[libvirt] [PATCH 0/2] esx: Add libcurl based stream driver and implement virDomainScreenshot
by Matthias Bolte
I had the code in these two patches bascially sitting around since 2012,
yes 2012! But I never managed to get the code properly split into patches
and touched up good enough to post it here. This was also hindered by the
fact that I had no ESX test system at hand for the last year or so.
Dawid Zamirski posted some patches [1] to implement virDomainScreenshot
for ESX. So I finally managed to set up some ESX test system again this
weekend and get my old code dusted up. His implementation has two
disadvantages, namely storing the screenshot to a temporary file before
feeding it to a stream and the method of creating the screenshot itself
is availalbe since ESX 4.0 only.
My implementation direcly feeds the screenshot data to a stream and
screenshot creation uses a method available since ESX 2.5.
[1] https://www.redhat.com/archives/libvir-list/2014-March/msg01786.html
10 years, 1 month
[libvirt] [RFC] exclusive vcpu-cpu pinning
by Ján Tomko
Hello developers!
Currently, our default cgroup layout is:
-top level cgroup
\-machine (machine.slice with systemd)
`-vm1.libvirt-qemu (machine-qemu\x2dvm1.scope with systemd)
`-emulator
`-vcpu0
\-vcpu1
\-vm2.libvirt-qemu
`-emulator
`-vcpu0
`-vcpu1
To free some CPUs for exclusive use, either all processes from the top level
cgroup should be moved to another one (which does not seem like a great idea)
or isolcpus= should be specified on the kernel command line.
The cpuset.cpu_exclusive option can be set on a cgroup if
* all the groups up to the top level group have it set
* the cpuset of the current group is a subset of the parent group
and no siblings use any cpus from the current cpuset
This would mean that to keep the existing nested structure, all vcpus and the
emulator thread would need to have an exclusive CPU, e.g:
<vcpu placement='static' cpuset='4-6'>2</vcpu>
<cputune exclusive='yes'>
<vcpupin vcpu='0' cpuset='5'/>
<vcpupin vcpu='1' cpuset='6'/>
<emulatorpin cpuset='4'/>
</cputune>
(The only two issues I found:
1) libvirt would have to mess with systemd's 'machine-scope' behind it's back
(setting cpu_exclusive)
2) creating machines without explicit cpu pinning fails, as libvirt tries to
write all the cpus to the cpuset, even those the other machine uses
exclusively)
I've also thought about just keeping track of the 'exclusived' CPUs in
libvirt. This would not work across drivers. And it could possibly be needed
to solve issue 2).
Do you think any of these options would be useful?
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=996758
Jan
10 years, 2 months
[libvirt] [PATCH 1/1] libvirtd crash when defining scsi storage pool
by Pradipta Kr. Banerjee
libvirtd crashes when there is an existing SCSI pool
with adapter type as 'scsi_host' and defining a new SCSI pool with adapter
type as 'fc_host' and parent attribute missing.
For eg when defining a storage-pool with the following XML will crash libvirtd
if there already exists a SCSI pool with adapter type 'scsi_host'
<pool type='scsi'>
<name>TEST_SCSI_FC_POOL</name>
<source>
<adapter type='fc_host' wwnn='1234567890abcdef' wwpn='abcdef1234567890'/>
</source>
<target>
<path>/dev/disk/by-path</path>
</target>
</pool>
This happens because for fc_host, adapter 'name' is not relevant whereas
for scsi_host its mandatory attribute. However the check in libvirt for
finding duplicate storage pools doesn't take that into account while comparing,
resulting into crash
This patch fixes the issue
Signed-off-by: Pradipta Kr. Banerjee <bpradip(a)in.ibm.com>
---
src/conf/storage_conf.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/conf/storage_conf.c b/src/conf/storage_conf.c
index 8b6fd79..54a4589 100644
--- a/src/conf/storage_conf.c
+++ b/src/conf/storage_conf.c
@@ -2126,8 +2126,10 @@ virStoragePoolSourceFindDuplicate(virStoragePoolObjListPtr pools,
STREQ(pool->def->source.adapter.data.fchost.wwpn,
def->source.adapter.data.fchost.wwpn))
matchpool = pool;
- } else if (pool->def->source.adapter.type ==
- VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_SCSI_HOST){
+ } else if ((pool->def->source.adapter.type ==
+ VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_SCSI_HOST)\
+ && (def->source.adapter.type ==
+ VIR_STORAGE_POOL_SOURCE_ADAPTER_TYPE_SCSI_HOST)) {
if (STREQ(pool->def->source.adapter.data.name,
def->source.adapter.data.name))
matchpool = pool;
--
1.9.3
10 years, 2 months
[libvirt] [PATCH RFC] LXC: add HOME environment variable
by Chen Hanxiao
We lacked of HOME environment variable,
set 'HOME=/' as default.
Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com>
---
src/lxc/lxc_container.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index 1cf2c8f..9df9c04 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -236,6 +236,7 @@ static virCommandPtr lxcContainerBuildInitCmd(virDomainDefPtr vmDef,
virCommandAddEnvString(cmd, "PATH=/bin:/sbin");
virCommandAddEnvString(cmd, "TERM=linux");
virCommandAddEnvString(cmd, "container=lxc-libvirt");
+ virCommandAddEnvString(cmd, "HOME=/");
virCommandAddEnvPair(cmd, "container_uuid", uuidstr);
if (nttyPaths > 1)
virCommandAddEnvPair(cmd, "container_ttys", virBufferCurrentContent(&buf));
--
1.9.0
10 years, 2 months
[libvirt] [PATCH] selinux: Avoid label reservations for type = none during restart
by Shivaprasad G Bhat
The problem is libvirt kills the guests during libvirt restart if more than
guest has security type as none. This is because, libvirt as part of guest-
reconnect tries to reserve the security labels. In case of type=none, the range
of security context happen to be same for several guests. During reservation,
the second attempt to reserve the same range fails and the Guests would be
killed. The fix is to avoid reserving labels for type = none during libvirt
restart.
Signed-off-by: Shivaprasad G Bhat <sbhat(a)linux.vnet.ibm.com>
---
src/security/security_selinux.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index 008c58c..2f8a7f2 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -739,7 +739,8 @@ virSecuritySELinuxReserveSecurityLabel(virSecurityManagerPtr mgr,
virSecurityLabelDefPtr seclabel;
seclabel = virDomainDefGetSecurityLabelDef(def, SECURITY_SELINUX_NAME);
- if (!seclabel || seclabel->type == VIR_DOMAIN_SECLABEL_STATIC)
+ if (!seclabel || seclabel->type == VIR_DOMAIN_SECLABEL_STATIC ||
+ seclabel->type == VIR_DOMAIN_SECLABEL_NONE)
return 0;
if (getpidcon_raw(pid, &pctx) == -1) {
10 years, 2 months
[libvirt] [RFC] powerpc : Add support for VM in compat mode
by Prerna Saxena
PowerISA allows processors to run VMs in binary compatibility ("compat")
mode supporting an older version of ISA.
Eg,in compatibility mode, a POWER8 host can run a "Power7" VM,conforming
to PowerISA v2.06, while a POWER7 host can run a "POWER6" VM, conforming
to PowerISA v2.05.
QEMU has recently added support to explicitly denote a VM running in
compatibility mode through commit 6d9412ea. Now, a "compat" mode VM can
be run by invoking this qemu commandline on a POWER8 host:
-cpu host,compat=power7
as against the older specification of "-cpu power7".
However, running in compatibility mode is not identical to running
natively on an older processor. Hence the virtualization stack needs to
explicitly provide for a compat-mode VM.
This patch allows libvirt to extend the "fallback" semantics of cpu model to
describe this new mode for PowerKVM guests.
Additionally with the new scheme of things, qemu doesn't provide a way to query
for the supported compat models and models returned when querying with '-cpu ?'
are no longer valid. Hence removing the check cpuModelIsAllowed() for now.
When a user wants to request a power7 vm to run in compatibility mode on
a Power8 host, this can be described in XML as follows :
<cpu mode='custom' match='exact'>
<model fallback='compat'>power7</model>
</cpu>
An alternative approach could be to leave the libvirt XML intact, and merely
change the backend qemu command generation when the VM-requested cpu
does not match the host processor.
Looking forward to suggestions on how this can best be implemented..
Signed-off-by: Li Zhang <zhlcindy(a)linux.vnet.ibm.com>
Signed-off-by: Pradipta Kr. Banerjee <bpradip(a)in.ibm.com>
Signed-off-by: Prerna Saxena <prerna(a)linux.vnet.ibm.com>
diff --git a/src/conf/cpu_conf.c b/src/conf/cpu_conf.c
index ebdaa19..2f41bd7 100644
--- a/src/conf/cpu_conf.c
+++ b/src/conf/cpu_conf.c
@@ -47,7 +47,8 @@ VIR_ENUM_IMPL(virCPUMatch, VIR_CPU_MATCH_LAST,
VIR_ENUM_IMPL(virCPUFallback, VIR_CPU_FALLBACK_LAST,
"allow",
- "forbid")
+ "forbid",
+ "compat")
VIR_ENUM_IMPL(virCPUFeaturePolicy, VIR_CPU_FEATURE_LAST,
"force",
diff --git a/src/conf/cpu_conf.h b/src/conf/cpu_conf.h
index 8c932ce..50354f2 100644
--- a/src/conf/cpu_conf.h
+++ b/src/conf/cpu_conf.h
@@ -65,6 +65,7 @@ VIR_ENUM_DECL(virCPUMatch)
typedef enum {
VIR_CPU_FALLBACK_ALLOW,
VIR_CPU_FALLBACK_FORBID,
+ VIR_CPU_FALLBACK_COMPAT,
VIR_CPU_FALLBACK_LAST
} virCPUFallback;
diff --git a/src/cpu/cpu_powerpc.c b/src/cpu/cpu_powerpc.c
index b220448..218c013 100644
--- a/src/cpu/cpu_powerpc.c
+++ b/src/cpu/cpu_powerpc.c
@@ -457,8 +457,8 @@ ppcCompare(virCPUDefPtr host,
static int
ppcDecode(virCPUDefPtr cpu,
const virCPUData *data,
- const char **models,
- unsigned int nmodels,
+ const char **models ATTRIBUTE_UNUSED,
+ unsigned int nmodels ATTRIBUTE_UNUSED,
const char *preferred ATTRIBUTE_UNUSED,
unsigned int flags)
{
@@ -478,13 +478,6 @@ ppcDecode(virCPUDefPtr cpu,
goto cleanup;
}
- if (!cpuModelIsAllowed(model->name, models, nmodels)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("CPU model %s is not supported by hypervisor"),
- model->name);
- goto cleanup;
- }
-
if (VIR_STRDUP(cpu->model, model->name) < 0 ||
(model->vendor && VIR_STRDUP(cpu->vendor, model->vendor->name) < 0)) {
goto cleanup;
@@ -498,7 +491,6 @@ ppcDecode(virCPUDefPtr cpu,
return ret;
}
-
static void
ppcDataFree(virCPUDataPtr data)
{
@@ -561,8 +553,8 @@ ppcUpdate(virCPUDefPtr guest,
static virCPUDefPtr
ppcBaseline(virCPUDefPtr *cpus,
unsigned int ncpus,
- const char **models,
- unsigned int nmodels,
+ const char **models ATTRIBUTE_UNUSED,
+ unsigned int nmodels ATTRIBUTE_UNUSED,
unsigned int flags)
{
struct ppc_map *map = NULL;
@@ -582,13 +574,6 @@ ppcBaseline(virCPUDefPtr *cpus,
goto error;
}
- if (!cpuModelIsAllowed(model->name, models, nmodels)) {
- virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
- _("CPU model %s is not supported by hypervisor"),
- model->name);
- goto error;
- }
-
for (i = 0; i < ncpus; i++) {
const struct ppc_vendor *vnd;
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 1d5bce6..94e9b78 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -6176,7 +6176,9 @@ qemuBuildCpuArgStr(virQEMUDriverPtr driver,
*hasHwVirt = hasSVM > 0 ? true : false;
}
- if (cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) {
+ if ((cpu->mode == VIR_CPU_MODE_HOST_PASSTHROUGH) ||
+ ((cpu->mode == VIR_CPU_MODE_HOST_MODEL) &&
+ (def->os.arch == VIR_ARCH_PPC64))) {
const char *mode = virCPUModeTypeToString(cpu->mode);
if (!virQEMUCapsGet(qemuCaps, QEMU_CAPS_CPU_HOST)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
@@ -6208,7 +6210,13 @@ qemuBuildCpuArgStr(virQEMUDriverPtr driver,
if (cpuDecode(guest, data, (const char **)cpus, ncpus, preferred) < 0)
goto cleanup;
- virBufferAdd(&buf, guest->model, -1);
+ if (def->os.arch == VIR_ARCH_PPC64 &&
+ cpu->fallback == VIR_CPU_FALLBACK_COMPAT) {
+ virBufferAddLit(&buf, "host");
+ virBufferAsprintf(&buf, ",compat=%s", guest->model);
+ } else
+ virBufferAdd(&buf, guest->model, -1);
+
if (guest->vendor_id)
virBufferAsprintf(&buf, ",vendor=%s", guest->vendor_id);
for (i = 0; i < guest->nfeatures; i++) {
--
Prerna Saxena
Linux Technology Centre,
IBM Systems and Technology Lab,
Bangalore, India
10 years, 3 months
[libvirt] [PATCH] LXC: Fix virLXCControllerSetupDevPTS() wrt user namespaces
by Richard Weinberger
The gid value passed to devpts has to be translated by hand as
virLXCControllerSetupDevPTS() is called before setting up the user
and group mappings.
Otherwise devpts will use an unmapped gid and openpty()
will fail within containers.
Linux commit commit 23adbe12
("fs,userns: Change inode_capable to capable_wrt_inode_uidgid")
uncovered that issue.
Signed-off-by: Richard Weinberger <richard(a)nod.at>
---
src/lxc/lxc_controller.c | 25 +++++++++++++++++++++++--
1 file changed, 23 insertions(+), 2 deletions(-)
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index 2d220eb..82ecf12 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -1164,6 +1164,19 @@ static int virLXCControllerMain(virLXCControllerPtr ctrl)
return rc;
}
+static uint32_t
+virLXCControllerLookupUsernsMap(virDomainIdMapEntryPtr map, int num,
+ uint32_t src)
+{
+ int i;
+
+ for (i = 0; i < num; i++) {
+ if (src > map[i].start && src < map[i].start + map[i].count)
+ return map[i].target + (src - map[i].start);
+ }
+
+ return src;
+}
static int
virLXCControllerSetupUsernsMap(virDomainIdMapEntryPtr map,
@@ -1930,6 +1943,7 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
char *opts = NULL;
char *devpts = NULL;
int ret = -1;
+ gid_t ptsgid = 5;
VIR_DEBUG("Setting up private /dev/pts");
@@ -1949,10 +1963,17 @@ virLXCControllerSetupDevPTS(virLXCControllerPtr ctrl)
goto cleanup;
}
+ if (ctrl->def->idmap.ngidmap)
+ ptsgid =
+ virLXCControllerLookupUsernsMap(ctrl->def->idmap.gidmap,
+ ctrl->def->idmap.ngidmap,
+ ptsgid);
+
/* XXX should we support gid=X for X!=5 for distros which use
* a different gid for tty? */
- if (virAsprintf(&opts, "newinstance,ptmxmode=0666,mode=0620,gid=5%s",
- (mount_options ? mount_options : "")) < 0)
+ if (virAsprintf
+ (&opts, "newinstance,ptmxmode=0666,mode=0620,gid=%u%s", ptsgid,
+ (mount_options ? mount_options : "")) < 0)
goto cleanup;
VIR_DEBUG("Mount devpts on %s type=tmpfs flags=%x, opts=%s",
--
2.0.1
10 years, 3 months
[libvirt] [PATCH v3 0/9] Series on passing FDs to daemon
by Martin Kletzander
This started as a fix for virsh 20s timeout of waiting for session
daemon that failed to start:
http://www.redhat.com/archives/libvir-list/2013-April/msg01351.html
Then there was a idea that we can pass some FDs around:
http://www.redhat.com/archives/libvir-list/2013-April/msg01356.html
So we did:
https://www.redhat.com/archives/libvir-list/2014-July/msg00841.html
And now we are even able to start with socket-activation with systemd;
see patch 9/9.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=927369
Martin Kletzander (9):
util: abstract parsing of passed FDs into virGetListenFDs()
remote: create virNetServerServiceNewFDOrUNIX() wrapper
rpc: set listen backlog on FDs as well as on other sockets
daemon: support passing FDs from the calling process
cfg.mk: allow integers to be assigned a value computed with i|j|k
tests: support dynamic prefixes in commandtest
util: add virCommandPassListenFDs() function
rpc: pass listen FD to the daemon being started
daemon: use socket activation with systemd
.gitignore | 1 +
cfg.mk | 2 +-
daemon/Makefile.am | 14 +++++-
daemon/libvirtd.c | 45 ++++++++++--------
daemon/libvirtd.conf | 5 ++
daemon/libvirtd.service.in | 5 --
daemon/libvirtd.socket.in | 6 +++
libvirt.spec.in | 26 +++++++++--
src/libvirt_private.syms | 2 +
src/libvirt_remote.syms | 1 +
src/locking/lock_daemon.c | 47 ++-----------------
src/rpc/virnetserverservice.c | 55 +++++++++++++++++++++-
src/rpc/virnetserverservice.h | 15 +++++-
src/rpc/virnetsocket.c | 102 ++++++++++++++++++++++++++++++++--------
src/util/vircommand.c | 99 +++++++++++++++++++++++++++++++++++++++
src/util/vircommand.h | 4 +-
src/util/virutil.c | 62 +++++++++++++++++++++++++
src/util/virutil.h | 2 +
tests/commanddata/test24.log | 7 +++
tests/commandtest.c | 105 ++++++++++++++++++++++++++++++++++--------
20 files changed, 491 insertions(+), 114 deletions(-)
create mode 100644 daemon/libvirtd.socket.in
create mode 100644 tests/commanddata/test24.log
--
2.0.2
10 years, 3 months
[libvirt] [PATCH] To provide more accurate help messages of iface/net/pool-define in virsh help and man virsh
by Jianwei Hu
---
tools/virsh-interface.c | 4 ++--
tools/virsh-network.c | 4 ++--
tools/virsh-pool.c | 4 ++--
tools/virsh.pod | 8 +++++---
4 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/tools/virsh-interface.c b/tools/virsh-interface.c
index d4ec854..6b4fd5f 100644
--- a/tools/virsh-interface.c
+++ b/tools/virsh-interface.c
@@ -507,10 +507,10 @@ cmdInterfaceDumpXML(vshControl *ctl, const vshCmd *cmd)
*/
static const vshCmdInfo info_interface_define[] = {
{.name = "help",
- .data = N_("define (but don't start) a physical host interface from an XML file")
+ .data = N_("define (but don't start) or update a physical host interface from an XML file")
},
{.name = "desc",
- .data = N_("Define a physical host interface.")
+ .data = N_("Define a physical host interface or update an existing one.")
},
{.name = NULL}
};
diff --git a/tools/virsh-network.c b/tools/virsh-network.c
index fc08b09..0db333c 100644
--- a/tools/virsh-network.c
+++ b/tools/virsh-network.c
@@ -189,10 +189,10 @@ cmdNetworkCreate(vshControl *ctl, const vshCmd *cmd)
*/
static const vshCmdInfo info_network_define[] = {
{.name = "help",
- .data = N_("define (but don't start) a network from an XML file")
+ .data = N_("define (but don't start) or update a network from an XML file")
},
{.name = "desc",
- .data = N_("Define a network.")
+ .data = N_("Define a network or update an existing one.")
},
{.name = NULL}
};
diff --git a/tools/virsh-pool.c b/tools/virsh-pool.c
index 7c40b5b..b0acd89 100644
--- a/tools/virsh-pool.c
+++ b/tools/virsh-pool.c
@@ -342,10 +342,10 @@ cmdPoolCreateAs(vshControl *ctl, const vshCmd *cmd)
*/
static const vshCmdInfo info_pool_define[] = {
{.name = "help",
- .data = N_("define (but don't start) a pool from an XML file")
+ .data = N_("define (but don't start) or update a pool from an XML file")
},
{.name = "desc",
- .data = N_("Define a pool.")
+ .data = N_("Define a pool or update an existing one.")
},
{.name = NULL}
};
diff --git a/tools/virsh.pod b/tools/virsh.pod
index 849ae31..8086885 100644
--- a/tools/virsh.pod
+++ b/tools/virsh.pod
@@ -2472,7 +2472,8 @@ to get a description of the XML network format used by libvirt.
=item B<net-define> I<file>
Define a persistent virtual network from an XML I<file>, the network is just
-defined but not instantiated (started).
+defined but not instantiated (started). If a persistent virtual network with
+the same name and UUID already exists, it will be replaced with the new XML.
=item B<net-destroy> I<network>
@@ -2631,7 +2632,7 @@ See also B<iface-unbridge> for undoing this operation.
=item B<iface-define> I<file>
Define a host interface from an XML I<file>, the interface is just defined but
-not started.
+not started. If a host interface with the same name already exists, it will be replaced with the new XML.
=item B<iface-destroy> I<interface>
@@ -2778,7 +2779,8 @@ I<type>.
=item B<pool-define> I<file>
-Create, but do not start, a pool object from the XML I<file>.
+Create, but do not start, a pool object from the XML I<file>. If a pool object
+with the same name and UUID already exists, it will be replaced with the new XML.
=item B<pool-define-as> I<name> I<--print-xml> I<type> [I<source-host>]
[I<source-path>] [I<source-dev>] [I<source-name>] [<target>]
--
1.8.1.4
10 years, 3 months
[libvirt] [PATCH v2 0/2] add support for --config in setmaxmem command
by Chen Hanxiao
Currently, setmaxmem return success on an active
domain, but nothing happened, which is not correct.
This series will disable changing max memory on
an active domain;
then add --config support for setmaxmem command.
v2: disable changing max memory on an active domain
drop useless as_assert
Chen Hanxiao (2):
LXC: add support for persistent config in lxcDomainSetMemoryFlags
LXC: add support for --config in setmaxmem command
src/lxc/lxc_driver.c | 100 ++++++++++++++++++++++++---------------------------
1 file changed, 46 insertions(+), 54 deletions(-)
--
1.9.0
10 years, 3 months
