March 2016 - Devel - libvirt List Archives

[libvirt] [libvirt-php] PHP 7 compatibility
by Remi Collet 23 Mar '16

23 Mar '16

FYI, see https://gitlab.com/Conan_Kudo/libvirt-php7/commits/php7 It build but need tests. Remi.

2 1

[libvirt] [RFC 0/3] Master secret key support
by John Ferlan 23 Mar '16

23 Mar '16

Posted as RFC primarily to make sure there's buyin for something that will become the basis for more patches to add support for using the master secret to encrypt sensitive data using objects. This work is related to the QEMU 2.6 commit 'ac1d8878' (not a libvirt commit, rather a qemu.git commit id). Hopefully I've properly read the qemu checkin notes as they relate to key generation. One thing of note that differs from other descriptions for a master secret. Most bz's where it's described indicate using /var/lib/libvirt/qemu/ $GUEST-master.key; whereas, these patches chose a slightly different tact using the generated libDir (/var/lib/libvirt/qemu/domain-#-$GUEST/ master.key). This file will be generated in qemu process launch regardless of whether the emulator supports it or not (because we have the domain private object to access the masterKey, but not in qemuBuildCommandLine). The only odd part for me was the realizing that libDir is created after successfully completing qemuBuildCommandLine - so checking if the file exists before adding it to the command line wasn't possible, but it seems that's no different to other libDir usages. Internally, the I chose to store the secret to be used as a base64 value since 1. it's going to be saved in the domain objects XML output (for libvirtd restart) and 2. it's easy enough to decode if we do need to later on. Not sure it's appropriate to store the non encoded secret in the domain object XML file. One extra area I need help on is the capabilitiesdata setup... That is how to generate the tests/qemucapabilitiesdata/caps_2.6.0-1.replies so that the 'secret' object exists and so that if I add "<flag name='secret'>" to the .caps file I won't get a test failure since the existing one doesn't list the secrets object. I've done a bit of testing locally... Starting with running domains (both persistent and transient) then restarting libvirtd and with starting the same domains with the code running. I didn't update my qemu locally to see the -object on the command line, but the test added does show the -object added (although I it took a double take and some thinking whether /tmp/lib/domain--1-$NAME/ should be used - note the /tmp and the domain--# prefix). John Ferlan (3): qemu: Create domain master key qemu: Add capability bit for qemu secret object qemu: Introduce qemuBuildMasterKeyCommandLine src/qemu/qemu_capabilities.c | 2 + src/qemu/qemu_capabilities.h | 1 + src/qemu/qemu_command.c | 67 ++++++++ src/qemu/qemu_domain.c | 175 +++++++++++++++++++++ src/qemu/qemu_domain.h | 11 ++ src/qemu/qemu_process.c | 13 ++ .../qemuxml2argvdata/qemuxml2argv-master-key.args | 23 +++ tests/qemuxml2argvdata/qemuxml2argv-master-key.xml | 30 ++++ tests/qemuxml2argvtest.c | 2 + 9 files changed, 324 insertions(+) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.args create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-master-key.xml -- 2.5.0

3 10

[libvirt] [PATCH v2 0/4] hostdev: Cleanups and fixes
by Andrea Bolognani 23 Mar '16

23 Mar '16

Respin of patches 20, 22, 23 and 24 from https://www.redhat.com/archives/libvir-list/2016-March/msg00209.html Patches 01-19 have already been pushed; patch 21 has been converted into the tiny series https://www.redhat.com/archives/libvir-list/2016-March/msg00792.html which this one depends on. Not many changes, basically just shuffling patches around to avoid a problem found during review and other small nits. Cheers. Andrea Bolognani (4): hostdev: Streamline device ownership tracking hostdev: Save netdev configuration of actual device hostdev: Use actual device when reattaching tests: hostdev: Add more tests src/util/virhostdev.c | 181 +++++++++++++++++++++++++++---------------------- tests/virhostdevtest.c | 84 +++++++++++++++++++++-- 2 files changed, 178 insertions(+), 87 deletions(-) -- 2.5.0

2 9

[libvirt] nwfilter and ipset
by Vasiliy Tolstov 23 Mar '16

23 Mar '16

Hi! I found, that nwfilter supports ipset, does it possible to fill ipset via libvirt with some values? -- Vasiliy Tolstov, e-mail: v.tolstov(a)selfip.ru

1 0

[libvirt] [PATCH 0/2] hostdev: Small usability improvements
by Andrea Bolognani 23 Mar '16

23 Mar '16

Patch 2/2 is basically https://www.redhat.com/archives/libvir-list/2016-March/msg00230.html and patch 1/2 is an implementation of the idea outlined in https://www.redhat.com/archives/libvir-list/2016-March/msg00729.html to address the flaw discovered by John. Spun off from the main series because it can be merged on its own, and I still need to rework the remaining patches a bit before posting v2 of that. Cheers. Andrea Bolognani (2): hostdev: Detect untracked inactive devices hostdev: Stop early if unmanaged devices have not been detached src/util/virhostdev.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 50 insertions(+), 3 deletions(-) -- 2.5.0

2 7

[libvirt] [RFC PATCH 0/4] Implementation of a dependency relation between domains
by Valentin BOUSSON 23 Mar '16

23 Mar '16

This patch series adds a feature that enables libvirt domains to have other domains as dependencies. One possible target is the simulation of a complex computing system composed of multiple CPUs, each of which represented by a different libvirt domain. CPUs in this example are virtualized separately, by a dedicated QEMU instance, because all of them are booting independently. Moreover, if those CPU must share some physical property (for example power supply or ACPI), it is meaningful to consider them as a group. Another possible target is Asymmetric Multi Processor (AMP) systems. Where a master processor uses one or more slave processors to offload computation. Master and slave have often different architectures. This patch series makes possible to define the slave domains as dependencies of the master domain. And the whole system to be booted with one single libvirt command. A use-case for this libvirt extension are the recent patch series in QEMU that enable modeling an AMP-like system with multiple QEMU instances. [RFC v2 0/6] SDM Interface [RFC v2 0/6] QEMU shared-memory-backend [RFC v2 1/1] backend: multi-client-socket Features : ---------- - When a domain A depends on a domain B (A=>B), signals are forward-propagated from A to B. So, when a user asks the domain A to be: - instantiated - destroyed - suspended - resumed domain B will automatically receive the same signal. - Single-level dependency: By construction domain dependencies are restricted to one single level, so to avoid wrong recursive (infinite) domain dependencies. This is also because there is no clear benefit in supporting multiple level of dependencies between domains. More specifically, given to domains, A and B, if A depends on B (A=>B), then B can not have any dependency (B => C is forbidden). How to test this patch series : ------------------------------- The source code can be downloaded by: git clone https://git.virtualopensystems.com/dev/libvirt.git \ -b domain-dependency Note: The patch series relies on the commit 95ca4fe, but with the patch proposed by Michal Privoznik, "[PATCH]qemuBuildVideoCommandLine: Don't access def->videos without check" that resolves a critical bug. To add a dependency between two domains (for example between domaninA and domainB), it suffices to add in the XML description of the first one: domainA.xml: <devices> ... <domaindependency> /absolute/path/to/the/domainB.xml </domaindependency> ... </devices> Note: The two domains mus be virtualized thanks to QEMU, and be hosted on the same filesystem. Finally, instanciate domainA with the command: virsh create domainA.xml And observe that both domains are running in the same time with: virsh list You can trigger the implemented signals and check that both domains are working as one: virsh suspend domainA virsh resume domainA virsh destroy domainA Note: as mentioned, all signals are forward-propagated, so if you manipulate the domainB directly, domainA will not be affected. This work has been sponsored by Huawei Technologies Duesseldorf GmbH. Valentin BOUSSON (4): Add XML description of the new dependency device Add the inner structure managing dependency devices Add primitives for manipulation of dependency structures Implement signal propagation to dependancy domains docs/schemas/domaincommon.rng | 5 ++ src/conf/domain_conf.c | 83 +++++++++++++++++++++++++- src/conf/domain_conf.h | 18 ++++++ src/qemu/qemu_driver.c | 135 ++++++++++++++++++++++++++++++++++++++++-- src/qemu/qemu_hotplug.c | 1 + 5 files changed, 237 insertions(+), 5 deletions(-) -- 1.9.1

2 5

[libvirt] [PATCH] qemuxml2argv: Mock virSCSIDeviceGetSgName
by Michal Privoznik 23 Mar '16

23 Mar '16

When constructing SCSI hostdev command line for qemu, the /sys/bus/scsi/devices/... dir is scanned. Unfortunately, even in the tests. This is needed to determine the name of SCSI device to passthrough to qemu, because in the domain XML we were given its address instead. Anyway, we should not be touching live system data in our test suite as it produced unpredictable results. The test is regressing from 1e9a083742efe on. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- tests/qemuxml2argvmock.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/qemuxml2argvmock.c b/tests/qemuxml2argvmock.c index 8426108..b7dfebb 100644 --- a/tests/qemuxml2argvmock.c +++ b/tests/qemuxml2argvmock.c @@ -26,6 +26,7 @@ #include "virutil.h" #include "virstring.h" #include "virtpm.h" +#include "virscsi.h" #include <time.h> #include <unistd.h> @@ -84,3 +85,16 @@ virMemoryMaxValue(bool capped ATTRIBUTE_UNUSED) { return LLONG_MAX; } + +char * +virSCSIDeviceGetSgName(const char *sysfs_prefix ATTRIBUTE_UNUSED, + const char *adapter ATTRIBUTE_UNUSED, + unsigned int bus ATTRIBUTE_UNUSED, + unsigned int target ATTRIBUTE_UNUSED, + unsigned long long unit ATTRIBUTE_UNUSED) +{ + char *ret; + + ignore_value(VIR_STRDUP(ret, "sg0")); + return ret; +} -- 2.7.3

2 1

[libvirt] [libvirt-sandbox PATCH] Ignore generated file
by Guido Günther 23 Mar '16

23 Mar '16

--- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 390d65c..83831bb 100644 --- a/.gitignore +++ b/.gitignore @@ -31,6 +31,7 @@ po/stamp-it po/libvirt-sandbox.pot po/*.gmo stamp-h1 +build-aux/test-driver INSTALL libvirt-sandbox-1.0.pc libvirt-sandbox.spec -- 2.8.0.rc3

1 0

[libvirt] [PATCH 1/3 trivial] fix typo in virt-aa-helper helptext
by Serge Hallyn 23 Mar '16

23 Mar '16

it's --dryrun not --dry-run Signed-off-by: Serge Hallyn <serge.hallyn(a)ubuntu.com> --- src/security/virt-aa-helper.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index a2d7226..b466626 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -107,7 +107,7 @@ vah_usage(void) " Options:\n" " -a | --add load profile\n" " -c | --create create profile from template\n" - " -d | --dry-run dry run\n" + " -d | --dryrun dry run\n" " -D | --delete unload and delete profile\n" " -f | --add-file <file> add file to profile\n" " -F | --append-file <file> append file to profile\n" -- 2.7.0

3 5

[libvirt] [libvirt-sandbox PATCH] Allow to switch to a specific user id
by Guido Günther 22 Mar '16

22 Mar '16

Useful if you want to run programs as the same user than outside the sandbox. --- bin/virt-sandbox.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/bin/virt-sandbox.c b/bin/virt-sandbox.c index 4c400d5..9495e85 100644 --- a/bin/virt-sandbox.c +++ b/bin/virt-sandbox.c @@ -24,6 +24,8 @@ #include <libvirt-sandbox/libvirt-sandbox.h> #include <glib/gi18n.h> +#include <sys/types.h> +#include <pwd.h> static gboolean do_close(GVirSandboxConsole *con G_GNUC_UNUSED, gboolean error G_GNUC_UNUSED, @@ -92,6 +94,7 @@ int main(int argc, char **argv) { gchar *kernver = NULL; gchar *kernpath = NULL; gchar *kmodpath = NULL; + gchar *switchto = NULL; gboolean verbose = FALSE; gboolean debug = FALSE; gboolean shell = FALSE; @@ -126,6 +129,8 @@ int main(int argc, char **argv) { N_("security properties"), "PATH", }, { "privileged", 'p', 0, G_OPTION_ARG_NONE, &privileged, N_("run the command privileged"), NULL }, + { "switchto", 'S', 0, G_OPTION_ARG_STRING, &switchto, + N_("swith to the given user"), "USER" }, { "shell", 'l', 0, G_OPTION_ARG_NONE, &shell, N_("start a shell"), NULL, }, { "kernver", 0, 0, G_OPTION_ARG_STRING, &kernver, @@ -139,6 +144,7 @@ int main(int argc, char **argv) { { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL } }; const char *help_msg = N_("Run 'virt-sandbox --help' to see a full list of available command line options"); + struct passwd *pw; setlocale(LC_ALL, ""); bindtextdomain(PACKAGE, LOCALEDIR); @@ -198,10 +204,25 @@ int main(int argc, char **argv) { if (kmodpath) gvir_sandbox_config_set_kmodpath(cfg, kmodpath); + if (privileged && switchto) { + g_printerr(_("'switchto' and 'privileged' are incompatible options\n")); + goto cleanup; + } + if (privileged) { gvir_sandbox_config_set_userid(cfg, 0); gvir_sandbox_config_set_groupid(cfg, 0); gvir_sandbox_config_set_username(cfg, "root"); + } else if (switchto) { + pw = getpwnam(switchto); + if (!pw) { + g_printerr(_("Failed to resolve user %s\n"), switchto); + goto cleanup; + } + gvir_sandbox_config_set_userid(cfg, pw->pw_uid); + gvir_sandbox_config_set_groupid(cfg, pw->pw_gid); + gvir_sandbox_config_set_username(cfg, pw->pw_name); + gvir_sandbox_config_set_homedir(cfg, pw->pw_dir); } if (envs && @@ -541,6 +562,11 @@ to this path to locate the modules. Retain root privileges inside the sandbox, rather than dropping privileges to match the current user identity. +=item B<-S USER>, B<--switchto=USER> + +Swith to the given user inside the sandbox and setup $HOME +accordingly. + =item B<-l>, B<--shell> Launch an interactive shell on a secondary console device -- 2.8.0.rc3

2 2