[libvirt] ARM libvirt compiling error
by Michele Paolino
Hello,
I'm trying to set up a development environment on an Arndale (ARM Samsung
Exynos 5250) board to work on sVirt. I'm using Debian 7.0, I've downloaded
the source code from GIT and than:
./autogen.sh --prefix=$HOME/usr
make
but in the middle of make execution, the program fails with this error:
conf/domain_conf.c: In function 'virDomainHostdevDefParseXML':
conf/domain_conf.c:3915:36: error: 'next_unit' may be used uninitialized in
this function [-Werror=uninitialized]
conf/domain_conf.c:3886:9: note: 'next_unit' was declared here
conf/domain_conf.c: At top level:
cc1: error: unrecognized command line option
"-Wno-unused-command-line-argument" [-Werror]
I've solved this problem simply initializing the "next_unit" variable (file
src/conf/domain_conf.c, line 3886). This is the diff between the original
file and the modified one:
3886c3886
< int next_unit;
---
> int next_unit = -1;
Another way to solve is obviously with --disable-werror, but I guess this
is not the best way.
My gcc version is 4.6.3 (Debian 4.6.3-14), kernel version is 3.8.0-rc4.
Maybe it's only a compiler problem, but can anyone confirm this?
Is it worth to submit a new bug report/patch the source?
Regards,
Michele
--
*Michele Paolino **
*Virtual Open Systems*
**Open Source KVM Virtualization Developments
Multicore Systems Virtualization Porting Services
*Web*:* *www.virtualopensystems.com*
11 years, 10 months
[libvirt] [PATCHv2 0/2] fix segfault in virSecuritySELinuxMCSGetProcessRange
by Ján Tomko
Diff to v2:
Changed char * to const char * after actually compiling it with selinux.
Added a test.
James Gilliland (1):
selinux: fix segfault in virSecuritySELinuxMCSGetProcessRange
Ján Tomko (1):
tests: add test for a selinux label without a range
src/security/security_selinux.c | 9 ++++++++-
tests/securityselinuxtest.c | 44 ++++++++++++++++++++++++++++++++++++++---
2 files changed, 49 insertions(+), 4 deletions(-)
--
1.8.1.5
11 years, 10 months
[libvirt] NBD drives with literal IPv6 addresses or hostnames starting with a digit
by Ján Tomko
Hello,
since qemu's commit v1.4.0-736-gf17c90b [1]:
nbd: Keep hostname and port separate
* literal IPv6 addresses no longer work in nbd URIs, because getaddrinfo is
called with the surrounding brackets:
$ qemu-system-x86_64 -drive file=nbd://[::1]:1234/quack
qemu-system-x86_64: -drive file=nbd://[::1]:1234/quack: address resolution
failed for [::1]:1234: Name or service not known
* hostnames starting with a digit now work in nbd URIs.
Before that, or with the non-URI syntax, they fail because inet_parse assumes
them to be literal IPv4 addresses:
$ qemu-system-x86_64 -drive file=nbd:123flour:1234:exportname=gashunk
qemu-system-x86_64: -drive file=nbd:123flour:1234:exportname=gashunk: error
parsing IPv4 address '123flour:1234'
In libvirt, we use the URI format on the command line only if the host
contains ':', so hostnames starting with a digit still don't work.
Migration with NBD and a literal IPv6 address doesn't work either, but that's
purely libvirt's fault, as we don't escape it with brackets. I've just posted
a patch for that. [2]
Jan
[1] http://git.qemu.org/?p=qemu.git;a=commitdiff;h=f17c90b
[2] https://www.redhat.com/archives/libvir-list/2013-May/msg02022.html
11 years, 10 months
[libvirt] Authoritative source for logging filters descriptions ?
by Kashyap Chamarthy
Heya,
So I usually use these two resources, when tracing/debugging:
-
https://www.berrange.com/posts/2011/10/03/troubleshooting-libvirt-with-th...
- http://libvirt.org/logging.html
For instance, for filters to know what QMP commands libvirt is sending to QEMU:
I use:
- log_filters="1:qemu_monitor"
- log_outputs="1:file:/var/log/libvirt/libvirtd.log"
But, from
https://www.berrange.com/posts/2011/10/03/troubleshooting-libvirt-with-th...
I notice, we could also use these variations of filters QEMU/QMP filters:
# QEMU JSON/QMP monitor commands
- log_filters="1:qemu_monitor_json"
# QEMU text monitor commands
- log_filters="1:qemu_monitor_text"
Is there any place where these are comprehensively documented, has anything changed from
what's mentioned in the above blog & the logging wiki page ?
Furthermore, from /etc/libvirt/libvirtd.conf, I see:
===========================================
[...]
# Logging filters:
# A filter allows to select a different logging level for a given category
# of logs
# The format for a filter is one of:
# x:name
# x:+name
# where name is a string which is matched against source file name,
# e.g., "remote", "qemu", or "util/json", the optional "+" prefix
# tells libvirt to log stack trace for each message matching name,
# and x is the minimal level where matching messages should be logged:
# 1: DEBUG
# 2: INFO
# 3: WARNING
# 4: ERROR
#
# Multiple filter can be defined in a single @filters, they just need to be
# separated by spaces.
#
# e.g. to only get warning or errors from the remote layer and only errors
# from the event layer:
#log_filters="3:remote 4:event"
[...]
===========================================
Is the above list of strings describe all possible "name" values for filters ?
If I'm missing some obvious resource on the inter-webs, please point me to it.
Thanks.
--
/kashyap
11 years, 10 months
[libvirt] [PATCH] virsh: Allow attach-disk to specify disk wwn
by Osier Yang
Commit 6e73850b01ee support to set wwn for disks, but it was not
exposed to attach-disk.
---
tools/virsh-domain.c | 14 +++++++++++++-
tools/virsh.pod | 8 ++++----
2 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/tools/virsh-domain.c b/tools/virsh-domain.c
index 9ea5ffc..767e288 100644
--- a/tools/virsh-domain.c
+++ b/tools/virsh-domain.c
@@ -307,6 +307,10 @@ static const vshCmdOptDef opts_attach_disk[] = {
.type = VSH_OT_STRING,
.help = N_("serial of disk device")
},
+ {.name = "wwn",
+ .type = VSH_OT_STRING,
+ .help = N_("wwn of disk device")
+ },
{.name = "shareable",
.type = VSH_OT_BOOL,
.help = N_("shareable between domains")
@@ -499,7 +503,8 @@ cmdAttachDisk(vshControl *ctl, const vshCmd *cmd)
virDomainPtr dom = NULL;
const char *source = NULL, *target = NULL, *driver = NULL,
*subdriver = NULL, *type = NULL, *mode = NULL,
- *cache = NULL, *serial = NULL, *straddr = NULL;
+ *cache = NULL, *serial = NULL, *straddr = NULL,
+ *wwn = NULL;
struct DiskAddress diskAddr;
bool isFile = false, functionReturn = false;
int ret;
@@ -538,6 +543,7 @@ cmdAttachDisk(vshControl *ctl, const vshCmd *cmd)
vshCommandOptStringReq(ctl, cmd, "mode", &mode) < 0 ||
vshCommandOptStringReq(ctl, cmd, "cache", &cache) < 0 ||
vshCommandOptStringReq(ctl, cmd, "serial", &serial) < 0 ||
+ vshCommandOptStringReq(ctl, cmd, "wwn", &wwn) < 0 ||
vshCommandOptStringReq(ctl, cmd, "address", &straddr) < 0 ||
vshCommandOptStringReq(ctl, cmd, "sourcetype", &stype) < 0)
goto cleanup;
@@ -564,6 +570,9 @@ cmdAttachDisk(vshControl *ctl, const vshCmd *cmd)
}
}
+ if (wwn && !virValidateWWN(wwn))
+ goto cleanup;
+
/* Make XML of disk */
virBufferAsprintf(&buf, "<disk type='%s'",
(isFile) ? "file" : "block");
@@ -597,6 +606,9 @@ cmdAttachDisk(vshControl *ctl, const vshCmd *cmd)
if (serial)
virBufferAsprintf(&buf, " <serial>%s</serial>\n", serial);
+ if (wwn)
+ virBufferAsprintf(&buf, " <wwn>%s</wwn>\n", wwn);
+
if (vshCommandOptBool(cmd, "shareable"))
virBufferAddLit(&buf, " <shareable/>\n");
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 047c241..69c290f 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -1849,8 +1849,8 @@ expected.
[[[I<--live>] [I<--config>] | [I<--current>]] | [I<--persistent>]]
[I<--driver driver>] [I<--subdriver subdriver>] [I<--cache cache>]
[I<--type type>] [I<--mode mode>] [I<--config>] [I<--sourcetype soucetype>]
-[I<--serial serial>] [I<--shareable>] [I<--rawio>] [I<--address address>]
-[I<--multifunction>] [I<--print-xml>]
+[I<--serial serial>] [I<--wwn wwn>] [I<--shareable>] [I<--rawio>]
+[I<--address address>] [I<--multifunction>] [I<--print-xml>]
Attach a new disk device to the domain.
I<source> is path for the files and devices. I<target> controls the bus or
@@ -1870,8 +1870,8 @@ I<mode> can specify the two specific mode I<readonly> or I<shareable>.
I<sourcetype> can indicate the type of source (block|file)
I<cache> can be one of "default", "none", "writethrough", "writeback",
"directsync" or "unsafe".
-I<serial> is the serial of disk device. I<shareable> indicates the disk device
-is shareable between domains.
+I<serial> is the serial of disk device. I<wwn> is the wwn of disk device.
+I<shareable> indicates the disk device is shareable between domains.
I<rawio> indicates the disk needs rawio capability.
I<address> is the address of disk device in the form of pci:domain.bus.slot.function,
scsi:controller.bus.unit or ide:controller.bus.unit.
--
1.8.1.4
11 years, 10 months
[libvirt] [PATCH] tests: fix typo in securityselinuxtest
by Ján Tomko
---
Pushed as trivial.
tests/securityselinuxtest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/securityselinuxtest.c b/tests/securityselinuxtest.c
index f276e6d..bdf248b 100644
--- a/tests/securityselinuxtest.c
+++ b/tests/securityselinuxtest.c
@@ -231,7 +231,7 @@ testSELinuxGenLabel(const void *opaque)
if (virSecurityManagerGenLabel(data->mgr, def) < 0) {
virErrorPtr err = virGetLastError();
- fprintf(stderr, "Cannot generated label %s\n", err->message);
+ fprintf(stderr, "Cannot generate label: %s\n", err->message);
goto cleanup;
}
--
1.8.1.5
11 years, 10 months
[libvirt] [PATCH] selinux: fix segfault in virSecuritySELinuxMCSGetProcessRange
by Ján Tomko
From: James Gilliland <neclimdul(a)gmail.com>
https://bugzilla.redhat.com/show_bug.cgi?id=969878
---
src/security/security_selinux.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index b862fbf..3d8195c 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -189,6 +189,7 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
context_t ourContext = NULL;
char *cat = NULL;
char *tmp;
+ char *contextRange;
int ret = -1;
if (getcon_raw(&ourSecContext) < 0) {
@@ -202,8 +203,14 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
ourSecContext);
goto cleanup;
}
+ if (!(contextRange = context_range_get(ourContext))) {
+ virReportSystemError(errno,
+ _("Unable to parse current SELinux context range '%s'"),
+ ourSecContext);
+ goto cleanup;
+ }
- if (VIR_STRDUP(*sens, context_range_get(ourContext)) < 0)
+ if (VIR_STRDUP(*sens, contextRange) < 0)
goto cleanup;
/* Find and blank out the category part (if any) */
--
1.8.1.5
11 years, 10 months
[libvirt] [PATCH] virsh: Obey pool-or-uuid spec when creating volumes
by Jiri Denemark
Our documentation says a pool may be referenced by its name or UUID
anywhere if it makes sense (pool-name and pool-uuid are the only
exceptions). However, vol-create and vol-create-as commands did not obey
this.
---
tools/virsh-volume.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/tools/virsh-volume.c b/tools/virsh-volume.c
index e16a385..35fb762 100644
--- a/tools/virsh-volume.c
+++ b/tools/virsh-volume.c
@@ -177,8 +177,7 @@ cmdVolCreateAs(vshControl *ctl, const vshCmd *cmd)
if (vshCommandOptBool(cmd, "prealloc-metadata"))
flags |= VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA;
- if (!(pool = vshCommandOptPoolBy(ctl, cmd, "pool", NULL,
- VSH_BYNAME)))
+ if (!(pool = vshCommandOptPool(ctl, cmd, "pool", NULL)))
return false;
if (vshCommandOptStringReq(ctl, cmd, "name", &name) < 0)
@@ -345,8 +344,7 @@ cmdVolCreate(vshControl *ctl, const vshCmd *cmd)
if (vshCommandOptBool(cmd, "prealloc-metadata"))
flags |= VIR_STORAGE_VOL_CREATE_PREALLOC_METADATA;
- if (!(pool = vshCommandOptPoolBy(ctl, cmd, "pool", NULL,
- VSH_BYNAME)))
+ if (!(pool = vshCommandOptPool(ctl, cmd, "pool", NULL)))
return false;
if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0)
--
1.8.2.1
11 years, 10 months
[libvirt] nwfilter: grab driver lock earlier during init (bz96649)
by Stefan Berger
This patch is in relation to Bug 966449:
https://bugzilla.redhat.com/show_bug.cgi?id=966449
Below is a possible patch addressing the coredump.
Thread 1 must be calling nwfilterDriverRemoveDBusMatches(). It does so
with nwfilterDriverLock held. In the patch below I am now moving the
nwfilterDriverLock(driverState) further up so that the initialization,
which seems to either take a long time or is entirely stuck, occurs with
the lock held and the shutdown cannot occur at the same time.
To avoid having to make the nwfilterDriverLock lockable multiple times /
recursive I changed the virNWFilterDriverIsWatchingFirewallD to take as
an argument whether it has to grab that lock. There's only a single
caller at the moment that calls this function during initialization. We
could remove this lock entirely and maybe append to the name of the
function NoLock (?).
---
src/nwfilter/nwfilter_driver.c | 18 +++++++++++++-----
src/nwfilter/nwfilter_driver.h | 2 +-
src/nwfilter/nwfilter_ebiptables_driver.c | 7 ++++++-
3 files changed, 20 insertions(+), 7 deletions(-)
Index: libvirt/src/nwfilter/nwfilter_driver.c
===================================================================
--- libvirt.orig/src/nwfilter/nwfilter_driver.c
+++ libvirt/src/nwfilter/nwfilter_driver.c
@@ -191,6 +191,8 @@ nwfilterStateInitialize(bool privileged,
if (!privileged)
return 0;
+ nwfilterDriverLock(driverState);
+
if (virNWFilterIPAddrMapInit() < 0)
goto err_free_driverstate;
if (virNWFilterLearnInit() < 0)
@@ -203,8 +205,6 @@ nwfilterStateInitialize(bool privileged,
if (virNWFilterConfLayerInit(virNWFilterDomainFWUpdateCB) < 0)
goto err_techdrivers_shutdown;
- nwfilterDriverLock(driverState);
-
/*
* startup the DBus late so we don't get a reload signal while
* initializing
@@ -309,21 +309,29 @@ nwfilterStateReload(void) {
/**
* virNWFilterIsWatchingFirewallD:
*
+ * @needDriverLock: Provide 'true' if this function needs to grab
+ * the nwfilter driver lock, 'false' otherwise,
+ * which may be the case during initialization
+ *
* Checks if the nwfilter has the DBus watches for FirewallD installed.
*
* Returns true if it is watching firewalld, false otherwise
*/
bool
-virNWFilterDriverIsWatchingFirewallD(void)
+virNWFilterDriverIsWatchingFirewallD(bool needDriverLock)
{
bool ret;
if (!driverState)
return false;
- nwfilterDriverLock(driverState);
+ if (needDriverLock)
+ nwfilterDriverLock(driverState);
+
ret = driverState->watchingFirewallD;
- nwfilterDriverUnlock(driverState);
+
+ if (needDriverLock)
+ nwfilterDriverUnlock(driverState);
return ret;
}
Index: libvirt/src/nwfilter/nwfilter_driver.h
===================================================================
--- libvirt.orig/src/nwfilter/nwfilter_driver.h
+++ libvirt/src/nwfilter/nwfilter_driver.h
@@ -33,6 +33,6 @@
int nwfilterRegister(void);
-bool virNWFilterDriverIsWatchingFirewallD(void);
+bool virNWFilterDriverIsWatchingFirewallD(bool needDriverLock);
#endif /* __VIR_NWFILTER_DRIVER_H__ */
Index: libvirt/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt/src/nwfilter/nwfilter_ebiptables_driver.c
@@ -4191,7 +4191,12 @@ ebiptablesDriverInitWithFirewallD(void)
int status;
int ret = -1;
- if (!virNWFilterDriverIsWatchingFirewallD())
+ /*
+ * check whether we are watching firewalld
+ * Since we call this function during initialization we won't need
+ * to have it get the lock, so we pass 'false'.
+ */
+ if (!virNWFilterDriverIsWatchingFirewallD(false))
return -1;
firewall_cmd_path = virFindFileInPath("firewall-cmd");
11 years, 10 months
[libvirt] need custom /dev entries in LXC
by Michael R. Hines
Hi,
We run nvidia devices inside libvirt-managed LXC containers.
It used to be that simply doing:
$ echo 'c 195:* rwm' > /sys/fs/cgroup/devices/libvirt/lxc
Then, after booting the container, we would do:
$ mknod -m 666 /dev/nvidia0 c 195 0
.... would be good enough to run our CUDA applications.
But, according to:
$ cat src/lxc/lxc_container.c
The CAP_MKNOD capability is being dropped and only a specific
set of devices is being created before booting the container.
Is there any reason why this is not per-device configurable?
Thanks,
- Michael R. Hines
11 years, 10 months
