Andrea Bolognani [Tue, 20 Feb 2018 13:26:01 +0000 (14:26 +0100)]
qemu: Create new qemuDomainDeviceDefValidateControllerPCI()
The existing function is renamed and called from the new one, so
that even while we're in the process of implementing new checks
all the existing ones will be performed.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Laine Stump <laine@laine.org>
apparmor: add ro rule for sasl GSSAPI plugin on /etc/gss/mech.d/
If a system has sasl GSSAPI plugin available qemu with sasl support will
try to read /etc/gss/mech.d/.
It is required to allow that to let the modules fully work and it should
be safe to do so as it only registers/configures plugins but has no secrets.
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Jamie Strandboge <jamie@canonical.com> Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
rpc: switch virtlockd and virtlogd to use single-threaded dispatch
Currently both virtlogd and virtlockd use a single worker thread for
dispatching RPC messages. Even this is overkill and their RPC message
handling callbacks all run in short, finite time and so blocking the
main loop is not an issue like you'd see in libvirtd with long running
QEMU commands.
By setting max_workers==0, we can turn off the worker thread and run
these daemons single threaded. This in turn fixes a serious problem in
the virtlockd daemon whereby it loses all fcntl() locks at re-exec due
to multiple threads existing. fcntl() locks only get preserved if the
process is single threaded at time of exec().
Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
rpc: avoid crashing in pre-exec if no workers are present
If max_workers is set to zero, then the worker thread pool won't be
created, so when serializing state for pre-exec we must set various
parameters to zero.
Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
rpc: invoke the message dispatch callback with client unlocked
Currently if the virNetServer instance is created with max_workers==0 to
request a non-threaded dispatch process, we deadlock during dispatch
#0 0x00007fb845f6f42d in __lll_lock_wait () from /lib64/libpthread.so.0
#1 0x00007fb845f681d3 in pthread_mutex_lock () from /lib64/libpthread.so.0
#2 0x000055a6628bb305 in virMutexLock (m=<optimized out>) at util/virthread.c:89
#3 0x000055a6628a984b in virObjectLock (anyobj=<optimized out>) at util/virobject.c:435
#4 0x000055a66286fcde in virNetServerClientIsAuthenticated (client=client@entry=0x55a663a7b960)
at rpc/virnetserverclient.c:1565
#5 0x000055a66286cc17 in virNetServerProgramDispatchCall (msg=0x55a663a7bc50, client=0x55a663a7b960,
server=0x55a663a77550, prog=0x55a663a78020) at rpc/virnetserverprogram.c:407
#6 virNetServerProgramDispatch (prog=prog@entry=0x55a663a78020, server=server@entry=0x55a663a77550,
client=client@entry=0x55a663a7b960, msg=msg@entry=0x55a663a7bc50) at rpc/virnetserverprogram.c:307
#7 0x000055a662871d56 in virNetServerProcessMsg (msg=0x55a663a7bc50, prog=0x55a663a78020, client=0x55a663a7b960,
srv=0x55a663a77550) at rpc/virnetserver.c:148
#8 virNetServerDispatchNewMessage (client=0x55a663a7b960, msg=0x55a663a7bc50, opaque=0x55a663a77550)
at rpc/virnetserver.c:227
#9 0x000055a66286e4c0 in virNetServerClientDispatchRead (client=client@entry=0x55a663a7b960)
at rpc/virnetserverclient.c:1322
#10 0x000055a66286e813 in virNetServerClientDispatchEvent (sock=<optimized out>, events=1, opaque=0x55a663a7b960)
at rpc/virnetserverclient.c:1507
#11 0x000055a662899be0 in virEventPollDispatchHandles (fds=0x55a663a7bdc0, nfds=<optimized out>)
at util/vireventpoll.c:508
#12 virEventPollRunOnce () at util/vireventpoll.c:657
#13 0x000055a6628982f1 in virEventRunDefaultImpl () at util/virevent.c:327
#14 0x000055a6628716d5 in virNetDaemonRun (dmn=0x55a663a771b0) at rpc/virnetdaemon.c:858
#15 0x000055a662864c1d in main (argc=<optimized out>,
#argv=0x7ffd105b4838) at logging/log_daemon.c:1235
Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
rpc: simplify calling convention of virNetServerClientDispatchFunc
Currently virNetServerClientDispatchFunc implementations are only
responsible for free'ing the "msg" parameter upon success. Simplify the
calling convention by making it their unconditional responsibility to
free the "msg", and close the client if desired.
Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
rpc: push ref acquisition into RPC dispatch function
There's no reason why the virNetServerClientDispatchRead method needs to
acquire an extra reference on the "client" object. An extra reference is
only needed if the registered dispatch callback is going to keep hold of
the "client" for work in the background. Thus we can push reference
acquisition into virNetServerDispatchNewMessage.
Reviewed-by: John Ferlan <jferlan@redhat.com> Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Andrea Bolognani [Wed, 28 Feb 2018 13:40:45 +0000 (14:40 +0100)]
travis: Sync packages with libvirt-jenkins-ci
Make sure we install the same packages lcitool would install on
the CentOS CI so that we have consistent results. The package
list is current as of libvirt-jenkins-ci commit ad84090b6f96.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This function was introduced in commit 41f5c2ca2776 as a way
to probe the same property for multiple devices at once.
Although the resulting representation is very compact, it
doesn't provide any extra features compared to the existing
virQEMUCapsProcessStringFlags() mechanism, which is already
used for pretty much all device properties.
Drop the custom function and datatypes and start using the
standard ones instead.
Note that, in theory, the end result is not identical
because we're no longer probing properties for
qemu: Ignore subsequent attempts to probe device properties
In some cases, we are probing multiple devices for the same
property and setting the corresponding capability if it's
found on any of the devices: when that happens, we can quit
early after finding the first property and avoiding a bunch
of string comparisons.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
qemu: Take full advantage of conditional device property probing
Commit 4ae59411fa3f introduced the ability to make probing for
device properties conditional on a capability being set, but
didn't extend the use of this feature to existing devices.
This commit does the last bit of work, which results in a lot
of pointless QMP chatter no longer happening and our test suite
shrinking a fair bit.
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
Peter Krempa [Tue, 6 Mar 2018 13:57:17 +0000 (14:57 +0100)]
util: storageencryption: Refactor cleanup section in virStorageEncryptionParseXML
The function used the 'cleanup' label only in error cases. This patch
makes the code pass the cleanup label in every case and removes few
unnecessary VIR_FREEs.
In certain cases a xml contains paths that do not yet exist, but
are valid as qemu will create them later on - for example
vhostuser mode=server sockets.
In any such cases so far the check to virFileExists failed and due to
that the paths stayed non-resolved in regard to symlinks.
But for apparmor those non-resolved rules are non functional as they
are evaluated after resolving any symlinks.
Therefore for non-existent files and partially non-existent paths
resolve as much as possible to get valid rules.
Erik Skultety [Mon, 5 Mar 2018 14:43:45 +0000 (15:43 +0100)]
util: mdev: Treat the 'name' sysfs attribute as optional
When commit 3545cbef moved the sysfs attribute reading logic from
_udev.c module to virmdev.c, it had to replace our udev read wrappers
with the ones available from virfile.c. The problem is that the original
logic worked correctly with udev read wrappers which don't return an
error code for a missing attribute, virfile.c readers however - not so
much. Therefore add another parameter to the macro, so we can again
accept the fact that optional attributes may be missing.
Signed-off-by: Erik Skultety <eskultet@redhat.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
qemuDomainObjBeginJob: Don't account DESTROY job to maxQueuedJobs
When trying to destroy a domain (e.g. because we've seen EOF on
the monitor) we try to acquire QEMU_JOB_DESTROY. However, if
max_queued is set in qemu.conf this may fail and since our code
doesn't count on that we will still report domain as active even
though the qemu process is long gone. More specifically, if we've
seen EOF on the monitor, qemuProcessHandleMonitorEOF() is called
which sends MONITOR_EOF job to the event worker pool and
unregisters monitor from the event loop. The worker pool calls
processMonitorEOFEvent() which tries to set job which may fail
due to the limit as described above.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Boris Fiuczynski <fiuczy@linux.vnet.ibm.com> Signed-off-by: Bjoern Walk <bwalk@linux.vnet.ibm.com> Reviewed-by: John Ferlan <jferlan@redhat.com>
tests: force use of "NORMAL" TLS priority in test suite
When generating certificates we rely on GNUTLS' built-in default setup
for the ciphers used in the certs. We then currently run with the distro
specific TLS priority setup which can be much stronger, to the extent
that the certificates we generate are considered untrustworthy. We don't
care about the quality of the ciphers we use in the test suite, so just
force the priority to "NORMAL" which should ensure our certs are
accepted by GNUTLS.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
cfg.mak: ignore trailing whitespace in gnulib local patches
The diff files in gnulib/local may well contain trailing whitespace.
They are simply diff's of gnulib code which should not be modified to
follow libvirt style rules.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
gnulib: temporary hacks to deal with glibc libio.h removal
GLibc deprecated libio.h in 2.27 and has removed it in current
code that will become 2.28. The latter is now in Fedora rawhide
and this change breaks gnulib which mistakenly still relies on
these ancient symbols. Add a local hack for gnulib until a
proper fix is available upstream.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Jan Palus [Mon, 5 Mar 2018 15:39:48 +0000 (16:39 +0100)]
make sure libvirt is linked first
so it's not affected by flags that might be passed in $(*_LIBS) like
-L/usr/lib which might result in linking against system library and
requiring incorrect version of private symbols
travis: force install of python2 into $PATH on macOS
The homebrew formula's ignored Python PEP-0394 recommendations and
changed the plain python binary in /usr/local/bin to point to Python 3
instead of Python 2. Python 2 is not even installed into a location that
is in $PATH by default anymore. The homebrew packages print a message
to stderr claiming to provide a way to fix this
[quote]
This formula installs a python2 executable to /usr/local/opt/python@2/bin
If you wish to have this formula's python executable in your PATH then add
When trying to update $PATH are suggested we find out this message is a
lie and /usr/local/opt/python@2 does not even exist, instead Python
seems to end up in /usr/local/Cellar/python@2/2.7.14_1
Rather than hardcoding this version specific directory in our travis
config, we change to run "brew link --force python@2", to make it create
symlinks in /usr/local/bin for the python2 binary.
There are countless bug reports against homebrew-core that are closed
without fixes, so it seems they are determined to ignore the Python
PEP 0394 recommendations on this.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Ján Tomko [Fri, 2 Mar 2018 14:12:49 +0000 (15:12 +0100)]
conf: set postParseFailed even without ALLOW_POST_PARSE_FAIL
We allow the postParse callbacks to fail for some reasons (missing
emulator binary) when parsing the configs from /etc/libvirt.
In that case, def->postParseFailed is set to true and the post
parse callbacks are re-executed on domain startup.
However this bool was only set when virDomainDefPostParse was called
with the ALLOW_POST_PARSE_FAIL flag set. If the callback failed
again on domain startup, the bool would be reset and subsequent
startups would not attempt to reexecute the callback.
Pavel Hrdina [Thu, 1 Mar 2018 14:25:05 +0000 (15:25 +0100)]
tests: introduce qemucapsfixreplies helper
Sometimes we don't regenerate QEMU capabilities replies using QEMU
binary but we simply add a new entry manually. In that case you need
to manually fix all the replies ids. This helper will do that for you.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
The check was trying to use the shell variable $CC instead of
the make variable $(CC); it also interpreted grep's return code
wrong: 1 means the provided pattern was *not* matched. As a
result, pdwtags was never run, not even when building with gcc.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
John Ferlan [Thu, 1 Mar 2018 12:08:32 +0000 (07:08 -0500)]
conf: Fix crash in virDomainDefCompatibleDevice
Commit id 'edae027c' blindly assumed that the passed @oldDev
parameter would not be NULL when calling virDomainDeviceGetInfo;
however, commit id 'b6a264e8' passed NULL for AttachDevice
callers under the premise that there wouldn't be a device
to check/update against.
Enable testing of both the upstart and systemd init script handling.
We test a different one in each scenario. Even though trusty only
cares about upstart, it is fine for us to test rules that install
systemd, since we're not actually running these scripts for real.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
travis: test "make install" and "make dist" on macOS
We can't use "make distcheck" on macOS because many unit tests fail. We
can still get coverage of some of the things "distcheck" validates, by
running the "install" and "dist" targets. This is particularly useful
because many conditional features are disabled on macOS, and this helps
make sure we can still successfully install & dist when these bits are
disabled.
The default script is getting unreadable since it is all on one long
line. Rather than adding further conditional clauses to it, we make
use of the travis matrix config override for the script.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
travis: run "make distcheck" instead of just "make check"
Running "make distcheck" includes the "make check", and "make dist"
targets. It ensures that we have CLEANFILES and uninstall rules setup
correctly, as well as validating VPATH builds succeed.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
When building with CLang the structs that are emitted by pdwtags appear
in a completely different order than with GCC, which causes the
comparison against expected data to fail.
Ideally the test would not be sensitive to the ordering, because even
future GCC could cause changes, but that's not easy to fix. So for now
just skip the test when using clang.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Michal Privoznik [Wed, 28 Feb 2018 09:09:56 +0000 (10:09 +0100)]
vshCommandOpt: Do more checking if skipChecks is set
Currently if cmd->skipChecks is set (done only from completers)
some basic checks are skipped because we're working over
partially parsed command. See a26ff63ae4 for more detailed
explanation. Anyway, the referenced commit was too aggressive in
disabling checks and effectively returned success even in clear
case of failure. For instance:
# domif-getlink --interface <TAB><TAB>
causes virshDomainInterfaceCompleter() to be called, which calls
virshDomainGetXML() which eventually calls
vshCommandOptStringReq(.., name = "domain"); The --domain
argument is required for the command and if not present -1 should
be returned to tell the caller the argument was not found. Well,
zero is returned meaning the argument was not found but it's not
required either.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Julio Faracco [Wed, 28 Feb 2018 01:17:54 +0000 (22:17 -0300)]
virsh: fixing segfault by pool autocompleter function.
The commands which requires a pool to perform any action for a volume is
throwing a segfault when you pass the volume name before a pool name or
without the argument '--pool'.
An example that works:
virsh # vol-list loops-pool
Name Path
-------------------------------------------------------------------
loop0 /mnt/loop0
virsh # vol-info --pool loops-pool lo<TAB>
An example that does not work:
virsh # vol-list loops-pool
Name Path
-------------------------------------------------------------------
loop0 /mnt/loop0
virsh # vol-info lo<TAB>
Segmentation Fault
The example 'vol-info' can be executed as 'vol-info loop0 --pool
loops-pool'. So, this commit fixes this problem when the arguments are
inverted and avoids the segfault.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
projects / libvirt.git / log