[libvirt] [PATCH] qemu: ensure FDs passed to QEMU for chardevs have correct SELinux labels
by Daniel P. Berrangé
The UNIX socket FDs were we passing to QEMU inherited a label based on
libvirtd's context. QEMU is thus denied ability to access the UNIX
socket. We need to use the security manager to change our current
context temporarily when creating the UNIX socket FD.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
src/qemu/qemu_command.c | 86 ++++++++++++++++++++++++++++-------------
src/qemu/qemu_command.h | 1 +
src/qemu/qemu_process.c | 2 +
3 files changed, 63 insertions(+), 26 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 1ffcb5b1ae..146f671663 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -4931,6 +4931,7 @@ qemuOpenChrChardevUNIXSocket(const virDomainChrSourceDef *dev)
* host side of the character device */
static char *
qemuBuildChrChardevStr(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -5065,7 +5066,13 @@ qemuBuildChrChardevStr(virLogManagerPtr logManager,
case VIR_DOMAIN_CHR_TYPE_UNIX:
if (virQEMUCapsGet(qemuCaps, QEMU_CAPS_CHARDEV_FD_PASS)) {
+ if (qemuSecuritySetSocketLabel(secManager, (virDomainDefPtr)def) < 0)
+ goto cleanup;
int fd = qemuOpenChrChardevUNIXSocket(dev);
+ if (qemuSecurityClearSocketLabel(secManager, (virDomainDefPtr)def) < 0) {
+ VIR_FORCE_CLOSE(fd);
+ goto cleanup;
+ }
if (fd < 0)
goto cleanup;
@@ -5404,6 +5411,7 @@ qemuBuildHostdevCommandLine(virCommandPtr cmd,
static int
qemuBuildMonitorCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
virDomainDefPtr def,
@@ -5414,7 +5422,8 @@ qemuBuildMonitorCommandLine(virLogManagerPtr logManager,
if (!priv->monConfig)
return 0;
- if (!(chrdev = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(chrdev = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
priv->monConfig, "monitor",
priv->qemuCaps, true,
priv->chardevStdioLogd)))
@@ -5533,6 +5542,7 @@ qemuBuildSclpDevStr(virDomainChrDefPtr dev)
static int
qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -5550,7 +5560,8 @@ qemuBuildRNGBackendChrdevStr(virLogManagerPtr logManager,
return 0;
case VIR_DOMAIN_RNG_BACKEND_EGD:
- if (!(*chr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(*chr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
rng->source.chardev,
rng->info.alias, qemuCaps, true,
chardevStdioLogd)))
@@ -5680,6 +5691,7 @@ qemuBuildRNGDevStr(const virDomainDef *def,
static int
qemuBuildRNGCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -5702,7 +5714,7 @@ qemuBuildRNGCommandLine(virLogManagerPtr logManager,
}
/* possibly add character device for backend */
- if (qemuBuildRNGBackendChrdevStr(logManager, cmd, cfg, def,
+ if (qemuBuildRNGBackendChrdevStr(logManager, secManager, cmd, cfg, def,
rng, qemuCaps, &tmp,
chardevStdioLogd) < 0)
return -1;
@@ -8135,6 +8147,7 @@ qemuBuildGraphicsCommandLine(virQEMUDriverConfigPtr cfg,
static int
qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virDomainDefPtr def,
virDomainNetDefPtr net,
@@ -8157,7 +8170,8 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
switch ((virDomainChrType)net->data.vhostuser->type) {
case VIR_DOMAIN_CHR_TYPE_UNIX:
- if (!(chardev = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(chardev = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
net->data.vhostuser,
net->info.alias, qemuCaps, false,
chardevStdioLogd)))
@@ -8225,6 +8239,7 @@ qemuBuildVhostuserCommandLine(virQEMUDriverPtr driver,
static int
qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virDomainDefPtr def,
virDomainNetDefPtr net,
@@ -8356,7 +8371,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
break;
case VIR_DOMAIN_NET_TYPE_VHOSTUSER:
- ret = qemuBuildVhostuserCommandLine(driver, logManager, cmd, def,
+ ret = qemuBuildVhostuserCommandLine(driver, logManager, secManager, cmd, def,
net, qemuCaps, bootindex,
chardevStdioLogd);
goto cleanup;
@@ -8534,6 +8549,7 @@ qemuBuildInterfaceCommandLine(virQEMUDriverPtr driver,
static int
qemuBuildNetCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virDomainDefPtr def,
virQEMUCapsPtr qemuCaps,
@@ -8566,7 +8582,7 @@ qemuBuildNetCommandLine(virQEMUDriverPtr driver,
for (i = 0; i < def->nnets; i++) {
virDomainNetDefPtr net = def->nets[i];
- if (qemuBuildInterfaceCommandLine(driver, logManager, cmd, def, net,
+ if (qemuBuildInterfaceCommandLine(driver, logManager, secManager, cmd, def, net,
qemuCaps, bootNet, vmop,
standalone, nnicindexes,
nicindexes,
@@ -8629,6 +8645,7 @@ qemuBuildSmartcardFindCCIDController(const virDomainDef *def,
static int
qemuBuildSmartcardCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -8702,7 +8719,8 @@ qemuBuildSmartcardCommandLine(virLogManagerPtr logManager,
return -1;
}
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
smartcard->data.passthru,
smartcard->info.alias,
qemuCaps, true,
@@ -8862,6 +8880,7 @@ qemuBuildShmemBackendMemProps(virDomainShmemDefPtr shmem)
static int
qemuBuildShmemCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
virDomainDefPtr def,
@@ -8933,7 +8952,8 @@ qemuBuildShmemCommandLine(virLogManagerPtr logManager,
VIR_FREE(devstr);
if (shmem->server.enabled) {
- devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
&shmem->server.chr,
shmem->info.alias, qemuCaps, true,
chardevStdioLogd);
@@ -9020,6 +9040,7 @@ qemuChrIsPlatformDevice(const virDomainDef *def,
static int
qemuBuildSerialCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -9043,7 +9064,8 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager,
if (serial->source->type == VIR_DOMAIN_CHR_TYPE_SPICEPORT && !havespice)
continue;
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
serial->source,
serial->info.alias,
qemuCaps, true,
@@ -9080,6 +9102,7 @@ qemuBuildSerialCommandLine(virLogManagerPtr logManager,
static int
qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -9092,7 +9115,8 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
virDomainChrDefPtr parallel = def->parallels[i];
char *devstr;
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
parallel->source,
parallel->info.alias,
qemuCaps, true,
@@ -9113,6 +9137,7 @@ qemuBuildParallelsCommandLine(virLogManagerPtr logManager,
static int
qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -9127,7 +9152,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
switch (channel->targetType) {
case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_GUESTFWD:
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
channel->source,
channel->info.alias,
qemuCaps, true,
@@ -9144,7 +9170,8 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
break;
case VIR_DOMAIN_CHR_CHANNEL_TARGET_TYPE_VIRTIO:
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
channel->source,
channel->info.alias,
qemuCaps, true,
@@ -9166,6 +9193,7 @@ qemuBuildChannelsCommandLine(virLogManagerPtr logManager,
static int
qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -9187,7 +9215,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
return -1;
}
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
console->source,
console->info.alias,
qemuCaps, true,
@@ -9208,7 +9237,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
return -1;
}
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
console->source,
console->info.alias,
qemuCaps, true,
@@ -9223,7 +9253,8 @@ qemuBuildConsoleCommandLine(virLogManagerPtr logManager,
break;
case VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_VIRTIO:
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
console->source,
console->info.alias,
qemuCaps, true,
@@ -9342,6 +9373,7 @@ qemuBuildRedirdevDevStr(const virDomainDef *def,
static int
qemuBuildRedirdevCommandLine(virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virCommandPtr cmd,
virQEMUDriverConfigPtr cfg,
const virDomainDef *def,
@@ -9354,7 +9386,8 @@ qemuBuildRedirdevCommandLine(virLogManagerPtr logManager,
virDomainRedirdevDefPtr redirdev = def->redirdevs[i];
char *devstr;
- if (!(devstr = qemuBuildChrChardevStr(logManager, cmd, cfg, def,
+ if (!(devstr = qemuBuildChrChardevStr(logManager, secManager,
+ cmd, cfg, def,
redirdev->source,
redirdev->info.alias,
qemuCaps, true,
@@ -10065,6 +10098,7 @@ qemuBuildVsockCommandLine(virCommandPtr cmd,
virCommandPtr
qemuBuildCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virDomainObjPtr vm,
const char *migrateURI,
virDomainSnapshotObjPtr snapshot,
@@ -10181,7 +10215,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildSgaCommandLine(cmd, def, qemuCaps) < 0)
goto error;
- if (qemuBuildMonitorCommandLine(logManager, cmd, cfg, def, priv) < 0)
+ if (qemuBuildMonitorCommandLine(logManager, secManager, cmd, cfg, def, priv) < 0)
goto error;
if (qemuBuildClockCommandLine(cmd, def, qemuCaps) < 0)
@@ -10211,29 +10245,29 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildFSDevCommandLine(cmd, def, qemuCaps) < 0)
goto error;
- if (qemuBuildNetCommandLine(driver, logManager, cmd, def,
+ if (qemuBuildNetCommandLine(driver, logManager, secManager, cmd, def,
qemuCaps, vmop, standalone,
nnicindexes, nicindexes, &bootHostdevNet,
chardevStdioLogd) < 0)
goto error;
- if (qemuBuildSmartcardCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildSmartcardCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
- if (qemuBuildSerialCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildSerialCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
- if (qemuBuildParallelsCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildParallelsCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
- if (qemuBuildChannelsCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildChannelsCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
- if (qemuBuildConsoleCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildConsoleCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
@@ -10258,7 +10292,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildWatchdogCommandLine(cmd, def, qemuCaps) < 0)
goto error;
- if (qemuBuildRedirdevCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildRedirdevCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
@@ -10271,7 +10305,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
if (qemuBuildMemballoonCommandLine(cmd, def, qemuCaps) < 0)
goto error;
- if (qemuBuildRNGCommandLine(logManager, cmd, cfg, def, qemuCaps,
+ if (qemuBuildRNGCommandLine(logManager, secManager, cmd, cfg, def, qemuCaps,
chardevStdioLogd) < 0)
goto error;
@@ -10306,7 +10340,7 @@ qemuBuildCommandLine(virQEMUDriverPtr driver,
goto error;
for (i = 0; i < def->nshmems; i++) {
- if (qemuBuildShmemCommandLine(logManager, cmd, cfg,
+ if (qemuBuildShmemCommandLine(logManager, secManager, cmd, cfg,
def, def->shmems[i], qemuCaps,
chardevStdioLogd))
goto error;
diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h
index c78282eb09..4f1b360130 100644
--- a/src/qemu/qemu_command.h
+++ b/src/qemu/qemu_command.h
@@ -46,6 +46,7 @@ VIR_ENUM_DECL(qemuVideo)
virCommandPtr qemuBuildCommandLine(virQEMUDriverPtr driver,
virLogManagerPtr logManager,
+ virSecurityManagerPtr secManager,
virDomainObjPtr vm,
const char *migrateURI,
virDomainSnapshotObjPtr snapshot,
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 2967568f62..7e9ad01e61 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -6174,6 +6174,7 @@ qemuProcessLaunch(virConnectPtr conn,
VIR_DEBUG("Building emulator command line");
if (!(cmd = qemuBuildCommandLine(driver,
qemuDomainLogContextGetManager(logCtxt),
+ driver->securityManager,
vm,
incoming ? incoming->launchURI : NULL,
snapshot, vmop,
@@ -6642,6 +6643,7 @@ qemuProcessCreatePretendCmd(virQEMUDriverPtr driver,
VIR_DEBUG("Building emulator command line");
cmd = qemuBuildCommandLine(driver,
NULL,
+ driver->securityManager,
vm,
migrateURI,
NULL,
--
2.17.1
6 years, 5 months
[libvirt] [PATCH] docs: formatdomain: Note the caveats for CPU policy option "force"
by Kashyap Chamarthy
Eduardo Habkost has pointed out that the current documentation of
libvirt's CPU feature policy "require" vs. "force" does not match
QEMU's behaviour.
Update the documentation by spelling out the QEMU version dependency and
explain in which scenarios the usage of "policy = 'force'" is applicable
or not.
Signed-off-by: Kashyap Chamarthy <kchamart(a)redhat.com>
---
Wordsmithing / corrections welcome.
---
docs/formatdomain.html.in | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 6912762f28..4d6c3892ee 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -1566,8 +1566,17 @@
<dl>
<dt><code>force</code></dt>
- <dd>The virtual CPU will claim the feature is supported regardless
- of it being supported by host CPU.</dd>
+ <dd>The virtual CPU will claim the feature is supported
+ regardless of it being supported by host CPU -- this is only
+ true for QEMU version older than 2.9.0. I.e. when using the
+ CPU mode 'host-model', libvirt identifies which CPU features
+ to use by looking at host CPUID. For that to take effect, it
+ is mandatory to use <code>force</code> to tell libvirt that a
+ said CPU feature must be used despite it not existing in the
+ host -- this applicable only for a very limited set of CPU
+ features, such as 'x2apic', virt-ssbd' (for AMD CPUs).</dd>
+ <dd>However, when using QEMU 2.9.0 and above, there should
+ never be any need to use <code>force</code>.</dd>
<dt><code>require</code></dt>
<dd>Guest creation will fail unless the feature is supported by the
host CPU or the hypervisor is able to emulate it.</dd>
--
2.17.0
6 years, 5 months
[libvirt] [PATCH v3 00/20] nwfilter: refactor the driver to make it independent of virt drivers
by Daniel P. Berrangé
v1: https://www.redhat.com/archives/libvir-list/2018-April/msg02616.html
v2: https://www.redhat.com/archives/libvir-list/2018-May/msg01145.html
Today the nwfilter driver is entangled with the virt drivers in both
directions. At various times when rebuilding filters nwfilter will call
out to the virt driver to iterate over running guest's NICs. This has
caused very complicated lock ordering rules to be required. If we are to
split the virt drivers out into separate daemons we need to get rid of
this coupling since we don't want the separate daemons calling each
other, as that risks deadlock if all of the RPC workers are busy.
The obvious way to solve this is to have the nwfilter driver remember
all the filters it has active, avoiding the need to iterate over running
guests.
Still todo
- Document the new XML format
Changed in v3:
- Updated API version numbers
- Use accessors for virNWFilterBindingObjPtr struct
- Other fixes John mentioned
Changed in v2:
- The virNWFilterBindingPtr was renamed virNWFilterBindingDefPtr
- New virNWFilterBindingObjPtr & virNWFilterBindingObjListPtr
structs added to track the objects in the driver
- New virNWFilterBindingPtr public API type was added
- New public APIs for listing filter bindings, querying XML, and
creating/deleting them
- Convert the virt drivers to use the public API for creating
and deleting bindings
- Persistent active bindings out to disk so they're preserved
across restarts
- Added RNG schema and XML-2-XML test
- New virsh commands for listing/querying XML/creating/deleting
bindings
Daniel P. Berrangé (20):
conf: change virNWFilterBindingPtr to virNWFilterBindingDefPtr
conf: add missing virxml.h include for nwfilter_params.h
conf: move virNWFilterBindingDefPtr into its own files
conf: add support for parsing/formatting virNWFilterBindingDefPtr
schemas: add schema for nwfilter binding XML document
nwfilter: export port binding concept in the public API
access: add nwfilter binding object permissions
remote: add support for nwfilter binding objects
virsh: add nwfilter binding commands
nwfilter: convert the gentech driver code to use
virNWFilterBindingDefPtr
nwfilter: convert IP address learning code to virNWFilterBindingDefPtr
nwfilter: convert DHCP address snooping code to
virNWFilterBindingDefPtr
conf: report an error if nic needs filtering by no driver is present
conf: introduce a virNWFilterBindingObjPtr struct
conf: introduce a virNWFilterBindingObjListPtr struct
nwfilter: keep track of active filter bindings
nwfilter: remove virt driver callback layer for rebuilding filters
nwfilter: wire up new APIs for listing and querying filter bindings
nwfilter: wire up new APIs for creating and deleting nwfilter bindings
nwfilter: convert virt drivers to use public API for nwfilter bindings
docs/schemas/domaincommon.rng | 27 +-
docs/schemas/nwfilter.rng | 29 +-
docs/schemas/nwfilter_params.rng | 32 ++
docs/schemas/nwfilterbinding.rng | 49 ++
include/libvirt/libvirt-nwfilter.h | 39 ++
include/libvirt/virterror.h | 2 +
src/access/viraccessdriver.h | 5 +
src/access/viraccessdrivernop.c | 10 +
src/access/viraccessdriverpolkit.c | 21 +
src/access/viraccessdriverstack.c | 24 +
src/access/viraccessmanager.c | 15 +
src/access/viraccessmanager.h | 5 +
src/access/viraccessperm.c | 7 +-
src/access/viraccessperm.h | 38 ++
src/conf/Makefile.inc.am | 6 +
src/conf/domain_nwfilter.c | 125 ++++-
src/conf/domain_nwfilter.h | 13 -
src/conf/nwfilter_conf.c | 188 +------
src/conf/nwfilter_conf.h | 68 +--
src/conf/nwfilter_params.h | 1 +
src/conf/virnwfilterbindingdef.c | 280 ++++++++++
src/conf/virnwfilterbindingdef.h | 65 +++
src/conf/virnwfilterbindingobj.c | 299 +++++++++++
src/conf/virnwfilterbindingobj.h | 69 +++
src/conf/virnwfilterbindingobjlist.c | 487 ++++++++++++++++++
src/conf/virnwfilterbindingobjlist.h | 69 +++
src/conf/virnwfilterobj.c | 4 +-
src/conf/virnwfilterobj.h | 4 +
src/datatypes.c | 67 +++
src/datatypes.h | 31 ++
src/driver-nwfilter.h | 30 ++
src/libvirt-nwfilter.c | 305 +++++++++++
src/libvirt_private.syms | 45 +-
src/libvirt_public.syms | 9 +
src/lxc/lxc_driver.c | 28 -
src/nwfilter/nwfilter_dhcpsnoop.c | 158 +++---
src/nwfilter/nwfilter_dhcpsnoop.h | 7 +-
src/nwfilter/nwfilter_driver.c | 218 ++++++--
src/nwfilter/nwfilter_gentech_driver.c | 337 ++++++------
src/nwfilter/nwfilter_gentech_driver.h | 22 +-
src/nwfilter/nwfilter_learnipaddr.c | 104 ++--
src/nwfilter/nwfilter_learnipaddr.h | 7 +-
src/qemu/qemu_driver.c | 25 -
src/remote/remote_daemon_dispatch.c | 15 +
src/remote/remote_driver.c | 20 +
src/remote/remote_protocol.x | 90 +++-
src/remote_protocol-structs | 43 ++
src/rpc/gendispatch.pl | 15 +-
src/uml/uml_driver.c | 29 --
src/util/virerror.c | 12 +
tests/Makefile.am | 7 +
.../filter-vars.xml | 11 +
.../virnwfilterbindingxml2xmldata/simple.xml | 9 +
tests/virnwfilterbindingxml2xmltest.c | 112 ++++
tests/virschematest.c | 1 +
tools/virsh-completer.c | 45 ++
tools/virsh-completer.h | 4 +
tools/virsh-nwfilter.c | 317 ++++++++++++
tools/virsh-nwfilter.h | 8 +
59 files changed, 3283 insertions(+), 829 deletions(-)
create mode 100644 docs/schemas/nwfilter_params.rng
create mode 100644 docs/schemas/nwfilterbinding.rng
create mode 100644 src/conf/virnwfilterbindingdef.c
create mode 100644 src/conf/virnwfilterbindingdef.h
create mode 100644 src/conf/virnwfilterbindingobj.c
create mode 100644 src/conf/virnwfilterbindingobj.h
create mode 100644 src/conf/virnwfilterbindingobjlist.c
create mode 100644 src/conf/virnwfilterbindingobjlist.h
create mode 100644 tests/virnwfilterbindingxml2xmldata/filter-vars.xml
create mode 100644 tests/virnwfilterbindingxml2xmldata/simple.xml
create mode 100644 tests/virnwfilterbindingxml2xmltest.c
--
2.17.0
6 years, 5 months
[libvirt] [PATCH] qemu: fix msg could be a wild pointer in qemuMonitorIOProcess()
by Weilun Zhu
As qemuMonitorJSONIOProcess will call qemuMonitorJSONIOProcessEvent
which unlocks the monitor mutex, there is some extreme situation,
eg qemu send message to monitor twice in a short time, where the
local viriable 'msg' of qemuMonitorIOProcess could be a wild point:
1. qemuMonitorSend() assign mon->msg to parameter 'msg', which is alse a
local variable of its caller qemuMonitorJSONCommandWithFd(), cause
eventloop to send message to monitor, then wait condition.
2. qemu send message to monitor for the first time immediately.
3. qemuMonitorIOProcess() is called, then wake up the qemuMonitorSend()
thread, but the qemuMonitorSend() thread stuck for a while as cpu pressure
or some other reasons, which means the qemu monitor is still unlocked.
4. qemu send event message to monitor for the second time,
such as RTC_CHANGE event
5. qemuMonitorIOProcess() is called again, the local viriable 'msg' is
assigned to mon->msg.
6. qemuMonitorIOProcess() call qemuMonitorJSONIOProcess() to deal with
the qemu event.
7. qemuMonitorJSONIOProcess() unlock the qemu monitor in the macro
'QEMU_MONITOR_CALLBACK', then qemuMonitorSend() thread get the mutex
and free the mon->msg, assign mon->msg to NULL.
Signed-off-by: Weilun Zhu <zhuweilun(a)huawei.com>
---
src/qemu/qemu_monitor.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/qemu/qemu_monitor.c b/src/qemu/qemu_monitor.c
index d6771c1d52..6ed475ede0 100644
--- a/src/qemu/qemu_monitor.c
+++ b/src/qemu/qemu_monitor.c
@@ -466,7 +466,11 @@ qemuMonitorIOProcess(qemuMonitorPtr mon)
#if DEBUG_IO
VIR_DEBUG("Process done %d used %d", (int)mon->bufferOffset, len);
#endif
- if (msg && msg->finished)
+
+ /* As the monitor mutex was unlocked in qemuMonitorJSONIOProcess()
+ * while dealing with qemu event, mon->msg could be changed which
+ * means the above 'msg' may be invalid, thus we use 'mon->msg' here */
+ if (mon->msg && mon->msg->finished)
virCondBroadcast(&mon->notify);
return len;
}
--
2.18.0.rc1
6 years, 5 months
[libvirt] [PATCH] news: Document recent agent job change
by Michal Privoznik
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
docs/news.xml | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/docs/news.xml b/docs/news.xml
index 08e5dcbda3..a3eea4eff6 100644
--- a/docs/news.xml
+++ b/docs/news.xml
@@ -71,6 +71,19 @@
Capabilities XML now provide information about host IOMMU support.
</description>
</change>
+ <change>
+ <summary>
+ qemu: Allow concurrent access to monitor and guest agent
+ </summary>
+ <description>
+ Historically libvirt prevented concurrent accesses to
+ the qemu monitor and the guest agent. Therefore two
+ independent calls (one querying the monitor and the
+ other querying guest agent) would serialize which hurts
+ performance. The code was reworked to allow two
+ independent calls run at the same time.
+ </description>
+ </change>
</section>
<section title="Bug fixes">
<change>
--
2.16.4
6 years, 5 months
[libvirt] [PATCH] vmx: allow an odd number of vCPUs
by Pino Toscano
Most probably this was a limitation in older ESX versions, and it seems
it does not exist anymore in more recent versions; see the following
thread:
https://www.redhat.com/archives/libvir-list/2018-May/msg02159.html
https://www.redhat.com/archives/libvir-list/2018-June/msg00043.html
Hence, allow an odd number (greater than 1) of vCPUs, since most
probably older versions of ESXi will error out anyway.
https://bugzilla.redhat.com/show_bug.cgi?id=1584091
Signed-off-by: Pino Toscano <ptoscano(a)redhat.com>
---
src/vmx/vmx.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/vmx/vmx.c b/src/vmx/vmx.c
index 35b4807d22..fe24b060d7 100644
--- a/src/vmx/vmx.c
+++ b/src/vmx/vmx.c
@@ -59,7 +59,7 @@ def->name = <value> <=> displayName = "<value>"
def->mem.max_balloon = <value kilobyte> <=> memsize = "<value megabyte>" # must be a multiple of 4, defaults to 32
def->mem.cur_balloon = <value kilobyte> <=> sched.mem.max = "<value megabyte>" # defaults to "unlimited" -> def->mem.cur_balloon = def->mem.max_balloon
def->mem.min_guarantee = <value kilobyte> <=> sched.mem.minsize = "<value megabyte>" # defaults to 0
-def->maxvcpus = <value> <=> numvcpus = "<value>" # must be 1 or a multiple of 2, defaults to 1
+def->maxvcpus = <value> <=> numvcpus = "<value>" # must be greater than 0, defaults to 1
def->cpumask = <uint list> <=> sched.cpu.affinity = "<uint list>"
def->cputune.shares = <value> <=> sched.cpu.shares = "<value>" # with handling for special values
# "high", "normal", "low"
@@ -1452,10 +1452,10 @@ virVMXParseConfig(virVMXContext *ctx,
if (virVMXGetConfigLong(conf, "numvcpus", &numvcpus, 1, true) < 0)
goto cleanup;
- if (numvcpus <= 0 || (numvcpus % 2 != 0 && numvcpus != 1)) {
+ if (numvcpus <= 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Expecting VMX entry 'numvcpus' to be an unsigned "
- "integer (1 or a multiple of 2) but found %lld"), numvcpus);
+ "integer greater than 0 but found %lld"), numvcpus);
goto cleanup;
}
@@ -3183,11 +3183,10 @@ virVMXFormatConfig(virVMXContext *ctx, virDomainXMLOptionPtr xmlopt, virDomainDe
goto cleanup;
}
maxvcpus = virDomainDefGetVcpusMax(def);
- if (maxvcpus == 0 || (maxvcpus % 2 != 0 && maxvcpus != 1)) {
- virReportError(VIR_ERR_INTERNAL_ERROR,
- _("Expecting domain XML entry 'vcpu' to be 1 or a "
- "multiple of 2 but found %d"),
- maxvcpus);
+ if (maxvcpus == 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Expecting domain XML entry 'vcpu' to be greater "
+ "than 0"));
goto cleanup;
}
--
2.17.1
6 years, 5 months
[libvirt] [PATCH] virDomainSnapshotDefParse: Prefer VIR_STEAL_PTR
by Michal Privoznik
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/conf/snapshot_conf.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/src/conf/snapshot_conf.c b/src/conf/snapshot_conf.c
index 787c3d0feb..9c537ac7d1 100644
--- a/src/conf/snapshot_conf.c
+++ b/src/conf/snapshot_conf.c
@@ -331,8 +331,7 @@ virDomainSnapshotDefParse(xmlXPathContextPtr ctxt,
"disk-only snapshot"));
goto cleanup;
}
- def->file = memoryFile;
- memoryFile = NULL;
+ VIR_STEAL_PTR(def->file, memoryFile);
/* verify that memory path is absolute */
if (def->file && def->file[0] != '/') {
@@ -372,7 +371,7 @@ virDomainSnapshotDefParse(xmlXPathContextPtr ctxt,
if (!offline && virSaveCookieParse(ctxt, &def->cookie, saveCookie) < 0)
goto cleanup;
- ret = def;
+ VIR_STEAL_PTR(ret, def);
cleanup:
VIR_FREE(creation);
@@ -380,8 +379,7 @@ virDomainSnapshotDefParse(xmlXPathContextPtr ctxt,
VIR_FREE(nodes);
VIR_FREE(memorySnapshot);
VIR_FREE(memoryFile);
- if (ret == NULL)
- virDomainSnapshotDefFree(def);
+ virDomainSnapshotDefFree(def);
return ret;
}
--
2.16.4
6 years, 5 months
[libvirt] [PATCH] qemu: Escape commas for qemuBuildDiskThrottling
by Anya Harter
Add comma escaping for disk->blkdeviotune.group_name.
Signed-off-by: Anya Harter <aharter(a)redhat.com>
---
src/qemu/qemu_command.c | 4 ++--
tests/qemuxml2argvdata/name-escape.args | 5 +++++
tests/qemuxml2argvdata/name-escape.xml | 13 +++++++++++++
tests/qemuxml2argvtest.c | 2 ++
4 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 20c6ac2a04..e05b106a5e 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1554,8 +1554,8 @@ qemuBuildDiskThrottling(virDomainDiskDefPtr disk,
IOTUNE_ADD(size_iops_sec, "iops-size");
if (disk->blkdeviotune.group_name) {
- virBufferEscapeString(buf, ",throttling.group=%s",
- disk->blkdeviotune.group_name);
+ virBufferAddLit(buf, ",throttling.group=");
+ virQEMUBuildBufferEscapeComma(buf, disk->blkdeviotune.group_name);
}
IOTUNE_ADD(total_bytes_sec_max_length, "bps-total-max-length");
diff --git a/tests/qemuxml2argvdata/name-escape.args b/tests/qemuxml2argvdata/name-escape.args
index 72ed2e8410..aef7c238ca 100644
--- a/tests/qemuxml2argvdata/name-escape.args
+++ b/tests/qemuxml2argvdata/name-escape.args
@@ -24,6 +24,11 @@ bar=2/monitor.sock,server,nowait \
-boot c \
-device usb-ccid,id=ccid0,bus=usb.0,port=1 \
-usb \
+-drive file=/dev/HostVG/QEMUGuest1,format=qcow2,if=none,id=drive-ide0-0-0,\
+cache=none,throttling.bps-total=5000,throttling.iops-total=6000,\
+throttling.bps-total-max=10000,throttling.iops-total-max=11000,\
+throttling.group=libvirt_iotune_group1,,foo \
+-device ide-drive,bus=ide.0,unit=0,drive=drive-ide0-0-0,id=ide0-0-0 \
-device ccid-card-emulated,backend=certificates,cert1=cert1,,foo,cert2=cert2,\
cert3=cert3,db=/etc/pki/nssdb,,foo,id=smartcard0,bus=ccid0.0 \
-chardev tty,id=charserial0,path=/dev/ttyS2,,foo \
diff --git a/tests/qemuxml2argvdata/name-escape.xml b/tests/qemuxml2argvdata/name-escape.xml
index 0580de1813..70a1ce09d3 100644
--- a/tests/qemuxml2argvdata/name-escape.xml
+++ b/tests/qemuxml2argvdata/name-escape.xml
@@ -14,6 +14,19 @@
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/bin/qemu-system-i686</emulator>
+ <disk type='block' device='disk'>
+ <driver name='qemu' type='qcow2' cache='none'/>
+ <source dev='/dev/HostVG/QEMUGuest1'/>
+ <target dev='hda' bus='ide'/>
+ <iotune>
+ <total_bytes_sec>5000</total_bytes_sec>
+ <total_iops_sec>6000</total_iops_sec>
+ <total_bytes_sec_max>10000</total_bytes_sec_max>
+ <total_iops_sec_max>11000</total_iops_sec_max>
+ <group_name>libvirt_iotune_group1,foo</group_name>
+ </iotune>
+ <address type='drive' controller='0' bus='0' target='0' unit='0'/>
+ </disk>
<graphics type='vnc'>
<listen type='socket'/>
</graphics>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index a9a493e308..582a9de7bb 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -2758,6 +2758,8 @@ mymain(void)
DO_TEST("name-escape",
QEMU_CAPS_NAME_DEBUG_THREADS,
QEMU_CAPS_OBJECT_SECRET,
+ QEMU_CAPS_DRIVE_IOTUNE_MAX,
+ QEMU_CAPS_DRIVE_IOTUNE_GROUP,
QEMU_CAPS_VNC,
QEMU_CAPS_NAME_GUEST,
QEMU_CAPS_DEVICE_CIRRUS_VGA,
--
2.17.1
6 years, 5 months
[libvirt] [PATCH v3 0/4] cmdDomblkinfo: introduce --all to show all block devices info
by Chen Hanxiao
This series introduce --all to cmdDomblkinfo to show
all block devices info in one cmd.
Likes a combination of domblklist and domblkinfo.
v3:
check error code on network disk
v2:
add support --human for --all
v1.1
fix a self test
Chen Hanxiao (4):
cmdDomblkinfo: introduce helper cmdDomblkinfoPrint
cmdDomblkinfo: add --all to show all block devices info
cmdDomblkinfoPrint: support printing "-" for invalid
virDomainBlockInfo
news: add cmdDomblkinfo --all option
docs/news.xml | 10 +++
tools/virsh-domain-monitor.c | 160 ++++++++++++++++++++++++++++++-----
tools/virsh.pod | 5 +-
3 files changed, 155 insertions(+), 20 deletions(-)
--
2.17.1
6 years, 5 months
[libvirt] ANNOUNCE: libvirt-dbus 1.1.0 released
by Pavel Hrdina
I'm happy to announce the release of libvirt-dbus 1.1.0.
libvirt-dbus wraps libvirt API to provide high-level object-oriented
API better suited for dbus-based applications.
You can download it here:
https://libvirt.org/sources/dbus/libvirt-dbus-1.1.0.tar.gz
* New features
- Support for all relevant nwfilter APIs up to libvirt 3.0.0
- Support for all relevant storage volume APIs up to libvirt 3.0.0
- Support for all relevant node device APIs up to libvirt 3.0.0
* Bug fixes
- Don't report error for GetAll on properties if some property is not accessible
Thanks everybody who contributed!
Pavel
6 years, 5 months
