When we wait for sync reply we can receive delayed
reply to syncs or commands that were sent erlier. We can
safely skip them until we receive sync reply with correct id.
There is no much sense report this situation to client.
Actually with a bit of "luck" if we involve client into
this the play can go on forever: send sync 0, receive
sync reply -1, send sync 1, receive reply 0 ...
qemu: agent: ignore garbage while waiting for sync reply
After sync is sent we can receive garbare and this is not error.
Consider next regular case:
1. libvirtd sends sync
2. qga sends partial sync reply and die
3. libvirtd sends sync
4. qga sends sync reply
5. libvirtd receives garbage
(half of first reply and second reply together)
We should handle this situation as it is recoverable.
Next sync can succeed. Let's report reply is NULL,
it will be converted to the VIR_ERR_AGENT_UNSYNCED
which signals client to retry.
Errors in qemuAgentIOProcessLine stop agent IO processing just
like any regular IO error, however some of current errors
that this functions spawns are false positives. Consider
next case for example:
Last IO triggers error because current code ignores
only delayed syncs when unsynced
We should not treat any delayed reply as error in unsynced
state. Until client and qga are not in sync delayed reply to any
command is possible. msg == NULL is the exact criterion
that we are not in sync.
Andrea Bolognani [Tue, 20 Sep 2016 13:22:04 +0000 (15:22 +0200)]
virtlogd: Don't stop or restart along with libvirtd
Commit 839a060 tied the lifecycle of virtlogd more
closely to that of libvirtd. Unfortunately, while starting
virtlogd when libvirtd is started is definitely a good idea,
restarting virtlogd or shutting it down at any time outside
of system poweroff is not.
Revert part of that commit by removing the PartOf= lines,
meaning that only startup requests will be propagated from
libvirtd to virtlogd.
Erik Skultety [Wed, 7 Sep 2016 15:30:48 +0000 (17:30 +0200)]
virt-admin: Tweak command parsing logic so that aliases point to new commands
Change the logic in a way, so that VSH_CMD_FLAG_ALIAS behaves similarly to
how VSH_OT_ALIAS for command options, i.e. there is no need for code duplication
for the alias and the aliased command structures. Along with that change,
switch any existing VSH_CMD_FLAG_ALIAS occurrences to this new format. Also,
since this patch introduces a new command structure element, adjust the
virsh-self-test test to make sure we won't ever miss to specify the '.alias'
member for an aliased command because doing that would lead to an internal
error.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Erik Skultety [Fri, 16 Sep 2016 14:06:47 +0000 (16:06 +0200)]
virsh: man: Do not document our old deprecated nodedev-dettach command
The command is deprecated due to being grammatically incorrect, but for
backwards compatibility reasons cannot be removed. However, we should not
document such commands.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Erik Skultety [Fri, 16 Sep 2016 08:17:46 +0000 (10:17 +0200)]
vsh: discard vshCmddefOptFill and move its body to vshCmddefOptParse
Recent changes extracted the command internals validation routine from
vshCmddefOptParse method which now just calls vshCmddefOptFill. Therefore, make
vshCmddefOptFill the new vshCmddefOptParse and drop the unnecessary name.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Erik Skultety [Fri, 16 Sep 2016 07:58:24 +0000 (09:58 +0200)]
vsh: Extract vshCmddefCheckInternals from vshCmddefOptParse
Originally introduced by commit 2432521e which correctly split
vshCmddefOptParse into command's options validation and options parsing.
However, command's 'internals' are not tied solely to .options, rather it
should be about the overall structure, therefore the validation should be
extracted from vshCmddefOptParse and performed only within our test suite, i.e.
in vshSelfTest.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Erik Skultety [Thu, 15 Sep 2016 15:52:11 +0000 (17:52 +0200)]
vsh: vshCmddefHelp: Drop the unnecessary 'else' branch
If the initial check is true the function immediately returns so there's no
need to enclose the code following the check within an 'else' block.
Also, by removing the 'else' block, the declarations need to be moved to
beginning of the function block to conform with our guidelines.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
Erik Skultety [Mon, 19 Sep 2016 11:10:38 +0000 (13:10 +0200)]
vsh: Enforce checking for missing help string
The intention is to move vshCmddefCheckInternals out of vshCmddefOptParse to
our test suite. First step to do that is to enforce checking for an existing
help string (that also means it's non-empty) in a command because a command
without a help is not much of a use.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
This caused libvirt Mingw build to break with the compiler
reporting 100's of definitions of virConnectAuthPtrDefault
./.libs/libvirt_util.a(libvirt_util_la-virarch.o):virarch.c:(.bss+0x0): multiple definition of `virConnectAuthPtrDefault'
./.libs/libvirt_util.a(libvirt_util_la-viralloc.o):viralloc.c:(.bss+0x0): first defined here
./.libs/libvirt_util.a(libvirt_util_la-viratomic.o):viratomic.c:(.bss+0x0): multiple definition of `virConnectAuthPtrDefault'
./.libs/libvirt_util.a(libvirt_util_la-viralloc.o):/home/berrange/src/virt/libvirt/src/util/viralloc.c:87: first defined here
./.libs/libvirt_util.a(libvirt_util_la-viraudit.o):viraudit.c:(.bss+0x0): multiple definition of `virConnectAuthPtrDefault'
./.libs/libvirt_util.a(libvirt_util_la-viralloc.o):/home/berrange/src/virt/libvirt/src/util/viralloc.c:87: first defined here
./.libs/libvirt_util.a(libvirt_util_la-virauth.o):virauth.c:(.bss+0x0): multiple definition of `virConnectAuthPtrDefault'
./.libs/libvirt_util.a(libvirt_util_la-viralloc.o):/home/berrange/src/virt/libvirt/src/util/viralloc.c:87: first defined here
./.libs/libvirt_util.a(libvirt_util_la-virauthconfig.o):virauthconfig.c:(.bss+0x0): multiple definition of `virConnectAuthPtrDefault'
...snip...
The cause is our VIR_EXPORT_VAR macro which has some
magic on win to add dllexport/dllimport to the variable
declaration. Unfortunately the dllexport branch missed
off the 'extern' keyword, so the header file was in
fact declaring an instance of the variable in every
source file.
Previously the linker would merge all these definitions
into one, but that no longer happens due to -fno-common
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Laine Stump [Mon, 19 Sep 2016 17:44:21 +0000 (13:44 -0400)]
tests: fix use of fixedcontent variable
Commit 8563560026d192c2cf047b550ffd468692245ed6 switched from
hardcoded use of strcontent to hardcoded use of fixedcontent
(fixedcontent is *sometimes* a copy of strcontent with a \n
appended). This was a problem because sometimes fixedcontent is *not*
a copy of strcontent, but is instead NULL, leading to the regenerated
test case output being a 0 length file.
This patch creates a new const char *cmpcontent initialized to
strcontent, but changed to fixedcontent if/when fixedcontent is
created, then always uses cmpcontent instead of (str|fixed)content.
come with a linear framebuffer (sometimes called "VGA compatibility
framebuffer"). This linear framebuffer lives in one of the PCI device's
MMIO BARs, and allows guest code (primarily: firmware drivers, and
non-accelerated OS drivers) to display graphics with direct memory access.
Due to architectural reasons on aarch64/KVM hosts, this kind of
framebuffer doesn't / can't work in
qemu-system-(arm|aarch64) -M virt
machines. Cache coherency issues guarantee a corrupted / unusable display.
The problem has been researched by several people, including kvm-arm
maintainers, and it's been decided that the best way (practically the only
way) to have boot time graphics for such guests is to consolidate on
QEMU's "virtio-gpu-pci" device.
but libvirt unconditionally maps @type='virtio' to QEMU's "virtio-vga"
device model. (See the qemuBuildDeviceVideoStr() function and the
"qemuDeviceVideo" enum impl.)
According to the above, this is not right for the "virt" machine type; the
qemu-system-(arm|aarch64) binaries don't even recognize the "virtio-vga"
device model (justifiedly). Whereas "virtio-gpu-pci", which is a pure
virtio device without a compatibility framebuffer, is available, and works
fine.
(The ArmVirtQemu ("AAVMF") platform of edk2 -- that is, the UEFI firmware
for "virt" -- supports "virtio-gpu-pci", as of upstream commit 3ef3209d3028. See
<https://tianocore.acgmultimedia.com/show_bug.cgi?id=66>.)
Override the default mapping of "virtio", from "virtio-vga" to
"virtio-gpu-pci", if qemuDomainMachineIsVirt() evaluates to true.
Cc: Andrea Bolognani <abologna@redhat.com> Cc: Drew Jones <drjones@redhat.com> Cc: Marc-André Lureau <marcandre.lureau@redhat.com> Cc: Martin Kletzander <mkletzan@redhat.com> Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1372901 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Martin Kletzander <mkletzan@redhat.com>
There is nothing Linux-specific in that function. Also since commit 8c3b5bf48123783b812b97360db7ac51f1889e17 mingw build is broken due to
the fact that this function is not compiled in the library.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Tomáš Ryšavý [Thu, 15 Sep 2016 08:27:03 +0000 (10:27 +0200)]
test_driver: Replace magic constant
In testOpenDefault we create a virtual computer that is later
presented to user. We also pretend to have NUMA cells and
initialize them somehow. But whilst doing so a magical constant
is used. Drop it.
Signed-off-by: Tomáš Ryšavý <tom.rysavy.0@gmail.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
virsh: use virConnectGetDomainCapabilities with maxvcpus
virsh maxvcpus --type kvm output is useless on PPC. Also, in
commit e6806d79 we documented not rely on virConnectGetMaxVcpus
output. Fix the maxvcpus to use virConnectGetDomainCapabilities
now to make it useful. The call is made to use the default emulator
binary and to check for the host machine and arch which is what the
command intends to show anyway.
Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Commit ca32929908bbc94116493ad8915e7cd7ae0f57d5 added function
virTestCompareToFile(), but forgot to use a fixedcontent value for the
actual comparison. That lead to VIR_TEST_DEBUG=1 showing (for some
tests) all the actual output from the first error to the end of the
string due to the difference being an endline in the end.
Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
Peter Krempa [Tue, 13 Sep 2016 15:56:08 +0000 (17:56 +0200)]
qemu: domain: Don't infer vcpu state
Use the state information (online, hotpluggable) provided by the monitor
code rather than trying to infer it. This fixes an issue where on
architectures that require hotplug of multiple threads at once the
sub-cores would get updated as offline on daemon restart thus creating
an invalid configuration.
Peter Krempa [Tue, 13 Sep 2016 15:28:02 +0000 (17:28 +0200)]
qemu: monitor: Use a more obvious iterator name
The algorithm that matches data from query-cpus and
query-hotpluggable-cpus is quite complex. Start using descriptive
iterator names to avoid confusion.
Apparently, some management applications use the following code
pattern when waiting for a block job to finish:
while (1) {
virDomainGetBlockJobInfo(dom, disk, info, flags);
if (info.cur == info.end)
break;
sleep(1);
}
Problem with this approach is in its corner cases. In case of
QEMU, libvirt merely pass what has been reported on the monitor.
However, if the block job hasn't started yet, qemu reports cur ==
end == 0 which tricks mgmt apps into thinking job is complete.
The solution is to mangle cur/end values as described here [1].
qemuDomainGetBlockJobInfo: Move info translation into separate func
Even though we merely just pass to users whatever qemu provided
on the monitor, we still do some translation. For instance we
turn bytes into mebibytes, or fix job type if needed. However, in
the future there is more fixing to be done so this code deserves
its own function.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
The test qemuxml2argv-serial-tcp-tlsx509-chardev.args
will fail if libvirt is built with a --sysconfdir
arg that is not /etc. Fix this by setting a hardcoded
path in the test code.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Peter Krempa [Tue, 13 Sep 2016 13:55:06 +0000 (15:55 +0200)]
numa: Rename virNumaGetHostNodeset and make it return only nodes with memory
Name it virNumaGetHostMemoryNodeset and return only NUMA nodes which
have memory installed. This is necessary as the kernel is not very happy
to set the memory cgroup setting for nodes which do not have any memory.
This would break vcpu hotplug with following message on such
configruation:
Invalid value '0,8' for 'cpuset.mems': Invalid argument
Michal Privoznik [Tue, 13 Sep 2016 14:23:05 +0000 (16:23 +0200)]
configure: Check for major() more strictly
Thing is, in f3f15cc24 I'm trying to adapt libvirt to the newest
glibc where major()/minor()/makedev() are moved from sys/types.h
to sys/sysmacros.h. However, my commit back then expect autoconf
to be fixed too as we already use AC_HEADER_MAJOR to determine
which header file the functions are in, but because the header
files just trigger a warning and not a compile error, the
autoconf macro detects the bad header file.
This is just a workaround until autoconf macro is fixed.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Erik Skultety [Thu, 8 Sep 2016 13:28:07 +0000 (15:28 +0200)]
tests: fix incorrect status handling by virsh-self-test
The virsh-self-test script compared the test's return code with 1 and only if
the return code matched this value then the test was marked as failed. Problem
is that SIGSEGV returns 139 (or 11 to be precise, since shell reserves the MSB
for abnormal exit signaling) which passes the check just fine and test then
appears as successful which it most certainly wasn't.
Therefore, flip the logic to compare against 0 instead and every other result
will be treated as a failed test case.
Signed-off-by: Erik Skultety <eskultet@redhat.com>
In a full domain config, libvirt allows overriding the normal PCI
vs. PCI Express rules when a device address is explicitly provided
(so, e.g., you can force a legacy PCI device to plug into a PCIe port,
although libvirt would never do that on its own). However, due to a
bug libvirt doesn't give this same leeway when hotplugging devices. On
top of that, current libvirt assumes that *all* devices are legacy
PCI. The result of all this is that it's impossible to hotplug a
device into a PCIe port, even if you manually add the PCI address.
This can all be traced to the function
virDomainPCIAddressEnsureAddr(), and the fact that it calls
virDomainPCIaddressReserveSlot() for manually set addresses, and that
function hardcodes the argument "fromConfig" to false (meaning "this
address was auto-assigned, so it should be subject to stricter
validation").
Since virDomainPCIAddressReserveSlot() is just a one line simple
wrapper around virDomainPCIAddressReserveAddr() (adding in a hardcoded
reserveEntireSlot = true and fromConfig = false), all that's needed to
solve the problem with no unwanted side effects is to replace that
call for virDomainPCIAddressReserveSlot() with a direct call to
virDomainPCIAddressReserveAddr(), but with reserveEntireSlot = true,
fromConfig = true. That's what this patch does.
Laine Stump [Mon, 12 Sep 2016 17:21:10 +0000 (13:21 -0400)]
qemu: fix improper initialization of cgroupControllers bitmap
virQEMUDriverConfigNew() always initializes the bitmap in its
cgroupControllers member to -1 (i.e. all 1's).
Prior to commit a9331394, if qemu.conf had a line with
"cgroup_controllers", cgroupControllers would get reset to 0 before
going through a loop setting a bit for each named cgroup controller.
commit a9331394 left out the "reset to 0" part, so cgroupControllers
would always be -1; if you didn't want a controller included, there
was no longer a way to make that happen.
This was discovered by users who were using qemu commandline
passthrough to use the "input-linux" method of directing
keyboard/mouse input to a virtual machine:
Thanks to sL1pKn07 SpinFlo <sl1pkn07@gmail.com> for bringing the
problem up in IRC, and then taking the time to do a git bisect and
find the patch that started the problem.
qemu: Add the ability to hotplug the TLS X.509 environment
added a parameter "bool listen" in some methods. This
unfortunately clashes with the listen() method, causing
compile failures on certain platforms (RHEL-6 for example)
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
John Ferlan [Tue, 6 Sep 2016 21:00:30 +0000 (17:00 -0400)]
storage: Need to properly read the crypt offset value
Commit id 'a48c7141' altered how to determine if a volume was encrypted
by adding a peek at an offset into the file at a specific buffer location.
Unfortunately, all that was compared was the first "char" of the buffer
against the expect "int" value.
Restore the virReadBufInt32BE to get the complete field in order to
compare against the expected value from the qcow2EncryptionInfo or
qcow1EncryptionInfo "modeValue" field.
This restores the capability to create a volume with encryption, then
refresh the pool, and still find the encryption for the volume.
John Ferlan [Tue, 6 Sep 2016 20:52:36 +0000 (16:52 -0400)]
storage: Need to refresh secret for luks volume after volume refresh
A LUKS volume uses the volume secret type just like the QCOW2 secret, so
adjust the loading of the default secrets to handle any volume that the
virStorageFileGetMetadataFromBuf code has deemed to be an encrypted volume
to search for the volume's secret. This lookup is done by volume usage
where the usage is expected to be the path to volume.
When migration fails, we need to poke QEMU monitor to check for a reason
of the failure. We did this using query-migrate QMP command, which is
not supposed to return any meaningful result on the destination side.
Thus if the monitor was still functional when we detected the migration
failure, parsing the answer from query-migrate always failed with the
following error message:
"info migration reply was missing return status"
This irrelevant message was then used as the reason for the migration
failure replacing any message we might have had.
Let's use harmless query-status for poking the monitor to make sure we
only get an error if the monitor connection is broken.
John Ferlan [Tue, 6 Sep 2016 21:20:30 +0000 (17:20 -0400)]
util: Quiet the logging if perf file doesn't exist
Commit id 'b00d7f29' shifted the opening of the /sys/devices/intel_cqm/type
file from event enable to perf event initialization. If the file did not
exist, then an error would be written to the domain log:
2016-09-06 20:51:21.677+0000: 7310: error : virFileReadAll:1360 : Failed to open file '/sys/devices/intel_cqm/type': No such file or directory
Since the error is now handled in virPerfEventEnable by checking if the
event_attr->attrType == 0 for CMT, MBML, and MBMT events - we can just
use the Quiet API in order to not log the error we're going to throw away.
Additionally, rather than using virReportSystemError, use virReportError
and VIR_ERR_ARGUMENT_UNSUPPORTED in order to signify that support isn't there
for that type of perf event - adjust the error message as well.
Implement support for "virsh cpu-compare" so that we can calculate
common cpu element between a pool of hosts, which had a requirement
of providing host cpu description.
Signed-off-by: Joao Martins <joao.m.martins@oracle.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Parse libxl_hwcap accounting for versions since Xen 4.4 - Xen 4.7.
libxl_hwcaps is a set of cpuid leaves output that is described in [0] or
[1] in Xen 4.7. This is a collection of CPUID leaves that we version
in libvirt whenever feature words are reordered or added. Thus we keep the
common ones in one struct and others for each version. Since
libxl_hwcaps doesn't appear to have a stable format across all supported
versions thus we need to keep track of changes as a compromise until it's
exported in xen libxl API. We don't fail in initializing the driver in case
parsing of hwcaps failed for that reason. In addition, change the notation
on PAE feature such that is easier to read which bit it corresponds.
Add support for describing cpu topology in host cpu element. In doing
so, refactor hwcaps part to its own helper namely libxlCapsInitCPU to
handle all host cpu related operations, including topology.
Peter Krempa [Mon, 5 Sep 2016 16:12:00 +0000 (18:12 +0200)]
qemu: hotplug: Don't wait if cdrom tray is opened forcibly
Qemu always opens the tray if forced to. Skip the waiting step in such
case.
This also helps if qemu does not report the tray change event when
opening the cdrom forcibly (the documentation says that the event will
not be sent although qemu in fact does trigger it even if @force is
selceted).
This is a workaround for a qemu issue where qemu does not send the tray
change event in some cases (after migration with empty closed locked
drive) and thus renders the cdrom useless from libvirt's point of view.
Peter Krempa [Mon, 5 Sep 2016 13:50:18 +0000 (15:50 +0200)]
qemu: domain: Clear startup policy for dropped removable media
When a source image is dropped when missing due to startup policy the
policy needs to be cleared since it was relevant only for the given
storage source. New sources need to update it if needed.
QEMU added another virtio-net tunable [1]. It basically allows
users to set the size of RX virtio ring. But because virtio-net
uses two separate ring buffers to pass data from/to guest they
named it explicitly rx_queue_size. We should expose it in our XML
too.
John Ferlan [Thu, 14 Jul 2016 19:09:08 +0000 (15:09 -0400)]
conf: Add new secret type "tls"
Add a new secret usage type known as "tls" - it will handle adding the
secret objects for various TLS objects that need to provide some sort
of passphrase in order to access the credentials.
Once defined and a passphrase set, future patches will allow the UUID
to be set in the qemu.conf file and thus used as a secret for various
TLS options such as a chardev serial TCP connection, a NBD client/server
connection, and migration.
John Ferlan [Mon, 13 Jun 2016 16:30:34 +0000 (12:30 -0400)]
qemu: Add the ability to hotplug the TLS X.509 environment
If the incoming XML defined a path to a TLS X.509 certificate environment,
add the necessary 'tls-creds-x509' object to the VIR_DOMAIN_CHR_TYPE_TCP
character device.
Likewise, if the environment exists the hot unplug needs adjustment as
well. Note that all the return ret were changed to goto cleanup since
the cfg needs to be unref'd
John Ferlan [Thu, 9 Jun 2016 22:30:55 +0000 (18:30 -0400)]
qemu: Add support for TLS X.509 path to TCP chardev backend
When building a chardev device string for tcp, add the necessary pieces to
access provide the TLS X.509 path to qemu. This includes generating the
'tls-creds-x509' object and then adding the 'tls-creds' parameter to the
VIR_DOMAIN_CHR_TYPE_TCP command line.
Finally add the tests for the qemu command line. This test will make use
of the "new(ish)" /etc/pki/qemu setting for a TLS certificate environment
by *not* "resetting" the chardevTLSx509certdir prior to running the test.
Also use the default "verify" option (which is "no").
John Ferlan [Tue, 14 Jun 2016 19:52:37 +0000 (15:52 -0400)]
conf: Introduce chartcp_tls_x509_cert_dir
Add a new TLS X.509 certificate type - "chardev". This will handle the
creation of a TLS certificate capability (and possibly repository) for
properly configured character device TCP backends.
Unlike the vnc and spice there is no "listen" or "passwd" associated. The
credentials eventually will be handled via a libvirt secret provided to
a specific backend.
John Ferlan [Tue, 14 Jun 2016 18:14:31 +0000 (14:14 -0400)]
conf: Add new default TLS X.509 certificate default directory
Rather than specify perhaps multiple TLS X.509 certificate directories,
let's create a "default" directory which can then be used if the service
(e.g. for now vnc and spice) does not supply a default directory.
Since the default for vnc and spice may have existed before without being
supplied, the default check will first check if the service specific path
exists and if so, set the cfg entry to that; otherwise, the default will
be set to the (now) new defaultTLSx509certdir.
Additionally add a "default_tls_x509_verify" entry which can also be used
to force the peer verification option (for vnc it's a x509verify option).
Add/alter the macro for the option being found in the config file to accept
the default value.
qemu: Remove stale transient def when migration fails
If a migration of a domain which is already defined on the destination
host failed early (before we tried to start QEMU), we would forget to
remove the incoming transient definition. Later on when someone starts
the domain on the destination host, we will use the stale incoming
definition and the persistent definition will just be ignored.
The code for replacing domain's transient definition with the persistent
one is repeated in several places and we'll need to add one more. Let's
make a nice helper for it.
When using
virsh net-event non-existing-net
the error message says that 'either --list or event type is required'
This is misleading as 'virsh net-event $valid-event-type' is not going
to work either. What is expected is 'virsh net-event --event
$valid-event-type'
This commit fixes the string in pool-event, nodedev-event, event, and
net-event.
Julio Faracco [Wed, 7 Sep 2016 21:43:53 +0000 (18:43 -0300)]
security: Fixing wrong label in virt-aa-helper.c.
There is an issue with a wrong label inside vah_add_path().
The compilation fails with the error:
make[3]: Entering directory '/tmp/libvirt/src'
CC security/virt_aa_helper-virt-aa-helper.o
security/virt-aa-helper.c: In function 'vah_add_path':
security/virt-aa-helper.c:769:9: error: label 'clean' used but not defined
goto clean;
This patch moves 'clean' label to 'cleanup' label.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com>
Rufo Dogav [Wed, 24 Aug 2016 23:15:29 +0000 (00:15 +0100)]
Avoid segfault in virt-aa-helper when handling read-only filesystems
This patch fixes a segfault in virt-aa-helper caused by attempting to
modify a static string literal. It is triggered when a domain has a
<filesystem> with type='mount' configured read-only and libvirt is
using the AppArmor security driver for sVirt confinement. An "R" is
passed into the function and converted to 'r'.
Yanqiu Zhang [Thu, 25 Aug 2016 02:49:55 +0000 (10:49 +0800)]
storage: Delete extra wrap after vol-resize error
This patch is to delete the extra wrap "\n" after failed vol-resize
error for both "Failed to change size of volume to" and "Failed to change
size of volume by". For error with wrap, there will be an extra wrap
between two errors, such as:
(1)# virsh vol-resize --pool default --vol vol-test 5M
error: Failed to change size of volume 'vol-test' to 5M
error: invalid argument: Can't shrink capacity below current capacity unless shrink flag explicitly specified
(2)# virsh vol-resize /var/lib/libvirt/images/volds --shrink --delta 10M
error: Failed to change size of volume 'volds' by 10M
Peter Krempa [Wed, 7 Sep 2016 11:20:00 +0000 (13:20 +0200)]
qemu: process: Fix start with unpluggable vcpus with NUMA pinning
Similarly to vcpu hotplug the emulator thread cgroup numa mapping needs
to be relaxed while hot-adding vcpus so that the threads can allocate
data in the DMA zone.
Peter Krempa [Wed, 7 Sep 2016 11:11:59 +0000 (13:11 +0200)]
qemu: cgroup: Extract temporary relaxing of cgroup setting for vcpu hotplug
When hot-adding vcpus qemu needs to allocate some structures in the DMA
zone which may be outside of the numa pinning. Extract the code doing
this in a set of helpers so that it can be reused.
Erik Skultety [Mon, 5 Sep 2016 11:51:21 +0000 (13:51 +0200)]
virt-admin: Output srv-clients-set data as unsigned int rather than signed
Unfortunately, commit a8962f70 only fixed first half of the reported issue of
virt-admin outputting negative values where unsigned int is expected by
BZ below, so this commit represents the other missing half of the fix.
Maxim Nestratov [Mon, 6 Jun 2016 14:42:16 +0000 (17:42 +0300)]
util: fix crash in virClassIsDerivedFrom for CloseCallbacks objects
There is a possibility that qemu driver frees by unreferencing its
closeCallbacks pointer as it has the only reference to the object,
while in fact not all users of CloseCallbacks called thier
virCloseCallbacksUnset.
Backtrace is the following:
Thread #1:
0 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
1 in virCondWait (c=<optimized out>, m=<optimized out>)
at util/virthread.c:154
2 in virThreadPoolFree (pool=0x7f0810110b50)
at util/virthreadpool.c:266
3 in qemuStateCleanup () at qemu/qemu_driver.c:1116
4 in virStateCleanup () at libvirt.c:808
5 in main (argc=<optimized out>, argv=<optimized out>)
at libvirtd.c:1660
Thread #2:
0 in virClassIsDerivedFrom (klass=0xdeadbeef, parent=0x7f0837c694d0) at util/virobject.c:169
1 in virObjectIsClass (anyobj=anyobj@entry=0x7f08101d4760, klass=<optimized out>) at util/virobject.c:365
2 in virObjectLock (anyobj=0x7f08101d4760) at util/virobject.c:317
3 in virCloseCallbacksUnset (closeCallbacks=0x7f08101d4760, vm=vm@entry=0x7f08101d47b0, cb=cb@entry=0x7f081d078fc0 <qemuProcessAutoDestroy>) at util/virclosecallbacks.c:163
4 in qemuProcessAutoDestroyRemove (driver=driver@entry=0x7f081018be50, vm=vm@entry=0x7f08101d47b0) at qemu/qemu_process.c:6368
5 in qemuProcessStop (driver=driver@entry=0x7f081018be50, vm=vm@entry=0x7f08101d47b0, reason=reason@entry=VIR_DOMAIN_SHUTOFF_SHUTDOWN, asyncJob=asyncJob@entry=QEMU_ASYNC_JOB_NONE, flags=flags@entry=0) at qemu/qemu_process.c:5854
6 in processMonitorEOFEvent (vm=0x7f08101d47b0, driver=0x7f081018be50) at qemu/qemu_driver.c:4585
7 qemuProcessEventHandler (data=<optimized out>, opaque=0x7f081018be50) at qemu/qemu_driver.c:4629
8 in virThreadPoolWorker (opaque=opaque@entry=0x7f0837c4f820) at util/virthreadpool.c:145
9 in virThreadHelper (data=<optimized out>) at util/virthread.c:206
10 in start_thread () from /lib64/libpthread.so.0
Let's reference CloseCallbacks object in virCloseCallbacksSet and
unreference in virCloseCallbacksUnset.
projects / libvirt.git / log