Guannan Ren [Mon, 4 Mar 2013 12:38:18 +0000 (20:38 +0800)]
util: use string libvirt to prefix error message instead of libvir
BZ:https://bugzilla.redhat.com/show_bug.cgi?id=912021
Without error handler set, virDefaultErrorFunc will be called, the
error message is prefixed with "libvir:". It become a little better
by using prefix "libvirt:" when working with upper application.
For example:
1, stop libvirtd daemon
2, run virt-top.
libvir: XML-RPC error : Failed to connect \
socket to '/var/run/libvirt/libvirt-sock-ro': \
No such file or directory
libvirt: VIR_ERR_SYSTEM_ERROR: VIR_FROM_RPC: \
Failed to connect socket to '/var/run/libvirt/libvirt-sock-ro': \
No such file or directory
I just stumbled over that very issue on F18. Doing a little bit
debugging of the shutdown sequence, it turns out that - at least on my
F18 installation - libvirtd is shutdown *after* iscsid, which makes it
impossible for libvirt to perform the logout of the iscsi session properly.
This patch simply adds another startup dependancy on iscsid.service
which in turn delays iscsid shutdown until after libvirtd has stopped.
Having that applied, the system shuts down properly again.
Commit f506a4c1 changed virSetUIDGID() to be a noop
when uid/gid are -1, while it used to be a noop when
they are <= 0.
The changes in this commit broke creating new VMs in GNOME Boxes
as qemuDomainCheckDiskPresence gets called during domain creation/startup,
which in turn calls virFileAccessibleAs which fails after calling
virSetUIDGID(0, 0) (Boxes uses session libvirtd). virSetUIDGID is called with
(0, 0) as these are the default user/group values in virQEMUDriverConfig
for session libvirtd.
This commit changes virQEMUDriverConfigNew to use -1 as the unpriviledged
uid/gid. I've also looked at the various places where cfg->user is used,
and they all seem to handle -1 correctly.
Michal Privoznik [Thu, 28 Feb 2013 14:59:01 +0000 (15:59 +0100)]
virnetdevmacvlan.c: Introduce mutex for macvlan creation
Currently, after we removed the qemu driver lock, it may happen
that two or more threads will start up a machine with macvlan and
race over virNetDevMacVLanCreateWithVPortProfile(). However,
there's a racy section in which we are generating a sequence of
possible device names and detecting if they exits. If we found
one which doesn't we try to create a device with that name.
However, the other thread is doing just the same. Assume it will
succeed and we must therefore fail. If this happens more than 5
times (which in massive parallel startup surely will) we return
-1 without any error reported. This patch is a simple hack to
both of these problems. It introduces a mutex, so only one thread
will enter the section, and if it runs out of possibilities,
error is reported. Moreover, the number of retries is raised to 20.
There is a lock ordering problem in the QEMU close callback
APIs.
When starting a guest we have a lock on the VM. We then
set a autodestroy callback, which acquires a lock on the
close callbacks.
When running auto-destroy, we obtain a lock on the close
callbacks, then run each callbacks - which obtains a lock
on the VM.
This causes deadlock if anyone tries to start a VM, while
autodestroy is taking place.
The fix is to do autodestroy in 2 phases. First obtain
all the callbacks and remove them from the list under
the close callback lock. Then invoke each callback
from outside the close callback lock.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Fix crash in QEMU auto-destroy with transient guests
When the auto-destroy callback runs it is supposed to return
NULL if the virDomainObjPtr is no longer valid. It was not
doing this for transient guests, so we tried to virObjectUnlock
a mutex which had been freed. This often led to a crash.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Jiri Denemark [Thu, 28 Feb 2013 11:48:01 +0000 (12:48 +0100)]
qemu: Make sure qemuProcessStart is run within a job
qemuProcessStart expects to be run with a job already set and every
caller except for qemuMigrationPrepareAny use it correctly. This bug can
be observed in libvirtd logs during incoming migration as
warning : qemuDomainObjEnterMonitorInternal:979 : This thread seems
to be the async job owner; entering monitor without asking for a
nested job is dangerous
Jim Fehlig [Wed, 27 Feb 2013 23:32:35 +0000 (16:32 -0700)]
Fix starting qemu instances when apparmor driver is enabled
With the apparmor security driver enabled, qemu instances fail
to start
# grep ^security_driver /etc/libvirt/qemu.conf
security_driver = "apparmor"
# virsh start test-kvm
error: Failed to start domain test-kvm
error: internal error security label already defined for VM
The model field of virSecurityLabelDef object is always populated
by virDomainDefGetSecurityLabelDef(), so remove the check for a
NULL model when verifying if a label is already defined for the
instance.
Checking for a NULL model and populating it later in
AppArmorGenSecurityLabel() has been left in the code to be
consistent with virSecuritySELinuxGenSecurityLabel().
Michal Privoznik [Mon, 25 Feb 2013 17:52:12 +0000 (18:52 +0100)]
qemu: Don't fail to shutdown domains with unresponsive agent
Currently, qemuDomainShutdownFlags() chooses the agent method of
shutdown whenever the agent is configured. However, this
assumption is not enough as the guest agent may be unresponsive
at the moment. So unless guest agent method has been explicitly
requested, we should fall back to the ACPI method.
The unitialized local variable qemuVersion can cause an random value
to be returned for the hypervisor version, observable with virsh version.
Introduced by commit b46f7f4a0b96c2d2d01d64d960bd7bc90dc16b0c
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.vnet.ibm.com>
The QEMU driver has a list of devices nodes that are whitelisted
for all guests. The kernel has recently started returning an
error if you try to whitelist a device which does not exist.
This causes a warning in libvirt logs and an audit error for
any missing devices. eg
The code for putting the emulator threads in a separate cgroup
would spam the logs with warnings
2013-02-27 16:08:26.731+0000: 29624: warning : virCgroupMoveTask:887 : no vm cgroup in controller 3
2013-02-27 16:08:26.731+0000: 29624: warning : virCgroupMoveTask:887 : no vm cgroup in controller 4
2013-02-27 16:08:26.732+0000: 29624: warning : virCgroupMoveTask:887 : no vm cgroup in controller 6
This is because it has only created child cgroups for 3 of the
controllers, but was trying to move the processes from all the
controllers. The fix is to only try to move threads in the
controllers we actually created. Also remove the warning and
make it return a hard error to avoid such lazy callers in the
future.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
The virQEMUCloseCallbacksRunOne method was passing a uuid string
to virDomainObjListFindByUUID, when it actually expected to get
a raw uuid buffer. This was not caught by the compiler because
the method was using a 'void *uuid' instead of first casting
it to the expected type.
This regression was accidentally caused by refactoring in
Eric Blake [Wed, 27 Feb 2013 00:43:12 +0000 (17:43 -0700)]
qemu: -numa doesn't (yet) support disjoint range
https://bugzilla.redhat.com/show_bug.cgi?id=896092 mentions that
qemu 1.4 and earlier only accept a simple start-stop range for
the cpu=... argument of -numa. Libvirt would attempt to use
-numa cpu=1,3 for a disjoint range, which did not work as intended.
Upstream qemu will be adding a new syntax for disjoint cpu ranges
in 1.5; but the design for that syntax is still under discussion
at the time of this patch. So for libvirt 1.0.3, it is safest to
just reject attempts to build an invalid qemu command line; in the
future, we can add a capability bit and translate to the final
accepted design for selecting a disjoint cpu range in numa.
We decided the xml for this feature needed more thought to make sure
we are doing it the best way, in particular wrt option values that
have multiple items.
Michal Privoznik [Tue, 26 Feb 2013 16:18:08 +0000 (17:18 +0100)]
libvirt.c: Make VIR_MIGRATE_NON_SHARED_{INC,DISK} mutually exclusive
These two flags in fact are mutually exclusive. Requesting them both
doesn't make any sense regardless of hypervisor driver. Hence, we have
to make it within libvirt.c file instead of fixing it in each driver.
Eric Blake [Tue, 26 Feb 2013 23:43:03 +0000 (16:43 -0700)]
build: don't use gcrypt.h without gnutls support
Eugene Marcotte reported that if gcrypt-devel (a prereq of
gnutls-devel) is not present, then compilation fails due to
an unconditional use of <gcrypt.h>.
* src/libvirt.c (includes): Properly guard use of gcrypt.h.
Eric Blake [Tue, 26 Feb 2013 19:45:38 +0000 (12:45 -0700)]
tests: skip virstoragetest on RHEL 5
virstoragetest was failing on RHEL 5, but with no good error message:
TEST: virstoragetest
0 FAIL
It turns out that qemu-img was so old, that it lacked support for
-o backing_file. It didn't help that the test was also using
qemu-img from PATH, even after first probing for kvm-img.
* tests/virstoragetest.c (testPrepImages): Consistently use
discovered binary. Skip instead of fail if qemu-img fails during
setup.
qemu: Remove the shared disk entry if the operation is ejecting or updating
It was still accessing disk->src, when the entire 'disk' object
has been free'd already. Even if it weren't free'd, accessing
the 'src' value of virDomainDiskDef is not allowed without
first validating disk->type is file or block. Just remove the
broken code entirely.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Eric Blake [Tue, 26 Feb 2013 16:40:38 +0000 (09:40 -0700)]
tests: old automake lacks abs_builddir
On RHEL 5, 'make check' included failures such as:
TEST: virstoragetest
unable to create directory /virstoragedata/sub
unable to return to correct directory, refusing to clean up /virstoragedata
It turns out that with automake 1.9.x, $(abs_builddir) is not
automatically provided. We have previously worked around this
by using `pwd` before, but because we did not do it everywhere,
we had a number of broken tests.
This patch brings RHEL 5 from 8 failed tests down to 5 (the
remaining failures may be due to bugs in the older libxml2 and
RNG schema validation available in RHEL 5, so I'm not sure if
they can be fixed in libvirt, but I'm still investigating).
* tests/Makefile.am (AM_CFLAGS): Reliably set abs_builddir.
(*_la_CFLAGS): Factor out common settings; delete when nothing
remains to be added.
Paolo Bonzini [Mon, 25 Feb 2013 16:38:32 +0000 (17:38 +0100)]
qemu: do not set unpriv_sgio if neither supported nor requested
Currently we call virSetDeviceUnprivSGIO with val == 0 if a block device
has an sgio attribute. But for sgio='filtered', we know that a
kernel with no unpriv_sgio support will always behave as the user
wanted. In this case, there is no need to call the function and
report a (bogus) error.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Eric Blake [Fri, 22 Feb 2013 22:42:39 +0000 (15:42 -0700)]
tests: uniformly report test failures
testutils.c likes to print summaries after a test completes,
including if it failed. But if the test outright exit()s,
this summary is skipped. Enforce that we return instead of exit.
Eric Blake [Fri, 22 Feb 2013 21:56:21 +0000 (14:56 -0700)]
tests: avoid segfault if json monitor not present
On a machine without yajl headers, I was seeing random segfaults
from qemumonitorjsontest (about 90% of the runs on my particular
machine). The segfault was inside virClassIsDerivedFrom, which
points to a case of a race leading to unreferencing a stale
pointer to an object that had already been freed. I also noticed
that if I got the segfault, I was seeing messages such as:
which is also evidence of deferencing a stale pointer. I traced it
to a race where qemuMonitorTestIO could execute late, after the
main thread had already called qemuMonitorTestFree and called
virNetSocketClose(test->client) but not clearing it out to NULL.
Sure enough, after test->client has been closed, fd is -1, which
causes an attempt to write to the socket to fail, which in turn
triggers the error code of qemuMonitorTestIO that tries to re-close
test->client.
* tests/qemumonitortestutils.c (qemuMonitorTestIO): Don't attempt
to free client again if test already quit.
Eric Blake [Fri, 22 Feb 2013 20:19:43 +0000 (13:19 -0700)]
qemu: minor monitor lock cleanups
If virCondInit fails (okay, so that's unlikely), then we end up
attempting a virObjectUnlock() on the cleanup path, even though
we don't hold a lock. This is not guaranteed to be safe. While
at it, I noticed a couple places where we were referencing mon->fd
outside locks.
* src/qemu/qemu_monitor.c (qemuMonitorOpenInternal): Minimize lock
duration. mon->watch doesn't need clean up on error.
(qemuMonitorGetBlockExtent, qemuMonitorBlockResize): Don't
dereference fd outside of lock.
Eric Blake [Fri, 22 Feb 2013 16:41:38 +0000 (09:41 -0700)]
qemu: don't override earlier json error
I built without yajl support, and noticed a strange failure message
in qemumonitorjsontest:
2013-02-22 16:12:37.503+0000: 19812: error : virJSONValueToString:1119 : internal error No JSON parser implementation is available
2013-02-22 16:12:37.503+0000: 19812: error : qemuMonitorJSONCommandWithFd:253 : out of memory
While a later patch will fix the test to skip when json is not present,
this patch avoids overriding the more useful error message from
virJSONValueToString returning NULL.
Peter Krempa [Mon, 18 Feb 2013 15:13:04 +0000 (16:13 +0100)]
qemu: Refactor qemuDomainSetMemoryParameters
The new TypedParam helper APIs allow to simplify this function
significantly.
This patch integrates the fix in 75e5bec97b3045e4f926248d5c742f8a50d0f9
by correctly ordering the setting functions instead of reordering the
parameters.
Doug Goldstein [Mon, 25 Feb 2013 02:31:03 +0000 (20:31 -0600)]
interface: Fix udev backend bridge device display
The bridge device was showing the vnet devices created for the domains
as connected to the bridge. libvirt should only show host devices when
trying to get the interface definition rather than the domain devices as
well.
Peter Krempa [Wed, 13 Feb 2013 10:22:23 +0000 (11:22 +0100)]
qemu: Implement support for EGD backend for virtio-rng
This patch adds a new capability bit QEMU_CAPS_OBJECT_RNG_EGD and code
to support the egd backend for the VirtIO RNG device.
The device is added by 3 qemu command line options:
-chardev socket,id=charrng0,host=1.2.3.4,port=1234 (communication
backend)
-object rng-egd,chardev=charrng0,id=rng0 (RNG protocol client)
-device virtio-rng-pci,rng=rng0,bus=pci.0,addr=0x4 (the RNG device)
Peter Krempa [Fri, 11 Jan 2013 16:34:37 +0000 (17:34 +0100)]
conf: Add support for RNG device configuration in XML
This patch adds basic configuration support for the RNG device
supporting the virtio model with the "random" and "egd" backend types as
described in the schema in the previous patch.
Peter Krempa [Thu, 20 Dec 2012 11:06:52 +0000 (12:06 +0100)]
doc: schema: Add basic documentation for the virtual RNG device support
This patch documents XML elements used for (basic) support of virtual
RNG devices.
In the devices section in the domain XML users may specify:
For the default 'random' backend:
<devices>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
</rng>
</devices>
For the slightly more advanced EGD backend:
<devices>
<rng model='virtio'>
<backend model='egd' type='udp'>
<!-- this is a definition of a character device -->
<source mode='bind' service='1234'/>
<source mode='connect' host='1.2.3.4' service='1234'/>
<!-- or other valid character device configuration -->
</backend>
</rng>
</devices>
For the planned random daemon/pool:
<devices>
<rng model='virtio'>
<backend model='pool' pool='poolname'>class</backend>
</rng>
</devices>
Peter Krempa [Thu, 21 Feb 2013 11:37:59 +0000 (12:37 +0100)]
conf: Add fake switch statement to warn for new device types
This patch adds a fake switch statement to force the compiler to warn
after a new device type was added. This should remind the contributor to
add the new device also to this iterator function.
Gene Czarcinski [Fri, 15 Feb 2013 19:02:26 +0000 (14:02 -0500)]
use client id for IPv6 DHCP host definition
Originally, only a host name was used to associate a
DHCPv6 request with a specific IPv6 address. Further testing
demonstrates that this is an unreliable method and, instead,
a client-id or DUID needs to be used. According to DHCPv6
standards, this id can be a duid-LLT, duid-LL, or duid-UUID
even though dnsmasq will accept almost any text string.
Although validity checking of a specified string makes sure it is
hexadecimal notation with bytes separated by colons, there is no
rigorous check to make sure it meets the standard.
Documentation and schemas have been updated.
Signed-off-by: Gene Czarcinski <gene@czarc.net> Signed-off-by: Laine Stump <laine@laine.org>
Ján Tomko [Mon, 18 Feb 2013 13:48:20 +0000 (14:48 +0100)]
storage: qemu-img: change INFO to DEBUG
For really old qemu-img binaries which do not support specifying
the format of the backing file, display a DEBUG message instead of
INFO that this can't be done.
Eric Blake [Sat, 23 Feb 2013 00:10:48 +0000 (17:10 -0700)]
run: license as LGPL
It makes no sense to prohibit reuse of the wrapper in other LGPL
projects, since most of libvirt is designed to be LGPL. Of
course, when using the wrapper to wrap a GPL program, the combined
result is still effectively GPL, but that shouldn't force us to
license the wrapper as GPL in isolation.
This function does the source part of NBD magic. It
invokes drive-mirror on each non shared and RW disk with
a source and wait till the mirroring process completes.
When it does we can proceed with migration.
Currently, an active waiting is done: every 500ms libvirt
asks qemu if block-job is finished or not. However, once
the job finishes, qemu doesn't report its progress so we
can only assume if the job finished successfully or not.
The better solution would be to listen to the event which
is sent as soon as the job finishes. The event does
contain the result of job.
We need to start NBD server and feed it with all non-<shared/>,
RW and source-full disks. Moreover, with new virPortAllocator we
must ensure the borrowed port for NBD server will be returned if
either migration completes or qemu process is torn down.
Michal Privoznik [Thu, 22 Nov 2012 15:17:13 +0000 (16:17 +0100)]
qemu: Introduce nbd-server-add command
This will be used with new migration scheme.
This patch creates basically just monitor stub
functions. Wiring them into something useful
is done in later patches.
Michal Privoznik [Thu, 22 Nov 2012 15:08:52 +0000 (16:08 +0100)]
qemu: Introduce nbd-server-start command
This will be used with new migration scheme.
This patch creates basically just monitor stub
functions. Wiring them into something useful
is done in later patches.
Michal Privoznik [Tue, 29 Jan 2013 12:38:50 +0000 (13:38 +0100)]
Introduce NBD migration cookie
This migration cookie is meant for two purposes. The first is to be sent
in begin phase from source to destination to let it know we support new
implementation of VIR_MIGRATE_NON_SHARED_{DISK,INC} so destination can
start NBD server. Then, the second purpose is, destination can let us
know, on which port the NBD server is running.
Pieter Hollants [Thu, 21 Feb 2013 22:40:17 +0000 (23:40 +0100)]
Add support for <option> tag in network config
This patch adds support for a new <option>-Tag in the <dhcp> block of
network configs, based on a subset of the fifth proposal by Laine
Stump in the mailing list discussion at
https://www.redhat.com/archives/libvir-list/2012-November/msg01054.html.
Any such defined option will result in a dhcp-option=<number>,"<value>"
statement in the generated dnsmasq configuration file.
Currently, DHCP options can be specified by number only and there is
no whitelisting or blacklisting of option numbers, which should
probably be added.
Signed-off-by: Pieter Hollants <pieter@hollants.com> Signed-off-by: Laine Stump <laine@laine.org>
Eric Blake [Sat, 23 Feb 2013 00:10:48 +0000 (17:10 -0700)]
run: use portable shell
Nothing in run required bash, except for the shebang. On systems
where /bin/bash doesn't exist (I hit it on FreeBSD), using /bin/sh
instead fixes a 'make check' failure:
gmake[3]: Entering directory `/usr/home/dummy/libvirt/python'
GEN check-local
/usr/local/bin/bash: ../run: /bin/bash: bad interpreter: No such file or directory
Sage Weil [Fri, 22 Feb 2013 23:43:00 +0000 (15:43 -0800)]
storage: use f_frsize, not f_bsize, for calculating available space
The bfree and blocks fields are supposed to be in units of frsize. We were
calculating capacity correctly using those units, but the available
calculation was using bsize instead. Most file systems report these as the
same value specifically because many programs are buggy, but that is no
reason to rely on that behavior, or to behave inconsistently.
This bug has been present since e266ded (2008) and aa296e6c, when the code
was originally introduced (the latter via cut and paste).
Jiri Denemark [Fri, 8 Feb 2013 08:58:03 +0000 (09:58 +0100)]
qemu: Parse more fields from query-migrate QMP command
As a side effect, this also fixes reporting disk migration process.
It was added to memory migration progress, which was wrong. Disk
progress has dedicated fields in virDomainJobInfo structure.
Jiri Denemark [Wed, 30 Jan 2013 09:28:54 +0000 (10:28 +0100)]
remote: Auto-allocate params in remoteDeserializeTypedParameters
remoteDeserializeTypedParameters can now be called with either
preallocated params array (size of which is announced by nparams) or it
can allocate params array according to the number of parameters received
from the server.
projects / libvirt.git / log