[libvirt] [PATCH] docs: Add the closing </address> tag for mdev example
by Erik Skultety
Signed-off-by: Erik Skultety <eskultet(a)redhat.com>
---
Pushed as trivial.
docs/formatdomain.html.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 9ce4620c6..fce1f3b03 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -4020,7 +4020,7 @@
<devices>
<hostdev mode='subsystem' type='mdev' model='vfio-pci'>
<source>
- <address uuid='c2177883-f1bb-47f0-914d-32a22e3a8804'>
+ <address uuid='c2177883-f1bb-47f0-914d-32a22e3a8804'/>
</source>
</hostdev>
</devices>
--
2.13.5
7 years, 6 months
[libvirt] [PATCH 0/3] allocation fixes for virStorageFileResize
by Ján Tomko
This fixes the bug of treating volume allocation as an offset
from the start of the file instead of a total of allocated bytes.
The mysterious error message:
"invalid argument: can't shrink capacity below existing allocation"
is not addressed by this series
Ján Tomko (3):
use virFileAllocate in virStorageFileResize
virStorageFileResize: fallocate the whole capacity
Shrink volume even with ALLOCATE flag
src/storage/storage_util.c | 3 +--
src/util/virfile.c | 11 +++++++++++
src/util/virfile.h | 2 ++
src/util/virstoragefile.c | 33 ++++++++++++++++-----------------
src/util/virstoragefile.h | 1 -
5 files changed, 30 insertions(+), 20 deletions(-)
--
2.13.0
7 years, 6 months
[libvirt] [PATCH go-xml] Add qemu udp unicast tunneling support
by Jeroen Simonetti
Signed-off-by: Jeroen Simonetti <jeroen(a)simonetti.nl>
---
domain.go | 22 ++++++++++++++--------
domain_test.go | 41 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+), 8 deletions(-)
diff --git a/domain.go b/domain.go
index 3ab54a1..805909f 100644
--- a/domain.go
+++ b/domain.go
@@ -178,16 +178,22 @@ type DomainInterfaceModel struct {
}
type DomainInterfaceSource struct {
- Bridge string `xml:"bridge,attr,omitempty"`
- Dev string `xml:"dev,attr,omitempty"`
- Network string `xml:"network,attr,omitempty"`
+ Bridge string `xml:"bridge,attr,omitempty"`
+ Dev string `xml:"dev,attr,omitempty"`
+ Network string `xml:"network,attr,omitempty"`
+ Address string `xml:"address,attr,omitempty"`
+ Type string `xml:"type,attr,omitempty"`
+ Path string `xml:"path,attr,omitempty"`
+ Mode string `xml:"mode,attr,omitempty"`
+ Port uint `xml:"port,attr,omitempty"`
+ Service string `xml:"service,attr,omitempty"`
+ Host string `xml:"host,attr,omitempty"`
+ Local *DomainInterfaceSourceLocal `xml:"local"`
+}
+
+type DomainInterfaceSourceLocal struct {
Address string `xml:"address,attr,omitempty"`
- Type string `xml:"type,attr,omitempty"`
- Path string `xml:"path,attr,omitempty"`
- Mode string `xml:"mode,attr,omitempty"`
Port uint `xml:"port,attr,omitempty"`
- Service string `xml:"service,attr,omitempty"`
- Host string `xml:"host,attr,omitempty"`
}
type DomainInterfaceTarget struct {
diff --git a/domain_test.go b/domain_test.go
index 0ae9594..163661f 100644
--- a/domain_test.go
+++ b/domain_test.go
@@ -867,6 +867,47 @@ var domainTestData = []struct {
`</domain>`,
},
},
+ {
+ Object: &Domain{
+ Type: "kvm",
+ Name: "test",
+ Devices: &DomainDeviceList{
+ Interfaces: []DomainInterface{
+ DomainInterface{
+ Type: "udp",
+ MAC: &DomainInterfaceMAC{
+ Address: "52:54:00:39:97:ac",
+ },
+ Model: &DomainInterfaceModel{
+ Type: "virtio",
+ },
+ Source: &DomainInterfaceSource{
+ Address: "127.0.0.1",
+ Port: 1234,
+ Local: &DomainInterfaceSourceLocal{
+ Address: "127.0.0.1",
+ Port: 1235,
+ },
+ },
+ },
+ },
+ },
+ },
+ Expected: []string{
+ `<domain type="kvm">`,
+ ` <name>test</name>`,
+ ` <devices>`,
+ ` <interface type="udp">`,
+ ` <mac address="52:54:00:39:97:ac"></mac>`,
+ ` <model type="virtio"></model>`,
+ ` <source address="127.0.0.1" port="1234">`,
+ ` <local address="127.0.0.1" port="1235"></local>`,
+ ` </source>`,
+ ` </interface>`,
+ ` </devices>`,
+ `</domain>`,
+ },
+ },
{
Object: &Domain{
Type: "kvm",
--
2.14.1
7 years, 6 months
[libvirt] [PATCH go-xml] 1, add memoryBacking for domain. 2, add hugepages, nosharepages, locked, source, access and allocation for memoryBacking. 3, add test case for memoryBacking.
by zhenwei.pi
Signed-off-by: zhenwei.pi <zhenwei.pi(a)youruncloud.com>
---
domain.go | 76 +++++++++++++++++++++++++++++++++++++++++++---------------
domain_test.go | 38 +++++++++++++++++++++++++++++
2 files changed, 95 insertions(+), 19 deletions(-)
diff --git a/domain.go b/domain.go
index d81ac2a..773a83e 100644
--- a/domain.go
+++ b/domain.go
@@ -459,6 +459,43 @@ type DomainMaxMemory struct {
Slots uint `xml:"slots,attr,omitempty"`
}
+type DomainMemoryHugepage struct {
+ Size uint `xml:"size,attr"`
+ Unit string `xml:"unit,attr,omitempty"`
+ Nodeset string `xml:"nodeset,attr,omitempty"`
+}
+
+type DomainMemoryHugepages struct {
+ Hugepages []DomainMemoryHugepage `xml:"page"`
+}
+
+type DomainMemoryNosharepages struct {
+}
+
+type DomainMemoryLocked struct {
+}
+
+type DomainMemorySource struct {
+ Type string `xml:"type,attr,omitempty"`
+}
+
+type DomainMemoryAccess struct {
+ Mode string `xml:"mode,attr,omitempty"`
+}
+
+type DomainMemoryAllocation struct {
+ Mode string `xml:"mode,attr,omitempty"`
+}
+
+type DomainMemoryBacking struct {
+ MemoryHugePages *DomainMemoryHugepages `xml:"hugepages"`
+ MemoryNosharepages *DomainMemoryNosharepages `xml:"nosharepages"`
+ MemoryLocked *DomainMemoryLocked `xml:"locked"`
+ MemorySource *DomainMemorySource `xml:"source"`
+ MemoryAccess *DomainMemoryAccess `xml:"access"`
+ MemoryAllocation *DomainMemoryAllocation `xml:"allocation"`
+}
+
type DomainOSType struct {
Arch string `xml:"arch,attr,omitempty"`
Machine string `xml:"machine,attr,omitempty"`
@@ -681,25 +718,26 @@ type DomainQEMUCommandline struct {
// matching the order of XML elements that libvirt
// will generate when dumping XML.
type Domain struct {
- XMLName xml.Name `xml:"domain"`
- Type string `xml:"type,attr,omitempty"`
- Name string `xml:"name"`
- UUID string `xml:"uuid,omitempty"`
- Memory *DomainMemory `xml:"memory"`
- CurrentMemory *DomainMemory `xml:"currentMemory"`
- MaximumMemory *DomainMaxMemory `xml:"maxMemory"`
- VCPU *DomainVCPU `xml:"vcpu"`
- VCPUs *DomainVCPUs `xml:"vcpus"`
- Resource *DomainResource `xml:"resource"`
- SysInfo *DomainSysInfo `xml:"sysinfo"`
- OS *DomainOS `xml:"os"`
- Features *DomainFeatureList `xml:"features"`
- CPU *DomainCPU `xml:"cpu"`
- Clock *DomainClock `xml:"clock,omitempty"`
- OnPoweroff string `xml:"on_poweroff,omitempty"`
- OnReboot string `xml:"on_reboot,omitempty"`
- OnCrash string `xml:"on_crash,omitempty"`
- Devices *DomainDeviceList `xml:"devices"`
+ XMLName xml.Name `xml:"domain"`
+ Type string `xml:"type,attr,omitempty"`
+ Name string `xml:"name"`
+ UUID string `xml:"uuid,omitempty"`
+ Memory *DomainMemory `xml:"memory"`
+ CurrentMemory *DomainMemory `xml:"currentMemory"`
+ MaximumMemory *DomainMaxMemory `xml:"maxMemory"`
+ MemoryBacking *DomainMemoryBacking `xml:"memoryBacking"`
+ VCPU *DomainVCPU `xml:"vcpu"`
+ VCPUs *DomainVCPUs `xml:"vcpus"`
+ Resource *DomainResource `xml:"resource"`
+ SysInfo *DomainSysInfo `xml:"sysinfo"`
+ OS *DomainOS `xml:"os"`
+ Features *DomainFeatureList `xml:"features"`
+ CPU *DomainCPU `xml:"cpu"`
+ Clock *DomainClock `xml:"clock,omitempty"`
+ OnPoweroff string `xml:"on_poweroff,omitempty"`
+ OnReboot string `xml:"on_reboot,omitempty"`
+ OnCrash string `xml:"on_crash,omitempty"`
+ Devices *DomainDeviceList `xml:"devices"`
QEMUCommandline *DomainQEMUCommandline
}
diff --git a/domain_test.go b/domain_test.go
index 3ff1dc1..51d413b 100644
--- a/domain_test.go
+++ b/domain_test.go
@@ -435,6 +435,33 @@ var domainTestData = []struct {
Value: 16384,
Slots: 2,
},
+ MemoryBacking: &DomainMemoryBacking{
+ MemoryHugePages: &DomainMemoryHugepages{
+ Hugepages: []DomainMemoryHugepage{
+ {
+ Size: 1,
+ Unit: "G",
+ Nodeset: "0-3,5",
+ },
+ {
+ Size: 2,
+ Unit: "M",
+ Nodeset: "4",
+ },
+ },
+ },
+ MemoryNosharepages: &DomainMemoryNosharepages{},
+ MemoryLocked: &DomainMemoryLocked{},
+ MemorySource: &DomainMemorySource{
+ Type: "file|anonymous",
+ },
+ MemoryAccess: &DomainMemoryAccess{
+ Mode: "shared|private",
+ },
+ MemoryAllocation: &DomainMemoryAllocation{
+ Mode: "immediate|ondemand",
+ },
+ },
OS: &DomainOS{
Type: &DomainOSType{
Arch: "x86_64",
@@ -532,6 +559,17 @@ var domainTestData = []struct {
` <memory unit="KiB">8192</memory>`,
` <currentMemory unit="KiB">4096</currentMemory>`,
` <maxMemory unit="KiB" slots="2">16384</maxMemory>`,
+ ` <memoryBacking>`,
+ ` <hugepages>`,
+ ` <page size="1" unit="G" nodeset="0-3,5"></page>`,
+ ` <page size="2" unit="M" nodeset="4"></page>`,
+ ` </hugepages>`,
+ ` <nosharepages></nosharepages>`,
+ ` <locked></locked>`,
+ ` <source type="file|anonymous"></source>`,
+ ` <access mode="shared|private"></access>`,
+ ` <allocation mode="immediate|ondemand"></allocation>`,
+ ` </memoryBacking>`,
` <sysinfo type="smbios">`,
` <system>`,
` <entry name="manufacturer">manufacturer</entry>`,
--
2.7.4
7 years, 6 months
[libvirt] [PATCH] nwfilter: Don't leak @val
by ZhiPeng Lu
In virNWFilterIPAddrMapAddIPAddr the @val may be leaked.
Signed-off-by: ZhiPeng Lu <lu.zhipeng(a)zte.com.cn>
---
src/conf/nwfilter_ipaddrmap.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/conf/nwfilter_ipaddrmap.c b/src/conf/nwfilter_ipaddrmap.c
index 446f3de..5242f05 100644
--- a/src/conf/nwfilter_ipaddrmap.c
+++ b/src/conf/nwfilter_ipaddrmap.c
@@ -61,7 +61,10 @@ virNWFilterIPAddrMapAddIPAddr(const char *ifname, char *addr)
if (!val)
goto cleanup;
ret = virNWFilterHashTablePut(ipAddressMap, ifname, val);
- goto cleanup;
+ if (ret < 0) {
+ virNWFilterVarValueFree(val);
+ goto cleanup;
+ }
} else {
if (virNWFilterVarValueAddValue(val, addr) < 0)
goto cleanup;
--
1.8.3.1
7 years, 6 months
[libvirt] [PATCH] qemu: process: Refresh data from qemu monitor after migration
by Peter Krempa
Some values we read from the qemu monitor may be changed with the actual
state by the incomming migration. This means that we should refresh
certain things only after the migration has finished.
This is mostly visible in the cdrom tray state, which is by default
closed but may be opened by the guest OS. This would be refreshed before
qemu transferred the actual state and thus libvirt would think that the
tray is closed.
Note that this patch moves only a few obvious query commands. Other may
be moved later after individual assesment.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1463168
---
src/qemu/qemu_process.c | 59 +++++++++++++++++++++++++++++++++++--------------
1 file changed, 43 insertions(+), 16 deletions(-)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index c104985aa..2be82e958 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -5787,14 +5787,6 @@ qemuProcessLaunch(virConnectPtr conn,
if (qemuProcessSetLinkStates(driver, vm, asyncJob) < 0)
goto cleanup;
- VIR_DEBUG("Fetching list of active devices");
- if (qemuDomainUpdateDeviceList(driver, vm, asyncJob) < 0)
- goto cleanup;
-
- VIR_DEBUG("Updating info of memory devices");
- if (qemuDomainUpdateMemoryDeviceInfo(driver, vm, asyncJob) < 0)
- goto cleanup;
-
VIR_DEBUG("Setting initial memory amount");
if (qemuProcessSetupBalloon(driver, vm, asyncJob) < 0)
goto cleanup;
@@ -5806,14 +5798,6 @@ qemuProcessLaunch(virConnectPtr conn,
qemuProcessRefreshBalloonState(driver, vm, asyncJob) < 0)
goto cleanup;
- VIR_DEBUG("Detecting actual memory size for video device");
- if (qemuProcessUpdateVideoRamSize(driver, vm, asyncJob) < 0)
- goto cleanup;
-
- VIR_DEBUG("Updating disk data");
- if (qemuProcessRefreshDisks(driver, vm, asyncJob) < 0)
- goto cleanup;
-
if (flags & VIR_QEMU_PROCESS_START_AUTODESTROY &&
qemuProcessAutoDestroyAdd(driver, vm, conn) < 0)
goto cleanup;
@@ -5831,6 +5815,46 @@ qemuProcessLaunch(virConnectPtr conn,
}
+/**
+ * qemuProcessRefreshState:
+ * @driver: qemu driver data
+ * @vm: domain to refresh
+ * @asyncJob: async job type
+ *
+ * This function gathers calls to refresh qemu state after startup. This
+ * function is called after a deferred migration finishes so that we can update
+ * state influenced by the migration stream.
+ */
+static int
+qemuProcessRefreshState(virQEMUDriverPtr driver,
+ virDomainObjPtr vm,
+ qemuDomainAsyncJob asyncJob)
+{
+ int ret = -1;
+
+ VIR_DEBUG("Fetching list of active devices");
+ if (qemuDomainUpdateDeviceList(driver, vm, asyncJob) < 0)
+ goto cleanup;
+
+ VIR_DEBUG("Updating info of memory devices");
+ if (qemuDomainUpdateMemoryDeviceInfo(driver, vm, asyncJob) < 0)
+ goto cleanup;
+
+ VIR_DEBUG("Detecting actual memory size for video device");
+ if (qemuProcessUpdateVideoRamSize(driver, vm, asyncJob) < 0)
+ goto cleanup;
+
+ VIR_DEBUG("Updating disk data");
+ if (qemuProcessRefreshDisks(driver, vm, asyncJob) < 0)
+ goto cleanup;
+
+ ret = 0;
+
+ cleanup:
+ return ret;
+}
+
+
/**
* qemuProcessFinishStartup:
*
@@ -5847,6 +5871,9 @@ qemuProcessFinishStartup(virConnectPtr conn,
virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
int ret = -1;
+ if (qemuProcessRefreshState(driver, vm, asyncJob) < 0)
+ goto cleanup;
+
if (startCPUs) {
VIR_DEBUG("Starting domain CPUs");
if (qemuProcessStartCPUs(driver, vm, conn,
--
2.14.1
7 years, 6 months
[libvirt] [PATCH v2 0/3] qemu: Watchdog plug/unplug
by Michal Privoznik
v2 of:
https://www.redhat.com/archives/libvir-list/2017-September/msg00078.html
diff to v1:
- John's review worked in (mostly).
- Added auditing (patch 1/3)
Michal Privoznik (3):
audit: Audit information about watchdog devices
qemu: hot-plug of watchdog
qemu: hot-unplug of watchdog
src/conf/domain_audit.c | 46 ++++++++
src/conf/domain_audit.h | 5 +
src/libvirt_private.syms | 1 +
src/qemu/qemu_alias.c | 13 ++-
src/qemu/qemu_alias.h | 2 +
src/qemu/qemu_command.c | 2 +-
src/qemu/qemu_command.h | 4 +-
src/qemu/qemu_driver.c | 14 ++-
src/qemu/qemu_hotplug.c | 129 +++++++++++++++++++++
src/qemu/qemu_hotplug.h | 6 +
src/qemu/qemu_monitor.c | 12 ++
src/qemu/qemu_monitor.h | 2 +
src/qemu/qemu_monitor_json.c | 27 +++++
src/qemu/qemu_monitor_json.h | 3 +
tests/qemuhotplugtest.c | 14 ++-
.../qemuhotplug-watchdog-full.xml | 3 +
.../qemuhotplug-watchdog.xml | 1 +
.../qemuhotplug-base-live+watchdog.xml | 55 +++++++++
18 files changed, 333 insertions(+), 6 deletions(-)
create mode 100644 tests/qemuhotplugtestdevices/qemuhotplug-watchdog-full.xml
create mode 100644 tests/qemuhotplugtestdevices/qemuhotplug-watchdog.xml
create mode 100644 tests/qemuhotplugtestdomains/qemuhotplug-base-live+watchdog.xml
--
2.13.5
7 years, 6 months
Re: [libvirt] [PATCH v9 4/4] qemu: Add TLS support for Veritas HyperScale (VxHS)
by ashish mittal
Hi,
I have done TLS testing with this patch series and the tests passed fine
with the secAlias fix in place.
(1) Applied all the v9 patches.
(2) make install. Reload and restart the libvirtd daemon.
(3) Make sure able to start guest with TLS enabled VxHS disk in the domain
XML.
(4) Try to hot-plug another TLS disk. libvirtd crashes.
[root@audi libvirt] 2017-09-20 15:59:25# virsh attach-device myfc24
../../hotplug_disk_1.xml
error: Disconnected from qemu:///system due to end of file
error: Failed to attach device from ../../hotplug_disk_1.xml
error: End of file while reading data: Input/output error
(5) Now add the secAlias patch
[amittal2@audi libvirt] 2017-09-20 16:08:37$ git apply
~/20Sep2017_1/0001-Avoid-a-possible-NULL-pointer-dereference-in-qemuDom.patch
[amittal2@audi libvirt] 2017-09-20 16:09:07$ git diff
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 7751a60..bd96272 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -1719,7 +1719,8 @@ qemuDomainGetTLSObjects(virQEMUCapsPtr qemuCaps,
}
if (qemuBuildTLSx509BackendProps(tlsCertdir, tlsListen, tlsVerify,
- *secAlias, qemuCaps, tlsProps) < 0)
+ secAlias ? *secAlias : NULL, qemuCaps,
+ tlsProps) < 0)
return -1;
if (!(*tlsAlias = qemuAliasTLSObjFromSrcAlias(srcAlias)))
[amittal2@audi libvirt] 2017-09-20 16:09:15$
(6) Run the new libvirtd
[root@audi libvirt] 2017-09-20 16:13:04# make install
...
[root@audi libvirt] 2017-09-20 16:14:05# systemctl daemon-reload
[root@audi libvirt] 2017-09-20 16:14:11# systemctl restart libvirtd.service
[root@audi libvirt] 2017-09-20 16:14:13#
(7) Attached and detached two TLS enabled VxHS disks several times. All
were successful.
[root@audi libvirt] 2017-09-20 16:14:14# virsh attach-device myfc24
../../hotplug_disk_1.xml
Device attached successfully
[root@audi libvirt] 2017-09-20 16:14:24# virsh attach-device myfc24
../../hotplug_disk_2.xml
Device attached successfully
[root@audi libvirt] 2017-09-20 16:14:57# virsh detach-device myfc24
../../hotplug_disk_1.xml
Device detached successfully
[root@audi libvirt] 2017-09-20 16:15:11# virsh detach-device myfc24
../../hotplug_disk_2.xml
Device detached successfully
[root@audi libvirt] 2017-09-20 16:15:16# virsh attach-device myfc24
../../hotplug_disk_2.xml
Device attached successfully
[root@audi libvirt] 2017-09-20 16:15:19# virsh attach-device myfc24
../../hotplug_disk_1.xml
Device attached successfully
[root@audi libvirt] 2017-09-20 16:15:22# virsh attach-device myfc24
../../hotplug_disk_1.xml
error: Failed to attach device from ../../hotplug_disk_1.xml
error: XML error: target 'vdb' duplicated for disk sources
'/tmp/test_vxhs_disk_2' and '/tmp/test_vxhs_disk_2'
[root@audi libvirt] 2017-09-20 16:15:28# virsh detach-device myfc24
../../hotplug_disk_2.xml
Device detached successfully
[root@audi libvirt] 2017-09-20 16:15:51# virsh detach-device myfc24
../../hotplug_disk_1.xml
Device detached successfully
[root@audi libvirt] 2017-09-20 16:15:55#
[root@audi libvirt] 2017-09-20 16:28:23# cat ../../hotplug_disk_1.xml
<disk type='network' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source protocol='vxhs' name='/tmp/test_vxhs_disk_2' tls='yes'>
<host name='127.0.0.1' port='9999'/>
</source>
<target dev='vdb' bus='virtio'/>
<serial>eb90327c-8302-4725-9e1b-4e85ed4dc252</serial>
</disk>
[root@audi libvirt] 2017-09-20 16:28:36# cat ../../hotplug_disk_2.xml
<disk type='network' device='disk'>
<driver name='qemu' type='raw' cache='none'/>
<source protocol='vxhs' name='/tmp/test_vxhs_disk_3' tls='yes'>
<host name='127.0.0.1' port='9999'/>
</source>
<target dev='vda' bus='virtio'/>
<serial>eb90327c-8302-4725-9e1b-4e85ed4dc253</serial>
</disk>
IMHO, the patches are good to go :)
Thanks,
Ashish
On Tue, Sep 19, 2017 at 6:32 PM, John Ferlan <jferlan(a)redhat.com> wrote:
> From: Ashish Mittal <Ashish.Mittal(a)veritas.com>
>
> Alter qemu command line generation in order to possibly add TLS for
> a suitably configured domain.
>
> Sample TLS args generated by libvirt -
>
> -object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/qemu,\
> endpoint=client,verify-peer=yes \
> -drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\
> file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,\
> file.server.type=tcp,file.server.host=192.168.0.1,\
> file.server.port=9999,format=raw,if=none,\
> id=drive-virtio-disk0,cache=none \
> -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
> id=virtio-disk0
>
> Update the qemuxml2argvtest with a couple of examples. One for a
> simple case and the other a bit more complex where multiple VxHS disks
> are added where at least one uses a VxHS that doesn't require TLS
> credentials and thus sets the domain disk source attribute "tls = 'no'".
>
> Update the hotplug to be able to handle processing the tlsAlias whether
> it's to add the TLS object when hotplugging a disk or to remove the TLS
> object when hot unplugging a disk. The hot plug/unplug code is largely
> generic, but the addition code does make the VXHS specific checks only
> because it needs to grab the correct config directory and generate the
> object as the command line would do.
>
> Signed-off-by: Ashish Mittal <Ashish.Mittal(a)veritas.com>
> Signed-off-by: John Ferlan <jferlan(a)redhat.com>
> ---
> src/qemu/qemu_block.c | 8 +++
> src/qemu/qemu_command.c | 33 +++++++++
> src/qemu/qemu_hotplug.c | 79
> ++++++++++++++++++++++
> ...-disk-drive-network-tlsx509-multidisk-vxhs.args | 43 ++++++++++++
> ...v-disk-drive-network-tlsx509-multidisk-vxhs.xml | 50 ++++++++++++++
> ...muxml2argv-disk-drive-network-tlsx509-vxhs.args | 30 ++++++++
> tests/qemuxml2argvtest.c | 7 ++
> 7 files changed, 250 insertions(+)
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.args
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.xml
> create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-vxhs.args
>
> diff --git a/src/qemu/qemu_block.c b/src/qemu/qemu_block.c
> index 3437302dd..77ffc6c51 100644
> --- a/src/qemu/qemu_block.c
> +++ b/src/qemu/qemu_block.c
> @@ -529,16 +529,24 @@ qemuBlockStorageSourceGetVxHSProps(virStorageSourcePtr
> src)
> return NULL;
> }
>
> + if (src->haveTLS == VIR_TRISTATE_BOOL_YES && !src->tlsAlias) {
> + virReportError(VIR_ERR_INVALID_ARG, "%s",
> + _("VxHS disk does not have TLS alias set"));
> + return NULL;
> + }
> +
> if (!(server = qemuBlockStorageSourceBuildJSONSocketAddress(src->hosts,
> true)))
> return NULL;
>
> /* VxHS disk specification example:
> * { driver:"vxhs",
> + * tls-creds:"objvirtio-disk0_tls0",
> * vdisk-id:"eb90327c-8302-4725-4e85ed4dc251",
> * server:{type:"tcp", host:"1.2.3.4", port:9999}}
> */
> if (virJSONValueObjectCreate(&ret,
> "s:driver", protocol,
> + "S:tls-creds", src->tlsAlias,
> "s:vdisk-id", src->path,
> "a:server", server, NULL) < 0)
> virJSONValueFree(server);
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index 9b3e3fc04..756bf3836 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -794,6 +794,35 @@ qemuBuildTLSx509CommandLine(virCommandPtr cmd,
> }
>
>
> +/* qemuBuildDiskSrcTLSx509CommandLine:
> + *
> + * Add TLS object if the disk src uses a secure communication channel
> + *
> + * Returns 0 on success, -1 w/ error on some sort of failure.
> + */
> +static int
> +qemuBuildDiskSrcTLSx509CommandLine(virCommandPtr cmd,
> + virStorageSourcePtr src,
> + const char *srcalias,
> + virQEMUCapsPtr qemuCaps)
> +{
> +
> +
> + /* other protocols may be added later */
> + if (src->protocol == VIR_STORAGE_NET_PROTOCOL_VXHS &&
> + src->haveTLS == VIR_TRISTATE_BOOL_YES) {
> + if (!(src->tlsAlias = qemuAliasTLSObjFromSrcAlias(srcalias)))
> + return -1;
> +
> + return qemuBuildTLSx509CommandLine(cmd, src->tlsCertdir,
> + src->tlsListen, src->tlsVerify,
> + false, srcalias, qemuCaps);
> + }
> +
> + return 0;
> +}
> +
> +
> static char *
> qemuBuildNetworkDriveURI(virStorageSourcePtr src,
> qemuDomainSecretInfoPtr secinfo)
> @@ -2221,6 +2250,10 @@ qemuBuildDiskDriveCommandLine(virCommandPtr cmd,
> if (qemuBuildDiskSecinfoCommandLine(cmd, encinfo) < 0)
> return -1;
>
> + if (qemuBuildDiskSrcTLSx509CommandLine(cmd, disk->src,
> disk->info.alias,
> + qemuCaps) < 0)
> + return -1;
> +
> virCommandAddArg(cmd, "-drive");
>
> if (!(optstr = qemuBuildDriveStr(disk, cfg, driveBoot, qemuCaps)))
> diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
> index 7dd6e5fd9..7751a608d 100644
> --- a/src/qemu/qemu_hotplug.c
> +++ b/src/qemu/qemu_hotplug.c
> @@ -156,6 +156,52 @@ qemuDomainPrepareDisk(virQEMUDriverPtr driver,
>
>
> static int
> +qemuDomainAddDiskSrcTLSObject(virQEMUDriverPtr driver,
> + virDomainObjPtr vm,
> + virStorageSourcePtr src,
> + const char *srcalias)
> +{
> + int ret = -1;
> + qemuDomainObjPrivatePtr priv = vm->privateData;
> + virJSONValuePtr tlsProps = NULL;
> +
> + /* NB: Initial implementation doesn't require/use a secret to decrypt
> + * a server certificate, so there's no need to manage a tlsSecAlias
> + * and tlsSecProps. See qemuDomainAddChardevTLSObjects for the
> + * methodology required to add a secret object. */
> +
> + /* Create the TLS object using the source tls* settings */
> + if (qemuDomainGetTLSObjects(priv->qemuCaps, NULL,
> + src->tlsCertdir,
> + src->tlsListen,
> + src->tlsVerify,
> + srcalias, &tlsProps, &src->tlsAlias,
> + NULL, NULL) < 0)
> + goto cleanup;
> +
> + if (qemuDomainAddTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE,
> + NULL, NULL, src->tlsAlias, &tlsProps) < 0)
> + goto cleanup;
> +
> + ret = 0;
> +
> + cleanup:
> + virJSONValueFree(tlsProps);
> +
> + return ret;
> +}
> +
> +
> +static void
> +qemuDomainDelDiskSrcTLSObject(virQEMUDriverPtr driver,
> + virDomainObjPtr vm,
> + virStorageSourcePtr src)
> +{
> + qemuDomainDelTLSObjects(driver, vm, QEMU_ASYNC_JOB_NONE, NULL,
> src->tlsAlias);
> +}
> +
> +
> +static int
> qemuHotplugWaitForTrayEject(virQEMUDriverPtr driver,
> virDomainObjPtr vm,
> virDomainDiskDefPtr disk,
> @@ -376,6 +422,14 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
> if (encinfo && qemuBuildSecretInfoProps(encinfo, &encobjProps) < 0)
> goto error;
>
> + if (qemuDomainPrepareDiskSourceTLS(disk->src, disk->info.alias, cfg)
> < 0)
> + goto error;
> +
> + if (disk->src->haveTLS &&
> + qemuDomainAddDiskSrcTLSObject(driver, vm, disk->src,
> + disk->info.alias) < 0)
> + goto error;
> +
> if (!(drivestr = qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)))
> goto error;
>
> @@ -453,6 +507,8 @@ qemuDomainAttachVirtioDiskDevice(virConnectPtr conn,
> virDomainAuditDisk(vm, NULL, disk->src, "attach", false);
>
> error:
> + qemuDomainDelDiskSrcTLSObject(driver, vm, disk->src);
> +
> if (releaseaddr)
> qemuDomainReleaseDeviceAddress(vm, &disk->info, src);
>
> @@ -667,6 +723,14 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
> if (!(devstr = qemuBuildDriveDevStr(vm->def, disk, 0,
> priv->qemuCaps)))
> goto error;
>
> + if (qemuDomainPrepareDiskSourceTLS(disk->src, disk->info.alias, cfg)
> < 0)
> + goto error;
> +
> + if (disk->src->haveTLS &&
> + qemuDomainAddDiskSrcTLSObject(driver, vm, disk->src,
> + disk->info.alias) < 0)
> + goto error;
> +
> if (!(drivestr = qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)))
> goto error;
>
> @@ -737,6 +801,8 @@ qemuDomainAttachSCSIDisk(virConnectPtr conn,
> virDomainAuditDisk(vm, NULL, disk->src, "attach", false);
>
> error:
> + qemuDomainDelDiskSrcTLSObject(driver, vm, disk->src);
> +
> ignore_value(qemuDomainPrepareDisk(driver, vm, disk, NULL, true));
> goto cleanup;
> }
> @@ -777,6 +843,14 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr
> driver,
> if (qemuAssignDeviceDiskAlias(vm->def, disk, priv->qemuCaps) < 0)
> goto error;
>
> + if (qemuDomainPrepareDiskSourceTLS(disk->src, disk->info.alias, cfg)
> < 0)
> + goto error;
> +
> + if (disk->src->haveTLS &&
> + qemuDomainAddDiskSrcTLSObject(driver, vm, disk->src,
> + disk->info.alias) < 0)
> + goto error;
> +
> if (!(drivestr = qemuBuildDriveStr(disk, cfg, false, priv->qemuCaps)))
> goto error;
>
> @@ -827,6 +901,8 @@ qemuDomainAttachUSBMassStorageDevice(virQEMUDriverPtr
> driver,
> virDomainAuditDisk(vm, NULL, disk->src, "attach", false);
>
> error:
> + qemuDomainDelDiskSrcTLSObject(driver, vm, disk->src);
> +
> ignore_value(qemuDomainPrepareDisk(driver, vm, disk, NULL, true));
> goto cleanup;
> }
> @@ -3677,6 +3753,9 @@ qemuDomainRemoveDiskDevice(virQEMUDriverPtr driver,
> ignore_value(qemuMonitorDelObject(priv->mon, encAlias));
> VIR_FREE(encAlias);
>
> + if (disk->src->haveTLS)
> + ignore_value(qemuMonitorDelObject(priv->mon,
> disk->src->tlsAlias));
> +
> if (qemuDomainObjExitMonitor(driver, vm) < 0)
> return -1;
>
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.args b/tests/qemuxml2argvdata/
> qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.args
> new file mode 100644
> index 000000000..572c9f36c
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.args
> @@ -0,0 +1,43 @@
> +LC_ALL=C \
> +PATH=/bin \
> +HOME=/home/test \
> +USER=test \
> +LOGNAME=test \
> +QEMU_AUDIO_DRV=none \
> +/usr/bin/qemu-system-x86_64 \
> +-name QEMUGuest1 \
> +-S \
> +-M pc \
> +-cpu qemu32 \
> +-m 214 \
> +-smp 1,sockets=1,cores=1,threads=1 \
> +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
> +-nographic \
> +-nodefaults \
> +-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/
> monitor.sock,\
> +server,nowait \
> +-mon chardev=charmonitor,id=monitor,mode=readline \
> +-no-acpi \
> +-boot c \
> +-usb \
> +-object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/qemu,\
> +endpoint=client,verify-peer=yes \
> +-drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\
> +file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,file.server.type=tcp,\
> +file.server.host=192.168.0.1,file.server.port=9999,format=raw,if=none,\
> +id=drive-virtio-disk0,cache=none \
> +-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
> +id=virtio-disk0 \
> +-object tls-creds-x509,id=objvirtio-disk1_tls0,dir=/etc/pki/qemu,\
> +endpoint=client,verify-peer=yes \
> +-drive file.driver=vxhs,file.tls-creds=objvirtio-disk1_tls0,\
> +file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc252,file.server.type=tcp,\
> +file.server.host=192.168.0.2,file.server.port=9999,format=raw,if=none,\
> +id=drive-virtio-disk1,cache=none \
> +-device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk1,\
> +id=virtio-disk1 \
> +-drive file.driver=vxhs,file.vdisk-id=eb90327c-8302-4725-9e1b-
> 4e85ed4dc253,\
> +file.server.type=tcp,file.server.host=192.168.0.3,file.server.port=9999,\
> +format=raw,if=none,id=drive-virtio-disk2,cache=none \
> +-device virtio-blk-pci,bus=pci.0,addr=0x6,drive=drive-virtio-disk2,\
> +id=virtio-disk2
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.xml b/tests/qemuxml2argvdata/
> qemuxml2argv-disk-drive-network-tlsx509-multidisk-vxhs.xml
> new file mode 100644
> index 000000000..a66e81f06
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-multidisk-vxhs.xml
> @@ -0,0 +1,50 @@
> +<domain type='qemu'>
> + <name>QEMUGuest1</name>
> + <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
> + <memory unit='KiB'>219136</memory>
> + <currentMemory unit='KiB'>219136</currentMemory>
> + <vcpu placement='static'>1</vcpu>
> + <os>
> + <type arch='i686' machine='pc'>hvm</type>
> + <boot dev='hd'/>
> + </os>
> + <clock offset='utc'/>
> + <on_poweroff>destroy</on_poweroff>
> + <on_reboot>restart</on_reboot>
> + <on_crash>destroy</on_crash>
> + <devices>
> + <emulator>/usr/bin/qemu-system-x86_64</emulator>
> + <disk type='network' device='disk'>
> + <driver name='qemu' type='raw' cache='none'/>
> + <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-
> 4e85ed4dc251'>
> + <host name='192.168.0.1' port='9999'/>
> + </source>
> + <target dev='vda' bus='virtio'/>
> + <serial>eb90327c-8302-4725-9e1b-4e85ed4dc251</serial>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x04'
> function='0x0'/>
> + </disk>
> + <disk type='network' device='disk'>
> + <driver name='qemu' type='raw' cache='none'/>
> + <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-
> 4e85ed4dc252'>
> + <host name='192.168.0.2' port='9999'/>
> + </source>
> + <target dev='vdb' bus='virtio'/>
> + <serial>eb90327c-8302-4725-9e1b-4e85ed4dc252</serial>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x05'
> function='0x0'/>
> + </disk>
> + <disk type='network' device='disk'>
> + <driver name='qemu' type='raw' cache='none'/>
> + <source protocol='vxhs' name='eb90327c-8302-4725-9e1b-4e85ed4dc253'
> tls='no'>
> + <host name='192.168.0.3' port='9999'/>
> + </source>
> + <target dev='vdc' bus='virtio'/>
> + <serial>eb90327c-8302-4725-9e1b-4e85ed4dc252</serial>
> + <address type='pci' domain='0x0000' bus='0x00' slot='0x06'
> function='0x0'/>
> + </disk>
> + <controller type='usb' index='0'/>
> + <controller type='pci' index='0' model='pci-root'/>
> + <input type='mouse' bus='ps2'/>
> + <input type='keyboard' bus='ps2'/>
> + <memballoon model='none'/>
> + </devices>
> +</domain>
> diff --git a/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-vxhs.args
> b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-network-tlsx509-vxhs.args
> new file mode 100644
> index 000000000..aaf88635b
> --- /dev/null
> +++ b/tests/qemuxml2argvdata/qemuxml2argv-disk-drive-
> network-tlsx509-vxhs.args
> @@ -0,0 +1,30 @@
> +LC_ALL=C \
> +PATH=/bin \
> +HOME=/home/test \
> +USER=test \
> +LOGNAME=test \
> +QEMU_AUDIO_DRV=none \
> +/usr/bin/qemu-system-x86_64 \
> +-name QEMUGuest1 \
> +-S \
> +-M pc \
> +-cpu qemu32 \
> +-m 214 \
> +-smp 1,sockets=1,cores=1,threads=1 \
> +-uuid c7a5fdbd-edaf-9455-926a-d65c16db1809 \
> +-nographic \
> +-nodefaults \
> +-chardev socket,id=charmonitor,path=/tmp/lib/domain--1-QEMUGuest1/
> monitor.sock,\
> +server,nowait \
> +-mon chardev=charmonitor,id=monitor,mode=readline \
> +-no-acpi \
> +-boot c \
> +-usb \
> +-object tls-creds-x509,id=objvirtio-disk0_tls0,dir=/etc/pki/qemu,\
> +endpoint=client,verify-peer=yes \
> +-drive file.driver=vxhs,file.tls-creds=objvirtio-disk0_tls0,\
> +file.vdisk-id=eb90327c-8302-4725-9e1b-4e85ed4dc251,file.server.type=tcp,\
> +file.server.host=192.168.0.1,file.server.port=9999,format=raw,if=none,\
> +id=drive-virtio-disk0,cache=none \
> +-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk0,\
> +id=virtio-disk0
> diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
> index bf43beb10..21f057460 100644
> --- a/tests/qemuxml2argvtest.c
> +++ b/tests/qemuxml2argvtest.c
> @@ -934,6 +934,13 @@ mymain(void)
> DO_TEST("disk-drive-network-rbd-ipv6", NONE);
> DO_TEST_FAILURE("disk-drive-network-rbd-no-colon", NONE);
> DO_TEST("disk-drive-network-vxhs", QEMU_CAPS_VXHS);
> + driver.config->vxhsTLS = 1;
> + DO_TEST("disk-drive-network-tlsx509-vxhs", QEMU_CAPS_VXHS,
> + QEMU_CAPS_OBJECT_TLS_CREDS_X509);
> + DO_TEST("disk-drive-network-tlsx509-multidisk-vxhs", QEMU_CAPS_VXHS,
> + QEMU_CAPS_OBJECT_TLS_CREDS_X509);
> + driver.config->vxhsTLS = 0;
> + VIR_FREE(driver.config->vxhsTLSx509certdir);
> DO_TEST("disk-drive-no-boot",
> QEMU_CAPS_BOOTINDEX);
> DO_TEST_PARSE_ERROR("disk-device-lun-type-invalid",
> --
> 2.13.5
>
>
7 years, 6 months
[libvirt] [PATCH] qemu: hotplug: Ignore cgroup errors when hot-unplugging vcpus
by Peter Krempa
When the vcpu is successfully removed libvirt would remove the cgroup.
In cases when removal of the cgroup fails libvirt would report an error.
This does not make much sense, since the vcpu was removed and we can't
really do anything with the cgroup. This patch silences the errors from
cgroup removal.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1462092
---
src/qemu/qemu_hotplug.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
index 7592049ea..4913e18e6 100644
--- a/src/qemu/qemu_hotplug.c
+++ b/src/qemu/qemu_hotplug.c
@@ -5322,6 +5322,7 @@ qemuDomainRemoveVcpu(virQEMUDriverPtr driver,
qemuDomainVcpuPrivatePtr vcpupriv = QEMU_DOMAIN_VCPU_PRIVATE(vcpuinfo);
int oldvcpus = virDomainDefGetVcpus(vm->def);
unsigned int nvcpus = vcpupriv->vcpus;
+ virErrorPtr save_error = NULL;
size_t i;
if (qemuDomainRefreshVcpuInfo(driver, vm, QEMU_ASYNC_JOB_NONE, false) < 0)
@@ -5346,11 +5347,12 @@ qemuDomainRemoveVcpu(virQEMUDriverPtr driver,
virDomainAuditVcpu(vm, oldvcpus, oldvcpus - nvcpus, "update", true);
- for (i = vcpu; i < vcpu + nvcpus; i++) {
- vcpuinfo = virDomainDefGetVcpu(vm->def, i);
- if (virCgroupDelThread(priv->cgroup, VIR_CGROUP_THREAD_VCPU, i) < 0)
- return -1;
- }
+ virErrorPreserveLast(&save_error);
+
+ for (i = vcpu; i < vcpu + nvcpus; i++)
+ ignore_value(virCgroupDelThread(priv->cgroup, VIR_CGROUP_THREAD_VCPU, i));
+
+ virErrorRestore(&save_error);
return 0;
}
--
2.14.1
7 years, 6 months
[libvirt] [PATCH] nwfilter: Don't leak @inetaddr
by ZhiPeng Lu
In learnIPAddressThread()the @inetaddr may be leaked.
Signed-off-by: ZhiPeng Lu <lu.zhipeng(a)zte.com.cn>
---
src/nwfilter/nwfilter_learnipaddr.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/nwfilter/nwfilter_learnipaddr.c b/src/nwfilter/nwfilter_learnipaddr.c
index cfd92d9..018f20f 100644
--- a/src/nwfilter/nwfilter_learnipaddr.c
+++ b/src/nwfilter/nwfilter_learnipaddr.c
@@ -627,6 +627,7 @@ learnIPAddressThread(void *arg)
"cache for interface %s"), inetaddr, req->ifname);
}
+ inetaddr = NULL;
ret = virNWFilterInstantiateFilterLate(req->driver,
NULL,
req->ifname,
@@ -636,7 +637,8 @@ learnIPAddressThread(void *arg)
req->filtername,
req->filterparams);
VIR_DEBUG("Result from applying firewall rules on "
- "%s with IP addr %s : %d", req->ifname, inetaddr, ret);
+ "%s with IP addr %s : %d", req->ifname, NULLSTR(inetaddr), ret);
+ VIR_FREE(inetaddr);
}
} else {
if (showError)
--
1.8.3.1
7 years, 6 months
