Michal Privoznik [Thu, 18 Jun 2015 12:11:21 +0000 (14:11 +0200)]
daemonSetupNetworking: Don't leak services
When setting up the daemon networking, new services are created. These
services then have sockets to listen on. Once created, the service
objects are added to corresponding server object. However, during that
process, server increases reference counter of the service object. So,
at the end of the function, we should decrease it again. This way the
service objects will have only 1 reference, but that's okay since
servers are the only objects having a reference.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Currently it's not possible to determine the difference between a
fatal memory allocation or failure to open/read the directory error
with a perhaps less fatal, I didn't find the "block" device in the
directory (which may be a disk entry without a block device).
In the case of the latter, we shouldn't cause failure to continue
searching in the caller (virStorageBackendSCSIFindLUs), rather we
should allow trying reading the next directory entry.
Signed-off-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Implement a `migrate_disks' parameters for the QEMU driver. This multi-
value parameter can be used to explicitly specify what block devices
are to be migrated using the NBD server. Tunnelled migration using NBD
is to be done.
Signed-off-by: Pavel Boldin <pboldin@mirantis.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Pavel Boldin [Mon, 15 Jun 2015 22:42:08 +0000 (01:42 +0300)]
util: virTypedParams{Filter,GetStringList}
Add multikey API:
* virTypedParamsFilter that filters all the parameters with specified name.
* virTypedParamsGetStringList that returns a list with all the values for
specified name and string type.
Signed-off-by: Pavel Boldin <pboldin@mirantis.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Pavel Boldin [Mon, 15 Jun 2015 22:42:06 +0000 (01:42 +0300)]
util: multi-value virTypedParameter
The `virTypedParamsValidate' function now can be instructed to allow
multiple entries for some of the keys. For this flag the type with
the `VIR_TYPED_PARAM_MULTIPLE' flag.
Add unit tests for this new behaviour.
Signed-off-by: Pavel Boldin <pboldin@mirantis.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Mon, 15 Jun 2015 22:42:05 +0000 (01:42 +0300)]
qemuMigrationDriveMirror: Force raw format for NBD
When playing with disk migration lately, I've noticed this warning in
domain logs:
WARNING: Image format was not specified for 'nbd://masina:49153/drive-virtio-disk0' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions.
So I started digging into qemu source code to see what has triggered
the warning. I'd expect qemu to know formats of guest's disks since we
tell them on command line. This lead me to qmp_drive_mirror() where
the following can be found:
if (!has_format) {
format = mode == NEW_IMAGE_MODE_EXISTING ? NULL : bs->drv->format_name;
}
So, format is automatically initialized from the disk iff mode !=
"existing". Unfortunately, in migration we are tied to use this mode
(NBD doesn't support creating new images). Therefore the only way to
avoid this warning is to pass format. The discussion on the mail-list [1]
resulted in the code that always forces NBD export as "raw" format.
[1] https://www.redhat.com/archives/libvir-list/2015-June/msg00153.html Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Signed-off-by: Pavel Boldin <pboldin@mirantis.com>
Peter Krempa [Thu, 18 Jun 2015 13:29:20 +0000 (15:29 +0200)]
qemu: Jump to correct label in qemuDomainPinIOThread
If virDomainObjGetDefs used in qemuDomainPinIOThread would fail the code
would jump to the 'cleanup' label after acquiring the job, thus the VM
would be locked forever.
Peter Krempa [Mon, 15 Jun 2015 18:59:58 +0000 (20:59 +0200)]
qemu: 'privileged' flag is not really configuration
The privileged flag will not change while the configuration might
change. Make the 'privileged' flag member of the driver again and mark
it immutable. Should that ever change add an accessor that will group
reads of the state.
Peter Krempa [Mon, 15 Jun 2015 17:04:41 +0000 (19:04 +0200)]
conf: Introduce helper to help getting correct def for getter functions
virDomainObjGetOneDef will help to retrieve the correct definition
pointer from @vm in cases where VIR_DOMAIN_AFFECT_LIVE and
VIR_DOMAIN_AFFECT_CONFIG are mutually exclusive. The function simply
returns the correct pointer. This similarly to virDomainObjGetDefs will
greatly simplify the code.
Peter Krempa [Fri, 12 Jun 2015 12:37:18 +0000 (14:37 +0200)]
conf: Fix virDomainObjGetDefs when getting persistent config on a live vm
If @flags contains only VIR_DOMAIN_AFFECT_CONFIG and @vm is active, the
function would return the active config rather than the persistent one
that it should return. This happened due to the fact that
virDomainObjGetDefs was checking the updated flags which may not contain
VIR_DOMAIN_AFFECT_LIVE if it is not requested even if @vm is active.
Additionally the function would not take the flags into account when
setting the pointers which was later used to determine whether the code
needs to update the given configuration.
Luyao Huang [Mon, 15 Jun 2015 12:33:49 +0000 (20:33 +0800)]
qemu: Add a check for slot and base dimm address conflicts
When hotplugging a memory device, there wasn't a check to determine
if there is a conflict with the address space being used by the to
be added memory device and any existing device which is disallowed by qemu.
This patch adds a check to ensure the new device address doesn't
conflict with any existing device.
Peter Krempa [Thu, 18 Jun 2015 09:40:08 +0000 (11:40 +0200)]
daemon: Add the admin service to the admin server only if it was allocated
If the admin service is disabled it would not be allocated, but the NULL
pointer still would be added to the admin server. Since
virNetServerAddService would dereference it, the daemon would crash.
Move the service registration into the block that allocates it.
parallels: Fix false error messages in libvirt log
There was many errors in libvirt.log caused by prlsdkDelNet function because
job variable was always initialized as PRL_INVALID_HANDLE
In this patch job variable gets return value of PrlSrv_DeleteVirtualNetwork function()
This type of information defines attributes of a system
baseboard. With one exception: board type is yet not implemented
in qemu so it's not introduced here either.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Jiri Denemark [Fri, 12 Jun 2015 12:36:51 +0000 (14:36 +0200)]
qemu: Report all supported machine types in capabilities
Some machine types are only reported as canonical names for other
machine types, which make it a bit harder to find what machine types are
supported by a specific QEMU binary. Ideally, one would just use
/capabilities/guest/arch[@name='...']/machine/text() XPath to get a list
of all supported machine types, but it doesn't work right now.
Let's make sure we always report separate <machine/> for both the
canonical name and its alias and using the canonical name as the default
machine type (i.e., inserting it before its alias) in case is-default is
true.
Michal Privoznik [Wed, 17 Jun 2015 16:11:25 +0000 (18:11 +0200)]
tests: Sort EXTRA_DIST in the Makefile
We tend to keep the folders in the EXTRA_DIST sorted alphabetically.
However, we've failed sometimes and the list is not ordered anymore.
Reorder it back.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Wed, 17 Jun 2015 13:36:16 +0000 (15:36 +0200)]
daemon: Don't just include admin RPC
So, it's a little paradox that we use the file twice. Firstly to build
libvirt-admin.la (a client side of the Admin API), then once again to
build the server side. Well, the problem is, this does not play nicely
with the distclean since the file is generated. So while it's removed
in the src/ the distclean running in daemon/ will not find the file
and fail. The file is needed because it contains the RPC wrappers. So
let's leave the client code as is and from the daemon/ just link the
client library. The linker will find desired symbols and use them.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Laine Stump [Tue, 16 Jun 2015 15:57:11 +0000 (11:57 -0400)]
nodedev: update netdev feature bits before each dumpxml
As with several other attributes of devices (link status, sriov VF
list, IOMMU group list), the detdev feature bits aren't automatically
updated in the nodedev driver's cache when they change. In order to
get a properly up-to-date list when getting the XML of a device, we
must reget them in update-caps prior to each dumpxml.
This resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1232880
Michal Privoznik [Wed, 17 Jun 2015 11:49:35 +0000 (13:49 +0200)]
libvirt.spec: Don't expect virt-admin in libvirt-admin yet
While Martin introduced the binary (and its manpage) in commit 4e7ccf87133 it was pushed by mistake. Therefore it was reverted in 220393bfb043. The problem is, the original commit was not quite right
as the binary was added into the spec file in a different commit: 55e0c840af. So as long as the binary does not exist, we must remove it
from the spec file too.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Wed, 17 Jun 2015 11:29:14 +0000 (13:29 +0200)]
tests: Follow virnetserver to virnetdaemon transition
In a4746114582 the virnetserver test was renamed to virnetdaemon.
Moreover, as the test relies on some data stored under
virnetserverdata/ the folder was renamed too. But this was not
reflected in the Makefile. Therefore when building outside of the
repository, the data folder was not distributed and test failed.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Wed, 17 Jun 2015 11:25:47 +0000 (13:25 +0200)]
daemon: Distribute admin_server.h
The Admin API consists of a few files on daemon side. Notably
daemon/admin_server.{ch}. While they are both on the repo, only
the .c file is mentioned in Makefile. Therefore, .h is not
distributed and 'make rpm' fails.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Maxim Nestratov [Wed, 10 Jun 2015 07:50:00 +0000 (10:50 +0300)]
parallels: substitute parallels with vz in strings
Here we stop referencing vz driver by different names
in error messages. 'parallels driver', 'Parallels Cloud
Server', 'Parallels driver' all become just 'vz driver'.
No functional changes. Only renaming and a bit of rewording.
Michal Privoznik [Tue, 16 Jun 2015 16:11:17 +0000 (18:11 +0200)]
daemon/Makefile: Add forgotten dependency
In latest patches we added Admin API. However, the Makefile in daemon
was missing one dependency: admin_server.c is including generated file
admin_dispatch.h. However, this dependency was not explicitly marked
in the Makefile therefore the build happened to fail on some
occasions.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Erik Skultety [Thu, 11 Jun 2015 08:51:23 +0000 (10:51 +0200)]
util: virfile: Fix 'unknown cause' error if NFS mount point creation fails
This happens if user requires creation of a directory with specified
UID/GID permissions. To accomplish this, we use fork approach and
set particular UID/GID permissions in child process. However, child
process doesn't have a valid descriptor to a logfile (this is prohibited
explicitly) and since parent process doesn't handle negative exit codes from
child in any way, 'uknown cause' error is returned to the user.
Commit 92d9114e tweaked the way we handle child errors when using fork
approach to set specific permissions (features originally introduced
by 98f6f381). The same logic should be used to create directories with
specified permissions as well.
Erik Skultety [Tue, 16 Jun 2015 11:43:38 +0000 (13:43 +0200)]
util: virDirCreate: Child now exits with positive errno-code
Previous patch of this series proposed a fix to virDirCreate, so that parent
process reports an error if child process failed its task.
However our logic still permits the child to exit with negative errno followed
by a check of the status on the parent side using WEXITSTATUS which, being
POSIX compliant, takes the lower 8 bits of the exit code and returns is to
the caller. However, by taking 8 bits from a negative exit code
(two's complement) the status value we read and append to stream is
'2^8 - abs(original exit code)' which doesn't quite reflect the real cause when
compared to the meaning of errno values.
lxc: set nosuid+nodev+noexec flags on /proc/sys mount
Future kernels will mandate the use of nosuid+nodev+noexec
flags when mounting the /proc/sys filesystem. Unconditionally
add them now since they don't harm things regardless and could
mitigate future security attacks.
Commit fa14207368820b264123ba8429927b62258f996e added forward
declaration of virNetServerPtr into virnetserver.h even though we are
keeping these in virnetserverprogram.h due to older compilers having
problems with duplicate ones.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
You had only one job. That's what you can say about this example
binary. In future, parts of virsh that are usable for this binary
should be split into separate shell-utils and virt-admin should gain all
the cool features of virsh without too much code addition.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Just one of the simplest functions that returns string "Clients: X"
where X is the number of connected clients to daemon's first
subserver (the original one), so it can be tested using virsh, ipython,
etc.
The subserver is gathered by incrementing its reference
counter (similarly to getting qemu capabilities), so there is no
deadlock with admin subserver in this API.
Here you can see how functions should be named in the client (virAdm*)
and server (adm*).
There is also a parameter @flags that must be 0, which helps testing
proper error propagation into the client.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
For this to pe properly separated from other protocols used by the
server, there is second server added which allows access to the whole
virNetDaemon to its clients.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
No online docs are build from it since it doesn't really fit into our
document structure and new page will need to be created for it, but this
is at least a heads-up commit for easier parsing in order to build some
documentation (or python bindings) later on.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Initial scratch of the admin library. It has its own virAdmConnectPtr
that inherits from virAbstractConnectPtr and thus trivially supports
error reporting.
There's pkg-config file added and spec-file adjusted as well.
Since the library should be "minimalistic" and not depend on any other
library, the list of files is especially crafted for it. Most of them
could've been put to it's own sub-libraries that would be LIBADD'd to
libvirt_util, libvirt_net_rpc and libvirt_setuid_rpc_client to minimize
the number of object files being built, but that's a refactoring that
isn't the orginal aim of this commit.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Teach gendispatch how to handle admin dispatching files
Since this is just a new option for gendispatch, it looks more like a
cleanup. The only differences handled by it are connect pointers,
private pointers and API naming customs.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Cédric Bosdonnat [Tue, 26 May 2015 16:29:27 +0000 (18:29 +0200)]
lxc: properly clean up qemu-nbd
Add the qemu-nbd tasks to the container cgroup to make sure those will
be killed when the container is stopped. In order to reliably get the
qemu-nbd tasks PIDs, we use /sys/devices/virtual/block/<DEV>/pid as
qemu-nbd is daemonizing itself.
When generating the path to the dir for a CIFS/Samba driver, the code
would generate a source path for the mount using "%s:%s" while the
mount.cifs expects to see "//%s/%s". So check for the cifsfs and
format the source path appropriately.
Additionally, since there is no means to authenticate, the mount
needs a "-o guest" on the command line in order to anonymously mount
the Samba directory.
John Ferlan [Mon, 15 Jun 2015 21:20:32 +0000 (17:20 -0400)]
storage: Adjust command arglist for gluster
In order for the glusterfs boolean to be set, the pool->def->type must be
VIR_STORAGE_POOL_NETFS, thus the check within virCommandNewArgList whether
pool->def->type is VIR_STORAGE_POOL_FS will never be true, so remove it
John Ferlan [Wed, 3 Jun 2015 15:43:00 +0000 (11:43 -0400)]
storage: Fix the schema and add tests for cifs pool
Commit id '887dd362' added support for a netfs pool format type 'cifs'
and 'gluster' in order to add rng support for Samba and glusterfs netfs
pools. Originally, the CIFS type support was added as part of commit
id '61fb6979'. Eventually commit id 'b325be12' fixed the gluster rng
definition to match expectations.
As it turns out the CIFS rng needed a similar change since the directory
path is not an absDirPath, rather just a dirPath will be required.
Guido Günther [Fri, 5 Jun 2015 10:41:22 +0000 (12:41 +0200)]
configure: Remove check for pkcheck_supports_uid
We're using Polkit's DBus API so no need to check wether this feature is
supported. We don't use the result or the path to the pkcheck program
anywhere.
tests: Use libvirt properly with initialization and error dispatching
We were using "complicated" error printing in virnetservertest even
though we could've just dispatched the error. Also add some good
practices that might come in handy (the code may fail without proper
initialization and event loop).
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
If virNetServerMDNSAddEntry() fails when adding a service to a server,
it doesn't decrease the number of services. Hence access to their
members segfaults (e.g. when free()-ing the sruct).
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Boris Fiuczynski [Wed, 10 Jun 2015 07:02:36 +0000 (09:02 +0200)]
qemu: monitor: Add memory balloon support for virtio-ccw
The search for the memory balloon driver object is extended by a
second known name "virtio-balloon-ccw" in support for virtio-ccw.
Signed-off-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com> Reviewed-by: Daniel Hansel <daniel.hansel@linux.vnet.ibm.com> Reviewed-by: Eric Farman <farman@linux.vnet.ibm.com> Reviewed-by: Stefan Zimmermann <stzi@linux.vnet.ibm.com>
Michal Privoznik [Mon, 15 Jun 2015 11:13:27 +0000 (13:13 +0200)]
getOldStyleBlockDevice: Adjust formatting
Instead of initializing return value to zero (success) and overwriting
it on every failure just before the control jumps onto 'out' label,
let's initialize to an error value and set to zero only when we are
sure about the success. Just follow the pattern we have in the rest of
the code.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Mon, 15 Jun 2015 11:13:27 +0000 (13:13 +0200)]
getNewStyleBlockDevice: Adjust formatting
Instead of initializing return value to zero (success) and overwriting
it on every failure just before the control jumps onto 'out' label,
let's initialize to an error value and set to zero only when we are
sure about the success. Just follow the pattern we have in the rest of
the code.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Check if the disk partition to be wiped is the extended partition, if
so then disallow it. Do this via changing the wipeVol backend to check
the volume before passing to the common virStorageBackendVolWipeLocal
Commit id '1b4eaa61' added the ability to have a mode='direct' for
an iscsi disk volume. It relied on virStorageTranslateDiskSourcePool
in order to copy any disk source pool authentication information to
the direct disk volume, but it neglected to also copy the 'secrettype'
field which ends up being used in the domain volume formatting code.
Adding a secrettype for this case will allow for proper formatting later
and allow disk snapshotting to work properly
Additionally libvirtd restart processing would fail to find the domain
since the translation processing code is run after domain xml processing,
so handle the the case where the authdef could have an empty secrettype
field when processing the auth and additionally ignore performing the
actual and expected auth secret type checks for a DISK_VOLUME since that
data will be reassembled later during translation processing of the
running domain.
Michal Privoznik [Thu, 11 Jun 2015 14:15:46 +0000 (16:15 +0200)]
virCapabilitiesDomainDataLookup: Produce saner error message
During a review, I've noticed this error message that was eventually
produced when I was trying to define a domain:
error: invalid argument: could not find capabilities for arch=mips64el
domaintype=(null)
Look at the (null). Why is it there? Well, during XML parsing, we try
to look up the default emulator for given OS type and possibly virt
type too. And this is the problem, because if we don't want to look up
by virt type, a -1 is passed to note this fact. Later, the code
handles -1 just right. Except for error message. When it is
constructed (in a very fabulous way I must say), the value is compared
to zero, not -1. And since we don't have any translation from -1 to a
virt type string, we just print (null).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
When attaching a scsi volume lun via the attach-device --config or
--persistent options, there was no translation of the source pool
like there was for the live path, thus the attempt to modify the config
would fail since not enough was known about the disk.
Michal Privoznik [Fri, 12 Jun 2015 12:51:09 +0000 (14:51 +0200)]
virsysinfo: s/system/sysdef/
A variable can't be named system, obviously. Well, it can if the
compiler is new enough to distinguish a variable named system and a
function call system(). And some older systems, don't have wise
compiler.
CC util/libvirt_util_la-virsysinfo.lo
cc1: warnings being treated as errors
../../src/util/virsysinfo.c: In function 'virSysinfoParseSystem':
../../src/util/virsysinfo.c:649: error: declaration of 'system' shadows a global declaration [-Wshadow]
/usr/include/stdlib.h:717: error: shadowed declaration is here [-Wshadow]
make[3]: *** [util/libvirt_util_la-virsysinfo.lo] Error 1
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
When reviewing some network patches, I've noticed we don't have
those switches to the 'net-list' command. We should. They are
merely copied over from 'list' command.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Thu, 11 Jun 2015 14:26:45 +0000 (16:26 +0200)]
virQEMUCapsArch: openrisc vs or32
With a few exceptions, we assume that qemu binary for given
architecture has form of qemu-system-$arch. Well, openrisc is yet
another exception. It's binary is called qemu-system-or32.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Michal Privoznik [Tue, 12 May 2015 12:33:12 +0000 (14:33 +0200)]
virSysinfoDef: Exempt SYSTEM variables
Move all the system_* fields into a separate struct. Not only this
simplifies the code a bit it also helps us to identify whether BIOS
info is present. We don't have to check all the four variables for
being not-NULL, but we can just check the pointer to the struct.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
projects / libvirt.git / log