Peter Krempa [Sun, 20 May 2012 14:20:11 +0000 (16:20 +0200)]
python: add API exports for virConnectListAllDomains()
This patch adds export of the new API function
virConnectListAllDomains() to the libvirt-python bindings. The
virConnect object now has method "listAllDomains" that takes only the
flags parameter and returns a python list of virDomain object
corresponding to virDomainPtrs returned by the underlying api.
The implementation is done manually as the generator does not support
wrapping list of virDomainPtrs into virDomain objects.
Peter Krempa [Fri, 18 May 2012 15:22:02 +0000 (17:22 +0200)]
lib: Add public api to enable atomic listing of guest
This patch adds a new public api that lists domains. The new approach is
different from those used before. There are key points to this:
1) The list is acquired atomically and contains both active and inactive
domains (guests). This eliminates the need to call two different list
APIs, where the state might change in between the calls.
2) The returned list consists of virDomainPtrs instead of names or ID's
that have to be converted to virDomainPtrs anyways using separate calls
for each one of them. This is more convenient and saves hypervisor calls.
3) The returned list is auto-allocated. This saves a lot of hassle for
the users.
4) Built in support for filtering. The API call supports various
filtering flags that modify the output list according to user needs.
Available filter groups:
Domain status:
VIR_CONNECT_LIST_DOMAINS_ACTIVE, VIR_CONNECT_LIST_DOMAINS_INACTIVE
Existence of snapshot:
VIR_CONNECT_LIST_DOMAINS_HAS_SNAPSHOT,
VIR_CONNECT_LIST_DOMAINS_NO_SNAPSHOT
5) The python binding returns a list of domain objects that is very neat
to work with.
The only problem with this approach is no support from code generators
so both RPC code and python bindings had to be written manually.
*include/libvirt/libvirt.h.in: - add API prototype
- clean up whitespace mistakes nearby
*python/generator.py: - inhibit generation of the bindings for the new
api
*src/driver.h: - add driver prototype
- clean up some whitespace mistakes nearby
*src/libvirt.c: - add public implementation
*src/libvirt_public.syms: - export the new symbol
Michal Privoznik [Mon, 18 Jun 2012 11:14:49 +0000 (13:14 +0200)]
virsh: Tweak attach-* documentation
as we are missing:
attach-disk: --type can accept 'lun' too, not just cdrom or floppy.
attach-disk: --target specify logical device name, not path
attach-interface: --target silently drops strings with vnet* prefix
Michal Privoznik [Fri, 15 Jun 2012 16:00:13 +0000 (18:00 +0200)]
qemu_agent: Wait for events instead of agent response
With latest changes to qemu-ga success on some commands is not reported
anymore, e.g. guest-shutdown or guest-suspend-*. However, errors are
still being reported. Therefore, we need to find different source of
indication if operation was successful. Events.
Eric Blake [Sat, 9 Jun 2012 04:25:39 +0000 (22:25 -0600)]
snapshot: use new virsh function for snapshot-list
Operating on a list of snapshot objects looks so much simpler.
In particular, since the helper function already trimmed out
irrelevant entries, we no longer have quite so many special cases
on finding the first snapshot to operate on. Also, vshTreePrint
no longer has a generic callback struct; both clients now pass
something different according to their own needs.
* tools/virsh.c (cmdSnapshotList): Use previous patches.
(vshTreeArrayLookup): Rename...
(vshNodeListLookup): ...now that it only has one client.
(cmdNodeListDevices): Adjust caller.
Eric Blake [Fri, 15 Jun 2012 00:50:03 +0000 (18:50 -0600)]
snapshot: new virsh function factored from snapshot-list
This patch is based on the fallback code out of cmdSnapshotList,
with tweaks to keep the snapshot objects around rather than just
their name, and to remove unwanted elements before returning.
It looks forward to a future patch when we add a way to list all
snapshot objects at once, and the next patch will simplify
cmdSnapshotList to take advantage of this factorization.
* tools/virsh.c (vshSnapshotList, vshSnapshotListFree): New functions.
Eric Blake [Wed, 13 Jun 2012 16:09:39 +0000 (10:09 -0600)]
build: hoist qemu dependence on yajl to configure
Commit 6e769eba made it a runtime error if libvirt was compiled
without yajl support but targets a new enough qemu. But enough
users are hitting this on self-compiled libvirt that it is worth
erroring out at compilation time, rather than an obscure failure
when trying to use the built executable.
* configure.ac: If qemu is requested and -version works, require
yajl when qemu version is new enough.
* src/qemu/qemu_capabilities.c (qemuCapsComputeCmdFlags): Add
comment.
Cole Robinson [Fri, 15 Jun 2012 17:46:51 +0000 (13:46 -0400)]
autogen: Always abide --system
If we do ./autogen.sh && ./configure, then later try ./autogen.sh --system,
configure isn't invoked with the requested params. Instead
config.status --recheck is run.
Fix launch of libvirtd when DHCP snooping support is not available.
When libpcap is not available, the NWFilter driver provides a
no-op stub for the DHCP snooping initialization. This was
mistakenly returning '-1' instead of '0', so the entire driver
initialization failed
Osier Yang [Fri, 15 Jun 2012 02:34:04 +0000 (10:34 +0800)]
schema: Update domain XML schema
'boot' tag shouldn't be exclusive with 'kernel', 'initrd', and 'cmdline',
though the boot sequence doesn't make sense when the guest boots from
kernel directly. But it's useful if booting from kernel is to install
a newguest, even if it's not to install a guest, there is no hurt. And
on the other hand, we allow 'boot' and the kernel tags when parsing.
Wen Congyang [Tue, 12 Jun 2012 03:04:51 +0000 (11:04 +0800)]
qemu: implement qemu's dump-guest-memory
dump-guest-memory is a new dump mechanism, and it can work when the
guest uses host devices. This patch adds a API to use this new
monitor command.
We will always use json mode if qemu's version is >= 0.15, so I
don't implement the API for text mode.
Osier Yang [Thu, 14 Jun 2012 11:09:53 +0000 (19:09 +0800)]
virsh: Null terminated the string memcpy from buffer explicitly
Detected by valgrind:
==16217== 1 errors in context 1 of 12:
==16217== Invalid read of size 1
==16217== at 0x4A07804: __GI_strlen (mc_replace_strmem.c:284)
==16217== by 0x3019F167F6: xdr_string (in /lib64/libc-2.12.so)
==16217== by 0x3033709E8D: xdr_remote_nonnull_string (remote_protocol.c:31)
==16217== by 0x303370E5CB: xdr_remote_domain_update_device_flags_args (remote_protocol.c:2028)
==16217== by 0x30337197D1: virNetMessageEncodePayload (virnetmessage.c:341)
==16217== by 0x30337135E1: virNetClientProgramCall (virnetclientprogram.c:327)
==16217== by 0x30336F1EFD: callWithFD (remote_driver.c:4586)
==16217== by 0x30336F1F7B: call (remote_driver.c:4607)
==16217== by 0x30336F42F2: remoteDomainUpdateDeviceFlags (remote_client_bodies.h:2865)
==16217== by 0x30336D46E5: virDomainUpdateDeviceFlags (libvirt.c:9457)
==16217== by 0x41AEE8: cmdChangeMedia (virsh.c:15249)
==16217== by 0x413CB4: vshCommandRun (virsh.c:18669)
==16217== Address 0x4ec5e25 is 0 bytes after a block of size 293 alloc'd
==16217== at 0x4A04A28: calloc (vg_replace_malloc.c:467)
==16217== by 0x303364F1DB: virAllocN (memory.c:129)
==16217== by 0x41A844: vshPrepareDiskXML (virsh.c:15043)
==16217== by 0x41AECC: cmdChangeMedia (virsh.c:15246)
==16217== by 0x413CB4: vshCommandRun (virsh.c:18669)
==16217== by 0x423973: main (virsh.c:20261)
Avoid LXC pivot root in the root source is still /
This commit broke setup of /dev, because the code which
deals with setting up a private /dev and /dev/pts only
works if you do a pivotroot.
The original intent of avoiding the pivot root was to
try and ensure the new root has a minimumal mount
tree. The better way todo this is to just unmount the
bits we don't want (ie old /proc & /sys subtrees.
So apply the logic from
Peter Krempa [Thu, 14 Jun 2012 12:48:42 +0000 (14:48 +0200)]
qemu: Enable disconnecting SPICE clients without changing password
Libvirt updates the configuration of SPICE server only when something
changes. This is unfortunate when the user wants to disconnect a
existing spice session when the connected attribute is already
"disconnect".
This patch modifies the conditions for calling the password updater to
be called when nothing changes, but the connected attribute is already
"disconnect".
Michal Privoznik [Thu, 14 Jun 2012 12:18:31 +0000 (14:18 +0200)]
virsh: Report name from edited object
There is a little easter egg in virsh: one can easily clone
an object (domain, network, ...). Just 'virsh edit' change the name
and remove <uuid>. And then, in the end when reporting success
the new name was printed out.
However, with recent edit rewrite we lost the final part and are
still printing the original name out.
Michal Privoznik [Wed, 13 Jun 2012 09:11:27 +0000 (11:11 +0200)]
virsh: Honor reedit opts printing to a function
When printing reedit options we make stdin raw. However,
this results in stdout being raw as well. Therefore we need
to return carriage when doing new line. Unfortunately,
'\r' cannot be part of internationalized messages hence
we must move them to formatting string which then in turn
become huge and disarranged. To solve this, a new function
is introduced which takes variable string arguments and
prepend each with "\r\n" just before printing.
Peter Krempa [Thu, 14 Jun 2012 08:29:36 +0000 (10:29 +0200)]
qemu: Fix off-by-one error while unescaping monitor strings
While unescaping the commands the commands passed through to the monitor
function qemuMonitorUnescapeArg() initialized lenght of the input string
to strlen()+1 which is fine for alloc but not for iteration of the
string.
This patch fixes the off-by-one error and drops the pointless check for
a single trailing slash that is automaticaly handled by the default
branch of switch.
Peter Krempa [Wed, 13 Jun 2012 14:55:51 +0000 (16:55 +0200)]
virsh: Don't generate invalid XML in attach-disk command
The attach-disk command used with parameter --cache created an invalid
XML snippet as the beginning of the <driver> element was not printed
when used solely with --cache and no other attribute to driver.
Laine Stump [Mon, 4 Jun 2012 18:45:16 +0000 (14:45 -0400)]
network: fully support/use VIR_NETWORK_XML_INACTIVE flag
commit 52d064f42dbc857f4096dc60c0335395ffac73aa added
VIR_NETWORK_XML_INACTIVE in order to allow suppressing the
auto-generated list of VFs in network definitions, and a --inactive
flag to virsh net-dumpxml to take advantage of the flag. However, it
missed out on two opportunities:
1) Use INACTIVE to get the current config of the network as it
exists on disk, rather than the currently active config.
2) Add INACTIVE to the flags used for the virsh net-edit command, so
that it won't include the forward-pool interfaces that were
autogenerated, and so that a re-edit of the network prior to
restarting it will show any other edits made since the last restart
of the network. (prior to this patch, if you edited a network a 2nd
time without restarting, all of the previous edits would magically
disappear).
In order to fit with the new #define-based generic edit function in
virsh.c, a new function vshNetworkGetXMLDesc() was added. This
function first tries to call virNetworkGetXMLDesc with the INACTIVE
flag added, then retries without if the first attempt fails (in the
manner expected when the server doesn't support it).
A core use case of the hook scripts is to be able to do things
to a guest's network configuration. It is possible to hook into
the 'start' operation for a QEMU guest which runs just before
the guest is started. The TAP devices will exist at this point,
but the QEMU process will not. It can be desirable to have a
'started' hook too, which runs once QEMU has started.
If libvirtd is restarted it will re-populate firewall rules,
but there is no QEMU hook to trigger for existing domains.
This is solved with a 'reconnect' hook.
Finally, if attaching to an external QEMU process there needs
to be an 'attach' hook script.
This all also applies to the LXC driver
* docs/hooks.html.in: Document new operations
* src/util/hooks.c, src/util/hooks.c: Add 'started', 'reconnect'
and 'attach' operations for QEMU. Add 'prepare', 'started',
'release' and 'reconnect' operations for LXC
* src/lxc/lxc_driver.c: Add hooks for 'prepare', 'started',
'release' and 'reconnect' operations
* src/qemu/qemu_process.c: Add hooks for 'started', 'reconnect'
and 'reconnect' operations
First 'poll' can't return EWOULDBLOCK, and second, we're checking errno
so far away from the poll() call that we've probably already trashed the
original errno value.
Jiri Denemark [Tue, 12 Jun 2012 12:32:27 +0000 (14:32 +0200)]
client rpc: Send keepalive requests from IO event loop
In addition to keepalive responses, we also need to send keepalive
requests from client IO loop to properly detect dead connection in case
a libvirt API is called from the main loop, which prevents any timers to
be called.
Jiri Denemark [Tue, 12 Jun 2012 06:58:04 +0000 (08:58 +0200)]
rpc: Remove unused parameter in virKeepAliveStopInternal
The previous commit removed the only usage of ``all'' parameter in
virKeepAliveStopInternal, which was actually the only reason for having
virKeepAliveStopInternal. This effectively reverts most of commit 6446a9e20cc65561ce6061742baf35a3a63d5ba1.
Jiri Denemark [Tue, 12 Jun 2012 07:01:49 +0000 (09:01 +0200)]
rpc: Do not use timer for sending keepalive responses
When a libvirt API is called from the main event loop (which seems to be
common in event-based glib apps), the client IO loop would properly
handle keepalive requests sent by a server but will not actually send
them because the main event loop is blocked with the API. This patch
gets rid of response timer and the thread which is processing keepalive
requests is also responsible for queueing responses for delivery.
Jiri Denemark [Tue, 12 Jun 2012 21:42:32 +0000 (23:42 +0200)]
rpc: Add APIs for direct triggering of keepalive timer
Add virKeepAliveTimeout and virKeepAliveTrigger APIs that can be used to
set poll timeouts and trigger keepalive timer. virKeepAliveTrigger
checks if it is called to early and does nothing in that case.
Jiri Denemark [Tue, 12 Jun 2012 21:41:25 +0000 (23:41 +0200)]
rpc: Refactor keepalive timer code
The code that needs to be run every keepalive interval of inactivity was
only called from a timer and thus from the main event loop. We will need
to call the code directly from another place.
Jiri Denemark [Mon, 11 Jun 2012 12:24:06 +0000 (14:24 +0200)]
client rpc: Just queue non-blocking call if another thread has the buck
As non-blocking calls are no longer dropped, we don't really need to
care that much about their fate and wait for the thread with the buck
to process them. If another thread has the buck, we can just push a
non-blocking call to the queue and be done with it.
Jiri Denemark [Fri, 8 Jun 2012 12:21:00 +0000 (14:21 +0200)]
client rpc: Don't drop non-blocking calls
So far, we were dropping non-blocking calls whenever sending them would
block. In case a client is sending lots of stream calls (which are not
supposed to generate any reply), the assumption that having other calls
in a queue is sufficient to get a reply from the server doesn't work. I
tried to fix this in b1e374a7ac56927cfe62435179bf0bba1e08b372 but
failed and reverted that commit.
With this patch, non-blocking calls are never dropped (unless the
connection is being closed) and will always be sent.
Jiri Denemark [Tue, 12 Jun 2012 06:41:59 +0000 (08:41 +0200)]
client rpc: Use event loop for writing
Normally, when every call has a thread associated with it, the thread
may get the buck and be in charge of sending all calls until its own
call is done. When we introduced non-blocking calls, we had to add
special handling of new non-blocking calls. This patch uses event loop
to send data if there is no thread to get the buck so that any
non-blocking calls left in the queue are properly sent without having to
handle them specially. It also avoids adding even more cruft to client
IO loop in the following patches.
With this change in, non-blocking calls may see unpredictable delays in
delivery when the client has no event loop registered. However, the only
non-blocking calls we have are keepalives and we already require event
loop for them, which makes this a non-issue until someone introduces new
non-blocking calls.
Eric Blake [Wed, 13 Jun 2012 03:49:22 +0000 (21:49 -0600)]
build: fix 'make dist' on virgin checkout
'make dist' was depending on *protocol-structs files, which are
stored in git but in turn depended on generated files. We still
want to ship the protocol-structs files, but by renaming the
tests to something not matching a file name, we separate 'make
check' (which depends on the generated file) from 'make dist'
(which only depends on the git files). After all, the tarball
should never depend on a generated file not stored in git.
I found one more case of a git file depending on a generated
file, in a bogus virkeycode.c listing; but at least this one
had no associated rules so it never broke 'make dist'.
Reported by Wen Congyang. Latent bug has been present since
commit 62dee6f, but only recently exposed by commit 7bff56a.
* src/Makefile.am ($(srcdir)/util/virkeycode.c): Drop useless
dependency.
(BUILT_SOURCES): ...and build virkeymaps.h sooner.
(PROTOCOL_STRUCTS): Rather than depend on the struct file...
(check-local): ...convert things into a phony target of...
(check-protocol): ...a new check.
($(srcdir)/remote_protocol-struct): Rename to isolate the distributed
file from the conditional test.
(PDWTAGS): Deal with rename. Swap to compare 'expected actual'.
Eric Blake [Mon, 11 Jun 2012 20:49:03 +0000 (14:49 -0600)]
python: fix snapshot listing bugs
Python exceptions are different than libvirt errors, and we had
some corner case bugs on OOM situations.
* python/libvirt-override.c (libvirt_virDomainSnapshotListNames)
(libvirt_virDomainSnapshotListChildrenNames): Use correct error
returns, avoid segv on OOM, and avoid memory leaks on error.
Michal Privoznik [Mon, 11 Jun 2012 13:57:19 +0000 (15:57 +0200)]
qemu: Don't overwrite security labels
Currently, if qemuProcessStart fail at some point, e.g. because
domain being started wants a PCI/USB device already assigned to
a different domain, we jump to cleanup label where qemuProcessStop
is performed. This unconditionally calls virSecurityManagerRestoreAllLabel
which is wrong because the other domain is still using those devices.
However, once we successfully label all devices/paths in
qemuProcessStart() from that point on, we have to perform a rollback
on failure - that is - we have to virSecurityManagerRestoreAllLabel.
Eric Blake [Fri, 25 May 2012 02:28:54 +0000 (20:28 -0600)]
snapshot: implement new APIs for qemu
The two APIs are rather trivial; based on bits and pieces of other
existing APIs. It leaves the door open for future extension to
qemu to report snapshots without metadata based on reading qcow2
internal snapshot names.
* src/qemu/qemu_driver.c (qemuDomainSnapshotIsCurrent)
(qemuDomainSnapshotHasMetadata): New functions.
Laine Stump [Mon, 11 Jun 2012 21:16:17 +0000 (17:16 -0400)]
docs: minor fixes to domain interface documentation
A few examples for <interface> had a type='direct' interface with no
sub-elements. This is not allowed - a type='direct' interface must
have at least a source element. (Most likely the example was copied
from the type='user' or type='ethernet' examples - they *do* allow an
instance with no sub-elements).
There was also one place that mistakenly used %lt; ... %gt; instead of
< ... > (for some reason, I make that typo all the time).
Eric Blake [Thu, 7 Jun 2012 19:23:49 +0000 (13:23 -0600)]
docs: link to FLOSS Weekly podcast, virt blogs
Eric Blake and Guido Günther were guests during this week's
FLOSS Weekly podcast, giving insights into libvirt as a Free
Software project. Also, there are several useful blogs on
virt-related topics.
* docs/relatedlinks.html.in (Blogs and Podcasts): New section.
Eric Blake [Wed, 23 May 2012 23:10:39 +0000 (17:10 -0600)]
snapshot: new query APIs
Right now, starting from just a virDomainSnapshotPtr, and wanting to
know if it is the current snapshot for its respective domain, you have
to use virDomainSnapshotGetDomain(), then virDomainSnapshotCurrent(),
then compare the two names returned by virDomainSnapshotGetName().
It is a bit easier if we can directly query this information from the
snapshot itself.
Right now, it is possible to filter a snapshot listing based on
whether snapshots have metadata that would prevent domain deletion,
but the only way to learn if an individual snapshot has metadata is
to see if that snapshot appears in the list returned by a listing.
Additionally, I hope to expand the qemu driver in a future patch to
use qemu-img to reconstruct snapshot XML corresponding to internal
qcow2 snapshot names not otherwise tracked by libvirt (in part, so
that libvirt can guarantee that new snapshots are not created with
a name that would silently corrupt the existing portion of the qcow2
file); if I ever get that in, then it would no longer be an all-or-none
decision on whether snapshots have metadata, and becomes all the more
important to be able to directly determine that information from a
particular snapshot.
Other query functions (such as virDomainIsActive) do not have a flags
argument, but since virDomainHasCurrentSnapshot takes a flags argument,
I figured it was safer to provide a flags argument here as well.
* include/libvirt/libvirt.h.in (virDomainSnapshotIsCurrent)
(virDomainSnapshotHasMetadata): New declarations.
* src/libvirt.c (virDomainSnapshotIsCurrent)
(virDomainSnapshotHasMetadata): New functions.
* src/libvirt_public.syms (LIBVIRT_0.9.13): Export them.
* src/driver.h (virDrvDomainSnapshotIsCurrent)
(virDrvDomainSnapshotHasMetadata): New driver callbacks.
Eric Blake [Fri, 8 Jun 2012 21:01:08 +0000 (15:01 -0600)]
virsh: make tree listing more flexible
Requiring the user to pass in parallel arrays of names and parents
is annoying; it means that you can't qsort one of the arrays without
invalidating the ordering of the other. By refactoring this function
to use callbacks, we isolate the layout to be independent of the
printing, and a future patch can exploit that to improve layout.
* tools/virsh.c (vshTreePrintInternal): Use callbacks rather than
requiring a char** array.
(vshTreeArrayLookup): New helper function.
(vshTreePrint, cmdNodeListDevices, cmdSnapshotList): Update callers.
Eric Blake [Fri, 8 Jun 2012 20:26:06 +0000 (14:26 -0600)]
virsh: remove limits on tree listing
I am not a fan of fixed-width buffers. All it takes is a
linear chain of more than 100 snapshots to mess up 'virsh
snapshot-list --tree'. Now that virBuffer is more powerful,
we might as well exploit its power.
* tools/virsh.c (cmdNodeListDevicesPrint): Simplify to use a
virBuffer instead of fixed-width prefix, factor guts, and rename...
(vshTreePrint, vshTreePrintInternal): ...along with new helper.
(cmdNodeListDevices, cmdSnapshotList): Update callers.
Eric Blake [Fri, 8 Jun 2012 19:50:23 +0000 (13:50 -0600)]
buf: support peeking at string contents
Right now, the only way to get at the contents of a virBuffer is
to destroy it. But there are cases in my upcoming patches where
peeking at the contents makes life easier. I suppose this does
open up the potential for bad code to dereference a stale pointer,
by disregarding the docs that the return value is invalid on the
next virBuf operation, but such is life.
* src/util/buf.h (virBufferCurrentContent): New declaration.
* src/util/buf.c (virBufferCurrentContent): Implement it.
* src/libvirt_private.syms (buf.h): Export it.
* tests/virbuftest.c (testBufAutoIndent): Test it.
Michal Privoznik [Mon, 11 Jun 2012 12:21:00 +0000 (14:21 +0200)]
rpc: Fix memleak in virNetMessageEncodeHeader
My latest patch for RPC rework (a2c304f6872) introduced a memory leak.
virNetMessageEncodeHeader() is calling VIR_ALLOC_N(msg->buffer, ...)
despite fact, that msg->buffer isn't VIR_FREE()'d on all paths calling
the function. Therefore, rather than injecting free statement switch to
VIR_REALLOC_N().
Use XDG Base Directories instead of storing in home directory
Accidentally changed the umask when creating /var/run/libvirt
to 077. This prevents /var/run/libvirt being readable by non-root,
which is required for non-root to connect to libvirtd. Fix the
code so that umask 077 is only used for the non-privileged libvirtd
instance.
Only migrate profile in non-privileged libvirtd instance
Only the non-privileged libvirtd instance uses $HOME. So avoid
running the code for migrating to XDG directories unless using
a non-privileged libvirtd
Eric Blake [Fri, 8 Jun 2012 03:46:47 +0000 (21:46 -0600)]
snapshot: avoid virsh crash with older servers
Commits 51082301, 16d7b39, and 521cc447 introduced support for
'virsh snapshot-list --from' when talking to a server older than
0.9.5, but broke support for plain 'virsh snapshot-list' for the
same old server in the process. Because the code is not properly
gated, we end up with a SIGSEGV during a strcmp with a NULL argument.
* tools/virsh.c (cmdSnapshotList): Don't waste time on fallbacks
when --from is not present.
Guido Günther [Fri, 8 Jun 2012 19:24:13 +0000 (21:24 +0200)]
msg_buf_size is unsigned long not size_t
This fixes the build on 32bit systems which otherwise fails with:
virnetmessagetest.c: In function 'testMessageHeaderEncode':
virnetmessagetest.c:75:9: error: format '%zu' expects argument of type 'size_t', but argument 7 has type 'long unsigned int' [-Werror=format]
Eric Blake [Fri, 8 Jun 2012 16:28:55 +0000 (10:28 -0600)]
snapshot: add virDomainSnapshotRef API
virDomainSnapshotPtr has a refcount member, but no one was able
to use it. Furthermore, all of our other vir*Ptr objects have
a *Ref method to match their *Free method. Thankfully, this is
client-side only, so we can use this new function regardless of
how old the server side is! (I have future patches to virsh
that want to use it.)
* include/libvirt/libvirt.h.in (virDomainSnapshotRef): Declare.
* src/libvirt.c (virDomainSnapshotRef): Implement it.
* src/libvirt_public.syms (LIBVIRT_0.9.13): Export it.
Jiri Denemark [Thu, 7 Jun 2012 13:16:50 +0000 (15:16 +0200)]
util: Fix deadlock in virLogReset
When libvirtd forks off a new child, the child then calls virLogReset(),
which ends up closing file descriptors used as log outputs. However, we
recently started logging closed file descriptors, which means we need to
lock logging mutex which was already locked by virLogReset(). We don't
really want to log anything when we are in the process of closing log
outputs.
Li Zhang [Tue, 29 May 2012 08:35:17 +0000 (16:35 +0800)]
Assign correct address type to spapr-vlan and spapr-vty.
For pseries guest, spapr-vlan and spapr-vty is based
on spapr-vio address. According to model of network
device, the address type should be assigned automatically.
For serial device, serial pty device is recognized as
spapr-vty device, which is also on spapr-vio.
So this patch is to correct the address type of
spapr-vlan and spapr-vty, and build correct
command line of spapr-vty.
Signed-off-by: Li Zhang <zhlcindy@linux.vnet.ibm.com> Reviewed-by: Michael Ellerman<michaele@au1.ibm.com>
Eric Blake [Thu, 7 Jun 2012 16:48:05 +0000 (10:48 -0600)]
maint: make it easier to copy FORTIFY_SOURCE snippet
While libvirt intentionally avoids -Wundef (after all, C99
guarantees sane semantics of treating undefined macros as 0),
the glibc insanity of #warning on _FORTIFY_SOURCE coupled with
what some people feel is the black magic of autoconf means
that other projects are likely to copy our snippet verbatim.
We can be nicer to other projects by making it easier to
integrate into projects that use -Wundef.
Suggested by Christophe Fergeau.
* m4/virt-compile-warnings.m4 (LIBVIRT_COMPILE_WARNINGS): Be nice
to other projects using -Wundef.
Eric Blake [Sat, 26 May 2012 02:17:01 +0000 (20:17 -0600)]
command: avoid potential deadlock on handshake
There is a theoretical problem of an extreme bug where we can get
into deadlock due to command handshaking. Thanks to a pair of pipes,
we have a situation where the parent thinks the child reported an
error and is waiting for a message from the child to explain the
error; but at the same time the child thinks it reported success
and is waiting for the parent to acknowledge the success; so both
processes are now blocked.
Thankfully, I don't think this deadlock is possible without at
least one other bug in the code, but I did see exactly that sort
of situation prior to commit da831af - I saw a backtrace where a
double close bug in the parent caused the parent to read from the
wrong fd and assume the child failed, even though the child really
sent success.
This potential deadlock is not quite like commit 858c247 (a deadlock
due to multiple readers on one pipe preventing a write from completing),
although the solution is similar - always close unused pipe fds before
blocking, rather than after.
* src/util/command.c (virCommandHandshakeWait): Close unused fds
sooner.
When libvirtd is started and there is an unusable/not-connectable
leftover from earlier started machine, it's more reasonable to say
that the machine "crashed" if we know it was started with
"-no-shutdown".
This patch fixes that and also changes the other result (when machine
was started without "-no-shutdown") to "unknown", because the previous
"failed" reason means (according to include/libvirt/libvirt.h.in:174),
that the machine failed to start.
Eric Blake [Thu, 7 Jun 2012 03:13:57 +0000 (21:13 -0600)]
build: fix build without i18n
If you compile without NLS support, where _() is a no-op macro,
then we end up passing a string literal to a char*, provoking:
In file included from virsh.c:3639:0:
virsh-edit.c: In function ‘cmdSaveImageEdit’:
virsh-edit.c:97:13: error: assignment discards ‘const’ qualifier from pointer target type [-Werror]
virsh-edit.c:106:13: error: assignment discards ‘const’ qualifier from pointer target type [-Werror]
Eric Blake [Wed, 6 Jun 2012 15:45:04 +0000 (09:45 -0600)]
build: fix build of fresh checkout
Commit 7bff56a worked in an incremental build, but fails for a
fresh clone; apparently, if make sees both an actual file
spelling and an inference rule, only the exact spelling is used.
CCLD libvirt_driver_test.la
CC libvirt_driver_remote_la-remote_driver.lo
remote/remote_driver.c:4707:34: fatal error: remote_client_bodies.h: No such file or directory
compilation terminated.
BUILT_SOURCES to the rescue, instead of trying to mess with .lo
dependencies directly.
* src/Makefile.am (REMOTE_DRIVER_PREREQS, %remote_driver.lo): Drop...
(BUILT_SOURCES): ...and add here instead.
Eric Blake [Tue, 5 Jun 2012 16:28:52 +0000 (10:28 -0600)]
build: ensure storage driver is used
Commit 1c275e9a accidentally dropped the storage driver from
libvirtd, because it depended on a C preprocessor macro that
was not defined. Furthermore, if you do './configure
--without-storage-dir --with-storage-disk' or any other combination
where you explicitly build a subset of storage backends excluding
the dir backend, then the build is broken.
Based on analysis by Osier Yang.
* configure.ac (WITH_STORAGE): Define top-level conditional.
* src/Makefile.am (mod_LTLIBRARIES): Build driver even when
storage_dir is disabled.
* daemon/libvirtd.c: Pick up storage driver for any backend, not
just dir.
* daemon/Makefile.am (libvirtd_LDADD): Likewise.
Michal Privoznik [Fri, 27 Apr 2012 12:49:48 +0000 (14:49 +0200)]
rpc: Size up RPC limits
Since we are allocating RPC buffer dynamically, we can increase limits
for max. size of RPC message and RPC string. This is needed to cover
some corner cases where libvirt is run on such huge machines that their
capabilities XML is 4 times bigger than our current limit. This leaves
users with inability to even connect.
Michal Privoznik [Thu, 26 Apr 2012 15:21:24 +0000 (17:21 +0200)]
rpc: Switch to dynamically allocated message buffer
Currently, we are allocating buffer for RPC messages statically.
This is not such pain when RPC limits are small. However, if we want
ever to increase those limits, we need to allocate buffer dynamically,
based on RPC message len (= the first 4 bytes). Therefore we will
decrease our mem usage in most cases and still be flexible enough in
corner cases.
Eric Blake [Wed, 30 May 2012 17:30:18 +0000 (11:30 -0600)]
build: fix 'make distcheck' issues
We had a distributed file (remote_protocol.h, which in turn was
a prereq to remote_driver.c) depending on a generated file
(libvirt_probes.h), which is a no-no for a VPATH build from a
read-only source tree (no wonder 'make distcheck' tests precisely
that situation):
File `libvirt_driver_remote.la' does not exist.
File `libvirt_driver_remote_la-remote_driver.lo' does not exist.
Prerequisite `libvirt_probes.h' is newer than target `../../src/remote/remote_protocol.h'.
Must remake target `../../src/remote/remote_protocol.h'.
Invoking recipe from Makefile:7464 to update target `../../src/remote/remote_protocol.h'.
make[3]: Entering directory `/home/remote/eblake/libvirt-tmp2/build/libvirt-0.9.12/_build/src'
GEN ../../src/remote/remote_protocol.h
cannot create ../../src/remote/remote_protocol.h: Permission denied at ../../src/rpc/genprotocol.pl line 31.
make[3]: *** [../../src/remote/remote_protocol.h] Error 13
Rather than making distributed .c files depend on generated files, we
really want to ensure that compilation into .lo files is not attempted
until the generated files are present, done by this patch. Since there
were two different sets of conditionally generated files that both
feed the .lo file, I had to introduce a new variable REMOTE_DRIVER_PREREQS
to keep automake happy.
After that fix, the next issue was that make treats './foo' and 'foo'
differently in determining whether an implicit %foo rule is applicable,
with the result that locking/qemu-sanlock.conf wasn't properly being
built at the right times. Also, the output for using the .aug test
files was a bit verbose.
After fixing the src directory, the next error is related to the docs
directory, where the tarball is missing a stamp file and thus tries to
regenerate files that are already present:
GEN ../../docs/apibuild.py.stamp
Traceback (most recent call last):
File "../../docs/apibuild.py", line 2511, in <module>
rebuild("libvirt")
File "../../docs/apibuild.py", line 2495, in rebuild
builder.serialize()
File "../../docs/apibuild.py", line 2424, in serialize
output = open(filename, "w")
IOError: [Errno 13] Permission denied: '../../docs/libvirt-api.xml'
make[5]: *** [../../docs/apibuild.py.stamp] Error 1
and fixing that exposed another case of a distributed file (generated
html) depending on a built file (libvirt.h), but only when doing an
in-tree build, because of a file glob.
* src/Makefile.am ($(srcdir)/remote/remote_driver.c): Change...
(libvirt_driver_remote_la-remote_driver.lo): ...to the real
dependency.
($(builddir)/locking/%-sanlock.conf): Drop $(builddir), so that
rule gets run in time for test_libvirt_sanlock.aug.
(test_libvir*.aug): Cater to silent build.
(conf_DATA): Don't ship qemu-sanlock.conf in the tarball, since it
is trivial to regenerate.
* docs/Makefile.am (EXTRA_DIST): Ship our stamp file.
($(APIBUILD_STAMP)): Don't depend on generated file.
Jiri Denemark [Tue, 5 Jun 2012 13:34:09 +0000 (15:34 +0200)]
tests: Refresh qemu-1.1.0 data
QEMU 1.1.0 has been officially released. With 1.1.0 QEMU went back to
three-digits version even for the initial release and I renamed the data
files to match this fact. They were generated with
Eric Blake [Thu, 31 May 2012 21:50:07 +0000 (15:50 -0600)]
command: avoid deadlock on EPIPE situation
It is possible to deadlock libvirt by having a domain with XML
longer than PIPE_BUF, and by writing a hook script that closes
stdin early. This is because libvirt was keeping a copy of the
child's stdin read fd open, which means the write fd in the
parent will never see EPIPE (remember, libvirt should always be
run with SIGPIPE ignored, so we should never get a SIGPIPE signal).
Since there is no error, libvirt blocks waiting for a write to
complete, even though the only reader is also libvirt. The
solution is to ensure that only the child can act as a reader
before the parent does any writes; and then dealing with the
fallout of dealing with EPIPE.
Thankfully, this is not a security hole - since the only way to
trigger the deadlock is to install a custom hook script, anyone
that already has privileges to install a hook script already has
privileges to do any number of other equally disruptive things
to libvirt; it would only be a security hole if an unprivileged
user could install a hook script to DoS a privileged user.
* src/util/command.c (virCommandRun): Close parent's copy of child
read fd earlier.
(virCommandProcessIO): Don't let EPIPE be fatal; the child may
be done parsing input.
* tests/commandhelper.c (main): Set up a SIGPIPE situation.
* tests/commandtest.c (test20): Trigger it.
* tests/commanddata/test20.log: New file.
projects / libvirt.git / log