Eric Blake [Tue, 19 Oct 2010 16:27:02 +0000 (10:27 -0600)]
virsh: improve help text where integers are expected
* tools/virsh.c (opts_freecell, opts_memtune, opts_vcpupin)
(opts_setvcpus, opts_setmaxmem, opts_setmem)
(opts_migrate_setmaxdowntime): Use VSH_OT_INT when only an integer
is expected.
(vshCmddefHelp, vshCmddefGetData): Allow mandatory VSH_OT_INT
arguments.
Eric Blake [Fri, 22 Oct 2010 23:26:08 +0000 (17:26 -0600)]
qemu: work around dash 0.5.5 bug in managed save
Older dash mistakenly truncates regular files when using <> redirection;
this kills our use of double dd to reduce storage overhead when
saving qemu images. But qemu insists on running a command through
/bin/sh, so we work around it by having qemu run $sh -c 'real command'
when we have a replacement $sh in mind.
* configure.ac (VIR_WRAPPER_SHELL): Define to a replacement shell,
if /bin/sh is broken on <> redirection.
* src/qemu/qemu_monitor.h (VIR_WRAPPER_SHELL_PREFIX)
(VIR_WRAPPER_SHELL_SUFFIX): New macros.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextMigrateToFile): Use
them.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMigrateToFile):
Likewise.
Avoid squashing errors during network startup cleanup path
When failing to start a virtual network, we have to cleanup,
tearing down any iptables rules. If the iptables rules were
not present yet though, this raises an error, which squashes
the original error we were handling.
* src/network/bridge_driver.c: When failing to start a virtual
network, don't squash the original error in cleanup
Justin Clift [Tue, 26 Oct 2010 14:34:33 +0000 (01:34 +1100)]
docs: install the generated html files when make install is run
Previously, only the API docs were installed, rather than the
complete documentation set. This commit ensures the complete
documentation set is installed.
Fix formatting of network address in iptables helpers
The network address was being set to 192.168.122.0 instead
of 192.168.122.0/24. Fix this by removing the unneccessary
'network' field from virNetworkDef and just pass the
network address and netmask into the iptables APIs directly.
* src/conf/network_conf.h, src/conf/network_conf.c: Remove
the 'network' field from virNEtworkDef.
* src/network/bridge_driver.c: Update for iptables API changes
* src/util/iptables.c, src/util/iptables.h: Require the
network address + netmask pair to be passed in
Osier Yang [Tue, 26 Oct 2010 08:34:31 +0000 (10:34 +0200)]
virsh: Add option 'model' for attach-interface
* tools/virsh.c: add missing option from the CLI to allows setting
up the NIC model type when attaching an interface
* tools/virsh.pod: extend documentation
* AUTHORS: add Osier Yang to the list
Jiri Denemark [Fri, 22 Oct 2010 16:02:31 +0000 (18:02 +0200)]
qemu: Fix detection of drive readonly option
So far, readonly=on option is used when qemu supports -device. However,
there are qemu versions which support readonly option with -drive
although they don't have support for -device.
Justin Clift [Fri, 22 Oct 2010 20:52:18 +0000 (07:52 +1100)]
daemon: exclude requirement for probes.h on systems without systemtap
This 1-liner was actually written by Eric Blake, over IRC. It
addresses a compilation failure in make dist and make rpm for
systems without the dtrace/systemtap development libraries
installed.
Convert virNetwork to use virSocketAddr everywhere
Instead of storing the IP address string in virNetwork related
structs, store the parsed virSocketAddr. This will make it
easier to add IPv6 support in the future, by letting driver
code directly check what address family is present
* src/conf/network_conf.c, src/conf/network_conf.h,
src/network/bridge_driver.c: Convert to use virSocketAddr
in virNetwork, instead of char *.
* src/util/bridge.c, src/util/bridge.h,
src/util/dnsmasq.c, src/util/dnsmasq.h,
src/util/iptables.c, src/util/iptables.h: Convert to
take a virSocketAddr instead of char * for any IP
address parameters
* src/util/network.h: Add macros to determine if an address
is set, and what address family is set.
It is useful to know where the client is connecting from,
so include the socket address in probe data.
* daemon/libvirtd.h: Use virSocketAddr for storing client
address and keep printable address handy for logging
* daemon/libvirtd.c: Include socket address in client
connect/disconnect probes
* daemon/probes.d: Add socket address to probes
* examples/systemtap/client.stp: Print socket address
* src/util/network.h: Add sockaddr_un to virSocketAddr union
Adds initial support for dtrace static probes in libvirtd
daemon, assuming use of systemtap dtrace compat shim on
Linux. The probes are inserted for network client connect,
disconnect, TLS handshake states and authentication protocol
states.
This can be tested by running the xample program and then
attempting to connect with any libvirt client (virsh,
virt-manager, etc).
The libvirtd.stp file should also really not be required,
since it is duplicated info that is already available in
the main probes.d definition file. A script to autogenerate
the .stp file is needed, either in libvirtd tree, or better
as part of systemtap itself.
* Makefile.am: Add examples/systemtap subdir
* autobuild.sh: Disable dtrace for mingw32
* configure.ac: Add check for dtrace
* daemon/.gitignore: Ignore generated dtrace probe file
* daemon/Makefile.am: Build dtrace probe header & object
files
* daemon/libvirtd.stp: SystemTAP convenience probeset
* daemon/libvirtd.c: Add connect/disconnect & TLS probes
* daemon/remote.c: Add SASL and PolicyKit auth probes
* daemon/probes.d: Master probe definition
* daemon/libvirtd.h: Add convenience macro for probes
so that compilation is a no-op when dtrace is not available
* examples/systemtap/Makefile.am, examples/systemtap/client.stp
Example systemtap script using dtrace probe markers
* libvirt.spec.in: Enable dtrace on F13/RHEL6
* mingw32-libvirt.spec.in: Force disable dtrace
All the inet_* functions can be replaced with calls to the
virSocket APIs. Since many of the inet_* funtions are unsafe,
and the remainder are obsolete, forbid all future use of them
in libvirt.
The inet_pton and inet_ntop functions are obsolete, replaced
by getaddrinfo+getnameinfo with the AI_NUMERICHOST flag set.
These can be accessed via the virSocket APIs.
The bridge.c code had methods for fetching the IP address of
a bridge which used inet_ntop. Aside from the use of inet_ntop
these methods are broken, because a NIC can have multiple
addresses and this only returns one address. Since the methods
are never used, just remove them.
* src/conf/network_conf.c, src/nwfilter/nwfilter_learnipaddr.c:
Replace inet_pton and inet_ntop with virSocket APIs
* src/util/bridge.c, src/util/bridge.h: Remove unused methods
which called inet_ntop.
The virSocketParse method was not doing any error reporting
which meant the true cause of the problem was lost. Remove
all error reporting from callers, and push it into virSocketParse
* src/util/network.c: Add error reporting to virSocketParse
* src/conf/domain_conf.c, src/conf/network_conf.c,
src/network/bridge_driver.c: Remove error reporting in
callers of virSocketParse
The getnameinfo() function is more flexible than inet_ntop()
avoiding the need to if/else the code based on socket family.
Also make it support UNIX socket addrs and allow inclusion
of a port (service) address. Finally do proper error reporting
via normal APIs.
* src/conf/domain_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c,
src/qemu/qemu_conf.c: Fix error handling with virSocketFormat
* src/util/network.c: Rewrite virSocketFormat to use getnameinfo
and cope with UNIX socket addrs.
The nwIPAddress was simply a wrapper about virSocketAddr.
Just use the latter directly, removing all the extra field
de-references from code & helper APIs for parsing/formatting.
Also remove all the redundant casts from strong types to
void * and then immediately back to strong types.
* src/conf/nwfilter_conf.h: Remove nwIPAddress
* src/conf/nwfilter_conf.c, src/nwfilter/nwfilter_ebiptables_driver.c:
Update to use virSocketAddr and remove void * casts.
Fix passing of address family to virSocketParseAddr
The virSocketParseAddr function was accepting any AF_* constant
and using that to set the ai_flags field in struct addrinfo.
This is invalid, since address families must go in the ai_family
field of the struct.
* src/util/network.c: Fix handling of address family
* src/conf/network_conf.c, src/network/bridge_driver.c: Pass
AF_UNSPEC instead of relying on it being 0.
Some operations on socket addresses need to know the length of
the sockaddr struct for the particular address family. This
info was being discarded when passing around virSocketAddr
instances. Turn it from a union into a struct containing
union+socklen_t fields, so length is always kept around.
* src/util/network.h: Add socklen_t field to virSocketAddr
* src/util/network.c, src/network/bridge_driver.c,
src/conf/domain_conf.c: Update to take account of new
struct definition.
Remove useless code in error path of getnameinfo()
If getnameinfo() with NI_NUMERICHOST set fails, there are no
grounds to expect inet_ntop to succeed, since these calls
are functionally equivalent. Remove useless inet_ntop code
in the getnameinfo() error path.
* daemon/remote.c, src/remote/remote_driver.c: Remove
calls to inet_ntop
Eric Blake [Wed, 20 Oct 2010 17:10:45 +0000 (11:10 -0600)]
maint: sort private sym lists
* src/libvirt_private.syms: Sort by header name, then within
header, and drop duplicate virNetworkDefParseNode,
virFileLinkPointsTo and virXPathBoolean.
The QEMU 0.13 release is finally out and from testing in RHEL-6
we know that its JSON and netdev features are now good enough
for us to use by default.
* src/qemu/qemu_conf.c: Enable JSON + netdev for QEMU >= 0.13
Matthias Bolte [Wed, 20 Oct 2010 12:28:45 +0000 (14:28 +0200)]
qemu: Exit on first error in qemuDomainGetMemoryParameters
There is no point in trying to fill params beyond the first error,
because when qemuDomainGetMemoryParameters returns -1 then the caller
cannot detect which values in params are valid.
John Morrissey [Wed, 20 Oct 2010 08:25:05 +0000 (10:25 +0200)]
Add process= support for 'qemu-kvm -name'
This sets the process name to the same value as the Windows title,
but since the name is limited to 16 chars only this is kept as a
configuration option and turned off by default
* src/qemu/qemu.conf src/qemu/qemu_conf.[ch]: hceck for support in the
QEmu help output, add the option in qemu conf file and augment
qemudBuildCommandLine to add it if switched on
* src/qemu/libvirtd_qemu.aug src/qemu/test_libvirtd_qemu.aug: augment
the augeas lenses accordingly
* tests/qemuhelptest.c: cope with the extra flag being detected now
Guido Günther [Fri, 15 Oct 2010 08:01:38 +0000 (10:01 +0200)]
Don't fail lxc domain start when memory controller support is missing
Debian stock kernel has CONFIG_CGROUP_MEM_RES_CTLR disabled due to the
overhead [1]. Allow to start containers if the corresponding files in
the cgroup filesystem are missing. This fixes Debian bug #566180 [2].
Fix symbol exports & remove duplicated libvirt_util.la linkage
The libvirt_util.la library was mistakenly linked into libvirtd
directly. Since libvirt_util.la is already linked to libvirt.so,
this resulted in libvirtd getting two copies of the code and
more critically 2 copies of static global variables.
Testing in turn exposed a issue with loadable modules. The
gnulib replacement functions are not exported to loadable
modules. Rather than trying to figure out the name sof all
gnulib functions & export them, just linkage all loadable
modules against libgnu.la statically.
* daemon/Makefile.am: Remove linkage of libvirt_util.la
and libvirt_driver.la
* src/Makefile.am: Link driver modules against libgnu.la
* src/libvirt.c: Don't try to load modules which were
compiled out
* src/libvirt_private.syms: Export all other internal
symbols that are required by drivers
Miloslav Trmač [Tue, 12 Oct 2010 11:23:55 +0000 (12:23 +0100)]
Audit SELinux label assignment.
A more natural auditing point would perhaps be
SELinuxSetSecurityProcessLabel, but this happens in the child after root
permissions are dropped, so the kernel would refuse the audit record.
Miloslav Trmač [Tue, 12 Oct 2010 11:22:03 +0000 (12:22 +0100)]
Audit VM start/stop/suspend/resume
Most operations are audited at the libvirtd level; auditing in
src/libvirt.c would result in two audit entries per operation (one in
the client, one in libvirtd).
The only exception is a domain stopping of its own will (e.g. because
the user clicks on "shutdown" inside the interface). There can often be
no client connected at the time the domain stops, so libvirtd does not
have any virConnectPtr object on which to attach an event watch. This
patch therefore adds auditing directly inside the qemu driver (other
drivers are not supported).
Integrate with libaudit.so for auditing of important operations.
libvirtd gains a couple of config entries for auditing. By
default it will enable auditing, if its enabled on the host.
It can be configured to force exit if auditing is disabled
on the host. It will can also send audit messages via libvirt
internal logging API
Places requiring audit reporting can use the VIR_AUDIT
macro to report data. This is a no-op unless auditing is
enabled
* autobuild.sh, mingw32-libvirt.spec.in: Disable audit
on mingw
* configure.ac: Add check for libaudit
* daemon/libvirtd.aug, daemon/libvirtd.conf,
daemon/test_libvirtd.aug, daemon/libvirtd.c: Add config
options to enable auditing
* include/libvirt/virterror.h, src/util/virterror.c: Add
VIR_FROM_AUDIT source
* libvirt.spec.in: Enable audit
* src/util/virtaudit.h, src/util/virtaudit.c: Simple internal
API for auditing messages
The statstest is xen specific. Instead of filling the code with
a huge number of #ifdef WITH_XEN, just make its entire compilation
conditional in the Makefile.am. Also ensure it links to the Xen
driver so that it builds when driver modules are enabled
* tests/Makefile.am: Make statstest xen conditional. Link to
xen driver
* tests/Makefile.am: Remove all conditionals
Eric Blake [Thu, 14 Oct 2010 22:17:18 +0000 (16:17 -0600)]
vcpu: improve support for setting xen vcpu counts
Tested with RHEL 5.6 (xendConfigVersion 2, where xend_internal
controls live domains and xm_internal controls inactive domains).
Hopefully this works with xendConfigVersion 3 (where xend_internal
controls everything).
* src/xen/xen_driver.c (xenUnifiedDomainSetVcpusFlags): Support
more flags.
(xenUnifiedGetMaxVcpus): Export.
* src/xen/xm_internal.h (xenXMDomainSetVcpusFlags): New prototype.
* src/xen/xend_internal.h (xenDaemonDomainSetVcpusFlags): Likewise.
* src/xen/xen_driver.h (xenUnifiedGetMaxVcpus): Likewise.
* src/xen/xm_internal.c (xenXMDomainSetVcpusFlags): New function.
* src/xen/xend_internal.c (xenDaemonDomainSetVcpusFlags): Likewise.
Eric Blake [Wed, 29 Sep 2010 21:58:47 +0000 (15:58 -0600)]
vcpu: improve vcpu support in qemu command line
* src/qemu/qemu_conf.c (qemuParseCommandLineSmp): Distinguish
between vcpus and maxvcpus, for new enough qemu.
* tests/qemuargv2xmltest.c (mymain): Add new test.
* tests/qemuxml2argvtest.c (mymain): Likewise.
* tests/qemuxml2xmltest.c (mymain): Likewise.
* tests/qemuxml2argvdata/qemuxml2argv-smp.args: New file.
Eric Blake [Wed, 29 Sep 2010 21:20:23 +0000 (15:20 -0600)]
vcpu: add virsh support
* tools/virsh.c (cmdSetvcpus): Add new flags. Let invalid
commands through to driver, to ease testing of hypervisor argument
validation.
(cmdMaxvcpus, cmdVcpucount): New commands.
(commands): Add new commands.
* tools/virsh.pod (setvcpus, vcpucount, maxvcpus): Document new
behavior.
Eric Blake [Wed, 29 Sep 2010 16:20:07 +0000 (10:20 -0600)]
vcpu: support maxvcpu in domain_conf
Although this patch adds a distinction between maximum vcpus and
current vcpus in the XML, the values should be identical for all
drivers at this point. Only in subsequent per-driver patches will
a distinction be made.
In general, virDomainGetInfo should prefer the current vcpus.
* src/conf/domain_conf.h (_virDomainDef): Adjust vcpus to unsigned
short, to match virDomainGetInfo limit. Add maxvcpus member.
* src/conf/domain_conf.c (virDomainDefParseXML)
(virDomainDefFormat): parse and print out vcpu details.
* src/xen/xend_internal.c (xenDaemonParseSxpr)
(xenDaemonFormatSxpr): Manage both vcpu numbers, and require them
to be equal for now.
* src/xen/xm_internal.c (xenXMDomainConfigParse)
(xenXMDomainConfigFormat): Likewise.
* src/phyp/phyp_driver.c (phypDomainDumpXML): Likewise.
* src/openvz/openvz_conf.c (openvzLoadDomains): Likewise.
* src/openvz/openvz_driver.c (openvzDomainDefineXML)
(openvzDomainCreateXML, openvzDomainSetVcpusInternal): Likewise.
* src/vbox/vbox_tmpl.c (vboxDomainDumpXML, vboxDomainDefineXML):
Likewise.
* src/xenapi/xenapi_driver.c (xenapiDomainDumpXML): Likewise.
* src/xenapi/xenapi_utils.c (createVMRecordFromXml): Likewise.
* src/esx/esx_vmx.c (esxVMX_ParseConfig, esxVMX_FormatConfig):
Likewise.
* src/qemu/qemu_conf.c (qemuBuildSmpArgStr)
(qemuParseCommandLineSmp, qemuParseCommandLine): Likewise.
* src/qemu/qemu_driver.c (qemudDomainHotplugVcpus): Likewise.
* src/opennebula/one_conf.c (xmlOneTemplate): Likewise.
Eric Blake [Mon, 27 Sep 2010 22:37:53 +0000 (16:37 -0600)]
vcpu: make old API trivially wrap to new API
Note - this wrapping is completely mechanical; the old API will
function identically, since the new API validates that the exact
same flags are provided by the old API. On a per-driver basis,
it may make sense to have the old API pass a different set of flags,
but that should be done in the per-driver patch that implements
the full range of flag support in the new API.
Eric Blake [Fri, 24 Sep 2010 22:48:45 +0000 (16:48 -0600)]
vcpu: add new public API
API agreed on in
https://www.redhat.com/archives/libvir-list/2010-September/msg00456.html,
but modified for enum names to be consistent with virDomainDeviceModifyFlags.
* include/libvirt/libvirt.h.in (virDomainVcpuFlags)
(virDomainSetVcpusFlags, virDomainGetVcpusFlags): New
declarations.
* src/libvirt_public.syms: Export new symbols.
Eric Blake [Mon, 27 Sep 2010 23:36:06 +0000 (17:36 -0600)]
vcpu: add current attribute to <vcpu> element
Syntax agreed on in
https://www.redhat.com/archives/libvir-list/2010-September/msg00476.html
<domain ...>
<vcpu current='x'>y</vcpu>
...
can now be used to specify 1 <= x <= y current vcpus, in relation
to the boot-time max of y vcpus. If current is omitted, then
current and max are assumed to be the same value.
* docs/schemas/domain.rng: Add new attribute.
* docs/formatdomain.html.in: Document it.
* tests/qemuxml2argvdata/qemuxml2argv-smp.xml: Add to
domainschematest.
* tests/xml2sexprdata/xml2sexpr-pv-vcpus.xml: Likewise.
Stefan Berger [Tue, 19 Oct 2010 15:35:58 +0000 (11:35 -0400)]
nwfilter: changes to rules in VM->host table
In the table built for traffic coming from the VM going to the host make the following changes:
- don't ACCEPT the packets but do a 'RETURN' and let the host-specific firewall rules in subsequent rules evaluate whether the traffic is allowed to enter
- use the '-m state' in the rules as everywhere else
Stefan Berger [Tue, 19 Oct 2010 14:23:51 +0000 (10:23 -0400)]
Introduce VIR_CLOSE to be used rather than close()
Since bugs due to double-closed file descriptors are difficult to track down in a multi-threaded system, I am introducing the VIR_CLOSE(fd) macro to help avoid mistakes here.
There are lots of places where close() is being used. In this patch I am only cleaning up usage of close() in src/conf where the problems were.
I also dare to declare close() as being deprecated in libvirt code base (HACKING).
Dan Kenigsberg [Tue, 19 Oct 2010 13:26:32 +0000 (15:26 +0200)]
root_squash: virFileOperation may fail with EPERM too
Over root-squashing nfs, when virFileOperation() is called as uid==0,
it may fail with EACCES, but also with EPERM, due to
virFileOperationNoFork()'s failed attemp to chown a writable file.
qemudDomainSaveFlag() should expect this case, too.
Dan Kenigsberg [Tue, 19 Oct 2010 13:22:57 +0000 (15:22 +0200)]
Run initgroups() in qemudOpenAsUID()
qemudOpenAsUID is intended to open a file with the credentials of a
specified uid. Current implementation fails if the file is accessible to
one of uid's groups but not owned by uid.
This patch replaces the supplementary group list that the child process
inherited from libvirtd with the default group list of uid.
Update docs for memory parameters and memtune command
* docs/formatdomain.html.in: Add memtune element details, added min_guarantee
* src/libvirt.c: Update virDomainGetMemoryParameters api description, make
it more clear that the user first needs to call the api to get the number
of parameters supported and then call again to get the values.
* tools/virsh.pod: Add usage of new command memtune in virsh manpage
The location of the socket below /var/lib/libvirt/qemu/channels makes
sense, to humans and selinux policy alike. However, that socket should
be accessible to vdsm, too.
Due to other (storage) reasons, vdsm is to join the "qemu" group. With
this patch, vdsm can look below /var/lib/libvirt/qemu and connect to the
socket.
The socket itself should be chmod'ed to allow qemu group read/write, but
that's for another project.
Eric Blake [Fri, 15 Oct 2010 13:38:49 +0000 (07:38 -0600)]
virsh: add support for accepting arbitrary argv
* tools/virsh.c (vshCmdOptType): Add VSH_OT_ARGV. Delete
unused VSH_OT_NONE.
(vshCmddefGetData): Special case new opt flag.
(vshCmddefHelp): Display help for argv.
(vshCommandOptArgv): New function.
Eric Blake [Fri, 15 Oct 2010 19:34:24 +0000 (13:34 -0600)]
docs: document how to disable memballoon
https://bugzilla.redhat.com/show_bug.cgi?id=623903 documents a qemu
bug that causes libvirt to hang if virt-manager happens to be
querying balloon info when a guest is paused. Until the qemu bug
is fixed, people need to know how to avoid the issue.
This introduces new attribute to filesystem element
to support customizable access mode for mount type.
Valid accessmode are: passthrough, mapped and squash.
did previously not cut off existing (ssh) connections but only prevented newly initiated ones. The attached patch allows to cut off existing connections as well, thus enforcing what the filter is showing.
I had only tested with a configuration where the physical interface is connected to the bridge where the filters are applied. This patch now also solves a filtering problem where the physical interface is not connected to the bridge, but the bridge is given an IP address and the host routes between bridge and physical interface. Here the filters drop non-allowed traffic on the outgoing side on the host.
Eric Blake [Wed, 13 Oct 2010 22:14:58 +0000 (16:14 -0600)]
build: fix mingw build
* .gnulib: Update to latest, for termios fix.
* configure.ac (AC_CHECK_HEADERS): Drop redundent check.
* bootstrap: Synchronize from upstream.
Reported by Daniel P. Berrange.
Jiri Denemark [Wed, 13 Oct 2010 13:51:50 +0000 (15:51 +0200)]
qemu: Prohibit migration of guests with host devices
Explicitly raising a nice error in the case user tries to migrate a
guest with assigned host devices is much better than waiting for a
mysterious error with no clue for the reason.
projects / libvirt.git / log