[libvirt] RFE: Make saveDir/cacheDir/snapshotDir/dumpDir configurable and allow per-domain paths
by Till Maas
Hi,
I would like to separate all data of libvirt domains so that each domain
can easily be deleted securely. However libvirt by default uses static
directories to store data from domains such as snapshots, current states
and dumps. Also a cache dir is used for reasons unknown to me. To
separate the data, I would like to use different directories for each
domain. For this these paths need to be configurable e.g. in qemu.conf
and it needs to be possible to for example specify a placeholder in the
path that is substituted by the domain's name, so that e.g.:
/srv/{name}/save/
can be specified to use
/srv/dom1/save/dom1.save
as save path.
This change should have low impact on regular users, because the
defaults can be set to match the current behaviour. What is your opinion
on this?
Do you have any ideas about how to do the name substitution best?
Kind regards
Till
P.S.: I am not subscribed to the list so please CC me.
10 years, 8 months
[libvirt] [PATCH 0/2] AppArmor updates
by Felix Geyer
I'm working on getting AppArmor support enabled in the Debian libvirt package.
As a result I've updated the profiles in example/ and added support for
filesystem mounts.
Felix Geyer (2):
apparmor: Allow access to filesystem mounts
apparmor: Improve profiles
examples/apparmor/libvirt-qemu | 21 +++++++++++++++----
examples/apparmor/usr.lib.libvirt.virt-aa-helper | 10 +++++++++
examples/apparmor/usr.sbin.libvirtd | 16 +++++++++++----
src/security/virt-aa-helper.c | 26 ++++++++++++++++++------
4 files changed, 59 insertions(+), 14 deletions(-)
--
1.8.5.3
10 years, 8 months
[libvirt] [PATCH] qemu: Fix seamless SPICE migration
by Martin Kletzander
Since the wait is done during migration (still inside
QEMU_ASYNC_JOB_MIGRATION_OUT), the code should enter the monitor as such
in order to prohibit all other jobs from interfering in the meantime.
This patch fixes bug #1009886 in which qemuDomainGetBlockInfo was
waiting on the monitor condition and after GetSpiceMigrationStatus
mangled its internal data, the daemon crashed.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1009886
Signed-off-by: Martin Kletzander <mkletzan(a)redhat.com>
---
src/qemu/qemu_migration.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c
index d7b89fc..3a1aab7 100644
--- a/src/qemu/qemu_migration.c
+++ b/src/qemu/qemu_migration.c
@@ -1595,7 +1595,10 @@ qemuMigrationWaitForSpice(virQEMUDriverPtr driver,
/* Poll every 50ms for progress & to allow cancellation */
struct timespec ts = { .tv_sec = 0, .tv_nsec = 50 * 1000 * 1000ull };
- qemuDomainObjEnterMonitor(driver, vm);
+ if (qemuDomainObjEnterMonitorAsync(driver, vm,
+ QEMU_ASYNC_JOB_MIGRATION_OUT) < 0)
+ return -1;
+
if (qemuMonitorGetSpiceMigrationStatus(priv->mon,
&spice_migrated) < 0) {
qemuDomainObjExitMonitor(driver, vm);
--
1.8.3.2
10 years, 8 months
[libvirt] [PATCH v3] Add helper program to create custom leases
by Nehal J Wani
Introduce helper program to catch events from dnsmasq and maintain a custom
lease file per network. It supports dhcpv4 and dhcpv6. The file is saved as
"<interface-name>.status".
Each lease contains the following info:
<expiry-time (epoch time)> <mac> <iaid> <ip-address> <hostname> <clientid>
Example of custom leases file content:
[
{
"iaid": "1221229",
"ip-address": "2001:db8:ca2:2:1::95",
"mac-address": "52:54:00:12:a2:6d",
"hostname": "Fedora20",
"client-id": "00:04:1a:c1:d9:6b:5a:0a:e2:bc:f8:4b:1e:37:2e:38:22:55",
"expiry-time": 1393244216
},
{
"ip-address": "192.168.150.208",
"mac-address": "52:54:00:11:56:b3",
"hostname": "Wani-PC",
"client-id": "01:52:54:00:11:56:b3",
"expiry-time": 1393244248
}
]
src/Makefile.am:
* Add options to compile the helper program
src/network/bridge_driver.c:
* Introduce networkDnsmasqLeaseFileNameCustom()
* Invoke helper program along with dnsmasq
* Delete the .status file when corresponding n/w is destroyed.
src/util/leaseshelper.c
* Helper program to create the custom lease file
---
v3:
* Improved file handling, removed redundant copying, introduced --help and --version
v2:
* Changed format to JSON
* Refer: https://www.redhat.com/archives/libvir-list/2014-January/msg01234.html
v1:
* Refer: https://www.redhat.com/archives/libvir-list/2014-January/msg00626.html
src/Makefile.am | 16 +++
src/network/bridge_driver.c | 19 +++
src/util/leaseshelper.c | 303 +++++++++++++++++++++++++++++++++++++++++++
3 files changed, 338 insertions(+), 0 deletions(-)
create mode 100644 src/util/leaseshelper.c
diff --git a/src/Makefile.am b/src/Makefile.am
index 6d21e5d..b8e1993 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -849,6 +849,9 @@ STORAGE_HELPER_DISK_SOURCES = \
UTIL_IO_HELPER_SOURCES = \
util/iohelper.c
+UTIL_LEASES_HELPER_SOURCES = \
+ util/leaseshelper.c
+
# Network filters
NWFILTER_DRIVER_SOURCES = \
nwfilter/nwfilter_driver.h nwfilter/nwfilter_driver.c \
@@ -2444,6 +2447,19 @@ libvirt_iohelper_CFLAGS = \
$(AM_CFLAGS) \
$(PIE_CFLAGS) \
$(NULL)
+
+libexec_PROGRAMS += libvirt_leaseshelper
+libvirt_leaseshelper_SOURCES = $(UTIL_LEASES_HELPER_SOURCES)
+libvirt_leaseshelper_LDADD = \
+ libvirt_util.la \
+ ../gnulib/lib/libgnu.la
+if WITH_DTRACE_PROBES
+libvirt_leaseshelper_LDADD += libvirt_probes.lo
+endif WITH_DTRACE_PROBES
+
+libvirt_leaseshelper_CFLAGS = \
+ $(PIE_CFLAGS) \
+ $(NULL)
endif WITH_LIBVIRTD
if WITH_STORAGE_DISK
diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c
index a6c719d..9fb750f 100644
--- a/src/network/bridge_driver.c
+++ b/src/network/bridge_driver.c
@@ -205,6 +205,16 @@ networkDnsmasqLeaseFileNameFunc networkDnsmasqLeaseFileName =
networkDnsmasqLeaseFileNameDefault;
static char *
+networkDnsmasqLeaseFileNameCustom(const char *bridge)
+{
+ char *leasefile;
+
+ ignore_value(virAsprintf(&leasefile, "%s/%s.status",
+ driverState->dnsmasqStateDir, bridge));
+ return leasefile;
+}
+
+static char *
networkDnsmasqConfigFileName(const char *netname)
{
char *conffile;
@@ -240,6 +250,7 @@ networkRemoveInactive(virNetworkDriverStatePtr driver,
virNetworkObjPtr net)
{
char *leasefile = NULL;
+ char *customleasefile = NULL;
char *radvdconfigfile = NULL;
char *configfile = NULL;
char *radvdpidbase = NULL;
@@ -258,6 +269,9 @@ networkRemoveInactive(virNetworkDriverStatePtr driver,
if (!(leasefile = networkDnsmasqLeaseFileName(def->name)))
goto cleanup;
+ if (!(customleasefile = networkDnsmasqLeaseFileNameCustom(def->bridge)))
+ goto cleanup;
+
if (!(radvdconfigfile = networkRadvdConfigFileName(def->name)))
goto cleanup;
@@ -274,6 +288,7 @@ networkRemoveInactive(virNetworkDriverStatePtr driver,
/* dnsmasq */
dnsmasqDelete(dctx);
unlink(leasefile);
+ unlink(customleasefile);
unlink(configfile);
/* radvd */
@@ -1117,6 +1132,10 @@ networkBuildDhcpDaemonCommandLine(virNetworkObjPtr network,
cmd = virCommandNew(dnsmasqCapsGetBinaryPath(caps));
virCommandAddArgFormat(cmd, "--conf-file=%s", configfile);
+
+ /* This helper is used to create custom leases file for libvirt */
+ virCommandAddArgFormat(cmd, "--dhcp-script=%s", LIBEXECDIR "/libvirt_leaseshelper");
+
*cmdout = cmd;
ret = 0;
cleanup:
diff --git a/src/util/leaseshelper.c b/src/util/leaseshelper.c
new file mode 100644
index 0000000..bd8110f
--- /dev/null
+++ b/src/util/leaseshelper.c
@@ -0,0 +1,303 @@
+/*
+ * leasehelper.c: Helper program to create custom leases file
+ *
+ * Copyright (C) 2014 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library. If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Author: Nehal J Wani <nehaljw.kkd1(a)gmail.com>
+ */
+
+#include <config.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/stat.h>
+
+#include "virutil.h"
+#include "virthread.h"
+#include "virfile.h"
+#include "virbuffer.h"
+#include "virstring.h"
+#include "virerror.h"
+#include "viralloc.h"
+#include "virjson.h"
+#include "configmake.h"
+
+#define VIR_FROM_THIS VIR_FROM_NETWORK
+
+/**
+ * VIR_NETWORK_DHCP_LEASE_FILE_SIZE_MAX:
+ *
+ * Macro providing the upper limit on the size of leases file
+ */
+#define VIR_NETWORK_DHCP_LEASE_FILE_SIZE_MAX (2 * 1024 * 1024)
+
+static const char *program_name;
+
+/* Display version information. */
+static void
+helperVersion(const char *argv0)
+{
+ printf("%s (%s) %s\n", argv0, PACKAGE_NAME, PACKAGE_VERSION);
+}
+
+ATTRIBUTE_NORETURN static void
+usage(int status)
+{
+ if (status) {
+ fprintf(stderr, _("%s: try --help for more details\n"), program_name);
+ } else {
+ printf(_("Usage: %s ACTION MAC|CLIENTID IP HOSTNAME\n"
+ " or: %s ACTION MAC|CLIENTID IP\n"),
+ program_name, program_name);
+ }
+ exit(status);
+}
+
+static int
+customLeaseRewriteFile(int fd, void *opaque)
+{
+ char **data = opaque;
+
+ if (safewrite(fd, *data, strlen(*data)) < 0)
+ return -1;
+
+ return 0;
+}
+
+int
+main(int argc, char **argv)
+{
+ char *lease_entries = NULL;
+ char *custom_lease_file = NULL;
+ const char *ip = NULL;
+ const char *mac = NULL;
+ const char *action = NULL;
+ const char *iaid = virGetEnvAllowSUID("DNSMASQ_IAID");
+ const char *clientid = virGetEnvAllowSUID("DNSMASQ_CLIENT_ID");
+ const char *interface = virGetEnvAllowSUID("DNSMASQ_INTERFACE");
+ const char *exptime = virGetEnvAllowSUID("DNSMASQ_LEASE_EXPIRES");
+ const char *hostname = virGetEnvAllowSUID("DNSMASQ_SUPPLIED_HOSTNAME");
+ const char *leases_str = NULL;
+ long long expirytime = 0;
+ size_t i = 0;
+ int rv = EXIT_FAILURE;
+ int size = 0;
+ int custom_lease_file_len = 0;
+ bool add = false;
+ bool delete = false;
+ virJSONValuePtr lease_new = NULL;
+ virJSONValuePtr lease_tmp = NULL;
+ virJSONValuePtr leases_array = NULL;
+ virJSONValuePtr leases_array_new = NULL;
+
+ virSetErrorFunc(NULL, NULL);
+ virSetErrorLogPriorityFunc(NULL);
+
+ program_name = argv[0];
+
+ if (setlocale(LC_ALL, "") == NULL ||
+ bindtextdomain(PACKAGE, LOCALEDIR) == NULL ||
+ textdomain(PACKAGE) == NULL) {
+ fprintf(stderr, _("%s: initialization failed\n"), program_name);
+ exit(EXIT_FAILURE);
+ }
+
+ if (virThreadInitialize() < 0 ||
+ virErrorInitialize() < 0) {
+ fprintf(stderr, _("%s: initialization failed\n"), program_name);
+ exit(EXIT_FAILURE);
+ }
+
+ /* Doesn't hurt to check */
+ if (argc > 1) {
+ if(STREQ(argv[1], "--help"))
+ usage(EXIT_SUCCESS);
+
+ if (STREQ(argv[1], "--version")) {
+ helperVersion(argv[0]);
+ exit(EXIT_SUCCESS);
+ }
+ }
+
+ if (argc != 4 && argc != 5) {
+ /* Refer man page of dnsmasq --dhcp-script for more details */
+ usage(EXIT_FAILURE);
+ }
+
+ /* Make sure dnsmasq knows the interface. The interface name is not known
+ * when dnsmasq (re)starts and throws 'del' events for expired leases.
+ * So, if any old lease has expired, it will be automatically removed the
+ * next time this program is invoked */
+ if (!interface)
+ goto cleanup;
+
+ ip = argv[3];
+ mac = argv[2];
+ action = argv[1];
+
+ /* In case hostname is known, it is the 5th argument */
+ if (argc == 5)
+ hostname = argv[4];
+
+ if (virAsprintf(&custom_lease_file, "%s/%s.status", LOCALSTATEDIR
+ "/lib/libvirt/dnsmasq/", interface) < 0)
+ goto cleanup;
+
+ /* Check if it is an IPv6 lease */
+ if (virGetEnvAllowSUID("DNSMASQ_IAID")) {
+ mac = virGetEnvAllowSUID("DNSMASQ_MAC");
+ clientid=argv[2];
+ }
+
+ /* Since interfaces can be hot plugged, we need to make sure that the
+ * corresponding custom lease file exists. If not, 'touch' it */
+ if (virFileTouch(custom_lease_file, 0644) < 0)
+ goto cleanup;
+
+ /* Read entire contents */
+ if ((custom_lease_file_len = virFileReadAll(custom_lease_file,
+ VIR_NETWORK_DHCP_LEASE_FILE_SIZE_MAX,
+ &lease_entries)) < 0) {
+ goto cleanup;
+ }
+
+ if (STREQ(action, "add") || STREQ(action, "old") || STREQ(action, "del")) {
+ if (mac || STREQ(action, "del")) {
+ /* Delete the corresponding lease */
+ delete = true;
+ if (STREQ(action, "add") || STREQ(action, "old")) {
+ add = true;
+ /* Create new lease */
+ if (!(lease_new = virJSONValueNewObject())) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to create json"));
+ goto cleanup;
+ }
+
+ if (virStrToLong_ll(exptime, NULL, 10, &expirytime) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Unable to convert lease expiry time to long long: %s"),
+ exptime);
+ goto cleanup;
+ }
+
+ if ((iaid && virJSONValueObjectAppendString(lease_new, "iaid",
+ iaid) < 0) ||
+ (ip && virJSONValueObjectAppendString(lease_new, "ip-address",
+ ip) < 0) ||
+ (mac && virJSONValueObjectAppendString(lease_new, "mac-address",
+ mac) < 0) ||
+ (hostname && virJSONValueObjectAppendString(lease_new, "hostname",
+ hostname) < 0) ||
+ (clientid && virJSONValueObjectAppendString(lease_new, "client-id",
+ clientid) < 0) ||
+ (expirytime && virJSONValueObjectAppendNumberLong(lease_new, "expiry-time",
+ expirytime) < 0)) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to create json"));
+ goto cleanup;
+ }
+ }
+ }
+ }
+ else {
+ fprintf(stderr, _("Unsupported action: %s\n"), action);
+ exit(EXIT_FAILURE);
+ }
+
+ /* Check for previous leases */
+ if (custom_lease_file_len) {
+ if (!(leases_array = virJSONValueFromString(lease_entries))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("invalid json in file: %s"), custom_lease_file);
+ goto cleanup;
+ }
+
+ if ((size = virJSONValueArraySize(leases_array)) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("couldn't fetch array of leases"));
+ goto cleanup;
+ }
+ }
+
+ if (!(leases_array_new = virJSONValueNewArray())) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to create json"));
+ goto cleanup;
+ }
+
+ for (i = 0; i < size; i++) {
+ const char *ip_tmp = NULL;
+ long long exptime_tmp = -1;
+
+ if (!(lease_tmp = virJSONValueArrayGet(leases_array, i))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to parse json"));
+ goto cleanup;
+ }
+
+ if (!(ip_tmp = virJSONValueObjectGetString(lease_tmp, "ip-address")) ||
+ (virJSONValueObjectGetNumberLong(lease_tmp, "expiry-time", &exptime_tmp) < 0)) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to parse json"));
+ goto cleanup;
+ }
+
+ /* Check whether lease has expired or not */
+ if (exptime_tmp < (long long) time(NULL))
+ continue;
+
+ /* Check whether lease has to be included or not */
+ if (delete && STREQ(ip_tmp, ip))
+ continue;
+
+ /* Add old lease to new array */
+ if (virJSONValueArrayAppend(leases_array_new, lease_tmp) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to create json"));
+ goto cleanup;
+ }
+ }
+
+ if (add) {
+ if (virJSONValueArrayAppend(leases_array_new, lease_new) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("failed to create json"));
+ goto cleanup;
+ }
+ }
+
+ if (!(leases_str = virJSONValueToString(leases_array_new, true))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("empty json array"));
+ goto cleanup;
+ }
+
+ /* Write to file */
+ if (virFileRewrite(custom_lease_file, 0644,
+ customLeaseRewriteFile, &leases_str) < 0)
+ goto cleanup;
+
+ rv = EXIT_SUCCESS;
+
+cleanup:
+ VIR_FREE(custom_lease_file);
+ virJSONValueFree(lease_new);
+ virJSONValueFree(leases_array);
+ virJSONValueFree(leases_array_new);
+ return rv;
+}
--
1.7.1
10 years, 8 months
[libvirt] [PATCH v2] qemu: cleanup tap devices on FreeBSD
by Roman Bogorodskiy
We have to explicitly destroy TAP devices on FreeBSD because
they're not freed after being closed, otherwise we end up with
orphaned TAP devices after destroying a domain.
---
src/qemu/qemu_process.c | 7 +++++++
src/util/virnetdevtap.h | 6 ++++++
2 files changed, 13 insertions(+)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index ffa939a..6806539 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -61,6 +61,7 @@
#include "viruuid.h"
#include "virprocess.h"
#include "virtime.h"
+#include "virnetdevbridge.h"
#include "virnetdevtap.h"
#include "virbitmap.h"
#include "viratomic.h"
@@ -4381,6 +4382,12 @@ void qemuProcessStop(virQEMUDriverPtr driver,
virDomainNetGetActualVirtPortProfile(net),
cfg->stateDir));
VIR_FREE(net->ifname);
+#ifdef VIR_NETDEV_TAP_REQUIRE_MANUAL_CLEANUP
+ } else if (virDomainNetGetActualType(net) == VIR_DOMAIN_NET_TYPE_BRIDGE) {
+ ignore_value(virNetDevBridgeRemovePort(virDomainNetGetActualBridgeName(net),
+ net->ifname));
+ ignore_value(virNetDevTapDelete(net->ifname));
+#endif
}
/* release the physical device (or any other resources used by
* this interface in the network driver
diff --git a/src/util/virnetdevtap.h b/src/util/virnetdevtap.h
index a762b31..1e5bd19 100644
--- a/src/util/virnetdevtap.h
+++ b/src/util/virnetdevtap.h
@@ -27,6 +27,12 @@
# include "virnetdevvportprofile.h"
# include "virnetdevvlan.h"
+# ifdef __FreeBSD__
+/* This should be defined on OSes that don't automatically
+ * cleanup released devices */
+# define VIR_NETDEV_TAP_REQUIRE_MANUAL_CLEANUP 1
+# endif
+
int virNetDevTapCreate(char **ifname,
int *tapfd,
int tapfdSize,
--
1.8.4.3
10 years, 8 months
[libvirt] virDomainGetMaxVcpus does not work as expected
by Claudio Bley
Hi.
When calling virDomainGetMaxVcpus
(http://libvirt.org/html/libvirt-libvirt.html#virDomainGetMaxVcpus) on
an inactive domain, I receive this error:
scala> res2.getMaxVcpus()
libvirt: Domain Config error : Requested operation is not valid: domain is not running
org.libvirt.LibvirtException: Requested operation is not valid: domain is not running
at org.libvirt.ErrorHandler.processError(ErrorHandler.java:31)
at org.libvirt.ErrorHandler.processError(ErrorHandler.java:46)
at org.libvirt.Domain.getMaxVcpus(Domain.java:571)
at .<init>(<console>:13)
...
(this is from Java, but that doesn't matter)
The docs say:
> If the guest is inactive, this is basically the same as
> virConnectGetMaxVcpus(). If the guest is running this will reflect
> the maximum number of virtual CPUs the guest was booted with.
But, apparently, all the driver implementations for
virDomainGetMaxVcpus forward to
<driver>DomainGetVcpusFlags(.., VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_VCPU_MAXIMUM).
_______________________________,~~~~~~~~~~~~~~~~~~~~~~
$ git grep --show-function 'GetVcpusFlags.*AFFECT_LIVE'
src/esx/esx_driver.c=esxDomainGetMaxVcpus(virDomainPtr domain)
src/esx/esx_driver.c: return esxDomainGetVcpusFlags(domain, (VIR_DOMAIN_AFFECT_LIVE |
src/openvz/openvz_driver.c=static int openvzDomainGetMaxVcpus(virDomainPtr dom)
src/openvz/openvz_driver.c: return openvzDomainGetVcpusFlags(dom, (VIR_DOMAIN_AFFECT_LIVE |
src/qemu/qemu_driver.c=qemuDomainGetMaxVcpus(virDomainPtr dom)
src/qemu/qemu_driver.c: return qemuDomainGetVcpusFlags(dom, (VIR_DOMAIN_AFFECT_LIVE |
src/test/test_driver.c=testDomainGetMaxVcpus(virDomainPtr domain)
src/test/test_driver.c: return testDomainGetVcpusFlags(domain, (VIR_DOMAIN_AFFECT_LIVE |
src/vbox/vbox_tmpl.c=vboxDomainGetMaxVcpus(virDomainPtr dom)
src/vbox/vbox_tmpl.c: return vboxDomainGetVcpusFlags(dom, (VIR_DOMAIN_AFFECT_LIVE |
AFAICS, this was introduced with
commit 50c51f13e2af04afac46e181c4ed62581545a488
Author: Eric Blake <eblake(a)redhat.com>
Date: Mon Sep 27 16:37:53 2010 -0600
vcpu: make old API trivially wrap to new API
Whereas the function's contract was documented earlier by
commit b412cfadb502c76df095c2c4548c27abf7c4873f
Author: Daniel Veillard <veillard(a)redhat.com>
Date: Thu Mar 8 08:31:07 2007 +0000
To be honest, I'm not sure whether this worked as described at some
time in the past _at all_.
How to fix this? Change the documentation or the flag?
Claudio
10 years, 8 months
[libvirt] [PATCH] add option to enforce minimal pagesize for hugetlbfs backed guests
by Marcelo Tosatti
Require a minimal pagesize for hugetlbfs backed guests. Fail guest initialization
if hugetlbfs mount is configured with smaller page size.
Signed-off-by: Marcelo Tosatti <mtosatti(a)redhat.com>
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index fd02864..e28d182 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -632,6 +632,10 @@
<dt><code>hugepages</code></dt>
<dd>This tells the hypervisor that the guest should have its memory
allocated using hugepages instead of the normal native page size.</dd>
+ <dt><code>pagesize</code></dt>
+ <dd>This tells the hypervisor that the guest should refuse to start
+ in case of failure to allocate guest memory with hugepages equal
+ to or larger than the specified size</dd>
<dt><code>nosharepages</code></dt>
<dd>Instructs hypervisor to disable shared pages (memory merge, KSM) for
this domain. <span class="since">Since 1.0.6</span></dd>
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 28e24f9..babb745 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -11274,6 +11274,10 @@ virDomainDefParseXML(xmlDocPtr xml,
&def->mem.swap_hard_limit, false) < 0)
goto error;
+ if (virDomainParseMemory("./memoryBacking/hugepages/pagesize[1]", ctxt,
+ &def->mem.page_size, false) < 0)
+ goto error;
+
n = virXPathULong("string(./vcpu[1])", ctxt, &count);
if (n == -2) {
virReportError(VIR_ERR_XML_ERROR, "%s",
diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
index d8f2e49..03a900d 100644
--- a/src/conf/domain_conf.h
+++ b/src/conf/domain_conf.h
@@ -1984,6 +1984,7 @@ struct _virDomainDef {
unsigned long long soft_limit; /* in kibibytes */
unsigned long long min_guarantee; /* in kibibytes */
unsigned long long swap_hard_limit; /* in kibibytes */
+ unsigned long long page_size; /* in kibibytes */
} mem;
unsigned short vcpus;
unsigned short maxvcpus;
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 8bcd98e..cd5e1c8 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -3570,6 +3570,33 @@ cleanup:
return ret;
}
+#ifdef __linux__
+
+#include <sys/vfs.h>
+
+#define HUGETLBFS_MAGIC 0x958458f6
+
+static long gethugepagesize(const char *path)
+{
+ struct statfs fs;
+ int ret;
+
+ do {
+ ret = statfs(path, &fs);
+ } while (ret != 0 && errno == EINTR);
+
+ if (ret != 0) {
+ perror(path);
+ return 0;
+ }
+
+ if (fs.f_type != HUGETLBFS_MAGIC)
+ return 0;
+
+ return fs.f_bsize;
+}
+#endif
+
int qemuProcessStart(virConnectPtr conn,
virQEMUDriverPtr driver,
@@ -3712,6 +3739,31 @@ int qemuProcessStart(virConnectPtr conn,
"%s", _("Unable to set huge path in security driver"));
goto cleanup;
}
+
+ if (vm->def->mem.page_size) {
+#ifdef __linux__
+ unsigned long hpagesize = gethugepagesize(cfg->hugepagePath);
+
+ if (!hpagesize) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ "%s", _("Unable to stat hugepage path"));
+ goto cleanup;
+ }
+
+ hpagesize /= 1024;
+
+ if (hpagesize < vm->def->mem.page_size) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Error: hugetlbfs page size=%ld < pagesize=%lld"),
+ hpagesize, vm->def->mem.page_size);
+ goto cleanup;
+ }
+#else
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ "%s", _("pagesize option unsupported"));
+ goto cleanup;
+#endif
+ }
}
/* Ensure no historical cgroup for this VM is lying around bogus
10 years, 8 months
[libvirt] Looking for project ideas and mentors for Google Summer of Code 2014
by Stefan Hajnoczi
KVM & libvirt: you are welcome to join the QEMU umbrella organization
like last year.
What is GSoC?
Google Summer of Code 2014 (GSoC) provides funding for students to
work on open source projects for 12-weeks over the summer. Open
source organizations apply to participate and those accepted receive
funding for one or more students.
How we are participating
QEMU has participated, together with KVM and libvirt, in past years
and I would like to continue that tradition this year.
We now need to collect a list of project ideas on our wiki. We also
need mentors to volunteer.
http://qemu-project.org/Google_Summer_of_Code_2014
Project ideas
Please post project ideas on the wiki page below. Project ideas
should be suitable as a 12-week project that a student fluent in
C/Python/etc can complete. No prior knowledge of QEMU/KVM/libvirt
internals can be assumed.
http://qemu-project.org/Google_Summer_of_Code_2014
Mentors
Please add your name to project ideas you are willing to mentor. In
order to mentor you must be an established contributor (regularly
contribute patches). You must be willing to spend about 5 hours per
week from May 19 to August 18.
I have CCed the 8 most active committers since QEMU 1.5.0 but everyone
is invited.
Official timeline:
https://www.google-melange.com/gsoc/events/google/gsoc2014
Stefan
10 years, 8 months
[libvirt] [PATCH 00/10] virFork cleanups
by Eric Blake
Some of these patches were written while working on CVE-2013-6456;
we decided to reorder things and fix that problem first. While
rebasing these patches to the latest tree, I found other things
worth fixing.
Eric Blake (10):
nwfilter: don't ignore child process failures
virFork: give specific status on failure prior to exec
util: make it easier to reflect child exit status
util: preserve exit status from mount namespace callback
util: make it easier to grab only regular process exit
util: make it easier to grab only regular command exit
virFork: simplify semantics
virt-login-shell: use single instead of double fork
virt-login-shell: saner exit value
virsh: report exit status of failed lxc-enter-namespace
daemon/libvirtd.c | 4 +-
daemon/remote.c | 7 +-
docs/internals/command.html.in | 17 ++-
src/access/viraccessdriverpolkit.c | 9 +-
src/bhyve/bhyve_process.c | 19 +---
src/fdstream.c | 3 +-
src/internal.h | 7 ++
src/libvirt.c | 4 +-
src/libvirt_private.syms | 2 +
src/lxc/lxc_container.c | 6 +-
src/lxc/lxc_process.c | 11 +-
src/nwfilter/nwfilter_ebiptables_driver.c | 89 ++++++---------
src/openvz/openvz_driver.c | 18 +---
src/qemu/qemu_capabilities.c | 1 +
src/qemu/qemu_command.c | 3 +-
src/storage/storage_backend_iscsi.c | 7 +-
src/util/vircommand.c | 173 +++++++++++++++---------------
src/util/vircommand.h | 4 +-
src/util/virebtables.c | 5 +-
src/util/virfile.c | 35 ++----
src/util/viriptables.c | 7 +-
src/util/virnetdevveth.c | 4 +-
src/util/virprocess.c | 121 +++++++++++++++------
src/util/virprocess.h | 8 +-
src/xen/xen_driver.c | 9 +-
tests/commandtest.c | 126 +++++++++++++++++++++-
tests/reconnect.c | 3 +-
tests/statstest.c | 3 +-
tests/testutils.c | 4 +-
tools/virsh-domain.c | 30 +++---
tools/virsh.pod | 5 +-
tools/virt-login-shell.c | 141 ++++++++++--------------
tools/virt-login-shell.pod | 25 ++++-
33 files changed, 525 insertions(+), 385 deletions(-)
--
1.8.5.3
10 years, 8 months
