr st ATTRIBUTE_UNUSED, +unsigned int screen ATTRIBUTE_UNUSED, +unsigned int flags) +{ +esxPrivate *priv = domain-conn-privateData; +esxVI_String *propertyNameList = NULL; +esxVI_ObjectContent *virtualMachine = NULL; +esxVI_VirtualMachinePowerState powerState; +esxVI_ManagedObjectReference *task = NULL; +esxVI_TaskInfoState taskInfoState; +char *taskInfoErrorMessage = NULL; +esxVI_TaskInfo *taskInfo = NULL; +virBuffer buffer = VIR_BUFFER_INITIALIZER; +char *screenshotPath = NULL; +char *dataStoreName = NULL; +char *directoryName = NULL; +char *directoryAndFileName = NULL; +char *url = NULL; +char *screenData = NULL; +unsigned long long screenSize = 0; +char *tmp = NULL; +char *tmpdir = NULL; +int tmp_fd = -1; +char *ret = NULL; +bool unlink_tmp = false; + +virCheckFlags(0, NULL); + +if (esxVI_EnsureSession(priv-primary) 0) { +return NULL; +} + +if (priv-primary-apiVersion esxVI_APIVersion_40) { +virReportError(VIR_ERR_OPERATION_UNSUPPORTED, + _(Operation not supported in VI API version %s, + minimum version is 4.0), + priv-primary-service-about-apiVersion); +} + +if (esxVI_String_AppendValueToList(propertyNameList, + runtime.powerState) 0 || +esxVI_LookupVirtualMachineByUuidAndPrepareForTask + (priv-primary, domain-uuid, propertyNameList, virtualMachine, + priv-parsedUri-autoAnswer) 0 || +esxVI_GetVirtualMachinePowerState(virtualMachine, powerState) 0) { +goto cleanup; +} + +if (powerState != esxVI_VirtualMachinePowerState_PoweredOn) { +virReportError(VIR_ERR_OPERATION_INVALID, %s, + _(Domain is not powered on)); +goto cleanup; +} + +if (esxVI_CreateScreenshot_Task(priv-primary, virtualMachine-obj, +task) 0 || +esxVI_WaitForTaskCompletion(priv-primary, task, domain-uuid, +esxVI_Occurrence_RequiredItem, +priv-parsedUri-autoAnswer, taskInfoState, +taskInfoErrorMessage) 0) { +goto cleanup; +} + +if (taskInfoState != esxVI_TaskInfoState_Success) { +virReportError(VIR_ERR_INTERNAL_ERROR, _(Could not create screenshot: %s), + taskInfoErrorMessage); +goto cleanup; +} + +if (esxVI_LookupTaskInfoByTask(priv-primary, task, taskInfo) 0 || +esxVI_String_CastValueFromAnyType(taskInfo-result, screenshotPath)) { +goto cleanup; +} + +if (esxUtil_ParseDatastorePath(screenshotPath, dataStoreName, + directoryName, directoryAndFileName) 0) { +goto cleanup; +} + +virBufferAsprintf(buffer, %s://%s:%d/folder/, priv-parsedUri-transport, + domain-conn-uri-server, domain-conn-uri-port); +virBufferURIEncodeString(buffer, directoryAndFileName); +virBufferAddLit(buffer, ?dcPath=); +virBufferURIEncodeString(buffer, priv-primary-datacenterPath); +virBufferAddLit(buffer, dsName=); +virBufferURIEncodeString(buffer, dataStoreName); + +if (virBufferError(buffer)) { +virReportOOMError(); +goto cleanup; +} + +url = virBufferContentAndReset(buffer); + +if (esxVI_CURL_Download(priv-primary-curl, url, screenData, 0, +screenSize) 0) { +goto cleanup; +} + +tmpdir = virGetEnvBlockSUID(TMPDIR); +if (!tmpdir) tmpdir = /tmp; + +if (virAsprintf(tmp, %s/esx.screendump.XX, +tmpdir) 0) { +goto cleanup; +} + +if ((tmp_fd = mkostemp(tmp, O_CLOEXEC)) == -1) { +
[libvirt] [PATCH 0/2] ESX: Implement virDomainScreenshot
Hello, The following patches implement virDomainScreenshot for the ESX driver. The screenshot VI API call was added in version 4.0, therefore, I had to make changes to esx_vi_generator.py in order to allow VI method calls for versions newer than 2.5. This was done by adding an optional apiVersion token to the method header definition in the .input file. If it is not specified, 2.5 will be used so existing VI calls will work as is without any code updates. Regards, Dawid Zamirski (2): ESX: Allow method calls for VI version 2.5 ESX: Implement virDomainScreenshot src/esx/esx_driver.c | 173 + src/esx/esx_vi.c | 26 ++- src/esx/esx_vi.h | 2 +- src/esx/esx_vi_generator.input | 19 - src/esx/esx_vi_generator.py| 20 +++-- src/esx/esx_vi_methods.c | 12 +-- 6 files changed, 238 insertions(+), 14 deletions(-) -- 1.9.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH] ESX: Add support for virtualHW version 10
This follows the same pattern when v8 and v9 were added. I've tested this with my ESX 5.5 and seems to work fine. --- src/vmx/vmx.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c index 32ddd05..5dc9925 100644 --- a/src/vmx/vmx.c +++ b/src/vmx/vmx.c @@ -49,6 +49,7 @@ domain-xml= vmx virtualHW.version = 7 # essential for ESX 4.0 virtualHW.version = 8 # essential for ESX 5.0 virtualHW.version = 9 # essential for ESX 5.1 +virtualHW.version = 10 # essential for ESX 5.5 ??? = guestOS = value # essential, FIXME: not representable @@ -1316,10 +1317,11 @@ virVMXParseConfig(virVMXContext *ctx, } if (virtualHW_version != 4 virtualHW_version != 7 -virtualHW_version != 8 virtualHW_version != 9) { +virtualHW_version != 8 virtualHW_version != 9 +virtualHW_version != 10) { virReportError(VIR_ERR_INTERNAL_ERROR, _(Expecting VMX entry 'virtualHW.version' to be - 4, 7, 8 or 9 but found %lld), + 4, 7, 8, 9 or 10 but found %lld), virtualHW_version); goto cleanup; } -- 1.9.0 -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] ANNOUNCE: libguestfs 1.26 released
I'm pleased to announce libguestfs 1.26, a library and set of tools for accessing and modifying virtual machine disk images. This release took more than 6 months of work by a considerable number of people, and has many new features (see release notes below). You can get libguestfs 1.26 here: Main website: http://libguestfs.org/ Source: http://libguestfs.org/download/1.26-stable/ You will also need latest supermin from here: http://libguestfs.org/download/supermin/ Fedora 20/21: http://koji.fedoraproject.org/koji/packageinfo?packageID=8391 It will appear as an update for F20 in about a week. Debian/experimental coming soon, see: https://packages.debian.org/experimental/libguestfs0 The Fedora and Debian packages have split dependencies so you can download just the features you need. From http://libguestfs.org/guestfs-release-notes.1.html : RELEASE NOTES FOR LIBGUESTFS 1.26 New features Tools virt-customize(1) is a new tool for customizing virtual machine disk images. It lets you install packages, edit configuration files, run scripts, set passwords and so on. virt-builder(1) and virt-sysprep(1) use virt-customize, and command line options across all these tools are now identical. virt-diff(1) is a new tool for showing the differences between the filesystems of two virtual machines. It is mainly useful when showing what files have been changed between snapshots. virt-builder(1) has been greatly enhanced. There are many more ways to customize the virtual machine. It can pull templates from multiple repositories. A parallelized internal xzcat implementation speeds up template decompression. Virt-builder uses an optimizing planner to choose the fastest way to build the VM. It is now easier to use virt-builder from other programs. Internationalization support has been added to metadata. More efficient SELinux relabelling of files. Can build guests for multiple architectures. Error messages have been improved. (Pino Toscano) virt-sparsify(1) has a new --in-place option. This sparsifies an image in place (without copying it) and is also much faster. (Lots of help provided by Paolo Bonzini) virt-sysprep(1) can delete and scrub files under user control. You can lock user accounts or set random passwords on accounts. Can remove more log files. Can unsubscribe a guest from Red Hat Subscription Manager. New flexible way to enable and disable operations. (Wanlong Gao, Pino Toscano) virt-win-reg(1) allows you to use URIs to specify remote disk images. virt-format(1) can now pass the extra space that it recovers back to the host. guestfish(1) has additional environment variables to give fine control over the fs prompt. Guestfish reads its (rarely used) configuration file in a different order now so that local settings override global settings. (Pino Toscano) virt-make-fs(1) was rewritten in C, but is unchanged in terms of functionality and command line usage. Language bindings The OCaml bindings have a new Guestfs.Errno module, used to check the error number returned by Guestfs.last_errno. PHP tests now work. (Pino Toscano) Inspection Inspection can recognize Debian live images. Architectures ARMv7 (32 bit) now supports KVM acceleration. Aarch64 (ARM 64 bit) is supported, but the appliance part does not work yet. PPC64 support has been fixed and enhanced. Security Denial of service when inspecting disk images with corrupt btrfs volumes It was possible to crash libguestfs (and programs that use libguestfs as a library) by presenting a disk image containing a corrupt btrfs volume. This was caused by a NULL pointer dereference causing a denial of service, and is not thought to be exploitable any further. See commit d70ceb4cbea165c960710576efac5a5716055486 for the fix. This fix is included in libguestfs stable branches ≥ 1.26.0, ≥ 1.24.6 and ≥ 1.22.8, and also in RHEL ≥ 7.0. Earlier versions of libguestfs are not vulnerable. Better generation of random root passwords and random seeds When generating random root passwords and random seeds, two bugs were fixed which are possibly security related. Firstly we no longer read excessive bytes from /dev/urandom (most of which were just thrown away). Secondly we changed the code to avoid modulo bias. These issues were not thought to be exploitable. (Both changes suggested by Edwin Török) API GUID parameters are now validated when they are passed to API calls, whereas previously you could have passed any string. (Pino Toscano) New APIs guestfs_add_drive_opts: new discard parameter The new discard parameter allows fine-grained control over discard/trim
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
On 03/27/2014 04:21 PM, Jon Bernard wrote: * Tomoki Sekiyama tomoki.sekiy...@hds.com wrote: Hello, This is patchset v4 to add FSFreeze/FSThaw API for custom disk snapshotting. This patchset works for my tests. Without pausing the guest I am able to quiesce all attached volumes. Does there exists an option to create a snapshot of only one (or some) of the volumes attached to a particular instance? Interesting question. The virDomainSnapshotCreateXML call can quiesce a subset of disks (namely, only the disks that were specified in the snapshot). But as currently designed, the FSFreeze/FSThaw API have no way to specify a subset of disks; it is an all-or-none proposition. Perhaps that means the API is not quite right, and that we need a 'char**disks, int ndisks' parameter pair; if 'NULL, 0', we do all disks, if non-NULL, then we freeze only the listed set of disks (doing the same lookup for disks as for other APIs). I feel a bit bad that this was posted before freeze of 1.2.3, but we don't have it in yet, which makes it harder to commit until the 1.2.4 cycle. On the other hand, if we decide the API needs to be tweaked to add parameters for full usability, then maybe it's a good thing we don't have it in yet. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
* Eric Blake ebl...@redhat.com wrote: On 03/27/2014 04:21 PM, Jon Bernard wrote: * Tomoki Sekiyama tomoki.sekiy...@hds.com wrote: Hello, This is patchset v4 to add FSFreeze/FSThaw API for custom disk snapshotting. This patchset works for my tests. Without pausing the guest I am able to quiesce all attached volumes. Does there exists an option to create a snapshot of only one (or some) of the volumes attached to a particular instance? Interesting question. The virDomainSnapshotCreateXML call can quiesce a subset of disks (namely, only the disks that were specified in the snapshot). But as currently designed, the FSFreeze/FSThaw API have no way to specify a subset of disks; it is an all-or-none proposition. Yes, if a user intends to only snapshot a subset of the attached volumes then quiescing all volumes would be unnecessary. I can think of pathological cases where the one one volume you don't need to snapshot is under heavy I/O and that causes the fsfreeze() to timeout and fail the entire operation (or something similar). Perhaps that means the API is not quite right, and that we need a 'char**disks, int ndisks' parameter pair; if 'NULL, 0', we do all disks, if non-NULL, then we freeze only the listed set of disks (doing the same lookup for disks as for other APIs). This is the direction I would lean in, IMO. In the case of Nova (openstack), the user would want to create a consistent set of snapshots for one, some, or all of the attached volumes. Having the granularity to only freeze, snapshot, and thaw the volumes in question would mean only the required amount of work is performed. One thing comes to mind: once volumes are quiesced, qemu-img could be used directly to create the snapshot. In the case of iSCSI-attached volumes, a remote snapshot command could be issued to create a snapshot. Once all have completed the guest then thawed. For local volumes, using qemu-img seems cumbersome to me. I feel there should be a libvirt call to handle at least the local volumes. -- Jon -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 4/n] conf: move network disk protocol type to util/
Another enum moved to util/, this time the fallout from renaming is not quite as large. * src/conf/domain_conf.h (virDomainDiskProtocol): Move... * src/util/virstoragefile.h (virStorageNetProtocol): ...and rename. * src/conf/domain_conf.c: Update clients. * src/qemu/qemu_command.c: Likewise. * src/qemu/qemu_conf.c: Likewise. * src/qemu/qemu_driver.c: Likewise. * src/qemu/qemu_migration.c: Likewise. * src/storage/storage_backend.c: Likewise. * src/storage/storage_backend_gluster.c: Likewise. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virstoragefile.h): ...as appropriate. Signed-off-by: Eric Blake ebl...@redhat.com --- src/conf/domain_conf.c| 26 +++--- src/conf/domain_conf.h| 17 +- src/libvirt_private.syms | 2 +- src/qemu/qemu_command.c | 98 +-- src/qemu/qemu_conf.c | 4 +- src/qemu/qemu_driver.c| 86 +++--- src/qemu/qemu_migration.c | 2 +- src/storage/storage_backend.c | 2 +- src/storage/storage_backend_gluster.c | 2 +- src/util/virstoragefile.c | 11 src/util/virstoragefile.h | 18 +++ 11 files changed, 135 insertions(+), 133 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 8c49d58..36149da 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -257,18 +257,6 @@ VIR_ENUM_IMPL(virDomainDiskErrorPolicy, VIR_DOMAIN_DISK_ERROR_POLICY_LAST, ignore, enospace) -VIR_ENUM_IMPL(virDomainDiskProtocol, VIR_DOMAIN_DISK_PROTOCOL_LAST, - nbd, - rbd, - sheepdog, - gluster, - iscsi, - http, - https, - ftp, - ftps, - tftp) - VIR_ENUM_IMPL(virDomainDiskSecretType, VIR_DOMAIN_DISK_SECRET_TYPE_LAST, none, uuid, @@ -5057,14 +5045,14 @@ virDomainDiskSourceDefParse(xmlNodePtr node, goto cleanup; } -if ((*proto = virDomainDiskProtocolTypeFromString(protocol)) 0){ +if ((*proto = virStorageNetProtocolTypeFromString(protocol)) 0){ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _(unknown protocol type '%s'), protocol); goto cleanup; } if (!(*source = virXMLPropString(node, name)) -*proto != VIR_DOMAIN_DISK_PROTOCOL_NBD) { +*proto != VIR_STORAGE_NET_PROTOCOL_NBD) { virReportError(VIR_ERR_XML_ERROR, %s, _(missing name for disk source)); goto cleanup; @@ -5255,9 +5243,9 @@ virDomainDiskDefParseXML(virDomainXMLOptionPtr xmlopt, goto error; if (def-src.type == VIR_STORAGE_TYPE_NETWORK) { -if (def-src.protocol == VIR_DOMAIN_DISK_PROTOCOL_ISCSI) +if (def-src.protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI) expected_secret_usage = VIR_SECRET_USAGE_TYPE_ISCSI; -else if (def-src.protocol == VIR_DOMAIN_DISK_PROTOCOL_RBD) +else if (def-src.protocol == VIR_STORAGE_NET_PROTOCOL_RBD) expected_secret_usage = VIR_SECRET_USAGE_TYPE_CEPH; } @@ -14809,7 +14797,7 @@ virDomainDiskSourceDefFormatInternal(virBufferPtr buf, case VIR_STORAGE_TYPE_NETWORK: virBufferAsprintf(buf, source protocol='%s', - virDomainDiskProtocolTypeToString(protocol)); + virStorageNetProtocolTypeToString(protocol)); virBufferEscapeString(buf, name='%s', src); if (nhosts == 0) { @@ -14984,9 +14972,9 @@ virDomainDiskDefFormat(virBufferPtr buf, virBufferEscapeString(buf, auth username='%s'\n, def-src.auth.username); virBufferAdjustIndent(buf, 2); -if (def-src.protocol == VIR_DOMAIN_DISK_PROTOCOL_ISCSI) { +if (def-src.protocol == VIR_STORAGE_NET_PROTOCOL_ISCSI) { virBufferAddLit(buf, secret type='iscsi'); -} else if (def-src.protocol == VIR_DOMAIN_DISK_PROTOCOL_RBD) { +} else if (def-src.protocol == VIR_STORAGE_NET_PROTOCOL_RBD) { virBufferAddLit(buf, secret type='ceph'); } diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 247b2f8..bf92593 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -509,20 +509,6 @@ enum virDomainDiskErrorPolicy { VIR_DOMAIN_DISK_ERROR_POLICY_LAST }; -enum virDomainDiskProtocol { -VIR_DOMAIN_DISK_PROTOCOL_NBD, -VIR_DOMAIN_DISK_PROTOCOL_RBD, -VIR_DOMAIN_DISK_PROTOCOL_SHEEPDOG, -VIR_DOMAIN_DISK_PROTOCOL_GLUSTER, -VIR_DOMAIN_DISK_PROTOCOL_ISCSI, -VIR_DOMAIN_DISK_PROTOCOL_HTTP, -VIR_DOMAIN_DISK_PROTOCOL_HTTPS, -
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
On 03/27/2014 04:48 PM, Jon Bernard wrote: One thing comes to mind: once volumes are quiesced, qemu-img could be used directly to create the snapshot. In the case of iSCSI-attached volumes, a remote snapshot command could be issued to create a snapshot. Once all have completed the guest then thawed. For local volumes, using qemu-img seems cumbersome to me. I feel there should be a libvirt call to handle at least the local volumes. virDomainSnapshotCreateXML already handles a snapshot of a subset of local volumes via qemu. The reason we are adding FSFreeze/FSThaw is to cater to situations where creating the snapshot via qemu is not feasible. But be aware that you generally must NOT use qemu-img on a disk that is in-use by qemu, as qemu may have pending changes to the image metadata that would cause qemu-img to misbehave. If a guest is live (even if paused or quiesced), the only safe things you can do to that guest are to backing files (which are read-only to qemu) or actions supported directly by qemu (and yes, we still need qemu to have a way to pivot to a new disk file if you have a way of doing a fast snapshot while the disk is quiesced but in a way different than how qemu does snapshots with qcow2 files). -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH tck] Remove /128 from ip6tables output
Due to iptables commit 945353a2 (in iptables v1.4.20 and higher), ip6tables no longer prints out /128. This patch removes /128 from output files, and replaces '/128' in command output with '' to remain compatible with older versions of ip6tables. --- scripts/nwfilter/nwfilterxml2fwallout/ah-ipv6-test.fwall| 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/all-ipv6-test.fwall | 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/comment-test.fwall| 12 +-- scripts/nwfilter/nwfilterxml2fwallout/esp-ipv6-test.fwall | 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/hex-data-test.fwall | 12 +-- scripts/nwfilter/nwfilterxml2fwallout/icmpv6-test.fwall | 14 ++--- scripts/nwfilter/nwfilterxml2fwallout/sctp-ipv6-test.fwall | 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/tcp-ipv6-test.fwall | 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/udp-ipv6-test.fwall | 24 +++--- scripts/nwfilter/nwfilterxml2fwallout/udplite-ipv6-test.fwall | 24 +++--- 10 files changed, 103 insertions(+), 103 deletions(-) diff --git a/scripts/nwfilter/nwfilterxml2fwallout/ah-ipv6-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/ah-ipv6-test.fwall index 8c10b04..64db89d 100644 --- a/scripts/nwfilter/nwfilterxml2fwallout/ah-ipv6-test.fwall +++ b/scripts/nwfilter/nwfilterxml2fwallout/ah-ipv6-test.fwall @@ -1,21 +1,21 @@ -#ip6tables -L FI-vnet0 -n +#ip6tables -L FI-vnet0 -n | sed 's/\/128//' Chain FI-vnet0 (1 references) target prot opt source destination -RETURN ah f:e:d::c:b:a/127 a:b:c::d:e:f/128MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY -RETURN ah ::/0 a:b:c::/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL -RETURN ah ::/0 ::10.1.2.3/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL -#ip6tables -L FO-vnet0 -n +RETURN ah f:e:d::c:b:a/127 a:b:c::d:e:fMAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY +RETURN ah ::/0 a:b:c:: DSCP match 0x21state ESTABLISHED ctdir ORIGINAL +RETURN ah ::/0 ::10.1.2.3 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL +#ip6tables -L FO-vnet0 -n | sed 's/\/128//' Chain FO-vnet0 (1 references) target prot opt source destination -ACCEPT ah a:b:c::d:e:f/128 f:e:d::c:b:a/127DSCP match 0x02state ESTABLISHED ctdir ORIGINAL -ACCEPT ah a:b:c::/128 ::/0MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY -ACCEPT ah ::10.1.2.3/128 ::/0MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY -#ip6tables -L HI-vnet0 -n +ACCEPT ah a:b:c::d:e:f f:e:d::c:b:a/127DSCP match 0x02state ESTABLISHED ctdir ORIGINAL +ACCEPT ah a:b:c:: ::/0MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY +ACCEPT ah ::10.1.2.3 ::/0MAC 01:02:03:04:05:06 DSCP match 0x21state NEW,ESTABLISHED ctdir REPLY +#ip6tables -L HI-vnet0 -n | sed 's/\/128//' Chain HI-vnet0 (1 references) target prot opt source destination -RETURN ah f:e:d::c:b:a/127 a:b:c::d:e:f/128MAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY -RETURN ah ::/0 a:b:c::/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL -RETURN ah ::/0 ::10.1.2.3/128 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL +RETURN ah f:e:d::c:b:a/127 a:b:c::d:e:fMAC 01:02:03:04:05:06 DSCP match 0x02state NEW,ESTABLISHED ctdir REPLY +RETURN ah ::/0 a:b:c:: DSCP match 0x21state ESTABLISHED ctdir ORIGINAL +RETURN ah ::/0 ::10.1.2.3 DSCP match 0x21state ESTABLISHED ctdir ORIGINAL #ip6tables -L INPUT -n --line-numbers | grep libvirt 1libvirt-host-in all ::/0 ::/0 #ip6tables -L libvirt-host-in -n | grep vnet0 | tr -s diff --git a/scripts/nwfilter/nwfilterxml2fwallout/all-ipv6-test.fwall b/scripts/nwfilter/nwfilterxml2fwallout/all-ipv6-test.fwall index f053b39..c56b85a 100644 --- a/scripts/nwfilter/nwfilterxml2fwallout/all-ipv6-test.fwall +++ b/scripts/nwfilter/nwfilterxml2fwallout/all-ipv6-test.fwall @@ -1,21 +1,21 @@ -#ip6tables -L FI-vnet0 -n +#ip6tables -L FI-vnet0 -n | sed 's/\/128//' Chain FI-vnet0 (1 references) target prot opt source destination -RETURN all f:e:d::c:b:a/127 a:b:c::d:e:f/128MAC 01:02:03:04:05:06 DSCP match 0x02state
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
On 3/27/14 18:27 , Eric Blake ebl...@redhat.com wrote: On 03/27/2014 04:21 PM, Jon Bernard wrote: * Tomoki Sekiyama tomoki.sekiy...@hds.com wrote: Hello, This is patchset v4 to add FSFreeze/FSThaw API for custom disk snapshotting. This patchset works for my tests. Without pausing the guest I am able to quiesce all attached volumes. Does there exists an option to create a snapshot of only one (or some) of the volumes attached to a particular instance? Interesting question. The virDomainSnapshotCreateXML call can quiesce a subset of disks (namely, only the disks that were specified in the snapshot). But as currently designed, the FSFreeze/FSThaw API have no way to specify a subset of disks; it is an all-or-none proposition. Perhaps that means the API is not quite right, and that we need a 'char**disks, int ndisks' parameter pair; if 'NULL, 0', we do all disks, if non-NULL, then we freeze only the listed set of disks (doing the same lookup for disks as for other APIs). This sounds reasonable for me to add disks parameters. I will try adding them in next version. Then the api will look like: int virDomainFSFreeze(virDomainPtr dom, char** disks, int ndisks, unsigned int flags); and int virDomainFSThaw(virDomainPtr dom, unsigned int flags); I feel that thaw api shouldn't have disks parameter and thaw every frozen disk in order to simplify fsfreeze exclusion. Is it acceptable? BTW, in current qemu-kvm, disk device names in Linux guests don't seem to always correspond to that is specified by libvirt (e.g. the first virtio storage is named vda even if it is specified vdz in the libvirt's xml). Until this is resolved, guest agent may ignore the disks parameter and fallback to freezing all mounted filesystems. But still, having disks parameter in the API level would be good for future extension. I feel a bit bad that this was posted before freeze of 1.2.3, but we don't have it in yet, which makes it harder to commit until the 1.2.4 cycle. On the other hand, if we decide the API needs to be tweaked to add parameters for full usability, then maybe it's a good thing we don't have it in yet. And I will update API version number for the API to 1.2.4 in next patch. :) Thanks, -- Tomoki Sekiyama -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
Re: [libvirt] [PATCH v4 0/5] Expose FSFreeze/FSThaw within the guest as API
On 03/27/2014 05:54 PM, Tomoki Sekiyama wrote: This sounds reasonable for me to add disks parameters. I will try adding them in next version. Then the api will look like: int virDomainFSFreeze(virDomainPtr dom, char** disks, int ndisks, unsigned int flags); and int virDomainFSThaw(virDomainPtr dom, unsigned int flags); I feel that thaw api shouldn't have disks parameter and thaw every frozen disk in order to simplify fsfreeze exclusion. Is it acceptable? Maybe, maybe not. It means on a guest with 2 disks, I can't freeze one, then freeze the second - I can only have one atomic freeze at a time, and therefore thaw needs no parameters because it is always thawing the most recent freeze action. But we already know from painful experience that assuming at most one active job at a time doesn't scale well. Maybe it should be: int virDomainFSFreeze(...char **disks...) returns a handle virDomainFSThaw(virDomainPtr dom, int handle, unsigned int flags); where FSThaw then thaws according to the handle returned by a freeze. That would allow me to do: interleaved subsets: freeze A = returns 1 freeze B = returns 2 thaw 1 = thaws A thaw 2 = thaws B nested subsets freeze A = returns 3 freeze B = returns 4 thaw 4 = thaws B thaw 3 = thaws A BTW, in current qemu-kvm, disk device names in Linux guests don't seem to always correspond to that is specified by libvirt (e.g. the first virtio storage is named vda even if it is specified vdz in the libvirt's xml). Correct. Libvirt specifies destination names as a hint that must be unique to libvirt, but which has no bearing on the names used by the guest. Until this is resolved, guest agent may ignore the disks parameter and fallback to freezing all mounted filesystems. But still, having disks parameter in the API level would be good for future extension. Hmm, interesting point. Really, that means we want some way to map the strings understood by libvirt API into the disk names understood by the guest agent, and I don't know if we have such a means. But I guess this is an issue even for the existing virDomainSnapshotCreateXML with the quiesce flag, so it's not a new problem. -- Eric Blake eblake redhat com+1-919-301-3266 Libvirt virtualization library http://libvirt.org signature.asc Description: OpenPGP digital signature -- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
[libvirt] [PATCH 5/n] conf: move storage encryption type to util/
Encryption keys can be associated with each source file in a backing chain; as such, this file belongs more in util/ where it can be used by virstoragefile.h. * src/conf/storage_encryption_conf.h: Rename... * src/util/virstorageencryption.h: ...to this. * src/conf/storage_encryption_conf.c: Rename... * src/util/virstorageencryption.c: ...to this. * src/Makefile.am (ENCRYPTION_CONF_SOURCES, CONF_SOURCES) (UTIL_SOURCES): Update to new file names. * src/libvirt_private.syms: Likewise. * src/conf/domain_conf.h: Update client. * src/conf/storage_conf.h: Likewise. Signed-off-by: Eric Blake ebl...@redhat.com --- po/POTFILES.in | 2 +- src/Makefile.am| 5 + src/conf/domain_conf.h | 2 +- src/conf/storage_conf.h| 4 ++-- src/libvirt_private.syms | 14 +++--- .../virstorageencryption.c}| 5 ++--- .../virstorageencryption.h}| 4 ++-- 7 files changed, 16 insertions(+), 20 deletions(-) rename src/{conf/storage_encryption_conf.c = util/virstorageencryption.c} (98%) rename src/{conf/storage_encryption_conf.h = util/virstorageencryption.h} (95%) diff --git a/po/POTFILES.in b/po/POTFILES.in index 5a4112a..122b853 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -28,7 +28,6 @@ src/conf/object_event.c src/conf/secret_conf.c src/conf/snapshot_conf.c src/conf/storage_conf.c -src/conf/storage_encryption_conf.c src/conf/virchrdev.c src/cpu/cpu.c src/cpu/cpu_generic.c @@ -193,6 +192,7 @@ src/util/virsexpr.c src/util/virscsi.c src/util/virsocketaddr.c src/util/virstatslinux.c +src/util/virstorageencryption.c src/util/virstoragefile.c src/util/virstring.c src/util/virsysinfo.c diff --git a/src/Makefile.am b/src/Makefile.am index 54206e4..38b2697 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -146,6 +146,7 @@ UTIL_SOURCES = \ util/virsexpr.c util/virsexpr.h \ util/virsocketaddr.h util/virsocketaddr.c \ util/virstatslinux.c util/virstatslinux.h \ + util/virstorageencryption.c util/virstorageencryption.h \ util/virstoragefile.c util/virstoragefile.h \ util/virstring.h util/virstring.c \ util/virsysinfo.c util/virsysinfo.h \ @@ -288,9 +289,6 @@ SECRET_CONF_SOURCES = \ NODE_DEVICE_CONF_SOURCES = \ conf/node_device_conf.c conf/node_device_conf.h -ENCRYPTION_CONF_SOURCES = \ - conf/storage_encryption_conf.c conf/storage_encryption_conf.h - CPU_CONF_SOURCES = \ conf/cpu_conf.c conf/cpu_conf.h @@ -312,7 +310,6 @@ CONF_SOURCES = \ $(NWFILTER_CONF_SOURCES)\ $(NODE_DEVICE_CONF_SOURCES) \ $(STORAGE_CONF_SOURCES) \ - $(ENCRYPTION_CONF_SOURCES) \ $(INTERFACE_CONF_SOURCES) \ $(SECRET_CONF_SOURCES) \ $(CPU_CONF_SOURCES) \ diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index bf92593..b2eeefd 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -30,7 +30,7 @@ # include internal.h # include capabilities.h -# include storage_encryption_conf.h +# include virstorageencryption.h # include cpu_conf.h # include virthread.h # include virhash.h diff --git a/src/conf/storage_conf.h b/src/conf/storage_conf.h index e410f41..b811046 100644 --- a/src/conf/storage_conf.h +++ b/src/conf/storage_conf.h @@ -1,7 +1,7 @@ /* * storage_conf.h: config handling for storage driver * - * Copyright (C) 2006-2008, 2010-2013 Red Hat, Inc. + * Copyright (C) 2006-2008, 2010-2014 Red Hat, Inc. * Copyright (C) 2006-2008 Daniel P. Berrange * * This library is free software; you can redistribute it and/or @@ -25,7 +25,7 @@ # define __VIR_STORAGE_CONF_H__ # include internal.h -# include storage_encryption_conf.h +# include virstorageencryption.h # include virbitmap.h # include virthread.h diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 99781a2..60c2d44 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -729,13 +729,6 @@ virStorageVolTypeFromString; virStorageVolTypeToString; -# conf/storage_encryption_conf.h -virStorageEncryptionFormat; -virStorageEncryptionFree; -virStorageEncryptionParseNode; -virStorageGenerateQcowPassphrase; - - #
[libvirt] [PATCH 6/n] conf: move source pool type to util/
Another struct being moved to util. This one doesn't have as much use yet, thankfully. * src/conf/domain_conf.h (virDomainDiskSourcePoolMode) (virDomainDiskSourcePoolDef): Move... * src/util/virstoragefile.h (virStorageSourcePoolMode) (virStorageSourcePoolDef): ...and rename. * src/conf/domain_conf.c (virDomainDiskSourcePoolDefFree) (virDomainDiskSourceDefClear, virDomainDiskSourcePoolDefParse) (virDomainDiskDefParseXML, virDomainDiskSourceDefParse) (virDomainDiskSourceDefFormatInternal) (virDomainDiskDefForeachPath, virDomainDiskSourceIsBlockType): Adjust clients. * src/qemu/qemu_conf.c (qemuTranslateDiskSourcePool): Likewise. * src/libvirt_private.syms (domain_conf.h): Move symbols... (virstoragefile.h): ...as appropriate. Signed-off-by: Eric Blake ebl...@redhat.com --- src/conf/domain_conf.c| 23 +-- src/conf/domain_conf.h| 38 +++--- src/libvirt_private.syms | 2 ++ src/qemu/qemu_conf.c | 10 +- src/util/virstoragefile.c | 5 + src/util/virstoragefile.h | 35 +++ 6 files changed, 59 insertions(+), 54 deletions(-) diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 36149da..643b066 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -763,11 +763,6 @@ VIR_ENUM_IMPL(virDomainDiskDiscard, VIR_DOMAIN_DISK_DISCARD_LAST, default, unmap, ignore) -VIR_ENUM_IMPL(virDomainDiskSourcePoolMode, - VIR_DOMAIN_DISK_SOURCE_POOL_MODE_LAST, - default, - host, - direct) #define VIR_DOMAIN_XML_WRITE_FLAGS VIR_DOMAIN_XML_SECURE #define VIR_DOMAIN_XML_READ_FLAGS VIR_DOMAIN_XML_INACTIVE @@ -1190,7 +1185,7 @@ void virDomainLeaseDefFree(virDomainLeaseDefPtr def) } static void -virDomainDiskSourcePoolDefFree(virDomainDiskSourcePoolDefPtr def) +virDomainDiskSourcePoolDefFree(virStorageSourcePoolDefPtr def) { if (!def) return; @@ -4964,10 +4959,10 @@ virDomainLeaseDefParseXML(xmlNodePtr node) static int virDomainDiskSourcePoolDefParse(xmlNodePtr node, -virDomainDiskSourcePoolDefPtr *srcpool) +virStorageSourcePoolDefPtr *srcpool) { char *mode = NULL; -virDomainDiskSourcePoolDefPtr source; +virStorageSourcePoolDefPtr source; int ret = -1; *srcpool = NULL; @@ -4993,7 +4988,7 @@ virDomainDiskSourcePoolDefParse(xmlNodePtr node, } if (mode -(source-mode = virDomainDiskSourcePoolModeTypeFromString(mode)) = 0) { +(source-mode = virStorageSourcePoolModeTypeFromString(mode)) = 0) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _(unknown source mode '%s' for volume type disk), mode); @@ -5018,7 +5013,7 @@ virDomainDiskSourceDefParse(xmlNodePtr node, int *proto, size_t *nhosts, virStorageNetHostDefPtr *hosts, -virDomainDiskSourcePoolDefPtr *srcpool) +virStorageSourcePoolDefPtr *srcpool) { char *protocol = NULL; char *transport = NULL; @@ -14761,7 +14756,7 @@ virDomainDiskSourceDefFormatInternal(virBufferPtr buf, virStorageNetHostDefPtr hosts, size_t nseclabels, virSecurityDeviceLabelDefPtr *seclabels, - virDomainDiskSourcePoolDefPtr srcpool, + virStorageSourcePoolDefPtr srcpool, unsigned int flags) { size_t n; @@ -14831,7 +14826,7 @@ virDomainDiskSourceDefFormatInternal(virBufferPtr buf, srcpool-pool, srcpool-volume); if (srcpool-mode) virBufferAsprintf(buf, mode='%s', - virDomainDiskSourcePoolModeTypeToString(srcpool-mode)); + virStorageSourcePoolModeTypeToString(srcpool-mode)); } virBufferEscapeString(buf, startupPolicy='%s', startupPolicy); @@ -18530,7 +18525,7 @@ virDomainDiskDefForeachPath(virDomainDiskDefPtr disk, if (!path || type == VIR_STORAGE_TYPE_NETWORK || (type == VIR_STORAGE_TYPE_VOLUME disk-src.srcpool - disk-src.srcpool-mode == VIR_DOMAIN_DISK_SOURCE_POOL_MODE_DIRECT)) + disk-src.srcpool-mode == VIR_STORAGE_SOURCE_POOL_MODE_DIRECT)) return 0; if (iter(disk, path, 0, opaque) 0) @@ -19392,7 +19387,7 @@ virDomainDiskSourceIsBlockType(virDomainDiskDefPtr def) * (e.g. set sgio=filtered|unfiltered for it) in libvirt. */ if (def-src.srcpool-pooltype == VIR_STORAGE_POOL_ISCSI - def-src.srcpool-mode == VIR_DOMAIN_DISK_SOURCE_POOL_MODE_DIRECT) +