[libvirt] [PATCH] conf: Fix crash with cleanup
by Martin Kletzander
There was a crash possible when both <boot dev... and <boot
order... were specified due to virDomainDefParseBootXML() erroring out
before setting *tmp (which was free'd in cleanup). As a fix, I
created this cleanup that uses one pointer for all the temporary
stored XPath strings and values, plus this pointer is correctly
initialized to NULL.
---
src/conf/domain_conf.c | 21 ++++++++++-----------
1 file changed, 10 insertions(+), 11 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 0cea8eb..f0c5d50 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8242,8 +8242,7 @@ virDomainDefParseBootXML(xmlXPathContextPtr ctxt,
{
xmlNodePtr *nodes = NULL;
int i, n;
- char *bootstr, *tmp;
- char *useserial = NULL;
+ char *tmp = NULL;
int ret = -1;
unsigned long deviceBoot, serialPorts;
@@ -8290,23 +8289,23 @@ virDomainDefParseBootXML(xmlXPathContextPtr ctxt,
def->os.bootDevs[0] = VIR_DOMAIN_BOOT_DISK;
}
- bootstr = virXPathString("string(./os/bootmenu[1]/@enable)", ctxt);
- if (bootstr) {
- def->os.bootmenu = virDomainBootMenuTypeFromString(bootstr);
+ tmp = virXPathString("string(./os/bootmenu[1]/@enable)", ctxt);
+ if (tmp) {
+ def->os.bootmenu = virDomainBootMenuTypeFromString(tmp);
if (def->os.bootmenu <= 0) {
/* In order not to break misconfigured machines, this
* should not emit an error, but rather set the bootmenu
* to disabled */
VIR_WARN("disabling bootmenu due to unknown option '%s'",
- bootstr);
+ tmp);
def->os.bootmenu = VIR_DOMAIN_BOOT_MENU_DISABLED;
}
- VIR_FREE(bootstr);
+ VIR_FREE(tmp);
}
- useserial = virXPathString("string(./os/bios[1]/@useserial)", ctxt);
- if (useserial) {
- if (STREQ(useserial, "yes")) {
+ tmp = virXPathString("string(./os/bios[1]/@useserial)", ctxt);
+ if (tmp) {
+ if (STREQ(tmp, "yes")) {
if (virXPathULong("count(./devices/serial)",
ctxt, &serialPorts) < 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
@@ -8318,6 +8317,7 @@ virDomainDefParseBootXML(xmlXPathContextPtr ctxt,
} else {
def->os.bios.useserial = VIR_DOMAIN_BIOS_USESERIAL_NO;
}
+ VIR_FREE(tmp);
}
tmp = virXPathString("string(./os/bios[1]/@rebootTimeout)", ctxt);
@@ -8339,7 +8339,6 @@ virDomainDefParseBootXML(xmlXPathContextPtr ctxt,
cleanup:
VIR_FREE(tmp);
- VIR_FREE(useserial);
VIR_FREE(nodes);
return ret;
}
--
1.7.12.3
12 years, 1 month
[libvirt] Problems using netdev_del+netdev_add w/o corresponding device_del+device_add
by Laine Stump
I am attempting to enhance libvirt's virDomainUpdateDeviceFlags() API to
support changing "just about anything" about the host side of a PCI
network device without actually detaching the PCI device from the guest.
Here is a patch I sent to the libvirt mailing list that I had thought
would accomplish this task:
https://www.redhat.com/archives/libvir-list/2012-October/msg00546.html
I am using qemu-kvm-1.2-0.1.20120806git3e430569.fc17.x86_64 on Fedora 17
for my testing.
Since the host side and guest side are created (and deleted) with
separate monitor commands ("netdev_(add|del)" vs. "device_(add|del)", we
had thought that it would be possible to use netdev_del to disconnect
everything from the host side, [*not disconnect the guest side*], then
create a new tap device and connect it with netdev_add(). And, actually,
the netdev_del+netdev_add sequence does complete without error;
unfortunately, no traffic is visible on the tap device (looking from the
host with tcpdump).
When I modify the patch above to also include the device_del and
device_add monitor calls (with a 3 second delay in between to allow for
the guest's PCI detach to complete), then the device does work properly.
Of course in this case (1) the guest sees the device completely
disappear for a period, then reappear, which is more disruption than I
want, and (2) because qemu has no asynchronous event to notify libvirt
when the guest's PCI detach has actually completed, I have to stick in
an arbitrary call to sleep() which is generally *way* too long, but may
be too short in some cases of extremely high load.
The only comment I got from IRC on Friday afternoon (I know - not a good
time to be looking for people) was that they would be "surprised if it
did work". So, I have the following questions:
1) Should this work?
If it's supposed to work now:
2) can you give hints (aside from watching the qemu monitor commands and
responses with stap) on what I might need to change, or how to further
debug my problem within qemu? (I'm pretty well convinced that the
libvirt code is doing the tap device creation/etc correctly).
3) alternately can you verify that this is a known bug? Is fixing it on
anyone's todo list?
If it's not supposed to work now:
4) Does it sound like a reasonable thing for qemu to support?
5) Is there some other formal way to request addition of this
functionality (aside from figuring it out myself and posting a patch)?
********************************************
For reference, here is the sequence of qemu monitor commands sent by
libvirt to fully detach, then fully reattach a network device. Note that
fd is a newly opened TAP device. Also note the 3 second interval between
the netdev_del and the next command:
96.671 > 0x7f8e20000c90
{"execute":"device_del","arguments":{"id":"net0"},"id":"libvirt-25"}
96.673 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-25"}
96.674 > 0x7f8e20000c90
{"execute":"netdev_del","arguments":{"id":"hostnet0"},"id":"libvirt-26"}
96.695 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-26"}
99.777 > 0x7f8e20000c90
{"execute":"getfd","arguments":{"fdname":"fd-net0"},"id":"libvirt-27"}
(fd=27)
99.777 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-27"}
99.778 > 0x7f8e20000c90
{"execute":"netdev_add","arguments":{"type":"tap","fd":"fd-net0","id":"hostnet0"},"id":"libvirt-28"}
99.778 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-28"}
99.779 > 0x7f8e20000c90
{"execute":"device_add","arguments":{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:d8:bd:b9","bus":"pci.0","addr":"0x4"},"id":"libvirt-29"}
99.780 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-29"}
After this sequence is done, the guest network device is fully functioning.
Here is the sequence sent to disconnect only the host side, then
reconnect it with a new tap device. (although the fd is the same, this
is because the old tap device had already been closed, so the number is
just being used - the same thing happens when doing sequential full
detach/attach cycles, and they all work with no problems):
168.750 > 0x7f8e20000c90
{"execute":"netdev_del","arguments":{"id":"hostnet0"},"id":"libvirt-30"}
168.762 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-30"}
168.800 > 0x7f8e20000c90
{"execute":"getfd","arguments":{"fdname":"fd-net0"},"id":"libvirt-31"}
(fd=27)
168.801 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-31"}
168.801 > 0x7f8e20000c90
{"execute":"netdev_add","arguments":{"type":"tap","fd":"fd-net0","id":"hostnet0"},"id":"libvirt-32"}
168.802 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-32"}
168.802 > 0x7f8e20000c90
{"execute":"set_link","arguments":{"name":"net0","up":true},"id":"libvirt-33"}
168.803 < 0x7f8e20000c90 {"return": {}, "id": "libvirt-33"}
After this sequence is done, everything about the network device
*appears* normal on both the guest and host (at least the things I know
to look at), but no traffic from the host shows up in a tcpdump of the
interface on the guest, and no traffic from the guest shows up in a
tcpdump of the tap device on the host.
Oh - the extra "set_link" command at the end is because I noticed that
the flags shown in ifconfig in the guest switched from:
UP BROADCAST RUNNING MULTICAST
to
UP BROADCAST MULTICAST
when reconnecting in this way, so I was hoping that forcing the
interface up would solve my problems. It didn't :-/ (Another note: I
also tried adding a delay after the netdev_del, and that also did nothing.)
12 years, 1 month
[libvirt] [PATCHv2 0/9] New API to retrieve host node CPU map
by Viktor Mihajlovski
V2 Changes:
Added python binding for virNodeGetCPUMapFlags.
Removed RFC stanza.
---
Viktor Mihajlovski (9):
virNodeGetCPUMapFlags: Define public API.
virNodeGetCPUMapFlags: Define driver API.
virNodeGetCPUMapFlags: Implement public API.
virNodeGetCPUMapFlags: Implement wire protocol.
libvirt.h.in: Add new cpumap macro VIR_CPU_USED
virNodeGetCPUMapFlags: Implement virsh support.
virNodeGetCPUMapFlags: Implement support function in nodeinfo
virNodeGetCPUMapFlags: Implement driver support
virNodeGetCPUMapFlags: Add python binding
daemon/remote.c | 44 ++++++++++++++++++++++++++++++
include/libvirt/libvirt.h.in | 28 ++++++++++++++++---
python/generator.py | 1 +
python/libvirt-override-api.xml | 6 ++++
python/libvirt-override.c | 56 +++++++++++++++++++++++++++++++++++++++
src/driver.h | 7 +++++
src/libvirt.c | 56 +++++++++++++++++++++++++++++++++++++++
src/libvirt_private.syms | 1 +
src/libvirt_public.syms | 5 +++
src/nodeinfo.c | 49 ++++++++++++++++++++++++++++++++++
src/nodeinfo.h | 6 ++++
src/qemu/qemu_driver.c | 1 +
src/remote/remote_driver.c | 49 ++++++++++++++++++++++++++++++++++
src/remote/remote_protocol.x | 13 ++++++++-
src/remote_protocol-structs | 12 ++++++++
src/test/test_driver.c | 30 +++++++++++++++++++++
tools/virsh-host.c | 41 ++++++++++++++++++++++++++++
tools/virsh.pod | 5 +++
18 files changed, 405 insertions(+), 5 deletions(-)
12 years, 1 month
[libvirt] [PATCH] spec: Add runtime requirement for libssh2
by Peter Krempa
libssh2 unfortunately doesn't support symbol versioning so RPM can't
figure out what version is needed for the currently installed libvirt
package. This patch adds a runtime requirement, so that the correct
version of libssh2 can be installed along with libvirt.
---
libvirt.spec.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 75623eb..bc6a1af 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -500,6 +500,7 @@ BuildRequires: libcap-ng-devel >= 0.5.0
%if %{with_phyp} || %{with_libssh2_transport}
%if %{with_libssh2_transport}
BuildRequires: libssh2-devel >= 1.3.0
+Requires: libssh2 >= 1.3.0
%else
BuildRequires: libssh2-devel
%endif
--
1.7.12.3
12 years, 1 month
[libvirt] [PATCH] selinux: Use raw contexts 2
by Martin Kletzander
In commit 9674f2c637114fa6ac0680fe5658a41a62bb34a8, I forgot to change
selabel_lookup with the other functions, so this one-liner does exactly
that.
---
src/security/security_selinux.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 10135ed..e6fba21 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -861,7 +861,7 @@ getContext(const char *newpath, mode_t mode, security_context_t *fcon)
if (handle == NULL)
return -1;
- ret = selabel_lookup(handle, fcon, newpath, mode);
+ ret = selabel_lookup_raw(handle, fcon, newpath, mode);
selabel_close(handle);
return ret;
#else
--
1.7.12.3
12 years, 1 month
[libvirt] Connection using Java
by Felipe Oliveira Gutierrez
Hi,
I am using java to connect to the xen, but my class is throwing a
exception. Does anyone know what is happening?
public class TestConnection {
public static void main(String[] args) {
Connect conn = null;
try {
conn = new Connect("xen+ssh://root@192.XXX.XXX.XX/", true);
libvir: RPC error : End of file while reading data: nc: invalid option --
'U'
nc -h for help: Input/output error
exception caught:org.libvirt.LibvirtException: End of file while reading
data: nc: invalid option -- 'U'
nc -h for help: Input/output error
level:VIR_ERR_ERROR
code:VIR_ERR_SYSTEM_ERROR
domain:VIR_FROM_RPC
hasConn:false
hasDom:false
hasNet:false
message:End of file while reading data: nc: invalid option -- 'U'
nc -h for help: Input/output error
str1:%s
str2:End of file while reading data: nc: invalid option -- 'U'
nc -h for help: Input/output error
str3:null
int1:-1
int2:-1
Thanks,
Felipe
--
*-- Felipe Oliveira Gutierrez*
*-- **lipe.82(a)gmail.com* <lipe.82(a)gmail.com>
*-- https://sites.google.com/site/lipe82/Home/diaadia*
12 years, 1 month
[libvirt] CPU utilization between physical CPU and virtual CPU in KVM
by Dennis Chen
Hi All,
I am confused by the following observed scenario:
In my 4-CPU (KVM supported, 2 core with 2 thread for each) host
machine box, I create only one VM with 3-vCPU through virsh/libvirt
tools and also I pin this VM process to the physical processor 3. I
guess the CPU utilization for the processor 3 will not exceed 100%,
then I create 3 process (dead loop-- while(1);) and bind each of them
to vCPU[0-2] respectively, through the "top -c" command in VM
environment, I can see the CPU utilization for each of the vCPU is
about 100%, but interesting, I found that the CPU utilization of
processor 3 in the host machine is about 300% with "toc -c" command.
why does a single process bound to a CPU can get ~300% cpu bandwidth
in this case, does the kernel scheduler dispatch the idle cycle
capacity of the CPUs to the virtual CPU of the VM, other word, the
scheduler knows the vCPU info in the VM process?
For the same case, if I create another 4 new dead-loop processes and
bind them to the physical CPU[0-3] equally, then I find the vCPU0/1 in
VM will not be 100%, eg. 32%, (I think the scheduler in the guest OS
doesn't know it's running in a virtual environment, so the utilization
of the vCPU will not change to adapt to the physical processor
utilization, but it did, why?
-org-gnu
12 years, 1 month
[libvirt] necessary to limit container's network bandwidth when use physical nic in container?
by Gao feng
we can use tc to limit container's network bandwidth when the container uses veth device.
because one of the veth devices will be seen in the host.so we can set tc rules on this
device on the host.
I want to know if it's necessary to limit container's network bandwidth when the container
uses a physical nic device. because this nic device is only used by this container.
And if this is necessary,Be there any good idea?
Thanks!
12 years, 1 month
[libvirt] Proposed libguestfs API for implementing libvirt virConnectOpenAuth
by Richard W.M. Jones
As in the example code below.
static void
do_auth (guestfs_h *g,
void *opaque,
uint64_t event,
int event_handle,
int flags,
const char *buf, size_t buf_len,
const uint64_t *array, size_t array_len)
{
char **creds;
size_t i;
char *prompt;
char *reply;
size_t replylen;
// buf will be the libvirt URI. It is always \0-terminated so
// buf_len can be ignored in this case.
printf ("Authentication required for libvirt connection '%s'\n", buf);
// Ask libguestfs what credentials libvirt is demanding.
creds = guestfs_get_libvirt_requested_credentials (g);
// Now ask the user for answers.
for (i = 0; creds[i] != NULL; ++i) {
if (strcmp (creds[i], "authname") == 0 ||
strcmp (creds[i], "passphrase") == 0) {
prompt = guestfs_get_libvirt_requested_credential_prompt (g, i);
printf ("%s: ", prompt);
free (prompt);
// ...
// Input from user is in 'reply', length 'replylen' (bytes).
guestfs_set_libvirt_requested_credential (g, i, reply, replylen);
}
free (creds[i]);
}
free (creds);
// On return from this function (libguestfs event), the libvirt
// event returns too.
}
// ...
{
guestfs_h *g;
char *creds[] = { "authname", "passphrase", NULL };
g = guestfs_create ();
guestfs_set_libvirt_supported_credentials (g, creds);
guestfs_set_event_callback (g, do_auth,
GUESTFS_EVENT_LIBVIRT_AUTH, 0, NULL);
// An example of a function that would open a libvirt connection:
guestfs_add_domain (g, "dom",
GUESTFS_ADD_DOMAIN_LIBVIRTURI, "qemu:///system",
-1);
}
----------------------------------------------------------------------
By the way, some of the virt tools can open multiple connections to
libvirt, and it is architecturally hard to change this:
https://www.redhat.com/archives/libguestfs/2012-October/msg00065.html
Does libvirt (or policy kit?) provide any mechanism for caching these
credentials within the same process, so that we don't have to provide
the same creds back to libvirt for multiple connections?
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
12 years, 1 month
[libvirt] [PATCH V1] qemu-attach: Calculate index value if not already specified
by Supriya Kannery
virsh qemu-attach fails if user has not specified values
for index/unit/bus for a drive in qemu commandline. Set default
values instead of returning error.
Signed-off-by: Supriya Kannery <supriyak(a)linux.vnet.ibm.com>
---
src/qemu/qemu_command.c | 10 ----------
1 files changed, 0 insertions(+), 10 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 09f412e..8ba67a1 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -7130,16 +7130,6 @@ qemuParseCommandLineDisk(virCapsPtr caps,
def->bus == VIR_DOMAIN_DISK_BUS_VIRTIO)
idx = nvirtiodisk;
- if (idx == -1 &&
- unitid == -1 &&
- busid == -1) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("missing index/unit/bus parameter in drive '%s'"), val);
- virDomainDiskDefFree(def);
- def = NULL;
- goto cleanup;
- }
-
if (idx == -1) {
if (unitid == -1)
unitid = 0;
12 years, 1 month
