[libvirt] [PATCH 0/5] macvtap support for Qemu/KVM VMs via libvirt
by Stefan Berger
Hello!
This is a re-post of previously posted patches following Daniel
Berrange's request for changes along with other fixes PLUS a rebase
to the latest code where the conn parameter is missing along with
changes requested by Daniel Veillard.
The following patches provide support for making the macvtap
networking device type available to Qemu/KVM VMs. The patches rely on
the macvtap driver that just became available through the Linux net-next
tree (fixes still may be necessary) and make the device available to
Qemu/KVM via a tap file descriptor similar to a 'regular' tap device.
Following up on previous discussions, the libvirt patches allow using
the following XML in the domain description to enable qemu network
connectivity via this type of device:
<interface type='direct'>
<source dev='eth1' mode='vepa'/>
<model type='virtio'/>
</interface>
The above XML indicates that eth1 is the Ethernet interface to link
the macvtap device to and communicate to the network. As a consequence,
libvirt will create an instance of a macvtap device, assign it the same
MAC address as the VM's interface has and open a file descriptor of the
associated character device /dev/tap%d and pass it via command line to
Qemu/kvm. In the above XML the mode can be chosen as 'vepa', 'private'
or 'bridge' and is by default set to 'vepa'(by the driver) if omitted.
Attachment and detachment of macvtap to/from a running VM also works.
Regards,
Stefan
14 years, 9 months
[libvirt] [PATCH] libvirt-override.c: avoid a leak upon call with invalid argument
by Jim Meyering
>From 49d7a268574772d362dc374b531ff80ec87f5062 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Tue, 16 Feb 2010 08:07:38 +0100
Subject: [PATCH] libvirt-override.c: avoid a leak upon call with invalid argument
* python/libvirt-override.c (libvirt_virConnectBaselineCPU): Don't leak
the xmlcpus buffer upon encountering a non-string list element.
---
python/libvirt-override.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/python/libvirt-override.c b/python/libvirt-override.c
index a71766a..2447ad7 100644
--- a/python/libvirt-override.c
+++ b/python/libvirt-override.c
@@ -1,16 +1,16 @@
/*
* libvir.c: this modules implements the main part of the glue of the
* libvir library and the Python interpreter. It provides the
* entry points where an automatically generated stub is
* unpractical
*
- * Copyright (C) 2005, 2007-2009 Red Hat, Inc.
+ * Copyright (C) 2005, 2007-2010 Red Hat, Inc.
*
* Daniel Veillard <veillard(a)redhat.com>
*/
#include <config.h>
/* Horrible kludge to work around even more horrible name-space pollution
via Python.h. That file includes /usr/include/python2.5/pyconfig*.h,
which has over 180 autoconf-style HAVE_* definitions. Shame on them. */
@@ -2040,20 +2040,22 @@ libvirt_virConnectBaselineCPU(PyObject *self ATTRIBUTE_UNUSED,
if (PyList_Check(list)) {
int i;
ncpus = PyList_Size(list);
if ((xmlcpus = malloc(ncpus * sizeof(*xmlcpus))) == NULL)
return VIR_PY_INT_FAIL;
for (i = 0; i < ncpus; i++) {
xmlcpus[i] = PyString_AsString(PyList_GetItem(list, i));
- if (xmlcpus[i] == NULL)
+ if (xmlcpus[i] == NULL) {
+ free(xmlcpus);
return VIR_PY_INT_FAIL;
+ }
}
}
LIBVIRT_BEGIN_ALLOW_THREADS;
base_cpu = virConnectBaselineCPU(conn, xmlcpus, ncpus, flags);
LIBVIRT_END_ALLOW_THREADS;
free(xmlcpus);
--
1.7.0.181.g41533
14 years, 9 months
[libvirt] [PATCH 4/4] remote: Detect 'nc' version incompatibilities
by Cole Robinson
This ugly thing is a shell script to detect availability of
the -q option for 'nc': debian and suse based distros need this
flag to ensure the remote nc will exit on EOF, so it will go away
when we close the tunnel. If it doesn't go away, a useless 'nc'
process is left sitting on the remote host.
Fedora's 'nc' doesn't have this option, so we can't blindly pass -q.
More info here:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564034
We also detect the -U option, since some nc versions don't support it, which
has caused quite some user confusion. Connecting to a box and using the
incorrect nc:
virsh --connect qemu+ssh://root@debhost/system?netcat=/bin/nc.traditional
error: server closed connection: /bin/nc.traditional: invalid option -- U
nc -h for help
openbsd nc is required
error: failed to connect to the hypervisor
Test with Fedora 12, RHEL 5.4, and Debian Lenny
---
src/remote/remote_driver.c | 52 ++++++++++++++++++++++++++++++++++++++------
1 files changed, 45 insertions(+), 7 deletions(-)
diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c
index 7f92fd0..c3258d3 100644
--- a/src/remote/remote_driver.c
+++ b/src/remote/remote_driver.c
@@ -732,8 +732,49 @@ doRemoteOpen (virConnectPtr conn,
}
case trans_ssh: {
- int j, nr_args = 6;
+ int j, nr_args = 0;
+ char *nc_command;
+
+ const char *nc_bin = netcat ? netcat : "nc";
+ const char *sock_path = (sockname ? sockname :
+ (flags & VIR_CONNECT_RO
+ ? LIBVIRTD_PRIV_UNIX_SOCKET_RO
+ : LIBVIRTD_PRIV_UNIX_SOCKET));
+
+ /*
+ * Build 'nc' command run on the remote host
+ *
+ * This ugly thing is a shell script to detect availability of
+ * the -q option for 'nc': debian and suse based distros need this
+ * flag to ensure the remote nc will exit on EOF, so it will go away
+ * when we close the tunnel. If it doesn't go away, a useless 'nc'
+ * process is left sitting on the remote host.
+ *
+ * Fedora's 'nc' doesn't have this option, and apparently defaults
+ * to the desired behavior.
+ */
+ const char *nc_detect_template = (
+ "NCOUT=$(%s -U 2>&1);"
+ "echo \"$NCOUT\" | grep -q 'invalid option';"
+ "if [ $? -eq 0 ] ; then"
+ " echo \"$NCOUT\" >&2;"
+ " echo openbsd 'nc' is required >&2;"
+ " exit 1;"
+ "fi;"
+ ""
+ "%s -q 2>&1 | grep -q 'requires an argument';"
+ "if [ $? -eq 0 ] ; then"
+ " CMD='-q 0';"
+ "else"
+ " CMD='';"
+ "fi;"
+ "%s $CMD -U %s;");
+
+ if (virAsprintf(&nc_command, nc_detect_template,
+ nc_bin, nc_bin, nc_bin, sock_path) < 0)
+ goto out_of_memory;
+ nr_args += 4; /* ssh $hostname $netcat_command NULL*/
if (username) nr_args += 2; /* For -l username */
if (no_tty) nr_args += 5; /* For -T -o BatchMode=yes -e none */
if (port) nr_args += 2; /* For -p port */
@@ -765,12 +806,9 @@ doRemoteOpen (virConnectPtr conn,
cmd_argv[j++] = strdup ("none");
}
cmd_argv[j++] = strdup (priv->hostname);
- cmd_argv[j++] = strdup (netcat ? netcat : "nc");
- cmd_argv[j++] = strdup ("-U");
- cmd_argv[j++] = strdup (sockname ? sockname :
- (flags & VIR_CONNECT_RO
- ? LIBVIRTD_PRIV_UNIX_SOCKET_RO
- : LIBVIRTD_PRIV_UNIX_SOCKET));
+
+ cmd_argv[j++] = nc_command;
+
cmd_argv[j++] = 0;
assert (j == nr_args);
for (j = 0; j < (nr_args-1); j++)
--
1.6.5.2
14 years, 9 months
[libvirt] [PATCH] vboxDomainDumpXML: avoid a leak on OOM error path
by Jim Meyering
Yet another...
>From 05e87caf9da26f9038935d7e54b6038b9362875b Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Mon, 15 Feb 2010 20:09:55 +0100
Subject: [PATCH] vboxDomainDumpXML: avoid a leak on OOM error path
* src/vbox/vbox_tmpl.c (vboxDomainDumpXML): Free vboxCallback buffer
upon OOM.
---
src/vbox/vbox_tmpl.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/src/vbox/vbox_tmpl.c b/src/vbox/vbox_tmpl.c
index d1a701e..8a9af52 100644
--- a/src/vbox/vbox_tmpl.c
+++ b/src/vbox/vbox_tmpl.c
@@ -5276,10 +5276,11 @@ static nsresult vboxCallbackQueryInterface(nsISupports *pThis, const nsID *iid,
static IVirtualBoxCallback *vboxAllocCallbackObj(void) {
IVirtualBoxCallback *vboxCallback = NULL;
- /* Allocate, Initialize and return a validi
+ /* Allocate, Initialize and return a valid
* IVirtualBoxCallback object here
*/
if ((VIR_ALLOC(vboxCallback) < 0) || (VIR_ALLOC(vboxCallback->vtbl) < 0)) {
+ VIR_FREE(vboxCallback);
virReportOOMError();
return NULL;
}
--
1.7.0.181.g41533
14 years, 9 months
[libvirt] [PATCH] virNodeDevCapScsiHostParseXML: avoid an unconditional leak
by Jim Meyering
It looks like there may still be error-path leaks (the buffers
pointed to by nodes[i]), but that can wait for another day.
>From c293a97ed55c99c87bc658aaffc10831f8ba8c68 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Mon, 15 Feb 2010 19:54:45 +0100
Subject: [PATCH] virNodeDevCapScsiHostParseXML: avoid an unconditional leak
* src/conf/node_device_conf.c (virNodeDevCapScsiHostParseXML):
Free the "nodes" buffer allocated by virXPathNodeSet.
---
src/conf/node_device_conf.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/conf/node_device_conf.c b/src/conf/node_device_conf.c
index 4b65953..09c0f41 100644
--- a/src/conf/node_device_conf.c
+++ b/src/conf/node_device_conf.c
@@ -797,6 +797,7 @@ virNodeDevCapScsiHostParseXML(xmlXPathContextPtr ctxt,
out:
VIR_FREE(type);
ctxt->node = orignode;
+ VIR_FREE(nodes);
return ret;
}
--
1.7.0.181.g41533
14 years, 9 months
[libvirt] [PATCH] uml_driver.c: avoid leak upon failure
by Jim Meyering
Without this, it looked like every caller (there's only one;
the other use is if-0'd out) could leak the result buffer.
>From 8b8874b956c822562151cb90b1a8950d17b565ac Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Mon, 15 Feb 2010 19:22:38 +0100
Subject: [PATCH] uml_driver.c: avoid leak upon failure
* src/uml/uml_driver.c (umlMonitorCommand): This function would
sometimes return -1, yet fail to free the "reply" it had allocated.
Hence, no caller would know to free the corresponding argument.
When returning -1, be sure to free all allocated resources.
---
src/uml/uml_driver.c | 7 +++++--
1 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/uml/uml_driver.c b/src/uml/uml_driver.c
index 5049c92..10268db 100644
--- a/src/uml/uml_driver.c
+++ b/src/uml/uml_driver.c
@@ -1,7 +1,7 @@
/*
* uml_driver.c: core driver methods for managing UML guests
*
- * Copyright (C) 2006, 2007, 2008, 2009 Red Hat, Inc.
+ * Copyright (C) 2006-2010 Red Hat, Inc.
* Copyright (C) 2006-2008 Daniel P. Berrange
*
* This library is free software; you can redistribute it and/or
@@ -757,7 +757,10 @@ static int umlMonitorCommand(virConnectPtr conn,
VIR_DEBUG("Command reply is '%s'", NULLSTR(retdata));
- *reply = retdata;
+ if (ret < 0)
+ VIR_FREE(retdata);
+ else
+ *reply = retdata;
return ret;
--
1.7.0.181.g41533
14 years, 9 months
[libvirt] [PATCH 2/4] qemu: Make SetVcpu command hotplug only
by Cole Robinson
Similar to the Set*Mem commands, this implementation was bogus and
misleading. Make it clear this is a hotplug only operation, and that the
hotplug piece isn't even implemented.
Also drop the overkill maxvcpus validation: we don't perform this check
at XML define time so clearly no one is missing it, and there is
always the risk that our info will be out of date, possibly preventing
legitimate CPU values.
---
src/qemu/qemu_driver.c | 42 +++++++-----------------------------------
1 files changed, 7 insertions(+), 35 deletions(-)
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 56a450c..ef1f638 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -4100,12 +4100,11 @@ cleanup:
}
-static int qemudDomainSetVcpus(virDomainPtr dom, unsigned int nvcpus) {
+static int qemudDomainSetVcpus(virDomainPtr dom,
+ ATTRIBUTE_UNUSED unsigned int nvcpus) {
struct qemud_driver *driver = dom->conn->privateData;
virDomainObjPtr vm;
- int max;
int ret = -1;
- const char *type;
qemuDriverLock(driver);
vm = virDomainFindByUUID(&driver->domains, dom->uuid);
@@ -4119,41 +4118,14 @@ static int qemudDomainSetVcpus(virDomainPtr dom, unsigned int nvcpus) {
goto cleanup;
}
- if (qemuDomainObjBeginJob(vm) < 0)
+ if (!virDomainObjIsActive(vm)) {
+ qemuReportError(VIR_ERR_OPERATION_INVALID,
+ "%s", _("domain is not running"));
goto cleanup;
-
- if (virDomainObjIsActive(vm)) {
- qemuReportError(VIR_ERR_OPERATION_INVALID, "%s",
- _("cannot change vcpu count of an active domain"));
- goto endjob;
- }
-
- if (!(type = virDomainVirtTypeToString(vm->def->virtType))) {
- qemuReportError(VIR_ERR_INTERNAL_ERROR,
- _("unknown virt type in domain definition '%d'"),
- vm->def->virtType);
- goto endjob;
}
- if ((max = qemudGetMaxVCPUs(NULL, type)) < 0) {
- qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("could not determine max vcpus for the domain"));
- goto endjob;
- }
-
- if (nvcpus > max) {
- qemuReportError(VIR_ERR_INVALID_ARG,
- _("requested vcpus is greater than max allowable"
- " vcpus for the domain: %d > %d"), nvcpus, max);
- goto endjob;
- }
-
- vm->def->vcpus = nvcpus;
- ret = 0;
-
-endjob:
- if (qemuDomainObjEndJob(vm) == 0)
- vm = NULL;
+ qemuReportError(VIR_ERR_NO_SUPPORT,
+ "%s", _("cpu hotplug not yet supported"));
cleanup:
if (vm)
--
1.6.5.2
14 years, 9 months
[libvirt] [PATCH] openvz_driver.c: avoid leak on OOM error path
by Jim Meyering
It looks like openvzFreeDriver cannot call VIR_FREE on its buffer
argument, because of the use in the function that just happens to
be a few lines below. These are the only two uses of openvzFreeDriver.
>From 0a616cd03cca9c9d89f23dadd52cd23c30789aca Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering(a)redhat.com>
Date: Mon, 15 Feb 2010 18:33:38 +0100
Subject: [PATCH] openvz_driver.c: avoid leak on OOM error path
* src/openvz/openvz_driver.c (openvzOpen): Free "driver" buffer
upon failure.
---
src/openvz/openvz_driver.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index 68d0398..3a8a82f 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -1245,22 +1245,23 @@ static virDrvOpenStatus openvzOpen(virConnectPtr conn,
goto cleanup;
if (openvzExtractVersion(conn, driver) < 0)
goto cleanup;
conn->privateData = driver;
return VIR_DRV_OPEN_SUCCESS;
cleanup:
openvzFreeDriver(driver);
+ VIR_FREE(driver);
return VIR_DRV_OPEN_ERROR;
};
static int openvzClose(virConnectPtr conn) {
struct openvz_driver *driver = conn->privateData;
openvzFreeDriver(driver);
conn->privateData = NULL;
return 0;
}
--
1.7.0.181.g41533
14 years, 9 months
[libvirt] [PATCH 3/5] [FIX] macvtap support for libvirt -- qemu support
by Stefan Berger
I needed to fix the case where macvtap support is not to be compiled in.
This part adds support for qemu making a macvtap tap device available
via file descriptor passed to qemu command line. This also attempts to
tear down the macvtap device when a VM terminates. This includes support
for attachment and detachment to/from running VM.
Signed-off-by: Stefan Berger <stefanb(a)us.ibm.com>
14 years, 9 months
[libvirt] [PATCH] Treat missing QEMU 'thread_id' as non-fatal in JSON monitor
by Daniel P. Berrange
The plain QEMU tree does not include 'thread_id' in the JSON
output. Thus we need to treat it as non-fatal if missing.
* src/qemu/qemu_monitor_json.c: Treat missing thread_id as non-fatal
---
src/qemu/qemu_monitor_json.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c
index 9875f38..49e0370 100644
--- a/src/qemu/qemu_monitor_json.c
+++ b/src/qemu/qemu_monitor_json.c
@@ -630,8 +630,9 @@ qemuMonitorJSONExtractCPUInfo(virJSONValuePtr reply,
}
if (virJSONValueObjectGetNumberInt(entry, "thread_id", &thread) < 0) {
- qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("cpu information was missing thread ID"));
+ /* Only qemu-kvm tree includs thread_id, so treat this as
+ non-fatal, simply returning no data */
+ ret = 0;
goto cleanup;
}
--
1.6.6
14 years, 9 months
