Cole Robinson [Wed, 30 Jun 2010 17:04:57 +0000 (13:04 -0400)]
util: virExec: Dispatch all errors raised after fork
Any error message raised after the process has forked needs
to be followed by virDispatchError, otherwise we have no chance of
ever seeing it. This was selectively done for hook functions in the past,
but really applies to all post-fork errors.
Ryota Ozaki [Wed, 30 Jun 2010 11:49:28 +0000 (20:49 +0900)]
cgroup: Fix compilation broken on MinGW due to dirent->d_type
As pointed out by Eric Blake, using dirent->d_type breaks
compilation on MinGW. This patch addresses this by using
'#if defined' as same as doing for virCgroupForDriver.
Eric Blake [Tue, 29 Jun 2010 22:14:57 +0000 (16:14 -0600)]
virsh: tweak help output for VSH_OT_DATA
https://bugzilla.redhat.com/show_bug.cgi?id=609044 complained
that 'virsh help pool-create-as' didn't document the shortcut
that you can do 'virsh pool-create-as $name $type --target $target'
rather than having to supply the four optional source- arguments
in order to fill out the necessary positional arguments.
This one-liner changes the help output to hopefully make this more obvious:
NAME
pool-create-as - create a pool from a set of args
OPTIONS
[--name] <string> name of the pool
--print-xml print XML document, but don't define/create
[--type] <string> type of the pool
[--source-host] <string> source-host for underlying storage
[--source-path] <string> source path for underlying storage
[--source-dev] <string> source device for underlying storage
[--source-name] <string> source name for underlying storage
[--target] <string> target for underlying storage
--source-format <string> format for underlying storage
* tools/virsh.c (vshCmddefHelp): Make it more obvious that data
arguments may, but not must, be specified by option leaders.
Avoid invoking the qemu monitor destroy callback if the constructor fails
Some, but not all, codepaths in the qemuMonitorOpen() method
would trigger the destroy callback. The caller does not expect
this to be invoked if construction fails, only during normal
release of the monitor. This resulted in a possible double-unref
of the virDomainObjPtr, because the caller explicitly unrefs
the virDomainObjPtr if qemuMonitorOpen() fails
* src/qemu/qemu_monitor.c: Don't invoke destroy callback from
qemuMonitorOpen() failure paths
Ryota Ozaki [Sat, 26 Jun 2010 17:21:28 +0000 (02:21 +0900)]
cgroup: Add missing errno == ENOENT check in virCgroupRemoveRecursively
ENOENT happens normally when a subsystem is enabled with any other
subsystems and the directory of the target group has already removed
in a prior loop. In that case, the function should just return without
leaving an error message.
NB this is the same behavior as before introducing virCgroupRemoveRecursively.
Chris Lalancette [Mon, 14 Jun 2010 21:16:53 +0000 (17:16 -0400)]
Fix crash when detaching devices from qemu domains.
Make sure to *not* call qemuDomainPCIAddressReleaseAddr if
QEMUD_CMD_FLAG_DEVICE is *not* set (for older qemu). This
prevents a crash when trying to do device detachment from
a qemu guest.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Chris Lalancette [Mon, 14 Jun 2010 21:12:35 +0000 (17:12 -0400)]
Check for active PCI devices when doing nodedevice operations.
In the current libvirt PCI code, there is no checking whether
a PCI device is in use by a guest when doing node device
detach or reattach. This causes problems when a device is
assigned to a guest, and the administrator starts issuing
nodedevice commands. Make it so that we check the list
of active devices when trying to detach/reattach, and only
allow the operation if the device is not assigned to a guest.
Signed-off-by: Chris Lalancette <clalance@redhat.com>
Justin Clift [Mon, 28 Jun 2010 16:47:30 +0000 (02:47 +1000)]
virsh: add new --details option to pool-list
This patch adds a new --details option to the virsh pool-list
command, making its output more useful to people who use virsh
for significant lengths of time.
Eric Blake [Mon, 28 Jun 2010 17:33:05 +0000 (11:33 -0600)]
phyp: don't steal storage management from other drivers
Fix regression introduced in commit a4a287242 - basically, the
phyp storage driver should only accept the same URIs that the
main phyp driver is willing to accept. Blindly accepting all
URIs meant that the phyp storage driver was being consulted for
'virsh -c qemu:///session pool-list --all', rather than the
qemu storage driver, then since the URI was not for phyp, attempts
to then use the phyp driver crashed because it was not initialized.
* src/phyp/phyp_driver.c (phypStorageOpen): Only accept connections
already open to a phyp driver.
Laine Stump [Tue, 29 Jun 2010 03:50:15 +0000 (23:50 -0400)]
Avoid calling virStorageFileIsSharedFS with NULL
This code was just recently added (by me) and didn't account for the
fact that stdin_path is sometimes NULL. If it's NULL, and
SetSecurityAllLabel fails, a segfault would result.
Ryota Ozaki [Sun, 27 Jun 2010 13:07:00 +0000 (22:07 +0900)]
lxc: Fix virsh console doesn't work after restarting libvirtd
Because tty path is unexpectedly not saved in the live configuration
file of a domain, libvirtd cannot get the console of the domain back
after restarting.
The reason why the tty path isn't saved is that, to save the tty path,
the save function, virDomainSaveConfig, requires that the target domain
is running (pid != -1), however, lxc driver calls the function before
starting the domain to pass the configuration to controller.
To ensure to save the tty path, the patch lets lxc driver call the save
function again after starting the domain.
Ryota Ozaki [Sat, 26 Jun 2010 20:59:59 +0000 (05:59 +0900)]
lxc: Fix error handlings in lxcContainerRenameAndEnableInterfaces
The function is expected to return negative value on failure,
however, it returns positive value when either setInterfaceName
or vethInterfaceUpOrDown fails. Because the function returns
the return value of either as is, however, the two functions
may return positive value on failure.
The patch fixes the defects and add error messages.
Laine Stump [Fri, 25 Jun 2010 00:59:24 +0000 (20:59 -0400)]
Selectively ignore domainSetSecurityAllLabel failure in domain restore
When the saved domain image is on an NFS share, at least some part of
domainSetSecurityAllLabel will fail (for example, selinux labels can't
be modified). To allow domain restore to still work in this case, just
ignore the errors.
Laine Stump [Fri, 25 Jun 2010 16:18:57 +0000 (12:18 -0400)]
Enhance virStorageFileIsSharedFS
virStorageFileIsSharedFS would previously only work if the entire path
in question was stat'able by the uid of the libvirtd process. This
patch changes it to crawl backwards up the path retrying the statfs
call until it gets to a partial path that *can* be stat'ed.
This is necessary to use the function to learn the fstype for files
stored as a different user (and readable only by that user) on a
root-squashed remote filesystem.
Eric Blake [Fri, 25 Jun 2010 22:27:07 +0000 (16:27 -0600)]
build: fix regression with libvirt-api.xml generation
(EXTRA_DIST): Remove redundant listing of xml files.
(html/%-%.html, html/%-virterror.html, %-api.xml, %-refs.xml):
Rewrite with...
(python_generated_files): ...new macro, since make didn't see
through the dependency chain correctly otherwise.
Don't squash file permissions when migration fails
If an active migration operation fails, or is cancelled by the
admin, the QEMU on the destination is shutdown and the one on
the source continues running. It is important in shutting down
the QEMU on the destination, the security drivers don't reset
the file labelling/permissions.
* src/qemu/qemu_driver.c: Don't reset labelling/permissions
on migration abort
Eric Blake [Thu, 24 Jun 2010 22:25:56 +0000 (16:25 -0600)]
phyp: optimize use of sed
Minor speedups by using the full power of sed.
* src/phyp/phyp_driver.c (phypGetVIOSFreeSCSIAdapter)
(phypDiskType, phypListDefinedDomains): Use fewer processes, by
folding other work into sed.
(phypGetVIOSPartitionID): Likewise. Also avoid non-portable use
of 'sed -s'.
Eric Blake [Thu, 24 Jun 2010 21:05:16 +0000 (15:05 -0600)]
phyp: reduce scope of driver functions
Several phyp functions are not namespace clean, and had no reason
to be exported since no one outside the phyp driver needed to use
them. Rather than do lots of forward declarations, I was able
to topologically sort the file. So, this patch looks huge, but
is really just a matter of marking things static and dealing with
the compiler fallout.
* src/phyp/phyp_driver.h (PHYP_DRIVER_H): Add include guard.
(phypCheckSPFreeSapce): Delete unused declaration.
(phypGetSystemType, phypGetVIOSPartitionID, phypCapsInit)
(phypBuildLpar, phypUUIDTable_WriteFile, phypUUIDTable_ReadFile)
(phypUUIDTable_AddLpar, phypUUIDTable_RemLpar, phypUUIDTable_Pull)
(phypUUIDTable_Push, phypUUIDTable_Init, phypUUIDTable_Free)
(escape_specialcharacters, waitsocket, phypGetLparUUID)
(phypGetLparMem, phypGetLparCPU, phypGetLparCPUGeneric)
(phypGetRemoteSlot, phypGetBackingDevice, phypDiskType)
(openSSHSession): Move declarations to phyp_driver.c and make static.
* src/phyp/phyp_driver.c: Rearrange file contents to provide
topological sorting of newly-static funtions (no semantic changes
other than reduced scope).
(phypGetBackingDevice, phypDiskType): Mark unused, for now.
The previous change which split -nodefconfig probing off
from -device broke the test case because it missed adding
the QEMUD_CMD_FLAG_NODEFCONFIG to the test
* src/util/bridge.c: Set QEMUD_CMD_FLAG_NODEFCONFIG for all
configs with QEMUD_CMD_FLAG_DEVICE set
Fix migration in text mode and shared storage migration in json mode
The patches for shared storage migration were not correctly written
for json mode. Thus the 'blk' and 'inc' parameters were never being
set. In addition they didn't set the QEMU_MONITOR_MIGRATE_BACKGROUND
so migration was synchronous. Due to multiple bugs in QEMU's JSON
impl this wasn't noticed because it treated the sync migration requst
as asynchronous anyway. Finally 'background' parameter was converted
to take arbitrary flags but not renamed, and not all uses were changed
to unsigned int.
* src/qemu/qemu_driver.c: Set QEMU_MONITOR_MIGRATE_BACKGROUND in
doNativeMigrate
* src/qemu/qemu_monitor_json.c: Process QEMU_MONITOR_MIGRATE_NON_SHARED_DISK
and QEMU_MONITOR_MIGRATE_NON_SHARED_INC flags
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h,
src/qemu/qemu_monitor_json.h, src/qemu/qemu_monitor_text.c,
src/qemu/qemu_monitor_text.h: change 'int background' to
'unsigned int flags' in migration APIs. Add logging of flags
parameter
During incoming migration the QEMU monitor is not able to be
used. The incoming migration code did not keep hold of the
job lock because migration is split across multiple API calls.
This meant that further monitor commands on the guest would
hang until migration finished with no timeout.
In this change the qemuDomainMigratePrepare method sets the
job flag just before it returns. The qemuDomainMigrateFinish
method checks for this job flag & clears it once done. This
prevents any use of the monitor between prepare+finish steps.
The qemuDomainGetJobInfo method is also updated to refresh
the job elapsed time. This means that virsh domjobinfo can
return time data during incoming migration
* src/qemu/qemu_driver.c: Keep a job active during incoming
migration. Refresh job elapsed time when returning job info
Set labelling for character devices in security drivers
When configuring serial, parallel, console or channel devices
with a file, dev or pipe backend type, it is necessary to label
the file path in the security drivers. For char devices of type
file, it is neccessary to pre-create (touch) the file if it does
not already exist since QEMU won't be allowed todo so itself.
dev/pipe configs already require the admin to pre-create before
starting the guest.
* src/qemu/qemu_security_dac.c: set file ownership for character
devices
* src/security/security_selinux.c: Set file labeling for character
devices
* src/qemu/qemu_driver.c: Add character devices to cgroup ACL
The parallel, serial, console and channel devices are all just
character devices. A lot of code needs todo the same thing to
all these devices. This provides an convenient API for iterating
over all of them.
Laine Stump [Thu, 24 Jun 2010 18:49:51 +0000 (14:49 -0400)]
Check for presence of qemu -nodefconfig option before using it
We previously assumed that if the -device option existed in qemu, that
-nodefconfig would also exist. It turns out that isn't the case, as
demonstrated by qemu-kvm-0.12.3 in Fedora 13.
*/src/qemu/qemu_conf.[hc] - add a new QEMUD_CMD_FLAG, set it via the
help output, and check it before adding
-nodefconfig to the qemu commandline.
Matthias Bolte [Tue, 15 Jun 2010 22:17:34 +0000 (00:17 +0200)]
Add wide SCSI bus disk address generation support
The domain XML parsing code autogenerates disk address and
controller elements when they are not explicitly specified.
The code assumes a narrow SCSI bus (7 units per bus). ESX
uses a wide SCSI bus (16 units per bus).
This is a step towards controller support for the ESX driver.
Matthias Bolte [Tue, 22 Jun 2010 13:20:23 +0000 (15:20 +0200)]
Cleanup some LIBADD and CFLAGS
Move libnl to libvirt_util.la, because macvtap.c requires it.
Add GnuTLS to libvirt_driver.la, because libvirt.c calls gcrypt functions.
When built without loadable driver modules, then the remote driver pulls
in GnuTLS.
Move libgnu.la from libvirt_parthelper_CFLAGS to libvirt_parthelper_LDADD.
Ryota Ozaki [Wed, 23 Jun 2010 16:00:56 +0000 (01:00 +0900)]
cgroup: Enable memory.use_hierarchy of cgroup for domain
Through conversation with Kumar L Srikanth-B22348, I found
that the function of getting memory usage (e.g., virsh dominfo)
doesn't work for lxc with ns subsystem of cgroup enabled.
This is because of features of ns and memory subsystems.
Ns creates child cgroup on every process fork and as a result
processes in a container are not assigned in a cgroup for
domain (e.g., libvirt/lxc/test1/). For example, libvirt_lxc
and init (or somewhat specified in XML) are assigned into
libvirt/lxc/test1/8839/ and libvirt/lxc/test1/8839/8849/,
respectively. On the other hand, memory subsystem accounts
memory usage within a group of processes by default, i.e.,
it does not take any child (and descendant) groups into
account. With the two features, virsh dominfo which just
checks memory usage of a cgroup for domain always returns
zero because the cgroup has no process.
Setting memory.use_hierarchy of a group allows to account
(and limit) memory usage of every descendant groups of the group.
By setting it of a cgroup for domain, we can get proper memory
usage of lxc with ns subsystem enabled. (To be exact, the
setting is required only when memory and ns subsystems are
enabled at the same time, e.g., mount -t cgroup none /cgroup.)
Ryota Ozaki [Wed, 23 Jun 2010 16:00:55 +0000 (01:00 +0900)]
cgroup: Change virCgroupRemove to remove all descendant groups at first
As same as normal directories, a cgroup cannot be removed if it
contains sub groups. This patch changes virCgroupRemove to remove
all descendant groups (subdirectories) of a target group before
removing the target group.
The handling is required when we run lxc with ns subsystem of cgroup.
Ns subsystem automatically creates child cgroups on every process
forks, but unfortunately the groups are not removed on process exits,
so we have to remove them by ourselves.
With this patch, such child (and descendant) groups are surely removed
at lxc shutdown, i.e., lxcVmCleanup which calls virCgroupRemove.
Eric Blake [Wed, 9 Jun 2010 15:12:56 +0000 (09:12 -0600)]
virsh: document attach-disk better
http://bugzilla.redhat.com/601143, part 1 - document existing
behavior. Ever since Mar 2010 (commit ced154cb), the use of
'attach-disk' or 'attach-device' to change cdrom/floppy media has been
documented but deprecated, but the replacement to use 'update-device'
was not documented.
* tools/virsh.c (cmdAttachInterface, cmdAttachDisk): Fix bad error
message.
* tools/virsh.pod (attach-device, attach-disk): Refer to
update-device for cdrom and floppy behavior.
(update-device): Add documentation.
We already use the '-nodefaults' command line arg with QEMU to stop
it adding any default devices to guests. Unfortunately, QEMU will
load global config files from /etc/qemu that may also add default
devices. These aren't blocked by '-nodefaults', so we need to also
add the '-nodefconfig' arg to prevent that.
Unfortunately these global config files are also used to define
custom CPU models. So in blocking global hardware device addition
we also block definitions of new CPU models. Libvirt doesn't know
about these custom CPU models though, so it would never make use
of them anyway. Thus blocking them via -nodefconfig isn't a show
stopping problem. We would need to expand libvirt's own CPU model
XML database to support these instead.
* src/qemu/qemu_conf.c: Add '-nodefconfig' if available
* tests/qemuxml2argvdata/: Add '-nodefconfig' to all data files which
have '-nodefaults' present
The current code pattern requires that callers of qemuMonitorClose
check for the return value == 0, and if so, set priv->mon = NULL
and release the reference held on the associated virDomainObjPtr
The change d84bb6d6a3bd2fdd530184cc9743249ebddbee71 violated that
requirement, meaning that priv->mon never gets set to NULL, and
a reference count is leaked on virDomainObjPtr.
This design was a bad one, so remove the need to check the return
valueof qemuMonitorClose(). Instead allow registration of a
callback that's invoked just when the last reference on qemuMonitorPtr
is released.
Finally there was a potential reference leak in qemuConnectMonitor
in the failure path.
* src/qemu/qemu_monitor.c, src/qemu/qemu_monitor.h: Add a destroy
callback invoked from qemuMonitorFree
* src/qemu/qemu_driver.c: Use the destroy callback to release the
reference on virDomainObjPtr when the monitor is freed. Fix other
potential reference count leak in connecting to monitor
Before issuing monitor commands it is neccessary to check whether
the guest is still running. Most places use virDomainIsActive()
correctly, but a few relied on 'priv->mon != NULL'. In theory
these should be equivalent, but the release of the last reference
count on priv->mon can be delayed a small amount of time until
the event handler is finally deregistered. A further ref counting
bug also means that priv->mon might be never released. In such a
case, code could mistakenly issue a monitor command and wait for
a response that will never arrive, effectively leaving the QEMU
driver waiting on virCondWait() forever..
To protect against these possibilities, make sure all code uses
virDomainIsActive(), not 'priv->mon != NULL'
* src/qemu/qemu_driver.c: Replace 'priv->mon != NULL' with
calls to 'priv->mon != NULL'()
Jiri Denemark [Tue, 22 Jun 2010 14:47:02 +0000 (16:47 +0200)]
Don't leak open fd to virsh in libvirt-guests init script
Running virsh while having /var/lib/libvirt/libvirt-guests file open
makes SELinux emit messages about preventing virsh from reading that
file. Since virsh doesn't really want to read anything, it's better to
run it with /dev/null on stdin to prevent those messages.
Stefan Berger [Mon, 21 Jun 2010 18:18:31 +0000 (14:18 -0400)]
nwfilter: fix loadable module support
Following Daniel Berrange's multiple helpful suggestions for improving
this patch and introducing another driver interface, I now wrote the
below patch where the nwfilter driver registers the functions to
instantiate and teardown the nwfilters with a function in
conf/domain_nwfilter.c called virDomainConfNWFilterRegister. Previous
helper functions that were called from qemu_driver.c and qemu_conf.c
were move into conf/domain_nwfilter.h with slight renaming done for
consistency. Those functions now call the function expored by
domain_nwfilter.c, which in turn call the functions of the new driver
interface, if available.
Jiri Denemark [Thu, 17 Jun 2010 14:45:29 +0000 (16:45 +0200)]
Misc cleanups
- Fix documentation for virGetStorageVol: it has 'key' argument instead
of 'uuid'.
- Remove TODO comment from virReleaseStorageVol: we use volume key as an
identifier instead of UUID.
- Print human-readable UUID string in debug message in virReleaseSecret.
Jiri Denemark [Thu, 17 Jun 2010 14:45:26 +0000 (16:45 +0200)]
Index hashes by UUID instead of name
Per-connection hashes for domains, networks, storage pools and network
filter pools were indexed by names which was not the best choice. UUIDs
are better identifiers, so lets use them.
Philipp Hahn [Tue, 15 Jun 2010 09:44:48 +0000 (11:44 +0200)]
Allow one-or-more <boot dev="..."/> entries
According to docs/formatdomain.html.in, "The boot element can be
repeated multiple times to setup a priority list of boot devices to try
in turn." The Relax-NG schema required / allowed exactly one entry.
Cole Robinson [Tue, 1 Jun 2010 19:10:19 +0000 (15:10 -0400)]
qemu: Fix crash on failed VM startup
If VM startup fails early enough (can't find a referenced USB device),
libvirtd will crash trying to clear the VNC port bit, since port = 0,
which overflows us out of the bitmap bounds.
Fix this by being more defensive in the bitmap operations, and only
clearing a previously set VNC port.
Philipp Hahn [Tue, 15 Jun 2010 09:44:13 +0000 (11:44 +0200)]
Fix description of virStorageVolGetInfo()
Probably a copy-paste-bug in python/libvirt-override-api.xml:
virStorageVolGetInfo() extracts information about a "storage volume",
not the "storage pool" as virStoragePoolGetInfo() does.
Eric Blake [Thu, 10 Jun 2010 02:23:51 +0000 (20:23 -0600)]
qemu: reduce file padding requirements
Followup to https://bugzilla.redhat.com/show_bug.cgi?id=599091,
commit 20206a4b, to reduce disk waste in padding.
* src/qemu/qemu_monitor.h (QEMU_MONITOR_MIGRATE_TO_FILE_BS): Drop
back to 4k.
(QEMU_MONITOR_MIGRATE_TO_FILE_TRANSFER_SIZE): New macro.
* src/qemu/qemu_driver.c (qemudDomainSaveFlag): Update comment.
* src/qemu/qemu_monitor_text.c (qemuMonitorTextMigrateToFile): Use
two invocations of dd to output non-aligned large blocks.
* src/qemu/qemu_monitor_json.c (qemuMonitorJSONMigrateToFile):
Likewise.
Stefan Berger [Thu, 17 Jun 2010 18:12:34 +0000 (14:12 -0400)]
nwfilter: add XML attribute to control iptables state match
This patch adds an optional XML attribute to a nwfilter rule to give the user control over whether the rule is supposed to be using the iptables state match or not. A rule may now look like shown in the XML below with the statematch attribute either having value '0' or 'false' (case-insensitive).
Justin Clift [Thu, 17 Jun 2010 07:57:12 +0000 (17:57 +1000)]
virsh: ensure persistence and autostart are shown for dominfo and pool-info
This patch adds the persistence status (yes/no) to the output of the virsh
dominfo and pool-info commands. This patch also adds the autostart status
to the output of the virsh pool-info command.
Stefan Berger [Thu, 17 Jun 2010 11:05:38 +0000 (07:05 -0400)]
macvtap: work-around for 2.6.32 and older kernels
This patch works around a recent extension of the netlink driver I had made use of when building the netlink messages. Unfortunately older kernels don't accept IFLA_IFNAME + name of interface as a replacement for the interface's index, so this patch now gets the interface index ifindex if it's not provided (ifindex <= 0).
Matthias Bolte [Sat, 12 Jun 2010 15:13:33 +0000 (17:13 +0200)]
Add several missing vir*Free calls in libvirtd's remote code
Justin Clift reported a problem with adding virStoragePoolIsPersistent
to virsh's pool-info command, resulting in a strange problem. Here's
an example:
virsh # pool-create-as images_dir3 dir - - - - "/home/images2"
Pool images_dir3 created
virsh # pool-destroy images_dir3
Pool images_dir3 destroyed
At this point the images_dir3 pool should be gone (because it was
transient) and we should be able to create a new pool with the same name:
virsh # pool-create-as images_dir3 dir - - - - "/home/images2"
Pool images_dir3 created
virsh # pool-info images_dir3
Name: images_dir3
UUID: 90301885-94eb-4ca7-14c2-f30b25a29a36
error: Storage pool not found
The new pool got the same UUID as the first one, but we didn't specify
one. libvirt should have picked a random UUID, but it didn't.
It turned out that virStoragePoolIsPersistent leaks a reference to the
storage pool object (actually remoteDispatchStoragePoolIsPersistent does).
As a result, pool-destroy doesn't remove the virStoragePool for the
"images_dir3" pool from the virConnectPtr's storagePools hash on libvirtd's
side. Then the second pool-create-as get's the stale virStoragePool object
associated with the "images_dir3" name. But this object has the old UUID.
This commit ensures that all get_nonnull_* and make_nonnull_* calls for
libvirt objects are matched properly with vir*Free calls. This fixes the
reference leaks and the reported problem.
All remoteDispatch*IsActive and remoteDispatch*IsPersistent functions were
affected. But also remoteDispatchDomainMigrateFinish2 was affected in the
success path. I wonder why that didn't surface earlier. Probably because
domainMigrateFinish2 is executed on the destination host and in the common
case this connection is opened especially for the migration and gets closed
after the migration is done. So there was no chance to run into a problem
because of the leaked reference.
Eric Blake [Thu, 10 Jun 2010 13:28:05 +0000 (07:28 -0600)]
libvirt: introduce domainCreateWithFlags API
Persistent domain creation needs the same features as transient
domains, but virDomainCreate lacks the flags argument present in
virDomainCreateXML. virDomainCreateFlags is already claimed as
a public enum, so we have to break convention and expose
virDomainCreateWithFlags.
Eric Blake [Mon, 14 Jun 2010 20:54:31 +0000 (14:54 -0600)]
parthelper: fix compilation without optimization
Daniel's patch works with gcc and CFLAGS containing -O (the
autoconf default), but fails with non-gcc or with other
CFLAGS (such as -g), since c-ctype.h declares c_isdigit as
a macro only for certain compilation settings.
* src/Makefile.am (libvirt_parthelper_LDFLAGS): Add gnulib
library, for when c_isdigit is not a macro.
* src/storage/parthelper.c (main): Avoid out-of-bounds
dereference, noticed by Jim Meyering.
Fix enumeration of partitions in disks with a trailing digit in path
Disks with a trailing digit in their path (eg /dev/loop0 or
/dev/dm0) have an extra 'p' appended before the partition
number (eg, to form /dev/loop0p1 not /dev/loop01). Fix the
partition lookup to append this extra 'p' when required
* src/storage/parthelper.c: Add a 'p' before partition
number if required
Eric Blake [Wed, 3 Mar 2010 16:31:02 +0000 (09:31 -0700)]
uml: sanity check external data before using it
Otherwise, a malicious packet could cause a DoS via spurious
out-of-memory failure.
* src/uml/uml_driver.c (umlMonitorCommand): Validate that incoming
data is reliable before using it to allocate/dereference memory.
Don't report bogus errno on short read.
Reported by Jim Meyering.
Eric Blake [Wed, 2 Jun 2010 20:21:45 +0000 (14:21 -0600)]
build: fix some mingw issues
On Fedora 13 with sufficient mingw32-* packages installed, running
./autobuild.sh failed to cross-compile to mingw because
mingw32-pthreads installed a broken <pthread.h>. With that
issue fixed, the build still failed due to use of O_SYNC.
Meanwhile, recent .spec.in changes got out of sync.
* bootstrap.conf (gnulib_modules): Add fcntl-h, for O_SYNC.
* .gnulib: Update to latest, to work around buggy pthreads-win32
library.
* bootstrap: Import latest from gnulib.
* mingw32-libvirt.spec.in: Distribute new file.
Eric Blake [Wed, 9 Jun 2010 13:12:21 +0000 (07:12 -0600)]
build: avoid pthreads-win32 on mingw
* src/util/threads.c (includes) [WIN32]: On mingw, favor native
threading over pthreads-win32 library.
* src/util/thread.h [WIN32] Likewise.
Suggested by Daniel P. Berrange.
Fix cgroup setup code to cope with root squashing NFS
When a disk is on a root squashed NFS server, it may not be
possible to stat() the disk file in virCgroupAllowDevice.
The virStorageFileGetMeta method may also fail to extract
the parent backing store. Both of these errors have to be
ignored to avoid breaking NFS deployments
* src/qemu/qemu_driver.c: Ignore errors in cgroup setup to
keep root squash NFS happy
Justin Clift [Tue, 8 Jun 2010 14:06:29 +0000 (00:06 +1000)]
virsh: add new vol-pool command
This patch adds a new "vol-pool" command to virsh, to round out the
identifier conversion functions for volumes in virsh. Now it is
possible to work with volumes when starting from just a volume key
or volume path.
Some guests (eg with badly configured grub, or Windows' installation cd)
require quick response from the console user. That's why we have a
"launchPaused" option in vdsm.
To implement it via libvirt, we need to ask libvirt not to call
qemuMonitorStartCPUs() after starting qemu. Calling virDomainStop
immediately after the domain is up is inherently raceful.
* src/qemu/qemu_driver.c (qemudStartVMDaemon): Add new parameter;
all callers adjusted.
(qemudDomainCreate): Implement support for new flag.
projects / libvirt.git / log