[libvirt] [PATCH] test: Add JSON test for query-tpm-types
by Stefan Berger
Add a test case for query-tpm-models QMP command.
Signed-off-by: Stefan Berger <stefanb(a)linux.vnet.ibm.com>
---
tests/qemumonitorjsontest.c | 55
++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
Index: libvirt/tests/qemumonitorjsontest.c
===================================================================
--- libvirt.orig/tests/qemumonitorjsontest.c
+++ libvirt/tests/qemumonitorjsontest.c
@@ -25,6 +25,7 @@
#include "qemu/qemu_conf.h"
#include "virthread.h"
#include "virerror.h"
+#include "virstring.h"
#define VIR_FROM_THIS VIR_FROM_NONE
@@ -440,6 +441,59 @@ cleanup:
static int
+testQemuMonitorJSONGetTPMModels(const void *data)
+{
+ virDomainXMLOptionPtr xmlopt = (virDomainXMLOptionPtr)data;
+ qemuMonitorTestPtr test = qemuMonitorTestNew(true, xmlopt);
+ int ret = -1;
+ char **tpmmodels = NULL;
+ int ntpmmodels = 0;
+
+ if (!test)
+ return -1;
+
+ if (qemuMonitorTestAddItem(test, "query-tpm-models",
+ "{ "
+ " \"return\": [ "
+ " \"passthrough\""
+ " ]"
+ "}") < 0)
+ goto cleanup;
+
+ if ((ntpmmodels =
qemuMonitorGetTPMModels(qemuMonitorTestGetMonitor(test),
+ &tpmmodels)) < 0)
+ goto cleanup;
+
+ if (ntpmmodels != 1) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "ntpmmodels %d is not 1", ntpmmodels);
+ goto cleanup;
+ }
+
+#define CHECK(i, wantname) \
+ do { \
+ if (STRNEQ(tpmmodels[i], (wantname)))
{ \
+ virReportError(VIR_ERR_INTERNAL_ERROR, \
+ "name %s is not %s", \
+ tpmmodels[i],
(wantname)); \
+ goto cleanup; \
+ } \
+ } while (0)
+
+ CHECK(0, "passthrough");
+
+#undef CHECK
+
+ ret = 0;
+
+cleanup:
+ qemuMonitorTestFree(test);
+ virStringFreeList(tpmmodels);
+ return ret;
+}
+
+
+static int
mymain(void)
{
int ret = 0;
@@ -465,6 +519,7 @@ mymain(void)
DO_TEST(GetMachines);
DO_TEST(GetCPUDefinitions);
DO_TEST(GetCommands);
+ DO_TEST(GetTPMModels);
virObjectUnref(xmlopt);
11 years, 7 months
[libvirt] [PATCH 0/7] SPICE autoport improvements
by Peter Krempa
This series improves handling of automatic port allocation for spice consoles.
Peter Krempa (7):
qemu: Split out code to generate SPICE command line
qemu: Split out code to generate VNC command line
qemu: Use switch instead of ifs in qemuBuildGraphicsCommandLine
qemu: Split out SPICE port allocation into a separate function
conf: spice: Do more automation if autoport is requested
qemu: Do sensible auto allocation of SPICE port numbers
qemu: Improve handling of channels when generating SPICE command line
docs/formatdomain.html.in | 2 +-
src/conf/domain_conf.c | 5 -
src/conf/domain_conf.h | 2 +-
src/qemu/qemu_command.c | 582 +++++++++++----------
src/qemu/qemu_process.c | 117 +++--
.../qemuxml2argv-controller-order.args | 2 +-
.../qemuxml2argv-graphics-spice-timeout.args | 2 +-
7 files changed, 408 insertions(+), 304 deletions(-)
--
1.8.2.1
11 years, 7 months
[libvirt] [PATCH] qemu_command.c: Fix whitespacing within for()
by Michal Privoznik
After 9d6e56db the syntax-check was unhappy due to wrong whitespacing:
src/qemu/qemu_command.c:1637: for ( ; a.slot < QEMU_PCI_ADDRESS_SLOT_LAST; a.slot++) {
maint.mk: incorrect whitespace around brackets, see HACKING for rules
make: *** [bracket-spacing-check] Error 1
---
Pushed under trivial rule.
src/qemu/qemu_command.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 50281be..1c48cbb 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1634,7 +1634,7 @@ qemuDomainPCIAddressGetNextSlot(qemuDomainPCIAddressSetPtr addrs,
/* Start the search at the last used bus and slot */
for (a.slot++; a.bus < addrs->nbuses; a.bus++) {
- for ( ; a.slot < QEMU_PCI_ADDRESS_SLOT_LAST; a.slot++) {
+ for (; a.slot < QEMU_PCI_ADDRESS_SLOT_LAST; a.slot++) {
if (!qemuDomainPCIAddressSlotInUse(addrs, &a))
goto success;
--
1.8.1.5
11 years, 7 months
[libvirt] [PATCH v3 0/5] qemu: add PCI bridge support
by Ján Tomko
Add new 'pci' controller type with two models:
pci-root - auto-added to machines with implicit pci bus
pci-bridge - auto-added if the devices would not leave
at least one slot empty on bus 0 or bus >0 is specified
v3:
moved the implicit PCI root addition to qemu's post parse
callback,
added an xml -> xml test and schema validation
rewrote implicit controller removal and search for free slots
check for multiple pci controllers with the same index
added documentation
Ján Tomko (4):
qemu: call post-parse callbacks when parsing command line too
conf: add PCI controllers
qemu: auto-add pci-root controller for pc machine types
qemu: auto-add bridges and allow using them
liguang (1):
qemu: build command line for pci-bridge device
docs/formatdomain.html.in | 22 +-
docs/schemas/domaincommon.rng | 12 +
src/conf/domain_conf.c | 51 +++-
src/conf/domain_conf.h | 20 ++
src/libvirt_private.syms | 2 +
src/qemu/qemu_capabilities.c | 3 +
src/qemu/qemu_capabilities.h | 1 +
src/qemu/qemu_command.c | 296 +++++++++++++++++----
src/qemu/qemu_command.h | 5 +-
src/qemu/qemu_domain.c | 67 ++++-
tests/domainsnapshotxml2xmlout/disk_snapshot.xml | 1 +
tests/domainsnapshotxml2xmlout/external_vm.xml | 1 +
tests/domainsnapshotxml2xmlout/full_domain.xml | 1 +
tests/domainsnapshotxml2xmlout/metadata.xml | 1 +
tests/qemuhelptest.c | 21 +-
.../qemuxml2argvdata/qemuxml2argv-blkdeviotune.xml | 1 +
.../qemuxml2argv-blkiotune-device.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-blkiotune.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-boot-cdrom.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-boot-floppy.xml | 3 +
.../qemuxml2argv-boot-menu-disable.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-boot-multi.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-boot-network.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-boot-order.xml | 1 +
.../qemuxml2argv-channel-guestfwd.xml | 1 +
.../qemuxml2argv-channel-virtio.xml | 1 +
.../qemuxml2argv-clock-localtime.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-clock-utc.xml | 2 +
.../qemuxml2argv-console-compat.xml | 2 +
.../qemuxml2argv-console-virtio-many.xml | 1 +
.../qemuxml2argv-cpu-eoi-disabled.xml | 1 +
.../qemuxml2argv-cpu-eoi-enabled.xml | 1 +
.../qemuxml2argv-cpu-host-kvmclock.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-cpu-kvmclock.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-cputune.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-disk-aio.xml | 1 +
.../qemuxml2argv-disk-cdrom-empty.xml | 3 +
tests/qemuxml2argvdata/qemuxml2argv-disk-cdrom.xml | 3 +
.../qemuxml2argv-disk-drive-boot-cdrom.xml | 3 +
.../qemuxml2argv-disk-drive-boot-disk.xml | 3 +
.../qemuxml2argv-disk-drive-cache-directsync.xml | 1 +
.../qemuxml2argv-disk-drive-cache-unsafe.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v1-none.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v1-wb.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v1-wt.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v2-none.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v2-wb.xml | 1 +
.../qemuxml2argv-disk-drive-cache-v2-wt.xml | 1 +
...muxml2argv-disk-drive-error-policy-enospace.xml | 1 +
.../qemuxml2argv-disk-drive-error-policy-stop.xml | 1 +
...rgv-disk-drive-error-policy-wreport-rignore.xml | 1 +
.../qemuxml2argv-disk-drive-fat.xml | 1 +
.../qemuxml2argv-disk-drive-fmt-qcow.xml | 1 +
.../qemuxml2argv-disk-drive-network-gluster.xml | 1 +
.../qemuxml2argv-disk-drive-network-iscsi-auth.xml | 1 +
.../qemuxml2argv-disk-drive-network-iscsi.xml | 1 +
.../qemuxml2argv-disk-drive-network-nbd-export.xml | 1 +
...xml2argv-disk-drive-network-nbd-ipv6-export.xml | 1 +
.../qemuxml2argv-disk-drive-network-nbd-ipv6.xml | 1 +
.../qemuxml2argv-disk-drive-network-nbd-unix.xml | 1 +
.../qemuxml2argv-disk-drive-network-nbd.xml | 1 +
...emuxml2argv-disk-drive-network-rbd-ceph-env.xml | 2 +
.../qemuxml2argv-disk-drive-network-rbd-ipv6.xml | 1 +
.../qemuxml2argv-disk-drive-network-rbd.xml | 1 +
.../qemuxml2argv-disk-drive-network-sheepdog.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-disk-floppy.xml | 4 +
tests/qemuxml2argvdata/qemuxml2argv-disk-many.xml | 5 +
.../qemuxml2argvdata/qemuxml2argv-disk-mirror.xml | 1 +
.../qemuxml2argv-disk-scsi-device.xml | 1 +
.../qemuxml2argv-disk-scsi-disk-vpd.xml | 1 +
...qemuxml2argv-disk-scsi-lun-passthrough-sgio.xml | 1 +
.../qemuxml2argv-disk-scsi-megasas.xml | 1 +
.../qemuxml2argv-disk-scsi-virtio-scsi.xml | 1 +
.../qemuxml2argv-disk-scsi-vscsi.xml | 1 +
.../qemuxml2argv-disk-source-pool.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-disk-usb.xml | 3 +
.../qemuxml2argv-disk-virtio-scsi-num_queues.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-disk-virtio.xml | 5 +
.../qemuxml2argvdata/qemuxml2argv-disk-xenvbd.xml | 5 +
.../qemuxml2argv-encrypted-disk.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-eoi-disabled.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-eoi-enabled.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-event_idx.xml | 1 +
.../qemuxml2argv-floppy-drive-fat.xml | 1 +
.../qemuxml2argv-graphics-listen-network.xml | 1 +
.../qemuxml2argv-graphics-sdl-fullscreen.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-graphics-sdl.xml | 2 +
.../qemuxml2argv-graphics-spice-compression.xml | 1 +
.../qemuxml2argv-graphics-spice-qxl-vga.xml | 1 +
.../qemuxml2argv-graphics-spice.xml | 1 +
.../qemuxml2argv-graphics-vnc-sasl.xml | 2 +
.../qemuxml2argv-graphics-vnc-socket.xml | 2 +
.../qemuxml2argv-graphics-vnc-tls.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-graphics-vnc.xml | 2 +
.../qemuxml2argv-hostdev-pci-address.xml | 2 +
.../qemuxml2argv-hostdev-usb-address.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-hyperv.xml | 1 +
.../qemuxml2argv-input-usbmouse.xml | 2 +
.../qemuxml2argv-input-usbtablet.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-kvmclock.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-lease.xml | 1 +
.../qemuxml2argv-machine-core-off.xml | 2 +
.../qemuxml2argv-machine-core-on.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-migrate.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-minimal.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-misc-acpi.xml | 2 +
.../qemuxml2argv-misc-disable-s3.xml | 2 +
.../qemuxml2argv-misc-disable-suspends.xml | 2 +
.../qemuxml2argv-misc-enable-s4.xml | 2 +
.../qemuxml2argv-misc-no-reboot.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-misc-uuid.xml | 2 +
.../qemuxml2argv-net-bandwidth.xml | 1 +
.../qemuxml2argv-net-eth-ifname.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-net-eth.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-net-hostdev.xml | 1 +
.../qemuxml2argv-net-openvswitch.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-net-user.xml | 2 +
.../qemuxml2argv-net-virtio-device.xml | 1 +
.../qemuxml2argv-net-virtio-network-portgroup.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-net-virtio.xml | 2 +
.../qemuxml2argv-nographics-vga.xml | 2 +
.../qemuxml2argv-numad-static-vcpu-no-numatune.xml | 1 +
.../qemuxml2argvdata/qemuxml2argv-parallel-tcp.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-pci-bridge.xml | 210 +++++++++++++++
tests/qemuxml2argvdata/qemuxml2argv-pci-rom.xml | 1 +
.../qemuxml2argv-qemu-ns-no-env.xml | 2 +
.../qemuxml2argv-reboot-timeout-disabled.xml | 1 +
.../qemuxml2argv-reboot-timeout-enabled.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-restore-v1.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-restore-v2.xml | 2 +
.../qemuxml2argv-seclabel-dynamic-baselabel.xml | 1 +
.../qemuxml2argv-seclabel-dynamic-override.xml | 1 +
.../qemuxml2argv-seclabel-none.xml | 1 +
.../qemuxml2argv-seclabel-static.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-serial-dev.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-serial-file.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-serial-many.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-serial-pty.xml | 2 +
.../qemuxml2argv-serial-tcp-telnet.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-serial-tcp.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-serial-udp.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-serial-unix.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-serial-vc.xml | 2 +
tests/qemuxml2argvdata/qemuxml2argv-smp.xml | 2 +
.../qemuxml2argvdata/qemuxml2argv-sound-device.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-sound.xml | 2 +
.../qemuxml2argv-tpm-passthrough.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-usb-redir.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-virtio-lun.xml | 1 +
.../qemuxml2argv-virtio-rng-egd.xml | 1 +
.../qemuxml2argv-virtio-rng-random.xml | 1 +
tests/qemuxml2argvdata/qemuxml2argv-watchdog.xml | 2 +
.../qemuxml2xmlout-balloon-device-auto.xml | 1 +
.../qemuxml2xmlout-channel-virtio-auto.xml | 1 +
.../qemuxml2xmlout-console-compat-auto.xml | 1 +
.../qemuxml2xmlout-console-virtio.xml | 1 +
.../qemuxml2xmlout-disk-mirror.xml | 1 +
.../qemuxml2xmlout-disk-scsi-device-auto.xml | 1 +
.../qemuxml2xmlout-graphics-listen-network2.xml | 1 +
.../qemuxml2xmlout-graphics-spice-timeout.xml | 1 +
.../qemuxml2xmloutdata/qemuxml2xmlout-memtune.xml | 1 +
.../qemuxml2xmloutdata/qemuxml2xmlout-metadata.xml | 1 +
...emuxml2xmlout-numad-auto-memory-vcpu-cpuset.xml | 1 +
...ad-auto-memory-vcpu-no-cpuset-and-placement.xml | 1 +
.../qemuxml2xmlout-numad-auto-vcpu-no-numatune.xml | 1 +
.../qemuxml2xmlout-serial-target-port-auto.xml | 1 +
.../qemuxml2xmlout-usb-ich9-ehci-addr.xml | 1 +
tests/qemuxml2xmltest.c | 1 +
169 files changed, 870 insertions(+), 70 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-pci-bridge.xml
--
1.8.1.5
11 years, 7 months
[libvirt] [PATCH] qemu_conf: Don't discard strdup OOM error
by Michal Privoznik
After 78d7c3c5 we are strdup()-ing path to qemu-bridge-helper.
However, the check for its return value is missing. So it is
possible we've ignored the OOM error silently.
---
src/qemu/qemu_conf.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index e9a3407..7c3f317 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -241,7 +241,8 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
}
}
#endif
- cfg->bridgeHelperName = strdup("/usr/libexec/qemu-bridge-helper");
+ if (!(cfg->bridgeHelperName = strdup("/usr/libexec/qemu-bridge-helper")))
+ goto no_memory;
cfg->clearEmulatorCapabilities = true;
--
1.8.1.5
11 years, 7 months
[libvirt] Virtual machine using the encrypted image fail to migrate by libvirt
by yongcheng.wu@i-soft.com.cn
The qemu-kvm and libvirt migration process is as follows:
e.g: migrate from VM1 to VM2
(1)virtual machine migration process by qemu-kvm (qemu-kvm-0.12.1.2-2.209.el6)is as follows:
==>VM1
1.set password
2.continue
==>VM2
3.start and wait for migration(--incoming)
==>VM1
4.migrating
5.migrate finish
6.close VM1
==>VM2
7.clear password
8.set password
9.continue
(2)virtual machine migration process by libvirt is as follows:
==>VM1
1.set password
2.continue
==>VM2
3.start (--incoming)
4.set password
5.wait for migration
==>VM1
6.migrating
7.migrate finish
8.close VM1
==>VM2
9.clear password (here we lost the password !!)
10.continue
The migration process by libvirt will cause the migrate fail, because qemu-kvm will clear password before it continues. So, I move step 4 just before step 10.
Here is the patch:
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index 6ad1c30..8cb8fdc 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -169,6 +169,10 @@ struct _qemuMigrationCookie {
qemuMigrationCookieNBDPtr nbd;
};
+extern int qemuProcessInitPasswords(virConnectPtr conn,
+ virQEMUDriverPtr driver,
+ virDomainObjPtr vm);
+
static void qemuMigrationCookieGraphicsFree(qemuMigrationCookieGraphicsPtr grap)
{
if (!grap)
@@ -4002,6 +4006,10 @@ qemuMigrationFinish(virQEMUDriverPtr driver,
* >= 0.10.6 to work properly. This isn't strictly necessary on
* older qemu's, but it also doesn't hurt anything there
*/
+ /* we will set password here */
+ if (qemuProcessInitPasswords(dconn, driver, vm) < 0)
+ virReportError(VIR_ERR_INTERNAL_ERROR,"%s", _("init passwords failed"));
+
if (qemuProcessStartCPUs(driver, vm, dconn,
VIR_DOMAIN_RUNNING_MIGRATED,
QEMU_ASYNC_JOB_MIGRATION_IN) < 0) {
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 925939d..093e638 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -73,6 +73,11 @@
#define ATTACH_POSTFIX ": attaching\n"
#define SHUTDOWN_POSTFIX ": shutting down\n"
+int qemuProcessInitPasswords(virConnectPtr conn,
+ virQEMUDriverPtr driver,
+ virDomainObjPtr vm);
+
+
/**
* qemuProcessRemoveDomainStatus
*
@@ -1981,8 +1986,7 @@ qemuProcessSetEmulatorAffinities(virConnectPtr conn ATTRIBUTE_UNUSED,
return ret;
}
-static int
-qemuProcessInitPasswords(virConnectPtr conn,
+int qemuProcessInitPasswords(virConnectPtr conn,
virQEMUDriverPtr driver,
virDomainObjPtr vm)
{
@@ -3828,8 +3832,11 @@ int qemuProcessStart(virConnectPtr conn,
goto cleanup;
VIR_DEBUG("Setting any required VM passwords");
- if (qemuProcessInitPasswords(conn, driver, vm) < 0)
- goto cleanup;
+ /* if it is migration , we will not set password here */
+ if (!migrateFrom){
+ if (qemuProcessInitPasswords(conn, driver, vm) < 0)
+ goto cleanup;
+ }
/* If we have -device, then addresses are assigned explicitly.
* If not, then we have to detect dynamic ones here */
11 years, 7 months
[libvirt] [PATCH v6 1/1] qemu: Add command line builder and parser for NVRAM.
by Li Zhang
From: Li Zhang <zhlcindy(a)linux.vnet.ibm.com>
This patch is to add command line builder and parser
for NVRAM device, and add test cases.
Signed-off-by: Li Zhang <zhlcindy(a)linux.vnet.ibm.com>
---
v6 -> v5:
* Add test cases data files.
src/qemu/qemu_capabilities.c | 3 +
src/qemu/qemu_capabilities.h | 2 +
src/qemu/qemu_command.c | 88 +++++++++++++++++++++-
tests/qemuargv2xmltest.c | 2 +
.../qemuxml2argv-pseries-nvram.args | 5 ++
.../qemuxml2argv-pseries-nvram.xml | 23 ++++++
tests/qemuxml2argvtest.c | 1 +
tests/qemuxml2xmltest.c | 2 +
8 files changed, 123 insertions(+), 3 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.xml
diff --git a/src/qemu/qemu_capabilities.c b/src/qemu/qemu_capabilities.c
index ef291c0..1d54477 100644
--- a/src/qemu/qemu_capabilities.c
+++ b/src/qemu/qemu_capabilities.c
@@ -220,6 +220,8 @@ VIR_ENUM_IMPL(virQEMUCaps, QEMU_CAPS_LAST,
"machine-usb-opt",
"tpm-passthrough",
"tpm-tis",
+
+ "nvram", /* 140 */
);
struct _virQEMUCaps {
@@ -1347,6 +1349,7 @@ struct virQEMUCapsStringFlags virQEMUCapsObjectTypes[] = {
{ "virtio-rng-ccw", QEMU_CAPS_DEVICE_VIRTIO_RNG },
{ "rng-random", QEMU_CAPS_OBJECT_RNG_RANDOM },
{ "rng-egd", QEMU_CAPS_OBJECT_RNG_EGD },
+ { "spapr-nvram", QEMU_CAPS_DEVICE_NVRAM },
};
static struct virQEMUCapsStringFlags virQEMUCapsObjectPropsVirtioBlk[] = {
diff --git a/src/qemu/qemu_capabilities.h b/src/qemu/qemu_capabilities.h
index 4e76799..85f47c4 100644
--- a/src/qemu/qemu_capabilities.h
+++ b/src/qemu/qemu_capabilities.h
@@ -179,6 +179,8 @@ enum virQEMUCapsFlags {
QEMU_CAPS_DEVICE_TPM_PASSTHROUGH = 138, /* -tpmdev passthrough */
QEMU_CAPS_DEVICE_TPM_TIS = 139, /* -device tpm_tis */
+ QEMU_CAPS_DEVICE_NVRAM = 140, /*-global spapr-nvram.reg=xxxx*/
+
QEMU_CAPS_LAST, /* this must always be the last item */
};
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 009d42d..41b8d78 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -53,6 +53,10 @@
#define VIR_FROM_THIS VIR_FROM_QEMU
+#define VIO_ADDR_NET 0x1000ul
+#define VIO_ADDR_SCSI 0x2000ul
+#define VIO_ADDR_SERIAL 0x30000000ul
+#define VIO_ADDR_NVRAM 0x3000ul
VIR_ENUM_DECL(virDomainDiskQEMUBus)
VIR_ENUM_IMPL(virDomainDiskQEMUBus, VIR_DOMAIN_DISK_BUS_LAST,
@@ -1148,7 +1152,7 @@ int qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def,
STREQ(def->nets[i]->model, "spapr-vlan"))
def->nets[i]->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
if (qemuAssignSpaprVIOAddress(def, &def->nets[i]->info,
- 0x1000ul) < 0)
+ VIO_ADDR_NET) < 0)
goto cleanup;
}
@@ -1163,7 +1167,7 @@ int qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def,
def->controllers[i]->type == VIR_DOMAIN_CONTROLLER_TYPE_SCSI)
def->controllers[i]->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
if (qemuAssignSpaprVIOAddress(def, &def->controllers[i]->info,
- 0x2000ul) < 0)
+ VIO_ADDR_SCSI) < 0)
goto cleanup;
}
@@ -1173,7 +1177,16 @@ int qemuDomainAssignSpaprVIOAddresses(virDomainDefPtr def,
STREQ(def->os.machine, "pseries"))
def->serials[i]->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
if (qemuAssignSpaprVIOAddress(def, &def->serials[i]->info,
- 0x30000000ul) < 0)
+ VIO_ADDR_SERIAL) < 0)
+ goto cleanup;
+ }
+
+ if (def->nvram) {
+ if (def->os.arch == VIR_ARCH_PPC64 &&
+ STREQ(def->os.machine, "pseries"))
+ def->nvram->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
+ if (qemuAssignSpaprVIOAddress(def, &def->nvram->info,
+ VIO_ADDR_NVRAM) < 0)
goto cleanup;
}
@@ -3969,6 +3982,32 @@ error:
return NULL;
}
+static char *
+qemuBuildNVRAMDevStr(virDomainNVRAMDefPtr dev)
+{
+ virBuffer buf = VIR_BUFFER_INITIALIZER;
+
+ if (dev->info.type == VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO &&
+ dev->info.addr.spaprvio.has_reg) {
+ virBufferAsprintf(&buf, "spapr-nvram.reg=0x%llx",
+ dev->info.addr.spaprvio.reg);
+ } else {
+ virReportError(VIR_ERR_XML_ERROR,
+ "%s", _("NVRAM address only can be spaprvio currently.\n"));
+ goto error;
+ }
+
+ if (virBufferError(&buf)) {
+ virReportOOMError();
+ goto error;
+ }
+
+ return virBufferContentAndReset(&buf);
+
+error:
+ virBufferFreeAndReset(&buf);
+ return NULL;
+}
char *
qemuBuildUSBInputDevStr(virDomainInputDefPtr dev,
@@ -7776,6 +7815,30 @@ qemuBuildCommandLine(virConnectPtr conn,
goto error;
}
+ if (def->nvram) {
+ if (def->os.arch == VIR_ARCH_PPC64 &&
+ STREQ(def->os.machine, "pseries")) {
+ if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_DEVICE_NVRAM)) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s", _("NVRAM device is not available "
+ " with this QEMU binary"));
+ goto error;
+ }
+
+ char *optstr;
+ virCommandAddArg(cmd, "-global");
+ optstr = qemuBuildNVRAMDevStr(def->nvram);
+ if (!optstr)
+ goto error;
+ if (optstr)
+ virCommandAddArg(cmd, optstr);
+ VIR_FREE(optstr);
+ } else {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+ _("NVRAM device is only supported for PPC64"));
+ goto error;
+ }
+ }
if (snapshot)
virCommandAddArgList(cmd, "-loadvm", snapshot->def->name, NULL);
@@ -9884,6 +9947,25 @@ virDomainDefPtr qemuParseCommandLine(virCapsPtr qemuCaps,
goto error;
}
+ } else if (STREQ(arg, "-global") &&
+ STRPREFIX(progargv[i + 1], "spapr-nvram.reg=")) {
+
+ WANT_VALUE();
+
+ if (VIR_ALLOC(def->nvram) < 0)
+ goto no_memory;
+
+ def->nvram->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_SPAPRVIO;
+ def->nvram->info.addr.spaprvio.has_reg = true;
+
+ val += strlen("spapr-nvram.reg=");
+ if (virStrToLong_ull(val, NULL, 16,
+ &def->nvram->info.addr.spaprvio.reg) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("cannot parse nvram's address:"
+ "'%s'"), val);
+ goto error;
+ }
} else if (STREQ(arg, "-S")) {
/* ignore, always added by libvirt */
} else {
diff --git a/tests/qemuargv2xmltest.c b/tests/qemuargv2xmltest.c
index ee6c7a9..9f1bb24 100644
--- a/tests/qemuargv2xmltest.c
+++ b/tests/qemuargv2xmltest.c
@@ -244,6 +244,8 @@ mymain(void)
DO_TEST("hyperv");
+ DO_TEST("pseries-nvram");
+
DO_TEST_FULL("restore-v1", 0, "stdio");
DO_TEST_FULL("restore-v2", 0, "stdio");
DO_TEST_FULL("restore-v2", 0, "exec:cat");
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.args b/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.args
new file mode 100644
index 0000000..2215796
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.args
@@ -0,0 +1,5 @@
+LC_ALL=C PATH=/bin HOME=/home/test USER=test LOGNAME=test /usr/bin/qemu-system-ppc64 \
+-S -M pseries -m 512 -smp 1 -nographic \
+-monitor unix:/tmp/test-monitor,server,nowait \
+-no-acpi -boot c -usb -net none -serial none -parallel none \
+-global spapr-nvram.reg=0x4000
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.xml b/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.xml
new file mode 100644
index 0000000..bead7e7
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-pseries-nvram.xml
@@ -0,0 +1,23 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>1ccfd97d-5eb4-478a-bbe6-88d254c16db7</uuid>
+ <memory unit='KiB'>524288</memory>
+ <currentMemory unit='KiB'>524288</currentMemory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='ppc64' machine='pseries'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <clock offset='utc'/>
+ <on_poweroff>destroy</on_poweroff>
+ <on_reboot>restart</on_reboot>
+ <on_crash>destroy</on_crash>
+ <devices>
+ <emulator>/usr/bin/qemu-system-ppc64</emulator>
+ <controller type='usb' index='0'/>
+ <memballoon model='virtio'/>
+ <nvram>
+ <address type='spapr-vio' reg='0x4000'/>
+ </nvram>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 4bf13f0..1c21a63 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -907,6 +907,7 @@ mymain(void)
QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
DO_TEST_ERROR("pseries-vio-address-clash", QEMU_CAPS_DRIVE,
QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);
+ DO_TEST("pseries-nvram", QEMU_CAPS_DEVICE_NVRAM);
DO_TEST("disk-ide-drive-split",
QEMU_CAPS_DRIVE, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_IDE_CD);
diff --git a/tests/qemuxml2xmltest.c b/tests/qemuxml2xmltest.c
index 7434190..1d10bf2 100644
--- a/tests/qemuxml2xmltest.c
+++ b/tests/qemuxml2xmltest.c
@@ -259,6 +259,8 @@ mymain(void)
DO_TEST("virtio-rng-random");
DO_TEST("virtio-rng-egd");
+ DO_TEST("pseries-nvram");
+
/* These tests generate different XML */
DO_TEST_DIFFERENT("balloon-device-auto");
DO_TEST_DIFFERENT("channel-virtio-auto");
--
1.8.1.4
11 years, 7 months
[libvirt] [PATCHv2] doc: Clarify usage of SELinux baselabel
by Peter Krempa
State what fields are used when generating SELinux labels from a
baselabel.
---
Notes:
Version 2:
- add reference to example
docs/formatdomain.html.in | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 4e9665f..80caac0 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -4596,8 +4596,16 @@ qemu-kvm -net nic,model=? /dev/null
</dd>
<dt><code>baselabel</code></dt>
<dd>If dynamic labelling is used, this can optionally be
- used to specify the base security label. The format
- of the content depends on the security driver in use.
+ used to specify the base security label that will be used to generate
+ the actual label. The format of the content depends on the security
+ driver in use.
+
+ The SELinux driver uses only the <code>type</code> field of the
+ baselabel in the generated label. Other fields are inherited from
+ the parent process when using SELinux baselabels.
+
+ (The example above demonstrates the use of <code>my_svirt_t</code>
+ as the value for the <code>type</code> field.)
</dd>
<dt><code>imagelabel</code></dt>
<dd>This is an output only element, which shows the
--
1.8.2.1
11 years, 7 months
[libvirt] 答复: libvirt_lxc start problem when selinux enbale
by Huang,Chaochang
Sorry
“There is avc error messages in dmesg ……”
――should be “There is no avc error……”
发件人: Huang,Chaochang
发送时间: 2013年4月25日 15:41
收件人: 'libvir-list(a)redhat.com'; 'libvirt-users(a)redhat.com'
主题: libvirt_lxc start problem when selinux enbale
Hi,all:
the problem came out when selinux was enforced in targeted+MCS
I start lxc through virsh――“virsh -c lxc:/// start instance-00004bd6”
1. When selinux is Permissive,lxc start is ok
The result of “Ps auxZ” is:
system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 root 19218 0.0 0.0 47624 1244 ? Ss 15:26 0:00 /usr/libexec/libvirt_lxc --name
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19219 0.3 0.0 19276 1532 ? Ss 15:26 0:00 /sbin/init
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19406 0.0 0.0 177444 1332 ? Sl 15:26 0:00 /sbin/rsyslogd -i /var/run/sysl
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19420 0.0 0.0 64120 1144 ? Ss 15:26 0:00 /usr/sbin/sshd
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19427 0.0 0.0 22136 956 ? Ss 15:26 0:00 xinetd -stayalive -pidfile /var
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19434 0.0 0.0 64316 832 ? Ss 15:26 0:00 /usr/sbin/saslauthd -m /var/run
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19435 0.0 0.0 64316 600 ? S 15:26 0:00 /usr/sbin/saslauthd -m /var/run
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19450 0.0 0.0 82388 2392 ? Ss 15:26 0:00 sendmail: rejecting new message
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 51 19459 0.0 0.0 78116 2016 ? Ss 15:26 0:00 sendmail: Queue runner@01:00:00
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19467 0.0 0.0 175528 3672 ? Ss 15:26 0:00 /usr/sbin/httpd
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 48 19470 0.0 0.0 175528 2204 ? S 15:26 0:00 /usr/sbin/httpd
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19475 0.0 0.0 117212 1348 ? Ss 15:26 0:00 crond
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 19491 0.0 0.0 4108 600 pts/0 Ss+ 15:26 0:00 /sbin/mingetty /dev/tty1
We can get into the lxc through “ssh”
2. When selinux is Enforcing,lxc start bad
Th result of “ps auxZ” is:
system_u:system_r:virtd_lxc_t:s0-s0:c0.c1023 root 20624 0.0 0.0 47624 1244 ? Ss 15:29 0:00 /usr/libexec/libvirt_lxc --name
system_u:system_r:svirt_lxc_net_t:s0:c192,c392 root 20625 0.0 0.0 17172 1036 pts/0 Ss+ 15:29 0:00 /sbin/init
Only /sbin/init process started, no else. This is the real problem
There is avc error messages in dmesg、/var/log/messages、/var/log/secure, and the same with selinux is Permissive
Can anybody give some hints?
Here are some system information:
Kernel version
3.3.4
Libvirt version
0.9.13
Lxc guest image
Centos 6.3
Lxc xml info is:
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh edit instance-00004bd6
or other application using the libvirt API.
-->
<domain type='lxc'>
<name>instance-00004bd6</name>
<uuid>96eada0e-7ea0-4865-8271-3565811c8eb0</uuid>
<memory unit='KiB'>524288</memory>
<currentMemory unit='KiB'>524288</currentMemory>
<vcpu placement='static'>1</vcpu>
<os>
<type arch='x86_64'>exe</type>
<init>/sbin/init</init>
<cmdline>console=ttyS0</cmdline>
</os>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/libexec/libvirt_lxc</emulator>
<filesystem type='mount' accessmode='passthrough'>
<source dir='/home/stack/nova_state/instances/instance-00004bd6/rootfs'/>
<target dir='/'/>
</filesystem>
<interface type='bridge'>
<mac address='fa:16:3e:09:00:a2'/>
<source bridge='br100'/>
<filterref filter='nova-instance-instance-00004bd6-fa163e0900a2'>
<parameter name='DHCPSERVER' value='10.0.0.1'/>
<parameter name='IP' value='10.0.0.11'/>
<parameter name='PROJMASK' value='255.255.254.0'/>
<parameter name='PROJNET' value='10.0.0.0'/>
</filterref>
</interface>
<console type='pty'>
<target type='lxc' port='0'/>
</console>
</devices>
<seclabel type='static' model='selinux' relabel='yes'>
<label>system_u:system_r:svirt_lxc_net_t:s0:c192,c392</label>
</seclabel>
</domain>
Best Regard
Huangchaochang
11 years, 7 months
