Osier Yang [Mon, 20 Jun 2011 07:16:16 +0000 (15:16 +0800)]
numatune: Support NUMA memory tuning in qemu driver
Implemented as setting NUMA policy between fork and exec as a hook,
using libnuma. Only support memory tuning on domain process currently.
For the nodemask out of range, will report soft warning instead of
hard error in libvirt layer. (Kernel will be silent as long as one
of set bit in the nodemask is valid on the host. E.g. For a host
has two NUMA nodes, kernel will be silent for nodemask "01010101").
So, soft warning is the only thing libvirt can do, as one might want
to specify the numa policy prior to a node that doesn't exist yet,
however, it may come as hotplug soon.
Wen Congyang [Mon, 20 Jun 2011 02:48:07 +0000 (10:48 +0800)]
build: fix building error when building without libvirtd
When building libvirt without libvirtd, we will receive the following error
message:
make[3]: Entering directory `/home/wency/rpmbuild/BUILD/libvirt-0.9.2/tools'
CC virsh-virsh.o
CC virsh-console.o
GEN virt-xml-validate
GEN virt-pki-validate
CCLD virsh
./src/.libs/libvirt.so: undefined reference to `numa_available'
./src/.libs/libvirt.so: undefined reference to `numa_max_node'
collect2: ld returned 1 exit status
The reason is that: we check numactl only when building qemu driver, and qemu
driver will not be built when bulding without libvirtd. So with_numactl's
value is check and we will not link libnuma.so.
In the other function, we call numa_available() and numa_max_node() only
when HAVE_NUMACTL is 1. We should do the same check in the function nodeGetMemoryStats().
Jamie Strandboge [Mon, 20 Jun 2011 03:53:24 +0000 (11:53 +0800)]
apparmor: implement AppArmorSetFDLabel()
During a savevm operation, libvirt will now use fd migration if qemu
supports it. When the AppArmor driver is enabled, AppArmorSetFDLabel()
is used but since this function simply returns '0', the dynamic AppArmor
profile is not updated and AppArmor blocks access to the save file. This
patch implements AppArmorSetFDLabel() to get the pathname of the file by
resolving the fd symlink in /proc, and then gives that pathname to
reload_profile(), which fixes 'virsh save' when AppArmor is enabled.
Most of the safezero() implementations return -1 on error,
setting errno. The safezero() impl using posix_fallocate()
though returned a positive errno value on error (due to
the unusual API contract of posix_fallocate() compared to
most syscall APIs).
* src/util/util.c: Ensure safezero() returns -1 and sets
errno on error.
* src/storage/storage_backend.c: Change safezero != 0 to
< 0 for detecting errors
Add missing error reporting when loading mac filter config for QEMU
If the 'mac_filter' configuration parameter is enabled, and there
is a failure to enable filtering, no error is reported back to
the caller. Also fix some bogus whitespace indentation for
hugetlbfs_mount
Eric Blake [Wed, 15 Jun 2011 16:33:59 +0000 (10:33 -0600)]
sendkey: use consistent API convention
Even though rpc uses 'unsigned int' for the _len parameter that
passes the length of item<length>, the public libvirt APIs all
use 'int' and filter out lengths < 0, except for virDomainSendKey.
* include/libvirt/libvirt.h.in (virDomainSendKey): All other APIs
use int for array length.
* src/libvirt.c (virDomainSendKey): Adjust.
* src/driver.h (virDrvDomainSendKey): Likewise.
* daemon/remote_generator.pl: Likewise.
The position of the struct parameter in the function signature
differs. Instead of hardcoding the handling for this add an annotation
to the .x file to define the position.
The algorithm for autoassigning vethXXX devices, was always
skipping over the starting dev index when finding a free
name for the guest device. This should only be done if the host
device was autoallocated.
Jiri Denemark [Thu, 26 May 2011 14:15:01 +0000 (17:15 +0300)]
qemu: Translate boot config into bootindex if possible
Prefer bootindex=N option for -device over the old way -boot ORDER
possibly accompanied with boot=on option for -drive. This gives us full
control over which device will actually be used for booting guest OS.
Moreover, if qemu doesn't support boot=on, this is the only way to boot
of certain disks in some configurations (such as virtio disks when used
together IDE disks) without transforming domain XML to use per device
boot elements.
Adam Litke [Tue, 14 Jun 2011 14:36:53 +0000 (09:36 -0500)]
Asynchronous event for BlockPull completion
When an operation started by virDomainBlockPullAll completes (either with
success or with failure), raise an event to indicate the final status. This
allows an API user to avoid polling on virDomainBlockPullInfo if they would
prefer to use the event mechanism.
* daemon/remote.c: Dispatch events to client
* include/libvirt/libvirt.h.in: Define event ID and callback signature
* src/conf/domain_event.c, src/conf/domain_event.h,
src/libvirt_private.syms: Extend API to handle the new event
* src/qemu/qemu_driver.c: Connect to the QEMU monitor event
for block_stream completion and emit a libvirt block pull event
* src/remote/remote_driver.c: Receive and dispatch events to application
* src/remote/remote_protocol.x: Wire protocol definition for the event
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.c: Watch for BLOCK_STREAM_COMPLETED event
from QEMU monitor
Adam Litke [Tue, 14 Jun 2011 14:36:52 +0000 (09:36 -0500)]
Enable virDomainBlockPull in the python API.
virDomainBlockPullAll and virDomainBlockPullAbort are handled automatically.
virDomainBlockPull and virDomainBlockPullInfo require manual overrides since
they return a custom type.
* python/generator.py: reenable bindings for this entry point
* python/libvirt-override-api.xml python/libvirt-override.c:
manual overrides
Signed-off-by: Adam Litke <agl@us.ibm.com> Acked-by: Daniel P. Berrange <berrange@redhat.com>
Adam Litke [Tue, 14 Jun 2011 14:36:51 +0000 (09:36 -0500)]
Enable the virDomainBlockPull API in virsh
Define two new virsh commands:
* blockpull: Perform block pull operations (incremental plus start
and stop continuous streams)
* blockpullinfo: Retrieve progress info for continuous block pull
Share print_job_progress() with the migration code.
Adam Litke [Tue, 14 Jun 2011 14:36:50 +0000 (09:36 -0500)]
Implement virDomainBlockPull for the qemu driver
The virDomainBlockPull* family of commands are enabled by the
'block_stream' and 'info block_stream' qemu monitor commands.
* src/qemu/qemu_driver.c src/qemu/qemu_monitor_text.[ch]: implement disk
streaming by using the stream and info stream text monitor commands
* src/qemu/qemu_monitor_json.[ch]: implement commands using the qmp monitor
Signed-off-by: Adam Litke <agl@us.ibm.com> Acked-by: Daniel P. Berrange <berrange@redhat.com>
Adam Litke [Tue, 14 Jun 2011 14:36:49 +0000 (09:36 -0500)]
Add virDomainBlockPull support to the remote driver
The generator can handle DomainBlockPullAll and DomainBlockPullAbort.
DomainBlockPull and DomainBlockPullInfo must be written by hand.
* src/remote/remote_protocol.x: provide defines for the new entry points
* src/remote/remote_driver.c daemon/remote.c: implement the client and
server side
* src/remote_protocol-structs: structure definitions for protocol verification
Adam Litke [Thu, 9 Jun 2011 17:10:07 +0000 (12:10 -0500)]
Add new API virDomainBlockPull* to headers
Set up the types for the block pull functions and insert them into the
virDriver structure definition. Symbols are exported in this patch to prevent
documentation compile failures.
* include/libvirt/libvirt.h.in: new API
* src/driver.h: add the new entry to the driver structure
* python/generator.py: fix compiler errors, the actual python bindings are
implemented later
* src/libvirt_public.syms: export symbols
From a security pov copy and paste between the guest and the client is not
always desirable. So we need to be able to enable/disable this. The best place
to do this from an administration pov is on the hypervisor, so the qemu cmdline
is getting a spice disable-copy-paste option, see bug 693645. Example qemu
invocation:
qemu -spice port=5932,disable-ticketing,disable-copy-paste
Michael Chapman [Mon, 13 Jun 2011 03:05:45 +0000 (13:05 +1000)]
Fix autostart flag when loading running domains
Drivers load running persistent and transient domain configs before
inactive persistent domain configs, however only the latter would set a
domain's autostart flag. This mismatch between the loaded and on-disk
state could later cause problems with "virsh autostart":
# virsh autostart example
error: Failed to mark domain example as autostarted
error: Failed to create symlink '/etc/libvirt/qemu/autostart/example.xml to '/etc/libvirt/qemu/example.xml': File exists
This patch ensures the autostart flag is set correctly even when the
domain is already defined.
Lai Jiangshan [Tue, 7 Jun 2011 09:11:10 +0000 (17:11 +0800)]
add VSH_OFLAG_REQ_OPT options
A VSH_OFLAG_REQ_OPT option means --optionname is required when used.
It will kill any ambiguity, even a !VSH_OFLAG_REQ option listed before
a VSH_OFLAG_REQ option, if the !VSH_OFLAG_REQ option is a
VSH_OFLAG_REQ_OPT option.
It will help us use optional argument with VSH_OT_ARGV argument.
Signed-off-by: Lai Jiangshan <laijs@cn.fujitsu.com>
Eric Blake [Mon, 13 Jun 2011 21:47:45 +0000 (15:47 -0600)]
command: avoid double close
Previously, the parent process opened 'null' to /dev/null, then
the child process closes 'null' as well as 'childout'. But if
childout was set to be null, then this is a double close. At
least the double close was confined to the child process after a
fork, and therefore there is no risk of another thread opening
an fd of the same value to be bitten by the double close, but it
is always better to avoid double-close to begin with.
Additionally, if all three fds were specified, then opening
'null' was wasted.
This patch fixes things to lazily open null on the first use,
then guarantees it gets closed exactly once.
* src/util/command.c (getDevNull): New helper function.
(virExecWithHook): Use it to avoid spurious opens and double close.
Cole Robinson [Wed, 8 Jun 2011 16:25:11 +0000 (12:25 -0400)]
qemu: Fix parsing 'info chardev'
If qemu supports -chardev, our char frontend aliases are ex. 'charserial0'
not just 'serial0'. Typically we don't use this code path because the
pty's are scraped from stdout.
libvirt doesn't parse "actual", so user will always see a empty result
with "virsh dommemstat $domain". Even qemu haven't disabled the stats,
we should support parsing "actual".
Taku Izumi [Tue, 14 Jun 2011 03:13:11 +0000 (11:13 +0800)]
vcpupin: Fix cpu affinity setting bug of qemu driver
There is the case where cpu affinites for vcpu of qemu doesn't work
correctly. For example, if only one vcpupin setting entry is provided
and its setting is not for vcpu0, it doesn't work.
Matthias Bolte [Thu, 9 Jun 2011 19:47:43 +0000 (21:47 +0200)]
Fix dlopen dependency
Since the addition of the lock manager framework in 6a943419c528fdd7
dlopen is always required, but the checks in configure wasn't changed
to reflect that. This didn't show up directly because the VirtualBox
driver linking dlopen in covered it. But disabling the VirtualBox
driver makes the build fail due to missing dlopen.
Change the dlopen check in configure to pick up dlopen when available.
Stefan Berger [Mon, 13 Jun 2011 19:59:58 +0000 (15:59 -0400)]
qemu: Faster response time to qemu startup errors
The below patch decreases the response time of libvirt to errors reported by Qemu upon startup by checking whether the qemu process is still alive while polling for the local socket to show up.
This patch also introduces a special handling of signal for the Win32 part of virKillProcess.
Taku Izumi [Mon, 13 Jun 2011 15:51:04 +0000 (23:51 +0800)]
vcpupin: add the new option to "virsh vcpupin" command
This patch adds the new option (--live, --config and --current) to
"virsh vcpupin" command. The behavior of above aption is the same as
that of "virsh setmem", "virsh setvcpus", and whatnot.
When the --config option is specified, the command affects a persistent
domain, while --live option is specified, it affects a running (live) domain.
The --current option cannot be used with --config or --live at the same
time, and when --current is specified, it affects a "current" domain.
Wen Congyang [Mon, 23 May 2011 07:43:35 +0000 (15:43 +0800)]
the hotplugged PCI device should use the whole slot
Hot pluging/unpluging multi PCI device is not supported now. So the function
of hotplugged PCI device must be 0. When we hot unplug it, we should set release
all functions in the slot.
Wen Congyang [Mon, 23 May 2011 03:22:54 +0000 (11:22 +0800)]
the key of hash table should include the function value
We save all used PCI address in the hash table. The key is generated by domain,
bus and slot now. We will support multi function PCI device, so the key should
be generated by domain, bus, slot and function.
Wen Congyang [Mon, 9 May 2011 06:59:16 +0000 (14:59 +0800)]
prevent hot unplugging multi function PCI device
We do not support to hot unplug multi function PCI device now. If the device is
one function of multi function PCI device, we shoul not allow to hot unplugg
it.
Matthew Booth [Fri, 10 Jun 2011 09:18:01 +0000 (17:18 +0800)]
xenapi: Improve error message on session failure
XenAPI session login can fail for a number of reasons, but currently no
specific
reason is displayed to the user, e.g.:
virsh -c XenAPI://citrix-xen.example.com/
Enter username for citrix-xen.example.com: root
Enter root's password for citrix-xen.example.com:
error: authentication failed: (null)
error: failed to connect to the hypervisor
This patch displays the session error description on failure.
Eric Blake [Mon, 6 Jun 2011 19:23:24 +0000 (13:23 -0600)]
build: silence coverity false positives
Coverity complained about these intentional fallthrough cases, but
not about other cases that were explicitly marked with nice comments.
For some reason, Coverity doesn't seem smart enough to parse the
up-front English comment in virsh about intentional fallthrough :)
* tools/virsh.c (cmdVolSize): Mark fallthrough in a more typical
fashion.
* src/conf/nwfilter_conf.c (virNWFilterRuleDefDetailsFormat)
(virNWFilterRuleDetailsParse): Mark explicit fallthrough.
Eric Blake [Mon, 6 Jun 2011 19:19:38 +0000 (13:19 -0600)]
esx: avoid dead code
Detected by Coverity. The beginning of the function already filtered
out NULL objectContentList as invalid. Further investigation shows:
esxVI_RetrieveProperties is generated and returns a list of objects
that match the given propertyFilterSpec.
esxVI_LookupObjectContentByType then tests whether the result
corresponds to the expected occurrence and reports an error otherwise.
This simplifies the callers of esxVI_LookupObjectContentByType, but
due to the missing dereference the check was never performed because
the code thought that at least one item was obtained. NULL represents
an empty list. This is a potential segfault fix because callers of
esxVI_LookupObjectContentByType that specified "required" occurrence
assume *objectContentList to be non-NULL when
esxVI_LookupObjectContentByType succeeds.
projects / libvirt.git / log