June 2013 - Devel - libvirt List Archives

[libvirt] [PATCH] build: Fix check-aclrules in VPATH build
by Jiri Denemark 25 Jun '13

25 Jun '13

--- Pushed as a build-breaker. src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am index 530de53..e6b1927 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -500,7 +500,7 @@ check-driverimpls: check-aclrules: $(AM_V_GEN)$(PERL) $(srcdir)/check-aclrules.pl \ - $(STATEFUL_DRIVER_SOURCE_FILES) + $(addprefix $(srcdir)/,$(filter-out /%,$(STATEFUL_DRIVER_SOURCE_FILES))) EXTRA_DIST += check-driverimpls.pl check-aclrules.pl -- 1.8.2.1

1 0

[libvirt] [PATCH 00/22] support VFIO groups
by Laine Stump 24 Jun '13

24 Jun '13

When I first put in support for VFIO device assignment, I didn't realize that groups of devices were quite as common as they actually are. In particular, I didn't know that often multiple seemingly-unrelated devices can end up in the same VFIO iommu group due to unlucky circumstances of hardware - they may share a dma controller which means that the devices can't truly be isolated from each other, and thus should not be simultaneously assigned to different guests (or even used by the host) - all of the devices in a group should be either assigned to the same guest or, if not assigned to the guest, should be isolated off in a driver to prevent them from being used by the host. The following set of patches makes setting that up easier to deal with. The end result of all the patches is the following: 1) The virNodeDevice API will be able to detach or re-attach all the devices in a particular group with a single API call. 2) <hostdev managed='yes'>, <interface type='hostdev' managed='yes'>, and <interface type='network' managed='yes'> devices (where the network is itself a pool of SRIOV Virtual Functions) can specify: <driver name='vfio' group='auto'/> and libvirt will automatically detach (and bind to the 'vfio-pci' driver for assignment/isolation) all devices in the same group as the device being assigned. Likewise, when the device it detached from the guest, a check will be made and, if none of the devices in the same group as the device being detach is still in use by a guest As usual there are a lot of patches here, but many of them are extremely simple, so don't be put off by the count. Also, please note that patches 15/22 - 18/22 provide a new public API (virNodeDeviceReAttachFlags()). I kept the new API later in the series just in case someone wanted to backport as much as possible of this patchset to an old release. Laine Stump (22): syntax: virPCIDeviceFree is also a NOP for NULL args pci: change stubDriver from const char* to char* pci: new utility functions pci: eliminate memory leak in virPCIDeviceReattach pci: make virPCIDeviceDetach consistent in behavior pci: eliminate repetitive path constructions in virPCIDeviceBindToStub pci: eliminate unused driver arg from virPCIDeviceDetach pci: update stubDriver name in virPCIDeviceBindToStub pci: rename virPCIDeviceGetVFIOGroupDev to virPCIDeviceGetIOMMUGroupDev pci: make virPCIParseDeviceAddress public pci: new iommu_group functions pci: optionally detach/reattach all devices in a VFIO group API & qemu: add ability to detach an entire VFIO group of devices virsh: add option to detach entire group of devices API: new virNodeDeviceReAttachFlags API: implement RPC calls for virNodeDeviceReAttachFlags qemu: implement virNodeDeviceReAttachFlags xen: implement virNodeDeviceReAttachFlags virsh: add option to attach entire group of devices nodedev: add iommuGroup to node device object conf: add <driver group='auto'> to hostdev, interface, and networks qemu: implement backend of <driver group='auto'/> cfg.mk | 1 + docs/formatdomain.html.in | 94 ++- docs/formatnetwork.html.in | 11 + docs/formatnode.html.in | 63 +- docs/schemas/domaincommon.rng | 16 + docs/schemas/network.rng | 8 + docs/schemas/nodedev.rng | 11 + include/libvirt/libvirt.h.in | 18 + src/conf/domain_conf.c | 36 +- src/conf/domain_conf.h | 13 + src/conf/network_conf.c | 39 +- src/conf/network_conf.h | 14 + src/conf/node_device_conf.c | 86 ++- src/conf/node_device_conf.h | 5 +- src/driver.h | 5 + src/libvirt.c | 60 ++ src/libvirt_private.syms | 11 +- src/libvirt_public.syms | 4 + src/network/bridge_driver.c | 22 + src/node_device/node_device_udev.c | 21 +- src/qemu/qemu_cgroup.c | 4 +- src/qemu/qemu_driver.c | 40 +- src/qemu/qemu_hostdev.c | 39 +- src/remote/remote_driver.c | 29 + src/remote/remote_protocol.x | 12 +- src/remote_protocol-structs | 5 + src/security/security_apparmor.c | 2 +- src/security/security_dac.c | 4 +- src/security/security_selinux.c | 4 +- src/util/virpci.c | 707 ++++++++++++++++++--- src/util/virpci.h | 37 +- src/xen/xen_driver.c | 22 +- tests/networkxml2xmlin/hostdev-pf.xml | 2 +- tests/networkxml2xmlout/hostdev-pf.xml | 2 +- tests/nodedevschemadata/pci_8086_10c9_sriov_pf.xml | 16 + tests/nodedevxml2xmltest.c | 1 + .../qemuxml2argvdata/qemuxml2argv-hostdev-vfio.xml | 2 +- .../qemuxml2argv-net-hostdev-vfio.xml | 2 +- tools/virsh-nodedev.c | 30 +- 39 files changed, 1340 insertions(+), 158 deletions(-) create mode 100644 tests/nodedevschemadata/pci_8086_10c9_sriov_pf.xml -- 1.7.11.7

3 35

[libvirt] [PATCH] qemu: don't reset PCI devices being assigned with VFIO
by Laine Stump 24 Jun '13

24 Jun '13

I just learned that VFIO resets PCI devices when they are assigned to guests / returned to the host, so it is redundant for libvirt to reset the devices. This patch inhibits calling virPCIDeviceReset to devices that will be/were assigned using VFIO. --- src/qemu/qemu_hostdev.c | 4 ++++ src/qemu/qemu_hotplug.c | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_hostdev.c b/src/qemu/qemu_hostdev.c index 2b0221d..5a87eb0 100644 --- a/src/qemu/qemu_hostdev.c +++ b/src/qemu/qemu_hostdev.c @@ -556,6 +556,8 @@ int qemuPrepareHostdevPCIDevices(virQEMUDriverPtr driver, * can safely reset them */ for (i = 0; i < virPCIDeviceListCount(pcidevs); i++) { virPCIDevicePtr dev = virPCIDeviceListGet(pcidevs, i); + if (STREQ_NULLABLE(virPCIDeviceGetStubDriver(dev), "vfio-pci")) + continue; if (virPCIDeviceReset(dev, driver->activePciHostdevs, driver->inactivePciHostdevs) < 0) goto reattachdevs; @@ -1122,6 +1124,8 @@ void qemuDomainReAttachHostdevDevices(virQEMUDriverPtr driver, for (i = 0; i < virPCIDeviceListCount(pcidevs); i++) { virPCIDevicePtr dev = virPCIDeviceListGet(pcidevs, i); + if (STREQ_NULLABLE(virPCIDeviceGetStubDriver(dev), "vfio-pci")) + continue; if (virPCIDeviceReset(dev, driver->activePciHostdevs, driver->inactivePciHostdevs) < 0) { virErrorPtr err = virGetLastError(); diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index 18f5fa5..46875ad 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -2528,8 +2528,9 @@ qemuDomainDetachHostPciDevice(virQEMUDriverPtr driver, if (pci) { activePci = virPCIDeviceListSteal(driver->activePciHostdevs, pci); if (activePci && - virPCIDeviceReset(activePci, driver->activePciHostdevs, - driver->inactivePciHostdevs) == 0) { + (subsys->u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_VFIO || + virPCIDeviceReset(activePci, driver->activePciHostdevs, + driver->inactivePciHostdevs) == 0)) { qemuReattachPciDevice(activePci, driver); ret = 0; } else { -- 1.7.11.7

2 1

[libvirt] [PATCH v2 0/8] Chardev hotplug
by Michal Privoznik 24 Jun '13

24 Jun '13

The second round which is just a rebase of the first round: https://www.redhat.com/archives/libvir-list/2013-May/msg00395.html Michal Privoznik (8): domain_conf: Introduce chardev hotplug helpers qemu: Implement chardev hotplug on config level qemu_monitor_json: Move InetSocketAddress build to a separate function qemu_monitor: Introduce qemuMonitorAttachCharDev qemu_monitor: Introduce qemuMonitorDetachCharDev qemu_command: Honour chardev alias assignment with a function qemu: Introduce qemuBuildChrDeviceStr qemu: Implement chardev hotplug on live level src/conf/domain_conf.c | 182 +++++++++++++++++++++++++++++- src/conf/domain_conf.h | 11 ++ src/libvirt_private.syms | 4 + src/qemu/qemu_command.c | 262 +++++++++++++++++++++++++++++++++++-------- src/qemu/qemu_command.h | 14 ++- src/qemu/qemu_driver.c | 43 ++++++- src/qemu/qemu_hotplug.c | 102 +++++++++++++++++ src/qemu/qemu_hotplug.h | 6 + src/qemu/qemu_monitor.c | 41 +++++++ src/qemu/qemu_monitor.h | 5 + src/qemu/qemu_monitor_json.c | 259 +++++++++++++++++++++++++++++++++++++++--- src/qemu/qemu_monitor_json.h | 5 + 12 files changed, 861 insertions(+), 73 deletions(-) -- 1.8.2.1

4 18

[libvirt] [PATCH 0/2] libxl: Add support for qdisk disk backend
by Jim Fehlig 24 Jun '13

24 Jun '13

An update of https://www.redhat.com/archives/libvir-list/2013-April/msg02104.html This small patch series adds support for qdisk backend type in libxl. A qdisk uses the block drivers in qemu to serve as a block backend, verses blktap or blkbk. While testing the second patch, I noticed a slightly misleading error was emitted when the tap backend didn't support the requested disk format. Fix this with the first patch, including adding format checks in the other supported disk backends. V2: Fix logic errors when validating disk format Jim Fehlig (2): libxl: Fix disk format error message libxl: support qdisk backend src/libxl/libxl_conf.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++- 1 files changed, 47 insertions(+), 2 deletions(-) -- 1.7.7

2 5

[libvirt] Introduction of virDomainDefPtr resulted in deadlock in xenUnifiedDomainGetXMLDesc
by Stefan Bader 24 Jun '13

24 Jun '13

The problem is the mutex lock on xenUnifiedPrivatePtr which is held around xenDomainUsedCpus. xenUnifiedDomainGetXMLDesc ... xenUnifiedLock(priv); cpus = xenDomainUsedCpus(dom); xenUnifiedUnlock(priv); ... Unfortunately the introduction of virDomainDefPtr added the following call paths xenDomainUsedCpus ... nb_vcpu = xenUnifiedDomainGetMaxVcpus(dom); return xenUnifiedDomainGetVcpusFlags(...) ... if (!(def = xenGetDomainDefForDom(dom))) return xenGetDomainDefForUUID(dom->conn, dom->uuid); ... ret = xenHypervisorLookupDomainByUUID(conn, uuid); ... xenUnifiedLock(priv); name = xenStoreDomainGetName(conn, id); xenUnifiedUnlock(priv); ... if ((ncpus = xenUnifiedDomainGetVcpus(dom, cpuinfo, nb_vcpu, ... if (!(def = xenGetDomainDefForDom(dom))) [again like above] Right now, running the GetXMLDesc command for an active Xen domain will lock up right in the xenUnifiedDomainGetMaxVcpus call. But any subcall leading to a call to xenGetDomainDefForDom while holding the xenUnifiedPrivatePtr lock will have the same fate. I assume the lock around the xenDomainUsedCpus call is there to ensure all accesses to the private pointer see consistent data. Otherwise it would be possible to simply release the lock before the GetMaxVcpus and GetVcpus calls. If that lock cannot be dropped this feels like a much more painful rework is needed. What do others think? -Stefan

2 3

[libvirt] [PATCH] Set process ID in system identity
by Daniel P. Berrange 24 Jun '13

24 Jun '13

From: "Daniel P. Berrange" <berrange(a)redhat.com> When creating a virIdentityPtr for the system identity, include the current process ID as an attribute. --- src/util/viridentity.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/util/viridentity.c b/src/util/viridentity.c index 034a12a..6d93d0f 100644 --- a/src/util/viridentity.c +++ b/src/util/viridentity.c @@ -139,6 +139,13 @@ virIdentityPtr virIdentityGetSystem(void) #if WITH_SELINUX security_context_t con; #endif + char *processid = NULL; + + if (virAsprintf(&processid, "%llu", + (unsigned long long)getpid()) < 0) { + virReportOOMError(); + goto cleanup; + } if (!(username = virGetUserName(getuid()))) goto cleanup; @@ -176,11 +183,16 @@ virIdentityPtr virIdentityGetSystem(void) VIR_IDENTITY_ATTR_SELINUX_CONTEXT, seccontext) < 0) goto error; + if (virIdentitySetAttr(ret, + VIR_IDENTITY_ATTR_UNIX_PROCESS_ID, + processid) < 0) + goto error; cleanup: VIR_FREE(username); VIR_FREE(groupname); VIR_FREE(seccontext); + VIR_FREE(processid); return ret; error: -- 1.8.1.4

3 2

[libvirt] [PATCH 00/19] Fine grained access control for libvirt APIs
by Daniel P. Berrange 24 Jun '13

24 Jun '13

From: "Daniel P. Berrange" <berrange(a)redhat.com> This is a repost of http://www.redhat.com/archives/libvir-list/2012-May/msg00090.html Most of the early patches in that series are now merged. What is left is the actual access control work. The first patches setup the infrastructure and provide two drivers (policy kit and selinux). The remaining patches add access control checks to all the public APIs in each driver. The final patch adds a test case to validate that every driver API impl has an access control check present. Still todo - Optimize the polkit driver by making direct dbus calls instead of spawning the polkit helper program - Add filtering of returned objects from the various vir*List* APIs - Finish adding acl checks to the legacy Xen driver in about 6 apis. - Write a standalone access control driver as alternative to polkit - Audit permission names & groups to ensure we have an optimial set of permissions defined to cover all our APIs. Daniel P. Berrange (19): Define basic internal API for access control Set conn->driver before running driver connectOpen method Setup default access control manager in libvirtd Add a policy kit access control driver Add an SELinux access control driver Add ACL annotations to all RPC messages Auto-generate helpers for checking access control rules Add ACL checks into the QEMU driver Add ACL checks into the LXC driver Add ACL checks into the UML driver Add ACL checks into the Xen driver Add ACL checks into the libxl driver Add ACL checks into the storage driver Add ACL checks into the network driver Add ACL checks into the interface driver Add ACL checks into the node device driver Add ACL checks into the nwfilter driver Add ACL checks into the secrets driver Add validation that all APIs contain ACL checks .gitignore | 10 + daemon/Makefile.am | 1 + daemon/libvirtd-config.c | 4 + daemon/libvirtd-config.h | 2 + daemon/libvirtd.aug | 1 + daemon/libvirtd.c | 28 +- daemon/libvirtd.conf | 9 + daemon/test_libvirtd.aug.in | 4 + include/libvirt/virterror.h | 4 + m4/virt-compile-warnings.m4 | 1 + m4/virt-selinux.m4 | 2 + po/POTFILES.in | 3 + src/Makefile.am | 187 ++++++++- src/access/genpolkit.pl | 119 ++++++ src/access/viraccessdriver.h | 89 ++++ src/access/viraccessdrivernop.c | 118 ++++++ src/access/viraccessdrivernop.h | 28 ++ src/access/viraccessdriverpolkit.c | 399 ++++++++++++++++++ src/access/viraccessdriverpolkit.h | 28 ++ src/access/viraccessdriverselinux.c | 565 +++++++++++++++++++++++++ src/access/viraccessdriverselinux.h | 28 ++ src/access/viraccessdriverstack.c | 285 +++++++++++++ src/access/viraccessdriverstack.h | 32 ++ src/access/viraccessmanager.c | 351 ++++++++++++++++ src/access/viraccessmanager.h | 91 ++++ src/access/viraccessperm.c | 84 ++++ src/access/viraccessperm.h | 647 +++++++++++++++++++++++++++++ src/check-aclrules.pl | 144 +++++++ src/interface/interface_backend_netcf.c | 115 +++++ src/interface/interface_backend_udev.c | 85 +++- src/internal.h | 4 + src/libvirt.c | 11 +- src/libvirt_private.syms | 37 ++ src/libxl/libxl_driver.c | 187 ++++++++- src/locking/lock_protocol.x | 8 + src/lxc/lxc_driver.c | 219 +++++++++- src/network/bridge_driver.c | 61 +++ src/node_device/node_device_driver.c | 36 ++ src/nwfilter/nwfilter_driver.c | 26 ++ src/qemu/qemu_driver.c | 716 ++++++++++++++++++++++++++++---- src/remote/lxc_protocol.x | 1 + src/remote/qemu_protocol.x | 4 + src/remote/remote_protocol.x | 406 ++++++++++++++++++ src/rpc/gendispatch.pl | 211 +++++++++- src/secret/secret_driver.c | 31 ++ src/storage/storage_driver.c | 155 ++++++- src/uml/uml_driver.c | 174 +++++++- src/util/virerror.c | 8 + src/util/virlog.c | 3 +- src/util/virlog.h | 1 + src/xen/xen_driver.c | 217 +++++++++- 51 files changed, 5827 insertions(+), 153 deletions(-) create mode 100755 src/access/genpolkit.pl create mode 100644 src/access/viraccessdriver.h create mode 100644 src/access/viraccessdrivernop.c create mode 100644 src/access/viraccessdrivernop.h create mode 100644 src/access/viraccessdriverpolkit.c create mode 100644 src/access/viraccessdriverpolkit.h create mode 100644 src/access/viraccessdriverselinux.c create mode 100644 src/access/viraccessdriverselinux.h create mode 100644 src/access/viraccessdriverstack.c create mode 100644 src/access/viraccessdriverstack.h create mode 100644 src/access/viraccessmanager.c create mode 100644 src/access/viraccessmanager.h create mode 100644 src/access/viraccessperm.c create mode 100644 src/access/viraccessperm.h create mode 100644 src/check-aclrules.pl -- 1.8.1.4

2 27

[libvirt] [PATCH] bugfix: virNetDevBridgeSetSTPDelay on BSD
by Roman Bogorodskiy 24 Jun '13

24 Jun '13

virNetDevBridgeSetSTPDelay accepts delay in milliseconds, but BSD implementation was expecting seconds. Therefore, it was working correctly only with delay == 0. --- src/util/virnetdevbridge.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/util/virnetdevbridge.c b/src/util/virnetdevbridge.c index ffcb4a4..9d95374 100644 --- a/src/util/virnetdevbridge.c +++ b/src/util/virnetdevbridge.c @@ -593,10 +593,11 @@ int virNetDevBridgeSetSTPDelay(const char *brname, int delay) { struct ifbrparam param; + u_long delay_seconds = delay / 1000; /* FreeBSD doesn't allow setting STP delay < 4 */ - delay = delay < 4 ? 4 : delay; - param.ifbrp_fwddelay = ((u_long)delay) & 0xff; + delay_seconds = delay_seconds < 4 ? 4 : delay_seconds; + param.ifbrp_fwddelay = delay_seconds & 0xff; if (virNetDevBridgeCmd(brname, BRDGSFD, &param, sizeof(param)) < 0) { virReportSystemError(errno, -- 1.8.2.3

2 2

[libvirt] [PATCH] qemu: check if block I/O limits fit into long long
by Ján Tomko 24 Jun '13

24 Jun '13

We can only pass values up to LLONG_MAX through JSON and QEMU checks if the int64_t number is not negative at startup since 1.5.0. https://bugzilla.redhat.com/show_bug.cgi?id=974010 --- src/qemu/qemu_driver.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 3d9457f..b4b66aa 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -14099,6 +14099,13 @@ qemuDomainSetBlockIoTune(virDomainPtr dom, for (i = 0; i < nparams; i++) { virTypedParameterPtr param = &params[i]; + if (param->value.ul > LLONG_MAX) { + virReportError(VIR_ERR_OVERFLOW, + _("block I/O throttle limit value must" + " be less than %llu"), LLONG_MAX); + goto endjob; + } + if (STREQ(param->field, VIR_DOMAIN_BLOCK_IOTUNE_TOTAL_BYTES_SEC)) { info.total_bytes_sec = param->value.ul; set_bytes = true; -- 1.8.1.5

2 2