[libvirt] [PATCH 0/7] Keep non-persistent changes alive in snapshot
by Kothapally Madhu Pavan
Restoring to a snapshot should not overwrite the persistent XML configuration
of a snapshot as a side effect. This patchset fixes the same. Currently,
virDomainSnapshotDef only saves active domain definition of the guest.
And on restore the active domain definition is used as both active and
inactive domain definitions. This will make the non-persistent changes
persistent in snapshot image. This patchset allows to save inactive domain
definition as well and on snapshot-revert non-persistent configuration is
restored as is.
Currently, snapshot-revert is making non-presistent changes as persistent.
Here are the steps to reproduce.
Step1: virsh define $dom
Step2: virsh attach-device $dom $memory-device.xml --live
Step3: virsh snapshot-create $dom
Step4: virsh destroy $dom
Step5: virsh snapshot-revert $dom $snapshot-name
Step6: virsh destroy $dom
Step7: virsh start $dom
Here we still have $memory-device attached in Step2.
This patchset is attempting to solve this issue. This patchset will also
allow user to dump and edit inactive XML configuration of a snapshot.
Dumping inactive domain definition of a snapshot is important as
--redefine uses snapshot-dumpxml output to redefine a snapshot.
Kothapally Madhu Pavan (7):
qemu: Store inactive domain configuration in snapshot
qemu: Use active and inactive snapshot configuration on restore
conf: Allow editing inactive snapshot configuration
virsh: Dump inactive XML configuration of snapshot using
snapshot-dumpxml
virsh: Edit inactive XML configuration of snapshot using snapshot-edit
virsh: Allow restoring snapshot with non-persistent configuration
tests: docs: Add schema and testcase for domainsnapshot
docs/schemas/domainsnapshot.rng | 19 +++++
include/libvirt/libvirt-domain-snapshot.h | 10 ++-
include/libvirt/libvirt-domain.h | 1 +
src/conf/domain_conf.c | 6 +-
src/conf/domain_conf.h | 2 +
src/conf/snapshot_conf.c | 48 ++++++++++++-
src/conf/snapshot_conf.h | 1 +
src/qemu/qemu_driver.c | 33 ++++++++-
.../full_domain_withinactive.xml | 83 ++++++++++++++++++++++
tests/domainsnapshotxml2xmltest.c | 1 +
tools/virsh-snapshot.c | 20 ++++++
tools/virsh.pod | 37 +++++++++-
12 files changed, 251 insertions(+), 10 deletions(-)
create mode 100644 tests/domainsnapshotxml2xmlout/full_domain_withinactive.xml
--
1.8.3.1
7 years, 2 months
[libvirt] PATCH add q35 support ide
by Paul Schlacter
hello everyone:
In q35 motherboard use ide, Currently, the qemu has supported q35
Motherboard support ide bus
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index cc7596b..2dbade8 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -7188,6 +7188,7 @@ bool
qemuDomainMachineHasBuiltinIDE(const char *machine)
{
return qemuDomainMachineIsI440FX(machine) ||
+ qemuDomainMachineIsQ35(machine) ||
STREQ(machine, "malta") ||
STREQ(machine, "sun4u") ||
STREQ(machine, "g3beige");
[root@kvm ~]# virsh dumpxml instance-00000004 | grep machine=
<type arch='x86_64' machine='pc-q35-rhel7.3.0'>hvm</type>
[root@kvm~]#
[root@kvm~]# virsh dumpxml instance-00000004 | grep "'disk'" -A 13
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2' cache='none'/>
<source file='/var/lib/nova/instances/288271ce-69eb-4629-b98c-
779036661294/disk'/>
<backingStore type='file' index='1'>
<format type='raw'/>
<source file='/var/lib/nova/instances/_base/
8d383eef2e628adfc197a6e40e656916de566ab1'/>
<backingStore/>
</backingStore>
<target dev='vda' bus='ide'/>
<alias name='ide0-0-0'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
7 years, 2 months
[libvirt] [PATCH v5 0/3] daemon: fix termination/reload issues
by John Ferlan
v4: https://www.redhat.com/archives/libvir-list/2017-October/msg01249.html
Difference to v4 - inserted a patch to handle the Unref possibilities
in virLockDaemonNew when either the @srv is placed into the daemon
net server hash table or if virNetDaemonNew fails.
Patch 3 has a minor change (from previous review) to not set
dmn->servers = NULL allowing the virHashFree in virNetDaemonDispose.
John Ferlan (1):
lockd: Need to Unref @srv when done with it.
Nikolay Shirokovskiy (2):
virtlogd: add missing netserver refcount increment on reload
libvirtd: fix crash on termination
src/locking/lock_daemon.c | 4 ++++
src/rpc/virnetdaemon.c | 2 ++
2 files changed, 6 insertions(+)
--
2.13.6
7 years, 3 months
[libvirt] [PATCH v3] qemu: change monitor.sock from /var/lib/libvirt/qemu/domain-*** to /var/run/libvirt/qemu/domain-***
by xinhua.Cao
directory /var/lib alway is Persistence directory, but in redhat system, /var/run is memory directory.
our running domain xml is saved at /var/run/libvirt/qemu. so if we cold reset system,
the /var/run/libvirt/qemu directory is clear, but /var/lib/libvirt/qemu/domain-*** is saved., so there
have same /var/lib/libvirt/qemu/domain-*** directory will be left over at system cold reset.
---
src/qemu/qemu_domain.c | 2 +-
tests/qemuxml2argvtest.c | 4 ++++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 13e77ee..67da8fa 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -1713,7 +1713,7 @@ qemuDomainSetPrivatePaths(virQEMUDriverPtr driver,
goto cleanup;
if (!priv->libDir &&
- virAsprintf(&priv->libDir, "%s/domain-%s", cfg->libDir, domname) < 0)
+ virAsprintf(&priv->libDir, "%s/domain-%s", cfg->stateDir, domname) < 0)
goto cleanup;
if (!priv->channelTargetDir &&
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 03b1bcb..b596bd2 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -620,6 +620,10 @@ mymain(void)
if (VIR_STRDUP_QUIET(driver.config->memoryBackingDir, "/var/lib/libvirt/qemu/ram") < 0)
return EXIT_FAILURE;
+ VIR_FREE(driver.config->stateDir);
+ if (VIR_STRDUP(driver.config->stateDir, "/tmp/lib") < 0)
+ return EXIT_FAILURE;
+
# define DO_TEST_FULL(name, migrateFrom, migrateFd, flags, \
parseFlags, gic, ...) \
do { \
--
2.8.3
7 years, 3 months
[libvirt] [PATCH 0/4] libvirtd: fix hang on termination in qemu driver
by Nikolay Shirokovskiy
Libvirtd termination can hang. For example if some API call in qemu
driver awaiting monitor response it will never finish because event
loop does not functional during termination. As a result we hang
in virNetDaemonClose call during termination as this call finishes RPC
threads.
Let's ask hypervisor drivers to finish all API calls by calling
introduced state driver shutdown function before call to virNetDaemonClose.
Nikolay Shirokovskiy (4):
libvirt: introduce hypervisor driver shutdown function
qemu: implement state driver shutdown function
qemu: agent: fix monitor close during first sync
qemu: monitor: check monitor not closed upon send
daemon/libvirtd.c | 2 ++
src/driver-state.h | 4 ++++
src/libvirt.c | 18 ++++++++++++++++++
src/libvirt_internal.h | 1 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_agent.c | 14 +++++++-------
src/qemu/qemu_driver.c | 39 +++++++++++++++++++++++++++++++++++++++
src/qemu/qemu_monitor.c | 27 +++++++++++++--------------
8 files changed, 85 insertions(+), 21 deletions(-)
--
1.8.3.1
7 years, 3 months
[libvirt] [PATCH] audit: Log only an info message if audit_level < 2 and audit is not supported
by Marc Hartmayer
Replace the error message during startup of libvirtd with an info
message if audit_level < 2 and audit is not supported by the
kernel. Audit is not supported by the current kernel if the kernel
does not have audit compiled in or if audit is disabled (e.g. by the
kernel cmdline).
Signed-off-by: Marc Hartmayer <mhartmay(a)linux.vnet.ibm.com>
Reviewed-by: Boris Fiuczynski <fiuczy(a)linux.vnet.ibm.com>
---
daemon/libvirtd.c | 2 +-
src/util/viraudit.c | 17 +++++++++++++++--
src/util/viraudit.h | 2 +-
3 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/daemon/libvirtd.c b/daemon/libvirtd.c
index 589b32192e3d..6bbff0d45684 100644
--- a/daemon/libvirtd.c
+++ b/daemon/libvirtd.c
@@ -1418,7 +1418,7 @@ int main(int argc, char **argv) {
if (config->audit_level) {
VIR_DEBUG("Attempting to configure auditing subsystem");
- if (virAuditOpen() < 0) {
+ if (virAuditOpen(config->audit_level) < 0) {
if (config->audit_level > 1) {
ret = VIR_DAEMON_ERR_AUDIT;
goto cleanup;
diff --git a/src/util/viraudit.c b/src/util/viraudit.c
index 17e58b3a9574..9b755e384f24 100644
--- a/src/util/viraudit.c
+++ b/src/util/viraudit.c
@@ -55,11 +55,24 @@ static int auditfd = -1;
#endif
static bool auditlog;
-int virAuditOpen(void)
+int virAuditOpen(unsigned int audit_level)
{
#if WITH_AUDIT
if ((auditfd = audit_open()) < 0) {
- virReportSystemError(errno, "%s", _("Unable to initialize audit layer"));
+ /* You get these error codes only when the kernel does not
+ * have audit compiled in or it's disabled (e.g. by the kernel
+ * cmdline) */
+ if (errno == EINVAL || errno == EPROTONOSUPPORT ||
+ errno == EAFNOSUPPORT) {
+ const char msg[] = "Audit is not supported by the kernel";
+ if (audit_level < 2)
+ VIR_INFO("%s", _(msg));
+ else
+ virReportError(VIR_FROM_THIS, "%s", _(msg));
+ } else {
+ virReportSystemError(errno, "%s", _("Unable to initialize audit layer"));
+ }
+
return -1;
}
diff --git a/src/util/viraudit.h b/src/util/viraudit.h
index edaddf3c886f..e0471be1a85d 100644
--- a/src/util/viraudit.h
+++ b/src/util/viraudit.h
@@ -32,7 +32,7 @@ typedef enum {
VIR_AUDIT_RECORD_RESOURCE,
} virAuditRecordType;
-int virAuditOpen(void);
+int virAuditOpen(unsigned int audit_level);
void virAuditLog(bool enabled);
--
2.13.4
7 years, 3 months
[libvirt] [PATCH] nwfilter: fix deadlock on firewalld restart/reload
by Nikolay Shirokovskiy
Deadlock scenario:
1. domain is being started and domain driver takes read lock
for nwfilter update lock thru virNWFilterReadLockFilterUpdates.
2. firewalld restarted and event loop hangs trying to take write lock
for nwfilter update lock in nwfilterStateReload.
This is deadlock because for thread 1 to proceed we need a
response from qemu/timeout but whole event loop is stuck by 2.
Let's just offload nwfilter driver reload to a distinct thread.
Besides resolving a deadlock this change offloads rather heavy
operation (many hypervisor drivers X many domains for a driver)
off the event loop.
---
Concrete stacktrace.
Thread 17 (Thread 0x7fbd5a22d880 (LWP 7329)):
0 0x00007fbd56bb903e in pthread_rwlock_wrlock () from /lib64/libpthread.so.0
1 0x00007fbd3d511297 in nwfilterStateReload () from /usr/lib64/libvirt/connection-driver/libvirt_driver_nwfilter.so
2 0x00007fbd3d511355 in nwfilterFirewalldDBusFilter () from /usr/lib64/libvirt/connection-driver/libvirt_driver_nwfilter.so
3 0x00007fbd57bc5dfe in dbus_connection_dispatch () from /lib64/libdbus-1.so.3
4 0x00007fbd5953e641 in virDBusWatchCallback () from /lib64/libvirt.so.0
5 0x00007fbd5954868e in virEventPollRunOnce () from /lib64/libvirt.so.0
6 0x00007fbd59547942 in virEventRunDefaultImpl () from /lib64/libvirt.so.0
7 0x00007fbd596a94ed in virNetDaemonRun () from /lib64/libvirt.so.0
8 0x00007fbd5a28b07c in main ()
Thread 3 (Thread 0x7fbd49553700 (LWP 8029)):
0 0x00007fbd56bb96d5 in pthread_cond_wait@(a)GLIBC_2.3.2 () from /lib64/libpthread.so.0
1 0x00007fbd59596816 in virCondWait () from /lib64/libvirt.so.0
2 0x00007fbd3d0183db in qemuMonitorSend () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
3 0x00007fbd3d02c8d0 in qemuMonitorJSONCommandWithFd () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
4 0x00007fbd3d02e1a1 in qemuMonitorJSONSetCapabilities () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
5 0x00007fbd3cff965c in qemuConnectMonitor () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
6 0x00007fbd3cffcb70 in qemuProcessWaitForMonitor () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
7 0x00007fbd3d004668 in qemuProcessLaunch () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
8 0x00007fbd3d0062a8 in qemuProcessStart () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
9 0x00007fbd3d0679cb in qemuDomainObjStart.constprop.50 () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
10 0x00007fbd3d068106 in qemuDomainCreateWithFlags () from /usr/lib64/libvirt/connection-driver/libvirt_driver_qemu.so
11 0x00007fbd5964247d in virDomainCreateWithFlags () from /lib64/libvirt.so.0
12 0x00007fbd5a2a3b81 in remoteDispatchDomainCreateWithFlagsHelper ()
13 0x00007fbd596af3c3 in virNetServerProgramDispatch () from /lib64/libvirt.so.0
14 0x00007fbd5a2c56cd in virNetServerHandleJob ()
15 0x00007fbd59597221 in virThreadPoolWorker () from /lib64/libvirt.so.0
16 0x00007fbd595965a8 in virThreadHelper () from /lib64/libvirt.so.0
17 0x00007fbd56bb5dc5 in start_thread () from /lib64/libpthread.so.0
18 0x00007fbd568e473d in clone () from /lib64/libc.so.6
src/nwfilter/nwfilter_driver.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/src/nwfilter/nwfilter_driver.c b/src/nwfilter/nwfilter_driver.c
index 2f9a51c..bcb4400 100644
--- a/src/nwfilter/nwfilter_driver.c
+++ b/src/nwfilter/nwfilter_driver.c
@@ -81,6 +81,12 @@ static void nwfilterDriverUnlock(void)
#if HAVE_FIREWALLD
+static void
+nwfilterStateReloadAdapter(void *opaque ATTRIBUTE_UNUSED)
+{
+ nwfilterStateReload();
+}
+
static DBusHandlerResult
nwfilterFirewalldDBusFilter(DBusConnection *connection ATTRIBUTE_UNUSED,
DBusMessage *message,
@@ -90,8 +96,12 @@ nwfilterFirewalldDBusFilter(DBusConnection *connection ATTRIBUTE_UNUSED,
"NameOwnerChanged") ||
dbus_message_is_signal(message, "org.fedoraproject.FirewallD1",
"Reloaded")) {
+ virThread thread;
+
VIR_DEBUG("Reload in nwfilter_driver because of firewalld.");
- nwfilterStateReload();
+ if (virThreadCreate(&thread, false, nwfilterStateReloadAdapter, NULL) < 0)
+ VIR_ERROR(_("Could not create thread. Network filter "
+ "driver reload failed"));
}
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
--
1.8.3.1
7 years, 4 months
[libvirt] [jenkins-ci PATCH] guests: install additional debugging tools
by Pavel Hrdina
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
guests/vars/mappings.yml | 14 ++++++++++++++
guests/vars/projects/base.yml | 4 ++++
2 files changed, 18 insertions(+)
diff --git a/guests/vars/mappings.yml b/guests/vars/mappings.yml
index eca8dbe..ff97231 100644
--- a/guests/vars/mappings.yml
+++ b/guests/vars/mappings.yml
@@ -100,6 +100,9 @@ mappings:
default: gcc
FreeBSD:
+ gdb:
+ default: gdb
+
gettext:
default: gettext
@@ -306,6 +309,9 @@ mappings:
pkg: libxslt
rpm: libxslt-devel
+ lsof:
+ default: lsof
+
lvm2:
default: lvm2
FreeBSD:
@@ -390,6 +396,10 @@ mappings:
deb: libnetcf-dev
rpm: netcf-devel
+ netstat:
+ default: net-tools
+ FreeBSD:
+
numad:
default: numad
FreeBSD:
@@ -631,6 +641,10 @@ mappings:
rpm: spice-gtk3-devel
CentOS6:
+ strace:
+ default: strace
+ FreeBSD:
+
unzip:
default: unzip
FreeBSD:
diff --git a/guests/vars/projects/base.yml b/guests/vars/projects/base.yml
index d82f6b9..352e85a 100644
--- a/guests/vars/projects/base.yml
+++ b/guests/vars/projects/base.yml
@@ -6,12 +6,16 @@ packages:
- ccache
- cppi
- gcc
+ - gdb
- gettext
- glibc
- libtool
- libtoolize
+ - lsof
- make
+ - netstat
- patch
- perl
- pkg-config
- rpmbuild
+ - strace
--
2.13.6
7 years, 4 months
[libvirt] [PATCH] apparmor: allow qemu abstraction to read /proc/pid/cmdline
by Jim Fehlig
Noticed the following denial in audit.log when shutting down
an apparmor confined domain
type=AVC msg=audit(1512002299.742:131): apparmor="DENIED"
operation="open" profile="libvirt-66154842-e926-4f92-92f0-1c1bf61dd1ff"
name="/proc/1475/cmdline" pid=2958 comm="qemu-system-x86"
requested_mask="r" denied_mask="r" fsuid=469 ouid=0
Squelch the denial by allowing read access to /proc/<pid>/cmdline.
Signed-off-by: Jim Fehlig <jfehlig(a)suse.com>
---
Note: In the audit.log snippet, PID 1475 is libvirtd and 2958 is the
qemu process. I must admit it is not clear to me why
/proc/<libvirtd-pid>/cmdline is read on domain shutdown.
examples/apparmor/libvirt-qemu | 1 +
1 file changed, 1 insertion(+)
diff --git a/examples/apparmor/libvirt-qemu b/examples/apparmor/libvirt-qemu
index 73bdbae87..3d9eed9ec 100644
--- a/examples/apparmor/libvirt-qemu
+++ b/examples/apparmor/libvirt-qemu
@@ -25,6 +25,7 @@
/dev/ptmx rw,
/dev/kqemu rw,
@{PROC}/*/status r,
+ @{PROC}/@{pid}/cmdline r,
# Per man(5) proc, the kernel enforces that a thread may
# only modify its comm value or those in its thread group.
owner @{PROC}/@{pid}/task/@{tid}/comm rw,
--
2.15.0
7 years, 4 months
