October 2017 - Devel - Libvirt List Archives

[libvirt] [libvirt-jenkins-ci PATCH 0/2] ansible: Improve service management

by Andrea Bolognani

Rely on built-in functionality instead of reinventing the wheel. Andrea Bolognani (2): ansible: Use systemd module ansible: Use built-in init system detection ansible/tasks/jenkins.yml | 34 +++++++--------------------------- 1 file changed, 7 insertions(+), 27 deletions(-) -- 2.13.6

7 years, 1 month

2
3
0 / 0

[libvirt] [PATCH] qemu: Check QEMU error on failed migration

by Jiri Denemark

When migration fails, QEMU may provide a description of the error in the reply to query-migrate QMP command. We can fetch this error and use it instead of the generic "unexpectedly failed" message. Signed-off-by: Jiri Denemark <jdenemar(a)redhat.com> --- src/qemu/qemu_driver.c | 3 ++- src/qemu/qemu_migration.c | 36 +++++++++++++++++++++++------------- src/qemu/qemu_migration.h | 3 ++- src/qemu/qemu_monitor.c | 8 ++++++-- src/qemu/qemu_monitor.h | 3 ++- src/qemu/qemu_monitor_json.c | 18 ++++++++++++++---- src/qemu/qemu_monitor_json.h | 3 ++- tests/qemumonitorjsontest.c | 29 ++++++++++++++++++++++++++--- 8 files changed, 77 insertions(+), 26 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 7c6f1674a9..cc79d7d4e9 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -13130,7 +13130,8 @@ qemuDomainGetJobStatsInternal(virQEMUDriverPtr driver, jobInfo->status == QEMU_DOMAIN_JOB_STATUS_POSTCOPY) { if (events && jobInfo->status != QEMU_DOMAIN_JOB_STATUS_ACTIVE && - qemuMigrationFetchStats(driver, vm, QEMU_ASYNC_JOB_NONE, jobInfo) < 0) + qemuMigrationFetchStats(driver, vm, QEMU_ASYNC_JOB_NONE, + jobInfo, NULL) < 0) goto cleanup; if (jobInfo->status == QEMU_DOMAIN_JOB_STATUS_ACTIVE && diff --git a/src/qemu/qemu_migration.c b/src/qemu/qemu_migration.c index dd60071bfd..b286d68061 100644 --- a/src/qemu/qemu_migration.c +++ b/src/qemu/qemu_migration.c @@ -1382,7 +1382,8 @@ int qemuMigrationFetchStats(virQEMUDriverPtr driver, virDomainObjPtr vm, qemuDomainAsyncJob asyncJob, - qemuDomainJobInfoPtr jobInfo) + qemuDomainJobInfoPtr jobInfo, + char **error) { qemuDomainObjPrivatePtr priv = vm->privateData; qemuMonitorMigrationStats stats; @@ -1391,7 +1392,7 @@ qemuMigrationFetchStats(virQEMUDriverPtr driver, if (qemuDomainObjEnterMonitorAsync(driver, vm, asyncJob) < 0) return -1; - rv = qemuMonitorGetMigrationStats(priv->mon, &stats); + rv = qemuMonitorGetMigrationStats(priv->mon, &stats, error); if (qemuDomainObjExitMonitor(driver, vm) < 0 || rv < 0) return -1; @@ -1427,12 +1428,15 @@ qemuMigrationCheckJobStatus(virQEMUDriverPtr driver, { qemuDomainObjPrivatePtr priv = vm->privateData; qemuDomainJobInfoPtr jobInfo = priv->job.current; - + char *error = NULL; bool events = virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_MIGRATION_EVENT); + int ret = -1; - if (!events && - qemuMigrationFetchStats(driver, vm, asyncJob, jobInfo) < 0) - return -1; + if (!events || + jobInfo->stats.status == QEMU_MONITOR_MIGRATION_STATUS_ERROR) { + if (qemuMigrationFetchStats(driver, vm, asyncJob, jobInfo, &error) < 0) + return -1; + } qemuMigrationUpdateJobType(jobInfo); @@ -1440,17 +1444,18 @@ qemuMigrationCheckJobStatus(virQEMUDriverPtr driver, case QEMU_DOMAIN_JOB_STATUS_NONE: virReportError(VIR_ERR_OPERATION_FAILED, _("%s: %s"), qemuMigrationJobName(vm), _("is not active")); - return -1; + goto cleanup; case QEMU_DOMAIN_JOB_STATUS_FAILED: virReportError(VIR_ERR_OPERATION_FAILED, _("%s: %s"), - qemuMigrationJobName(vm), _("unexpectedly failed")); - return -1; + qemuMigrationJobName(vm), + error ? error : _("unexpectedly failed")); + goto cleanup; case QEMU_DOMAIN_JOB_STATUS_CANCELED: virReportError(VIR_ERR_OPERATION_ABORTED, _("%s: %s"), qemuMigrationJobName(vm), _("canceled by client")); - return -1; + goto cleanup; case QEMU_DOMAIN_JOB_STATUS_COMPLETED: case QEMU_DOMAIN_JOB_STATUS_ACTIVE: @@ -1459,7 +1464,12 @@ qemuMigrationCheckJobStatus(virQEMUDriverPtr driver, case QEMU_DOMAIN_JOB_STATUS_POSTCOPY: break; } - return 0; + + ret = 0; + + cleanup: + VIR_FREE(error); + return ret; } @@ -1577,7 +1587,7 @@ qemuMigrationWaitForCompletion(virQEMUDriverPtr driver, } if (events) - ignore_value(qemuMigrationFetchStats(driver, vm, asyncJob, jobInfo)); + ignore_value(qemuMigrationFetchStats(driver, vm, asyncJob, jobInfo, NULL)); qemuDomainJobInfoUpdateTime(jobInfo); qemuDomainJobInfoUpdateDowntime(jobInfo); @@ -3177,7 +3187,7 @@ qemuMigrationConfirmPhase(virQEMUDriverPtr driver, if (virDomainObjGetState(vm, &reason) == VIR_DOMAIN_PAUSED && reason == VIR_DOMAIN_PAUSED_POSTCOPY && qemuMigrationFetchStats(driver, vm, QEMU_ASYNC_JOB_MIGRATION_OUT, - jobInfo) < 0) + jobInfo, NULL) < 0) VIR_WARN("Could not refresh migration statistics"); qemuDomainJobInfoUpdateTime(jobInfo); diff --git a/src/qemu/qemu_migration.h b/src/qemu/qemu_migration.h index 57c747934d..63a4325624 100644 --- a/src/qemu/qemu_migration.h +++ b/src/qemu/qemu_migration.h @@ -282,7 +282,8 @@ int qemuMigrationFetchStats(virQEMUDriverPtr driver, virDomainObjPtr vm, qemuDomainAsyncJob asyncJob, - qemuDomainJobInfoPtr jobInfo); + qemuDomainJobInfoPtr jobInfo, + char **error); int qemuMigrationErrorInit(virQEMUDriverPtr driver); diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c index 7a26785878..551cbb77c7 100644 --- a/src/qemu/qemu_monitor.c +++ b/src/qemu/qemu_monitor.c @@ -2632,12 +2632,16 @@ qemuMonitorSetMigrationParams(qemuMonitorPtr mon, int qemuMonitorGetMigrationStats(qemuMonitorPtr mon, - qemuMonitorMigrationStatsPtr stats) + qemuMonitorMigrationStatsPtr stats, + char **error) { QEMU_CHECK_MONITOR(mon); + if (error) + *error = NULL; + if (mon->json) - return qemuMonitorJSONGetMigrationStats(mon, stats); + return qemuMonitorJSONGetMigrationStats(mon, stats, error); else return qemuMonitorTextGetMigrationStats(mon, stats); } diff --git a/src/qemu/qemu_monitor.h b/src/qemu/qemu_monitor.h index d9c27acaef..ed57589db1 100644 --- a/src/qemu/qemu_monitor.h +++ b/src/qemu/qemu_monitor.h @@ -695,7 +695,8 @@ struct _qemuMonitorMigrationStats { }; int qemuMonitorGetMigrationStats(qemuMonitorPtr mon, - qemuMonitorMigrationStatsPtr stats); + qemuMonitorMigrationStatsPtr stats, + char **error); typedef enum { QEMU_MONITOR_MIGRATION_CAPS_XBZRLE, diff --git a/src/qemu/qemu_monitor_json.c b/src/qemu/qemu_monitor_json.c index a9070fe636..a4b7708b99 100644 --- a/src/qemu/qemu_monitor_json.c +++ b/src/qemu/qemu_monitor_json.c @@ -2792,7 +2792,8 @@ qemuMonitorJSONSetMigrationParams(qemuMonitorPtr mon, static int qemuMonitorJSONGetMigrationStatsReply(virJSONValuePtr reply, - qemuMonitorMigrationStatsPtr stats) + qemuMonitorMigrationStatsPtr stats, + char **error) { virJSONValuePtr ret; virJSONValuePtr ram; @@ -2801,6 +2802,7 @@ qemuMonitorJSONGetMigrationStatsReply(virJSONValuePtr reply, const char *statusstr; int rc; double mbps; + const char *tmp; ret = virJSONValueObjectGetObject(reply, "return"); @@ -2839,11 +2841,18 @@ qemuMonitorJSONGetMigrationStatsReply(virJSONValuePtr reply, switch ((qemuMonitorMigrationStatus) stats->status) { case QEMU_MONITOR_MIGRATION_STATUS_INACTIVE: case QEMU_MONITOR_MIGRATION_STATUS_SETUP: - case QEMU_MONITOR_MIGRATION_STATUS_ERROR: case QEMU_MONITOR_MIGRATION_STATUS_CANCELLED: case QEMU_MONITOR_MIGRATION_STATUS_LAST: break; + case QEMU_MONITOR_MIGRATION_STATUS_ERROR: + if (error) { + tmp = virJSONValueObjectGetString(ret, "error-desc"); + if (tmp && VIR_STRDUP(*error, tmp) < 0) + return -1; + } + break; + case QEMU_MONITOR_MIGRATION_STATUS_ACTIVE: case QEMU_MONITOR_MIGRATION_STATUS_POSTCOPY: case QEMU_MONITOR_MIGRATION_STATUS_COMPLETED: @@ -2987,7 +2996,8 @@ qemuMonitorJSONGetMigrationStatsReply(virJSONValuePtr reply, int qemuMonitorJSONGetMigrationStats(qemuMonitorPtr mon, - qemuMonitorMigrationStatsPtr stats) + qemuMonitorMigrationStatsPtr stats, + char **error) { int ret = -1; virJSONValuePtr cmd = qemuMonitorJSONMakeCommand("query-migrate", @@ -3005,7 +3015,7 @@ int qemuMonitorJSONGetMigrationStats(qemuMonitorPtr mon, if (qemuMonitorJSONCheckError(cmd, reply) < 0) goto cleanup; - if (qemuMonitorJSONGetMigrationStatsReply(reply, stats) < 0) + if (qemuMonitorJSONGetMigrationStatsReply(reply, stats, error) < 0) goto cleanup; ret = 0; diff --git a/src/qemu/qemu_monitor_json.h b/src/qemu/qemu_monitor_json.h index f418c74264..7c45be6725 100644 --- a/src/qemu/qemu_monitor_json.h +++ b/src/qemu/qemu_monitor_json.h @@ -141,7 +141,8 @@ int qemuMonitorJSONSetMigrationParams(qemuMonitorPtr mon, qemuMonitorMigrationParamsPtr params); int qemuMonitorJSONGetMigrationStats(qemuMonitorPtr mon, - qemuMonitorMigrationStatsPtr stats); + qemuMonitorMigrationStatsPtr stats, + char **error); int qemuMonitorJSONGetMigrationCapabilities(qemuMonitorPtr mon, char ***capabilities); diff --git a/tests/qemumonitorjsontest.c b/tests/qemumonitorjsontest.c index df3ef0a932..475fd270e1 100644 --- a/tests/qemumonitorjsontest.c +++ b/tests/qemumonitorjsontest.c @@ -1907,6 +1907,7 @@ testQemuMonitorJSONqemuMonitorJSONGetMigrationStats(const void *data) qemuMonitorTestPtr test = qemuMonitorTestNewSimple(true, xmlopt); int ret = -1; qemuMonitorMigrationStats stats, expectedStats; + char *error = NULL; if (!test) return -1; @@ -1931,21 +1932,43 @@ testQemuMonitorJSONqemuMonitorJSONGetMigrationStats(const void *data) " }" " }," " \"id\": \"libvirt-13\"" + "}") < 0 || + qemuMonitorTestAddItem(test, "query-migrate", + "{" + " \"return\": {" + " \"status\": \"failed\"," + " \"error-desc\": \"It's broken\"" + " }," + " \"id\": \"libvirt-14\"" "}") < 0) goto cleanup; - if (qemuMonitorJSONGetMigrationStats(qemuMonitorTestGetMonitor(test), &stats) < 0) + if (qemuMonitorJSONGetMigrationStats(qemuMonitorTestGetMonitor(test), + &stats, &error) < 0) goto cleanup; - if (memcmp(&stats, &expectedStats, sizeof(stats)) != 0) { + if (memcmp(&stats, &expectedStats, sizeof(stats)) != 0 || error) { virReportError(VIR_ERR_INTERNAL_ERROR, "%s", - "Invalid migration status"); + "Invalid migration statistics"); + goto cleanup; + } + + memset(&stats, 0, sizeof(stats)); + if (qemuMonitorJSONGetMigrationStats(qemuMonitorTestGetMonitor(test), + &stats, &error) < 0) + goto cleanup; + + if (stats.status != QEMU_MONITOR_MIGRATION_STATUS_ERROR || + STRNEQ_NULLABLE(error, "It's broken")) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + "Invalid failed migration status"); goto cleanup; } ret = 0; cleanup: qemuMonitorTestFree(test); + VIR_FREE(error); return ret; } -- 2.14.2

7 years, 1 month

2
2
0 / 0

[libvirt] [PATCH v2 0/3] Hyper-V driver fixes

by Ladi Prosek

Fixes a couple of minor issues in the Hyper-V driver found by code inspection. v1->v2: * Removed an "Invalid query" virReportError instead of adding a new one because virBufferCheckError already reports a meaningful error (Daniel) Ladi Prosek (3): hyperv: Fix hypervInitConnection error reporting hyperv: Escape WQL queries hyperv: Map Limit to max_memory and VirtualQuantity to cur_balloon src/hyperv/hyperv_driver.c | 104 ++++++++++++++++++++++----------------------- src/hyperv/hyperv_wmi.c | 3 +- src/util/virbuffer.c | 18 ++++++++ src/util/virbuffer.h | 3 ++ 4 files changed, 74 insertions(+), 54 deletions(-) -- 2.13.5

7 years, 1 month

2
8
0 / 0

[libvirt] [PATCH 0/9] virStorageSource and backing chain refactors and fixes (blockdev-add saga)

by Peter Krempa

This series fixes and improves storage of backing store indexes and of the completness of the backing chain in the XML. Peter Krempa (9): conf: domain: Simplify return from backing store parser conf: Make backing store index optional util: storage: Store backing chain index in virStorageSource util: storage: use stored index to lookup disks util: storagefile: Tolerate NULL path when looking up volume in chain storage: Fill in 'type' field for virStorageSource in storage driver test: set 'type' field of virStorageSource util: storagefile: Add helpers to check presence of backing store Terminate backing chains explicitly docs/schemas/domaincommon.rng | 2 + src/conf/domain_conf.c | 57 ++++++++++---------- src/conf/storage_conf.c | 9 +++- src/libvirt_private.syms | 2 + src/qemu/qemu_block.c | 4 +- src/qemu/qemu_cgroup.c | 4 +- src/qemu/qemu_domain.c | 6 +-- src/qemu/qemu_driver.c | 21 ++++++-- src/security/security_dac.c | 2 +- src/security/security_selinux.c | 4 +- src/security/virt-aa-helper.c | 2 +- src/storage/storage_backend_gluster.c | 2 + src/storage/storage_backend_logical.c | 3 +- src/storage/storage_source.c | 57 ++++++++++---------- src/storage/storage_util.c | 14 ++--- src/util/virstoragefile.c | 62 ++++++++++++++-------- src/util/virstoragefile.h | 7 +++ .../qemuhotplug-base-ccw-live+ccw-virtio.xml | 1 - ...live-with-2-ccw-virtio+ccw-virtio-1-reverse.xml | 2 - ...qemuhotplug-base-ccw-live-with-2-ccw-virtio.xml | 1 - ...-live-with-ccw-virtio+ccw-virtio-2-explicit.xml | 2 - ...-base-ccw-live-with-ccw-virtio+ccw-virtio-2.xml | 2 - .../qemuhotplug-base-ccw-live-with-ccw-virtio.xml | 1 - ...-live+disk-scsi-wwn+disk-scsi-duplicate-wwn.xml | 2 - .../qemuhotplug-base-live+disk-scsi.xml | 1 - .../qemuhotplug-base-live+disk-usb.xml | 1 - .../qemuhotplug-base-live+disk-virtio.xml | 1 - ...se-without-scsi-controller-live+disk-scsi-2.xml | 1 - ...otplug-console-compat-2-live+console-virtio.xml | 2 - .../qemuhotplug-console-compat-2-live.xml | 2 - .../qemuxml2xmlout-channel-virtio-state-active.xml | 1 - .../qemuxml2xmlout-disk-active-commit.xml | 1 - .../qemuxml2xmlout-disk-backing-chains-active.xml | 5 -- .../qemuxml2xmlout-disk-mirror-active.xml | 4 -- .../qemuxml2xmlout-disk-mirror-old.xml | 4 -- .../qemuxml2xmlout-seclabel-static-labelskip.xml | 1 - tests/sexpr2xmldata/sexpr2xml-boot-grub.xml | 1 - tests/sexpr2xmldata/sexpr2xml-bridge-ipaddr.xml | 1 - tests/sexpr2xmldata/sexpr2xml-curmem.xml | 1 - .../sexpr2xml-disk-block-shareable.xml | 1 - tests/sexpr2xmldata/sexpr2xml-disk-block.xml | 1 - .../sexpr2xml-disk-drv-blktap-qcow.xml | 1 - .../sexpr2xml-disk-drv-blktap-raw.xml | 1 - .../sexpr2xml-disk-drv-blktap2-raw.xml | 1 - tests/sexpr2xmldata/sexpr2xml-disk-file.xml | 1 - tests/sexpr2xmldata/sexpr2xml-fv-autoport.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-empty-kernel.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-force-hpet.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-force-nohpet.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-kernel.xml | 1 - tests/sexpr2xmldata/sexpr2xml-fv-localtime.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-net-netfront.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-parallel-tcp.xml | 2 - .../sexpr2xml-fv-serial-dev-2-ports.xml | 2 - .../sexpr2xml-fv-serial-dev-2nd-port.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-file.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-null.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-pipe.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-pty.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-stdio.xml | 2 - .../sexpr2xml-fv-serial-tcp-telnet.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-tcp.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-udp.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-serial-unix.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-sound-all.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-sound.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-usbmouse.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-usbtablet.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-utc.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv-v2.xml | 2 - tests/sexpr2xmldata/sexpr2xml-fv.xml | 2 - tests/sexpr2xmldata/sexpr2xml-net-bridged.xml | 1 - tests/sexpr2xmldata/sexpr2xml-net-e1000.xml | 1 - tests/sexpr2xmldata/sexpr2xml-net-routed.xml | 1 - tests/sexpr2xmldata/sexpr2xml-no-source-cdrom.xml | 2 - tests/sexpr2xmldata/sexpr2xml-pci-devs.xml | 1 - .../sexpr2xml-pv-bootloader-cmdline.xml | 1 - tests/sexpr2xmldata/sexpr2xml-pv-bootloader.xml | 1 - tests/sexpr2xmldata/sexpr2xml-pv-localtime.xml | 1 - tests/sexpr2xmldata/sexpr2xml-pv-vcpus.xml | 1 - .../sexpr2xml-pv-vfb-new-vncdisplay.xml | 1 - tests/sexpr2xmldata/sexpr2xml-pv-vfb-new.xml | 1 - .../sexpr2xmldata/sexpr2xml-pv-vfb-type-crash.xml | 1 - tests/sexpr2xmldata/sexpr2xml-pv.xml | 1 - tests/sexpr2xmldata/sexpr2xml-vif-rate.xml | 2 - tests/virstoragetest.c | 3 +- 86 files changed, 159 insertions(+), 213 deletions(-) -- 2.14.1

7 years, 1 month

2
22
0 / 0

[libvirt] [PATCH v3] qemu: argv: parse qemu commandline memory arguments

by Kothapally Madhu Pavan

Existing qemuParseCommandLineMem() will parse "-m 4G" format string. This patch allows it to parse "-m size=8126464k,slots=32,maxmem=33554432k" format along with existing format. And adds a testcase to validate the changes. Signed-off-by: Kothapally Madhu Pavan <kmp(a)linux.vnet.ibm.com> --- src/qemu/qemu_parse_command.c | 89 +++++++++++++++++++--- .../qemuargv2xml-mem-scale-maxmemory.args | 22 ++++++ .../qemuargv2xml-mem-scale-maxmemory.xml | 38 +++++++++ tests/qemuargv2xmltest.c | 1 + 4 files changed, 138 insertions(+), 12 deletions(-) create mode 100644 tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.args create mode 100644 tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.xml diff --git a/src/qemu/qemu_parse_command.c b/src/qemu/qemu_parse_command.c index 37e1149..cd2a32a 100644 --- a/src/qemu/qemu_parse_command.c +++ b/src/qemu/qemu_parse_command.c @@ -1629,26 +1629,91 @@ static int qemuParseCommandLineMem(virDomainDefPtr dom, const char *val) { - unsigned long long mem; + unsigned long long mem = 0; + unsigned long long size = 0; + unsigned long long maxmem = 0; + unsigned int slots = 0; char *end; + size_t i; + int nkws; + char **kws; + char **vals; + int n; + int ret = -1; - if (virStrToLong_ull(val, &end, 10, &mem) < 0) { + if (qemuParseKeywords(val, &kws, &vals, &nkws, 1) < 0) { virReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot parse memory level '%s'"), val); - return -1; + _("cannot parse memory '%s'"), val); + goto cleanup; } - if (virScaleInteger(&mem, end, 1024*1024, ULLONG_MAX) < 0) { - virReportError(VIR_ERR_INTERNAL_ERROR, - _("cannot scale memory: %s"), - virGetLastErrorMessage()); - return -1; + for (i = 0; i < nkws; i++) { + if (vals[i] == NULL) { + if (i > 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse memory '%s'"), val); + goto cleanup; + } + if (virStrToLong_ull(kws[i], &end, 10, &mem) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse memory level '%s'"), kws[i]); + goto cleanup; + } + if (virScaleInteger(&mem, end, 1024*1024, ULLONG_MAX) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot scale memory: %s"), + virGetLastErrorMessage()); + goto cleanup; + } + + size = mem; + + } else { + if (STREQ(kws[i], "size") || STREQ(kws[i], "maxmem")) { + if (virStrToLong_ull(vals[i], &end, 10, &mem) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse memory level '%s'"), vals[i]); + goto cleanup; + } + if (virScaleInteger(&mem, end, 1024*1024, ULLONG_MAX) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot scale memory: %s"), + virGetLastErrorMessage()); + goto cleanup; + } + + STREQ(kws[i], "size") ? (size = mem) : (maxmem = mem); + + } + if (STREQ(kws[i], "slots")) { + if (virStrToLong_i(vals[i], &end, 10, &n) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot parse slots value '%s'"), vals[i]); + goto cleanup; + } + + slots = n; + + } + } } - virDomainDefSetMemoryTotal(dom, mem / 1024); - dom->mem.cur_balloon = mem / 1024; + virDomainDefSetMemoryTotal(dom, size / 1024); + dom->mem.cur_balloon = size / 1024; + dom->mem.memory_slots = slots; + dom->mem.max_memory = maxmem / 1024; - return 0; + ret = 0; + + cleanup: + for (i = 0; i < nkws; i++) { + VIR_FREE(kws[i]); + VIR_FREE(vals[i]); + } + VIR_FREE(kws); + VIR_FREE(vals); + + return ret; } diff --git a/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.args b/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.args new file mode 100644 index 0000000..7bce841 --- /dev/null +++ b/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.args @@ -0,0 +1,22 @@ +LC_ALL=C \ +PATH=/bin \ +HOME=/home/test \ +USER=test \ +LOGNAME=test \ +QEMU_AUDIO_DRV=none \ +/usr/bin/qemu-system-i686 \ +-name QEMUGuest1 \ +-S \ +-M pc \ +-m 8G,slots=16,maxmem=16G \ +-smp 1,maxcpus=2,sockets=2,cores=1,threads=1 \ +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \ +-nographic \ +-monitor unix:/tmp/test-monitor,server,nowait \ +-no-acpi \ +-boot c \ +-usb \ +-drive file=/dev/HostVG/QEMUGuest1,format=raw,if=ide,bus=0,unit=0 \ +-net none \ +-serial none \ +-parallel none diff --git a/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.xml b/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.xml new file mode 100644 index 0000000..44431d8 --- /dev/null +++ b/tests/qemuargv2xmldata/qemuargv2xml-mem-scale-maxmemory.xml @@ -0,0 +1,38 @@ +<domain type='qemu'> + <name>QEMUGuest1</name> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid> + <maxMemory slots='16' unit='KiB'>16777216</maxMemory> + <memory unit='KiB'>8388608</memory> + <currentMemory unit='KiB'>8388608</currentMemory> + <vcpu placement='static' current='1'>2</vcpu> + <os> + <type arch='i686' machine='pc'>hvm</type> + <boot dev='hd'/> + </os> + <cpu> + <topology sockets='2' cores='1' threads='1'/> + </cpu> + <clock offset='utc'/> + <on_poweroff>destroy</on_poweroff> + <on_reboot>restart</on_reboot> + <on_crash>destroy</on_crash> + <devices> + <emulator>/usr/bin/qemu-system-i686</emulator> + <disk type='block' device='disk'> + <driver name='qemu' type='raw'/> + <source dev='/dev/HostVG/QEMUGuest1'/> + <target dev='hda' bus='ide'/> + <address type='drive' controller='0' bus='0' target='0' unit='0'/> + </disk> + <controller type='usb' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/> + </controller> + <controller type='pci' index='0' model='pci-root'/> + <controller type='ide' index='0'> + <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/> + </controller> + <input type='mouse' bus='ps2'/> + <input type='keyboard' bus='ps2'/> + <memballoon model='none'/> + </devices> +</domain> diff --git a/tests/qemuargv2xmltest.c b/tests/qemuargv2xmltest.c index 1adbcfe..e35726e 100644 --- a/tests/qemuargv2xmltest.c +++ b/tests/qemuargv2xmltest.c @@ -265,6 +265,7 @@ mymain(void) DO_TEST("hostdev-pci-address"); DO_TEST("mem-scale"); + DO_TEST("mem-scale-maxmemory"); DO_TEST("smp"); DO_TEST("hyperv"); -- 1.8.3.1

7 years, 1 month

2
1
0 / 0

[libvirt] LSN-2017-0002 - TLS certificate verification disabled for clients

by Daniel P. Berrange

Libvirt Security Notice: LSN-2017-0002 ====================================== Summary: TLS certificate verification disabled for clients Reported on: 20171005 Published on: 20171016 Fixed on: 20171016 Reported by: Daniel P. Berrange <berrange(a)redhat.com> Patched by: Daniel P. Berrange <berrange(a)redhat.com> See also: CVE-2017-1000256 Description ----------- The default_tls_x509_verify (and related) parameters in qemu.conf control whether the TLS servers in QEMU request & verify certificates from clients. This works as a simple access control system for QEMU servers by requiring the CA to issue certs to permitted clients. This use of client certificates is disabled by default, since it requires extra work to issue client certificates. Unfortunately the libvirt code was using these configuration parameters when setting up both TLS clients and servers in QEMU. The result was that TLS clients for character devices and disk devices had verification turned off, meaning they would ignore any errors while validating the server certificate. Impact ------ A MITM attacker can attack any client connection made by QEMU's character devices and disk devices which have TLS enabled. The attacker can send an arbitrary certificate back to the client QEMU and it will ignore all errors that result during validation. Workaround ---------- Enable the 'default_tls_x509_verify' parameter in qemu.conf restart libvirtd. This will trigger libvirt to turn on certificate verification in QEMU clients. Unfortunately this will also turn on use of client certificates in QEMU servers. Affected product ---------------- Name: libvirt Repository: git://libvirt.org/git/libvirt.git http://libvirt.org/git/?p=libvirt.git Branch: master Broken in: v2.3.0 Broken in: v2.4.0 Broken in: v2.5.0 Broken in: v3.0.0 Broken in: v3.1.0 Broken in: v3.2.0 Broken in: v3.3.0 Broken in: v3.4.0 Broken in: v3.5.0 Broken in: v3.6.0 Broken in: v3.7.0 Broken in: v3.8.0 Fixed in: v3.9.0 Broken by: ce61c16450d4992612d1fc6f39a39e79bfccead5 Fixed by: 441d3eb6d1be940a67ce45a286602a967601b157 Branch: v3.0-maint Broken by: ce61c16450d4992612d1fc6f39a39e79bfccead5 Fixed by: 16daadc708be65c2681f54d33ac4004ccaf6e82d Branch: v3.2-maint Broken in: v3.2.1 Broken by: ce61c16450d4992612d1fc6f39a39e79bfccead5 Fixed by: 9e6bc47bb541d8eea10cdd5704ea7f5e699bf0ba Branch: v3.7-maint Broken by: ce61c16450d4992612d1fc6f39a39e79bfccead5 Fixed by: dc6c41798d1eb5c52c75365ffa22f7672709dfa7 Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|

7 years, 1 month

1
0
0 / 0

[libvirt] [PATCH] qemu: ensure TLS clients always verify the server certificate

by Daniel P. Berrange

The default_tls_x509_verify (and related) parameters in qemu.conf control whether the QEMU TLS servers request & verify certificates from clients. This works as a simple access control system for servers by requiring the CA to issue certs to permitted clients. This use of client certificates is disabled by default, since it requires extra work to issue client certificates. Unfortunately the code was using this configuration parameter when setting up both TLS clients and servers in QEMU. The result was that TLS clients for character devices and disk devices had verification turned off, meaning they would ignore errors while validating the server certificate. This allows for trivial MITM attacks between client and server, as any certificate returned by the attacker will be accepted by the client. This is assigned CVE-2017-1000256 / LSN-2017-0002 Reviewed-by: Eric Blake <eblake(a)redhat.com> Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com> --- Pushed as a off-list reviewed security fix. src/qemu/qemu_command.c | 2 +- tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args | 2 +- .../qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 46f0bdd18c..f68b82d083 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -721,7 +721,7 @@ qemuBuildTLSx509BackendProps(const char *tlspath, if (virJSONValueObjectCreate(propsret, "s:dir", path, "s:endpoint", (isListen ? "server": "client"), - "b:verify-peer", verifypeer, + "b:verify-peer", (isListen ? verifypeer : true), NULL) < 0) goto cleanup; diff --git a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args index 5aff7734e1..ab5f7e27f2 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args +++ b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-chardev.args @@ -26,7 +26,7 @@ server,nowait \ localport=1111 \ -device isa-serial,chardev=charserial0,id=serial0 \ -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\ -endpoint=client,verify-peer=no \ +endpoint=client,verify-peer=yes \ -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\ tls-creds=objcharserial1_tls0 \ -device isa-serial,chardev=charserial1,id=serial1 \ diff --git a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args index 91f1fe0cde..2567abbfad 100644 --- a/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args +++ b/tests/qemuxml2argvdata/qemuxml2argv-serial-tcp-tlsx509-secret-chardev.args @@ -31,7 +31,7 @@ localport=1111 \ data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \ -object tls-creds-x509,id=objcharserial1_tls0,dir=/etc/pki/libvirt-chardev,\ -endpoint=client,verify-peer=no,passwordid=charserial1-secret0 \ +endpoint=client,verify-peer=yes,passwordid=charserial1-secret0 \ -chardev socket,id=charserial1,host=127.0.0.1,port=5555,\ tls-creds=objcharserial1_tls0 \ -device isa-serial,chardev=charserial1,id=serial1 \ -- 2.13.5

7 years, 1 month

1
0
0 / 0

[libvirt] [PATCH go-xml] let disk source omitempty for ejecting cdrom/floppy

by zhenwei.pi

Signed-off-by: zhenwei.pi <zhenwei.pi(a)youruncloud.com> --- domain.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/domain.go b/domain.go index bacab11..f9d567d 100644 --- a/domain.go +++ b/domain.go @@ -117,7 +117,7 @@ type DomainDisk struct { Snapshot string `xml:"snapshot,attr,omitempty"` Driver *DomainDiskDriver `xml:"driver"` Auth *DomainDiskAuth `xml:"auth"` - Source *DomainDiskSource `xml:"source"` + Source *DomainDiskSource `xml:"source,omitempty"` Target *DomainDiskTarget `xml:"target"` IOTune *DomainDiskIOTune `xml:"iotune"` Serial string `xml:"serial,omitempty"` -- 2.7.4

7 years, 1 month

2
1
0 / 0

[libvirt] [PATCH] qemu: change monitor.sock from /var/lib/libvirt/qemu/domain-*** to /var/run/libvirt/qemu/domain-***

by xinhua.Cao

directory /var/lib alway is Persistence directory, but in redhat system, /var/run is memory directory. our running domain xml is saved at /var/run/libvirt/qemu. so if we cold reset system, the /var/run/libvirt/qemu directory is clear, but /var/lib/libvirt/qemu/domain-*** is saved. so there have same /var/run/libvirt/qemu/domain-*** directory will be left over at system cold reset. --- src/qemu/qemu_domain.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index ed27a91..1b42ae5 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1646,7 +1646,7 @@ qemuDomainSetPrivatePathsOld(virQEMUDriverPtr driver, if (!priv->libDir && virAsprintf(&priv->libDir, "%s/domain-%s", - cfg->libDir, vm->def->name) < 0) + cfg->stateDir, vm->def->name) < 0) goto cleanup; if (!priv->channelTargetDir && @@ -1674,7 +1674,7 @@ qemuDomainSetPrivatePaths(virQEMUDriverPtr driver, goto cleanup; if (!priv->libDir && - virAsprintf(&priv->libDir, "%s/domain-%s", cfg->libDir, domname) < 0) + virAsprintf(&priv->libDir, "%s/domain-%s", cfg->stateDir, domname) < 0) goto cleanup; if (!priv->channelTargetDir && -- 2.8.3

7 years, 1 month

4
5
0 / 0

[libvirt] [PATCH] virDomainInterfaceStats: Accept MAC addresses properly

by Michal Privoznik

https://bugzilla.redhat.com/show_bug.cgi?id=1497396 In 0d3d020ba6c4f I've added capability to accept MAC addresses for the API too. However, the implementation was faulty. It needs to lookup the corresponding interface in the domain definition and pass the ifname instead of MAC address. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com> --- src/libxl/libxl_driver.c | 2 +- src/lxc/lxc_driver.c | 2 +- src/openvz/openvz_driver.c | 2 +- src/qemu/qemu_driver.c | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libxl/libxl_driver.c b/src/libxl/libxl_driver.c index 08b0f0317..2230343b0 100644 --- a/src/libxl/libxl_driver.c +++ b/src/libxl/libxl_driver.c @@ -4982,7 +4982,7 @@ libxlDomainInterfaceStats(virDomainPtr dom, if (!(net = virDomainNetFind(vm->def, device))) goto endjob; - if (virNetDevTapInterfaceStats(device, stats, + if (virNetDevTapInterfaceStats(net->ifname, stats, !virDomainNetTypeSharesHostView(net)) < 0) goto endjob; diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c index 6cf499367..b3f6f064f 100644 --- a/src/lxc/lxc_driver.c +++ b/src/lxc/lxc_driver.c @@ -2875,7 +2875,7 @@ lxcDomainInterfaceStats(virDomainPtr dom, if (!(net = virDomainNetFind(vm->def, device))) goto endjob; - if (virNetDevTapInterfaceStats(device, stats, + if (virNetDevTapInterfaceStats(net->ifname, stats, !virDomainNetTypeSharesHostView(net)) < 0) goto endjob; diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c index ffd64da04..9bd73d85c 100644 --- a/src/openvz/openvz_driver.c +++ b/src/openvz/openvz_driver.c @@ -2009,7 +2009,7 @@ openvzDomainInterfaceStats(virDomainPtr dom, if (!(net = virDomainNetFind(vm->def, device))) goto cleanup; - if (virNetDevTapInterfaceStats(device, stats, + if (virNetDevTapInterfaceStats(net->ifname, stats, !virDomainNetTypeSharesHostView(net)) < 0) goto cleanup; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 7b79c0950..260184ce8 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -11044,10 +11044,10 @@ qemuDomainInterfaceStats(virDomainPtr dom, goto cleanup; if (virDomainNetGetActualType(net) == VIR_DOMAIN_NET_TYPE_VHOSTUSER) { - if (virNetDevOpenvswitchInterfaceStats(device, stats) < 0) + if (virNetDevOpenvswitchInterfaceStats(net->ifname, stats) < 0) goto cleanup; } else { - if (virNetDevTapInterfaceStats(device, stats, + if (virNetDevTapInterfaceStats(net->ifname, stats, !virDomainNetTypeSharesHostView(net)) < 0) goto cleanup; } -- 2.13.6

7 years, 1 month

2
2
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Devel October 2017