Matthew Booth [Fri, 7 May 2010 14:38:05 +0000 (16:38 +0200)]
Remove unused nwfilter field from struct remote_error
Change 965466c1 added a new field to struct remote_error, which broke
the RPC protocol. Fortunately the new field is unused, so this change
simply removes it again.
* src/remote/remote_protocol.(c|h|x): Remove remote_nwfilter from struct
remote_error
Eric Blake [Thu, 29 Apr 2010 03:26:57 +0000 (21:26 -0600)]
build: drop more redundant configure checks
* configure.ac (AC_CHECK_FUNCS_ONCE, AC_SYS_LARGEFILE): Rely on
gnulib for strtok_r and large file support.
(AC_OBJEXT): Drop call now done by AC_PROG_CC.
(m4_foreach_w): Drop macro guaranteed by gnulib.
(AC_C_CONST): Drop call declared obsolete by autoconf.
Eric Blake [Thu, 29 Apr 2010 02:39:11 +0000 (20:39 -0600)]
build: rely on gnulib's pthread module
Gnulib can guarantee that pthread.h exists, but for now, it is a dummy
header with no support for most pthread_* functions. Modify our
use of pthread to use function checks, rather than header checks,
to determine how much pthread support is present.
* bootstrap.conf (gnulib_modules): Add pthread.
* configure.ac: Drop all pthread.h checks. Optimize function
checks. Add check for pthread functions.
* src/Makefile.am (libvirt_lxc_LDADD): Ensure proper link.
* src/remote/remote_driver.c (remoteIOEventLoop): Depend on
pthread_sigmask, now that gnulib guarantees pthread.h.
* src/util/util.c (virFork): Likewise.
* src/util/threads.c (threads-pthread.c): Depend on
pthread_mutexattr_init, as a witness of full pthread support.
* src/util/threads.h (threads-pthread.h): Likewise.
Eric Blake [Tue, 4 May 2010 22:07:18 +0000 (16:07 -0600)]
util: fix va_start usage bug
Detected by clang. POSIX requires that the second argument to
va_start be the name of the last variable; and in some implementations,
passing *path instead of path would dereference bogus memory instead
of pulling arguments off the stack.
* src/util/util.c (virBuildPathInternal): Use correct argument to
va_start.
Kenneth Nagin [Tue, 4 May 2010 21:36:42 +0000 (15:36 -0600)]
qemu: live migration with non-shared storage for kvm
Support for live migration between hosts that do not share storage was
added to qemu-kvm release 0.12.1.
It supports two flags:
-b migration without shared storage with full disk copy
-i migration without shared storage with incremental copy (same base image
shared between source and destination).
I tested the live migration without shared storage (both flags) for native
and p2p with and without tunnelling. I also verified that the fix doesn't
affect normal migration with shared storage.
Matthias Bolte [Mon, 3 May 2010 23:41:55 +0000 (01:41 +0200)]
configure.ac: Avoid uname, which breaks cross-compilation
When cross-compiling on Linux, configure will misdetect the target as
Linux because it uses uname instead of relying on the $host variable.
This results in including libvirt_linux.syms into libvirt.syms and
therefore trying to export undefined symbols.
Replace uname checks with $host checks to fix this.
Daniel Veillard [Tue, 4 May 2010 14:13:55 +0000 (16:13 +0200)]
Various fixes for the spec file
This includes various things:
- fix the Requires: libvirt-client to use %{name} to allow easy
renaming
- when building ESX support one need libcurl-devel
- remove Makefile[.in] from xml/nwfilter in the docs, as this breaks
parallel install ation of i686 and x86_64 packages
- don't include nwfilter config files if not building with the daemon
all relatively trivial which is why I packed them together
* libvirt.spec.in: fix various small bugs
Jim Meyering [Thu, 15 Apr 2010 17:31:04 +0000 (19:31 +0200)]
docs: hacking: explain why using curly braces well is important
* docs/hacking.html.in: Use the "curly braces" section from coreutils'
HACKING, adapting for libvirt's different formatting style.
* HACKING: Sync from the above, still mostly manually.
Matthias Bolte [Mon, 3 May 2010 23:05:44 +0000 (01:05 +0200)]
mingw: Fix two undefined symbols
Add an empty body for virCondWaitUntil and move virPipeReadUntilEOF
out of the '#ifndef WIN32' block, because it compiles fine with MinGW
in combination with gnulib.
Eric Blake [Thu, 29 Apr 2010 03:36:03 +0000 (21:36 -0600)]
build: avoid compiler warning
Necessary on cygwin, where uid_t and gid_t are 4-byte long rather
than int, causing gcc -Wformat warnings.
* src/util/util.c (virFileOperationNoFork, virDirCreateNoFork)
(virFileOperation, virDirCreate, virGetUserEnt): Cast uid_t and
gid_t before passing to printf.
* .gitignore: Ignore Windows executables.
Stefan Berger [Mon, 3 May 2010 22:14:58 +0000 (18:14 -0400)]
nwfilter: skip some interfaces on filter update
When a filter is updated, only those interfaces must have their old
rules cleared that either reference the filter directly or indirectly
through another filter. Remember between the different steps of the
instantiation of the filters which interfaces must be skipped. I am
using a hash map to remember the names of the interfaces and store a
bogus pointer to ~0 into it that need not be freed.
Stefan Berger [Mon, 3 May 2010 22:11:48 +0000 (18:11 -0400)]
pass info where request stems from to have rules applied
For the decision on whether to instantiate the rules, the check for a
pending IP address learn request is not sufficient since then only the
thread could instantiate the rules. So, a boolean needs to be passed
when the thread instantiates the filter rules late and the IP address
learn request is still pending in order to override the check for the
pending learn request. If the rules are to be updated while the thread
is active, this will not be done immediately but the thread will do that
later on.
Eric Blake [Mon, 3 May 2010 20:44:12 +0000 (14:44 -0600)]
build: prefer WIN32 over __MINGW32__ checks
WIN32 is always defined when __MINGW32__ is defined, but the
converse is not true. WIN32 is more generic, if someone were
to ever attempt porting to a microsoft compiler. This does
not affect Cygwin, which intentionally does not define WIN32.
* src/qemu/qemu_driver.c (qemuDomainGetBlockInfo): Use more
generic flag macro.
* src/storage/storage_backend.c
(virStorageBackendUpdateVolTargetInfoFD)
(virStorageBackendRunProgRegex): Likewise.
* tools/console.h (vshRunConsole): Likewise.
Matthias Bolte [Mon, 3 May 2010 10:21:58 +0000 (12:21 +0200)]
mingw: Fix symbol export
In commit 98fb83ce25f46e0236706fa6e0943032d921935f I changed the
version script handling. But it seems that I didn't test this properly
and broke it. The .def file is passed to the compiler directly, but it
should get passed to the linker instead.
Set VERSION_SCRIPT_FLAGS to -Wl, to pass the .def file correctly to
the linker.
This fixes the undefined symbol errors while linking virsh.
Laine Stump [Sat, 1 May 2010 04:16:52 +0000 (00:16 -0400)]
Fix memory leaks in cmdInterfaceEdit and cmdNWFilterEdit.
This applies a fix to thos functions similar to that made to cmdEdit
in 270895063d1cf86ab42fa220a8d090c24d58dbc0, thus fnixing a memory
leak - if tmp is unlinked and NULLed early in the function, the memory
used by tmp is never freed. Since we will always unlink tmp prior to
freeing its memory at the end of the function, just remove the earlier
code and let cleanup: do the cleanup.
Ryota Ozaki [Mon, 3 May 2010 09:13:26 +0000 (11:13 +0200)]
lxc: Fix failure on starting a domain with multiple interfaces
[Error message]
error: Failed to start domain lxc_test1
error: internal error Failed to create veth device pair: 512
The reason of the failure is that lxc driver unexpectedly re-uses
an auto-assigned veth name and tries to create the created veth
again. The failure will happen when a domain has multiple network
interfaces and the names of those are not specified in XML.
The patch fixes the problem by resetting buffers of veth names
in every iteration of creating veth.
* src/lxc/lxc_driver.c: prevent re-using auto-assigned veth name
Reported by Kumar L Srikanth-B22348.
<hostdev> address parsing previously attempted to detect the number
base: currently it is hardcoded to base 16, which can break PCI
assignment via virt-manager. Revert to the previous behavior.
* src/conf/domain_conf.c: virDomainDevicePCIAddressParseXML, switch to
virStrToLong_ui(bus, NULL, 0, ...) to autodetect base
Stefan Berger [Fri, 30 Apr 2010 12:10:12 +0000 (08:10 -0400)]
Syncronize the teardown of rules with the thread
Introduce a function to notify the IP address learning
thread to terminate and thus release the lock on the interface.
Notify the thread before grabbing the lock on the interface
and tearing down the rules. This prevents a 'virsh destroy' to
tear down the rules that the IP address learning thread has
applied.
Stefan Berger [Fri, 30 Apr 2010 12:06:18 +0000 (08:06 -0400)]
Clean all tables before applying 'basic' rules
The functions invoked by the IP address learning thread
that apply some basic filtering rules did not clean up
any previous filtering rules that may still be there
(due to a libvirt restart for example). With the
patch below all the rules are cleaned up first.
Also, I am introducing a function to drop all traffic
in case the IP address learning thread could not apply
the rules.
Stefan Berger [Fri, 30 Apr 2010 11:51:47 +0000 (07:51 -0400)]
nwfilter: Also pick IP address from a DHCP ACK message
The local DHCP server on virtbr0 sends DHCP ACK messages when a VM is
started and requests an IP address while the initial DHCP lease on the
VM's MAC address hasn't expired. So, also pick the IP address of the VM
if that type of message is seen.
Thanks to Gerhard Stenzel for providing a test case for this.
Changes from V1 to V2:
- cleanup: replacing DHCP option numbers through constants
Ubuntu's gntls package generates an Issuer line that looks like this:
Issuer: C=US,ST=NY,L=Rochester,O=example.com,CN=example.com CA,EMAIL=hostmaster@example.com
While Red Hat's looks like this
Issuer: CN=Red Hat Emerging Technologies
Note the leading whitespace, and the additional fields in the former.
This patch updates the regular expression to:
* trim leading characters before "Issuer:"
* trim anything between Issuer: and CN=
* trim anything after the next ,
I've tested this against the certool output of both RH and Ubuntu
generated certs.
Signed-off-by: Dustin Kirkland <kirkland@canonical.com> Signed-off-by: Eric Blake <eblake@redhat.com>
When using -device syntax, the IO event will have a different
prefix, 'drive-' that needs to be skipped over before matching
against the libvirt disk alias
* src/qemu/qemu_driver.c: Skip QEMU_DRIVE_HOST_PREFIX in IO event
Implement python binding for virDomainGetBlockInfo
This binds the virDomainGetBlockInfo API to python's blockInfo
method on the domain object
>>> c = libvirt.openReadOnly('qemu:///session')
>>> d = c.lookupByName('demo')
>>> f = d.blockInfo("/dev/loop0", 0)
>>> print f
[1048576000L, 104857600L, 104857600L]
* python/libvirt-override-api.xml: Define override signature
* python/generator.py: Skip C impl generator for virDomainGetBlockInfo
* python/libvirt-override.c: Manual impl of virDomainGetBlockInfo
* daemon/remote.c: Server side dispatcher
* daemon/remote_dispatch_args.h, daemon/remote_dispatch_prototypes.h,
daemon/remote_dispatch_ret.h, daemon/remote_dispatch_table.h: Update
with new API
* src/remote/remote_driver.c: Client side dispatcher
* src/remote/remote_protocol.c, src/remote/remote_protocol.h: Update
* src/remote/remote_protocol.x: Define new wire protocol
Add virDomainGetBlockInfo API to query disk sizing
Some applications need to be able to query a guest's disk info,
even for paths not managed by the storage pool APIs. This adds
a very simple API to get this information, modelled on the
virStorageVolGetInfo API, but with an extra field 'physical'.
Normally 'physical' and 'allocation' will be identical, but
in the case of a qcow2-like file stored inside a block device
'physical' will give the block device size, while 'allocation'
will give the qcow2 image size
Chris Lalancette [Wed, 28 Apr 2010 19:50:06 +0000 (15:50 -0400)]
Fix a virsh edit memory leak
When running virsh edit, we are unlinking and setting
the tmp variable to NULL before going to the end of the
function, meaning that we never free tmp. Since the
exit to the function will always unlink and free tmp,
just remove this bit of code and let it get done at the
end.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Chris Lalancette [Wed, 28 Apr 2010 19:49:41 +0000 (15:49 -0400)]
Fix a qemuDomainPCIAddressSetFree memory leak
qemuDomainPCIAddressSetFree was freeing up the hash
table for the pci addresses, but not freeing up the addr
structure. Looking over the callers of this function, it
seems like they expect it to also free up the structure,
so do that here.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Chris Lalancette [Mon, 26 Apr 2010 13:41:07 +0000 (09:41 -0400)]
Fix build on Ubuntu.
When building on Ubuntu with make -j3 (or more), it would always
fail when trying to build virt-aa-helper. I'm not an expert in
automake by any means, but I think the entry for virt-aa-helper
is mis-using LDADD; it shouldn't be putting direct paths to
libvirt_conf.la and libvirt_util.la, but instead referencing those
names. With this patch in place, I'm able to successfully build
on Ubuntu 9.04 with make -j3.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
* src/qemu/qemu_driver.c (qemuDomainSnapshotCreateXML): When setting
"vm" to NULL, jump over vm-dereferencing code to "cleanup".
(qemuDomainRevertToSnapshot): Likewise.
Daniel Veillard [Wed, 28 Apr 2010 13:38:47 +0000 (15:38 +0200)]
Move dnsmasq host file to a separate directory
use /var/lib/libvirt/dnsmasq since /var/lib/libvirt/network is
unreadable by the dnsmasq binary
* src/network/bridge_driver.c: update DNSMASQ_STATE_DIR
* src/Makefile.am: create it on make install
* libvirt.spec.in: take the new directory into account
Fix handling of security driver restore failures in QEMU domain save
In cases where the security driver failed to restore a label after a
guest has saved, we mistakenly jumped to the error cleanup paths.
This is not good, because the operation has in fact completed and
cannot be rolled back completely. Label restore is non-critical, so
just log the problem instead. Also add a missing restore call in
the error cleanup path
* src/qemu/qemu_driver.c: Fix handling of security driver
restore failures in QEMU domain save
Fix QEMU domain save to block devices with cgroups enabled
When cgroups is enabled, access to block devices is likely to be
restricted to a whitelist. Prior to saving a guest to a block device,
it is necessary to add the block device to the whitelist. This is
not required upon restore, since QEMU reads from stdin
* src/qemu/qemu_driver.c: Add block device to cgroups whitelist
if neccessary during domain save.
The save process was relying on use of the shell >> append
operator to ensure the save data was placed after the libvirt
header + XML. This doesn't work for block devices though.
Replace this code with use of 'dd' and its 'seek' parameter.
This means that we need to pad the header + XML out to a
multiple of dd block size (in this case we choose 512).
The qemuMonitorMigateToCommand() monitor API is used for both
save/coredump, and migration via UNIX socket. We can't simply
switch this to use 'dd' since this causes problems with the
migration usage. Thus, create a dedicated qemuMonitorMigateToFile
which can accept an filename + offset, and remove the filename
from the current qemuMonitorMigateToCommand() API
* src/qemu/qemu_driver.c: Switch to qemuMonitorMigateToFile
for save and core dump
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c, src/qemu/qemu_monitor_json.h,
src/qemu/qemu_monitor_text.c, src/qemu/qemu_monitor_text.h: Create
a new qemuMonitorMigateToFile, separate from the existing
qemuMonitorMigateToCommand to allow handling file offsets
Avoid create/unlink with block devs used for QEMU save
It is possible to use block devices with domain save/restore. Upon
failure QEMU unlinks the path being saved to. This isn't good when
it is a block device !
* src/qemu/qemu_driver.c: Don't unlink block devices if save fails
Fix crash when cleaning up from failed save attempt
If a transient QEMU crashes during save attempt, then the virDomainPtr
object may be freed. If a persistent QEMU crashes during save, then
the 'priv->mon' field is no longer valid since it will be inactive.
* src/qemu/qemu_driver.c: Fix two crashes when QEMU exits
during a save attempt
Stefan Berger [Tue, 27 Apr 2010 18:50:35 +0000 (14:50 -0400)]
nwfilter: let qemu's after-migration packet pass
Qemu currently sends an Ethernet packet with protocol id 0x835 once a VM
was successfully migrated. The content of the packet looks like a
gratuitous RARP, just with the wrong protocol ID, which should be
0x8035. I wrote some filters to let either one of the packets pass and
am adapting the clean-traffic sample filter to use it. I am also
doing some changes on the existing ARP filter which was lacking a
test for source MAC address.
Chris Lalancette [Thu, 22 Apr 2010 16:01:56 +0000 (12:01 -0400)]
Fix up the locking in the snapshot code.
In particular I was forgetting to take the qemuMonitorPrivatePtr
lock (via qemuDomainObjBeginJob), which would cause problems
if two users tried to access the same domain at the same time.
This patch also fixes a problem where I was forgetting to remove
a transient domain from the list of domains.
Thanks to Stephen Shaw for pointing out the problem and testing
out the initial patch.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Stefan Berger [Tue, 27 Apr 2010 11:26:12 +0000 (07:26 -0400)]
nwfilter: add support for RAPR protocol
This patch adds support for the RARP protocol. This may be needed due to
qemu sending out a RARP packet (at least that's what it seems to want to
do even though the protocol id is wrong) when migration finishes and
we'd need a rule to let the packets pass.
Unfortunately my installation of ebtables does not understand -p RARP
and also seems to otherwise depend on strings in /etc/ethertype
translated to protocol identifiers. Therefore I need to pass -p 0x8035
for RARP. To generally get rid of the dependency of that file I switch
all so far supported protocols to use their protocol identifier in the
-p parameter rather than the string.
I am also extending the schema and added a test case.
changes from v1 to v2:
- added test case into patch
With JSON qemu monitor, we get a STOP event from qemu whenever qemu
stops guests CPUs. The downside of it is that vm->state is changed to
PAUSED and a new generic paused event is send to applications. However,
when we ask qemu to stop the CPUs we are not really interested in qemu
event and we usually want to issue a more specific event.
By setting vm->status to PAUSED before actually sending the request to
qemu (and resetting it back if the request fails) we can ignore the
event since the event handler does nothing when the guest is already
paused. This solution is quite hacky but unfortunately it's the best
solution which I was able to come up with and it doesn't introduce a
race condition.
David Allan [Tue, 27 Apr 2010 10:01:32 +0000 (12:01 +0200)]
Fix indentation for storage conf XML
* virStorageEncryptionFormat is called from both
virDomainDiskDefFormat and virStorageVolTargetDefFormat. The proper
indentation in the generated XML depends on the caller. My earlier
patch to fix the incorrect indentation for the domain XML broke the
indentation for the storage XML. This patch adopts Laine's
suggestion of requring the caller of virStorageEncryptionFormat to
provide an unsigned int with the number of spaces the output should
be indented. The patch modifies both callers to provide the
additional argument.
* Add a regression test for the domain XML
* src/conf/domain_conf.c src/conf/storage_conf.c
src/conf/storage_encryption_conf.c src/conf/storage_encryption_conf.h:
change the indentation code
* tests/qemuxml2xmltest.c
tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk.args
tests/qemuxml2argvdata/qemuxml2argv-encrypted-disk.xml: add a regression test
Stefan Berger [Mon, 26 Apr 2010 17:50:40 +0000 (13:50 -0400)]
nwfilter: enable hex number inputs in filter XML
With this patch I want to enable hex number inputs in the filter XML. A
number that was entered as hex is also printed as hex unless a string
representing the meaning can be found.
I am also extending the schema and adding a test case. A problem with
the DSCP value is fixed on the way as well.
Changes from V1 to V2:
- using asHex boolean in all printf type of functions to select the
output format in hex or decimal format
Starts dnsmasq from libvirtd with --dhcp-hostsfile option
This patch makes libvirtd start the dnsmasq daemon with a
--dhcp-hostsfile option instead of --dhcp-host options for each
'//ip/dhcp/host' entries defined in network xml file.
the dnsmasq host file is stored into /var/lib/libvirt/network
* src/network/bridge_driver.c: define the directory for the hostfiles
and save/delete them to be used by dnsmasq
* po/POTFILES.in: the new module contains translatable strings
* src/Makefile.am: include the files in the utils set
* src/libvirt_private.syms: exports the symbols internally
It implements an idea to save dhcp hosts' macaddr vs. ipaddr mappings to
static file and make dnsmasq loading it with "--dhcp-hostsfile" option,
originally suggested by Dan, and can address the problem that too
many "--dhcp-host" args hitting ARG_MAX limit
* src/util/dnsmasq.h src/util/dnsmasq.c: adds the 2 new files
Chris Lalancette [Fri, 23 Apr 2010 15:59:02 +0000 (11:59 -0400)]
Fix printing of pathnames on error in qemuDomainSnapshotLoad.
While doing some testing of the snapshot code I noticed that
if qemuDomainSnapshotLoad failed, it would print a NULL as
part of the error. That's not desirable, so leave the
full_path variable around until after we are done printing
errors.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Chris Lalancette [Fri, 23 Apr 2010 15:57:16 +0000 (11:57 -0400)]
Fix a memory leak in the snapshot code in libvirtd.
While running libvirtd under valgrind and doing some
snapshot testing I noticed that we would always leak a
connection reference. The problem was actually that we
were leaking a domain reference in the libvirtd remote
snapshot code, which was in turn causing a leaked
connection reference. Fix the situation by explicitly
taking and dropping a domain reference where we need it.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Disable stateful OpenNebula driver if libvirtd is disabled
Also move the equivalent checks for LXC and UML before their header
checks. This way configure doesn't check for the headers when the driver
gets disabled anyway.
projects / libvirt.git / log